Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0355 |
N/A
|
Local or remote users can force ControlIT 4.5 to … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.893Z |
| CVE-1999-0357 |
N/A
|
Windows 98 and other operating systems allows rem… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.899Z |
| CVE-1999-0362 |
N/A
|
WS_FTP server remote denial of service through cw… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.069Z |
| CVE-1999-0363 |
N/A
|
SuSE 5.2 PLP lpc program has a buffer overflow th… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.119Z |
| CVE-1999-0365 |
N/A
|
The metamail package allows remote command execut… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.099Z |
| CVE-1999-0366 |
N/A
|
In some cases, Service Pack 4 for Windows NT 4.0 … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.127Z |
| CVE-1999-0367 |
N/A
|
NetBSD netstat command allows local users to acce… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.886Z |
| CVE-1999-0368 |
N/A
|
Buffer overflows in wuarchive ftpd (wu-ftpd) and … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.941Z |
| CVE-1999-0369 |
N/A
|
The Sun sdtcm_convert calendar utility for OpenWi… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.102Z |
| CVE-1999-0371 |
N/A
|
Lynx allows a local user to overwrite sensitive f… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.961Z |
| CVE-1999-0372 |
N/A
|
The installer for BackOffice Server includes acco… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.089Z |
| CVE-1999-0373 |
N/A
|
Buffer overflow in the "Super" utility in Debian … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.034Z |
| CVE-1999-0374 |
N/A
|
Debian GNU/Linux cfengine package is susceptible … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.020Z |
| CVE-1999-0375 |
N/A
|
Buffer overflow in webd in Network Flight Recorde… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.160Z |
| CVE-1999-0376 |
N/A
|
Local users in Windows NT can obtain administrato… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.169Z |
| CVE-1999-0377 |
N/A
|
Process table attack in Unix systems allows a rem… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.942Z |
| CVE-1999-0379 |
N/A
|
Microsoft Taskpads allows remote web sites to exe… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.036Z |
| CVE-1999-0382 |
N/A
|
The screen saver in Windows NT does not verify th… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.882Z |
| CVE-1999-0383 |
N/A
|
ACC Tigris allows public access without a login. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.948Z |
| CVE-1999-0384 |
N/A
|
The Forms 2.0 ActiveX control (included with Visu… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.891Z |
| CVE-1999-0385 |
N/A
|
The LDAP bind function in Exchange 5.5 has a buff… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.137Z |
| CVE-1999-0386 |
N/A
|
Microsoft Personal Web Server and FrontPage Perso… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.942Z |
| CVE-1999-0388 |
N/A
|
DataLynx suGuard trusts the PATH environment vari… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.030Z |
| CVE-1999-0391 |
N/A
|
The cryptographic challenge of SMB authentication… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.955Z |
| CVE-1999-0392 |
N/A
|
Buffer overflow in Thomas Boutell's cgic library … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.030Z |
| CVE-1999-0396 |
N/A
|
A race condition between the select() and accept(… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.090Z |
| CVE-1999-0402 |
N/A
|
wget 1.5.3 follows symlinks to change permissions… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.088Z |
| CVE-1999-0404 |
N/A
|
Buffer overflow in the Mail-Max SMTP server for W… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.159Z |
| CVE-1999-0405 |
N/A
|
A buffer overflow in lsof allows local users to o… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.138Z |
| CVE-1999-0410 |
N/A
|
The cancel command in Solaris 2.6 (i386) has a bu… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.195Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0355 |
N/A
|
Local or remote users can force ControlIT 4.5 to … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.893Z |
| CVE-1999-0357 |
N/A
|
Windows 98 and other operating systems allows rem… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.899Z |
| CVE-1999-0362 |
N/A
|
WS_FTP server remote denial of service through cw… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.069Z |
| CVE-1999-0363 |
N/A
|
SuSE 5.2 PLP lpc program has a buffer overflow th… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.119Z |
| CVE-1999-0365 |
N/A
|
The metamail package allows remote command execut… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.099Z |
| CVE-1999-0366 |
N/A
|
In some cases, Service Pack 4 for Windows NT 4.0 … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.127Z |
| CVE-1999-0367 |
N/A
|
NetBSD netstat command allows local users to acce… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.886Z |
| CVE-1999-0368 |
N/A
|
Buffer overflows in wuarchive ftpd (wu-ftpd) and … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.941Z |
| CVE-1999-0369 |
N/A
|
The Sun sdtcm_convert calendar utility for OpenWi… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.102Z |
| CVE-1999-0371 |
N/A
|
Lynx allows a local user to overwrite sensitive f… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.961Z |
| CVE-1999-0372 |
N/A
|
The installer for BackOffice Server includes acco… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.089Z |
| CVE-1999-0373 |
N/A
|
Buffer overflow in the "Super" utility in Debian … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.034Z |
| CVE-1999-0374 |
N/A
|
Debian GNU/Linux cfengine package is susceptible … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.020Z |
| CVE-1999-0375 |
N/A
|
Buffer overflow in webd in Network Flight Recorde… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.160Z |
| CVE-1999-0376 |
N/A
|
Local users in Windows NT can obtain administrato… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.169Z |
| CVE-1999-0377 |
N/A
|
Process table attack in Unix systems allows a rem… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.942Z |
| CVE-1999-0379 |
N/A
|
Microsoft Taskpads allows remote web sites to exe… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.036Z |
| CVE-1999-0382 |
N/A
|
The screen saver in Windows NT does not verify th… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.882Z |
| CVE-1999-0383 |
N/A
|
ACC Tigris allows public access without a login. |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.948Z |
| CVE-1999-0384 |
N/A
|
The Forms 2.0 ActiveX control (included with Visu… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.891Z |
| CVE-1999-0385 |
N/A
|
The LDAP bind function in Exchange 5.5 has a buff… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.137Z |
| CVE-1999-0386 |
N/A
|
Microsoft Personal Web Server and FrontPage Perso… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.942Z |
| CVE-1999-0388 |
N/A
|
DataLynx suGuard trusts the PATH environment vari… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.030Z |
| CVE-1999-0391 |
N/A
|
The cryptographic challenge of SMB authentication… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:51.955Z |
| CVE-1999-0392 |
N/A
|
Buffer overflow in Thomas Boutell's cgic library … |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.030Z |
| CVE-1999-0396 |
N/A
|
A race condition between the select() and accept(… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.090Z |
| CVE-1999-0402 |
N/A
|
wget 1.5.3 follows symlinks to change permissions… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.088Z |
| CVE-1999-0404 |
N/A
|
Buffer overflow in the Mail-Max SMTP server for W… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.159Z |
| CVE-1999-0405 |
N/A
|
A buffer overflow in lsof allows local users to o… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:34:52.138Z |
| CVE-1999-0410 |
N/A
|
The cancel command in Solaris 2.6 (i386) has a bu… |
n/a |
n/a |
1999-09-29T04:00:00 | 2024-08-01T16:41:44.195Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-1999-0959 | IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | 1997-02-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1160 | Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain ro… | 1997-02-02T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1299 | rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of… | 1997-02-03T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0298 | ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and rem… | 1997-02-05T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0046 | Buffer overflow of rlogin program using TERM environmental variable. | 1997-02-06T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0228 | Denial of service in RPCSS.EXE program (RPC Locator) in Windows NT. | 1997-02-07T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0109 | Buffer overflow in ffbconfig in Solaris 2.5.1. | 1997-02-10T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0041 | Buffer overflow in NLS (Natural Language Service). | 1997-02-13T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0868 | ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it … | 1997-02-20T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0105 | finger allows recursive searches by using a long string of @ symbols. | 1997-03-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0106 | Finger redirection allows finger bombs. | 1997-03-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0165 | NFS