Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0311 |
N/A
|
fpkg2swpk in HP-UX allows local users to gain roo… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.870Z |
| CVE-1999-0312 |
N/A
|
HP ypbind allows attackers with root privileges t… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.825Z |
| CVE-1999-0313 |
N/A
|
disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/On… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.029Z |
| CVE-1999-0314 |
N/A
|
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 al… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.863Z |
| CVE-1999-0315 |
N/A
|
Buffer overflow in Solaris fdformat command gives… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.825Z |
| CVE-1999-0316 |
N/A
|
Buffer overflow in Linux splitvt command gives ro… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.899Z |
| CVE-1999-0320 |
N/A
|
SunOS rpc.cmsd allows attackers to obtain root ac… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.888Z |
| CVE-1999-0321 |
N/A
|
Buffer overflow in Solaris kcms_configure command… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.884Z |
| CVE-1999-0324 |
N/A
|
ppl program in HP-UX allows local users to create… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.022Z |
| CVE-1999-0325 |
N/A
|
vhe_u_mnt program in HP-UX allows local users to … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.870Z |
| CVE-1999-0326 |
N/A
|
Vulnerability in HP-UX mediainit program. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.900Z |
| CVE-1999-0327 |
N/A
|
SGI syserr program allows local users to corrupt files. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.020Z |
| CVE-1999-0328 |
N/A
|
SGI permissions program allows local users to gai… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.857Z |
| CVE-1999-0329 |
N/A
|
SGI mediad program allows local users to gain roo… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.838Z |
| CVE-1999-0332 |
N/A
|
Buffer overflow in NetMeeting allows denial of se… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.949Z |
| CVE-1999-0334 |
N/A
|
In Solaris 2.2 and 2.3, when fsck fails on startu… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.960Z |
| CVE-1999-0335 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 1999-09-29T04:00:00 | 2022-08-17T02:55:29 |
| CVE-1999-0337 |
N/A
|
AIX batch queue (bsh) allows local and remote use… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.945Z |
| CVE-1999-0338 |
N/A
|
AIX Licensed Program Product performance tools al… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.900Z |
| CVE-1999-0339 |
N/A
|
Buffer overflow in the libauth library in Solaris… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.798Z |
| CVE-1999-0340 |
N/A
|
Buffer overflow in Linux Slackware crond program … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.895Z |
| CVE-1999-0341 |
N/A
|
Buffer overflow in the Linux mail program "delive… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.965Z |
| CVE-1999-0342 |
N/A
|
Linux PAM modules allow local users to gain root … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.020Z |
| CVE-1999-0344 |
N/A
|
NT users can gain debug-level access on a system … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.918Z |
| CVE-1999-0346 |
N/A
|
CGI PHP mlog script allows an attacker to read an… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.881Z |
| CVE-1999-0348 |
N/A
|
IIS ASP caching problem releases sensitive inform… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.967Z |
| CVE-1999-0349 |
N/A
|
A buffer overflow in the FTP list (ls) command in… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.021Z |
| CVE-1999-0350 |
N/A
|
Race condition in the db_loader program in ClearC… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.902Z |
| CVE-1999-0351 |
N/A
|
FTP PASV "Pizza Thief" denial of service and unau… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.976Z |
| CVE-1999-0353 |
N/A
|
rpc.pcnfsd in HP gives remote root access by chan… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.019Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0311 |
N/A
|
fpkg2swpk in HP-UX allows local users to gain roo… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.870Z |
| CVE-1999-0312 |
N/A
|
HP ypbind allows attackers with root privileges t… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.825Z |
| CVE-1999-0313 |
N/A
|
disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/On… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.029Z |
| CVE-1999-0314 |
N/A
|
ioconfig on SGI IRIX 6.4 S2MP for Origin/Onyx2 al… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.863Z |
| CVE-1999-0315 |
N/A
|
Buffer overflow in Solaris fdformat command gives… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.825Z |
| CVE-1999-0316 |
N/A
|
Buffer overflow in Linux splitvt command gives ro… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.899Z |
| CVE-1999-0320 |
N/A
|
SunOS rpc.cmsd allows attackers to obtain root ac… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.888Z |
| CVE-1999-0321 |
N/A
|
Buffer overflow in Solaris kcms_configure command… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.884Z |
| CVE-1999-0324 |
N/A
|
ppl program in HP-UX allows local users to create… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.022Z |
| CVE-1999-0325 |
N/A
|
vhe_u_mnt program in HP-UX allows local users to … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.870Z |
| CVE-1999-0326 |
N/A
|
Vulnerability in HP-UX mediainit program. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.900Z |
| CVE-1999-0327 |
N/A
|
SGI syserr program allows local users to corrupt files. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.020Z |
| CVE-1999-0328 |
N/A
|
SGI permissions program allows local users to gai… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.857Z |
| CVE-1999-0329 |
N/A
|
SGI mediad program allows local users to gain roo… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.838Z |
| CVE-1999-0332 |
N/A
|
Buffer overflow in NetMeeting allows denial of se… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.949Z |
| CVE-1999-0334 |
N/A
|
In Solaris 2.2 and 2.3, when fsck fails on startu… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.960Z |
| CVE-1999-0335 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 1999-09-29T04:00:00 | 2022-08-17T02:55:29 |
| CVE-1999-0337 |
N/A
|
AIX batch queue (bsh) allows local and remote use… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.945Z |
| CVE-1999-0338 |
N/A
|
AIX Licensed Program Product performance tools al… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.900Z |
| CVE-1999-0339 |
N/A
|
Buffer overflow in the libauth library in Solaris… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.798Z |
| CVE-1999-0340 |
N/A
|
Buffer overflow in Linux Slackware crond program … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.895Z |
| CVE-1999-0341 |
N/A
|
Buffer overflow in the Linux mail program "delive… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.965Z |
| CVE-1999-0342 |
N/A
|
Linux PAM modules allow local users to gain root … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.020Z |
| CVE-1999-0344 |
N/A
|
NT users can gain debug-level access on a system … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.918Z |
| CVE-1999-0346 |
N/A
|
CGI PHP mlog script allows an attacker to read an… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.881Z |
| CVE-1999-0348 |
N/A
|
IIS ASP caching problem releases sensitive inform… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.967Z |
| CVE-1999-0349 |
N/A
|
A buffer overflow in the FTP list (ls) command in… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.021Z |
| CVE-1999-0350 |
N/A
|
Race condition in the db_loader program in ClearC… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.902Z |
| CVE-1999-0351 |
N/A
|
FTP PASV "Pizza Thief" denial of service and unau… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.976Z |
| CVE-1999-0353 |
N/A
|
rpc.pcnfsd in HP gives remote root access by chan… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.019Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-1999-0511 | IP forwarding is enabled on a machine which is not a router or firewall. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0517 | An SNMP community name is the default (e.g. public), null, or missing. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0518 | A NETBIOS/SMB share password is guessable. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0519 | A NETBIOS/SMB share password is the default, null, or missing. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0521 | An NIS domain name is easily guessable. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0525 | IP traceroute is allowed from arbitrary hosts. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0534 | A Windows NT user has inappropriate rights or privileges, e.g. Act as System, Add Workstation, Back… | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0535 | A Windows NT account policy for passwords has inappropriate, security-critical settings, e.g. for p… | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0550 | A router's routing tables can be obtained from arbitrary hosts. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0562 | The registry in Windows NT can be accessed remotely by users who are not administrators. