Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-99xm-29ff-vvqm | WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denia… | 2022-05-14T03:19:57Z | 2025-10-22T00:31:16Z |
| ghsa-j5r3-wq62-8gp5 | In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was fou… | 2022-05-14T03:22:30Z | 2025-10-22T00:31:29Z |
| ghsa-v596-x9hf-63gj | A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session re… | 2022-05-14T03:29:33Z | 2025-10-22T00:31:30Z |
| ghsa-q5wm-274q-f3v6 | Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is … | 2022-05-14T03:30:19Z | 2025-10-22T00:31:30Z |
| ghsa-5cr3-r8pg-5j63 | The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 … | 2022-05-14T03:30:40Z | 2025-10-22T00:31:18Z |
| ghsa-22j7-69m5-2pqh | SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation o… | 2022-05-14T03:35:51Z | 2025-10-22T00:31:29Z |
| ghsa-p5jc-xg44-9www | /LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL R… | 2022-05-14T03:38:28Z | 2025-10-23T15:30:19Z |
| ghsa-q2pm-6838-p3jm | Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowi… | 2022-05-14T03:44:36Z | 2025-11-03T21:30:30Z |
| ghsa-cpww-w9jx-qp3p | The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain … | 2022-05-14T03:45:42Z | 2025-11-03T21:30:29Z |
| ghsa-52hx-8455-4qwv | Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to Ra… | 2022-05-14T03:48:15Z | 2025-10-22T00:31:24Z |
| ghsa-3p37-hv77-x3rp | sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (a… | 2022-05-14T03:49:25Z | 2025-11-04T18:30:33Z |
| ghsa-rc4w-p9f6-7c7q | Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to exe… | 2022-05-14T03:50:14Z | 2025-10-22T00:31:24Z |
| ghsa-7vrx-w4v5-hwph | The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 thr… | 2022-05-14T03:52:47Z | 2025-10-22T00:31:23Z |
| ghsa-25jq-3vh4-pgv4 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7… | 2022-05-14T03:53:15Z | 2025-10-22T03:30:30Z |
| ghsa-rh88-cwv2-gjxm | Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdp… | 2022-05-14T03:53:46Z | 2025-10-22T00:31:21Z |
| ghsa-cpfm-2p8w-wrxc | V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87… | 2022-05-14T03:56:38Z | 2025-10-22T00:31:17Z |
| ghsa-27g3-5ffj-8mw8 | nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unboun… | 2022-05-17T00:01:46Z | 2025-11-03T21:30:40Z |
| ghsa-4qcg-gx82-4h36 | Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications,… | 2022-05-17T00:16:24Z | 2025-10-22T00:31:29Z |
| ghsa-rm92-8pw8-34fm | Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus… | 2022-05-17T00:16:49Z | 2025-10-22T00:31:29Z |
| ghsa-8c3c-9q97-wq3f | Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Midd… | 2022-05-17T00:17:52Z | 2025-10-22T03:30:30Z |
| ghsa-xvh2-pw6x-f8hh | Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Ex… | 2022-05-17T00:22:28Z | 2025-10-22T03:30:32Z |
| ghsa-36pj-p9j3-7rr9 | Microsoft Internet Explorer 9 through 11 allow remote attackers to obtain sensitive information fro… | 2022-05-17T00:22:33Z | 2025-10-22T00:31:18Z |
| ghsa-xpg5-jv85-754h | Microsoft Internet Explorer 10 and 11 and Microsoft Edge have a type confusion issue in the Layout:… | 2022-05-17T00:22:33Z | 2025-10-22T00:31:18Z |
| ghsa-r6fv-qmrc-3h24 | JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linu… | 2022-05-17T00:25:09Z | 2025-10-22T03:30:28Z |
