Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-4xfj-vf8f-vwpp | An integer overflow can occur during conversion of text to some Unicode character sets due to an un… | 2022-05-14T01:27:14Z | 2025-11-25T18:32:12Z |
| ghsa-x4cw-r9m3-pj4c | A lack of parameter validation on IPC messages results in a potential out-of-bounds write through m… | 2022-05-14T01:27:14Z | 2025-11-25T18:32:12Z |
| ghsa-rj3q-q9f3-gr2v | Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attacke… | 2022-05-14T01:28:01Z | 2025-12-18T12:30:27Z |
| ghsa-j583-4cfp-xf9m | MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and … | 2022-05-14T01:28:26Z | 2025-10-22T00:31:36Z |
| ghsa-3rrv-gxmq-5643 | Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zim… | 2022-05-14T01:28:46Z | 2025-10-22T00:31:30Z |
| ghsa-9f5c-v3c9-rfhg | An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply … | 2022-05-14T01:29:13Z | 2025-10-22T00:31:35Z |
| ghsa-7vx2-3c54-4w62 | Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Fire… | 2022-05-14T01:29:44Z | 2025-11-25T18:32:15Z |
| ghsa-fhjm-pw82-9596 | Mozilla developers and community members reported memory safety bugs present in Firefox ESR 60.2. S… | 2022-05-14T01:29:44Z | 2025-11-25T18:32:15Z |
| ghsa-7fh9-933g-885p | Drupal Core Remote Code Execution Vulnerability | 2022-05-14T01:29:45Z | 2025-10-22T17:30:06Z |
| ghsa-xxh5-92qj-c4gh | A WebExtension can request access to local files without the warning prompt stating that the extens… | 2022-05-14T01:30:05Z | 2025-11-25T18:32:15Z |
| ghsa-82gq-xhgq-4fqw | There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PH… | 2022-05-14T01:30:42Z | 2025-12-09T18:30:25Z |
| ghsa-grv7-685f-m26h | Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload … | 2022-05-14T01:31:08Z | 2025-10-22T00:31:37Z |
| ghsa-4wxx-xmrx-3xq9 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Wind… | 2022-05-14T01:31:24Z | 2025-10-22T03:30:41Z |
| ghsa-j28h-3q4c-49h2 | The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2,… | 2022-05-14T01:31:24Z | 2025-10-22T03:30:41Z |
| ghsa-wjjh-xg7v-8wf9 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Wind… | 2022-05-14T01:31:24Z | 2025-10-22T03:30:41Z |
| ghsa-f2wh-c6mm-3vrx | The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows … | 2022-05-14T01:31:28Z | 2025-10-22T03:30:34Z |
| ghsa-6j7w-pxhr-g4pr | Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and … | 2022-05-14T01:31:44Z | 2025-10-22T03:30:28Z |
| ghsa-8q8w-v8pg-496j | afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do… | 2022-05-14T01:32:14Z | 2025-10-22T03:30:29Z |
| ghsa-w35f-w5cg-jqhh | ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated … | 2022-05-14T01:32:41Z | 2025-10-22T00:31:37Z |
| ghsa-pg3m-fww2-6vrj | Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via uns… | 2022-05-14T01:34:57Z | 2025-11-17T21:31:17Z |
| ghsa-26v8-ffh8-7vqg | Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vuln… | 2022-05-14T01:38:22Z | 2025-11-16T18:30:14Z |
| ghsa-mj28-fjwp-xqh8 | The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attac… | 2022-05-14T01:41:57Z | 2025-11-04T00:30:29Z |
| ghsa-wff4-h782-3qx9 | The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attacke… | 2022-05-14T01:41:57Z | 2025-11-04T00:30:29Z |
| ghsa-36cr-x5x9-99f3 | Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric StruxureWare SCADA Expert… | 2022-05-14T01:44:28Z | 2025-11-05T00:31:11Z |
| ghsa-q6fc-f6x3-vfx6 | Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote attac… | 2022-05-14T01:44:28Z | 2025-11-05T00:31:11Z |
| ghsa-wxww-p46r-jjv2 | Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 uses the MD5 algori… | 2022-05-14T01:44:28Z | 2025-11-05T00:31:11Z |
| ghsa-5ppv-vhvv-pxhh | Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0… | 2022-05-14T01:46:43Z | 2025-11-17T21:31:15Z |
| ghsa-955p-xvq6-xggj | Double free vulnerability in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x befor… | 2022-05-14T01:49:29Z | 2025-10-22T03:30:36Z |
| ghsa-qx9j-q623-p5fh | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0… | 2022-05-14T01:49:30Z | 2025-10-22T03:30:35Z |