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0572 | .reg files are associated with the Windows NT registry editor (regedit), making the registry suscep… | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0575 | A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon an… | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0576 | A Windows NT system's file audit policy does not log an event success or failure for security-criti… | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0582 | A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout… | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0626 | A version of rusers is running that exposes valid user information to any entity on the network. | 1997-01-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1120 | netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executi… | 1997-01-04T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0051 | Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0… | 1997-01-06T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1249 | movemail in HP-UX 10.20 has insecure permissions, which allows local users to gain privileges. | 1997-01-06T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1145 | Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to ac… | 1997-01-07T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1311 | Vulnerability in dtlogin and dtsession in HP-UX 10.20 and 10.10 allows local users to bypass authen… | 1997-01-07T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0049 | Csetup under IRIX allows arbitrary file creation or overwriting. | 1997-01-08T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1088 | Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | 1997-01-09T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0081 | wu-ftp allows files to be overwritten via the rnfr command. | 1997-01-11T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0048 | Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root priv… | 1997-01-27T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0966 | Buffer overflow in Solaris getopt in libc allows local users to gain root privileges via a long argv[0]. | 1997-01-27T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0047 | MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | 1997-01-28T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1144 | Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local u… | 1997-01-30T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0174 | The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | 1997-02-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0309 | HP-UX vgdisplay program gives root access to local users. | 1997-02-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0369 | The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. | 1997-02-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-3f5c-4qxj-vmpf |
7.5 (3.1)
|
Next.js Directory Traversal Vulnerability | 2017-12-05T02:04:14Z | 2024-04-22T19:49:35Z |
| ghsa-2w67-526p-gm73 |
9.8 (3.1)
|
redis-store deserializes untrusted data | 2017-12-06T16:41:25Z | 2023-03-14T21:11:23Z |
| ghsa-x27v-x225-gq8g |
9.8 (3.1)
|
Recurly gem Server-Side Request Forgery in Resource#find method | 2017-12-06T16:43:00Z | 2023-08-29T15:38:45Z |
| ghsa-8c56-cpmw-89x7 |
7.5 (3.1)
|
Out-of-bounds read in nokogiri | 2017-12-13T21:38:24Z | 2021-06-30T18:05:23Z |
| ghsa-vx5c-87qx-cv6c |
9.8 (3.1)
|
Arbitrary Code Execution in mathjs | 2017-12-18T22:27:45Z | 2021-06-10T20:06:12Z |
| ghsa-pv8x-p9hq-j328 |
9.8 (3.1)
|
Arbitrary Code Execution in mathjs | 2017-12-18T22:27:53Z | 2023-09-12T18:41:33Z |
| ghsa-3rpr-mg43-xhq4 |
7.5 (3.1)
|
auth0-js Privilege Escalation Vulnerability | 2017-12-21T00:47:20Z | 2023-09-13T22:14:09Z |
| ghsa-gj4p-3wh3-2rmf |
7.5 (3.1)
|
Arbitrary file read vulnerability in yard server | 2017-12-21T00:47:25Z | 2023-07-05T17:53:08Z |
| ghsa-7fpw-cfc4-3p2c |
8.1 (3.1)
|
Duplicate advisory: High severity vulnerability that affects passport-wsfed-saml2 | 2017-12-28T22:51:45Z | 2023-06-21T22:00:08Z |
| ghsa-h9mj-fghc-664w |
6.5 (3.1)
|
Denial of Service in mqtt | 2017-12-28T22:51:58Z | 2021-09-14T17:16:40Z |
| ghsa-pm9p-9926-w68m |
7.5 (3.1)
|
Denial of Service in ecstatic | 2017-12-28T22:52:47Z | 2021-09-16T18:15:09Z |
| ghsa-8jjf-w7j6-323c |
7.5 (3.1)
|
Samlify vulnerable to Authentication Bypass by allowing tokens to be reused with different usernames | 2018-01-04T21:03:33Z | 2023-08-18T21:00:53Z |
| ghsa-crmx-v835-hcp4 |
|
Moderate severity vulnerability that affects marked | 2018-01-04T21:04:09Z | 2021-12-02T22:47:59Z |
| ghsa-7px7-7xjx-hxm8 |
6.1 (3.1)
|
Marked vulnerable to XSS from data URIs | 2018-01-04T21:04:19Z | 2023-09-07T22:53:21Z |
| ghsa-m7p8-9w66-9frm |
5.9 (3.1)
|
net-ldap Improper Certificate Validation vulnerability | 2018-01-06T01:11:34Z | 2023-01-23T21:24:13Z |
| ghsa-mvw8-v767-qhjm |
5.4 (3.1)
|
Radiant CMS vulnerable to Cross-site Scripting | 2018-01-06T01:11:52Z | 2023-01-26T21:19:48Z |
| ghsa-5jcf-c5rg-rmm8 |
9.8 (3.1)
|
paperclip Server-Side Request Forgery vulnerability | 2018-01-22T13:31:34Z | 2023-01-26T20:24:38Z |
| ghsa-rmxg-73gg-4p98 |
6.1 (3.1)
|
Cross-Site Scripting (XSS) in jquery | 2018-01-22T13:32:06Z | 2021-09-17T18:58:18Z |
| ghsa-mhpp-875w-9cpv |
7.5 (3.1)
|
Denial of Service in jquery | 2018-01-22T13:32:42Z | 2025-09-02T22:35:01Z |
| ghsa-6x45-86q6-rcmr |
5.5 (3.1)
|
Gyazo allows local users to write arbitrary files | 2018-01-22T23:17:39Z | 2023-07-31T20:50:46Z |
| ghsa-rhgq-vv9x-j4p5 |
7.8 (3.1)
|
lawn-login exposes database password to unauthorized users | 2018-01-22T23:45:33Z | 2023-07-31T20:48:53Z |
| ghsa-w222-53c6-c86p |
8.8 (3.1)
|
Remote Code Execution in electron | 2018-01-23T03:57:44Z | 2021-06-10T19:55:43Z |
| ghsa-94cq-7ccq-cmcm |
7.8 (3.1)
|
lynx doesn't properly sanitize user input and exposes database password to unauthorized users | 2018-01-24T17:10:45Z | 2023-01-23T20:52:59Z |
| ghsa-m34x-wgrh-g897 |
7.5 (3.1)
|
Directory traversal vulnerability in Next.js | 2018-01-24T19:38:52Z | 2022-04-28T20:13:30Z |
| ghsa-9pr6-grf4-x2fr |
7.5 (3.1)
|
Omniauth allows POST parameters to be stored in session | 2018-01-29T15:45:28Z | 2022-04-25T22:27:19Z |
| ghsa-832h-xg76-4gv6 |
7.5 (3.1)
|
ReDoS in brace-expansion | 2018-01-29T15:50:46Z | 2021-09-03T22:10:24Z |
| ghsa-h29f-7f56-j8wh |
5.3 (3.1)
|
Sinatra Path Traversal vulnerability | 2018-02-20T19:23:20Z | 2023-01-23T21:16:39Z |
| ghsa-wfwm-chj7-w59r |
5.5 (3.1)
|
Ox gem stack overflow in sax_parse | 2018-03-05T18:29:32Z | 2023-08-29T14:59:54Z |
| ghsa-446m-mv8f-q348 |
7.5 (3.1)
|
Regular Expression Denial of Service in moment | 2018-03-05T18:35:09Z | 2021-08-31T21:44:15Z |
| ghsa-6x77-rpqf-j6mw |
7.5 (3.1)
|
ejs vulnerable to DoS due to weak input validation | 2018-03-05T18:54:33Z | 2023-09-08T21:00:26Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2014-113 |
|
The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly p… | nova | 2014-03-25T16:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-105 |
|
The memcache token backend in OpenStack Identity (Keystone) 2013.1 through 2.013.1.4, 201… | keystone | 2014-04-01T06:35:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-96 |
|
Cross-site scripting (XSS) vulnerability in Roundup before 1.4.20 allows remote attackers… | roundup | 2014-04-10T20:29:00Z | 2021-08-27T03:22:19.707650Z |
| pysec-2014-15 |
|
Cross-site scripting (XSS) vulnerability in the history display in Roundup before 1.4.20 … | roundup | 2014-04-11T15:55:00Z | 2021-07-05T00:01:25.790750Z |
| pysec-2014-16 |
|
Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.20 allows… | roundup | 2014-04-11T15:55:00Z | 2021-07-05T00:01:25.823373Z |
| pysec-2014-106 |
|
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before ic… | keystone | 2014-04-15T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-70 |
|
The auth_token middleware in the OpenStack Python client library for Keystone (aka python… | python-keystoneclient | 2014-04-15T14:55:00Z | 2021-07-25T23:34:52.050807Z |
| pysec-2014-22 |
|
The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePl… | pillow | 2014-04-17T14:55:00Z | 2021-07-15T02:22:16.928376Z |
| pysec-2014-23 |
|
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL… | pillow | 2014-04-17T14:55:00Z | 2021-07-15T02:22:17.008543Z |
| pysec-2014-1 |
|
The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6… | django | 2014-04-23T15:55:00Z | 2021-07-05T00:01:18.476528Z |
| pysec-2014-2 |
|
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, an… | django | 2014-04-23T15:55:00Z | 2021-07-05T00:01:18.594368Z |
| pysec-2014-3 |
|
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field clas… | django | 2014-04-23T15:55:00Z | 2021-07-05T00:01:18.748183Z |
| pysec-2014-87 |
|
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers … | pillow | 2014-04-27T20:55:00Z | 2021-08-27T03:22:10.225452Z |
| pysec-2014-98 |
|
Cross-site scripting (XSS) vulnerability in plugins/main/content/js/ajenti.coffee in Euge… | ajenti | 2014-04-30T23:58:00Z | 2021-12-13T06:35:03.047936Z |
| pysec-2014-72 |
|
Transifex command-line client before 0.10 does not validate X.509 certificates for data t… | transifex-client | 2014-05-02T01:59:00Z | 2021-07-25T23:34:56.578427Z |
| pysec-2014-65 |
|
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to ob… | plone | 2014-05-02T14:55:00Z | 2021-07-25T23:34:47.572941Z |
| pysec-2014-66 |
|
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators … | plone | 2014-05-02T14:55:00Z | 2021-07-25T23:34:47.632910Z |
| pysec-2014-67 |
|
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to ob… | products-cmfplone | 2014-05-02T14:55:00Z | 2021-07-25T23:34:50.035277Z |
| pysec-2014-68 |
|
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators … | products-cmfplone | 2014-05-02T14:55:00Z | 2021-07-25T23:34:50.085881Z |
| pysec-2014-93 |
|
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which a… | pywbem | 2014-05-05T17:06:00Z | 2021-08-27T03:22:18.674694Z |
| pysec-2014-94 |
|