| ghsa-fcrm-7q5r-w4rw | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.… | 2022-05-17T00:25:55Z | 2025-11-17T21:31:16Z |
| ghsa-2cvq-m957-r86c | The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to execute arbitrary c… | 2022-05-17T00:35:15Z | 2025-10-22T00:31:24Z |
| ghsa-mm58-72w4-25hp | HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, Identity Driven Manager (IDM) 4.0, and A… | 2022-05-17T00:35:15Z | 2025-10-22T03:30:34Z |
| ghsa-r6m8-274g-vhp5 | Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1;… | 2022-05-17T00:47:37Z | 2025-10-22T00:31:18Z |
| ghsa-mhw3-773g-72wx | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attack… | 2022-05-17T00:54:10Z | 2025-11-21T18:30:26Z |
| ghsa-q39j-xwr5-2ggj | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before … | 2022-05-17T00:55:10Z | 2025-11-21T18:30:26Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2020-8816 | Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote C… |
n/a |
n/a |
2020-05-29T18:57:14.000Z | 2025-10-21T23:35:43.171Z | |
| cve-2020-10136 | N/A | IP-in-IP protocol allows a remote, unauthenticated att… |
IETF |
RFC2003 - IP Encapsulation within IP |
2020-06-02T08:35:12.921Z | 2025-11-03T20:33:32.981Z |
| cve-2020-5410 | N/A | Directory Traversal with spring-cloud-config-server |
Spring by VMware |
Spring Cloud Config |
2020-06-02T16:50:12.055Z | 2025-10-21T23:35:43.023Z |
| cve-2020-13756 | N/A | Sabberworm PHP CSS Parser before 8.3.1 calls eval… |
n/a |
n/a |
2020-06-03T13:46:56.000Z | 2025-11-03T17:30:46.974Z |
| cve-2020-9859 | N/A | A memory consumption issue was addressed with imp… |
Apple |
iOS |
2020-06-05T14:40:05.000Z | 2025-10-21T23:35:42.872Z |
| cve-2020-13965 | N/A | An issue was discovered in Roundcube Webmail befo… |
n/a |
n/a |
2020-06-09T02:45:24.000Z | 2025-10-21T23:35:42.715Z |
| cve-2020-9819 | N/A | A memory consumption issue was addressed with imp… |
Apple |
iOS |
2020-06-09T16:12:28.000Z | 2025-12-20T04:55:57.815Z |
| cve-2020-9818 | N/A | An out-of-bounds write issue was addressed with i… |
Apple |
iOS |
2020-06-09T16:12:39.000Z | 2025-12-20T04:55:53.124Z |
| cve-2020-0986 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2020-06-09T19:43:14.000Z | 2025-10-21T23:35:42.145Z |
| cve-2020-11899 | N/A | The Treck TCP/IP stack before 6.0.1.66 has an IPv… |
n/a |
n/a |
2020-06-17T10:27:59.000Z | 2025-10-21T23:35:41.992Z |
| cve-2020-14931 | N/A | A stack-based buffer overflow in DMitry (Deepmagi… |
n/a |
n/a |
2020-06-19T21:03:24.000Z | 2025-11-03T21:44:17.601Z |
| cve-2020-2021 | PAN-OS: Authentication Bypass in SAML Authentication |
Palo Alto Networks |
PAN-OS |
2020-06-29T15:10:11.350Z | 2025-10-21T23:35:41.842Z | |
| cve-2020-15069 | N/A | Sophos XG Firewall 17.x through v17.5 MR12 allows… |
n/a |
n/a |
2020-06-29T17:30:18.000Z | 2025-10-21T23:35:41.702Z |
| cve-2020-14145 | N/A | The client side in OpenSSH 5.7 through 8.4 has an… |
n/a |
n/a |
2020-06-29T17:33:36.000Z | 2025-12-18T14:41:37.776Z |
| cve-2020-15415 | N/A | On DrayTek Vigor3900, Vigor2960, and Vigor300B de… |
n/a |
n/a |
2020-06-30T13:37:56.000Z | 2025-10-21T23:35:41.567Z |
| cve-2020-5902 | N/A | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2… |
n/a |
BIG-IP |
2020-07-01T00:00:00.000Z | 2025-10-21T23:35:41.409Z |
