Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-882j-m7wv-38p6 | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WL… | 2022-05-14T01:06:14Z | 2025-10-22T00:31:35Z |
| ghsa-rrqg-2h39-2567 | An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a cr… | 2022-05-14T01:07:06Z | 2025-11-17T21:31:17Z |
| ghsa-xjgh-84hx-56c5 | Unrestricted Upload of File with Dangerous Type Apache Tomcat | 2022-05-14T01:07:15Z | 2025-10-22T17:30:37Z |
| ghsa-rfrg-rcwf-93m5 | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) board… | 2022-05-14T01:09:51Z | 2025-10-22T00:31:20Z |
| ghsa-24cp-26gx-3pp4 | The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in … | 2022-05-14T01:10:36Z | 2025-10-22T00:31:13Z |
| ghsa-73c7-5g37-cmq7 | On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an authenticat… | 2022-05-14T01:11:27Z | 2025-10-22T00:31:37Z |
| ghsa-486c-fgp8-q4mj | A memory corruption issue was addressed with improved memory handling. This issue affected versions… | 2022-05-14T01:11:49Z | 2025-10-22T00:31:37Z |
| ghsa-7r6v-mxc2-pg49 | The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 all… | 2022-05-14T01:14:49Z | 2025-10-22T00:31:11Z |
| ghsa-rxqh-fc23-gxp2 | Improper Input Validation in Apache ActiveMQ | 2022-05-14T01:14:51Z | 2025-10-22T17:34:43Z |
| ghsa-r6h3-3q3x-3wcr | The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of servi… | 2022-05-14T01:15:23Z | 2022-05-14T01:15:23Z |
| ghsa-5248-m677-h7p5 | Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS… | 2022-05-14T01:16:30Z | 2022-05-14T01:16:30Z |
| ghsa-576m-x596-j6g4 | Memory safety bugs were reported in Firefox ESR 52.6. These bugs showed evidence of memory corrupti… | 2022-05-14T01:22:02Z | 2025-11-25T18:32:12Z |
| ghsa-8h4g-cp4v-9cg4 | Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept … | 2022-05-14T01:22:02Z | 2025-11-25T18:32:13Z |
| ghsa-6rj4-wj32-8fj7 | Memory safety bugs were reported in Firefox 59, Firefox ESR 52.7, and Thunderbird 52.7. Some of the… | 2022-05-14T01:22:03Z | 2025-11-25T18:32:13Z |
| ghsa-62wp-qw94-ppmq | Mozilla developers backported selected changes in the Skia library. These changes correct memory co… | 2022-05-14T01:22:04Z | 2025-11-25T18:32:14Z |
| ghsa-6w8g-777w-9mcc | A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to proper… | 2022-05-14T01:22:26Z | 2025-10-22T00:31:35Z |
| ghsa-h27g-wvvm-f6mv | Mozilla developers and community members reported memory safety bugs present in Firefox 63 and Fire… | 2022-05-14T01:22:27Z | 2025-11-25T18:32:15Z |
| ghsa-qxgw-7whg-72j2 | An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own c… | 2022-05-14T01:22:34Z | 2025-11-25T18:32:13Z |
| ghsa-2fp8-wvjf-2gv9 | A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extreme… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:14Z |
| ghsa-57wq-mwp5-4x2j | A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javasc… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:15Z |
| ghsa-9hqp-m898-4x8x | A use-after-free vulnerability can occur while enumerating attributes during SVG animations with cl… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:13Z |
| ghsa-hjwf-v2m2-363g | A use-after-free vulnerability can occur while adjusting layout during SVG animations with text pat… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:13Z |
| ghsa-hr83-78x9-4cjp | A buffer overflow can occur in the Skia library during buffer offset calculations with hardware acc… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:15Z |
| ghsa-qchp-2hvj-gj3q | An integer overflow can occur in the Skia library due to 32-bit integer use in an array without int… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:13Z |