| ghsa-h9rj-88q7-9jg3 | Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06… | 2022-05-14T01:49:39Z | 2025-11-21T18:30:26Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2019-3396 | N/A | The Widget Connector macro in Atlassian Confluenc… |
Atlassian |
Confluence Server |
2019-03-25T18:37:06.256Z | 2025-10-21T23:45:41.385Z |
| cve-2019-9053 | N/A | An issue was discovered in CMS Made Simple 2.2.8.… |
n/a |
n/a |
2019-03-26T16:15:38.000Z | 2025-11-17T19:19:52.125Z |
| cve-2014-5401 | 10 (v2.0) | Hospira MedNet Code Injection |
Hospira |
MedNet |
2019-03-26T16:21:54 | 2025-11-03T18:20:04.649Z |
| cve-2019-10068 | N/A | An issue was discovered in Kentico 12.0.x before … |
n/a |
n/a |
2019-03-26T17:43:23.000Z | 2025-10-21T23:45:41.184Z |
| cve-2019-5418 | N/A | There is a File Content Disclosure vulnerability … |
Rails |
https://github.com/rails/rails |
2019-03-27T13:38:58.000Z | 2025-10-21T23:45:41.038Z |
| cve-2018-4344 | N/A | A memory corruption issue was addressed with impr… |
n/a |
iOS, macOS, tvOS, watchOS |
2019-04-03T17:43:15.000Z | 2025-10-21T23:45:40.920Z |
| cve-2019-11001 | N/A | On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, an… |
n/a |
n/a |
2019-04-08T17:00:21.000Z | 2025-10-21T23:45:40.747Z |
| cve-2019-0211 | N/A | In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.… |
Apache |
Apache HTTP Server |
2019-04-08T21:31:09.000Z | 2025-10-21T23:45:40.583Z |
| cve-2019-0703 | N/A | An information disclosure vulnerability exists in… |
Microsoft |
Windows |
2019-04-08T23:41:43.000Z | 2025-10-21T23:45:40.413Z |
| cve-2019-0808 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-04-09T02:31:32.000Z | 2025-10-21T23:45:40.287Z |
| cve-2019-0797 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows Server |
2019-04-09T02:34:55.000Z | 2025-10-21T23:45:40.120Z |
| cve-2019-0752 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Internet Explorer 11 |
2019-04-09T20:15:16.000Z | 2025-10-21T23:45:39.942Z |
| cve-2019-0803 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-04-09T20:15:28.000Z | 2025-10-21T23:45:39.783Z |
| cve-2019-0841 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-04-09T20:18:32.000Z | 2025-10-21T23:45:39.637Z |
| cve-2019-0859 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-04-09T20:19:48.000Z | 2025-10-21T23:45:39.450Z |
| cve-2019-3398 | N/A | Confluence Server and Data Center had a path trav… |
Atlassian |
Confluence |
2019-04-18T17:21:37.687Z | 2025-10-21T23:45:39.283Z |
| cve-2019-2616 | N/A | Vulnerability in the BI Publisher (formerly XML P… |
Oracle Corporation |
BI Publisher (formerly XML Publisher) |
2019-04-23T18:16:41.000Z | 2025-10-21T23:45:39.141Z |
| cve-2019-11539 | In Pulse Secure Pulse Connect Secure version 9.0R… |
n/a |
n/a |
2019-04-26T01:39:36.000Z | 2025-10-21T23:45:38.985Z | |
| cve-2019-2725 | Vulnerability in the Oracle WebLogic Server compo… |
Oracle Corporation |
Tape Library ACSLS |
2019-04-26T18:21:08.000Z | 2025-10-21T23:45:38.748Z | |
| cve-2019-9621 | N/A | Zimbra Collaboration Suite before 8.6 patch 13, 8… |
n/a |
n/a |
2019-04-30T17:40:53.000Z | 2025-10-21T23:45:38.514Z |
| cve-2019-3929 | N/A | The Crestron AM-100 firmware 1.6.0.2, Crestron AM… |
Crestron |
Crestron AirMedia, Barco WePresent, Extron ShareLink, Teq AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, InFocus LiteShow3, and InFocus LiteShow4. |
2019-04-30T20:21:09.000Z | 2025-10-21T23:45:38.287Z |
| cve-2017-18368 | N/A | The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001… |
n/a |
n/a |
2019-05-02T16:14:16.000Z | 2025-10-21T23:45:37.999Z |
| cve-2018-4063 | N/A | An exploitable remote code execution vulnerabilit… |
n/a |
Sierra Wireless |
2019-05-06T18:43:31.000Z | 2025-12-13T04:55:16.023Z |
| cve-2019-11510 | In Pulse Secure Pulse Connect Secure (PCS) 8.2 be… |
n/a |
n/a |
2019-05-08T16:18:28.000Z | 2025-10-21T23:45:37.755Z | |
| cve-2019-3568 | N/A | A buffer overflow vulnerability in WhatsApp VOIP … |
Facebook |
WhatsApp for Android |
2019-05-14T19:52:40.000Z | 2025-10-21T23:45:37.464Z |
