Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-vgp9-2hhf-fp9r | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-13T01:21:41Z | 2025-10-22T00:31:38Z |
| ghsa-fj6p-rwp3-vrrh | A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improve… | 2022-05-13T01:22:38Z | 2025-10-22T00:31:37Z |
| ghsa-hg7f-3vww-rc69 | The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote … | 2022-05-13T01:22:40Z | 2025-11-04T00:30:29Z |
| ghsa-3gx6-h57h-rm27 | Drupal Core Remote Code Execution Vulnerability | 2022-05-13T01:22:41Z | 2025-10-22T17:40:41Z |
| ghsa-4rg3-754f-rcrq | Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | 2022-05-13T01:22:48Z | 2025-10-22T00:31:37Z |
| ghsa-xwpg-vm43-3qwm | The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properl… | 2022-05-13T01:23:13Z | 2025-10-22T03:30:37Z |
| ghsa-92x6-4gf8-7hcj | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol i… | 2022-05-13T01:23:34Z | 2025-10-22T03:30:29Z |
| ghsa-g37w-qg7v-7fjq | A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cis… | 2022-05-13T01:24:13Z | 2025-10-22T00:31:19Z |
| ghsa-6g39-9vj5-c7xv | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 thr… | 2022-05-13T01:24:42Z | 2025-10-22T00:31:23Z |
| ghsa-ccm6-q86p-2hwx | The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE throug… | 2022-05-13T01:26:06Z | 2025-10-22T00:31:17Z |
| ghsa-29rm-6752-gvwv | Code execution in Apache Struts 1 plugin | 2022-05-13T01:26:13Z | 2025-10-22T17:32:23Z |
| ghsa-237x-ggj9-vvhf | The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before… | 2022-05-13T01:26:33Z | 2025-10-22T00:31:37Z |
| ghsa-v6m4-3gv6-q4jx | The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS … | 2022-05-13T01:26:33Z | 2025-10-22T00:31:36Z |
| ghsa-vv86-whxx-rv84 | The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS … | 2022-05-13T01:26:33Z | 2025-10-22T00:31:36Z |
| ghsa-rq9p-fw9r-ppg4 | Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2… | 2022-05-13T01:26:34Z | 2025-10-22T00:31:09Z |
| ghsa-f7w4-79f7-fhp3 | An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0… | 2022-05-13T01:27:19Z | 2025-10-22T00:31:37Z |
| ghsa-gf7c-4w4p-7cm5 | An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to … | 2022-05-13T01:27:19Z | 2025-10-22T00:31:36Z |
| ghsa-h9jh-6fmr-vvc6 | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchang… | 2022-05-13T01:27:26Z | 2025-10-22T00:31:36Z |
| ghsa-v6j9-wwcx-4984 | An unprivileged network attacker could gain system privileges to provisioned Intel manageability SK… | 2022-05-13T01:28:19Z | 2025-10-22T00:31:21Z |
| ghsa-9ppr-hv62-39w2 | Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before… | 2022-05-13T01:28:23Z | 2025-10-22T00:31:29Z |
| ghsa-8pqx-3rxx-f5pm | Jenkins discloses project names via fingerprints | 2022-05-13T01:30:06Z | 2025-10-22T17:35:20Z |
| ghsa-6mr5-xh3f-7vqm | A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to che… | 2022-05-13T01:30:17Z | 2025-10-22T00:31:37Z |
| ghsa-mpwr-vh8m-qpfg | A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE So… | 2022-05-13T01:30:24Z | 2025-10-22T00:31:30Z |
| ghsa-782f-h7v4-m7wc | The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Serve… | 2022-05-13T01:32:10Z | 2025-10-22T00:31:34Z |
| ghsa-7v9q-j964-43qc | In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting… | 2022-05-13T01:32:24Z | 2025-10-22T00:31:37Z |
| ghsa-rfg9-33h6-7pq5 | Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software coul… | 2022-05-13T01:35:41Z | 2025-10-22T00:31:32Z |
| ghsa-pp38-rv9h-g7rc | A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsul… | 2022-05-13T01:35:42Z | 2025-10-22T00:31:30Z |
| ghsa-qcqh-fmx4-f33r | A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco I… | 2022-05-13T01:35:42Z | 2025-10-22T00:31:30Z |