cache poisoning. | 1997-03-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0318 | Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | 1997-03-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0612 | A version of finger is running that exposes valid user information to any entity on the network. | 1997-03-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1128 | Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary command… | 1997-03-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1489 | Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local user… | 1997-03-04T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0299 | Buffer overflow in FreeBSD lpd through long DNS hostnames. | 1997-03-05T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1408 | Vulnerability in AIX 4.1.4 and HP-UX 10.01 and 9.05 allows local users to cause a denial of service… | 1997-03-05T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1525 | Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly… | 1997-03-14T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0280 | Remote command execution in Microsoft Internet Explorer using .lnk and .url files. | 1997-04-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0292 | Denial of service through Winpopup using large user names. | 1997-04-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0315 | Buffer overflow in Solaris fdformat command gives root access to local users. | 1997-04-01T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1387 | Windows NT 4.0 SP2 allows remote attackers to cause a denial of service (crash), possibly via malfo… | 1997-04-02T05:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0042 | Buffer overflow in University of Washington's implementation of IMAP and POP servers. | 1997-04-07T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1298 | Sysinstall in FreeBSD 2.2.1 and earlier, when configuring anonymous FTP, creates the ftp user witho… | 1997-04-07T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0058 | Buffer overflow in PHP cgi program, php.cgi allows shell access. | 1997-04-17T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0149 | The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. … | 1997-04-19T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0038 | Buffer overflow in xlock program allows local users to execute commands as root. | 1997-04-26T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1296 | Buffer overflow in Kerberos IV compatibility libraries as used in Kerberos V allows local users to … | 1997-04-29T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0040 | Buffer overflow in Xt library of X Windowing System allows local users to execute commands with roo… | 1997-05-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-w7q9-xr2x-wh7x |
6.1 (3.1)
|
delayed_job_web Cross-site Scripting vulnerability | 2018-03-05T19:06:00Z | 2023-08-29T11:24:57Z |
| ghsa-6jqp-j69q-pm62 |
7.5 (3.1)
|
AWS Lambda parser is vulnerable to Regular Expression Denial of Service | 2018-03-05T19:16:56Z | 2022-04-25T22:28:16Z |
| ghsa-vqcm-7f7f-r539 |
7.8 (3.1)
|
brbackup exposes database password to unauthorized users | 2018-03-05T19:32:06Z | 2022-04-25T22:09:39Z |
| ghsa-8p2p-p8mg-x3cw |
5.3 (3.1)
|
Insight API transaction broadcast endpoint can result in Full Path Disclosure | 2018-03-05T19:33:54Z | 2022-04-25T22:32:08Z |
| ghsa-pxr8-w3jq-rcwj |
6.1 (3.1)
|
rails_admin ruby gem XSS | 2018-03-05T19:37:23Z | 2023-07-03T21:59:02Z |
| ghsa-h6rj-8r3c-9gpj |
9.8 (3.1)
|
bson is vulnerable to denial of service due to incorrect regex validation | 2018-03-05T19:43:21Z | 2022-04-25T22:38:49Z |
| ghsa-325j-24f4-qv5x |
5.9 (3.1)
|
Regular Expression Denial of Service in ssri | 2018-03-07T22:22:20Z | 2021-08-31T20:21:06Z |
| ghsa-688c-3x49-6rqj |
5.9 (3.1)
|
rack-protection gem timing attack vulnerability when validating CSRF token | 2018-03-07T22:22:22Z | 2023-08-29T15:23:28Z |
| ghsa-wpq7-q8j4-72jg |
8.8 (3.1)
|
Auth0-js bypasses CSRF checks | 2018-03-07T22:22:24Z | 2022-04-25T22:40:41Z |
| ghsa-6wpv-cj6x-v3jw |
5.9 (3.1)
|
http vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 2018-03-13T16:15:57Z | 2023-01-25T23:04:00Z |
| ghsa-82gw-pqf7-q3j2 |
8.8 (3.1)
|
pym.js CSRF Vulnerability | 2018-03-13T20:38:51Z | 2023-09-11T18:19:05Z |
| ghsa-7h42-5vj2-cq39 |
8.1 (3.1)
|
tiny-json-http missing SSL certificate validation | 2018-03-13T20:42:00Z | 2023-09-13T22:19:39Z |
| ghsa-hwhh-2fwm-cfgw |
6.1 (3.1)
|
Doorkeeper is vulnerable to stored XSS and code execution | 2018-03-13T20:44:48Z | 2022-04-26T17:36:10Z |
| ghsa-pcm6-g2qp-9gw8 |
7.8 (3.1)
|
Cap-Strap gem for Ruby places credentials on the useradd command line | 2018-03-16T01:13:46Z | 2023-07-03T23:45:19Z |
| ghsa-7f42-p84j-f58p |
7.5 (3.1)
|
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting | 2018-03-21T11:56:32Z | 2023-01-23T20:47:11Z |
| ghsa-x7rv-cr6v-4vm4 |
6.1 (3.1)
|
Cross-site Scripting in loofah | 2018-03-21T11:57:11Z | 2023-07-05T20:45:55Z |
| ghsa-8xwg-wv7v-4vqp |
8.1 (3.1)
|
Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration | 2018-03-26T16:41:17Z | 2023-09-13T19:06:52Z |
| ghsa-fjqr-fx3f-g4rv |
8.8 (3.1)
|
Electron protocol handler browser vulnerable to Command Injection | 2018-03-26T16:41:20Z | 2022-04-26T14:35:22Z |
| ghsa-882p-jqgm-f45g |
6.5 (3.1)
|
Uncontrolled resource consumption in nokogiri | 2018-04-13T16:17:46Z | 2023-05-04T19:56:39Z |
| ghsa-vpch-rxw3-fgx8 |
6.1 (3.1)
|
Cross-Site Scripting in @risingstack/protect | 2018-04-25T14:30:43Z | 2021-09-20T22:10:09Z |
| ghsa-jp4x-w63m-7wgm |
8.8 (3.1)
|
Prototype Pollution in hoek | 2018-04-26T15:25:17Z | 2025-05-29T22:49:49Z |
| ghsa-px3r-jm9g-c8w8 |
6.1 (3.1)
|
rails-html-sanitizer Cross-site Scripting vulnerability | 2018-04-26T15:41:10Z | 2023-03-01T18:54:07Z |
| ghsa-gvpx-9459-w3mj |
6.1 (3.1)
|
Cross-Site Scripting in @ckeditor/ckeditor5-link | 2018-05-23T20:37:46Z | 2021-09-13T13:35:54Z |
| ghsa-mq35-wqvf-r23c |
6.1 (3.1)
|
Sinatra Cross-site Scripting vulnerability | 2018-06-05T21:32:06Z | 2023-01-23T21:24:55Z |
| ghsa-3pxp-6963-46r9 |
9.8 (3.1)
|
Command Injection in pdfinfojs | 2018-06-07T19:43:00Z | 2023-01-31T01:38:38Z |
| ghsa-4662-j96g-mv46 |
|
Arbitrary Code Injection in reduce-css-calc | 2018-06-07T19:43:06Z | 2020-08-31T18:12:20Z |
| ghsa-vwjc-q9px-r9vq |
|
Denial of Service in ecstatic | 2018-06-07T19:43:11Z | 2023-05-22T15:35:11Z |
| ghsa-rc8h-3fv6-pxv8 |
|
Denial of Service in hapi | 2018-06-07T19:43:15Z | 2020-08-31T18:09:46Z |
| ghsa-39pj-gq8q-9pfj |
7.5 (3.1)
|
Authentication Weakness in keystone | 2018-06-07T19:43:20Z | 2021-08-31T20:54:56Z |
| ghsa-vwrf-r5r4-7775 |
|
Incorrect handling of CORS preflight request headers in hapi | 2018-06-07T19:43:25Z | 2020-08-31T18:09:06Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2014-100 |
|
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNT… | freeipa | 2014-05-29T14:19:00Z | 2024-11-21T14:22:50.537629Z |
| pysec-2014-103 |
|
The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNT… | ipa | 2014-05-29T14:19:00Z | 2024-11-21T14:22:51.957056Z |
| pysec-2014-89 |
|
python-gnupg before 0.3.5 allows context-dependent attackers to execute arbitrary command… | python-gnupg | 2014-06-09T19:55:00Z | 2021-08-27T03:22:18.100904Z |
| pysec-2014-78 |
|
Cross-site scripting (XSS) vulnerability in util/templatetags/djblets_js.py in Djblets be… | djblets | 2014-06-16T18:55:00Z | 2021-08-27T03:22:03.219875Z |
| pysec-2014-79 |
|
Cross-site scripting (XSS) vulnerability in gravatars/templatetags/gravatars.py in Djblet… | djblets | 2014-06-16T18:55:00Z | 2021-08-27T03:22:03.303468Z |
| pysec-2014-99 |
|
Multiple cross-site scripting (XSS) vulnerabilities in the respond_error function in rout… | ajenti | 2014-06-18T14:55:00Z | 2021-12-13T06:35:03.086455Z |
| pysec-2014-114 |
|
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows rem… | ntopng | 2014-06-19T10:50:00Z | 2024-11-21T14:22:57.09034Z |
| pysec-2014-21 |
|
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket re… | ipython | 2014-08-07T11:13:00Z | 2021-11-10T21:26:51.333186Z |
| pysec-2014-18 |
|
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local… | salt | 2014-08-22T17:55:00Z | 2021-07-05T00:01:26.140564Z |
| pysec-2014-10 |
|
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x … | pillow | 2014-08-25T14:55:00Z | 2021-07-05T00:01:23.718339Z |
| pysec-2014-107 |
|
The MySQL token driver in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Ju… | keystone | 2014-08-25T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-108 |
|
The V3 API in OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Ju… | keystone | 2014-08-25T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-109 |
|
OpenStack Identity (Keystone) 2014.1.x before 2014.1.2.1 and Juno before Juno-3 does not … | keystone | 2014-08-25T14:55:00Z | 2024-11-25T18:35:18.357593Z |
| pysec-2014-4 |
|
The core.urlresolvers.reverse function in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x… | django | 2014-08-26T14:55:00Z | 2021-07-05T00:01:18.862505Z |
| pysec-2014-5 |
|
The default configuration for the file upload handling system in Django before 1.4.14, 1.… | django | 2014-08-26T14:55:00Z | 2021-07-05T00:01:18.973883Z |
| pysec-2014-6 |
|
The contrib.auth.middleware.RemoteUserMiddleware middleware in Django before 1.4.14, 1.5.… | django | 2014-08-26T14:55:00Z | 2021-07-05T00:01:19.085708Z |
| pysec-2014-7 |
|
The administrative interface (contrib.admin) in Django before 1.4.14, 1.5.x before 1.5.9,… | django | 2014-08-26T14:55:00Z | 2021-07-05T00:01:19.203370Z |
| pysec-2014-115 |
|
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using… | portage | 2014-09-29T22:55:00Z | 2024-11-21T14:22:59.10272Z |
