Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-cw7c-4r65-xf9h | Integer overflow in computing the required allocation size when instantiating a new javascript obje… | 2022-05-13T01:20:24Z | 2025-10-22T00:31:36Z |
| ghsa-5cv8-848m-hmm2 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in… | 2022-05-13T01:20:41Z | 2025-10-22T00:31:35Z |
| ghsa-wgw2-wwq8-c7wf | ChakraCore RCE Vulnerability | 2022-05-13T01:20:46Z | 2025-10-22T17:37:09Z |
| ghsa-9qm8-3m9q-ghgq | A remote code execution vulnerability exists in the way that the scripting engine handles objects i… | 2022-05-13T01:20:49Z | 2025-10-22T00:31:36Z |
| ghsa-3vmp-cf5x-w457 | An elevation of privilege vulnerability exists when Windows improperly handles authentication reque… | 2022-05-13T01:21:15Z | 2025-10-22T00:31:37Z |
| ghsa-49rq-p3m9-2cqc | An information disclosure vulnerability exists when Internet Explorer improperly handles objects in… | 2022-05-13T01:21:29Z | 2025-10-22T00:31:37Z |
| ghsa-4363-m599-g24f | An information disclosure vulnerability exists in the way that the Windows SMB Server handles certa… | 2022-05-13T01:21:30Z | 2025-10-22T00:31:37Z |
| ghsa-x6vm-vfwq-m3w7 | A remote code execution vulnerability exists in the way that the scripting engine handles objects i… | 2022-05-13T01:21:31Z | 2025-10-22T00:31:38Z |
| ghsa-74qg-858w-vpcj | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-13T01:21:35Z | 2025-10-22T00:31:37Z |
| ghsa-6h99-5j8v-7r3p | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-13T01:21:36Z | 2025-10-22T00:31:38Z |
| ghsa-8wc3-99q7-2qvc | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-13T01:21:36Z | 2025-10-22T00:31:37Z |
| ghsa-wqq2-j7vf-7rw9 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) impro… | 2022-05-13T01:21:38Z | 2025-10-22T00:31:38Z |
| ghsa-vgp9-2hhf-fp9r | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-13T01:21:41Z | 2025-10-22T00:31:38Z |
| ghsa-jr78-hfw4-xp7g | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, … | 2022-05-13T01:22:35Z | 2025-12-18T15:30:24Z |
| ghsa-mv2j-4mm8-9xgv | In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a maliciou… | 2022-05-13T01:22:35Z | 2025-12-18T15:30:24Z |
| ghsa-fj6p-rwp3-vrrh | A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improve… | 2022-05-13T01:22:38Z | 2025-10-22T00:31:37Z |
| ghsa-hg7f-3vww-rc69 | The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote … | 2022-05-13T01:22:40Z | 2025-11-04T00:30:29Z |
| ghsa-3gx6-h57h-rm27 | Drupal Core Remote Code Execution Vulnerability | 2022-05-13T01:22:41Z | 2025-10-22T17:40:41Z |
| ghsa-4rg3-754f-rcrq | Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | 2022-05-13T01:22:48Z | 2025-10-22T00:31:37Z |
| ghsa-xwpg-vm43-3qwm | The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properl… | 2022-05-13T01:23:13Z | 2025-10-22T03:30:37Z |
| ghsa-92x6-4gf8-7hcj | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol i… | 2022-05-13T01:23:34Z | 2025-10-22T03:30:29Z |
| ghsa-g37w-qg7v-7fjq | A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cis… | 2022-05-13T01:24:13Z | 2025-10-22T00:31:19Z |
| ghsa-6g39-9vj5-c7xv | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 thr… | 2022-05-13T01:24:42Z | 2025-10-22T00:31:23Z |
| ghsa-3686-jjcf-4w27 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have… | 2022-05-13T01:25:01Z | 2024-08-28T18:31:52Z |
| ghsa-x2fw-rj3g-6m95 | In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname vi… | 2022-05-13T01:25:25Z | 2025-12-03T21:30:55Z |
| ghsa-ccm6-q86p-2hwx | The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE throug… | 2022-05-13T01:26:06Z | 2025-10-22T00:31:17Z |
| ghsa-29rm-6752-gvwv | Code execution in Apache Struts 1 plugin | 2022-05-13T01:26:13Z | 2025-10-22T17:32:23Z |
| ghsa-237x-ggj9-vvhf | The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before… | 2022-05-13T01:26:33Z | 2025-10-22T00:31:37Z |
| ghsa-v6m4-3gv6-q4jx | The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS … | 2022-05-13T01:26:33Z | 2025-10-22T00:31:36Z |