| ghsa-xmxh-qgmj-jcc4 | Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software coul… | 2022-05-13T01:35:42Z | 2025-10-22T00:31:31Z |
| ghsa-f6hc-7357-x73w | Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Soft… | 2022-05-13T01:35:43Z | 2025-10-22T00:31:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-11882 | N/A | Microsoft Office 2007 Service Pack 3, Microsoft O… |
Microsoft Corporation |
Microsoft Office |
2017-11-15T03:00:00.000Z | 2025-10-21T23:55:30.163Z |
| cve-2017-15944 | N/A | Palo Alto Networks PAN-OS before 6.1.19, 7.0.x be… |
n/a |
n/a |
2017-12-11T17:00:00.000Z | 2025-10-21T23:45:57.483Z |
| cve-2017-17562 | N/A | Embedthis GoAhead before 3.6.5 allows remote code… |
n/a |
n/a |
2017-12-12T19:00:00.000Z | 2025-10-21T23:45:57.300Z |
| cve-2017-1000486 | N/A | Primetek Primefaces 5.x is vulnerable to a weak e… |
n/a |
n/a |
2018-01-03T20:00:00.000Z | 2025-10-21T23:45:57.153Z |
| cve-2018-0798 | N/A | Equation Editor in Microsoft Office 2007, Microso… |
Microsoft Corporation |
Equation Editor |
2018-01-10T01:00:00.000Z | 2025-10-21T23:45:57.001Z |
| cve-2018-0802 | N/A | Equation Editor in Microsoft Office 2007, Microso… |
Microsoft Corporation |
Equation Editor |
2018-01-10T01:00:00.000Z | 2025-10-21T23:45:56.855Z |
| cve-2017-1000353 | N/A | Jenkins versions 2.56 and earlier as well as 2.46… |
n/a |
n/a |
2018-01-29T17:00:00.000Z | 2025-10-21T23:45:56.725Z |
| cve-2017-14180 | N/A | Apport 2.13 through 2.20.7 does not properly hand… |
na/ |
Apport |
2018-02-02T14:00:00.000Z | 2025-11-03T19:25:18.350Z |
| cve-2018-4878 | N/A | A use-after-free vulnerability was discovered in … |
n/a |
Adobe Flash Player before 28.0.0.161 |
2018-02-06T20:00:00.000Z | 2025-10-21T23:45:56.580Z |
| cve-2018-0125 | N/A | A vulnerability in the web interface of the Cisco… |
n/a |
Cisco RV132W and RV134W |
2018-02-08T07:00:00.000Z | 2025-10-21T23:45:56.411Z |
| cve-2018-6789 | N/A | An issue was discovered in the base64d function i… |
n/a |
n/a |
2018-02-08T23:00:00.000Z | 2025-10-21T23:45:56.260Z |
| cve-2018-2380 | N/A | SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allow… |
SAP SE |
SAP CRM |
2018-03-01T17:00:00.000Z | 2025-10-21T23:45:56.073Z |
| cve-2018-6530 | N/A | OS command injection vulnerability in soap.cgi (s… |
n/a |
n/a |
2018-03-06T20:00:00.000Z | 2025-10-21T23:45:55.871Z |
| cve-2018-0147 | N/A | A vulnerability in Java deserialization used by C… |
n/a |
Cisco Secure Access Control System |
2018-03-08T07:00:00.000Z | 2025-10-21T23:45:55.560Z |
| cve-2018-7445 | N/A | A buffer overflow was found in the MikroTik Route… |
n/a |
n/a |
2018-03-19T21:00:00.000Z | 2025-10-21T23:45:55.366Z |
| cve-2017-12319 | N/A | A vulnerability in the Border Gateway Protocol (B… |
n/a |
Cisco IOS XE |
2018-03-27T09:00:00.000Z | 2025-10-21T23:45:55.213Z |
| cve-2018-6882 | N/A | Cross-site scripting (XSS) vulnerability in the Z… |
n/a |
n/a |
2018-03-27T16:00:00.000Z | 2025-10-21T23:45:55.042Z |
| cve-2018-0151 | N/A | A vulnerability in the quality of service (QoS) s… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.884Z |
| cve-2018-0154 | N/A | A vulnerability in the crypto engine of the Cisco… |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.725Z |
| cve-2018-0155 | N/A | A vulnerability in the Bidirectional Forwarding D… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.581Z |
| cve-2018-0156 | N/A | A vulnerability in the Smart Install feature of C… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.405Z |
| cve-2018-0158 | N/A | A vulnerability in the Internet Key Exchange Vers… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.255Z |
| cve-2018-0159 | N/A | A vulnerability in the implementation of Internet… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.112Z |
| cve-2018-0161 | N/A | A vulnerability in the Simple Network Management … |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.985Z |