| cve-2020-15505 | N/A | A remote code execution vulnerability in MobileIr… |
n/a |
n/a |
2020-07-07T01:43:52.000Z | 2025-10-21T23:35:41.248Z |
| cve-2020-9377 | N/A | D-Link DIR-610 devices allow Remote Command Execu… |
n/a |
n/a |
2020-07-09T12:06:48.000Z | 2025-10-21T23:35:41.082Z |
| cve-2020-8193 | N/A | Improper access control in Citrix ADC and Citrix … |
n/a |
Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP |
2020-07-10T15:38:28.000Z | 2025-10-21T23:35:40.928Z |
| cve-2020-8195 | N/A | Improper input validation in Citrix ADC and Citri… |
n/a |
Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP |
2020-07-10T15:39:35.000Z | 2025-10-21T23:35:40.642Z |
| cve-2020-8196 | N/A | Improper access control in Citrix ADC and Citrix … |
n/a |
Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP |
2020-07-10T15:39:54.000Z | 2025-10-21T23:35:40.361Z |
| cve-2020-10987 | N/A | The goform/setUsbUnload endpoint of Tenda AC15 AC… |
n/a |
n/a |
2020-07-13T18:46:12.000Z | 2025-10-21T23:35:40.165Z |
| cve-2020-6287 | SAP NetWeaver AS JAVA (LM Configuration Wizard), … |
SAP SE |
SAP NetWeaver AS JAVA (LM Configuration Wizard) |
2020-07-14T12:30:14.000Z | 2025-10-21T23:35:39.987Z | |
| cve-2020-1040 | N/A | A remote code execution vulnerability exists when… |
Microsoft |
Windows Server |
2020-07-14T22:53:58.000Z | 2025-10-21T23:35:39.818Z |
| cve-2020-1147 | N/A | A remote code execution vulnerability exists in .… |
Microsoft |
Microsoft SharePoint Enterprise Server |
2020-07-14T22:54:00.000Z | 2025-10-21T23:35:39.668Z |
| cve-2020-1350 | N/A | A remote code execution vulnerability exists in W… |
Microsoft |
Windows Server |
2020-07-14T22:54:06.000Z | 2025-10-21T23:35:39.529Z |
| cve-2020-14644 | Vulnerability in the Oracle WebLogic Server produ… |
Oracle Corporation |
WebLogic Server |
2020-07-15T17:34:31.000Z | 2025-10-21T23:35:39.380Z | |
| cve-2020-11978 | N/A | An issue was found in Apache Airflow versions 1.1… |
Apache Software Foundation |
Apache Airflow |
2020-07-16T00:00:00.000Z | 2025-10-21T23:35:39.214Z |
| cve-2020-15890 | N/A | LuaJit through 2.1.0-beta3 has an out-of-bounds r… |
n/a |
n/a |
2020-07-21T21:35:32.000Z | 2025-11-03T18:07:55.673Z |
| cve-2020-3452 | Cisco Adaptive Security Appliance Software and Firepow… |
Cisco |
Cisco Adaptive Security Appliance (ASA) Software |
2020-07-22T20:00:22.049Z | 2025-10-21T23:35:39.038Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-12387 | N/A | A vulnerability where the JavaScript JIT compiler… |
Mozilla |
Firefox ESR |
2018-10-18T13:00:00 | 2024-08-05T08:30:59.795Z |
| cve-2018-5156 | N/A | A vulnerability can occur when capturing a media … |
Mozilla |
Thunderbird |
2018-10-18T13:00:00 | 2024-08-05T05:26:46.986Z |
| cve-2018-5187 | N/A | Memory safety bugs present in Firefox 60 and Fire… |
Mozilla |
Thunderbird |
2018-10-18T13:00:00 | 2024-08-05T05:26:47.047Z |
| cve-2018-14558 | N/A | An issue was discovered on Tenda AC7 devices with… |
n/a |
n/a |
2018-10-30T18:00:00.000Z | 2025-10-21T23:45:47.726Z |
| cve-2018-14667 | The RichFaces Framework 3.X through 3.3.4 is vuln… |
[UNKNOWN] |
RichFaces |
2018-11-06T22:00:00.000Z | 2025-10-21T23:45:47.440Z | |
| cve-2018-8581 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Microsoft Exchange Server |
2018-11-14T01:00:00.000Z | 2025-10-21T23:45:47.294Z |