| ghsa-wjrm-cvj7-wvjg | A use-after-free vulnerability can occur after deleting a selection element due to a weak reference… | 2022-05-14T01:22:54Z | 2025-11-25T18:32:15Z |
| ghsa-frxp-ch88-g8fc | Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attack… | 2022-05-14T01:26:21Z | 2025-10-22T03:30:38Z |
| ghsa-32j6-x4jq-jq3x | Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evid… | 2022-05-14T01:27:13Z | 2025-11-25T18:32:12Z |
| ghsa-669j-hvf3-2f28 | A buffer overflow can occur when manipulating the SVG "animatedPathSegList" through script. This re… | 2022-05-14T01:27:13Z | 2025-11-25T18:32:12Z |
| ghsa-hf84-87fj-v8xv | Under certain circumstances the "fetch()" API can return transient local copies of resources that w… | 2022-05-14T01:27:13Z | 2025-11-25T18:32:12Z |
| ghsa-w9cf-85vm-mch5 | When packets with a mismatched RTP payload type are sent in WebRTC connections, in some circumstanc… | 2022-05-14T01:27:13Z | 2025-11-25T18:32:12Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-20574 | N/A | The SingleDocParser::HandleFlowMap function in ya… |
n/a |
n/a |
2018-12-28T16:00:00.000Z | 2025-11-03T21:44:08.759Z |
| cve-2019-0541 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Microsoft Office |
2019-01-08T21:00:00.000Z | 2025-10-21T23:45:44.790Z |
| cve-2019-0543 | N/A | An elevation of privilege vulnerability exists wh… |
n/a |
n/a |
2019-01-08T21:00:00.000Z | 2025-10-21T23:45:44.639Z |
| cve-2018-20685 | N/A | In OpenSSH 7.9, scp.c in the scp client allows re… |
n/a |
n/a |
2019-01-10T00:00:00.000Z | 2025-12-17T21:53:56.287Z |
| cve-2019-6285 | N/A | The SingleDocParser::HandleFlowSequence function … |
n/a |
n/a |
2019-01-14T22:00:00.000Z | 2025-11-03T21:44:13.163Z |
| cve-2018-15982 | N/A | Flash Player versions 31.0.0.153 and earlier, and… |
n/a |
n/a |
2019-01-18T17:00:00.000Z | 2025-11-16T16:04:32.959Z |
| cve-2018-13374 | A Improper Access Control in Fortinet FortiOS 6.0… |
Fortinet |
Fortinet FortiOS, fortiADC |
2019-01-22T14:00:00.000Z | 2025-10-21T23:45:44.273Z | |
| cve-2019-1652 | Cisco Small Business RV320 and RV325 Routers Command I… |
Cisco |
Cisco Small Business RV Series Router Firmware |
2019-01-24T16:00:00.000Z | 2025-10-21T23:45:44.135Z | |
| cve-2019-1653 | Cisco Small Business RV320 and RV325 Routers Informati… |
Cisco |
Cisco Small Business RV Series Router Firmware |
2019-01-24T16:00:00.000Z | 2025-10-21T23:45:43.980Z | |
| cve-2019-6110 | N/A | In OpenSSH 7.9, due to accepting and displaying a… |
n/a |
n/a |
2019-01-31T00:00:00.000Z | 2025-12-18T14:32:50.185Z |
| cve-2019-6111 | N/A | An issue was discovered in OpenSSH 7.9. Due to th… |
n/a |
n/a |
2019-01-31T00:00:00.000Z | 2025-12-18T14:35:00.730Z |
| cve-2017-18362 | N/A | ConnectWise ManagedITSync integration through 201… |
n/a |
n/a |
2019-02-05T05:00:00.000Z | 2025-10-21T23:45:43.838Z |
| cve-2018-20753 | N/A | Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before … |
n/a |
n/a |
2019-02-05T05:00:00.000Z | 2025-10-21T23:45:43.693Z |
| cve-2018-20250 | N/A | In WinRAR versions prior to and including 5.61, T… |
Check Point Software Technologies Ltd. |
WinRAR |
2019-02-05T20:00:00.000Z | 2025-10-21T23:45:43.535Z |
| cve-2019-8394 | N/A | Zoho ManageEngine ServiceDesk Plus (SDP) before 1… |
n/a |
n/a |
2019-02-17T04:00:00.000Z | 2025-10-21T23:45:43.349Z |
| cve-2019-6340 | N/A | Drupal core - Highly critical - Remote Code Execution |
Drupal |
Drupal Core |
2019-02-21T21:00:00.000Z | 2025-10-21T23:45:43.200Z |
| cve-2019-9082 | N/A | ThinkPHP before 3.2.4, as used in Open Source BMS… |
n/a |
n/a |
2019-02-24T18:00:00.000Z | 2025-12-09T14:38:34.117Z |