| ghsa-vv86-whxx-rv84 | The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS … | 2022-05-13T01:26:33Z | 2025-10-22T00:31:36Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-13014 | N/A | The White Board protocol parser in tcpdump before… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.227Z |
| cve-2017-13015 | N/A | The EAP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.360Z |
| cve-2017-13016 | N/A | The ISO ES-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.491Z |
| cve-2017-13017 | N/A | The DHCPv6 parser in tcpdump before 4.9.2 has a b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.621Z |
| cve-2017-13019 | N/A | The PGM parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.747Z |
| cve-2017-13020 | N/A | The VTP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:47.144Z |
| cve-2017-13021 | N/A | The ICMPv6 parser in tcpdump before 4.9.2 has a b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:17:04.399Z |
| cve-2017-13022 | N/A | The IP parser in tcpdump before 4.9.2 has a buffe… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:17:21.300Z |
| cve-2017-13024 | N/A | The IPv6 mobility parser in tcpdump before 4.9.2 … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:17:42.690Z |
| cve-2017-13025 | N/A | The IPv6 mobility parser in tcpdump before 4.9.2 … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:18:06.980Z |
| cve-2017-13027 | N/A | The LLDP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-05T14:53:01.960Z |
| cve-2017-13028 | N/A | The BOOTP parser in tcpdump before 4.9.2 has a bu… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:18:25.339Z |
| cve-2017-13031 | N/A | The IPv6 fragmentation header parser in tcpdump b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:15:46.162Z |
| cve-2017-13034 | N/A | The PGM parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:16:23.631Z |
| cve-2017-13035 | N/A | The ISO IS-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:16:42.287Z |
| cve-2017-13037 | N/A | The IP parser in tcpdump before 4.9.2 has a buffe… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-05T14:53:37.416Z |
| cve-2017-13038 | N/A | The PPP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:56:30.195Z |
| cve-2017-13040 | N/A | The MPTCP parser in tcpdump before 4.9.2 has a bu… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:53:34.993Z |
| cve-2017-13041 | N/A | The ICMPv6 parser in tcpdump before 4.9.2 has a b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:53:14.473Z |
| cve-2017-13045 | N/A | The VQP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:50:43.984Z |
| cve-2017-13047 | N/A | The ISO ES-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:50:22.338Z |
| cve-2017-13048 | N/A | The RSVP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:50:00.550Z |
| cve-2017-13050 | N/A | The RPKI-Router parser in tcpdump before 4.9.2 ha… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:42:53.849Z |
| cve-2017-13053 | N/A | The BGP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:41:51.992Z |
| cve-2017-13054 | N/A | The LLDP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:41:02.992Z |
| cve-2017-13055 | N/A | The ISO IS-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:39:53.146Z |
| cve-2017-13687 | N/A | The Cisco HDLC parser in tcpdump before 4.9.2 has… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:35:48.307Z |
| cve-2017-13688 | N/A | The OLSR parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:23:45.484Z |
| cve-2017-13689 | N/A | The IKEv1 parser in tcpdump before 4.9.2 has a bu… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:21:38.055Z |
| cve-2017-9805 | N/A | The REST Plugin in Apache Struts 2.1.1 through 2.… |
Apache Software Foundation |
Apache Struts |
2017-09-15T19:00:00.000Z | 2025-10-21T23:55:34.589Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-0143 | N/A | The SMBv1 server in Microsoft Windows Vista SP2; … |
Microsoft Corporation |
Windows SMB |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:44.821Z |
| cve-2017-0144 | N/A | The SMBv1 server in Microsoft Windows Vista SP2; … |
Microsoft Corporation |
Windows SMB |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:44.676Z |