| cve-2018-0167 | N/A | Multiple Buffer Overflow vulnerabilities in the L… |
n/a |
Cisco IOS, IOS XE, and IOS XR |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.814Z |
| cve-2018-0171 | N/A | A vulnerability in the Smart Install feature of C… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.665Z |
| cve-2018-0172 | N/A | A vulnerability in the DHCP option 82 encapsulati… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.521Z |
| cve-2018-0173 | N/A | A vulnerability in the Cisco IOS Software and Cis… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.331Z |
| cve-2018-0174 | N/A | A vulnerability in the DHCP option 82 encapsulati… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.179Z |
| cve-2018-0175 | N/A | Format String vulnerability in the Link Layer Dis… |
n/a |
Cisco IOS, IOS XE, and IOS XR |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:52.972Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-10271 | N/A | Vulnerability in the Oracle WebLogic Server compo… |
Oracle Corporation |
WebLogic Server |
2017-10-19T17:00:00.000Z | 2025-10-21T23:55:31.111Z |
| cve-2017-11292 | N/A | Adobe Flash Player version 27.0.0.159 and earlier… |
n/a |
Adobe Flash Player version 27.0.0.159 and earlier |
2017-10-21T05:00:00.000Z | 2025-10-21T23:55:30.944Z |
| cve-2017-5070 | N/A | Type confusion in V8 in Google Chrome prior to 59… |
n/a |
Google Chrome prior to 59.0.3071.86 for Linux, Windows and Mac, and 59.0.3071.92 for Android |
2017-10-27T05:00:00.000Z | 2025-10-21T23:55:30.609Z |
| cve-2017-16651 | N/A | Roundcube Webmail before 1.1.10, 1.2.x before 1.2… |
n/a |
n/a |
2017-11-09T14:00:00.000Z | 2025-10-21T23:55:30.379Z |
| cve-2017-11882 | N/A | Microsoft Office 2007 Service Pack 3, Microsoft O… |
Microsoft Corporation |
Microsoft Office |
2017-11-15T03:00:00.000Z | 2025-10-21T23:55:30.163Z |
| cve-2017-15944 | N/A | Palo Alto Networks PAN-OS before 6.1.19, 7.0.x be… |
n/a |
n/a |
2017-12-11T17:00:00.000Z | 2025-10-21T23:45:57.483Z |
| cve-2017-17562 | N/A | Embedthis GoAhead before 3.6.5 allows remote code… |
n/a |
n/a |
2017-12-12T19:00:00.000Z | 2025-10-21T23:45:57.300Z |
| cve-2017-1000486 | N/A | Primetek Primefaces 5.x is vulnerable to a weak e… |
n/a |
n/a |
2018-01-03T20:00:00.000Z | 2025-10-21T23:45:57.153Z |
| cve-2018-0798 | N/A | Equation Editor in Microsoft Office 2007, Microso… |
Microsoft Corporation |
Equation Editor |
2018-01-10T01:00:00.000Z | 2025-10-21T23:45:57.001Z |
| cve-2018-0802 | N/A | Equation Editor in Microsoft Office 2007, Microso… |
Microsoft Corporation |
Equation Editor |
2018-01-10T01:00:00.000Z | 2025-10-21T23:45:56.855Z |
| cve-2017-1000353 | N/A | Jenkins versions 2.56 and earlier as well as 2.46… |
n/a |
n/a |
2018-01-29T17:00:00.000Z | 2025-10-21T23:45:56.725Z |
| cve-2017-14180 | N/A | Apport 2.13 through 2.20.7 does not properly hand… |
na/ |
Apport |
2018-02-02T14:00:00.000Z | 2025-11-03T19:25:18.350Z |
| cve-2018-4878 | N/A | A use-after-free vulnerability was discovered in … |
n/a |
Adobe Flash Player before 28.0.0.161 |
2018-02-06T20:00:00.000Z | 2025-10-21T23:45:56.580Z |
| cve-2017-17552 | N/A | /LoadFrame in Zoho ManageEngine AD Manager Plus b… |
n/a |
n/a |
2018-02-07T17:00:00 | 2024-08-05T20:51:32.285Z |
| cve-2018-0125 | N/A | A vulnerability in the web interface of the Cisco… |
n/a |
Cisco RV132W and RV134W |
2018-02-08T07:00:00.000Z | 2025-10-21T23:45:56.411Z |
| cve-2018-6789 | N/A | An issue was discovered in the base64d function i… |
n/a |
n/a |
2018-02-08T23:00:00.000Z | 2025-10-21T23:45:56.260Z |
| cve-2018-2380 | N/A | SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allow… |
SAP SE |
SAP CRM |
2018-03-01T17:00:00.000Z | 2025-10-21T23:45:56.073Z |
| cve-2018-6530 | N/A | OS command injection vulnerability in soap.cgi (s… |