| cve-2018-14839 | N/A | LG N1A1 NAS 3718.510 is affected by: Remote Comma… |
n/a |
n/a |
2019-05-14T20:01:16.000Z | 2025-10-21T23:45:37.288Z |
| cve-2019-0708 | N/A | A remote code execution vulnerability exists in R… |
Microsoft |
Windows |
2019-05-16T18:17:00.000Z | 2025-10-21T23:45:37.137Z |
| cve-2019-0863 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-05-16T18:17:00.000Z | 2025-10-21T23:45:36.978Z |
| cve-2019-0903 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Windows |
2019-05-16T18:17:02.000Z | 2025-10-21T23:45:36.743Z |
| cve-2019-11634 | N/A | Citrix Workspace App before 1904 for Windows has … |
n/a |
n/a |
2019-05-22T16:46:42.000Z | 2025-10-21T23:45:36.556Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2017-12319 | N/A | A vulnerability in the Border Gateway Protocol (B… |
n/a |
Cisco IOS XE |
2018-03-27T09:00:00.000Z | 2025-10-21T23:45:55.213Z |
| cve-2018-6882 | N/A | Cross-site scripting (XSS) vulnerability in the Z… |
n/a |
n/a |
2018-03-27T16:00:00.000Z | 2025-10-21T23:45:55.042Z |
| cve-2018-0151 | N/A | A vulnerability in the quality of service (QoS) s… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.884Z |
| cve-2018-0154 | N/A | A vulnerability in the crypto engine of the Cisco… |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.725Z |
| cve-2018-0155 | N/A | A vulnerability in the Bidirectional Forwarding D… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.581Z |
| cve-2018-0156 | N/A | A vulnerability in the Smart Install feature of C… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.405Z |
| cve-2018-0158 | N/A | A vulnerability in the Internet Key Exchange Vers… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.255Z |
| cve-2018-0159 | N/A | A vulnerability in the implementation of Internet… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:54.112Z |
| cve-2018-0161 | N/A | A vulnerability in the Simple Network Management … |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.985Z |
| cve-2018-0167 | N/A | Multiple Buffer Overflow vulnerabilities in the L… |
n/a |
Cisco IOS, IOS XE, and IOS XR |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.814Z |
| cve-2018-0171 | N/A | A vulnerability in the Smart Install feature of C… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.665Z |
| cve-2018-0172 | N/A | A vulnerability in the DHCP option 82 encapsulati… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.521Z |
| cve-2018-0173 | N/A | A vulnerability in the Cisco IOS Software and Cis… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.331Z |
| cve-2018-0174 | N/A | A vulnerability in the DHCP option 82 encapsulati… |
n/a |
Cisco IOS and IOS XE |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:53.179Z |
| cve-2018-0175 | N/A | Format String vulnerability in the Link Layer Dis… |
n/a |
Cisco IOS, IOS XE, and IOS XR |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:52.972Z |
| cve-2018-0179 | N/A | Multiple vulnerabilities in the Login Enhancement… |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:52.817Z |
| cve-2018-0180 | N/A | Multiple vulnerabilities in the Login Enhancement… |
n/a |
Cisco IOS |
2018-03-28T22:00:00.000Z | 2025-10-21T23:45:52.663Z |
| cve-2018-7600 | N/A | Drupal before 7.58, 8.x before 8.3.9, 8.4.x befor… |
n/a |
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 |
2018-03-29T07:00:00.000Z | 2025-10-21T23:45:52.444Z |
| cve-2018-1273 | N/A | Spring Data Commons, versions prior to 1.13 to 1.… |
Spring by Pivotal |
Spring Framework |
2018-04-11T13:00:00.000Z | 2025-10-21T23:45:52.285Z |
| cve-2017-0358 | N/A | ntfs-3g: Modprobe influence vulnerability via environm… |
ntfs-3g |
ntfs-3g |
2018-04-13T15:00:00.000Z | 2025-12-04T16:01:26.539Z |
| cve-2018-5430 | TIBCO JasperReports Server Information Disclosure Vuln… |
TIBCO Software Inc. |
TIBCO JasperReports Server |
2018-04-17T18:00:00.000Z | 2025-10-21T23:45:52.130Z | |
| cve-2018-2628 | N/A | Vulnerability in the Oracle WebLogic Server compo… |
Oracle Corporation |
WebLogic Server |
2018-04-19T02:00:00.000Z | 2025-10-21T23:45:51.974Z |