PyWBEM 0.7 and earlier does not verify that the server hostname matches a domain name in … | pywbem | 2014-05-05T17:06:00Z | 2021-08-27T03:22:18.708966Z |
| pysec-2014-112 |
|
The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse … | nova | 2014-05-08T14:29:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-9 |
|
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 all… | lxml | 2014-05-14T19:55:00Z | 2021-07-05T00:01:22.415943Z |
| pysec-2014-19 |
|
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does n… | django | 2014-05-16T15:55:00Z | 2021-09-01T08:18:55.376993Z |
| pysec-2014-20 |
|
The django.util.http.is_safe_url function in Django 1.4 before 1.4.13, 1.5 before 1.5.8, … | django | 2014-05-16T15:55:00Z | 2021-09-01T08:18:55.675902Z |
| pysec-2014-8 |
|
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does… | jinja2 | 2014-05-19T14:55:00Z | 2021-07-05T00:01:22.043149Z |
| pysec-2014-82 |
|
FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, w… | jinja2 | 2014-05-19T14:55:00Z | 2021-08-27T03:22:05.027573Z |
| pysec-2014-85 |
|
The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, w… | oauth2 | 2014-05-20T14:55:00Z | 2021-08-27T03:22:09.637359Z |
| pysec-2014-86 |
|
The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo … | oauth2 | 2014-05-20T14:55:00Z | 2021-08-27T03:22:09.666793Z |
| pysec-2014-110 |
|
Multiple cross-site scripting (XSS) vulnerabilities in apps/common/templates/calculate_fo… | mayan-edms | 2014-05-27T13:55:00Z | 2024-11-21T14:22:54.240407Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-377 | Malicious code in @kibt/operation-track (npm) | 2022-05-23T10:22:10Z | 2022-05-23T10:22:10Z |
| mal-2022-378 | Malicious code in @kibt/weblogger (npm) | 2022-05-23T10:22:10Z | 2022-05-23T10:22:10Z |
| MAL-2022-7433 | Malicious code in equests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7434 | Malicious code in reequests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7435 | Malicious code in reqquests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7436 | Malicious code in requeests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7437 | Malicious code in requess (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7438 | Malicious code in requessts (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7439 | Malicious code in requestts (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7440 | Malicious code in requuests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7441 | Malicious code in reuests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-7442 | Malicious code in rrequests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7433 | Malicious code in equests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7434 | Malicious code in reequests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7435 | Malicious code in reqquests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7436 | Malicious code in requeests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7437 | Malicious code in requess (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7438 | Malicious code in requessts (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7439 | Malicious code in requestts (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7440 | Malicious code in requuests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7441 | Malicious code in reuests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| mal-2022-7442 | Malicious code in rrequests (PyPI) | 2022-05-31T00:00:00Z | 2022-05-31T20:12:58Z |
| MAL-2022-2022 | Malicious code in colors_express (npm) | 2022-05-31T11:55:20Z | 2022-05-31T11:55:21Z |
| mal-2022-2022 | Malicious code in colors_express (npm) | 2022-05-31T11:55:20Z | 2022-05-31T11:55:21Z |
| MAL-2022-2590 | Malicious code in dragox-utilities (npm) | 2022-05-31T12:53:57Z | 2022-05-31T12:53:57Z |
| mal-2022-2590 | Malicious code in dragox-utilities (npm) | 2022-05-31T12:53:57Z | 2022-05-31T12:53:57Z |
| MAL-2022-390 | Malicious code in @logistics-frontend/blocks (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:58Z |
| MAL-2022-391 | Malicious code in @logistics-frontend/client-core (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:55Z |
| MAL-2022-398 | Malicious code in @logistics-frontend/ui-old (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:55Z |
| MAL-2022-399 | Malicious code in @logistics-frontend/utils (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:55Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-0171 | ImageMagick: Mehrere Schwachstellen | 2017-08-22T22:00:00.000+00:00 | 2024-03-19T23:00:00.000+00:00 |
| wid-sec-w-2022-0308 | Linux Kernel: Mehrere Schwachstellen | 2017-08-27T22:00:00.000+00:00 | 2025-06-02T22:00:00.000+00:00 |
| wid-sec-w-2024-0207 | OpenSSL: Schwachstelle ermöglicht Offenlegung von Informationen | 2017-08-29T22:00:00.000+00:00 | 2024-01-25T23:00:00.000+00:00 |
| wid-sec-w-2024-0284 | JasPer: Mehrere Schwachstelle ermöglicht Denial of Service | 2017-08-29T22:00:00.000+00:00 | 2024-02-04T23:00:00.000+00:00 |
| wid-sec-w-2024-2017 | QEMU: Schwachstelle ermöglicht Denial of Service | 2017-08-29T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2024-2016 | QEMU: Mehrere Schwachstellen ermöglichen Denial of Service | 2017-08-30T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2025-0116 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2017-08-30T22:00:00.000+00:00 | 2025-01-19T23:00:00.000+00:00 |
| wid-sec-w-2024-3165 | OpenLDAP: Schwachstelle ermöglicht Denial of Service | 2017-09-05T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2023-1086 | libarchive: Schwachstelle ermöglicht Denial of Service | 2017-09-06T22:00:00.000+00:00 | 2023-04-26T22:00:00.000+00:00 |
| wid-sec-w-2024-2015 | QEMU: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2017-09-07T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2025-0992 | MongoDB: Schwachstelle ermöglicht Denial of Service | 2017-09-10T22:00:00.000+00:00 | 2025-05-11T22:00:00.000+00:00 |
| wid-sec-w-2025-0423 | Apache Tomcat: Mehrere Schwachstellen | 2017-09-19T22:00:00.000+00:00 | 2025-02-20T23:00:00.000+00:00 |
| wid-sec-w-2025-0370 | Apple Mac OS: Mehrere Schwachstellen | 2017-09-25T22:00:00.000+00:00 | 2025-02-13T23:00:00.000+00:00 |
| wid-sec-w-2024-2078 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2017-09-26T22:00:00.000+00:00 | 2025-01-19T23:00:00.000+00:00 |
| wid-sec-w-2025-0513 | OpenVPN: Schwachstelle ermöglicht Denial of Service | 2017-09-28T22:00:00.000+00:00 | 2025-03-10T23:00:00.000+00:00 |
| wid-sec-w-2023-1646 | libcurl: Schwachstelle ermöglicht Denial of Service | 2017-10-03T22:00:00.000+00:00 | 2023-07-04T22:00:00.000+00:00 |
| wid-sec-w-2025-0422 | Apache Tomcat: Schwachstelle ermöglicht Codeausführung | 2017-10-03T22:00:00.000+00:00 | 2025-02-20T23:00:00.000+00:00 |
| wid-sec-w-2024-2014 | QEMU: Schwachstelle ermöglicht Offenlegung von Informationen | 2017-10-08T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2024-2013 | QEMU: Schwachstelle ermöglicht Denial of Service | 2017-10-11T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2024-2012 | QEMU: Schwachstelle ermöglicht Denial of Service | 2017-10-12T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2025-0369 | IEEE WPA2: Mehrere Schwachstellen | 2017-10-15T22:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2024-1038 | Red Hat Enterprise Linux Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2017-10-19T22:00:00.000+00:00 | 2024-11-11T23:00:00.000+00:00 |
| wid-sec-w-2023-1645 | libcurl: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2017-10-22T22:00:00.000+00:00 | 2023-07-04T22:00:00.000+00:00 |
| wid-sec-w-2023-0720 | Red Hat JBoss: Mehrere Schwachstellen | 2017-11-02T23:00:00.000+00:00 | 2023-03-22T23:00:00.000+00:00 |
| wid-sec-w-2024-0206 | OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2017-11-02T23:00:00.000+00:00 | 2024-06-03T22:00:00.000+00:00 |
| wid-sec-w-2024-0143 | PostgreSQL: Mehrere Schwachstellen | 2017-11-09T23:00:00.000+00:00 | 2024-12-23T23:00:00.000+00:00 |
| wid-sec-w-2024-2011 | QEMU: Schwachstelle ermöglicht Offenlegung von Informationen | 2017-11-16T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2025-0268 | Perl: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten | 2017-11-19T23:00:00.000+00:00 | 2025-02-04T23:00:00.000+00:00 |
| wid-sec-w-2023-0880 | Oracle Berkeley DB: Schwachstelle ermöglicht Offenlegung von Informationen | 2017-11-21T23:00:00.000+00:00 | 2023-04-05T22:00:00.000+00:00 |
| wid-sec-w-2023-1158 | libxml2: Mehrere Schwachstellen ermöglichen Denial of Service | 2017-11-23T23:00:00.000+00:00 | 2024-12-03T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2024-0427 | Kwetsbaarheden verholpen in Google Chrome | 2024-10-30T11:36:05.615865Z | 2024-10-30T11:36:05.615865Z |
| ncsc-2024-0428 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2024-10-30T11:39:26.910666Z | 2024-10-30T11:39:26.910666Z |
| ncsc-2024-0429 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 2024-11-05T14:09:27.373651Z | 2024-11-05T14:09:27.373651Z |
| ncsc-2024-0430 | Kwetsbaarheid verholpen in Cisco Catalyst Access points | 2024-11-07T08:47:41.650502Z | 2024-11-07T08:47:41.650502Z |
| ncsc-2024-0431 | Kwetsbaarheden verholpen in Aruba Networks ArubaOS | 2024-11-07T08:51:16.689034Z | 2024-11-07T08:51:16.689034Z |
| ncsc-2024-0432 | Kwetsbaarheden verholpen in Cisco Identity Services Engine | 2024-11-07T08:55:49.899244Z | 2024-11-07T08:55:49.899244Z |
| ncsc-2024-0433 | Kwetsbaarheden verholpen in Siemens producten | 2024-11-12T14:19:20.051128Z | 2024-11-12T14:19:20.051128Z |
| ncsc-2024-0434 | Kwetsbaarheden verholpen in Microsoft Windows | 2024-11-12T18:53:07.914094Z | 2024-11-12T18:53:07.914094Z |
| ncsc-2024-0435 | Kwetsbaarheden verholpen in Microsoft Developer Tools | 2024-11-12T18:54:00.107773Z | 2024-11-12T18:54:00.107773Z |
