Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-59p4-f6m8-9792 | A mechanism to bypass file system access protections in the sandbox using the file system request c… | 2022-05-13T01:46:10Z | 2025-11-25T18:32:08Z |
| ghsa-6x8m-8v22-j2h4 | The internal feed reader APIs that crossed the sandbox barrier allowed for a sandbox escape and esc… | 2022-05-13T01:46:10Z | 2025-11-25T18:32:07Z |
| ghsa-f5h5-w6rr-6gwm | Certain response codes in FTP connections can result in the use of uninitialized values for ports i… | 2022-05-13T01:46:10Z | 2025-11-25T18:32:07Z |
| ghsa-fmcr-2q62-c3m5 | dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticate… | 2022-05-13T01:46:30Z | 2025-10-22T00:31:18Z |
| ghsa-x45p-q5pf-h9jx | The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, w… | 2022-05-13T01:46:30Z | 2025-10-22T00:31:23Z |
| ghsa-3h3r-w377-6ffg | A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software… | 2022-05-13T01:46:43Z | 2025-10-22T00:31:24Z |
| ghsa-983c-fhxg-vvqr | The "Mark of the Web" was not correctly saved on Windows when files with very long names were downl… | 2022-05-13T01:47:08Z | 2025-11-25T18:32:08Z |
| ghsa-mcm9-29wj-77v9 | The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by … | 2022-05-13T01:47:08Z | 2025-11-25T18:32:08Z |
| ghsa-cfrv-hc6m-h3rp | The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files… | 2022-05-13T01:47:10Z | 2025-11-25T18:32:08Z |
| ghsa-jp88-jrm3-mr7m | An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated … | 2022-05-13T01:47:10Z | 2025-11-25T18:32:09Z |
| ghsa-w9c7-gp5q-hh44 | An attack using manipulation of "updater.ini" contents, used by the Mozilla Windows Updater, and pr… | 2022-05-13T01:47:10Z | 2025-11-25T18:32:08Z |
| ghsa-4g4m-5m32-4h55 | A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from… | 2022-05-13T01:47:11Z | 2025-11-25T18:32:10Z |
| ghsa-6465-6pfq-mj4h | When a page's content security policy (CSP) header contains a "sandbox" directive, other directives… | 2022-05-13T01:47:11Z | 2025-11-25T18:32:09Z |
| ghsa-6j6p-p8wc-9jpp | The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-or… | 2022-05-13T01:47:12Z | 2025-11-25T18:32:10Z |
| ghsa-v5x6-r6hp-xgpc | Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.… | 2022-05-13T01:47:33Z | 2025-10-22T00:31:23Z |
| ghsa-w5g9-xvwm-4qf8 | Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1… | 2022-05-13T01:47:35Z | 2025-10-22T00:31:23Z |
| ghsa-p72w-9mwc-fgvp | Microsoft Office allows a remote code execution vulnerability due to the way that it handles object… | 2022-05-13T01:47:37Z | 2025-10-22T00:31:23Z |
| ghsa-mfqq-q5rf-3hvq | Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before… | 2022-05-13T01:47:51Z | 2025-10-22T00:31:23Z |
| ghsa-67f4-59mc-w493 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software ru… | 2022-05-13T01:48:17Z | 2025-10-22T00:31:30Z |
| ghsa-6x97-cqx6-mvmq | An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host p… | 2022-05-13T01:48:49Z | 2025-10-22T00:31:35Z |
| ghsa-8m62-73pq-x847 | The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0… | 2022-05-13T01:49:01Z | 2025-10-22T00:31:35Z |
| ghsa-pp5v-ch72-95w4 | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization… | 2022-05-13T01:49:33Z | 2025-11-25T18:32:14Z |
| ghsa-pqvw-c6xw-gpp5 | Manually dragging and dropping an Outlook email message into the browser will trigger a page naviga… | 2022-05-13T01:49:34Z | 2025-11-25T18:32:14Z |
| ghsa-328m-hvwm-m425 | When manipulating user events in nested loops while opening a document through script, it is possib… | 2022-05-13T01:49:35Z | 2025-11-25T18:32:15Z |
| ghsa-jh5j-w2c9-jcff | An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 device… | 2022-05-13T01:49:59Z | 2025-10-22T00:31:36Z |
| ghsa-xqgh-qj2v-fjfx | upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters… | 2022-05-13T01:50:04Z | 2025-10-22T00:31:36Z |
| ghsa-vmg6-94hc-5vqp | _bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and ot… | 2022-05-13T01:50:27Z | 2025-11-03T21:30:30Z |