| cve-2017-0145 | N/A | The SMBv1 server in Microsoft Windows Vista SP2; … |
Microsoft Corporation |
Windows SMB |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:44.516Z |
| cve-2017-0146 | N/A | The SMBv1 server in Microsoft Windows Vista SP2; … |
Microsoft Corporation |
Windows SMB |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:44.319Z |
| cve-2017-0147 | N/A | The SMBv1 server in Microsoft Windows Vista SP2; … |
Microsoft Corporation |
Windows SMB |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:44.104Z |
| cve-2017-0148 | N/A | The SMBv1 server in Microsoft Windows Vista SP2; … |
Microsoft Corporation |
Windows SMB |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:43.849Z |
| cve-2017-0149 | N/A | Microsoft Internet Explorer 9 through 11 allow re… |
Microsoft Corporation |
Internet Explorer |
2017-03-17T00:00:00.000Z | 2025-10-21T23:55:43.703Z |
| cve-2017-3881 | N/A | A vulnerability in the Cisco Cluster Management P… |
n/a |
Cisco IOS and IOS XE Software |
2017-03-17T22:00:00.000Z | 2025-10-21T23:55:43.556Z |
| cve-2017-7269 | N/A | Buffer overflow in the ScStoragePathFromUrl funct… |
n/a |
n/a |
2017-03-27T01:55:00.000Z | 2025-10-21T23:55:43.335Z |
| cve-2014-3931 | N/A | fastping.c in MRLG (aka Multi-Router Looking Glas… |
n/a |
n/a |
2017-03-31T15:00:00.000Z | 2025-10-21T23:55:43.153Z |
| cve-2014-9114 | N/A | Blkid in util-linux before 2.26rc-1 allows local … |
n/a |
n/a |
2017-03-31T15:00:00.000Z | 2025-12-04T20:21:07.498Z |
| cve-2017-5950 | N/A | The SingleDocParser::HandleNode function in yaml-… |
n/a |
n/a |
2017-04-03T05:44:00.000Z | 2025-11-03T21:44:04.287Z |
| cve-2017-6884 | N/A | A command injection vulnerability was discovered … |
n/a |
n/a |
2017-04-06T17:00:00.000Z | 2025-10-21T23:55:42.908Z |
| cve-2016-8735 | N/A | Remote code execution is possible with Apache Tom… |
Apache Software Foundation |
Apache Tomcat |
2017-04-06T21:00:00.000Z | 2025-10-21T23:55:42.758Z |
| cve-2017-0199 | N/A | Microsoft Office 2007 SP3, Microsoft Office 2010 … |
Microsoft Corporation |
Office/WordPad |
2017-04-12T14:00:00.000Z | 2025-10-21T23:55:42.609Z |
| cve-2017-0210 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft Corporation |
Internet Explorer |
2017-04-12T14:00:00.000Z | 2025-10-21T23:55:42.425Z |
| cve-2017-7938 | N/A | Stack-based buffer overflow in DMitry (Deepmagic … |
n/a |
n/a |
2017-04-20T00:00:00.000Z | 2025-11-03T21:44:05.774Z |
| cve-2016-1555 | N/A | (1) boardData102.php, (2) boardData103.php, (3) b… |
n/a |
n/a |
2017-04-21T15:00:00.000Z | 2025-10-21T23:55:42.264Z |
| cve-2017-3506 | N/A | Vulnerability in the Oracle WebLogic Server compo… |
Oracle Corporation |
WebLogic Server |
2017-04-24T19:00:00.000Z | 2025-10-21T23:55:42.100Z |
| cve-2017-5030 | N/A | Incorrect handling of complex species in V8 in Go… |
n/a |
Google Chrome prior to 57.0.2987.98 for Linux, Windows and Mac, and 57.0.2987.108 for Android |
2017-04-24T23:00:00.000Z | 2025-10-21T23:55:41.948Z |
| cve-2017-8291 | N/A | Artifex Ghostscript through 2017-04-26 allows -dS… |
n/a |
n/a |
2017-04-27T01:41:00.000Z | 2025-10-21T23:55:41.773Z |
| cve-2017-3066 | N/A | Adobe ColdFusion 2016 Update 3 and earlier, ColdF… |
n/a |
Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier |
2017-04-27T14:00:00.000Z | 2025-10-21T23:55:41.607Z |
| cve-2017-6519 | N/A | avahi-daemon in Avahi through 0.6.32 and 0.7 inad… |
n/a |
n/a |
2017-05-01T01:00:00.000Z | 2025-12-03T21:57:30.030Z |
| cve-2017-5689 | N/A | An unprivileged network attacker could gain syste… |
Intel Corporation |
Intel Active Mangement Technology, Intel Small Business Technology, Intel Standard Manageability |
2017-05-02T14:00:00.000Z | 2025-10-21T23:55:41.384Z |
| cve-2017-8872 | N/A | The htmlParseTryOrFinish function in HTMLparser.c… |
n/a |
n/a |
2017-05-10T05:14:00.000Z | 2025-12-17T21:59:08.413Z |
| cve-2017-0213 | N/A | Windows COM Aggregate Marshaler in Microsoft Wind… |
Microsoft Corporation |
Windows COM |
2017-05-12T14:00:00.000Z | 2025-10-21T23:55:41.209Z |
| cve-2017-0222 | N/A | A remote code execution vulnerability exists when… |
Microsoft Corporation |