| ncsc-2024-0436 | Kwetsbaarheden verholpen in Microsoft Azure | 2024-11-12T18:54:41.456199Z | 2024-11-12T18:54:41.456199Z |
| ncsc-2024-0437 | Kwetsbaarheden verholpen in Microsoft SQL Server | 2024-11-12T18:55:39.363057Z | 2024-11-12T18:55:39.363057Z |
| ncsc-2024-0438 | Kwetsbaarheid verholpen in Microsoft Exchange Server | 2024-11-12T18:56:25.729148Z | 2024-11-12T18:56:25.729148Z |
| ncsc-2024-0439 | Kwetsbaarheden verholpen in Microsoft Office | 2024-11-12T18:57:09.604321Z | 2024-11-12T18:57:09.604321Z |
| ncsc-2024-0440 | Kwetsbaarheden verholpen in Citrix Session Recording | 2024-11-13T08:51:17.257998Z | 2024-11-13T08:51:17.257998Z |
| ncsc-2024-0441 | Kwetsbaarheden verholpen in Ivanti Endpoint Manager | 2024-11-13T10:42:35.387490Z | 2024-11-13T10:42:35.387490Z |
| ncsc-2024-0442 | Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure | 2024-11-13T12:38:13.252957Z | 2024-11-13T12:38:13.252957Z |
| ncsc-2024-0443 | Kwetsbaarheden verholpen in Citrix NetScaler ADC en NetScaler Gateway | 2024-11-13T15:10:45.265209Z | 2024-11-13T15:10:45.265209Z |
| ncsc-2024-0444 | Kwetsbaarheden verholpen in Palo Alto PAN-OS | 2024-11-14T12:38:50.941039Z | 2024-11-14T12:38:50.941039Z |
| ncsc-2024-0445 | Kwetsbaarheden verholpen in Fortinet FortiClient | 2024-11-14T12:42:00.899040Z | 2024-11-14T12:42:00.899040Z |
| ncsc-2024-0446 | Kwetsbaarheid verholpen in Schneider Electric Ecostruxture | 2024-11-14T12:46:16.737874Z | 2024-11-14T12:46:16.737874Z |
| ncsc-2024-0447 | Kwetsbaarheden verholpen in GitLab CE/EE | 2024-11-15T12:29:35.775993Z | 2024-11-15T12:29:35.775993Z |
| ncsc-2024-0448 | Kwetsbaarheden verholpen in Adobe Illustrator | 2024-11-18T11:08:38.687476Z | 2024-11-18T11:08:38.687476Z |
| ncsc-2024-0449 | Kwetsbaarheden verholpen in Adobe InDesign | 2024-11-18T11:14:49.456205Z | 2024-11-18T11:14:49.456205Z |
| ncsc-2024-0450 | Kwetsbaarheid verholpen in Adobe Photoshop | 2024-11-18T11:18:22.537372Z | 2024-11-18T11:18:22.537372Z |
| ncsc-2024-0451 | Kwetsbaarheden verholpen in Palo Alto PAN-OS | 2024-11-18T16:00:29.206286Z | 2024-11-20T08:41:37.309906Z |
| ncsc-2024-0452 | Kwetsbaarheden verholpen in Siemens Tecnomatix Plant Simulation | 2024-11-19T08:19:24.590425Z | 2024-11-19T08:19:24.590425Z |
| ncsc-2024-0453 | Kwetsbaarheid verholpen in Oracle Agile PLM Framework | 2024-11-19T09:41:05.945149Z | 2024-11-19T09:41:05.945149Z |
| ncsc-2024-0454 | Kwetsbaarheid verholpen in GitHub CLI | 2024-11-19T15:03:48.421618Z | 2024-11-19T15:03:48.421618Z |
| ncsc-2024-0455 | Kwetsbaarheid verholpen in Trend Micro Deep Security | 2024-11-20T09:04:14.183257Z | 2024-11-20T09:04:14.183257Z |
| ncsc-2024-0456 | Kwetsbaarheden verholpen in Apple macOS en Safari | 2024-11-20T10:00:42.593160Z | 2024-11-20T10:00:42.593160Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-223353 | SSA-223353: Multiple Vulnerabilities in Nucleus RTOS based SIMOTICS CONNECT 400 | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-250085 | SSA-250085: Multiple Vulnerabilities in SINEC NMS and SINEMA Server | 2022-03-08T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-252466 | SSA-252466: Multiple Vulnerabilities in Climatix POL909 (AWM and AWB) | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-256353 | SSA-256353: Third-Party Component Vulnerabilities in RUGGEDCOM ROS | 2022-03-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-337210 | SSA-337210: Privilege Escalation Vulnerability in SINUMERIK MC | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-389290 | SSA-389290: Third-Party Component Vulnerabilities in SINEC INS | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-406691 | SSA-406691: Buffer Vulnerabilities in DHCP function of RUGGEDCOM ROX products | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-415938 | SSA-415938: Improper Access Control Vulnerability in Mendix | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-562051 | SSA-562051: Cross-Site Scripting Vulnerability in Polarion ALM | 2022-03-08T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-594438 | SSA-594438: Remote Code Execution and Denial-of-Service Vulnerability in multiple RUGGEDCOM ROX products | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-764417 | SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices | 2022-03-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-316850 | SSA-316850: Unauthenticated File Access in SICAM A8000 Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-350757 | SSA-350757: Improper Access Control Vulnerability in TIA Portal Affecting S7-1200 and S7-1500 CPUs Web Server (Incl. Related ET200 CPUs and SIPLUS variants) | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-392912 | SSA-392912: Multiple Denial Of Service Vulnerabilities in SCALANCE W1700 Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-414513 | SSA-414513: Information Disclosure Vulnerability in Mendix | 2022-04-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-446448 | SSA-446448: Denial of Service Vulnerability in PROFINET Stack Integrated on Interniche Stack | 2022-04-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-557541 | SSA-557541: Denial-of-Service Vulnerability in SIMATIC S7-400 CPUs | 2022-04-12T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-655554 | SSA-655554: Multiple Vulnerabilities in SIMATIC Energy Manager before V7.3 Update 1 | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-711829 | SSA-711829: Denial of Service Vulnerability in TIA Administrator | 2022-04-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-836527 | SSA-836527: Multiple Vulnerabilities in SCALANCE X-300 Switch Family Devices | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-870917 | SSA-870917: Improper Access Control Vulnerability in Mendix | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-998762 | SSA-998762: File Parsing Vulnerabilities in Simcenter Femap before V2022.1.2 | 2022-04-12T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-254054 | SSA-254054: Spring Framework Vulnerability (Spring4Shell or SpringShell, CVE-2022-22965) - Impact to Siemens Products | 2022-04-19T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-162616 | SSA-162616: File Parsing Vulnerabilities in Simcenter Femap before V2022.2 | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-165073 | SSA-165073: Multiple Vulnerabilities in the Webinterface of SICAM P850 and SICAM P855 Devices | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-285795 | SSA-285795: Denial of Service in OPC-UA in Industrial Products | 2022-05-10T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-321292 | SSA-321292: Denial of Service in the OPC Foundation Local Discovery Server (LDS) in Industrial Products | 2022-05-10T00:00:00Z | 2024-10-08T00:00:00Z |
| ssa-363107 | SSA-363107: An Improper Initialization Vulnerability Affects SIMATIC WinCC Kiosk Mode | 2022-05-10T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-480937 | SSA-480937: Denial of Service Vulnerability in CP 44x-1 RNA before V1.5.18 | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-553086 | SSA-553086: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2002:254 | Red Hat Security Advisory: : Updated Webalizer packages fix vulnerability | 2002-12-04T08:33:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002_254 | Red Hat Security Advisory: : Updated Webalizer packages fix vulnerability | 2002-12-04T08:33:00+00:00 | 2024-11-21T22:31:37+00:00 |
| rhsa-2002:255 | Red Hat Security Advisory: webalizer security update | 2002-12-04T15:21:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002_255 | Red Hat Security Advisory: webalizer security update | 2002-12-04T15:21:00+00:00 | 2024-11-21T22:31:39+00:00 |
| rhsa-2002:261 | Red Hat Security Advisory: Canna security update | 2002-12-10T15:15:00+00:00 | 2025-11-21T17:25:14+00:00 |
| rhsa-2002_261 | Red Hat Security Advisory: Canna security update | 2002-12-10T15:15:00+00:00 | 2024-11-21T22:31:30+00:00 |
| rhsa-2002:256 | Red Hat Security Advisory: wget security update | 2002-12-10T15:16:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002_256 | Red Hat Security Advisory: wget security update | 2002-12-10T15:16:00+00:00 | 2024-11-21T22:31:05+00:00 |
| rhsa-2002:229 | Red Hat Security Advisory: : : : Updated wget packages fix directory traversal bug | 2002-12-10T15:23:00+00:00 | 2025-11-21T17:25:10+00:00 |
| rhsa-2002_229 | Red Hat Security Advisory: : : : Updated wget packages fix directory traversal bug | 2002-12-10T15:23:00+00:00 | 2024-11-21T22:31:01+00:00 |
| rhsa-2002:293 | Red Hat Security Advisory: : Updated Fetchmail packages fix security vulnerability | 2002-12-17T09:20:00+00:00 | 2025-11-21T17:25:17+00:00 |
| rhsa-2002_293 | Red Hat Security Advisory: : Updated Fetchmail packages fix security vulnerability | 2002-12-17T09:20:00+00:00 | 2024-11-21T22:33:47+00:00 |
| rhsa-2002:294 | Red Hat Security Advisory: fetchmail security update | 2002-12-17T19:04:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002_294 | Red Hat Security Advisory: fetchmail security update | 2002-12-17T19:04:00+00:00 | 2024-11-21T22:33:51+00:00 |
| rhsa-2002:271 | Red Hat Security Advisory: pine security update | 2003-01-03T19:15:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002_271 | Red Hat Security Advisory: pine security update | 2003-01-03T19:15:00+00:00 | 2024-11-21T22:32:31+00:00 |
| rhsa-2002:270 | Red Hat Security Advisory: : : : Updated pine packages available | 2003-01-03T19:33:00+00:00 | 2025-11-21T17:25:15+00:00 |
| rhsa-2002_270 | Red Hat Security Advisory: : : : Updated pine packages available | 2003-01-03T19:33:00+00:00 | 2024-11-21T22:32:27+00:00 |
| rhsa-2002:289 | Red Hat Security Advisory: mysql security update | 2003-01-06T15:27:00+00:00 | 2025-11-21T17:25:16+00:00 |