| ghsa-5g4g-56fq-mvwf | An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authent… | 2022-05-13T01:50:42Z | 2025-11-25T18:32:15Z |
| ghsa-pm93-g4gf-j42f | PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users wi… | 2022-05-13T01:50:52Z | 2025-10-22T00:31:36Z |
| ghsa-hhg2-f289-m44w | Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivile… | 2022-05-13T01:51:06Z | 2025-10-22T00:31:37Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-10561 | N/A | An issue was discovered on Dasan GPON home router… |
n/a |
n/a |
2018-05-04T03:00:00.000Z | 2025-10-21T23:45:51.827Z |
| cve-2018-10562 | N/A | An issue was discovered on Dasan GPON home router… |
n/a |
n/a |
2018-05-04T03:00:00.000Z | 2025-10-21T23:45:51.689Z |
| cve-2018-0824 | N/A | A remote code execution vulnerability exists in "… |
n/a |
n/a |
2018-05-09T19:00:00.000Z | 2025-10-21T23:45:51.530Z |
| cve-2018-8120 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows Server 2008 |
2018-05-09T19:00:00.000Z | 2025-10-21T23:45:51.354Z |
| cve-2018-8174 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Windows 7 |
2018-05-09T19:00:00.000Z | 2025-10-21T23:45:51.195Z |
| cve-2018-4939 | N/A | Adobe ColdFusion Update 5 and earlier versions, C… |
n/a |
Adobe ColdFusion ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions |
2018-05-19T17:00:00.000Z | 2025-10-21T23:45:51.042Z |
| cve-2018-1124 | procps-ng before version 3.3.15 is vulnerable to … |
[UNKNOWN] |
procps-ng |
2018-05-23T13:00:00.000Z | 2025-12-18T11:37:47.265Z | |
| cve-2018-1126 | procps-ng before version 3.3.15 is vulnerable to … |
[UNKNOWN] |
procps-ng, procps |
2018-05-23T13:00:00.000Z | 2025-12-17T20:45:49.505Z | |
| cve-2018-1123 | procps-ng before version 3.3.15 is vulnerable to … |
[UNKNOWN] |
procps-ng, procps |
2018-05-23T14:00:00.000Z | 2025-12-17T21:19:29.864Z | |
| cve-2018-1125 | procps-ng before version 3.3.15 is vulnerable to … |
[UNKNOWN] |
procps-ng, procps |
2018-05-23T14:00:00.000Z | 2025-12-17T22:09:11.636Z | |
| cve-2018-11544 | N/A | The Olive Tree Ftp Server application 1.32 for An… |
n/a |
n/a |
2018-05-29T21:00:00.000Z | 2025-11-11T18:26:17.468Z |
| cve-2018-11138 | N/A | The '/common/download_agent_installer.php' script… |
n/a |
n/a |
2018-05-31T18:00:00.000Z | 2025-10-21T23:45:50.901Z |
| cve-2018-0296 | N/A | A vulnerability in the web interface of the Cisco… |
n/a |
Cisco Adaptive Security Appliance unknown |
2018-06-07T12:00:00.000Z | 2025-10-21T23:45:50.734Z |
| cve-2016-9079 | N/A | A use-after-free vulnerability in SVG Animation h… |
Mozilla |
Firefox |
2018-06-11T21:00:00.000Z | 2025-10-21T23:45:50.578Z |
| cve-2018-6961 | N/A | VMware NSX SD-WAN Edge by VeloCloud prior to vers… |
VMware |
NSX SD-WAN by VeloCloud |
2018-06-11T22:00:00.000Z | 2025-10-21T23:45:50.384Z |
| cve-2018-11574 | N/A | Improper input validation together with an intege… |
n/a |
n/a |
2018-06-14T20:00:00.000Z | 2025-12-03T21:09:49.904Z |
| cve-2018-9276 | N/A | An issue was discovered in PRTG Network Monitor b… |
n/a |
n/a |
2018-07-02T16:00:00.000Z | 2025-10-21T23:45:50.232Z |
| cve-2018-4990 | N/A | Adobe Acrobat and Reader versions 2018.011.20038 … |
n/a |
Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions |
2018-07-09T19:00:00.000Z | 2025-10-21T23:45:50.046Z |
| cve-2018-5002 | N/A | Adobe Flash Player versions 29.0.0.171 and earlie… |
n/a |
Adobe Flash Player 29.0.0.171 and earlier versions |
2018-07-09T19:00:00.000Z | 2025-11-17T20:15:04.960Z |
| cve-2018-8298 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
ChakraCore |
2018-07-11T00:00:00.000Z | 2025-10-21T23:45:49.700Z |
| cve-2018-14404 | N/A | A NULL pointer dereference vulnerability exists i… |
n/a |
n/a |
2018-07-19T13:00:00.000Z | 2025-12-03T21:07:59.321Z |
| cve-2018-7602 | N/A | Drupal core - Highly critical - Remote Code Execution … |
Drupal |
core |
2018-07-19T17:00:00.000Z | 2025-12-17T00:06:27.768Z |
| cve-2017-7526 | libgcrypt before version 1.7.8 is vulnerable to a… |