| pysec-2014-27 |
|
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers … | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:28.919312Z |
| pysec-2014-28 |
|
ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3… | plone | 2014-09-30T14:55:00Z | 2021-07-25T23:34:43.396566Z |
| pysec-2014-29 |
|
The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before b… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.087946Z |
| pysec-2014-30 |
|
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to … | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.194034Z |
| pysec-2014-31 |
|
The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 3.13… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.299631Z |
| pysec-2014-32 |
|
Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 bef… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.407022Z |
| pysec-2014-33 |
|
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.513262Z |
| pysec-2014-34 |
|
uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obt… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.620104Z |
| pysec-2014-35 |
|
gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users wit… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.732595Z |
| pysec-2014-36 |
|
Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4… | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.835907Z |
| pysec-2014-37 |
|
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to … | plone | 2014-09-30T14:55:00Z | 2021-09-01T08:44:29.952455Z |
| pysec-2014-38 |
|
kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial … | plone | 2014-09-30T14:55:00Z | 2021-07-25T23:34:44.340105Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-390 | Malicious code in @logistics-frontend/blocks (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:58Z |
| mal-2022-391 | Malicious code in @logistics-frontend/client-core (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:55Z |
| mal-2022-398 | Malicious code in @logistics-frontend/ui-old (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:55Z |
| mal-2022-399 | Malicious code in @logistics-frontend/utils (npm) | 2022-05-31T12:55:54Z | 2022-05-31T12:55:55Z |
| MAL-2022-392 | Malicious code in @logistics-frontend/core (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| MAL-2022-393 | Malicious code in @logistics-frontend/hooks (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| MAL-2022-394 | Malicious code in @logistics-frontend/modules (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:56:04Z |
| MAL-2022-395 | Malicious code in @logistics-frontend/ndd (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:56:03Z |
| MAL-2022-396 | Malicious code in @logistics-frontend/polyfills (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| MAL-2022-397 | Malicious code in @logistics-frontend/types (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| mal-2022-392 | Malicious code in @logistics-frontend/core (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| mal-2022-393 | Malicious code in @logistics-frontend/hooks (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| mal-2022-394 | Malicious code in @logistics-frontend/modules (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:56:04Z |
| mal-2022-395 | Malicious code in @logistics-frontend/ndd (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:56:03Z |
| mal-2022-396 | Malicious code in @logistics-frontend/polyfills (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| mal-2022-397 | Malicious code in @logistics-frontend/types (npm) | 2022-05-31T12:55:55Z | 2022-05-31T12:55:55Z |
| MAL-2022-6965 | Malicious code in volgactf (npm) | 2022-05-31T12:57:01Z | 2022-05-31T12:57:02Z |
| MAL-2022-961 | Malicious code in amber-blocks (npm) | 2022-05-31T12:57:01Z | 2022-05-31T12:57:02Z |
| mal-2022-6965 | Malicious code in volgactf (npm) | 2022-05-31T12:57:01Z | 2022-05-31T12:57:02Z |
| mal-2022-961 | Malicious code in amber-blocks (npm) | 2022-05-31T12:57:01Z | 2022-05-31T12:57:02Z |
| MAL-2022-2180 | Malicious code in coolqueue.io (npm) | 2022-05-31T12:58:09Z | 2022-05-31T12:58:09Z |
| MAL-2022-3074 | Malicious code in flipper-frontend-core (npm) | 2022-05-31T12:58:09Z | 2022-10-17T19:22:03Z |
| MAL-2022-5680 | Malicious code in react-video-live-demo (npm) | 2022-05-31T12:58:09Z | 2022-05-31T12:58:10Z |
| mal-2022-2180 | Malicious code in coolqueue.io (npm) | 2022-05-31T12:58:09Z | 2022-05-31T12:58:09Z |
| mal-2022-3074 | Malicious code in flipper-frontend-core (npm) | 2022-05-31T12:58:09Z | 2022-10-17T19:22:03Z |
| mal-2022-5680 | Malicious code in react-video-live-demo (npm) | 2022-05-31T12:58:09Z | 2022-05-31T12:58:10Z |
| MAL-2022-666 | Malicious code in @tr-digital/react-rehydrate (npm) | 2022-05-31T12:58:42Z | 2022-05-31T12:58:42Z |
| mal-2022-666 | Malicious code in @tr-digital/react-rehydrate (npm) | 2022-05-31T12:58:42Z | 2022-05-31T12:58:42Z |
| MAL-2022-5942 | Malicious code in sb1-adobe-analytics (npm) | 2022-05-31T13:00:07Z | 2022-05-31T13:00:09Z |
| mal-2022-5942 | Malicious code in sb1-adobe-analytics (npm) | 2022-05-31T13:00:07Z | 2022-05-31T13:00:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-0876 | RPM: Schwachstelle ermöglicht Privilegieneskalation | 2017-11-23T23:00:00.000+00:00 | 2024-04-11T22:00:00.000+00:00 |
| wid-sec-w-2023-0891 | cURL: Mehrere Schwachstellen | 2017-11-29T23:00:00.000+00:00 | 2023-07-04T22:00:00.000+00:00 |
| wid-sec-w-2025-0961 | libTIFF: Schwachstelle ermöglicht Codeausführung | 2017-12-03T23:00:00.000+00:00 | 2025-05-07T22:00:00.000+00:00 |
| wid-sec-w-2024-2010 | QEMU: Schwachstelle ermöglicht Denial of Service | 2017-12-05T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2024-0205 | OpenSSL: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2017-12-07T23:00:00.000+00:00 | 2024-01-25T23:00:00.000+00:00 |
| wid-sec-w-2023-0821 | Intel Graphic Driver: Schwachstelle ermöglicht Privilegieneskalation | 2017-12-12T23:00:00.000+00:00 | 2023-04-02T22:00:00.000+00:00 |
| wid-sec-w-2023-0526 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2018-01-02T23:00:00.000+00:00 | 2023-02-28T23:00:00.000+00:00 |
| wid-sec-w-2023-0103 | Meltdown und Spectre: Mehrere Schwachstellen | 2018-01-03T23:00:00.000+00:00 | 2025-02-16T23:00:00.000+00:00 |
| wid-sec-w-2023-2156 | ImageMagick: Schwachstelle ermöglicht Denial of Service | 2018-01-03T23:00:00.000+00:00 | 2024-03-19T23:00:00.000+00:00 |
| wid-sec-w-2022-1478 | GNU libc: Mehrere Schwachstellen | 2018-01-14T23:00:00.000+00:00 | 2024-05-02T22:00:00.000+00:00 |
| wid-sec-w-2023-0769 | GraphicsMagick: Schwachstelle ermöglicht Denial of Service | 2018-01-14T23:00:00.000+00:00 | 2023-03-27T22:00:00.000+00:00 |
| wid-sec-w-2024-2009 | QEMU: Mehrere Schwachstellen ermöglichen Denial of Service | 2018-01-15T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2024-0991 | PHP: Schwachstelle ermöglicht Cross-Site Scripting | 2018-01-16T23:00:00.000+00:00 | 2024-12-01T23:00:00.000+00:00 |
| wid-sec-w-2024-2008 | Oracle Virtualization: Mehrere Schwachstellen | 2018-01-16T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2025-1192 | Internet Systems Consortium BIND9: Schwachstelle ermöglicht Denial of Service | 2018-01-16T23:00:00.000+00:00 | 2025-05-29T22:00:00.000+00:00 |
| wid-sec-w-2024-2007 | QEMU: Schwachstelle ermöglicht Denial of Service | 2018-01-21T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2023-0890 | libcurl: Mehrere Schwachstellen | 2018-01-24T23:00:00.000+00:00 | 2023-07-04T22:00:00.000+00:00 |
| wid-sec-w-2024-0990 | PHP: Schwachstelle ermöglicht Denial of Service | 2018-01-25T23:00:00.000+00:00 | 2024-04-29T22:00:00.000+00:00 |
| wid-sec-w-2025-0245 | Dovecot: Schwachstelle ermöglicht Denial of Service | 2018-01-25T23:00:00.000+00:00 | 2025-02-02T23:00:00.000+00:00 |
| wid-sec-w-2024-2213 | quagga: Mehrere Schwachstellen | 2018-02-15T23:00:00.000+00:00 | 2024-09-24T22:00:00.000+00:00 |
| wid-sec-w-2025-0498 | python-crypto: Schwachstelle ermöglicht Offenlegung von Informationen | 2018-02-15T23:00:00.000+00:00 | 2025-03-06T23:00:00.000+00:00 |
| wid-sec-w-2024-2212 | xpdf: Mehrere Schwachstellen ermöglichen Denial of Service | 2018-02-25T23:00:00.000+00:00 | 2024-09-24T22:00:00.000+00:00 |
| wid-sec-w-2023-0525 | Internet Systems Consortium DHCP: Mehrere Schwachstellen | 2018-02-28T23:00:00.000+00:00 | 2023-02-28T23:00:00.000+00:00 |
| wid-sec-w-2025-0244 | Dovecot: Mehrere Schwachstellen ermöglichen Denial of Service | 2018-03-05T23:00:00.000+00:00 | 2025-02-02T23:00:00.000+00:00 |
| wid-sec-w-2022-0309 | Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2018-03-08T23:00:00.000+00:00 | 2023-02-15T23:00:00.000+00:00 |
| wid-sec-w-2024-2006 | QEMU: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode | 2018-03-08T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2024-2005 | QEMU: Schwachstelle ermöglicht Denial of Service | 2018-03-11T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2023-1644 | cURL: Mehrere Schwachstellen | 2018-03-13T23:00:00.000+00:00 | 2024-04-10T22:00:00.000+00:00 |
| wid-sec-w-2023-0768 | GraphicsMagick: Schwachstelle ermöglicht Denial of Service | 2018-03-25T22:00:00.000+00:00 | 2023-03-27T22:00:00.000+00:00 |
| wid-sec-w-2023-2155 | ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service | 2018-03-26T22:00:00.000+00:00 | 2024-03-19T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2024-0457 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2024-11-20T10:01:35.437557Z | 2024-11-20T10:01:35.437557Z |
| ncsc-2024-0458 | Kwetsbaarheden ontdekt in Veritas Enterprise Vault | 2024-11-25T09:04:34.013551Z | 2024-11-25T09:04:34.013551Z |