| rhsa-2002_289 | Red Hat Security Advisory: mysql security update | 2003-01-06T15:27:00+00:00 | 2024-11-21T22:33:28+00:00 |
| rhsa-2002:290 | Red Hat Security Advisory: : Updated Ethereal packages are available | 2003-01-09T16:15:00+00:00 | 2025-11-21T17:25:16+00:00 |
| rhsa-2002_290 | Red Hat Security Advisory: : Updated Ethereal packages are available | 2003-01-09T16:15:00+00:00 | 2024-11-21T22:33:45+00:00 |
| rhsa-2002:251 | Red Hat Security Advisory: apache security update | 2003-01-09T20:10:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002_251 | Red Hat Security Advisory: apache security update | 2003-01-09T20:10:00+00:00 | 2024-11-21T22:31:31+00:00 |
| rhsa-2003:006 | Red Hat Security Advisory: : : : Updated libpng packages fix buffer overflow | 2003-01-13T15:28:00+00:00 | 2025-11-21T17:25:21+00:00 |
| rhsa-2003_006 | Red Hat Security Advisory: : : : Updated libpng packages fix buffer overflow | 2003-01-13T15:28:00+00:00 | 2024-11-21T22:36:14+00:00 |
| rhsa-2002:295 | Red Hat Security Advisory: : Updated CUPS packages fix various vulnerabilities | 2003-01-13T15:34:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002_295 | Red Hat Security Advisory: : Updated CUPS packages fix various vulnerabilities | 2003-01-13T15:34:00+00:00 | 2024-11-21T22:34:21+00:00 |
| rhsa-2003:009 | Red Hat Security Advisory: WindowMaker security update | 2003-01-14T13:43:00+00:00 | 2025-11-21T17:25:22+00:00 |
| rhsa-2003_009 | Red Hat Security Advisory: WindowMaker security update | 2003-01-14T13:43:00+00:00 | 2024-11-21T22:32:40+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-13-079-03 | Siemens WinCC TIA Portal Vulnerabilities | 2013-12-22T07:00:00.000000Z | 2025-06-06T15:58:50.552597Z |
| icsa-13-084-01 | Siemens CP 1604 and CP 1616 Improper Access Control | 2013-12-27T07:00:00.000000Z | 2025-06-06T22:53:49.627883Z |
| icsa-14-091-01 | Ecava IntegraXor Guest Account Information Disclosure Vulnerability | 2014-01-02T07:00:00.000000Z | 2025-06-09T19:47:25.741463Z |
| icsa-14-093-01 | Schneider Electric OPC Factory Server Buffer Overflow | 2014-01-04T07:00:00.000000Z | 2025-06-09T19:47:31.991088Z |
| icsa-14-098-01 | OSIsoft PI Interface for DNP3 Improper Input Validation | 2014-01-09T07:00:00.000000Z | 2025-06-09T19:47:38.220384Z |
| icsa-14-098-02 | WellinTech KingSCADA Stack-Based Buffer Overflow | 2014-01-09T07:00:00.000000Z | 2025-06-09T19:47:50.675225Z |
| icsa-14-098-03 | Siemens Ruggedcom WIN Products BEAST Attack Vulnerability | 2014-01-09T07:00:00.000000Z | 2025-06-09T19:47:56.923899Z |
| icsa-14-100-01 | IOServer Out of Bounds Read Vulnerability | 2014-01-11T07:00:00.000000Z | 2025-06-09T19:48:03.239416Z |
| icsa-14-105-01 | Progea Movicon SCADA Information Disclosure Vulnerability | 2014-01-16T07:00:00.000000Z | 2025-06-12T18:44:24.886887Z |
| icsa-14-105-02a | Innominate mGuard OpenSSL HeartBleed Vulnerability | 2014-01-16T07:00:00.000000Z | 2025-06-06T22:55:58.996445Z |
| icsa-14-105-03b | Siemens Industrial Products OpenSSL Heartbleed Vulnerability (Update B) | 2014-01-16T07:00:00.000000Z | 2025-06-09T19:48:09.507058Z |
| icsa-14-107-01 | Siemens SINEMA Vulnerabilities | 2014-01-18T07:00:00.000000Z | 2025-06-06T18:44:58.592001Z |
| icsa-14-107-02 | InduSoft Web Studio Directory Traversal Vulnerability | 2014-01-18T07:00:00.000000Z | 2025-06-06T18:45:17.946852Z |
| icsa-14-114-01 | Certec atvise scada OpenSSL Heartbleed Vulnerability | 2014-01-25T07:00:00.000000Z | 2025-06-06T18:45:24.365433Z |
| icsa-14-114-02 | Siemens SIMATIC S7-1200 CPU Web Vulnerabilities | 2014-01-25T07:00:00.000000Z | 2025-06-06T18:45:30.985803Z |
| icsa-14-121-01 | AMTELCO miSecure Vulnerabilities | 2014-02-01T07:00:00.000000Z | 2025-06-09T19:48:15.910849Z |
| icsa-14-126-01a | ABB Relion 650 Series OpenSSL Vulnerability (Update A) | 2014-02-06T07:00:00.000000Z | 2025-06-09T19:48:28.398218Z |
| icsa-14-128-01 | Digi International OpenSSL Vulnerability | 2014-02-08T07:00:00.000000Z | 2025-06-09T19:48:34.797683Z |
| icsa-14-133-01 | Yokogawa Multiple Products Vulnerabilities | 2014-02-13T07:00:00.000000Z | 2025-06-09T19:48:41.450208Z |
| icsa-14-133-02 | Emerson DeltaV Vulnerabilities | 2014-02-13T07:00:00.000000Z | 2025-06-09T19:49:06.355363Z |
| icsa-14-135-01 | CSWorks Software SQL Injection Vulnerability | 2014-02-15T07:00:00.000000Z | 2025-06-09T19:49:19.141034Z |
| icsa-14-135-02 | Schneider Electric Wonderware Intelligence Security Patch for OpenSSL Vulnerability | 2014-02-15T07:00:00.000000Z | 2025-06-09T19:49:25.382123Z |
| icsa-14-135-03a | Siemens RuggedCom ROX-based Devices Certificate Verification Vulnerability (Update A) | 2014-02-15T07:00:00.000000Z | 2025-06-09T19:49:31.780137Z |
| icsa-14-135-04 | Unified Automation OPC SDK OpenSSL Vulnerability | 2014-02-15T07:00:00.000000Z | 2025-06-09T19:49:38.008876Z |
| icsa-14-135-05 | OpenSSL Vulnerability | 2014-02-15T07:00:00.000000Z | 2025-06-09T19:49:44.423856Z |
| icsa-14-149-01 | Triangle MicroWorks Uncontrolled Resource Consumption | 2014-03-01T07:00:00.000000Z | 2025-06-09T19:49:50.848677Z |
| icsa-14-149-02 | Cogent DataHub Vulnerabilities | 2014-03-01T07:00:00.000000Z | 2025-06-09T19:50:03.330208Z |
| icsa-14-154-01 | COPA-DATA Improper Input Validation | 2014-03-06T07:00:00.000000Z | 2025-06-09T19:50:22.034930Z |
| icsa-14-175-01 | Honeywell FALCON XLWeb Controllers Vulnerabilities | 2014-03-27T06:00:00.000000Z | 2025-06-09T19:50:34.818730Z |
| icsa-14-189-01 | Yokogawa Centum Buffer Overflow Vulnerability | 2014-04-10T06:00:00.000000Z | 2025-06-09T19:50:47.578955Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20180516-dna | Cisco Digital Network Architecture Center Unauthorized Access Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-dna2 | Cisco Digital Network Architecture Center Authentication Bypass Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-dnac | Cisco Digital Network Architecture Center Static Credentials Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-firepwr-pb | Cisco Firepower Threat Defense Software Policy Bypass Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-fnd | Cisco IoT Field Network Director Cross-Site Request Forgery Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-ident-se-xss | Cisco Identity Services Engine Cross-Site Scripting Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-ip-phone-dos | Cisco IP Phone 7800 Series and 8800 Series and Cisco Wireless IP Phone 8821 Denial of Service Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-08-16T14:14:00+00:00 |
| cisco-sa-20180516-ise-xss | Cisco Identity Services Engine Logs Cross-Site Scripting Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-iseeap | Cisco Identity Services Engine EAP TLS Certificate Denial of Service Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-09-24T21:17:00+00:00 |
| cisco-sa-20180516-msms | Cisco Meeting Server Media Services Denial of Service Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-nfvis | Cisco Enterprise NFV Infrastructure Software Linux Shell Access Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-nfvis-cli-command-injection | Cisco Enterprise NFV Infrastructure Software CLI Command Injection Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T17:46:00+00:00 |
| cisco-sa-20180516-nfvis-path-traversal | Cisco Enterprise NFV Infrastructure Software Web Management Interface Path Traversal Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T18:05:00+00:00 |
| cisco-sa-20180516-socmin-dos | Cisco SocialMiner Notification System Denial of Service Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-05-16T16:00:00+00:00 |
| cisco-sa-20180516-telepres-xfs | Cisco TelePresence IX5000 Series and TelePresence TX9000 Series Cross-Frame Scripting Vulnerability | 2018-05-16T16:00:00+00:00 | 2018-08-24T13:57:00+00:00 |
| cisco-sa-20180521-cpusidechannel | CPU Side-Channel Information Disclosure Vulnerabilities: May 2018 | 2018-05-22T01:00:00+00:00 | 2018-08-31T20:24:00+00:00 |
| cisco-sa-20180606-aaa | Cisco IOS XE Software Authentication, Authorization, and Accounting Login Authentication Remote Code Execution Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-08T13:55:00+00:00 |
| cisco-sa-20180606-anyconnect-cert-bypass | Cisco AnyConnect Secure Mobility Client Certificate Bypass Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-asaftd | Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability | 2018-06-06T16:00:00+00:00 | 2019-09-24T17:49:53+00:00 |
| cisco-sa-20180606-cms-id | Cisco Meeting Server Information Disclosure Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-11T20:52:00+00:00 |
| cisco-sa-20180606-cpcp-id | Cisco Prime Collaboration Provisioning Cleartext Passwords Written to World-Readable File Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-cuc-xss | Cisco Unity Connection Cross-Site Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-cucm-xfs | Cisco Unified Communications Manager Cross-Frame Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-diskdos | Multiple Cisco Products Disk Utilization Denial of Service Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-07-02T14:32:00+00:00 |
| cisco-sa-20180606-firesight-vpn-bypass | Cisco FireSIGHT System VPN Policy Bypass Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-ip-phone-dos | Cisco Unified IP Phone Software Denial of Service Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T18:02:00+00:00 |
| cisco-sa-20180606-ise-xss | Cisco Identity Services Engine Cross-Site Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-multiplatform-sip | Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-nso | Cisco Network Services Orchestrator Arbitrary Command Execution Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-prime-access | Cisco Prime Collaboration Provisioning Access Control Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2017-12613 | When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input. | 2017-10-02T00:00:00.000Z | 2025-10-01T23:10:55.000Z |