GnuPG |
libgcrypt |
2018-07-26T13:00:00.000Z | 2025-12-17T22:06:14.998Z | |
| cve-2018-14847 | N/A | MikroTik RouterOS through 6.42 allows unauthentic… |
n/a |
n/a |
2018-08-02T07:00:00.000Z | 2025-10-21T23:45:49.372Z |
| cve-2018-14933 | N/A | upgrade_handle.php on NUUO NVRmini devices allows… |
n/a |
n/a |
2018-08-04T19:00:00.000Z | 2025-10-21T23:45:49.231Z |
| cve-2018-15133 | N/A | In Laravel Framework through 5.5.40 and 5.6.x thr… |
n/a |
n/a |
2018-08-09T19:00:00.000Z | 2025-10-21T23:45:49.105Z |
| cve-2018-8373 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Internet Explorer 9 |
2018-08-15T17:00:00.000Z | 2025-10-21T23:45:48.955Z |
| cve-2018-8405 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows Server 2012 R2 |
2018-08-15T17:00:00.000Z | 2025-10-21T23:45:48.793Z |
| cve-2018-8406 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows Server 2016 |
2018-08-15T17:00:00.000Z | 2025-10-21T23:45:48.660Z |
| cve-2018-8414 | N/A | A remote code execution vulnerability exists when… |
Microsoft |
Windows 10 Servers |
2018-08-15T17:00:00.000Z | 2025-10-21T23:45:48.521Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-13002 | N/A | The AODV parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:47.611Z |
| cve-2017-13006 | N/A | The L2TP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:47.739Z |
| cve-2017-13010 | N/A | The BEEP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:47.879Z |
| cve-2017-13013 | N/A | The ARP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:47.997Z |
| cve-2017-13014 | N/A | The White Board protocol parser in tcpdump before… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.227Z |
| cve-2017-13015 | N/A | The EAP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.360Z |
| cve-2017-13016 | N/A | The ISO ES-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.491Z |
| cve-2017-13017 | N/A | The DHCPv6 parser in tcpdump before 4.9.2 has a b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.621Z |
| cve-2017-13019 | N/A | The PGM parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:48.747Z |
| cve-2017-13020 | N/A | The VTP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:30:47.144Z |
| cve-2017-13021 | N/A | The ICMPv6 parser in tcpdump before 4.9.2 has a b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:17:04.399Z |
| cve-2017-13022 | N/A | The IP parser in tcpdump before 4.9.2 has a buffe… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:17:21.300Z |
| cve-2017-13024 | N/A | The IPv6 mobility parser in tcpdump before 4.9.2 … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:17:42.690Z |
| cve-2017-13025 | N/A | The IPv6 mobility parser in tcpdump before 4.9.2 … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:18:06.980Z |
| cve-2017-13027 | N/A | The LLDP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-05T14:53:01.960Z |
| cve-2017-13028 | N/A | The BOOTP parser in tcpdump before 4.9.2 has a bu… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:18:25.339Z |
| cve-2017-13031 | N/A | The IPv6 fragmentation header parser in tcpdump b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:15:46.162Z |
| cve-2017-13034 | N/A | The PGM parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:16:23.631Z |
| cve-2017-13035 | N/A | The ISO IS-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T15:16:42.287Z |
| cve-2017-13037 | N/A | The IP parser in tcpdump before 4.9.2 has a buffe… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-05T14:53:37.416Z |
| cve-2017-13038 | N/A | The PPP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:56:30.195Z |
| cve-2017-13040 | N/A | The MPTCP parser in tcpdump before 4.9.2 has a bu… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:53:34.993Z |
| cve-2017-13041 | N/A | The ICMPv6 parser in tcpdump before 4.9.2 has a b… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:53:14.473Z |
| cve-2017-13045 | N/A | The VQP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:50:43.984Z |