n/a |
n/a |
2018-03-06T20:00:00.000Z | 2025-10-21T23:45:55.871Z |
| cve-2018-0147 | N/A | A vulnerability in Java deserialization used by C… |
n/a |
Cisco Secure Access Control System |
2018-03-08T07:00:00.000Z | 2025-10-21T23:45:55.560Z |
| cve-2018-7445 | N/A | A buffer overflow was found in the MikroTik Route… |
n/a |
n/a |
2018-03-19T21:00:00.000Z | 2025-10-21T23:45:55.366Z |
| cve-2017-12319 | N/A | A vulnerability in the Border Gateway Protocol (B… |
n/a |
Cisco IOS XE |
2018-03-27T09:00:00.000Z | 2025-10-21T23:45:55.213Z |
| cve-2018-6882 | N/A | Cross-site scripting (XSS) vulnerability in the Z… |
n/a |
n/a |
2018-03-27T16:00:00.000Z | 2025-10-21T23:45:55.042Z |
| cve-2018-0151 | N/A | A vulnerability in the quality of service (QoS) s… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.884Z |
| cve-2018-0154 | N/A | A vulnerability in the crypto engine of the Cisco… |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.725Z |
| cve-2018-0155 | N/A | A vulnerability in the Bidirectional Forwarding D… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.581Z |
| cve-2018-0156 | N/A | A vulnerability in the Smart Install feature of C… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.405Z |
| cve-2018-0158 | N/A | A vulnerability in the Internet Key Exchange Vers… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.255Z |
| cve-2018-0159 | N/A | A vulnerability in the implementation of Internet… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.112Z |
| cve-2018-0161 | N/A | A vulnerability in the Simple Network Management … |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.985Z |
| cve-2018-0167 | N/A | Multiple Buffer Overflow vulnerabilities in the L… |
n/a |
Cisco IOS, IOS XE, and IOS XR |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.814Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-10955 | Malicious code in commitlint-plugin-rules-an (npm) | 2024-11-26T05:29:17Z | 2025-02-03T18:38:39Z |
| mal-2024-10956 | Malicious code in config-sdk-nodejs (npm) | 2024-11-26T05:29:17Z | 2024-12-09T14:39:21Z |
| mal-2024-10958 | Malicious code in cs-shared-component-tools (npm) | 2024-11-26T05:29:17Z | 2024-12-09T14:39:21Z |
| mal-2024-10960 | Malicious code in dep-validator-cli (npm) | 2024-11-26T05:29:17Z | 2025-02-03T18:38:39Z |
| mal-2024-10961 | Malicious code in eager-blog (npm) | 2024-11-26T05:29:17Z | 2024-12-09T14:39:21Z |
| mal-2024-10959 | Malicious code in debugr1 (npm) | 2024-11-26T05:30:12Z | 2024-12-09T14:39:21Z |
| mal-2024-10985 | Malicious code in kraken-wallet-network-icons (npm) | 2024-11-26T05:30:12Z | 2024-12-09T14:39:22Z |
| mal-2024-11023 | Malicious code in tc-portal (npm) | 2024-11-26T16:27:25Z | 2024-12-20T00:33:13Z |
| mal-2024-11024 | Malicious code in uid2-publisher (npm) | 2024-11-26T16:33:58Z | 2024-12-20T00:33:13Z |
| mal-2024-10951 | Malicious code in babel-plugin-error-context (npm) | 2024-11-26T23:39:39Z | 2024-12-09T14:39:21Z |
| mal-2024-10984 | Malicious code in kraken-wallet-cryptoicons (npm) | 2024-11-26T23:39:39Z | 2024-12-09T14:39:22Z |
| mal-2024-10974 | Malicious code in etherscancontracthandler (npm) | 2024-11-26T23:52:16Z | 2024-12-09T14:39:21Z |
| mal-2024-11010 | Malicious code in string-process-mate (npm) | 2024-11-27T00:02:44Z | 2024-12-09T14:39:22Z |
| mal-2024-11015 | Malicious code in updasolara (npm) | 2024-11-27T00:05:27Z | 2024-12-09T14:39:22Z |
| mal-2024-11016 | Malicious code in updsolara (npm) | 2024-11-27T00:05:27Z | 2024-12-09T14:39:22Z |
| mal-2024-10972 | Malicious code in eslint-plugin-locale (npm) | 2024-11-27T00:10:30Z | 2024-12-09T14:39:21Z |
| mal-2024-10975 | Malicious code in fulfillment-portal-common (npm) | 2024-11-27T00:10:30Z | 2024-12-09T14:39:21Z |
| mal-2024-10983 | Malicious code in json-tree-preview (npm) | 2024-11-27T00:10:30Z | 2024-12-09T14:39:22Z |