| cve-2019-9182 | N/A | There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /ad… |
n/a |
n/a |
2019-02-26T07:00:00.000Z | 2025-12-09T14:41:14.098Z |
| cve-2019-6223 | N/A | A logic issue existed in the handling of Group Fa… |
Apple |
iOS |
2019-03-05T16:00:00.000Z | 2025-12-20T04:55:48.072Z |
| cve-2019-0604 | N/A | A remote code execution vulnerability exists in M… |
Microsoft |
Microsoft SharePoint Server |
2019-03-06T00:00:00.000Z | 2025-10-21T23:45:42.715Z |
| cve-2019-0676 | N/A | An information disclosure vulnerability exists wh… |
Microsoft |
Internet Explorer 11 |
2019-03-06T00:00:00.000Z | 2025-10-21T23:45:42.572Z |
| cve-2018-18809 | TIBCO JasperReports Library Directory Traversal Vulner… |
TIBCO Software Inc. |
TIBCO JasperReports Library |
2019-03-07T22:00:00.000Z | 2025-10-21T23:45:42.384Z | |
| cve-2019-1003029 | N/A | A sandbox bypass vulnerability exists in Jenkins … |
Jenkins project |
Jenkins Script Security Plugin |
2019-03-08T21:00:00.000Z | 2025-10-21T23:45:42.215Z |
| cve-2019-1003030 | N/A | A sandbox bypass vulnerability exists in Jenkins … |
Jenkins project |
Jenkins Pipeline: Groovy Plugin |
2019-03-08T21:00:00.000Z | 2025-10-21T23:45:42.056Z |
| cve-2019-3859 | An out of bounds read flaw was discovered in libs… |
The libssh2 Project |
libssh2 |
2019-03-20T21:18:13.000Z | 2025-12-18T11:43:47.109Z | |
| cve-2019-7238 | N/A | Sonatype Nexus Repository Manager before 3.15.0 h… |
n/a |
n/a |
2019-03-21T16:45:23.000Z | 2025-10-21T23:45:41.913Z |
| cve-2019-3855 | An integer overflow flaw which could lead to an o… |
The libssh2 Project |
libssh2 |
2019-03-21T20:13:25.000Z | 2025-12-17T21:40:11.249Z | |
| cve-2019-9978 | N/A | The social-warfare plugin before 3.5.3 for WordPr… |
n/a |
n/a |
2019-03-24T14:47:26.000Z | 2025-10-21T23:45:41.750Z |
| cve-2019-7609 | N/A | Kibana versions before 5.6.15 and 6.6.1 contain a… |
Elastic |
Kibana |
2019-03-25T00:00:00.000Z | 2025-10-21T23:45:41.577Z |
| cve-2019-3863 | A flaw was found in libssh2 before 1.8.1 creating… |
The libssh2 Project |
libssh2 |
2019-03-25T17:52:10.000Z | 2025-12-19T03:02:32.466Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-16932 | N/A | parser.c in libxml2 before 2.9.5 does not prevent… |
n/a |
n/a |
2017-11-23T21:00:00.000Z | 2025-12-04T13:30:12.352Z |
| cve-2017-15944 | N/A | Palo Alto Networks PAN-OS before 6.1.19, 7.0.x be… |
n/a |
n/a |
2017-12-11T17:00:00.000Z | 2025-10-21T23:45:57.483Z |
| cve-2017-17562 | N/A | Embedthis GoAhead before 3.6.5 allows remote code… |
n/a |
n/a |
2017-12-12T19:00:00.000Z | 2025-10-21T23:45:57.300Z |
| cve-2017-1000486 | N/A | Primetek Primefaces 5.x is vulnerable to a weak e… |
n/a |
n/a |
2018-01-03T20:00:00.000Z | 2025-10-21T23:45:57.153Z |
| cve-2018-5282 | N/A | Kentico 9.0 through 11.0 has a stack-based buffer… |
n/a |
n/a |
2018-01-08T09:00:00 | 2024-08-05T05:33:44.171Z |
| cve-2018-0798 | N/A | Equation Editor in Microsoft Office 2007, Microso… |
Microsoft Corporation |
Equation Editor |
2018-01-10T01:00:00.000Z | 2025-10-21T23:45:57.001Z |
| cve-2018-0802 | N/A | Equation Editor in Microsoft Office 2007, Microso… |
Microsoft Corporation |
Equation Editor |
2018-01-10T01:00:00.000Z | 2025-10-21T23:45:56.855Z |
| cve-2017-1000353 | N/A | Jenkins versions 2.56 and earlier as well as 2.46… |
n/a |
n/a |
2018-01-29T17:00:00.000Z | 2025-10-21T23:45:56.725Z |
| cve-2017-14180 | N/A | Apport 2.13 through 2.20.7 does not properly hand… |
na/ |
Apport |
2018-02-02T14:00:00.000Z | 2025-11-03T19:25:18.350Z |
| cve-2018-4878 | N/A | A use-after-free vulnerability was discovered in … |
n/a |
Adobe Flash Player before 28.0.0.161 |