Internet Explorer |
2017-05-12T14:00:00.000Z | 2025-10-21T23:55:41.048Z |
| cve-2017-0261 | N/A | Microsoft Office 2010 SP2, Office 2013 SP1, and O… |
Microsoft Corporation |
Microsoft Office |
2017-05-12T14:00:00.000Z | 2025-10-21T23:55:40.908Z |
| cve-2017-0262 | N/A | Microsoft Office 2010 SP2, Office 2013 SP1, and O… |
Microsoft Corporation |
Microsoft Office |
2017-05-12T14:00:00.000Z | 2025-10-21T23:55:40.758Z |
| cve-2017-0263 | N/A | The kernel-mode drivers in Microsoft Windows Serv… |
Microsoft Corporation |
Microsoft Windows |
2017-05-12T14:00:00.000Z | 2025-10-21T23:55:40.588Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-c0ec3a275b2dad82 | Malicious code in ehtereum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c1d045ca67219f42 | Malicious code in openswa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c3824bc3b633857c | Malicious code in opensear (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c3b127427ae6a4b3 | Malicious code in wweb (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c3b636cf5518ea10 | Malicious code in weeb3-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c3dda4e785aabae3 | Malicious code in etherreeum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c4a270dc87cd0b39 | Malicious code in openswa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c4bf9624fac1227c | Malicious code in opensead (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c5c30539f9c5b56e | Malicious code in openae (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c6a74298ecb01a05 | Malicious code in wweb (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c758eb9b3184dabb | Malicious code in webt3 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-c7de5362ffbeb298 | Malicious code in 3web-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-cbec132112d30adb | Malicious code in openwsaa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-ccf4bd72b94d06a7 | Malicious code in web3q (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-cdd7213d15b431f5 | Malicious code in oopensea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-ce2ef2e6d0fa6157 | Malicious code in etheeruum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-ce368bb4fa1e8c35 | Malicious code in opensesa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-ce407c0de96eb20c | Malicious code in bussardweg4av3 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-ce5ffe68ab33a0b4 | Malicious code in etheriuim (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-ce9cfaf68e404f59 | Malicious code in web3-0py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-cee6f7d6f5c5c6c5 | Malicious code in oenwea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-cf2b8b1a3611343f | Malicious code in etheruim (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-cfc016141a34ac83 | Malicious code in wev3-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-cfd7aee35b54e7b9 | Malicious code in web3-po (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-d07954f1304eb885 | Malicious code in openwsea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-d15a9c585b66c78c | Malicious code in oopenwea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-d206a0f4e641fefb | Malicious code in oenwsea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-d32ac586dc930e07 | Malicious code in etherriuumm (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-d3ad87c1be7c19dd | Malicious code in etherium (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-d4d06f49d7fb37cf | Malicious code in pythkn (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2701 | xwiki (XJetty): Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2703 | Zabbix: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2706 | Python: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-01T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2711 | Android Patchday Dezember 2025: Mehrere Schwachstellen | 2025-12-01T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2717 | Django: Mehrere Schwachstellen | 2025-12-02T23:00:00.000+00:00 | 2025-12-02T23:00:00.000+00:00 |