| ncsc-2024-0459 | Kwetsbaarheden verholpen in VMware Aria Operations | 2024-11-26T13:25:37.944485Z | 2024-11-26T13:25:37.944485Z |
| ncsc-2024-0460 | Kwetsbaarheid verholpen in Zabbix | 2024-11-28T14:24:11.654121Z | 2024-11-28T14:24:11.654121Z |
| ncsc-2024-0461 | Kwetsbaarheden verholpen in IBM Security Verify Access Appliance | 2024-12-02T10:55:14.978137Z | 2024-12-02T10:55:14.978137Z |
| ncsc-2024-0462 | Kwetsbaarheden verholpen in Zabbix | 2024-12-02T12:51:47.361749Z | 2024-12-02T12:51:47.361749Z |
| ncsc-2024-0463 | Kwetsbaarheden verholpen in Veeam Backup & Replication | 2024-12-06T11:47:19.699742Z | 2024-12-06T11:47:19.699742Z |
| ncsc-2024-0464 | Kwetsbaarheden verholpen in SonicWall SMA100 SSLVPN | 2024-12-06T11:48:08.461746Z | 2024-12-06T11:48:08.461746Z |
| ncsc-2024-0465 | Kwetsbaarheden verholpen in ABB ASPECT, NEXUS Series en MATRIX Series | 2024-12-06T11:49:21.695542Z | 2024-12-06T11:49:21.695542Z |
| ncsc-2024-0466 | Kwetsbaarheden verholpen in Atlassian producten | 2024-12-06T13:05:55.904619Z | 2024-12-06T13:05:55.904619Z |
| ncsc-2024-0467 | Kwetsbaarheden verholpen in QNAP besturingssystemen | 2024-12-09T13:36:33.362104Z | 2024-12-09T13:36:33.362104Z |
| ncsc-2024-0468 | Kwetsbaarheden verholpen in Mitel MiCollab | 2024-12-09T13:37:33.039167Z | 2024-12-09T13:37:33.039167Z |
| ncsc-2024-0469 | Kwetsbaarheden verholpen in Qlik Sense Enterprise voor Windows | 2024-12-09T13:38:50.887753Z | 2024-12-09T13:38:50.887753Z |
| ncsc-2024-0470 | Kwetsbaarheden verholpen in Microsoft Windows | 2024-12-10T19:32:38.846024Z | 2025-01-06T07:30:29.655717Z |
| ncsc-2024-0471 | Kwetsbaarheden verholpen in Microsoft Office | 2024-12-10T19:33:29.415423Z | 2024-12-10T19:33:29.415423Z |
| ncsc-2024-0472 | Kwetsbaarheden verholpen in SAP producten | 2024-12-10T19:34:10.105945Z | 2024-12-10T19:34:10.105945Z |
| ncsc-2024-0473 | Kwetsbaarheden verholpen in Siemens producten | 2024-12-10T19:34:53.515240Z | 2024-12-10T19:34:53.515240Z |
| ncsc-2024-0474 | Kwetsbaarheden verholpen in Drupal Core | 2024-12-10T19:35:37.345875Z | 2024-12-10T19:35:37.345875Z |
| ncsc-2024-0475 | Kwetsbaarheid verholpen in Adobe Framemaker | 2024-12-11T08:06:34.387394Z | 2024-12-11T08:06:34.387394Z |
| ncsc-2024-0476 | Kwetsbaarheid verholpen in Adobe Premiere Pro | 2024-12-11T08:12:35.655333Z | 2024-12-11T08:12:35.655333Z |
| ncsc-2024-0477 | Kwetsbaarheid verholpen in Adobe Photoshop | 2024-12-11T08:17:46.923581Z | 2024-12-11T08:17:46.923581Z |
| ncsc-2024-0478 | Kwetsbaarheden verholpen in Adobe InDesign Desktop | 2024-12-11T08:20:20.778758Z | 2024-12-11T08:20:20.778758Z |
| ncsc-2024-0479 | Kwetsbaarheden verholpen in Animate | 2024-12-11T08:31:02.174506Z | 2024-12-11T08:31:02.174506Z |
| ncsc-2024-0480 | Kwetsbaarheid verholpen in Adobe After Effects | 2024-12-11T08:34:49.812349Z | 2024-12-11T08:34:49.812349Z |
| ncsc-2024-0481 | Kwetsbaarheden verholpen in Adobe Illustrator | 2024-12-11T08:37:21.228987Z | 2024-12-11T08:37:21.228987Z |
| ncsc-2024-0482 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2024-12-11T08:42:21.663200Z | 2024-12-11T08:42:21.663200Z |
| ncsc-2024-0483 | Kwetsbaarheden verholpen in Adobe Connect | 2024-12-11T08:46:09.788540Z | 2024-12-11T08:46:09.788540Z |
| ncsc-2024-0484 | Kwetsbaarheden verholpen in Ivanti Connect Secure en Policy Secure | 2024-12-11T08:50:15.463062Z | 2025-01-08T11:00:21.273985Z |
| ncsc-2024-0485 | Kwetsbaarheid verholpen in Splunk Enterprise | 2024-12-11T08:53:56.285002Z | 2024-12-11T08:53:56.285002Z |
| ncsc-2024-0486 | Kwetsbaarheden verholpen in Ivanti Cloud Security Appliance | 2024-12-11T08:58:00.974296Z | 2024-12-11T08:58:00.974296Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-626968 | SSA-626968: Multiple Webserver Vulnerabilities in Desigo PXC and DXR Devices | 2022-05-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-662649 | SSA-662649: Denial of Service Vulnerability in Desigo DXR and PXC Controllers | 2022-05-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-732250 | SSA-732250: Libcurl Vulnerabilities in Industrial Devices | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-736385 | SSA-736385: Memory Corruption Vulnerability in OpenV2G | 2022-05-10T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-789162 | SSA-789162: Vulnerabilities in Teamcenter | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-145224 | SSA-145224: Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-220589 | SSA-220589: Hard Coded Default Credential Vulnerability in Teamcenter | 2022-06-14T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-222547 | SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-330556 | SSA-330556: PwnKit Vulnerability in SCALANCE LPE9403 and SINUMERIK Edge Products (CVE-2021-4034) | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-388239 | SSA-388239: Default Password Leakage affecting the Component Shared HIS used in Spectrum Power Systems | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-401167 | SSA-401167: Cross-site scripting Vulnerability in Teamcenter Active Workspace | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-484086 | SSA-484086: Multiple Vulnerabilities in SINEMA Remote Connect Server before V3.1 | 2022-06-14T00:00:00Z | 2024-07-09T00:00:00Z |
| ssa-631336 | SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 | 2022-06-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-685781 | SSA-685781: Multiple Vulnerabilities in Apache HTTP Server Affecting Siemens Products | 2022-06-14T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-693555 | SSA-693555: Memory Corruption Vulnerability in EN100 Ethernet Module | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-712929 | SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products | 2022-06-14T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-740594 | SSA-740594: Privilege Escalation Vulnerability in Mendix SAML Module | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-911567 | SSA-911567: Missing HTTP headers in SINEMA Remote Connect Server before V3.0 SP2 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-988345 | SSA-988345: Local Privilege Escalation Vulnerability in Xpedition Designer | 2022-06-14T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-111512 | SSA-111512: Client-side Authentication in SIMATIC WinCC OA | 2022-06-21T00:00:00Z | 2022-06-21T00:00:00Z |
| ssa-225578 | SSA-225578: Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3 | 2022-07-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-243317 | SSA-243317 File Parsing Vulnerability in Simcenter Femap and Parasolid | 2022-07-12T00:00:00Z | 2022-09-13T00:00:00Z |
| ssa-310038 | SSA-310038: Multiple Vulnerabilities in SCALANCE X Switch Devices | 2022-07-12T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-348662 | SSA-348662: Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3 | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-433782 | SSA-433782: Improper Access Control Vulnerability in Mendix | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-439148 | SSA-439148: File Parsing Vulnerabilities in PADS Standard/Plus Viewer | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-474231 | SSA-474231: File Parsing Vulnerability in Simcenter Femap before V2022.2 | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-491621 | SSA-491621: Denial of Service Vulnerability in CPC80 Firmware of SICAM A8000 Devices | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-492173 | SSA-492173: Expression Injection Vulnerability in Mendix Applications | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-517377 | SSA-517377: Multiple Vulnerabilities in the SRCS VPN Feature in SIMATIC CP Devices | 2022-07-12T00:00:00Z | 2023-03-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2003:001 | Red Hat Security Advisory: : Updated PostgreSQL packages fix security issues and bugs | 2003-01-14T22:22:00+00:00 | 2025-11-21T17:25:20+00:00 |
| rhsa-2003_001 | Red Hat Security Advisory: : Updated PostgreSQL packages fix security issues and bugs | 2003-01-14T22:22:00+00:00 | 2024-11-21T22:35:31+00:00 |
| rhsa-2003:010 | Red Hat Security Advisory: : Updated PostgreSQL packages fix buffer overrun vulnerabilities | 2003-01-14T22:40:00+00:00 | 2025-11-21T17:25:22+00:00 |
| rhsa-2003_010 | Red Hat Security Advisory: : Updated PostgreSQL packages fix buffer overrun vulnerabilities | 2003-01-14T22:40:00+00:00 | 2024-11-21T22:35:34+00:00 |
| rhsa-2002:312 | Red Hat Security Advisory: openldap security update | 2003-01-15T08:35:00+00:00 | 2025-11-21T17:25:20+00:00 |
| rhsa-2002_312 | Red Hat Security Advisory: openldap security update | 2003-01-15T08:35:00+00:00 | 2024-11-21T22:34:42+00:00 |
| rhsa-2002:288 | Red Hat Security Advisory: : Updated MySQL packages fix various security issues | 2003-01-15T19:23:00+00:00 | 2025-11-21T17:25:16+00:00 |
| rhsa-2002_288 | Red Hat Security Advisory: : Updated MySQL packages fix various security issues | 2003-01-15T19:23:00+00:00 | 2024-11-21T22:33:25+00:00 |
| rhsa-2002:297 | Red Hat Security Advisory: : : : Updated vim packages fix modeline vulnerability | 2003-01-16T14:32:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002_297 | Red Hat Security Advisory: : : : Updated vim packages fix modeline vulnerability | 2003-01-16T14:32:00+00:00 | 2024-11-21T22:34:50+00:00 |
| rhsa-2002:287 | Red Hat Security Advisory: vnc security update | 2003-01-16T15:46:00+00:00 | 2025-11-21T17:25:15+00:00 |
| rhsa-2002_287 | Red Hat Security Advisory: vnc security update | 2003-01-16T15:46:00+00:00 | 2024-11-21T22:33:04+00:00 |
| rhsa-2003:013 | Red Hat Security Advisory: cvs security update | 2003-01-20T21:19:00+00:00 | 2025-11-21T17:25:24+00:00 |
| rhsa-2003_013 | Red Hat Security Advisory: cvs security update | 2003-01-20T21:19:00+00:00 | 2024-11-21T22:36:26+00:00 |