2018-02-06T20:00:00.000Z | 2025-11-17T19:33:19.689Z |
| cve-2017-17552 | N/A | /LoadFrame in Zoho ManageEngine AD Manager Plus b… |
n/a |
n/a |
2018-02-07T17:00:00 | 2024-08-05T20:51:32.285Z |
| cve-2017-5130 | N/A | An integer overflow in xmlmemory.c in libxml2 bef… |
n/a |
Google Chrome prior to 62.0.3202.62 |
2018-02-07T23:00:00.000Z | 2025-12-03T22:02:32.359Z |
| cve-2018-0125 | N/A | A vulnerability in the web interface of the Cisco… |
n/a |
Cisco RV132W and RV134W |
2018-02-08T07:00:00.000Z | 2025-10-21T23:45:56.411Z |
| cve-2018-6789 | N/A | An issue was discovered in the base64d function i… |
n/a |
n/a |
2018-02-08T23:00:00.000Z | 2025-10-21T23:45:56.260Z |
| cve-2017-5802 | N/A | A Remote Gain Privileged Access vulnerability in … |
Hewlett Packard Enterprise |
Vertica Analytics Platform |
2018-02-15T22:00:00Z | 2024-09-16T18:08:08.732Z |
| cve-2017-7375 | N/A | A flaw in libxml2 allows remote XML entity inclus… |
n/a |
n/a |
2018-02-19T19:00:00.000Z | 2025-12-03T21:49:54.271Z |
| cve-2018-7046 | N/A | Arbitrary code execution vulnerability in Kentico… |
n/a |
n/a |
2018-02-20T15:00:00 | 2024-08-05T06:17:17.427Z |
| cve-2018-7205 | N/A | Reflected Cross-Site Scripting vulnerability in "… |
n/a |
n/a |
2018-02-20T15:00:00 | 2024-08-05T06:24:11.480Z |
| cve-2018-2380 | N/A | SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allow… |
SAP SE |
SAP CRM |
2018-03-01T17:00:00.000Z | 2025-10-21T23:45:56.073Z |
| cve-2018-6530 | N/A | OS command injection vulnerability in soap.cgi (s… |
n/a |
n/a |
2018-03-06T20:00:00.000Z | 2025-10-21T23:45:55.871Z |
| cve-2018-0147 | N/A | A vulnerability in Java deserialization used by C… |
n/a |
Cisco Secure Access Control System |
2018-03-08T07:00:00.000Z | 2025-10-21T23:45:55.560Z |
| cve-2018-1000124 | N/A | I Librarian I-librarian version 4.8 and earlier c… |
n/a |
n/a |
2018-03-13T21:00:00Z | 2024-09-17T02:01:01.634Z |
| cve-2018-6842 | N/A | Kentico 10 before 10.0.50 and 11 before 11.0.3 ha… |
n/a |
n/a |
2018-03-19T14:00:00 | 2024-08-05T06:17:15.831Z |
| cve-2018-6843 | N/A | Kentico 10 before 10.0.50 and 11 before 11.0.3 ha… |
n/a |
n/a |
2018-03-19T14:00:00 | 2024-08-05T06:17:15.848Z |
| cve-2018-7445 | N/A | A buffer overflow was found in the MikroTik Route… |
n/a |
n/a |
2018-03-19T21:00:00.000Z | 2025-10-21T23:45:55.366Z |
| cve-2017-17736 | N/A | Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48… |
n/a |
n/a |
2018-03-23T15:00:00 | 2024-08-05T20:59:17.691Z |
| cve-2018-1000137 | N/A | I, Librarian version 4.8 and earlier contains a C… |
n/a |
n/a |
2018-03-23T21:00:00Z | 2024-09-16T22:29:54.434Z |
| cve-2018-1000138 | N/A | I, Librarian version 4.8 and earlier contains a S… |
n/a |
n/a |
2018-03-23T21:00:00Z | 2024-09-16T20:58:08.917Z |
| cve-2018-1000139 | N/A | I, Librarian version 4.8 and earlier contains a C… |
n/a |
n/a |
2018-03-23T21:00:00Z | 2024-09-16T19:25:09.732Z |
| cve-2018-1000141 | N/A | I, Librarian version 4.9 and earlier contains an … |
n/a |
n/a |
2018-03-23T21:00:00Z | 2024-09-16T23:02:04.019Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-10092 | Malicious code in openxsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10093 | Malicious code in openza (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10094 | Malicious code in openzea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10095 | Malicious code in openzsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10096 | Malicious code in opesnea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10097 | Malicious code in opnesea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10098 | Malicious code in opnsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10099 | Malicious code in opwnsea (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10108 | Malicious code in pthon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10117 | Malicious code in pyhthon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10118 | Malicious code in pyhton (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10126 | Malicious code in pytbon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10127 | Malicious code in pytgon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10128 | Malicious code in pythkn (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10129 | Malicious code in pythn (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10130 | Malicious code in pythob (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10131 | Malicious code in pythom (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10134 | Malicious code in pythun (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10135 | Malicious code in pytiob (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10136 | Malicious code in pytiom (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10137 | Malicious code in pytjon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10138 | Malicious code in pytnon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10139 | Malicious code in pytoh (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10140 | Malicious code in pytohn (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10142 | Malicious code in pytojn (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10143 | Malicious code in pytonn (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10145 | Malicious code in pytuon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10146 | Malicious code in pytyon (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:53Z |
| mal-2024-10160 | Malicious code in sghsuzeghuisehguihdrhffdhfdh (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10173 | Malicious code in theerum (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2005:016 | Red Hat Security Advisory: kernel security update | 2005-01-21T15:37:00+00:00 | 2025-11-21T17:28:11+00:00 |
| rhsa-2005:017 | Red Hat Security Advisory: kernel security update | 2005-01-21T15:41:00+00:00 | 2025-11-21T17:28:11+00:00 |
| rhsa-2005:059 | Red Hat Security Advisory: xpdf security update | 2005-01-26T15:38:00+00:00 | 2025-11-21T17:28:20+00:00 |
| rhsa-2005:068 | Red Hat Security Advisory: less security update | 2005-01-26T15:40:00+00:00 | 2025-11-21T17:28:22+00:00 |
| rhsa-2005:039 | Red Hat Security Advisory: enscript security update | 2005-02-01T14:43:00+00:00 | 2025-11-21T17:28:17+00:00 |
| rhsa-2005:049 | Red Hat Security Advisory: cups security update | 2005-02-01T14:46:00+00:00 | 2025-11-21T17:28:18+00:00 |
| rhsa-2005:069 | Red Hat Security Advisory: perl security update | 2005-02-01T14:49:00+00:00 | 2025-11-21T17:28:22+00:00 |
| rhsa-2005:011 | Red Hat Security Advisory: ethereal security update | 2005-02-02T12:07:00+00:00 | 2025-11-21T17:28:08+00:00 |
| rhsa-2005:105 | Red Hat Security Advisory: perl security update | 2005-02-07T16:42:00+00:00 | 2025-11-21T17:28:28+00:00 |
| rhsa-2005:136 | Red Hat Security Advisory: mailman security update | 2005-02-10T14:20:00+00:00 | 2025-11-21T17:28:33+00:00 |
| rhsa-2005:104 | Red Hat Security Advisory: mod_python security update | 2005-02-10T15:56:00+00:00 | 2025-11-21T17:28:27+00:00 |
| rhsa-2005:112 | Red Hat Security Advisory: emacs security update | 2005-02-10T16:12:00+00:00 | 2025-11-21T17:28:33+00:00 |