| cve-2018-10561 | N/A | An issue was discovered on Dasan GPON home router… |
n/a |
n/a |
2018-05-04T03:00:00.000Z | 2025-10-21T23:45:51.827Z |
| cve-2018-10562 | N/A | An issue was discovered on Dasan GPON home router… |
n/a |
n/a |
2018-05-04T03:00:00.000Z | 2025-10-21T23:45:51.689Z |
| cve-2018-0824 | N/A | A remote code execution vulnerability exists in "… |
n/a |
n/a |
2018-05-09T19:00:00.000Z | 2025-10-21T23:45:51.530Z |
| cve-2018-8120 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows Server 2008 |
2018-05-09T19:00:00.000Z | 2025-10-21T23:45:51.354Z |
| cve-2018-8174 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Windows 7 |
2018-05-09T19:00:00.000Z | 2025-10-21T23:45:51.195Z |
| cve-2018-4939 | N/A | Adobe ColdFusion Update 5 and earlier versions, C… |
n/a |
Adobe ColdFusion ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions |
2018-05-19T17:00:00.000Z | 2025-10-21T23:45:51.042Z |
| cve-2018-1125 | procps-ng before version 3.3.15 is vulnerable to … |
[UNKNOWN] |
procps-ng, procps |
2018-05-23T14:00:00.000Z | 2025-12-17T22:09:11.636Z | |
| cve-2018-11544 | N/A | The Olive Tree Ftp Server application 1.32 for An… |
n/a |
n/a |
2018-05-29T21:00:00.000Z | 2025-11-11T18:26:17.468Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-10187 | Malicious code in w3b (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10188 | Malicious code in w3b-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10189 | Malicious code in w3eb (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10192 | Malicious code in wb3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10193 | Malicious code in wb3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10194 | Malicious code in wbe3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10195 | Malicious code in wbe3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10196 | Malicious code in wdb3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10197 | Malicious code in we3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10198 | Malicious code in we3b (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10199 | Malicious code in web2 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10200 | Malicious code in web3-0py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10201 | Malicious code in web3-p6 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10202 | Malicious code in web3-p7 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10203 | Malicious code in web3-po (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10204 | Malicious code in web3-pu (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10206 | Malicious code in web3-py9 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10207 | Malicious code in web3-pyu (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10208 | Malicious code in web3-pyy (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10209 | Malicious code in web3e (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10210 | Malicious code in web3q (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10211 | Malicious code in web4-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10212 | Malicious code in webt3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10213 | Malicious code in weeb3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10214 | Malicious code in werb3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10215 | Malicious code in wev3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10216 | Malicious code in wev3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10217 | Malicious code in wweb (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10218 | Malicious code in wweb3 (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| mal-2024-10219 | Malicious code in wweb3-py (PyPI) | 2024-06-28T20:16:20Z | 2025-12-11T09:27:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2005:060 | Red Hat Security Advisory: squid security update | 2005-02-15T09:37:00+00:00 | 2025-11-21T17:28:22+00:00 |
| rhsa-2005:133 | Red Hat Security Advisory: xemacs security update | 2005-02-15T09:42:00+00:00 | 2025-11-21T17:28:32+00:00 |