| mal-2024-10992 | Malicious code in onboarding-ops (npm) | 2024-11-27T00:10:31Z | 2024-12-09T14:39:22Z |
| mal-2024-11005 | Malicious code in shopee-ui-react4 (npm) | 2024-11-27T00:10:31Z | 2024-12-09T14:39:22Z |
| mal-2024-11007 | Malicious code in ssc-mobile-ui-react (npm) | 2024-11-27T00:10:31Z | 2024-12-09T14:39:22Z |
| mal-2024-11013 | Malicious code in tracking-wtf (npm) | 2024-11-27T00:10:31Z | 2024-12-09T14:39:22Z |
| mal-2024-11018 | Malicious code in web_enhance_sap-stable (npm) | 2024-11-27T00:10:31Z | 2024-12-09T14:39:22Z |
| mal-2024-11000 | Malicious code in refocus-logging (npm) | 2024-11-27T00:11:59Z | 2024-12-09T14:39:22Z |
| mal-2024-10987 | Malicious code in monorepo-release-cli (npm) | 2024-11-27T00:13:29Z | 2024-12-09T14:39:22Z |
| mal-2024-10993 | Malicious code in patch-package-lucky-video (npm) | 2024-11-27T00:13:29Z | 2024-12-09T14:39:22Z |
| mal-2024-10997 | Malicious code in rc-tabs-new (npm) | 2024-11-27T00:13:29Z | 2024-12-09T14:39:22Z |
| mal-2024-10999 | Malicious code in react-pro-components-next (npm) | 2024-11-27T00:13:29Z | 2024-12-09T14:39:22Z |
| mal-2024-11001 | Malicious code in scan-cli (npm) | 2024-11-27T00:13:29Z | 2024-12-09T14:39:22Z |
| mal-2024-11003 | Malicious code in seller-base.environment (npm) | 2024-11-27T00:13:29Z | 2024-12-09T14:39:22Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2012:0135 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2012-02-14T23:37:00+00:00 | 2025-11-08T03:18:50+00:00 |
| rhsa-2012:0139 | Red Hat Security Advisory: java-1.6.0-sun security update | 2012-02-16T18:52:00+00:00 | 2025-11-08T03:18:50+00:00 |
| rhsa-2012:0144 | Red Hat Security Advisory: flash-plugin security update | 2012-02-17T10:54:00+00:00 | 2025-11-08T03:18:52+00:00 |
| rhsa-2012:0151 | Red Hat Security Advisory: conga security, bug fix, and enhancement update | 2012-02-21T02:22:00+00:00 | 2025-11-08T03:18:53+00:00 |
| rhsa-2012:0322 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2012-02-21T21:57:00+00:00 | 2025-11-08T03:18:55+00:00 |
| rhsa-2012:0343 | Red Hat Security Advisory: java-1.4.2-ibm-sap security update | 2012-02-29T14:46:00+00:00 | 2025-11-08T03:18:55+00:00 |
| rhsa-2012:0359 | Red Hat Security Advisory: flash-plugin security update | 2012-03-06T17:11:00+00:00 | 2025-11-08T03:18:56+00:00 |
| rhsa-2012:0421 | Red Hat Security Advisory: rhevm security and bug fix update | 2012-03-26T15:16:00+00:00 | 2025-11-08T03:18:58+00:00 |
| rhsa-2012:0434 | Red Hat Security Advisory: flash-plugin security update | 2012-03-29T07:41:00+00:00 | 2025-11-08T03:18:58+00:00 |
| rhsa-2012:0441 | Red Hat Security Advisory: JBoss Enterprise BRMS Platform 5.2.0 update | 2012-04-02T20:05:00+00:00 | 2025-11-08T03:18:58+00:00 |
| rhsa-2012:0469 | Red Hat Security Advisory: acroread security update | 2012-04-10T20:24:00+00:00 | 2025-11-08T03:19:03+00:00 |
| rhsa-2012:0508 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2012-04-23T16:52:00+00:00 | 2025-11-08T03:19:02+00:00 |
| rhsa-2012:0514 | Red Hat Security Advisory: java-1.6.0-ibm security update | 2012-04-24T19:32:00+00:00 | 2025-11-08T03:19:05+00:00 |
| rhsa-2012:0519 | Red Hat Security Advisory: JBoss Enterprise Portal Platform 5.2.1 update | 2012-04-25T02:03:00+00:00 | 2025-11-08T03:19:08+00:00 |
| rhsa-2012:0547 | Red Hat Security Advisory: php53 security update | 2012-05-07T18:23:00+00:00 | 2025-11-06T22:21:10+00:00 |
| rhsa-2012:0546 | Red Hat Security Advisory: php security update | 2012-05-07T18:28:00+00:00 | 2025-11-06T22:21:10+00:00 |
| rhsa-2012:0569 | Red Hat Security Advisory: php53 security update | 2012-05-10T15:17:00+00:00 | 2025-11-06T22:21:12+00:00 |
| rhsa-2012:0568 | Red Hat Security Advisory: php security update | 2012-05-10T15:29:00+00:00 | 2025-11-06T22:21:14+00:00 |