| msrc_cve-2017-15042 | An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STARTTLS and does advertise that PLAIN auth is OK, the smtp.PlainAuth implementation sends the username and password. | 2017-10-02T00:00:00.000Z | 2025-09-03T22:44:27.000Z |
| msrc_cve-2017-15370 | There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. | 2017-10-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2017-15371 | There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. | 2017-10-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2017-1000232 | A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. | 2017-11-02T00:00:00.000Z | 2022-08-04T00:00:00.000Z |
| msrc_cve-2017-14176 | Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands | 2017-11-02T00:00:00.000Z | 2025-10-01T23:10:55.000Z |
| msrc_cve-2017-14992 | Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0 1.10.3 17.03.0 17.03.1 17.03.2 17.06.0 17.06.1 17.06.2 17.09.0 and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload aka gzip bombing. | 2017-11-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2017-15275 | Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. | 2017-11-02T00:00:00.000Z | 2024-10-15T00:00:00.000Z |
| msrc_cve-2017-16754 | Bolt before 3.3.6 does not properly restrict access to _profiler routes | 2017-11-02T00:00:00.000Z | 2025-10-01T23:10:55.000Z |
| msrc_cve-2017-16844 | Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size a different vulnerability than CVE-2014-3618. | 2017-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2017-11697 | The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file. | 2017-12-02T00:00:00.000Z | 2025-09-03T22:48:37.000Z |
| msrc_cve-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting | 2017-12-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2012-6708 | jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common. | 2018-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2015-9251 | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option causing text/javascript responses to be executed. | 2018-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2017-17969 | Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | 2018-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-5996 | Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. | 2018-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2004-2779 | id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS). | 2018-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2014-5282 | Docker before 1.3 does not properly validate image IDs which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. | 2018-02-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2018-1000026 | Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.. | 2018-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2018-1000035 | A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution. | 2018-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-6951 | An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault associated with a NULL pointer dereference leading to a denial of service in the intuit_diff_type function in pch.c aka a "mangled rename" issue. | 2018-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-6952 | A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. | 2018-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-7263 | The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service | 2018-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-18207 | The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions. | 2018-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2017-18214 | The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string a different vulnerability than CVE-2016-4055. | 2018-03-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2018-1000097 | Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file.. | 2018-03-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-1000110 | An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. | 2018-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2018-1050 | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. | 2018-03-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-1057 | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords including administrative users and privileged service accounts (eg Domain Controllers). | 2018-03-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-9057 | aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password. | 2018-03-02T00:00:00.000Z | 2022-04-02T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201904-1632 | China United Network Communications Group Co., Ltd. ("China Unicom" for short) is a telec… | 2022-05-04T08:36:14.803000Z |
| var-201903-1633 | Kodak video conference terminal console exists Cookie Stored in plaintext password vulner… | 2022-05-04T08:36:23.987000Z |
| var-201903-1738 | Philips Smart Wireless Speaker is an artificial intelligence-based music player that can … | 2022-05-04T08:36:23.933000Z |
| var-201901-1691 | ESPCMS is a set of enterprise website management system based on LAMP development and con… | 2022-05-04T08:36:32.541000Z |
| var-201811-1129 | Shanghai Feixun Data Communication Technology Co., Ltd. is a technologically innovative e… | 2022-05-04T08:36:54.996000Z |
| var-201810-1611 | The Sunell camera is a camera produced by Shenzhen Jingyang Technology Co., Ltd. An auth… | 2022-05-04T08:36:57.873000Z |
| var-201809-1342 | The NSG ™ 9000-6G high-density universal edgeQAM system is a highly integrated digital vi… | 2022-05-04T08:37:13.933000Z |
| var-201808-1085 | Wenzhou Dongkun Technology Co., Ltd. is a high-tech enterprise integrating design, resear… | 2022-05-04T08:37:20.498000Z |
| var-201806-1887 | Skyworth Group Co., Ltd. is a technology listed company that produces consumer electronic… | 2022-05-04T08:37:46.513000Z |
| var-201804-1732 | Shenzhen Tongwei Digital Technology Co., Ltd. (TVT) is a world-class product and system s… | 2022-05-04T08:38:03.623000Z |
| var-201803-2362 | The Play Library SDK is developed based on Dahua's proprietary stream encapsulation proto… | 2022-05-04T08:38:30.750000Z |
| var-201801-1821 | pelco Sarix Professional is a video camera. There is a login bypass vulnerability in the… | 2022-05-04T08:38:52.097000Z |
| var-201801-1842 | pelco Sarix Professional is a video camera. There is an unauthorized access vulnerabilit… | 2022-05-04T08:38:52.086000Z |
| var-201712-0144 | Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1… | 2022-05-04T08:39:09.657000Z |
| var-201709-1254 | Delllaptop is a portable computer from Dell Corporation of the United States. WavesAudioW… | 2022-05-04T08:39:26.418000Z |
| var-201708-1646 | The DIR series is a series of cloud router products from D-Link. A remote command executi… | 2022-05-04T08:39:29.740000Z |
| var-201706-1111 | Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… | 2022-05-04T08:39:57.935000Z |
| var-201706-1132 | Dahua Alarm Management Platform is a comprehensive system solution with alarm reception a… | 2022-05-04T08:39:57.924000Z |
| var-201702-1098 | Shenzhen Haishilian Technology Co., Ltd. is a comprehensive technology enterprise integra… | 2022-05-04T08:40:32.175000Z |
| var-201701-1167 | Modicon M218 is a compact programmable logic controller produced by Schneider Electric of… | 2022-05-04T08:40:40.276000Z |
| var-201612-0654 | SamsungDVR is a small PC for recording TV broadcast, cable TV or DirectTV transmission. S… | 2022-05-04T08:40:56.806000Z |
| var-201611-0399 | Hisense camera has weak password, allowing initial password login | 2022-05-04T08:41:29.685000Z |
| var-201611-0420 | D-Link DIR-890L is a wireless cloud router. A buffer overflow vulnerability exists in th… | 2022-05-04T08:41:29.674000Z |
| var-201610-0723 | Zhongke Dayang 3GLive Multimedia is based on 3G network technology and provides a brand n… | 2022-05-04T08:41:35.320000Z |
| var-201501-0782 | Netcore is a manufacturer of network communications in Shenzhen Leike. Its main products … | 2022-05-04T08:43:39.336000Z |
| var-201405-0648 | Cisco NX-OS is a data center-class operating system that embodies modular design, resilie… | 2022-05-04T08:44:10.408000Z |
| var-201312-0607 | ASUS WL520gu Wireless Router is a wireless router device. The ASUS WL520gu Wireless Route… | 2022-05-04T08:44:26.610000Z |
| var-201208-0026 | ** DISPUTED ** Race condition in 3D EQSecure Professional Edition 4.2 on Windows XP allow… | 2022-05-04T08:45:24.696000Z |
| var-201208-0033 | Race condition in Comodo Internet Security before 4.1.149672.916 on Windows XP allows loc… | 2022-05-04T08:45:24.663000Z |
| var-201003-0524 | RCA Digital Cable Modem DCM425 is a modem that provides a high-speed two-way connection b… | 2022-05-04T08:47:52.941000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000260 | Shihonkanri Plus Ver2 GOOUT directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000290 | InfoBarrier4 self-decrypted file vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000295 | APOP password recovery vulnerability | 2008-05-21T00:00+09:00 | 2009-08-06T11:39+09:00 |
| jvndb-2007-000297 | Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-07-11T13:47+09:00 |
| jvndb-2007-000301 | Canon Network Camera Server VB100 Series vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000322 | Lunascape RSS reader arbitrary script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000329 | Java Web Start vulnerable to execution of unauthorized system classes | 2008-05-21T00:00+09:00 | 2008-06-06T16:22+09:00 |