| rhsa-2005:009 | Red Hat Security Advisory: kdelibs, kdebase security update | 2005-02-10T16:43:00+00:00 | 2025-11-21T17:28:08+00:00 |
| rhsa-2005:134 | Red Hat Security Advisory: xemacs security update | 2005-02-10T17:08:00+00:00 | 2025-11-21T17:28:33+00:00 |
| rhsa-2005:135 | Red Hat Security Advisory: squirrelmail security update | 2005-02-10T17:10:00+00:00 | 2025-11-21T17:28:33+00:00 |
| rhsa-2005:061 | Red Hat Security Advisory: squid security update | 2005-02-11T13:49:00+00:00 | 2025-11-21T17:28:21+00:00 |
| rhsa-2005:109 | Red Hat Security Advisory: python security update | 2005-02-14T09:40:00+00:00 | 2025-11-21T17:28:29+00:00 |
| rhsa-2005:141 | Red Hat Security Advisory: rh-postgresql security update | 2005-02-14T09:46:00+00:00 | 2025-11-21T17:28:35+00:00 |
| rhsa-2005:025 | Red Hat Security Advisory: exim security update | 2005-02-15T08:27:00+00:00 | 2025-11-21T17:28:13+00:00 |
| rhsa-2005:099 | Red Hat Security Advisory: squirrelmail security update | 2005-02-15T09:03:00+00:00 | 2025-11-21T17:28:26+00:00 |
| rhsa-2005:100 | Red Hat Security Advisory: mod_python security update | 2005-02-15T09:04:00+00:00 | 2025-11-21T17:28:26+00:00 |
| rhsa-2005:110 | Red Hat Security Advisory: emacs security update | 2005-02-15T09:13:00+00:00 | 2025-11-21T17:28:33+00:00 |
| rhsa-2005:103 | Red Hat Security Advisory: perl security update | 2005-02-15T09:18:00+00:00 | 2025-11-21T17:28:28+00:00 |
| rhsa-2005:040 | Red Hat Security Advisory: enscript security update | 2005-02-15T09:19:00+00:00 | 2025-11-21T17:28:18+00:00 |
| rhsa-2005:032 | Red Hat Security Advisory: php security update | 2005-02-15T09:23:00+00:00 | 2025-11-21T17:28:15+00:00 |
| rhsa-2005:033 | Red Hat Security Advisory: alsa-lib security update | 2005-02-15T09:25:00+00:00 | 2025-11-21T17:28:16+00:00 |
| rhsa-2005:034 | Red Hat Security Advisory: xpdf security update | 2005-02-15T09:27:00+00:00 | 2025-11-21T17:28:16+00:00 |
| rhsa-2005:035 | Red Hat Security Advisory: libtiff security update | 2005-02-15T09:28:00+00:00 | 2025-11-21T17:28:16+00:00 |
| rhsa-2005:108 | Red Hat Security Advisory: python security update | 2005-02-15T09:33:00+00:00 | 2025-11-21T17:28:28+00:00 |
| rhsa-2005:036 | Red Hat Security Advisory: vim security update | 2005-02-15T09:36:00+00:00 | 2025-11-21T17:28:17+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2020-12655 | An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata aka CID-d0c7feaf8767. | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-12656 | gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-12657 | An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body. | 2020-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-12659 | An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation. | 2020-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-12662 | Unbound before 1.10.1 has Insufficient Control of Network Message Volume aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. | 2020-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-12663 | Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. | 2020-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-12762 | json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file as demonstrated by printbuf_memappend. | 2020-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-12768 | An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot the size is negligible and it can't be triggered at will | 2020-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-12770 | An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case aka CID-83c6f2390040. | 2020-05-02T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| msrc_cve-2020-12771 | An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-12825 | libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. | 2020-05-02T00:00:00.000Z | 2025-10-01T23:11:04.000Z |