| cve-2017-13047 | N/A | The ISO ES-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:50:22.338Z |
| cve-2017-13048 | N/A | The RSVP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:50:00.550Z |
| cve-2017-13050 | N/A | The RPKI-Router parser in tcpdump before 4.9.2 ha… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:42:53.849Z |
| cve-2017-13053 | N/A | The BGP parser in tcpdump before 4.9.2 has a buff… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:41:51.992Z |
| cve-2017-13054 | N/A | The LLDP parser in tcpdump before 4.9.2 has a buf… |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:41:02.992Z |
| cve-2017-13055 | N/A | The ISO IS-IS parser in tcpdump before 4.9.2 has … |
n/a |
n/a |
2017-09-14T06:00:00.000Z | 2025-12-04T14:39:53.146Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-10006 | Malicious code in etheruem (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10007 | Malicious code in etheruemm (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10008 | Malicious code in etheruim (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10009 | Malicious code in etherum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10010 | Malicious code in etherumm (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10011 | Malicious code in etherun (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10012 | Malicious code in etheruum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10013 | Malicious code in etheum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10014 | Malicious code in etheurm (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10015 | Malicious code in ethherium (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10016 | Malicious code in ethherum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10017 | Malicious code in ethreeum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10018 | Malicious code in ethreium (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10019 | Malicious code in ethreum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10020 | Malicious code in ethrum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10021 | Malicious code in ettherium (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10022 | Malicious code in eutherium (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10024 | Malicious code in ewb3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10050 | Malicious code in oenasea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10051 | Malicious code in oenesea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10052 | Malicious code in oensea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10053 | Malicious code in oenwea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10054 | Malicious code in oenwsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10055 | Malicious code in oepensea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10056 | Malicious code in oepenwea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10057 | Malicious code in oepnsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10058 | Malicious code in oopensea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10059 | Malicious code in oopenwea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10060 | Malicious code in opemsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10061 | Malicious code in openae (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2004:441 | Red Hat Security Advisory: ruby security update | 2004-09-30T14:25:00+00:00 | 2025-11-21T17:27:42+00:00 |
| rhsa-2004:451 | Red Hat Security Advisory: spamassassin security update | 2004-09-30T14:27:00+00:00 | 2025-11-21T17:27:44+00:00 |
| rhsa-2004:462 | Red Hat Security Advisory: squid security update | 2004-09-30T14:28:00+00:00 | 2025-11-21T17:27:45+00:00 |
| rhsa-2004:498 | Red Hat Security Advisory: samba security update | 2004-10-04T15:15:00+00:00 | 2025-11-21T17:27:49+00:00 |