| rhsa-2003:012 | Red Hat Security Advisory: : : : Updated CVS packages available | 2003-01-20T21:24:00+00:00 | 2025-11-21T17:25:23+00:00 |
| rhsa-2003_012 | Red Hat Security Advisory: : : : Updated CVS packages available | 2003-01-20T21:24:00+00:00 | 2024-11-21T22:36:22+00:00 |
| rhsa-2002:301 | Red Hat Security Advisory: postgresql security update | 2003-01-22T18:36:00+00:00 | 2025-11-21T17:25:19+00:00 |
| rhsa-2002_301 | Red Hat Security Advisory: postgresql security update | 2003-01-22T18:36:00+00:00 | 2024-11-21T22:35:27+00:00 |
| rhsa-2003:021 | Red Hat Security Advisory: krb5 security update | 2003-01-28T13:12:00+00:00 | 2025-11-21T17:25:25+00:00 |
| rhsa-2003_021 | Red Hat Security Advisory: krb5 security update | 2003-01-28T13:12:00+00:00 | 2024-11-21T22:36:54+00:00 |
| rhsa-2003:007 | Red Hat Security Advisory: libpng security update | 2003-01-29T15:31:00+00:00 | 2025-11-21T17:25:22+00:00 |
| rhsa-2003_007 | Red Hat Security Advisory: libpng security update | 2003-01-29T15:31:00+00:00 | 2024-11-21T22:36:18+00:00 |
| rhsa-2002:291 | Red Hat Security Advisory: ethereal security update | 2003-01-29T15:32:00+00:00 | 2025-11-21T17:25:17+00:00 |
| rhsa-2002_291 | Red Hat Security Advisory: ethereal security update | 2003-01-29T15:32:00+00:00 | 2024-11-21T22:33:50+00:00 |
| rhsa-2002:302 | Red Hat Security Advisory: vim security update | 2003-01-29T15:33:00+00:00 | 2025-11-21T17:25:19+00:00 |
| rhsa-2002_302 | Red Hat Security Advisory: vim security update | 2003-01-29T15:33:00+00:00 | 2024-11-21T22:34:54+00:00 |
| rhsa-2002:259 | Red Hat Security Advisory: sendmail security update | 2003-01-30T19:28:00+00:00 | 2025-11-21T17:25:14+00:00 |
| rhsa-2002_259 | Red Hat Security Advisory: sendmail security update | 2003-01-30T19:28:00+00:00 | 2024-11-21T22:31:52+00:00 |
| rhsa-2002:307 | Red Hat Security Advisory: xpdf security update | 2003-01-30T19:29:00+00:00 | 2025-11-21T17:25:19+00:00 |
| rhsa-2002_307 | Red Hat Security Advisory: xpdf security update | 2003-01-30T19:29:00+00:00 | 2024-11-21T22:34:25+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-14-189-02 | Innominate mGuard Unauthorized Leakage of System Data | 2014-04-10T06:00:00.000000Z | 2025-06-06T22:45:43.410774Z |
| icsa-14-196-01 | SubSTATION Server Telegyr 8979 Master Vulnerabilities | 2014-04-17T06:00:00.000000Z | 2025-06-06T22:45:50.215260Z |
| icsa-14-198-01 | Cogent DataHub Code Injection Vulnerability | 2014-04-19T06:00:00.000000Z | 2025-06-06T22:45:56.681631Z |
| icsa-14-198-02 | Advantech WebAccess Vulnerabilities | 2014-04-19T06:00:00.000000Z | 2025-06-06T22:46:03.132898Z |
| icsa-14-202-01a | OleumTech WIO Family Vulnerabilities | 2014-04-23T06:00:00.000000Z | 2025-06-06T18:45:43.946744Z |
| icsa-14-203-01 | Omron NS Series HMI Vulnerabilities | 2014-04-24T06:00:00.000000Z | 2025-06-06T22:46:35.467432Z |
| icsa-14-205-01 | Morpho Itemiser 3 Hard-Coded Credential | 2014-04-26T06:00:00.000000Z | 2025-06-06T18:46:03.252742Z |
| icsa-14-205-02a | Siemens SIMATIC WinCC Vulnerabilities (Update A) | 2014-04-26T06:00:00.000000Z | 2025-06-12T18:44:31.147692Z |
| icsa-14-224-01 | Ecava Integraxor SCADA Server Vulnerabilities | 2014-05-15T06:00:00.000000Z | 2025-06-06T22:47:21.277370Z |
| icsa-14-226-01 | Siemens SIMATIC S7-1500 CPU Denial of Service | 2014-05-17T06:00:00.000000Z | 2025-06-06T22:47:47.106108Z |
| icsa-14-238-01 | CG Automation Improper Input Validation | 2014-05-29T06:00:00.000000Z | 2025-06-06T22:47:53.555337Z |
| icsa-14-238-02 | Schneider Electric Wonderware Vulnerabilities | 2014-05-29T06:00:00.000000Z | 2025-06-06T18:46:09.707282Z |
| icsa-14-247-01a | Sensys Networks Traffic Sensor Vulnerabilities (Update A) | 2014-06-07T06:00:00.000000Z | 2025-06-06T22:48:06.463498Z |
| icsa-14-254-01 | Schneider Electric VAMPSET Buffer Overflow | 2014-06-14T06:00:00.000000Z | 2025-06-06T22:48:19.541393Z |
| icsa-14-254-02 | Rockwell Micrologix 1400 DNP3 DOS Vulnerability | 2014-06-14T06:00:00.000000Z | 2025-06-06T22:48:25.978305Z |
| icsa-14-259-01a | Schneider Electric SCADA Expert ClearSCADA Vulnerabilities (Update A) | 2014-06-19T06:00:00.000000Z | 2025-06-06T22:48:32.407633Z |
| icsa-14-260-01a | Yokogawa CENTUM and Exaopc Vulnerability (Update A) | 2014-06-20T06:00:00.000000Z | 2025-06-06T22:48:51.805857Z |
| icsa-14-261-01 | Advantech WebAccess Vulnerabilities | 2014-06-21T06:00:00.000000Z | 2025-06-06T22:48:58.295004Z |
| icsa-14-269-01a | Bash Command Injection Vulnerability | 2014-06-29T06:00:00.000000Z | 2025-06-06T18:46:41.883464Z |
| icsa-14-269-02 | Fox DataDiode Proxy Server CSRF Vulnerability | 2014-06-29T06:00:00.000000Z | 2025-06-06T22:49:50.228012Z |
| icsa-14-273-01 | SchneiderWEB Server Directory Traversal Vulnerability | 2014-07-03T06:00:00.000000Z | 2025-06-06T18:46:48.565481Z |
| icsa-14-275-01 | Meinberg Radio Clocks LANTIME M-Series XSS | 2014-07-05T06:00:00.000000Z | 2025-06-06T22:49:56.704328Z |
| icsa-14-275-02 | Accuenergy Acuvim II Authentication Vulnerabilities | 2014-07-05T06:00:00.000000Z | 2025-06-06T22:50:03.174225Z |
| icsa-14-287-01 | GE Proficy HMI/SCADA DNP3 Driver Input Validation | 2014-07-17T06:00:00.000000Z | 2025-06-06T22:50:16.095529Z |
| icsa-14-288-01 | CareFusion Pyxis SupplyStation System Vulnerabilities | 2014-07-18T06:00:00.000000Z | 2025-06-06T22:50:22.557418Z |
| icsa-14-289-01 | IOServer Resource Exhaustion Vulnerability | 2014-07-19T06:00:00.000000Z | 2025-06-06T22:50:48.380867Z |
| icsa-14-289-02 | GE Proficy HMI/SCADA CIMPLICITY CimView Memory Access Violation | 2014-07-19T06:00:00.000000Z | 2025-06-06T22:50:54.817836Z |
| icsa-14-294-01 | Rockwell Automation Connected Components Workbench ActiveX Component Vulnerabilities | 2014-07-24T06:00:00.000000Z | 2025-06-06T22:51:01.469791Z |
| icsa-14-303-01 | Nordex NC2 XSS Vulnerability | 2014-08-02T06:00:00.000000Z | 2025-06-06T22:51:07.945182Z |
| icsa-14-303-02 | Elipse SCADA DNP3 Denial of Service | 2014-08-02T06:00:00.000000Z | 2025-06-06T22:51:14.375678Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20180606-prime-bypass | Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-prime-escalation | Cisco Prime Collaboration Provisioning Access Control Deficiency in Batch Function Privilege Escalation Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-prime-password-recovery | Cisco Prime Collaboration Provisioning Unauthorized Password Recovery Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-prime-password-reset | Cisco Prime Collaboration Provisioning Unauthorized Password Reset Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-prime-rmi | Cisco Prime Collaboration Provisioning Unauthenticated Remote Method Invocation Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-prime-sql | Cisco Prime Collaboration Provisioning SQL Injection Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-ucm-xss | Cisco Unified Communications Manager Cross-Site Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-ucs-access | Cisco Unified Computing System Role-Based Access Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-ucsdimcs | Cisco Integrated Management Controller Supervisor and Cisco UCS Director DOM Stored Cross-Site Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-waas-priv-escalation | Cisco Wide Area Application Services Software Scripts Privilege Escalation Vulnerability | 2018-06-06T16:00:00+00:00 | 2019-01-24T17:17:00+00:00 |
| cisco-sa-20180606-waas-snmp | Cisco Wide Area Application Services Software Static SNMP Credentials Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-webex-xss | Cisco WebEx Cross-Site Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-06T16:00:00+00:00 |
| cisco-sa-20180606-webex-xss1 | Cisco WebEx Cross-Site Scripting Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-11T20:47:00+00:00 |
| cisco-sa-20180606-wsa | Cisco Web Security Appliance Layer 4 Traffic Monitor Security Bypass Vulnerability | 2018-06-06T16:00:00+00:00 | 2018-06-08T14:26:00+00:00 |
| cisco-sa-20180620-anyconnect-dos | Cisco AnyConnect Secure Mobility Client for Windows Desktop Denial of Service Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-06-20T16:00:00+00:00 |
| cisco-sa-20180620-cms-sf | Cisco Meeting Server Session Fixation Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-06-20T16:00:00+00:00 |
| cisco-sa-20180620-encs-ucs-bios-auth-bypass | Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers BIOS Authentication Bypass Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T20:41:00+00:00 |
| cisco-sa-20180620-firepower-csrf | Cisco Firepower Management Center Cross-Site Request Forgery Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-06-20T16:00:00+00:00 |
| cisco-sa-20180620-firepwr-pt | Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:11:00+00:00 |
| cisco-sa-20180620-fx-os-cli-execution | Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:11:00+00:00 |
| cisco-sa-20180620-fx-os-fabric-dos | Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:11:00+00:00 |
| cisco-sa-20180620-fx-os-fabric-execution | Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:11:00+00:00 |
| cisco-sa-20180620-fxnxos-ace | Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-12T18:43:00+00:00 |
| cisco-sa-20180620-fxnxos-dos | Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:11:00+00:00 |
| cisco-sa-20180620-fxnxos-fab-ace | Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:11:00+00:00 |
| cisco-sa-20180620-fxos-ace | Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:12:00+00:00 |
| cisco-sa-20180620-fxos-dos | Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-05T21:12:00+00:00 |