| msrc_cve-2020-12826 | A signal access-control issue was discovered in the Linux kernel before 5.6.5 aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits an integer overflow can interfere with a do_notify_parent protection mechanism. A child process can send an arbitrary signal to a parent process in a different security domain. Exploitation limitations include the amount of elapsed time before an integer overflow occurs and the lack of scenarios where signals to a parent process present a substantial operational threat. | 2020-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-12888 | The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13143 | gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value which allows attackers to trigger an out-of-bounds read aka CID-15753588bcd4. | 2020-05-02T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| msrc_cve-2020-13253 | sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13361 | In QEMU 5.0.0 and earlier es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13362 | In QEMU 5.0.0 and earlier megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. | 2020-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13434 | SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | 2020-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2020-13435 | SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | 2020-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2020-13630 | ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow related to the snippet feature. | 2020-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2020-13631 | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables related to alter.c and build.c. | 2020-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2020-13632 | ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 2020-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2020-13645 | In GNOME glib-networking through 2.64.2 the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior to fail the certificate verification. Applications that fail to provide the server identity including Balsa before 2.5.11 and 2.6.x before 2.6.1 accept a TLS certificate if the certificate is valid for any host. | 2020-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2019-20810 | go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path which causes a memory leak aka CID-9453264ef586. | 2020-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2019-20838 | libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled and \X or \R has more than one fixed quantifier a related issue to CVE-2019-20454. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20892 | net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions but might not affect an upstream release. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-10702 | A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-10757 | A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. | 2020-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-10761 | An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-11080 | Denial of service in nghttp2 | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2010-001761 | Denial of Service (DoS) Vulnerability in HiRDB | 2010-08-10T12:13+09:00 | 2010-08-10T12:13+09:00 |
| jvndb-2010-001762 | Arbitrary Code Execution Vulnerability in JP1/Cm2/Network Node Manager | 2010-08-10T12:14+09:00 | 2010-08-10T12:14+09:00 |