| wid-sec-w-2025-2718 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-12-02T23:00:00.000+00:00 | 2025-12-15T23:00:00.000+00:00 |
| wid-sec-w-2025-2729 | WebKitGTK: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-02T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2730 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-02T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2737 | libpng: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2025-12-03T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2738 | Vercel Next.js und React Server Components (React2Shell): Schwachstelle ermöglicht Codeausführung | 2025-12-03T23:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2741 | cPython: Schwachstelle ermöglicht Denial of Service | 2025-12-03T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2746 | IBM InfoSphere Information Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2747 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-04T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2750 | Apache HTTP Server: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2751 | WebKitGTK: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2756 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-07T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2789 | Adobe Experience Manager: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-10T23:00:00.000+00:00 |
| wid-sec-w-2025-2798 | Red Hat OpenShift Service Mesh: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2812 | Mozilla Firefox: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2814 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2825 | MediaWiki: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2830 | Red Hat Enterprise Linux (libsoup): Schwachstelle ermöglicht Denial of Service | 2025-12-11T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2840 | Exim: Schwachstelle ermöglicht Codeausführung | 2025-12-14T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2846 | strongSwan (NetworkManager-Plugin): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-14T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2849 | Red Hat Enterprise Linux (Keylime): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-15T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2854 | Roundcube: Mehrere Schwachstellen | 2025-12-15T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2857 | Apache Commons Text: Schwachstelle ermöglicht Codeausführung | 2025-12-16T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2858 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2860 | JetBrains TeamCity: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2866 | Dropbear SSH: Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-416652 | SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2004:053 | Red Hat Security Advisory: sysstat security update | 2004-03-10T20:02:00+00:00 | 2025-11-21T17:27:00+00:00 |
| rhsa-2004:072 | Red Hat Security Advisory: nfs-utils security update | 2004-03-11T09:01:00+00:00 | 2025-11-21T17:27:04+00:00 |
| rhsa-2004:119 | Red Hat Security Advisory: openssl security update | 2004-03-17T12:31:00+00:00 | 2025-11-21T17:27:10+00:00 |
| rhsa-2004:120 | Red Hat Security Advisory: openssl security update | 2004-03-17T13:58:00+00:00 | 2025-11-21T17:27:13+00:00 |
| rhsa-2004:139 | Red Hat Security Advisory: apache, openssl security update for Stronghold | 2004-03-17T17:20:00+00:00 | 2025-11-21T17:27:13+00:00 |
| rhsa-2004:121 | Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities | 2004-03-17T22:23:00+00:00 | 2025-11-21T17:27:11+00:00 |
| rhsa-2004:112 | Red Hat Security Advisory: : Updated Mozilla packages fix security issues | 2004-03-17T22:53:00+00:00 | 2025-11-21T17:27:10+00:00 |
| rhsa-2004:084 | Red Hat Security Advisory: httpd security update | 2004-03-23T09:54:00+00:00 | 2025-11-21T17:27:06+00:00 |
| rhsa-2004:134 | Red Hat Security Advisory: : Updated squid package fixes security vulnerability | 2004-03-29T07:10:00+00:00 | 2025-11-21T17:27:16+00:00 |
| rhsa-2004:136 | Red Hat Security Advisory: ethereal security update | 2004-03-30T17:06:00+00:00 | 2025-11-21T17:27:11+00:00 |