| rhsa-2012:0570 | Red Hat Security Advisory: php security update | 2012-05-11T17:34:00+00:00 | 2025-11-06T22:21:12+00:00 |
| rhsa-2012:0688 | Red Hat Security Advisory: flash-plugin security update | 2012-05-23T08:45:00+00:00 | 2025-11-08T03:19:10+00:00 |
| rhsa-2012:0702 | Red Hat Security Advisory: java-1.4.2-ibm security update | 2012-05-30T16:09:00+00:00 | 2025-11-08T03:19:13+00:00 |
| rhsa-2012:0722 | Red Hat Security Advisory: flash-plugin security update | 2012-06-12T12:53:00+00:00 | 2025-11-08T03:29:32+00:00 |
| rhsa-2012:0725 | Red Hat Security Advisory: JBoss Operations Network 3.1.0 update | 2012-06-12T23:19:00+00:00 | 2025-11-08T03:27:25+00:00 |
| rhsa-2012:0729 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2012-06-13T13:04:00+00:00 | 2025-11-08T03:19:13+00:00 |
| rhsa-2012:0730 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2012-06-13T13:06:00+00:00 | 2025-11-08T03:19:15+00:00 |
| rhsa-2012:0731 | Red Hat Security Advisory: expat security update | 2012-06-13T13:56:00+00:00 | 2025-11-08T03:19:16+00:00 |
| rhsa-2012:0734 | Red Hat Security Advisory: java-1.6.0-sun security update | 2012-06-13T20:00:00+00:00 | 2025-11-08T03:19:21+00:00 |
| rhsa-2012:1019 | Red Hat Security Advisory: java-1.7.0-oracle security update | 2012-06-20T11:35:00+00:00 | 2025-11-08T03:19:19+00:00 |
| rhsa-2012:1009 | Red Hat Security Advisory: java-1.7.0-openjdk security and bug fix update | 2012-06-20T11:38:00+00:00 | 2025-11-08T03:19:17+00:00 |
| rhsa-2012:1056 | Red Hat Security Advisory: resteasy security update | 2012-07-05T19:19:00+00:00 | 2025-11-08T03:19:20+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2019-12749 | dbus before 1.10.28 1.12.x before 1.12.16 and 1.13.x before 1.13.12 as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some less common uses of dbus-daemon) allows cookie spoofing because of symlink mishandling in the reference implementation of DBUS_COOKIE_SHA1 in the libdbus library. (This only affects the DBUS_COOKIE_SHA1 authentication mechanism.) A malicious client with write access to its own home directory could manipulate a ~/.dbus-keyrings symlink to cause a DBusServer with a different uid to read and write in unintended locations. In the worst case this could result in the DBusServer reusing a cookie that is known to the malicious client and treating that cookie as evidence that a subsequent client connection came from an attacker-chosen uid allowing authentication bypass. | 2019-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2019-12855 | In words.protocols.jabber.xmlstream in Twisted through 19.2.1 XMPP support did not verify certificates when used with TLS allowing an attacker to MITM connections. | 2019-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2019-12900 | BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. | 2019-06-02T00:00:00.000Z | 2022-06-28T00:00:00.000Z |
| msrc_cve-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-13012 | The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir NULL NULL) and files using g_file_replace_contents (kfsb->file contents length NULL FALSE G_FILE_CREATE_REPLACE_DESTINATION NULL NULL NULL). Consequently it does not properly restrict directory (and file) permissions. Instead for directories 0777 permissions are used; for files default file permissions are used. This is similar to CVE-2019-12450. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-13045 | Irssi has a use after free when sending SASL login to the server | 2019-06-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2019-9755 | An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow resulting in a crash or the ability to execute arbitrary code. In installations where /bin/ntfs-3g is a setuid-root binary this could lead to a local escalation of privileges. | 2019-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2017-12652 | libpng before 1.6.32 does not properly check the length of chunks against the user limit. | 2019-07-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2019-1010180 | GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet. | 2019-07-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2019-1010238 | Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. | 2019-07-02T00:00:00.000Z | 2022-04-07T00:00:00.000Z |