| jvndb-2010-000031 | Microsoft Windows denial of service (DoS) vulnerability | 2010-08-13T18:44+09:00 | 2010-08-13T18:44+09:00 |
| jvndb-2010-000027 | Winny BBS information processing vulnerability | 2010-08-20T17:17+09:00 | 2010-08-20T17:17+09:00 |
| jvndb-2010-000028 | Winny node information processing vulnerability | 2010-08-20T17:17+09:00 | 2010-08-20T17:17+09:00 |
| jvndb-2010-000029 | Winny vulnerable to buffer overflow | 2010-08-20T17:18+09:00 | 2010-08-20T17:18+09:00 |
| jvndb-2010-000030 | Winny vulnerable to buffer overflow | 2010-08-20T17:18+09:00 | 2010-08-20T17:18+09:00 |
| jvndb-2010-000032 | SEIL/X Series and SEIL/B1 IPv6 Unicast RPF vulnerability | 2010-08-25T13:54+09:00 | 2010-08-25T13:54+09:00 |
| jvndb-2010-000033 | moobbs vulnerable to cross-site scripting | 2010-08-31T14:16+09:00 | 2010-08-31T14:16+09:00 |
| jvndb-2010-000034 | moobbs2 vulnerable to cross-site scripting | 2010-08-31T14:16+09:00 | 2010-08-31T14:16+09:00 |
| jvndb-2010-001874 | Denial of Service (DoS) Vulnerability in Cosminexus | 2010-09-01T14:11+09:00 | 2010-09-01T14:11+09:00 |
| jvndb-2010-001875 | Denial of Service (DoS) Vulnerability in JP1/ServerConductor/Control Manager | 2010-09-01T14:11+09:00 | 2010-09-01T14:11+09:00 |
| jvndb-2010-001876 | Denial of Service (DoS) Vulnerability in JP1/AJS Built-in Database | 2010-09-01T14:11+09:00 | 2010-09-01T14:11+09:00 |
| jvndb-2010-001877 | Denial of Service (DoS) Vulnerability in JP1/PAM | 2010-09-01T14:12+09:00 | 2010-09-01T14:12+09:00 |
| jvndb-2010-001878 | Denial of Service (DoS) Vulnerability in JP1/Integrated Manager and JP1/Integrated Management | 2010-09-01T14:12+09:00 | 2010-09-01T14:12+09:00 |
| jvndb-2010-001879 | Denial of Service (DoS) Vulnerability in JP1/NETM | 2010-09-01T14:12+09:00 | 2010-12-17T14:46+09:00 |
| jvndb-2010-000035 | Cross-site scripting vulnerability in Access Analyzer CGI by futomi's CGI Cafe | 2010-09-10T17:25+09:00 | 2010-09-10T17:25+09:00 |
| jvndb-2010-001959 | Denial of Service (DoS) Vulnerability in Hitachi Storage Command Suite Built-in Database | 2010-09-15T13:45+09:00 | 2010-09-15T13:45+09:00 |
| jvndb-2010-001958 | Denial of Service (DoS) Vulnerability in JP1/Desktop Navigation Built-in Database | 2010-09-15T13:46+09:00 | 2010-09-15T13:46+09:00 |
| jvndb-2010-002011 | JP1/NETM/Remote Control Agent Authentication Bypass Vulnerability | 2010-09-21T14:10+09:00 | 2010-09-21T14:10+09:00 |
| jvndb-2010-000036 | AD-EDIT2 vulnerable to cross-site scripting | 2010-10-05T19:31+09:00 | 2010-10-05T19:31+09:00 |
| jvndb-2010-002077 | Phishing Vulnerability in Accela BizSearch Document View Window | 2010-10-13T16:58+09:00 | 2010-10-13T16:58+09:00 |
| jvndb-2010-002078 | Multiple Vulnerabilities in Groupmax Scheduler Server | 2010-10-13T16:58+09:00 | 2010-10-13T16:58+09:00 |
| jvndb-2010-000037 | Lhaplus may insecurely load dynamic libraries | 2010-10-18T19:36+09:00 | 2010-10-18T19:36+09:00 |
| jvndb-2010-000038 | Lhasa may insecurely load executable files | 2010-10-18T19:36+09:00 | 2010-10-18T19:36+09:00 |
| jvndb-2010-000042 | Cross-site Request Forgery Vulnerability in Oracle iPlanet Web Server | 2010-10-18T19:37+09:00 | 2010-10-18T19:37+09:00 |
| jvndb-2010-000039 | Lhaplus may insecurely load executable files | 2010-10-20T17:40+09:00 | 2010-10-20T17:40+09:00 |
| jvndb-2010-000040 | XacRett may insecurely load executable files | 2010-10-20T17:40+09:00 | 2010-10-20T17:40+09:00 |
| jvndb-2010-000041 | K2Editor may insecurely load executable files | 2010-10-20T17:41+09:00 | 2010-10-20T17:41+09:00 |
| jvndb-2010-000043 | Explzh may insecurely load executable files | 2010-10-20T17:41+09:00 | 2010-10-20T17:41+09:00 |
| ID | Description | Updated |
|---|