| rhsa-2004:137 | Red Hat Security Advisory: : Updated Ethereal packages fix security issues | 2004-03-31T08:37:00+00:00 | 2025-11-21T17:27:12+00:00 |
| rhsa-2004:133 | Red Hat Security Advisory: squid security update | 2004-04-14T13:58:00+00:00 | 2025-11-21T17:27:11+00:00 |
| rhsa-2004:153 | Red Hat Security Advisory: cvs security update | 2004-04-14T13:59:00+00:00 | 2025-11-21T17:27:13+00:00 |
| rhsa-2004:154 | Red Hat Security Advisory: : : : Updated CVS packages fix security issue | 2004-04-14T14:00:00+00:00 | 2025-11-21T17:27:14+00:00 |
| rhsa-2004:156 | Red Hat Security Advisory: mailman security update | 2004-04-14T14:00:00+00:00 | 2025-11-21T17:27:15+00:00 |
| rhsa-2004:157 | Red Hat Security Advisory: cadaver security update | 2004-04-14T14:00:00+00:00 | 2025-11-21T17:27:15+00:00 |
| rhsa-2004:158 | Red Hat Security Advisory: : Updated cadaver package fixes security vulnerability in neon | 2004-04-14T14:00:00+00:00 | 2025-11-21T17:27:15+00:00 |
| rhsa-2004:160 | Red Hat Security Advisory: openoffice.org security update | 2004-04-14T17:55:00+00:00 | 2025-11-21T17:27:16+00:00 |
| rhsa-2004:159 | Red Hat Security Advisory: : Updated Subversion packages fix security vulnerability in neon | 2004-04-15T09:23:00+00:00 | 2025-11-21T17:27:15+00:00 |
| rhsa-2004:166 | Red Hat Security Advisory: : Updated kernel packages resolve security vulnerabilities | 2004-04-21T15:03:00+00:00 | 2025-11-21T17:27:17+00:00 |
| rhsa-2004:152 | Red Hat Security Advisory: XFree86 security update | 2004-04-22T00:51:00+00:00 | 2025-11-21T17:27:13+00:00 |
| rhsa-2004:105 | Red Hat Security Advisory: kernel security update | 2004-04-22T01:08:00+00:00 | 2025-11-21T17:27:09+00:00 |
| rhsa-2004:106 | Red Hat Security Advisory: kernel security update | 2004-04-22T01:12:00+00:00 | 2025-11-21T17:27:09+00:00 |
| rhsa-2004:183 | Red Hat Security Advisory: kernel security update | 2004-04-22T18:58:00+00:00 | 2025-11-21T17:27:20+00:00 |
| rhsa-2004:179 | Red Hat Security Advisory: : An updated LHA package fixes security vulnerabilities | 2004-04-30T07:22:00+00:00 | 2025-11-21T17:27:19+00:00 |
| rhsa-2004:181 | Red Hat Security Advisory: : Updated libpng packages fix crash | 2004-04-30T19:31:00+00:00 | 2025-11-21T17:27:20+00:00 |
| rhsa-2004:163 | Red Hat Security Advisory: : Updated OpenOffice packages fix security vulnerability in neon | 2004-04-30T19:57:00+00:00 | 2025-11-21T17:27:17+00:00 |
| rhsa-2004:173 | Red Hat Security Advisory: : Updated mc packages resolve several vulnerabilities | 2004-04-30T20:32:00+00:00 | 2025-11-21T17:27:18+00:00 |
| rhba-2004:164 | Red Hat Bug Fix Advisory: Updated vsftpd package fixes signal handling bug | 2004-05-11T00:00:00+00:00 | 2025-11-21T17:20:45+00:00 |
| rhsa-2004:188 | Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 2 | 2004-05-12T01:07:00+00:00 | 2025-11-21T17:27:21+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2019-14250 | An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14274 | MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. | 2019-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file as demonstrated by readelf. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20969 | do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 but the ! syntax is specific to ed and is unrelated to a shell metacharacter. | 2019-08-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-13139 | In Docker before 18.09.4 an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs and results in command injection into the underlying "git clone" command leading to code execution in the context of the user executing the "docker build" command. This occurs because git ref can be misinterpreted as a flag. | 2019-08-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2019-15483 | Bolt before 3.6.10 has XSS via a title that is mishandled in the system log | 2019-08-02T00:00:00.000Z | 2025-10-01T23:11:02.000Z |
| msrc_cve-2019-15484 | Bolt before 3.6.10 has XSS via an image's alt or title field. | 2019-08-02T00:00:00.000Z | 2025-10-01T23:11:02.000Z |