| rhsa-2005:045 | Red Hat Security Advisory: krb5 security update | 2005-02-15T09:44:00+00:00 | 2025-11-21T17:28:18+00:00 |
| rhsa-2005:053 | Red Hat Security Advisory: CUPS security update | 2005-02-15T09:47:00+00:00 | 2025-11-21T17:28:20+00:00 |
| rhsa-2005:071 | Red Hat Security Advisory: ImageMagick security update | 2005-02-15T09:52:00+00:00 | 2025-11-21T17:28:23+00:00 |
| rhsa-2005:137 | Red Hat Security Advisory: mailman security update | 2005-02-15T09:55:00+00:00 | 2025-11-21T17:28:34+00:00 |
| rhsa-2005:072 | Red Hat Security Advisory: perl-DBI security update | 2005-02-15T09:56:00+00:00 | 2025-11-21T17:28:24+00:00 |
| rhsa-2005:138 | Red Hat Security Advisory: postgresql security update | 2005-02-15T10:02:00+00:00 | 2025-11-21T17:28:34+00:00 |
| rhsa-2005:065 | Red Hat Security Advisory: kdelibs security update | 2005-02-15T10:12:00+00:00 | 2025-11-21T17:28:21+00:00 |
| rhsa-2005:073 | Red Hat Security Advisory: cpio security update | 2005-02-15T10:13:00+00:00 | 2025-11-21T17:28:23+00:00 |
| rhsa-2005:057 | Red Hat Security Advisory: gpdf security update | 2005-02-15T10:15:00+00:00 | 2025-11-21T17:28:20+00:00 |
| rhsa-2005:066 | Red Hat Security Advisory: kdegraphics security update | 2005-02-15T10:18:00+00:00 | 2025-11-21T17:28:21+00:00 |
| rhsa-2005:090 | Red Hat Security Advisory: htdig security update | 2005-02-15T10:20:00+00:00 | 2025-11-21T17:28:25+00:00 |
| rhsa-2005:094 | Red Hat Security Advisory: thunderbird security update | 2005-02-15T10:26:00+00:00 | 2025-11-21T17:28:25+00:00 |
| rhsa-2005:150 | Red Hat Security Advisory: postgresql security update | 2005-02-16T16:25:00+00:00 | 2025-11-21T17:28:35+00:00 |
| rhsa-2005:114 | Red Hat Security Advisory: imap security update | 2005-02-18T15:16:00+00:00 | 2025-11-21T17:28:31+00:00 |
| rhsa-2005:122 | Red Hat Security Advisory: vim security update | 2005-02-18T15:22:00+00:00 | 2025-11-21T17:28:31+00:00 |
| rhsa-2005:132 | Red Hat Security Advisory: cups security update | 2005-02-18T15:26:00+00:00 | 2025-11-21T17:28:31+00:00 |
| rhsa-2005:080 | Red Hat Security Advisory: cpio security update | 2005-02-18T15:28:00+00:00 | 2025-11-21T17:28:24+00:00 |
| rhsa-2005:092 | Red Hat Security Advisory: kernel security update | 2005-02-18T17:20:00+00:00 | 2025-11-21T17:28:25+00:00 |
| rhsa-2005:128 | Red Hat Security Advisory: imap security update | 2005-02-23T17:17:00+00:00 | 2025-11-21T17:28:31+00:00 |
| rhsa-2005:176 | Red Hat Security Advisory: firefox security update | 2005-03-01T19:01:00+00:00 | 2025-11-21T17:28:37+00:00 |
| rhsa-2005:265 | Red Hat Security Advisory: RealPlayer security update | 2005-03-03T15:21:00+00:00 | 2025-11-21T17:28:41+00:00 |
| rhsa-2005:173 | Red Hat Security Advisory: squid security update | 2005-03-03T15:26:00+00:00 | 2025-11-21T17:28:36+00:00 |
| rhsa-2005:175 | Red Hat Security Advisory: kdenetwork security update | 2005-03-03T15:33:00+00:00 | 2025-11-21T17:28:36+00:00 |
| rhsa-2005:271 | Red Hat Security Advisory: HelixPlayer security update | 2005-03-03T20:06:00+00:00 | 2025-11-21T17:28:42+00:00 |
| rhsa-2005:217 | Red Hat Security Advisory: mc security update | 2005-03-04T09:08:00+00:00 | 2025-11-21T17:28:38+00:00 |
| rhsa-2005:213 | Red Hat Security Advisory: xpdf security update | 2005-03-04T09:14:00+00:00 | 2025-11-21T17:28:38+00:00 |
| rhsa-2005:152 | Red Hat Security Advisory: postfix security update | 2005-03-16T14:56:00+00:00 | 2025-11-21T17:28:35+00:00 |
| rhsa-2005:201 | Red Hat Security Advisory: squid security update | 2005-03-16T14:58:00+00:00 | 2025-11-21T17:28:38+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2020-13659 | address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13754 | hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13776 | systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13777 | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation the TLS server always uses wrong data in place of an encryption key derived from an application. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13791 | hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13800 | ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-13962 | Qt 5.12.2 through 5.14.2 as used in unofficial builds of Mumble 1.3.0 and other products mishandles OpenSSL's error queue which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected regardless of the Qt version.) | 2020-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-13974 | An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected. | 2020-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2020-14147 | An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression. | 2020-06-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-14150 | GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison. | 2020-06-02T00:00:00.000Z | 2025-10-01T23:11:04.000Z |
| msrc_cve-2020-14152 | In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. | 2020-06-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2020-14155 | libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-14422 | Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects and this attacker can cause many dictionary entries to be created. This is fixed in: v3.5.10 v3.5.10rc1; v3.6.12; v3.7.9; v3.8.4 v3.8.4rc1 v3.8.5 v3.8.6 v3.8.6rc1; v3.9.0 v3.9.0b4 v3.9.0b5 v3.9.0rc1 v3.9.0rc2. | 2020-06-02T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| msrc_cve-2020-15358 | In SQLite before 3.32.3 select.c mishandles query-flattener optimization leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | 2020-06-02T00:00:00.000Z | 2021-02-11T00:00:00.000Z |
| msrc_cve-2020-15393 | In the Linux kernel 4.4 through 5.7.6 usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak aka CID-28ebeb8db770. | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-4040 | CSRF issue on preview pages in Bolt CMS | 2020-06-02T00:00:00.000Z | 2025-10-01T23:11:06.000Z |
| msrc_cve-2020-4041 | The filename of uploaded files vulnerable to stored XSS in Bolt CMS | 2020-06-02T00:00:00.000Z | 2025-10-01T23:11:07.000Z |
| msrc_cve-2020-7014 | The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges. | 2020-06-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2020-8618 | A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2020-8619 | A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer | 2020-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-19338 | A flaw was found in the fix for CVE-2019-11135 in the Linux upstream kernel versions before 5.5 where the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0) but is not affected by the MDS issue (MDS_NO=1) the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability. | 2020-07-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2019-20907 | In Lib/tarfile.py in Python through 3.8.3 an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open because _proc_pax lacks header validation. | 2020-07-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2020-10713 | A flaw was found in grub2 prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel an attacker would first need to establish access to the system such as gaining physical access obtain the ability to alter a pxe-boot network or have remote access to a networked system with root access. With this access an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2020-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-14039 | In Go before 1.13.13 and 1.14.x before 1.14.5 Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus X.509 certificate verification is incomplete. | 2020-07-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2020-14308 | In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process. | 2020-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-14309 | There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. | 2020-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-14310 | There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX leading to read_section_as_string() to an arithmetic overflow zero-sized allocation and further heap-based buffer overflow. | 2020-07-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2020-14311 | There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow. | 2020-07-02T00:00:00.000Z | 2025-07-11T00:00:00.000Z |