| cisco-sa-20180620-meeting-server-dos | Cisco Meeting Server Web Admin Interface Denial of Service Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-06-20T16:00:00+00:00 |
| cisco-sa-20180620-n3k-n9k-clisnmp | Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-07-10T20:19:00+00:00 |
| cisco-sa-20180620-n4k-snmp-dos | Cisco Nexus 4000 Series Switch Simple Network Management Protocol Polling Denial of Service Vulnerability | 2018-06-20T16:00:00+00:00 | 2018-06-20T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2018-1000156 | GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | 2018-04-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-10392 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | 2018-04-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-10393 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | 2018-04-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-1000168 | nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1. | 2018-05-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-10689 | blktrace (aka Block IO Tracing) 1.2.0 as used with the Linux kernel and Android has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small as demonstrated by an invalid free when using the btt program with a crafted file. | 2018-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2018-11439 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | 2018-05-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-7159 | The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete. | 2018-05-02T00:00:00.000Z | 2025-12-07T01:36:21.000Z |
| msrc_cve-2017-16046 | `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2018-1000182 | A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 2018-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file". | 2018-06-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2018-11694 | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | 2018-06-02T00:00:00.000Z | 2023-08-01T00:00:00.000Z |
| msrc_cve-2018-7161 | All versions of Node.js 8.x 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer available. This has been addressed by updating the http2 implementation. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-7162 | All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending duplicate/unexpected messages during the handshake. This vulnerability has been addressed by updating the TLS implementation. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-7164 | Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-7167 | Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron") 8.x (LTS "Carbon") and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2017-12150 | It was found that samba before 4.4.16 4.5.x before 4.5.14 and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. | 2018-07-02T00:00:00.000Z | 2024-10-15T00:00:00.000Z |
| msrc_cve-2018-10906 | In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system accessible by other users and trick them into accessing files on that file system possibly causing Denial of Service or other unspecified effects. | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-1129 | A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable. | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | 2018-07-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2018-13410 | Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value given that the entire purpose of -TT is execution of arbitrary commands | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-13419 | An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue | 2018-07-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2018-13420 | Google gperftools 2.7 has a memory leak in malloc_extension.cc related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program | 2018-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2018-14040 | In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute | 2018-07-02T00:00:00.000Z | 2025-09-03T22:09:33.000Z |
| msrc_cve-2018-14042 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | 2018-07-02T00:00:00.000Z | 2025-09-03T23:08:20.000Z |
| msrc_cve-2018-1999023 | The Battle for Wesnoth Project contains a Code Injection that can result in code execution outside the sandbox | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-1999024 | MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability | 2018-07-02T00:00:00.000Z | 2025-09-03T22:22:20.000Z |
| msrc_cve-2017-9118 | PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 2018-08-02T00:00:00.000Z | 2025-10-01T23:11:00.000Z |
| msrc_cve-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. | 2018-08-02T00:00:00.000Z | 2025-10-01T23:11:00.000Z |
| msrc_cve-2018-1000215 | Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service | 2018-08-02T00:00:00.000Z | 2025-09-04T01:12:38.000Z |
| msrc_cve-2018-1000216 | Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could be either local or over a network. This vulnerability appears to have been fixed in 1.7.3. | 2018-08-02T00:00:00.000Z | 2025-09-03T20:53:58.000Z |
| ID | Description | Updated |
|---|---|---|
| var-200104-0018 | When the length of a certain type of Web request exceeds a certain value, the Web Proxy S… | 2022-05-04T08:51:35.094000Z |
| var-202202-0283 | A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Script… | 2022-05-04T08:51:45.760000Z |
| var-202202-0284 | A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists… | 2022-05-04T08:51:45.776000Z |
| var-202112-2349 | Certain NETGEAR devices are affected by command injection by an authenticated user. This … | 2022-05-04T08:51:47.602000Z |
| var-202111-1856 | Xiaomi Technology Co., Ltd. was established on March 3, 2010. It is a global mobile Inter… | 2022-05-04T08:51:52.952000Z |
| var-202110-1421 | IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This m… | 2022-05-04T08:51:56.064000Z |
| var-202109-1970 | Huawei USG2205BSR is a large-capacity router launched by Huawei. Huawei USG2205BSR ha… | 2022-05-04T08:51:57.514000Z |
| var-202108-2297 | NBR6210-E is an Internet behavior management router launched by Ruijie. It is a router de… | 2022-05-04T08:52:01.967000Z |
| var-202108-2318 | Quanxun Huiju Network Technology (Beijing) Co., Ltd. was established in 2013. "Ikuai" and… | 2022-05-04T08:52:01.956000Z |
| var-202108-2339 | Lexmark (NYSE: LXK) is an American company that is a developer and manufacturer of laser … | 2022-05-04T08:52:01.942000Z |
| var-202108-2360 | The business scope of Epson (China) Co., Ltd. mainly includes printers, scanners, project… | 2022-05-04T08:52:01.931000Z |
| var-202108-2381 | Fuji Xerox (China) Co., Ltd. was established on January 3, 1995. It is a wholly-owned hol… | 2022-05-04T08:52:01.917000Z |
| var-202108-2402 | DH-SD-6A9226F-HNI is a network camera product of Zhejiang Dahua Technology Co., Ltd. … | 2022-05-04T08:52:01.906000Z |
| var-202108-2423 | Matsushita Electric (China) Co., Ltd. is a manufacturer mainly responsible for the sales … | 2022-05-04T08:52:01.894000Z |
| var-202108-2444 | SCX-8240 is an all-in-one printer of Samsung (China) Investment Co., Ltd. Samsung (Ch… | 2022-05-04T08:52:01.883000Z |
| var-202108-2465 | SL-M3370FD is a printer of Samsung (China) Investment Co., Ltd. Samsung (China) Inves… | 2022-05-04T08:52:01.872000Z |
| var-202108-2486 | Axis is an IT company that specializes in providing network video solutions. AXIS Q60… | 2022-05-04T08:52:01.861000Z |
| var-202108-2507 | Lexmark (NYSE: LXK) is an American company that is a developer and manufacturer of laser … | 2022-05-04T08:52:01.846000Z |
| var-202108-2528 | Shenzhen Zhizhi High-tech Development Co., Ltd. was established in September 2013. It is … | 2022-05-04T08:52:01.834000Z |
| var-202108-2549 | MS521dn is a printer of Lexmark International Inc. Lexmark MS521dn has an unauthorize… | 2022-05-04T08:52:01.822000Z |
| var-202108-2570 | NBR2100G-E is an enterprise-level gateway router. Ruijie Networks NBR2100G-E router h… | 2022-05-04T08:52:01.805000Z |
| var-202109-0202 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exist… | 2022-05-04T08:52:01.490000Z |
| var-202107-1703 | Ruijie Networks is a professional network manufacturer with a full range of network equip… | 2022-05-04T08:52:03.553000Z |
| var-202107-1724 | TOTOLINK is a brand owned by Zeon Electronics (Shenzhen) Co., Ltd. Founded in 1999, it is… | 2022-05-04T08:52:03.543000Z |
| var-202107-1745 | Axis 207W is a network camera from Axis Communications AB. Axis Communications AB 207… | 2022-05-04T08:52:03.532000Z |
| var-202107-1766 | SP 320DN, SP 325DNw, SP 320SN, etc. are all-in-one printers, using RTOS operating system.… | 2022-05-04T08:52:03.522000Z |
| var-202107-1787 | Axis is an IT company that specializes in providing network video solutions. AXIS 212… | 2022-05-04T08:52:03.506000Z |
| var-202107-1808 | Dell is known for its production, design, and sales of home and office computers, but it … | 2022-05-04T08:52:03.495000Z |
| var-202107-1829 | Belkin Corporation is a global leader in peripheral products, providing users of computer… | 2022-05-04T08:52:03.484000Z |