| rhsa-2004:412 | Red Hat Security Advisory: kdelibs, kdebase security update | 2004-10-04T15:32:00+00:00 | 2025-11-21T17:27:37+00:00 |
| rhsa-2004:478 | Red Hat Security Advisory: XFree86 security update | 2004-10-04T15:56:00+00:00 | 2025-11-21T17:27:47+00:00 |
| rhsa-2004:479 | Red Hat Security Advisory: XFree86 security update | 2004-10-06T13:29:00+00:00 | 2025-11-21T17:27:48+00:00 |
| rhsa-2004:546 | Red Hat Security Advisory: cyrus-sasl security update | 2004-10-07T14:55:00+00:00 | 2025-11-21T17:27:52+00:00 |
| rhsa-2004:597 | Red Hat Security Advisory: mysql security update | 2004-10-20T19:16:00+00:00 | 2025-11-21T17:27:56+00:00 |
| rhsa-2004:494 | Red Hat Security Advisory: ImageMagick security update | 2004-10-20T19:17:00+00:00 | 2025-11-21T17:27:48+00:00 |
| rhsa-2004:591 | Red Hat Security Advisory: squid security update | 2004-10-20T19:20:00+00:00 | 2025-11-21T17:27:55+00:00 |
| rhsa-2004:480 | Red Hat Security Advisory: ImageMagick security update | 2004-10-20T19:37:00+00:00 | 2025-11-21T17:27:48+00:00 |
| rhsa-2004:569 | Red Hat Security Advisory: mysql security update | 2004-10-20T19:45:00+00:00 | 2025-11-21T17:27:52+00:00 |
| rhsa-2004:577 | Red Hat Security Advisory: libtiff security update | 2004-10-22T15:04:00+00:00 | 2025-11-21T17:27:53+00:00 |
| rhsa-2004:543 | Red Hat Security Advisory: cups security update | 2004-10-22T15:06:00+00:00 | 2025-11-21T17:27:51+00:00 |
| rhsa-2004:585 | Red Hat Security Advisory: xchat security update | 2004-10-27T15:18:00+00:00 | 2025-11-21T17:27:54+00:00 |
| rhsa-2004:611 | Red Hat Security Advisory: mysql-server security update | 2004-10-27T15:18:00+00:00 | 2025-11-21T17:27:57+00:00 |
| rhsa-2004:592 | Red Hat Security Advisory: xpdf security update | 2004-10-27T15:21:00+00:00 | 2025-11-21T17:27:55+00:00 |
| rhsa-2004:562 | Red Hat Security Advisory: httpd security update | 2004-11-12T16:43:00+00:00 | 2025-11-21T17:27:52+00:00 |
| rhsa-2004:615 | Red Hat Security Advisory: libxml2 security update | 2004-11-12T16:46:00+00:00 | 2025-11-21T17:27:58+00:00 |
| rhsa-2004:609 | Red Hat Security Advisory: freeradius security update | 2004-11-12T16:47:00+00:00 | 2025-11-21T17:27:56+00:00 |
| rhsa-2004:632 | Red Hat Security Advisory: samba security update | 2004-11-16T17:42:00+00:00 | 2025-11-21T17:27:59+00:00 |
| rhsa-2004:537 | Red Hat Security Advisory: openmotif security update | 2004-12-02T09:42:00+00:00 | 2025-11-21T17:27:51+00:00 |
| rhsa-2004:549 | Red Hat Security Advisory: kernel security update | 2004-12-02T10:13:00+00:00 | 2025-11-21T17:27:52+00:00 |
| rhsa-2004:636 | Red Hat Security Advisory: ImageMagick security update | 2004-12-08T19:06:00+00:00 | 2025-11-21T17:27:59+00:00 |
| rhsa-2004:651 | Red Hat Security Advisory: imlib security update | 2004-12-10T16:42:00+00:00 | 2025-11-21T17:28:02+00:00 |
| rhsa-2004:635 | Red Hat Security Advisory: ruby security update | 2004-12-13T18:53:00+00:00 | 2025-11-21T17:28:03+00:00 |
| rhsa-2004:600 | Red Hat Security Advisory: apache, mod_ssl security update | 2004-12-13T19:26:00+00:00 | 2025-11-21T17:27:56+00:00 |
| rhsa-2004:536 | Red Hat Security Advisory: ncompress security update | 2004-12-13T19:31:00+00:00 | 2025-11-21T17:27:50+00:00 |
| rhsa-2004:505 | Red Hat Security Advisory: Updated kernel packages fix security vulnerability | 2004-12-13T20:06:00+00:00 | 2025-11-21T17:27:50+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2018-21035 | In Qt through 5.14.1 the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). | 2020-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2019-9674 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. | 2020-02-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2020-1711 | An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-5208 | remote code execution vulnerability in ipmitool | 2020-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-5247 | HTTP Response Splitting in Puma | 2020-02-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-8127 | Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. | 2020-02-02T00:00:00.000Z | 2025-09-03T23:54:11.000Z |