| jvndb-2007-000395 | Homepage Builder sample CGI programs vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000400 | Advance-Flow cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000420 | HP System Management Homepage cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000429 | Meneame cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000434 | ADPLAN cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000446 | Internet Explorer vulnerable in MHTML handling | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000447 | Internet Explorer vulnerable in handling MHTML protocol | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000454 | dotProject cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000456 | Apache Tomcat sample web application cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-07-11T13:48+09:00 |
| jvndb-2007-000457 | Apache Tomcat cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-07-11T13:48+09:00 |
| jvndb-2007-000471 | RaidenHTTPD cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000476 | Hiki arbitrary file deletion vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000486 | rktSNS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000487 | sHTTPd cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000491 | Lhaca LHZ Archive Extended Header Size Processing Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000494 | KDDI sample CGI download program directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000507 | Flash Player allows to send arbitrary Referer headers | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000548 | Nessus report function vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000551 | Aruba Mobility Controller Series cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000559 | Yayoi Kaikei improper handling of credential information | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000560 | Safari URL spoofing vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000572 | WebCart cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000598 | Apache Tomcat Host Manager cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:03321-1 | Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP7) | 2025-09-23T22:34:08Z | 2025-09-23T22:34:08Z |
| suse-su-2025:03318-1 | Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7) | 2025-09-24T02:04:44Z | 2025-09-24T02:04:44Z |
| suse-su-2025:03329-1 | Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5) | 2025-09-24T05:33:35Z | 2025-09-24T05:33:35Z |
| suse-su-2025:03331-1 | Security update for avahi | 2025-09-24T06:54:26Z | 2025-09-24T06:54:26Z |
| suse-su-2025:03332-1 | Security update for avahi | 2025-09-24T06:54:39Z | 2025-09-24T06:54:39Z |
| suse-su-2025:03333-1 | Security update for avahi | 2025-09-24T06:55:11Z | 2025-09-24T06:55:11Z |
| suse-su-2025:03336-1 | Security update for the Linux Kernel (Live Patch 62 for SLE 12 SP5) | 2025-09-24T08:33:29Z | 2025-09-24T08:33:29Z |
| suse-su-2025:03337-1 | Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5) | 2025-09-24T09:33:31Z | 2025-09-24T09:33:31Z |
| suse-su-2025:03339-1 | Security update for the Linux Kernel (Live Patch 69 for SLE 12 SP5) | 2025-09-24T11:03:57Z | 2025-09-24T11:03:57Z |
| suse-su-2025:03341-1 | Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) | 2025-09-24T12:33:28Z | 2025-09-24T12:33:28Z |
| suse-su-2025:03342-1 | Security update for the Linux Kernel (Live Patch 64 for SLE 12 SP5) | 2025-09-24T13:03:48Z | 2025-09-24T13:03:48Z |
| suse-su-2025:03343-1 | Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP6) | 2025-09-24T13:03:51Z | 2025-09-24T13:03:51Z |
| suse-su-2025:03344-1 | Security update for the Linux Kernel | 2025-09-24T13:34:27Z | 2025-09-24T13:34:27Z |
| suse-su-2025:03345-1 | Security update for tiff | 2025-09-24T13:55:43Z | 2025-09-24T13:55:43Z |
| suse-su-2025:03346-1 | Security update for tiff | 2025-09-24T14:03:15Z | 2025-09-24T14:03:15Z |
| suse-su-2025:03348-1 | Security update for tiff | 2025-09-24T14:05:05Z | 2025-09-24T14:05:05Z |
| suse-su-2025:03350-1 | Security update for the Linux Kernel (Live Patch 67 for SLE 12 SP5) | 2025-09-24T16:33:38Z | 2025-09-24T16:33:38Z |
| suse-su-2025:20824-1 | Security update for curl | 2025-09-25T10:52:04Z | 2025-09-25T10:52:04Z |
| suse-su-2025:03352-1 | Security update for openjpeg2 | 2025-09-25T11:50:17Z | 2025-09-25T11:50:17Z |
| suse-su-2025:03353-1 | Security update for openjpeg2 | 2025-09-25T11:51:37Z | 2025-09-25T11:51:37Z |
| suse-su-2025:03354-1 | Security update for python-pycares | 2025-09-25T13:29:37Z | 2025-09-25T13:29:37Z |
| suse-su-2025:03356-1 | Security update for the Linux Kernel (Live Patch 70 for SLE 12 SP5) | 2025-09-25T17:33:32Z | 2025-09-25T17:33:32Z |
| suse-su-2025:03358-1 | Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3) | 2025-09-25T20:03:49Z | 2025-09-25T20:03:49Z |
| suse-su-2025:03359-1 | Security update for the Linux Kernel (Live Patch 50 for SLE 15 SP3) | 2025-09-25T20:48:27Z | 2025-09-25T20:48:27Z |
| suse-su-2025:03363-1 | Security update for the Linux Kernel (Live Patch 59 for SLE 15 SP3) | 2025-09-26T05:33:43Z | 2025-09-26T05:33:43Z |
| suse-su-2025:03362-1 | Security update for the Linux Kernel (Live Patch 58 for SLE 15 SP3) | 2025-09-26T07:04:05Z | 2025-09-26T07:04:05Z |
| suse-su-2025:20801-1 | Security update for udisks2 | 2025-09-26T09:12:26Z | 2025-09-26T09:12:26Z |
| suse-su-2025:03367-1 | Security update for jasper | 2025-09-26T09:14:33Z | 2025-09-26T09:14:33Z |
| suse-su-2025:20802-1 | Security update for curl | 2025-09-26T09:20:48Z | 2025-09-26T09:20:48Z |
| suse-su-2025:20825-1 | Security update for net-tools | 2025-09-26T09:29:17Z | 2025-09-26T09:29:17Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2025:15659-1 | bind-9.20.15-1.1 on GA media | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| opensuse-su-2025:15660-1 | java-11-openjdk-11.0.29.0-1.1 on GA media | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| opensuse-su-2025:15661-1 | java-17-openjdk-17.0.17.0-1.1 on GA media | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| opensuse-su-2025:15662-1 | micropython-1.26.0-2.1 on GA media | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| opensuse-su-2025:15663-1 | openbao-2.4.3-1.1 on GA media | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| opensuse-su-2025:15664-1 | python311-pypdf-6.1.3-1.1 on GA media | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| opensuse-su-2025:15665-1 | chromedriver-141.0.7390.122-1.1 on GA media | 2025-10-24T00:00:00Z | 2025-10-24T00:00:00Z |
| opensuse-su-2025:15666-1 | govulncheck-vulndb-0.0.20251023T162509-1.1 on GA media | 2025-10-24T00:00:00Z | 2025-10-24T00:00:00Z |
| opensuse-su-2025:15667-1 | netty-4.1.128-1.1 on GA media | 2025-10-24T00:00:00Z | 2025-10-24T00:00:00Z |
| opensuse-su-2025:15668-1 | libunbound8-1.24.1-1.1 on GA media | 2025-10-24T00:00:00Z | 2025-10-24T00:00:00Z |
| opensuse-su-2025:15669-1 | grafana-11.6.7-1.1 on GA media | 2025-10-27T00:00:00Z | 2025-10-27T00:00:00Z |
| opensuse-su-2025:15670-1 | java-21-openjdk-21.0.9.0-1.1 on GA media | 2025-10-27T00:00:00Z | 2025-10-27T00:00:00Z |
| opensuse-su-2025:15671-1 | kernel-devel-6.17.5-1.1 on GA media | 2025-10-27T00:00:00Z | 2025-10-27T00:00:00Z |
| opensuse-su-2025:15672-1 | libluajit-5_1-2-2.1.20250826-1.1 on GA media | 2025-10-27T00:00:00Z | 2025-10-27T00:00:00Z |
| opensuse-su-2025:15673-1 | xen-4.20.1_06-1.1 on GA media | 2025-10-27T00:00:00Z | 2025-10-27T00:00:00Z |
| opensuse-su-2025-20027-1 | Security update for chromium | 2025-10-27T09:16:17Z | 2025-10-27T09:16:17Z |
| opensuse-su-2025-20031-1 | Security update for warewulf4 | 2025-10-27T09:58:12Z | 2025-10-27T09:58:12Z |
| opensuse-su-2025:15674-1 | java-25-openjdk-25.0.1.0-1.1 on GA media | 2025-10-28T00:00:00Z | 2025-10-28T00:00:00Z |
| opensuse-su-2025-20032-1 | Security update for chromium | 2025-10-28T06:36:32Z | 2025-10-28T06:36:32Z |
| opensuse-su-2025:15675-1 | coreboot-utils-25.09-2.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15676-1 | dovecot24-2.4.2-1.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15677-1 | kea-3.0.2-1.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15678-1 | libmozjs-115-0-115.15.0-6.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15679-1 | libmozjs-128-0-128.14.0-2.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15680-1 | ongres-scram-3.2-7.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15681-1 | strongswan-6.0.3-1.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15682-1 | libtiff-devel-32bit-4.7.1-3.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15683-1 | xorg-x11-server-21.1.15-7.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025:15684-1 | xwayland-24.1.8-4.1 on GA media | 2025-10-29T00:00:00Z | 2025-10-29T00:00:00Z |
| opensuse-su-2025-20021-1 | Security update for MozillaThunderbird | 2025-10-29T17:54:20Z | 2025-10-29T17:54:20Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-00098 | HumHub SQL注入漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00099 | Apache POI拒绝服务漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00100 | Apache Solr跨站脚本漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00101 | McAfee ePolicy Orchestrator 'conditionXML'参数XML外部实体注入漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00102 | Xen拒绝服务漏洞(CNVD-2015-00102) | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00103 | FlexPaper 'FlexPaperViewer.swf'跨站脚本漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00104 | FlexPaper ‘FlexPaperViewer.swf'’内容欺骗漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00105 | Sefrengo CMS 'main.php'存在多个SQL注入漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00106 | Sefrengo CMS 'main.php'跨站脚本漏洞 | 2015-01-07 | 2015-01-08 |