| var-202107-1850 | Axis is an IT company that specializes in providing network video solutions. Axis 223… | 2022-05-04T08:52:03.474000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000625 | Tuigwaa cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000626 | Mayaa cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000639 | Shopping Basket Pro directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000640 | Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000645 | 7-ZIP32.DLL buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000646 | Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000647 | Fuktommy.com httpd.pl included in its HTML preprocessor vulnerable in allowing an attacker to view arbitrary CGI source code | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000678 | Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000697 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000699 | JP1/NETM/DM Manager SQL Injection Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000700 | Cosminexus javadoc Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000701 | Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000702 | Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000710 | Cosminexus Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000711 | TPBroker Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000712 | Cosminexus Agent Process Crash Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000727 | Safari allows access from HTTP to HTTPS | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000729 | Aipo session fixation vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000730 | Webmin OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000745 | PowerArchiver buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000772 | Hitachi Web Server SSL Client Authentication Vulnerability | 2008-05-21T00:00+09:00 | 2014-05-23T18:32+09:00 |
| jvndb-2007-000773 | Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page | 2008-05-21T00:00+09:00 | 2014-05-21T18:27+09:00 |
| jvndb-2007-000779 | MouseoverDictionary vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000801 | NetCommons cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000802 | Lotus Domino cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000803 | Cross-site scripting vulnerability in updir.php in UPDIR.NET | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000804 | Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000805 | RoundCube Webmail cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000806 | Feed2JS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000807 | FileMaker cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:03368-1 | Security update for libssh | 2025-09-26T10:53:33Z | 2025-09-26T10:53:33Z |
| suse-su-2025:03369-1 | Security update for libssh | 2025-09-26T10:54:45Z | 2025-09-26T10:54:45Z |
| suse-su-2025:03370-1 | Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) | 2025-09-26T11:33:33Z | 2025-09-26T11:33:33Z |
| suse-su-2025:03373-1 | Security update for gdk-pixbuf | 2025-09-26T12:26:29Z | 2025-09-26T12:26:29Z |
| suse-su-2025:03374-1 | Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4) | 2025-09-26T12:33:43Z | 2025-09-26T12:33:43Z |
| suse-su-2025:03375-1 | Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP4) | 2025-09-26T14:04:03Z | 2025-09-26T14:04:03Z |
| suse-su-2025:03378-1 | Security update for luajit | 2025-09-26T15:00:31Z | 2025-09-26T15:00:31Z |
| suse-su-2025:03379-1 | Security update for the Linux Kernel (Live Patch 71 for SLE 12 SP5) | 2025-09-26T15:04:09Z | 2025-09-26T15:04:09Z |
| suse-su-2025:03381-1 | Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4) | 2025-09-26T16:33:33Z | 2025-09-26T16:33:33Z |
| suse-su-2025:03382-1 | Security update for the Linux Kernel | 2025-09-26T17:27:16Z | 2025-09-26T17:27:16Z |
| suse-su-2025:03383-1 | Security update for the Linux Kernel | 2025-09-26T17:27:32Z | 2025-09-26T17:27:32Z |
| suse-su-2025:03384-1 | Security update for the Linux Kernel | 2025-09-26T17:28:20Z | 2025-09-26T17:28:20Z |
| suse-su-2025:03387-1 | Security update for the Linux Kernel (Live Patch 33 for SLE 15 SP4) | 2025-09-26T21:33:32Z | 2025-09-26T21:33:32Z |
| suse-su-2025:03389-1 | Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4) | 2025-09-26T22:04:11Z | 2025-09-26T22:04:11Z |
| suse-su-2025:03391-1 | Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP4) | 2025-09-27T09:33:28Z | 2025-09-27T09:33:28Z |
| suse-su-2025:03392-1 | Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP4) | 2025-09-27T11:33:26Z | 2025-09-27T11:33:26Z |
| suse-su-2025:03393-1 | Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP5) | 2025-09-27T11:33:32Z | 2025-09-27T11:33:32Z |
| suse-su-2025:03395-1 | Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP5) | 2025-09-27T13:33:26Z | 2025-09-27T13:33:26Z |
| suse-su-2025:03396-1 | Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5) | 2025-09-27T15:33:27Z | 2025-09-27T15:33:27Z |
| suse-su-2025:03397-1 | Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP5) | 2025-09-27T18:03:46Z | 2025-09-27T18:03:46Z |
| suse-su-2025:03400-1 | Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP5) | 2025-09-27T20:03:55Z | 2025-09-27T20:03:55Z |
| suse-su-2025:03403-1 | Security update for the Linux Kernel (Live Patch 29 for SLE 15 SP5) | 2025-09-27T22:04:02Z | 2025-09-27T22:04:02Z |
| suse-su-2025:03406-1 | Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) | 2025-09-28T01:04:01Z | 2025-09-28T01:04:01Z |
| suse-su-2025:03408-1 | Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6) | 2025-09-28T03:03:45Z | 2025-09-28T03:03:45Z |
| suse-su-2025:03410-1 | Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP6) | 2025-09-28T05:35:32Z | 2025-09-28T05:35:32Z |
| suse-su-2025:03411-1 | Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6) | 2025-09-28T06:04:46Z | 2025-09-28T06:04:46Z |
| suse-su-2025:03412-1 | Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7) | 2025-09-28T12:03:44Z | 2025-09-28T12:03:44Z |
| suse-su-2025:03413-1 | Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7) | 2025-09-28T13:33:34Z | 2025-09-28T13:33:34Z |
| suse-su-2025:03414-1 | Security update for the Linux Kernel (Live Patch 55 for SLE 15 SP3) | 2025-09-28T14:04:00Z | 2025-09-28T14:04:00Z |
| suse-su-2025:03416-1 | Security update for the Linux Kernel (Live Patch 60 for SLE 15 SP3) | 2025-09-28T16:03:58Z | 2025-09-28T16:03:58Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2025:15685-1 | ImageMagick-7.1.2.8-1.1 on GA media | 2025-10-30T00:00:00Z | 2025-10-30T00:00:00Z |
| opensuse-su-2025:15686-1 | MozillaFirefox-144.0.2-1.1 on GA media | 2025-10-30T00:00:00Z | 2025-10-30T00:00:00Z |
| opensuse-su-2025:15687-1 | chromedriver-142.0.7444.59-2.1 on GA media | 2025-10-30T00:00:00Z | 2025-10-30T00:00:00Z |
| opensuse-su-2025:15688-1 | libmozjs-140-0-140.4.0-2.1 on GA media | 2025-10-30T00:00:00Z | 2025-10-30T00:00:00Z |
| opensuse-su-2025:15689-1 | gomuks-0.3.1-2.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:15690-1 | java-11-openj9-11.0.29.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:15691-1 | java-17-openj9-17.0.17.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:15692-1 | java-1_8_0-openj9-1.8.0.472-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:15693-1 | java-21-openj9-21.0.9.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:15694-1 | java-25-openj9-25.0.1.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:16751-1 | gomuks-0.3.1-2.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:16752-1 | java-11-openj9-11.0.29.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:16753-1 | java-17-openj9-17.0.17.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:16754-1 | java-1_8_0-openj9-1.8.0.472-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:16755-1 | java-21-openj9-21.0.9.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025:16756-1 | java-25-openj9-25.0.1.0-1.1 on GA media | 2025-10-31T00:00:00Z | 2025-10-31T00:00:00Z |
| opensuse-su-2025-20022-1 | Security update for python-Django | 2025-10-31T08:58:03Z | 2025-10-31T08:58:03Z |
| opensuse-su-2025:15695-1 | govulncheck-vulndb-0.0.20251029T215107-1.1 on GA media | 2025-11-01T00:00:00Z | 2025-11-01T00:00:00Z |
| opensuse-su-2025:15696-1 | python311-starlette-0.49.1-1.1 on GA media | 2025-11-01T00:00:00Z | 2025-11-01T00:00:00Z |
| opensuse-su-2025:15697-1 | kumactl-2.12.3-1.1 on GA media | 2025-11-02T00:00:00Z | 2025-11-02T00:00:00Z |
| opensuse-su-2025:15698-1 | redis-8.2.3-1.1 on GA media | 2025-11-02T00:00:00Z | 2025-11-02T00:00:00Z |
| opensuse-su-2025:15699-1 | python311-djangorestframework-simplejwt-5.5.1-1.1 on GA media | 2025-11-03T00:00:00Z | 2025-11-03T00:00:00Z |
| opensuse-su-2025:15700-1 | OpenSMTPD-7.8.0p0-1.1 on GA media | 2025-11-04T00:00:00Z | 2025-11-04T00:00:00Z |
| opensuse-su-2025:15701-1 | java-1_8_0-openjdk-1.8.0.472-1.1 on GA media | 2025-11-04T00:00:00Z | 2025-11-04T00:00:00Z |
| opensuse-su-2025:15702-1 | kernel-devel-6.17.7-1.1 on GA media | 2025-11-04T00:00:00Z | 2025-11-04T00:00:00Z |
| opensuse-su-2025:15703-1 | kubecolor-0.5.3-1.1 on GA media | 2025-11-04T00:00:00Z | 2025-11-04T00:00:00Z |
| opensuse-su-2025:15704-1 | zellij-0.43.1-2.1 on GA media | 2025-11-04T00:00:00Z | 2025-11-04T00:00:00Z |
| opensuse-su-2025:15705-1 | runc-1.3.3-1.1 on GA media | 2025-11-05T00:00:00Z | 2025-11-05T00:00:00Z |
| opensuse-su-2025:15706-1 | erlang-28.1.1-1.1 on GA media | 2025-11-06T00:00:00Z | 2025-11-06T00:00:00Z |