| msrc_cve-2019-10638 | In the Linux kernel before 5.1.7 a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g. UDP and ICMP). When such traffic is sent to multiple destination IP addresses it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. | 2019-07-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| msrc_cve-2019-13232 | Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container leading to denial of service (resource consumption) aka a "better zip bomb" issue. | 2019-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-13504 | There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 through 0.27.2. | 2019-07-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2019-13509 | In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10) Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. | 2019-07-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2019-13636 | In GNU patch through 2.7.6 the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. | 2019-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-13638 | GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. | 2019-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-14192 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. | 2019-07-02T00:00:00.000Z | 2025-09-04T05:15:40.000Z |
| msrc_cve-2019-14193 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. | 2019-07-02T00:00:00.000Z | 2025-09-03T22:33:58.000Z |
| msrc_cve-2019-14194 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case. | 2019-07-02T00:00:00.000Z | 2025-09-04T04:41:53.000Z |
| msrc_cve-2019-14195 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length. | 2019-07-02T00:00:00.000Z | 2025-09-04T02:20:01.000Z |
| msrc_cve-2019-14196 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. | 2019-07-02T00:00:00.000Z | 2025-09-04T02:36:43.000Z |
| msrc_cve-2019-14197 | An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. | 2019-07-02T00:00:00.000Z | 2025-09-03T22:13:52.000Z |
| msrc_cve-2019-14198 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case. | 2019-07-02T00:00:00.000Z | 2025-09-04T05:33:49.000Z |
| msrc_cve-2019-14199 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call. | 2019-07-02T00:00:00.000Z | 2025-09-04T04:30:22.000Z |
| msrc_cve-2019-14200 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. | 2019-07-02T00:00:00.000Z | 2025-09-04T05:40:11.000Z |
| msrc_cve-2019-14201 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. | 2019-07-02T00:00:00.000Z | 2025-09-04T04:35:28.000Z |
| msrc_cve-2019-14202 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. | 2019-07-02T00:00:00.000Z | 2025-09-04T02:25:42.000Z |
| msrc_cve-2019-14203 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. | 2019-07-02T00:00:00.000Z | 2025-09-03T22:42:12.000Z |
| msrc_cve-2019-14204 | An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. | 2019-07-02T00:00:00.000Z | 2025-09-04T02:52:16.000Z |
| msrc_cve-2019-14249 | dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service | 2019-07-02T00:00:00.000Z | 2025-09-03T20:23:20.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000055 | Blogn vulnerable to cross-site scripting | 2008-09-02T17:22+09:00 | 2008-09-02T17:22+09:00 |
| jvndb-2008-001575 | Fujitsu Interstage Application Server Single Sign-On Buffer Overflow Vulnerability | 2008-09-03T12:33+09:00 | 2008-09-03T12:33+09:00 |