| cnvd-2015-00148 | Microsoft Dynamics CRM跨站脚本漏洞 | 2015-01-07 | 2015-01-09 |
| cnvd-2015-00144 | e107 ' e107_admin/users.php'跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00145 | Hex-Rays IDA Pro缓冲区溢出漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00146 | Ruby RedCloth library跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00147 | Easy File Sharing Web Server跨站脚本漏洞(CNVD-2015-00147) | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00151 | SAP NetWeaver Business Client存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00152 | ZOHO ManageEngine ADSelfService Plus跨站脚本漏洞(CNVD-2015-00152) | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00153 | CGManager本地信息泄露漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00154 | Strongswan IKEv2 Payloads远程拒绝服务漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00155 | D-Bus本地权限提升漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00156 | Asuswrt 'infosvr'远程命令执行漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00157 | Open-Xchange Server/OX App Suite存在未明HTML注入漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00158 | WordPress插件Banner Effect Header 'options-general.php'跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00159 | Kajona 'admin.php'跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00160 | TYPO3存在未明漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00161 | TYPO3 Url任意域修改漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00162 | Smoothwall Express存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00163 | Smoothwall Express跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00164 | Smoothwall Express存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00165 | WordPress插件Simplelife存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00166 | WordPress插件SimpleFlickr存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2001-AVI-012 | Vulnérabilité dans le protocole RDP sous Windows 2000 | 2001-02-01T00:00:00.000000 | 2001-02-01T00:00:00.000000 |
| certa-2001-avi-012 | Vulnérabilité dans le protocole RDP sous Windows 2000 | 2001-02-01T00:00:00.000000 | 2001-02-01T00:00:00.000000 |
| CERTA-2001-AVI-013 | Vulnérabilités sur les commutateurs CISCO série CSS | 2001-02-05T00:00:00.000000 | 2001-02-05T00:00:00.000000 |
| certa-2001-avi-013 | Vulnérabilités sur les commutateurs CISCO série CSS | 2001-02-05T00:00:00.000000 | 2001-02-05T00:00:00.000000 |
| CERTA-2001-AVI-014 | Vulnérabilité de l'agent NDDE de Microsoft Windows | 2001-02-07T00:00:00.000000 | 2001-02-07T00:00:00.000000 |
| certa-2001-avi-014 | Vulnérabilité de l'agent NDDE de Microsoft Windows | 2001-02-07T00:00:00.000000 | 2001-02-07T00:00:00.000000 |
| CERTA-2001-AVI-015 | Vulnérabilité de Windows NT 4 dans l'authentification NTLM | 2001-02-08T00:00:00.000000 | 2001-02-08T00:00:00.000000 |
| certa-2001-avi-015 | Vulnérabilité de Windows NT 4 dans l'authentification NTLM | 2001-02-08T00:00:00.000000 | 2001-02-08T00:00:00.000000 |
| CERTA-2001-AVI-016 | Vulnérabilité des logiciels d'administration à distance de Compaq | 2001-02-12T00:00:00.000000 | 2001-02-12T00:00:00.000000 |
| CERTA-2001-AVI-017 | Vulnérabilité de SSH | 2001-02-12T00:00:00.000000 | 2001-02-12T00:00:00.000000 |
| certa-2001-avi-016 | Vulnérabilité des logiciels d'administration à distance de Compaq | 2001-02-12T00:00:00.000000 | 2001-02-12T00:00:00.000000 |
| certa-2001-avi-017 | Vulnérabilité de SSH | 2001-02-12T00:00:00.000000 | 2001-02-12T00:00:00.000000 |
| CERTA-2001-AVI-018 | Vulnérabilité sous Windows NT 4 dans le protocole PPTP | 2001-02-14T00:00:00.000000 | 2001-02-14T00:00:00.000000 |
| certa-2001-avi-018 | Vulnérabilité sous Windows NT 4 dans le protocole PPTP | 2001-02-14T00:00:00.000000 | 2001-02-14T00:00:00.000000 |
| CERTA-2001-AVI-019 | Vulnérabilité de Vixie-cron sous Unix | 2001-02-21T00:00:00.000000 | 2001-02-21T00:00:00.000000 |
| CERTA-2001-AVI-020 | Vulnérabilité dans le contrôleur de domaine de Windows 2000 Server | 2001-02-21T00:00:00.000000 | 2001-02-21T00:00:00.000000 |
| certa-2001-avi-019 | Vulnérabilité de Vixie-cron sous Unix | 2001-02-21T00:00:00.000000 | 2001-02-21T00:00:00.000000 |
| certa-2001-avi-020 | Vulnérabilité dans le contrôleur de domaine de Windows 2000 Server | 2001-02-21T00:00:00.000000 | 2001-02-21T00:00:00.000000 |
| CERTA-2001-AVI-021 | Vulnérabilité sous Microsoft Outlook et Outlook Express | 2001-02-23T00:00:00.000000 | 2001-02-23T00:00:00.000000 |
| certa-2001-avi-021 | Vulnérabilité sous Microsoft Outlook et Outlook Express | 2001-02-23T00:00:00.000000 | 2001-02-23T00:00:00.000000 |
| CERTA-2001-AVI-022 | Vulnérabilité dans le <SPAN class= "textit">Java Runtime Environment</SPAN> (JRE) de Sun | 2001-02-27T00:00:00.000000 | 2001-02-27T00:00:00.000000 |
| certa-2001-avi-022 | Vulnérabilité dans le <SPAN class= "textit">Java Runtime Environment</SPAN> (JRE) de Sun | 2001-02-27T00:00:00.000000 | 2001-02-27T00:00:00.000000 |
| CERTA-2001-AVI-023 | Dépassement de mémoire dans l'observateur d'événements de Windows 2000 | 2001-02-28T00:00:00.000000 | 2001-02-28T00:00:00.000000 |
| certa-2001-avi-023 | Dépassement de mémoire dans l'observateur d'événements de Windows 2000 | 2001-02-28T00:00:00.000000 | 2001-02-28T00:00:00.000000 |
| CERTA-2001-AVI-024 | Vulnérabilité dans la gestion des clients sous Lotus Notes | 2001-03-01T00:00:00.000000 | 2001-03-01T00:00:00.000000 |
| certa-2001-avi-024 | Vulnérabilité dans la gestion des clients sous Lotus Notes | 2001-03-01T00:00:00.000000 | 2001-03-01T00:00:00.000000 |
| CERTA-2001-AVI-025 | Vulnérabilité d'Internet Information Server 5.0 et Exchange 2000 | 2001-03-02T00:00:00.000000 | 2001-03-02T00:00:00.000000 |
| certa-2001-avi-025 | Vulnérabilité d'Internet Information Server 5.0 et Exchange 2000 | 2001-03-02T00:00:00.000000 | 2001-03-02T00:00:00.000000 |
| CERTA-2001-AVI-026 | Vulnérabilités dans les commutateurs CISCO IOS | 2001-03-05T00:00:00.000000 | 2001-03-05T00:00:00.000000 |
| certa-2001-avi-026 | Vulnérabilités dans les commutateurs CISCO IOS | 2001-03-05T00:00:00.000000 | 2001-03-05T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2007-ALE-015 | Vulnérabilité dans le traitement des URI sous Windows | 2007-10-10T00:00:00.000000 | 2007-11-14T00:00:00.000000 |
| certa-2007-ale-015 | Vulnérabilité dans le traitement des URI sous Windows | 2007-10-10T00:00:00.000000 | 2007-11-14T00:00:00.000000 |
| CERTA-2007-ALE-016 | Vulnérabilité d'Oracle 10g | 2007-11-16T00:00:00.000000 | 2007-11-16T00:00:00.000000 |
| certa-2007-ale-016 | Vulnérabilité d'Oracle 10g | 2007-11-16T00:00:00.000000 | 2007-11-16T00:00:00.000000 |
| CERTA-2007-ALE-017 | Vulnérabilité dans la gestion RTSP d'Apple QuickTime | 2007-11-27T00:00:00.000000 | 2007-12-14T00:00:00.000000 |
| certa-2007-ale-017 | Vulnérabilité dans la gestion RTSP d'Apple QuickTime | 2007-11-27T00:00:00.000000 | 2007-12-14T00:00:00.000000 |
| CERTA-2008-ALE-001 | Vulnérabilité dans Apple QuickTime | 2008-01-11T00:00:00.000000 | 2008-02-07T00:00:00.000000 |
| certa-2008-ale-001 | Vulnérabilité dans Apple QuickTime | 2008-01-11T00:00:00.000000 | 2008-02-07T00:00:00.000000 |
| CERTA-2008-ALE-002 | Vulnérabilité dans Joomla! | 2008-01-14T00:00:00.000000 | 2008-02-25T00:00:00.000000 |
| certa-2008-ale-002 | Vulnérabilité dans Joomla! | 2008-01-14T00:00:00.000000 | 2008-02-25T00:00:00.000000 |
| CERTA-2008-ALE-003 | Vulnérabilité dans Excel | 2008-01-16T00:00:00.000000 | 2008-03-12T00:00:00.000000 |
| certa-2008-ale-003 | Vulnérabilité dans Excel | 2008-01-16T00:00:00.000000 | 2008-03-12T00:00:00.000000 |
| CERTA-2008-ALE-004 | Vulnérabilité dans VMware | 2008-02-27T00:00:00.000000 | 2008-04-16T00:00:00.000000 |
| certa-2008-ale-004 | Vulnérabilité dans VMware | 2008-02-27T00:00:00.000000 | 2008-04-16T00:00:00.000000 |
| CERTA-2008-ALE-005 | Vulnérabilité dans Microsoft Jet Database Engine | 2008-03-25T00:00:00.000000 | 2008-05-14T00:00:00.000000 |
| certa-2008-ale-005 | Vulnérabilité dans Microsoft Jet Database Engine | 2008-03-25T00:00:00.000000 | 2008-05-14T00:00:00.000000 |
| CERTA-2008-ALE-006 | Vulnérabilités dans HP OpenView NNM | 2008-04-18T00:00:00.000000 | 2010-06-10T00:00:00.000000 |
| certa-2008-ale-006 | Vulnérabilités dans HP OpenView NNM | 2008-04-18T00:00:00.000000 | 2010-06-10T00:00:00.000000 |
| CERTA-2008-ALE-007 | Multiples vulnérabilités dans Apple iCal | 2008-05-23T00:00:00.000000 | 2008-05-29T00:00:00.000000 |
| certa-2008-ale-007 | Multiples vulnérabilités dans Apple iCal | 2008-05-23T00:00:00.000000 | 2008-05-29T00:00:00.000000 |
| CERTA-2008-ALE-008 | Vulnérabilité du navigateur Safari | 2008-06-02T00:00:00.000000 | 2008-06-20T00:00:00.000000 |
| certa-2008-ale-008 | Vulnérabilité du navigateur Safari | 2008-06-02T00:00:00.000000 | 2008-06-20T00:00:00.000000 |
| CERTA-2008-ALE-009 | Vulnérabilité dans Microsoft Access Snapshot Viewer | 2008-07-08T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-ale-009 | Vulnérabilité dans Microsoft Access Snapshot Viewer | 2008-07-08T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| CERTA-2008-ALE-010 | Vulnérabilité dans Microsoft Word | 2008-07-09T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| certa-2008-ale-010 | Vulnérabilité dans Microsoft Word | 2008-07-09T00:00:00.000000 | 2008-08-13T00:00:00.000000 |
| CERTA-2008-ALE-011 | Vulnérabilité dans Oracle BEA WebLogic Server | 2008-07-24T00:00:00.000000 | 2008-08-08T00:00:00.000000 |
| certa-2008-ale-011 | Vulnérabilité dans Oracle BEA WebLogic Server | 2008-07-24T00:00:00.000000 | 2008-08-08T00:00:00.000000 |
| CERTA-2008-ALE-012 | Vulnérabilité dans Microsoft Windows | 2008-10-10T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| certa-2008-ale-012 | Vulnérabilité dans Microsoft Windows | 2008-10-10T00:00:00.000000 | 2009-04-15T00:00:00.000000 |