| opensuse-su-2025:15707-1 | ghostscript-10.06.0-2.1 on GA media | 2025-11-06T00:00:00Z | 2025-11-06T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-00167 | WordPress插件twimp-wp跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00168 | WordPress插件Twitter LiveBlog跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00169 | WordPress插件TweetScribe跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00170 | WordPress插件Wp Unique Article Header Image存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00171 | WordPress插件Post to Twitter存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00172 | WordPress插件Simple visitor stat存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00173 | WordPress Social Slider插件SQL注入漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00174 | HESK存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00175 | CosmoShop ePRO存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00176 | CosmoShop ePRO跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00177 | WordPress插件gSlideShow存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00178 | WordPress插件PWGRandom存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00179 | WordPress插件Sodahead Polls存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00180 | PHP Fileinfo component拒绝服务漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00181 | WordPress插件PictoBrowser跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00182 | Easewe FTP OCX任意文件执行漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00183 | WordPress插件Cart66 Lite SQL注入漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00184 | concrete5存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00185 | Roundcube Webmail存在多个跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00186 | ManageEngine Desktop Central MSP远程代码执行漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00187 | Brother MFC-J4410DW打印机'url'参数存在多个跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00188 | TP-Link TL-WR840N 'Import Configuration'选项跨站请求伪造漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00189 | NotePad++缓冲区溢出漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00190 | Spitfire CMS跨站脚本漏洞 | 2015-01-08 | 2015-01-09 |
| cnvd-2015-00191 | SysAid On-Premise绝对路径遍历漏洞 | 2015-01-08 | 2015-01-12 |
| cnvd-2015-00192 | vBulletin跨站请求伪造漏洞 | 2015-01-08 | 2015-01-12 |
| cnvd-2015-00193 | WordPress插件Relevanssi跨站脚本漏洞 | 2015-01-08 | 2015-01-12 |
| cnvd-2015-00194 | NYU OpenSSO Integration重定向漏洞 | 2015-01-08 | 2015-01-12 |
| cnvd-2015-00195 | Installatron GQ File Manager SQL注入漏洞 | 2015-01-08 | 2015-01-12 |
| cnvd-2015-00196 | Zabbix 'chart_bar.php'存在多个SQL注入漏洞 | 2015-01-08 | 2015-01-12 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2001-AVI-027 | Vulnérabilités d'Internet Explorer et de Windows Scripting Host | 2001-03-07T00:00:00.000000 | 2001-03-07T00:00:00.000000 |
| certa-2001-avi-027 | Vulnérabilités d'Internet Explorer et de Windows Scripting Host | 2001-03-07T00:00:00.000000 | 2001-03-07T00:00:00.000000 |
| CERTA-2001-AVI-028 | vulnérabilité de sudo sous Linux Debian | 2001-03-08T00:00:00.000000 | 2001-03-08T00:00:00.000000 |
| certa-2001-avi-028 | vulnérabilité de sudo sous Linux Debian | 2001-03-08T00:00:00.000000 | 2001-03-08T00:00:00.000000 |
| CERTA-2001-AVI-029 | Vulnérabilité de Microsoft Internet Information Serveur 5.0 | 2001-03-09T00:00:00.000000 | 2001-03-09T00:00:00.000000 |
| CERTA-2001-AVI-031 | Vulnérabilité de HP OpenView OmniBack sous HP-UX et Windows NT/2000 | 2001-03-09T00:00:00.000000 | 2001-03-09T00:00:00.000000 |
| CERTA-2001-AVI-032 | Vulnérabilité de IBM HTTP Server | 2001-03-09T00:00:00.000000 | 2001-03-09T00:00:00.000000 |
| certa-2001-avi-029 | Vulnérabilité de Microsoft Internet Information Serveur 5.0 | 2001-03-09T00:00:00.000000 | 2001-03-09T00:00:00.000000 |
| certa-2001-avi-031 | Vulnérabilité de HP OpenView OmniBack sous HP-UX et Windows NT/2000 | 2001-03-09T00:00:00.000000 | 2001-03-09T00:00:00.000000 |
| certa-2001-avi-032 | Vulnérabilité de IBM HTTP Server | 2001-03-09T00:00:00.000000 | 2001-03-09T00:00:00.000000 |
| CERTA-2001-AVI-033 | Vulnérabilité dans Mailsweeper version 4.2 | 2001-03-13T00:00:00.000000 | 2001-03-13T00:00:00.000000 |
| CERTA-2001-AVI-034 | Vulnérabilité du serveur web Apache | 2001-03-13T00:00:00.000000 | 2001-03-13T00:00:00.000000 |
| CERTA-2001-AVI-035 | Vulnérabilité de pcAnywhere. | 2001-03-13T00:00:00.000000 | 2001-03-13T00:00:00.000000 |
| certa-2001-avi-033 | Vulnérabilité dans Mailsweeper version 4.2 | 2001-03-13T00:00:00.000000 | 2001-03-13T00:00:00.000000 |
| certa-2001-avi-034 | Vulnérabilité du serveur web Apache | 2001-03-13T00:00:00.000000 | 2001-03-13T00:00:00.000000 |
| certa-2001-avi-035 | Vulnérabilité de pcAnywhere. | 2001-03-13T00:00:00.000000 | 2001-03-13T00:00:00.000000 |
| CERTA-2001-AVI-036 | Certificats erronés délivrés par VeriSign | 2001-03-23T00:00:00.000000 | 2001-03-23T00:00:00.000000 |
| CERTA-2001-AVI-037 | Vulnérabilité des logiciels d'administration à distance de Compaq | 2001-03-23T00:00:00.000000 | 2001-03-23T00:00:00.000000 |
| certa-2001-avi-036 | Certificats erronés délivrés par VeriSign | 2001-03-23T00:00:00.000000 | 2001-03-23T00:00:00.000000 |
| certa-2001-avi-037 | Vulnérabilité des logiciels d'administration à distance de Compaq | 2001-03-23T00:00:00.000000 | 2001-03-23T00:00:00.000000 |
| CERTA-2001-AVI-038 | Vulnérabilité dans Microsoft Visual Studio 6.0 | 2001-03-28T00:00:00.000000 | 2001-03-28T00:00:00.000000 |
| CERTA-2001-AVI-039 | Vulnérabilité dans la protection des fichiers compressés sous Windows Plus!98 et Me | 2001-03-28T00:00:00.000000 | 2001-03-28T00:00:00.000000 |
| certa-2001-avi-038 | Vulnérabilité dans Microsoft Visual Studio 6.0 | 2001-03-28T00:00:00.000000 | 2001-03-28T00:00:00.000000 |
| certa-2001-avi-039 | Vulnérabilité dans la protection des fichiers compressés sous Windows Plus!98 et Me | 2001-03-28T00:00:00.000000 | 2001-03-28T00:00:00.000000 |
| CERTA-2001-AVI-040 | Vulnérabilité dans les concentrateurs CISCO VPN3000 | 2001-03-29T00:00:00.000000 | 2001-03-29T00:00:00.000000 |
| certa-2001-avi-040 | Vulnérabilité dans les concentrateurs CISCO VPN3000 | 2001-03-29T00:00:00.000000 | 2001-03-29T00:00:00.000000 |
| CERTA-2001-AVI-041 | Vulnérabilité dans Internet Explorer 5.01 et 5.5 | 2001-03-30T00:00:00.000000 | 2002-07-16T00:00:00.000000 |
| certa-2001-avi-041 | Vulnérabilité dans Internet Explorer 5.01 et 5.5 | 2001-03-30T00:00:00.000000 | 2002-07-16T00:00:00.000000 |
| CERTA-2001-AVI-042 | Vulnérabilité dans les commutateurs CISCO CSS 11050, 11150 et 11800 | 2001-04-11T00:00:00.000000 | 2001-04-11T00:00:00.000000 |
| CERTA-2001-AVI-043 | Vulnérabilité de la fonction glob() dans les serveurs FTP | 2001-04-11T00:00:00.000000 | 2001-04-11T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2008-ALE-013 | Vulnérabilité du service sadmind de Sun Solaris | 2008-10-17T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| certa-2008-ale-013 | Vulnérabilité du service sadmind de Sun Solaris | 2008-10-17T00:00:00.000000 | 2013-02-21T00:00:00.000000 |
| CERTA-2008-ALE-014 | Vulnérabilité dans Opera | 2008-11-20T00:00:00.000000 | 2009-01-06T00:00:00.000000 |
| certa-2008-ale-014 | Vulnérabilité dans Opera | 2008-11-20T00:00:00.000000 | 2009-01-06T00:00:00.000000 |
| CERTA-2008-ALE-015 | Vulnérabilité dans le convertisseur de texte de WordPad | 2008-12-10T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| CERTA-2008-ALE-016 | Vulnérabilité dans Microsoft Internet Explorer | 2008-12-10T00:00:00.000000 | 2008-12-17T00:00:00.000000 |
| certa-2008-ale-015 | Vulnérabilité dans le convertisseur de texte de WordPad | 2008-12-10T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| certa-2008-ale-016 | Vulnérabilité dans Microsoft Internet Explorer | 2008-12-10T00:00:00.000000 | 2008-12-17T00:00:00.000000 |
| CERTA-2008-ALE-017 | Vulnérabilité dans Microsoft SQL Server | 2008-12-12T00:00:00.000000 | 2009-02-11T00:00:00.000000 |
| certa-2008-ale-017 | Vulnérabilité dans Microsoft SQL Server | 2008-12-12T00:00:00.000000 | 2009-02-11T00:00:00.000000 |
| CERTA-2009-ALE-001 | Vulnérabilité dans l'interprétation JBIG2 des produits Adobe | 2009-02-20T00:00:00.000000 | 2009-03-20T00:00:00.000000 |
| certa-2009-ale-001 | Vulnérabilité dans l'interprétation JBIG2 des produits Adobe | 2009-02-20T00:00:00.000000 | 2009-03-20T00:00:00.000000 |
| CERTA-2009-ALE-002 | Vulnérabilité dans Microsoft Excel | 2009-02-25T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| certa-2009-ale-002 | Vulnérabilité dans Microsoft Excel | 2009-02-25T00:00:00.000000 | 2009-04-15T00:00:00.000000 |
| CERTA-2009-ALE-003 | Vulnérabilité dans Apple Mac OS X | 2009-03-24T00:00:00.000000 | 2009-06-02T00:00:00.000000 |
| certa-2009-ale-003 | Vulnérabilité dans Apple Mac OS X | 2009-03-24T00:00:00.000000 | 2009-06-02T00:00:00.000000 |
| CERTA-2009-ALE-004 | Vulnérabilité dans Mozilla Firefox | 2009-03-27T00:00:00.000000 | 2009-03-30T00:00:00.000000 |
| certa-2009-ale-004 | Vulnérabilité dans Mozilla Firefox | 2009-03-27T00:00:00.000000 | 2009-03-30T00:00:00.000000 |
| CERTA-2009-ALE-005 | Vulnérabilité de PowerPoint | 2009-04-03T00:00:00.000000 | 2009-05-13T00:00:00.000000 |
| certa-2009-ale-005 | Vulnérabilité de PowerPoint | 2009-04-03T00:00:00.000000 | 2009-05-13T00:00:00.000000 |
| CERTA-2009-ALE-006 | Multiples vulnérabilités dans Adobe Reader et Adobe Acrobat | 2009-04-28T00:00:00.000000 | 2009-05-13T00:00:00.000000 |
| certa-2009-ale-006 | Multiples vulnérabilités dans Adobe Reader et Adobe Acrobat | 2009-04-28T00:00:00.000000 | 2009-05-13T00:00:00.000000 |
| CERTA-2009-ALE-007 | Vulnérabilité WebDAV sous Microsoft IIS | 2009-05-18T00:00:00.000000 | 2009-06-10T00:00:00.000000 |
| certa-2009-ale-007 | Vulnérabilité WebDAV sous Microsoft IIS | 2009-05-18T00:00:00.000000 | 2009-06-10T00:00:00.000000 |
| CERTA-2009-ALE-008 | Vulnérabilité Java de Mac OS X | 2009-05-20T00:00:00.000000 | 2009-06-17T00:00:00.000000 |
| certa-2009-ale-008 | Vulnérabilité Java de Mac OS X | 2009-05-20T00:00:00.000000 | 2009-06-17T00:00:00.000000 |
| CERTA-2009-ALE-009 | Vulnérabilité dans Microsoft DirectShow | 2009-05-29T00:00:00.000000 | 2009-07-14T00:00:00.000000 |
| certa-2009-ale-009 | Vulnérabilité dans Microsoft DirectShow | 2009-05-29T00:00:00.000000 | 2009-07-14T00:00:00.000000 |
| CERTA-2009-ALE-010 | Vulnérabilité dans le contrôle ActiveX Microsoft Video | 2009-07-07T00:00:00.000000 | 2009-07-15T00:00:00.000000 |
| certa-2009-ale-010 | Vulnérabilité dans le contrôle ActiveX Microsoft Video | 2009-07-07T00:00:00.000000 | 2009-07-15T00:00:00.000000 |