| msrc_cve-2020-14539 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). | 2020-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2010-000044 | Archive Decoder may insecurely load executable files | 2010-10-20T17:41+09:00 | 2010-10-20T17:41+09:00 |
| jvndb-2010-000047 | Sleipnir and Grani may insecurely load dynamic libraries | 2010-10-25T17:42+09:00 | 2010-10-25T17:42+09:00 |
| jvndb-2010-000048 | Sleipnir and Grani may insecurely load executable files | 2010-10-25T17:43+09:00 | 2010-10-25T17:43+09:00 |
| jvndb-2010-000049 | Multiple Yokka provided products may insecurely load executable files | 2010-10-25T17:43+09:00 | 2010-10-25T17:43+09:00 |
| jvndb-2010-000045 | TeraPad may insecurely load dynamic libraries | 2010-10-26T16:51+09:00 | 2010-10-26T16:51+09:00 |
| jvndb-2010-000046 | Apsaly may insecurely load executable files | 2010-10-26T16:52+09:00 | 2010-10-26T16:52+09:00 |
| jvndb-2010-000050 | Active! mail 6 vulnerable to HTTP header injection | 2010-10-29T20:36+09:00 | 2010-10-29T20:36+09:00 |
| jvndb-2010-000051 | GVim may insecurely load dynamic libraries | 2010-11-01T18:51+09:00 | 2010-11-01T18:51+09:00 |
| jvndb-2010-000052 | Ichitaro series vulnerable to arbitrary code execution | 2010-11-04T19:10+09:00 | 2010-11-05T16:15+09:00 |
| jvndb-2010-000053 | Ichitaro series vulnerable to arbitrary code execution | 2010-11-04T19:11+09:00 | 2010-11-05T16:15+09:00 |
| jvndb-2010-000054 | Flash Player access restriction bypass vulnerability | 2010-11-09T19:59+09:00 | 2011-02-01T16:22+09:00 |
| jvndb-2010-001538 | Safari address bar spoofing vulnerability | 2010-11-26T17:16+09:00 | 2010-12-10T17:48+09:00 |
| jvndb-2010-000056 | Google Chrome information disclosure vulnerability | 2010-11-26T17:32+09:00 | 2010-11-26T17:32+09:00 |
| jvndb-2010-000057 | Clipboard contents alteration vulnerability in Sleipnir | 2010-12-01T20:27+09:00 | 2010-12-01T20:27+09:00 |
| jvndb-2010-000058 | Clipboard contents alteration vulnerability in Grani | 2010-12-01T20:27+09:00 | 2010-12-01T20:27+09:00 |
| jvndb-2010-000059 | Vulnerability in Epson printer driver installer where access permissions are changed | 2010-12-08T18:25+09:00 | 2010-12-08T18:25+09:00 |
| jvndb-2010-000060 | Movable Type vulnerable to cross-site scripting | 2010-12-08T18:26+09:00 | 2010-12-08T18:26+09:00 |
| jvndb-2010-000061 | Movable Type vulnerable to SQL injection | 2010-12-08T18:28+09:00 | 2010-12-08T18:28+09:00 |
| jvndb-2010-002467 | Interstage Application Server Information Disclosure Vulnerability | 2010-12-14T15:18+09:00 | 2010-12-14T15:18+09:00 |
| jvndb-2010-002468 | EUR Form Client Arbitrary File Execution Vulnerability | 2010-12-14T15:21+09:00 | 2010-12-14T15:21+09:00 |
| jvndb-2010-000062 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:18+09:00 | 2010-12-15T18:18+09:00 |
| jvndb-2010-000063 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:19+09:00 | 2010-12-15T18:19+09:00 |
| jvndb-2010-000064 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:19+09:00 | 2010-12-15T18:19+09:00 |
| jvndb-2010-000065 | Internet Explorer vulnerable to cross-site scripting | 2010-12-15T18:20+09:00 | 2010-12-15T18:20+09:00 |
| jvndb-2010-000066 | AttacheCase may insecurely load executable files | 2010-12-17T18:30+09:00 | 2010-12-17T18:30+09:00 |
| jvndb-2010-002528 | Buffer Overflow Vulnerability in Hitachi Groupmax Related Products | 2010-12-24T16:22+09:00 | 2010-12-24T16:22+09:00 |
| jvndb-2010-002529 | Access Control Security Bypass Vulnerability in Interstage Application Server | 2010-12-24T16:25+09:00 | 2010-12-24T16:25+09:00 |
| jvndb-2007-000398 | SquirrelMail vulnerable to cross-site scripting | 2011-01-07T14:39+09:00 | 2011-01-07T14:39+09:00 |
| jvndb-2009-002207 | SquirrelMail vulnerable to cross-site request forgery | 2011-01-07T14:40+09:00 | 2011-01-07T14:40+09:00 |
| jvndb-2011-000001 | Contents-Mall vulnerability in password handling | 2011-01-13T11:41+09:00 | 2011-01-13T11:41+09:00 |
| ID | Description | Updated |
|---|