| msrc_cve-2020-8130 | There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`. | 2020-02-02T00:00:00.000Z | 2025-10-12T01:01:15.000Z |
| msrc_cve-2020-8597 | eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. | 2020-02-02T00:00:00.000Z | 2024-07-23T00:00:00.000Z |
| msrc_cve-2020-8631 | cloud-init through 19.4 relies on Mersenne Twister for a random password which makes it easier for attackers to predict passwords because rand_str in cloudinit/util.py calls the random.choice function. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-8632 | In cloud-init through 19.4 rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value which makes it easier for attackers to guess passwords. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-8647 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-8648 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-8649 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-8992 | ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. | 2020-02-02T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| msrc_cve-2020-9327 | In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. | 2020-02-02T00:00:00.000Z | 2025-09-03T21:18:51.000Z |
| msrc_cve-2020-9383 | An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it aka CID-2e90ca68b0d2. | 2020-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20503 | usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. | 2020-03-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2019-20633 | GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952. | 2020-03-02T00:00:00.000Z | 2025-09-03T20:26:16.000Z |
| msrc_cve-2020-10029 | The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. | 2020-03-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-10108 | In Twisted Web through 19.10.0 there was an HTTP request splitting vulnerability. When presented with two content-length headers it ignored the first header. When the second content-length value was set to zero the request body was interpreted as a pipelined request. | 2020-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-10109 | In Twisted Web through 19.10.0 there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. | 2020-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-10941 | Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. | 2020-03-02T00:00:00.000Z | 2025-09-03T22:30:18.000Z |
| msrc_cve-2020-10942 | In the Linux kernel before 5.5.8 get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field which might allow attackers to trigger kernel stack corruption via crafted system calls. | 2020-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-1712 | A heap use-after-free vulnerability was found in systemd before version v245-rc1 where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges by sending specially crafted dbus messages. | 2020-03-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-1720 | A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION" where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function triggers et al. leading to database corruption. This issue affects PostgreSQL versions before 12.2 before 11.7 before 10.12 and before 9.6.17. | 2020-03-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-1747 | A vulnerability was discovered in the PyYAML library in versions before 5.3.1 where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor. | 2020-03-02T00:00:00.000Z | 2023-11-07T00:00:00.000Z |
| msrc_cve-2020-2136 | Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation resulting in a stored cross-site scripting vulnerability. | 2020-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-5291 | Privilege escalation in setuid mode via user namespaces in Bubblewrap | 2020-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-7009 | Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges. | 2020-03-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2020-8910 | Auth Bypass in Google's Closure-Library | 2020-03-02T00:00:00.000Z | 2025-09-03T23:49:20.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2009-000065 | SugarCRM vulnerable to cross-site scripting | 2009-10-02T16:02+09:00 | 2009-10-02T16:02+09:00 |