| msrc_cve-2019-15485 | Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php | 2019-08-02T00:00:00.000Z | 2025-10-01T23:11:02.000Z |
| msrc_cve-2019-9516 | Some HTTP/2 implementations are vulnerable to a header leak potentially leading to a denial of service | 2019-08-02T00:00:00.000Z | 2020-11-11T00:00:00.000Z |
| msrc_cve-2019-14844 | A flaw was found in Fedora versions of krb5 from 1.16.1 to including 1.17.x in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. | 2019-09-02T00:00:00.000Z | 2021-10-15T00:00:00.000Z |
| msrc_cve-2019-1547 | ECDSA remote timing attack | 2019-09-02T00:00:00.000Z | 2025-09-04T00:10:29.000Z |
| msrc_cve-2019-15847 | The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example within a single execution of a program the output of every __builtin_darn() call may be the same. | 2019-09-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-15903 | In libexpat before 2.2.8 crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. | 2019-09-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2019-16168 | In SQLite through 3.29.0 whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field aka a "severe division by zero in the query planner." | 2019-09-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-16275 | hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range. | 2019-09-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2019-16276 | Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | 2019-09-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2019-16707 | Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. | 2019-09-02T00:00:00.000Z | 2025-09-04T03:53:50.000Z |
| msrc_cve-2019-16884 | runc through 1.0.0-rc8 as used in Docker through 19.03.2-ce and other products allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets and thus a malicious Docker image can mount over a /proc directory. | 2019-09-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2019-16910 | Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) | 2019-09-02T00:00:00.000Z | 2025-09-04T00:38:18.000Z |
| msrc_cve-2019-5094 | An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. | 2019-09-02T00:00:00.000Z | 2021-01-12T00:00:00.000Z |
| msrc_cve-2018-16301 | The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. | 2019-10-02T00:00:00.000Z | 2022-02-15T00:00:00.000Z |
| msrc_cve-2018-21029 | systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname validation does not have anything to do with this issue (i.e. there is no hostname to be sent) | 2019-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2019-0205 | In Apache Thrift all versions up to and including 0.12.0 a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0 depending on the installed version it affects only certain language bindings. | 2019-10-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| msrc_cve-2019-14959 | JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection. | 2019-10-02T00:00:00.000Z | 2025-10-01T23:11:02.000Z |
| msrc_cve-2019-16905 | OpenSSH 7.7 through 7.9 and 8.x before 8.1 when compiled with an experimental key type has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions and there is no supported way to enable it when building portable OpenSSH. | 2019-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2019-17362 | In LibTomCrypt through 1.18.2 the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. | 2019-10-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-17402 | Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp because there is no validation of the relationship of the total size to the offset and size. | 2019-10-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2019-17414 | tinylcy Vino through 2017-12-15 allows remote attackers to cause a denial of service ("vn_get_string error: Resource temporarily unavailable" error and daemon crash) via a long URL. | 2019-10-02T00:00:00.000Z | 2025-10-01T23:11:03.000Z |
| msrc_cve-2019-17450 | find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17451 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c as demonstrated by nm. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2008-000075 | EC-CUBE vulnerable to SQL injection | 2008-11-06T16:04+09:00 | 2009-06-25T15:44+09:00 |