| jvndb-2008-001576 | Fujitsu Interstage Application Server Interstage Management Console Arbitrary File Read/Delete Vulnerability | 2008-09-03T12:34+09:00 | 2012-02-15T18:13+09:00 |
| jvndb-2008-001584 | Hitachi JP1/File Transmission Server/FTP Transmission Failure Problem | 2008-09-05T12:23+09:00 | 2008-09-05T12:23+09:00 |
| jvndb-2008-001585 | Hitachi JP1/File Transmission Server/FTP Unauthorized File Permission Change Vulnerability | 2008-09-05T12:24+09:00 | 2008-09-05T12:24+09:00 |
| jvndb-2008-000052 | Webservice-DIC shop_v50 and shop_v52 vulnerable to cross-site scripting | 2008-09-08T17:01+09:00 | 2008-09-08T17:01+09:00 |
| jvndb-2008-001613 | Fujitsu Interstage Application Server Access Control Update Problem | 2008-09-09T16:21+09:00 | 2008-09-09T16:21+09:00 |
| jvndb-2008-001614 | JP1/NETM/DM SubManager and JP1/NETM/DM Client Process Termination Vulnerability | 2008-09-09T16:21+09:00 | 2008-09-09T16:21+09:00 |
| jvndb-2008-000056 | Movable Type vulnerable to cross-site scripting | 2008-09-10T11:28+09:00 | 2008-09-10T11:28+09:00 |
| jvndb-2008-000057 | Sound Master 2nd from High Norm vulnerable to cross-site scripting | 2008-09-10T11:28+09:00 | 2008-09-10T11:28+09:00 |
| jvndb-2008-000058 | Multiple Tor World CGI scripts vulnerable to arbitrary script execution | 2008-09-18T11:48+09:00 | 2008-09-18T11:48+09:00 |
| jvndb-2008-001647 | Jasmine WebLink Template Multiple Vulnerabilities | 2008-09-18T11:48+09:00 | 2009-03-30T14:29+09:00 |
| jvndb-2008-000059 | Kantan WEB Server directory traversal vulnerability | 2008-09-22T12:26+09:00 | 2008-09-22T12:26+09:00 |
| jvndb-2008-000060 | Kantan WEB Server cross-site scripting vulnerability | 2008-09-22T12:26+09:00 | 2008-09-22T12:26+09:00 |
| jvndb-2008-001665 | Data Transfer Control Process Cessation Issue in XFIT/S/JCA and XFIT/S/ZGN | 2008-09-24T12:03+09:00 | 2008-09-24T12:03+09:00 |
| jvndb-2008-000061 | phpMyAdmin cross-site scripting vulnerability | 2008-09-26T16:37+09:00 | 2008-09-26T16:37+09:00 |
| jvndb-2008-000064 | EC-CUBE cross-site scripting vulnerability | 2008-10-01T16:31+09:00 | 2008-10-01T16:31+09:00 |
| jvndb-2008-000065 | EC-CUBE vulnerable to SQL injection | 2008-10-01T16:31+09:00 | 2008-10-01T16:31+09:00 |
| jvndb-2008-000062 | EC-CUBE cross-site scripting vulnerability | 2008-10-01T16:32+09:00 | 2008-10-01T16:32+09:00 |
| jvndb-2008-000063 | EC-CUBE cross-site scripting vulnerability | 2008-10-01T16:32+09:00 | 2008-10-01T16:32+09:00 |
| jvndb-2008-000066 | Nucleus EUC-JP Japanese Edition vulnerable to cross-site scripting | 2008-10-06T15:24+09:00 | 2008-10-06T15:24+09:00 |
| jvndb-2008-000069 | Apache Tomcat allows access from a non-permitted IP address | 2008-10-10T15:44+09:00 | 2009-07-08T11:38+09:00 |
| jvndb-2008-000073 | Blosxom vulnerable to cross-site scripting | 2008-10-20T17:30+09:00 | 2008-10-20T17:30+09:00 |
| jvndb-2008-000068 | hisa_cart information disclosure vulnerability | 2008-10-21T19:25+09:00 | 2008-10-21T19:25+09:00 |
| jvndb-2008-000072 | Movable Type cross-site scripting vulnerability | 2008-10-21T19:25+09:00 | 2011-05-31T10:57+09:00 |
| jvndb-2008-000070 | Internet Explorer vulnerable in handling CDO protocol | 2008-10-22T17:49+09:00 | 2008-10-22T17:49+09:00 |
| jvndb-2008-000071 | MyNETS cross-site scripting vulnerability | 2008-10-22T17:49+09:00 | 2008-10-22T17:49+09:00 |
| jvndb-2008-000074 | Snoopy command injection vulnerability | 2008-10-28T15:34+09:00 | 2008-11-28T13:54+09:00 |
| jvndb-2008-001778 | BrightStor ARCserve and eTrust Antivirus Arbitrary Code Execution Vulnerability | 2008-10-30T12:19+09:00 | 2008-10-30T12:19+09:00 |
| jvndb-2008-001779 | CA ARCserver Backup and CA ARCserve Backup Client Agent Denial of Service (DoS) Vulnerability | 2008-10-30T12:20+09:00 | 2008-10-30T12:20+09:00 |
| ID | Description | Updated |
|---|