| jvndb-2009-000067 | Multiple Cybozu products vulnerable to cross-site scripting | 2009-10-15T15:21+09:00 | 2009-10-15T15:21+09:00 |
| jvndb-2009-000066 | Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting | 2009-10-20T15:56+09:00 | 2009-10-20T15:56+09:00 |
| jvndb-2009-000068 | Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks | 2009-10-26T15:58+09:00 | 2010-01-25T12:02+09:00 |
| jvndb-2009-000069 | SEIL/X Series and SEIL/B1 buffer overflow vulnerability | 2009-11-02T16:42+09:00 | 2009-11-02T16:42+09:00 |
| jvndb-2009-000070 | SEIL/X Series and SEIL/B1 denial of service vulnerability | 2009-11-02T16:42+09:00 | 2009-11-02T16:42+09:00 |
| jvndb-2009-000071 | Roundcube Webmail vulnerable to cross-site request forgery | 2009-11-04T15:27+09:00 | 2009-11-04T15:27+09:00 |
| jvndb-2009-000072 | Roundcube Webmail vulnerable to cross-site request forgery | 2009-11-04T15:27+09:00 | 2009-11-04T15:27+09:00 |
| jvndb-2009-000073 | Redmine vulnerable to cross-site scripting | 2009-11-19T15:45+09:00 | 2009-11-19T15:45+09:00 |
| jvndb-2009-000074 | Redmine vulnerable to cross-site request forgery | 2009-11-19T15:45+09:00 | 2009-11-19T15:45+09:00 |
| jvndb-2009-000078 | EC-CUBE information disclosure vulnerability | 2009-12-07T14:51+09:00 | 2009-12-07T14:51+09:00 |
| jvndb-2009-000079 | SEIL/B1 authentication issue | 2009-12-09T19:38+09:00 | 2009-12-09T19:38+09:00 |
| jvndb-2009-000075 | Active! mail 2003 cross-site scripting vulnerability | 2009-12-15T19:52+09:00 | 2009-12-15T19:52+09:00 |
| jvndb-2009-000076 | Active! mail 2003 session ID disclosure vulnerability | 2009-12-15T19:52+09:00 | 2009-12-15T19:52+09:00 |
| jvndb-2009-000077 | Active! mail 2003 cookie disclosure vulnerability | 2009-12-15T19:52+09:00 | 2009-12-15T19:52+09:00 |
| jvndb-2009-000084 | P forum vulnerable to directory traversal | 2009-12-17T14:18+09:00 | 2009-12-17T14:18+09:00 |
| jvndb-2009-002345 | StartTLS not enabled in Hitachi Storage Command Suite products | 2009-12-24T14:32+09:00 | 2009-12-24T14:32+09:00 |
| jvndb-2009-002358 | Fujitsu Interstage and Systemwalker SSL Vulnerabilities | 2009-12-28T11:19+09:00 | 2009-12-28T11:19+09:00 |
| jvndb-2010-000001 | Movable Type access restriction bypass vulnerability | 2010-01-06T16:26+09:00 | 2010-01-06T16:26+09:00 |
| jvndb-2010-000002 | WebCalenderC3 cross-site scripting vulnerability | 2010-01-14T21:23+09:00 | 2010-01-14T21:23+09:00 |
| jvndb-2010-000003 | WebCalenderC3 vulnerable to directory traversal | 2010-01-14T21:24+09:00 | 2010-01-14T21:24+09:00 |
| jvndb-2010-000004 | Oracle Application Server vulnerable to cross-site scripting | 2010-01-14T21:24+09:00 | 2010-01-14T21:24+09:00 |
| jvndb-2009-002475 | Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java | 2010-02-09T14:03+09:00 | 2010-02-09T14:03+09:00 |
| jvndb-2010-000005 | tDiary plugin tb-send.rb vulnerable to cross-site scripting | 2010-02-26T12:45+09:00 | 2010-02-26T12:45+09:00 |
| jvndb-2010-001088 | uCosminexus Portal Framework Cross-Site Scripting Vulnerability | 2010-03-03T12:00+09:00 | 2010-03-03T12:00+09:00 |
| jvndb-2010-000006 | OpenPNE authentication bypass vulnerability | 2010-03-12T15:29+09:00 | 2010-03-12T15:29+09:00 |
| jvndb-2010-001147 | JP1/Cm2/Network Node Manager Remote Console Insecure File Permissions Vulnerability | 2010-03-15T12:21+09:00 | 2010-03-15T12:21+09:00 |
| jvndb-2009-000018 | Ichitaro series buffer overflow vulnerability | 2010-03-23T17:42+09:00 | 2010-03-23T17:42+09:00 |
| jvndb-2009-000057 | ATOK screen lock bypass vulnerability | 2010-03-23T17:42+09:00 | 2010-03-23T17:42+09:00 |
| jvndb-2010-000007 | PrettyFormMail vulnerable to cross-site scripting | 2010-04-02T17:31+09:00 | 2010-04-02T17:31+09:00 |
| ID | Description | Updated |
|---|