| jvndb-2008-000076 | sISAPILocation vulnerability bypasses HTTP header rewrite function | 2008-11-10T13:29+09:00 | 2008-11-10T13:29+09:00 |
| jvndb-2008-000077 | GungHo LoadPrgAx vulnerable to arbitrary Java program execution | 2008-11-19T15:50+09:00 | 2008-11-19T15:50+09:00 |
| jvndb-2008-001877 | JP1/Integrated Management Service Support Cross-Site Scripting Vulnerability | 2008-11-21T10:16+09:00 | 2008-11-21T10:16+09:00 |
| jvndb-2008-000078 | CGI RESCUE MiniBBS2000 directory traversal vulnerability | 2008-11-26T17:50+09:00 | 2009-04-30T15:35+09:00 |
| jvndb-2008-001895 | JP1/VERITAS NetBackup JAVA Administration GUI Privilege Escalation Vulnerability | 2008-12-01T11:10+09:00 | 2008-12-01T11:10+09:00 |
| jvndb-2008-000079 | I-O DATA DEVICE HDL-F series cross-site request forgery vulnerability | 2008-12-02T15:50+09:00 | 2008-12-02T15:50+09:00 |
| jvndb-2008-000067 | Movable Type Enterprise cross-site scripting vulnerability | 2008-12-04T14:52+09:00 | 2008-12-04T14:52+09:00 |
| jvndb-2008-001910 | Groupmax Collaboration - Schedule Mis-scheduling Problem: Unintended Members Included When Reservations are Made by Secretary | 2008-12-05T11:34+09:00 | 2008-12-05T11:34+09:00 |
| jvndb-2008-001911 | Groupmax Workflow - Development Kit for Active Server Pages Cross-Site Scripting Vulnerability | 2008-12-05T11:35+09:00 | 2008-12-05T11:35+09:00 |
| jvndb-2008-000083 | Predictable session ID vulnerability in Access Analyzer CGI by futomi's CGI Cafe | 2008-12-17T15:30+09:00 | 2008-12-17T15:30+09:00 |
| jvndb-2008-000084 | PHP vulnerable to cross-site scripting | 2008-12-19T15:37+09:00 | 2010-10-19T17:40+09:00 |
| jvndb-2008-000085 | Mayaa cross-site scripting vulnerability | 2008-12-25T16:22+09:00 | 2008-12-25T16:22+09:00 |
| jvndb-2008-000086 | BlackJumboDog authentication bypass vulnerability | 2008-12-25T16:22+09:00 | 2008-12-25T16:22+09:00 |
| jvndb-2009-000001 | MyNETS cross-site scripting vulnerability | 2009-01-08T11:34+09:00 | 2009-01-08T11:34+09:00 |
| jvndb-2009-000003 | MODx cross-site scripting vulnerability | 2009-01-09T15:54+09:00 | 2009-01-09T15:54+09:00 |
| jvndb-2009-000004 | MODx cross-site request forgery vulnerability | 2009-01-09T15:54+09:00 | 2009-01-09T15:54+09:00 |
| jvndb-2009-000005 | MODx vulnerable to SQL injection | 2009-01-09T15:54+09:00 | 2009-01-09T15:54+09:00 |
| jvndb-2009-000002 | Movable Type Enterprise cross-site scripting vulnerability | 2009-01-13T18:50+09:00 | 2009-07-29T12:22+09:00 |
| jvndb-2009-000006 | Cisco IOS cross-site scripting vulnerability | 2009-01-15T19:14+09:00 | 2009-01-15T19:14+09:00 |
| jvndb-2009-000007 | Oracle WebLogic Server vulnerable to cross-site scripting | 2009-01-20T16:45+09:00 | 2009-01-20T16:45+09:00 |
| jvndb-2009-000008 | Fulltext search CGI vulnerability allows third party to gain administrative privileges | 2009-01-28T15:25+09:00 | 2009-01-28T15:25+09:00 |
| jvndb-2006-000992 | Multiple Vulnerabilities Concerning Hitachi Web Server | 2009-02-04T17:42+09:00 | 2014-05-22T18:03+09:00 |
| jvndb-2009-000011 | Becky! Internet Mail buffer overflow vulnerability | 2009-02-12T17:28+09:00 | 2009-02-12T17:28+09:00 |
| jvndb-2009-000009 | FAST ESP cross-site scripting vulnerability | 2009-02-17T11:55+09:00 | 2009-02-17T11:55+09:00 |
| jvndb-2009-001025 | Vulnerability allowing Viewing/Updating of Other Users' Information in Groupmax World Wide Web Desktop Version 6 | 2009-02-26T11:55+09:00 | 2009-02-26T11:55+09:00 |
| jvndb-2009-000010 | Apache Tomcat information disclosure vulnerability | 2009-02-26T15:28+09:00 | 2009-02-26T15:28+09:00 |
| jvndb-2009-001032 | JP1/Cm2/Network Node Manager Denial of Service (DoS) Vulnerability | 2009-03-02T17:38+09:00 | 2009-03-02T17:38+09:00 |
| jvndb-2009-001033 | Multiple Vulnerabilities in uCosminexus Portal Framework | 2009-03-02T17:38+09:00 | 2009-03-02T17:38+09:00 |
| jvndb-2009-000013 | PEAK XOOPS piCal cross-site scripting vulnerability | 2009-03-03T16:37+09:00 | 2009-03-03T16:37+09:00 |
| ID | Description | Updated |
|---|