| cve-2018-8589 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows Server 2008 |
2018-11-14T01:00:00.000Z | 2025-10-21T23:45:47.156Z |
| cve-2018-17463 | N/A | Incorrect side effect annotation in V8 in Google … |
Google |
Chrome |
2018-11-14T15:00:00.000Z | 2025-10-21T23:45:47.003Z |
| cve-2018-6065 | N/A | Integer overflow in computing the required alloca… |
Google |
Chrome |
2018-11-14T15:00:00.000Z | 2025-10-21T23:45:46.861Z |
| cve-2018-19410 | N/A | PRTG Network Monitor before 18.2.40.1683 allows r… |
n/a |
n/a |
2018-11-21T16:00:00.000Z | 2025-10-21T23:45:46.722Z |
| cve-2018-19787 | N/A | An issue was discovered in lxml before 4.2.5. lxm… |
n/a |
n/a |
2018-12-02T10:00:00.000Z | 2025-12-18T15:15:39.190Z |
| cve-2018-19591 | N/A | In the GNU C Library (aka glibc or libc6) through… |
n/a |
n/a |
2018-12-04T16:00:00.000Z | 2025-12-03T19:13:21.308Z |
| cve-2018-1000861 | N/A | A code execution vulnerability exists in the Stap… |
n/a |
n/a |
2018-12-10T14:00:00.000Z | 2025-10-21T23:45:46.593Z |
| cve-2018-17480 | N/A | Execution of user supplied Javascript during arra… |
Google |
Chrome |
2018-12-11T15:00:00.000Z | 2025-10-21T23:45:46.405Z |
| cve-2018-20062 | N/A | An issue was discovered in NoneCms V1.3. thinkphp… |
n/a |
n/a |
2018-12-11T18:00:00.000Z | 2025-10-21T23:45:46.278Z |
| cve-2018-8611 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows 7 |
2018-12-12T00:00:00.000Z | 2025-10-21T23:45:46.145Z |
| cve-2018-8639 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows 7 |
2018-12-12T00:00:00.000Z | 2025-10-21T23:45:46.009Z |
| cve-2018-8653 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Internet Explorer 9 |
2018-12-20T13:00:00.000Z | 2025-10-21T23:45:45.766Z |
| cve-2018-19320 | N/A | The GDrv low-level driver in GIGABYTE APP Center … |
n/a |
n/a |
2018-12-21T23:00:00.000Z | 2025-10-21T23:45:45.601Z |
| cve-2018-19321 | N/A | The GPCIDrv and GDrv low-level drivers in GIGABYT… |
n/a |
n/a |
2018-12-21T23:00:00.000Z | 2025-10-21T23:45:45.399Z |
| cve-2018-19322 | N/A | The GPCIDrv and GDrv low-level drivers in GIGABYT… |
n/a |
n/a |
2018-12-21T23:00:00.000Z | 2025-10-21T23:45:45.244Z |
| cve-2018-19323 | N/A | The GDrv low-level driver in GIGABYTE APP Center … |
n/a |
n/a |
2018-12-21T23:00:00.000Z | 2025-10-21T23:45:44.914Z |
| cve-2018-20573 | N/A | The Scanner::EnsureTokensInQueue function in yaml… |
n/a |
n/a |
2018-12-28T16:00:00.000Z | 2025-11-03T21:44:07.301Z |
| cve-2018-20574 | N/A | The SingleDocParser::HandleFlowMap function in ya… |
n/a |
n/a |
2018-12-28T16:00:00.000Z | 2025-11-03T21:44:08.759Z |
| cve-2019-0541 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Microsoft Office |
2019-01-08T21:00:00.000Z | 2025-10-21T23:45:44.790Z |
| cve-2019-0543 | N/A | An elevation of privilege vulnerability exists wh… |
n/a |
n/a |
2019-01-08T21:00:00.000Z | 2025-10-21T23:45:44.639Z |
| cve-2018-20685 | N/A | In OpenSSH 7.9, scp.c in the scp client allows re… |
n/a |
n/a |
2019-01-10T00:00:00.000Z | 2025-12-17T21:53:56.287Z |
| cve-2019-6285 | N/A | The SingleDocParser::HandleFlowSequence function … |
n/a |
n/a |
2019-01-14T22:00:00.000Z | 2025-11-03T21:44:13.163Z |
| cve-2018-15982 | N/A | Flash Player versions 31.0.0.153 and earlier, and… |
n/a |
n/a |
2019-01-18T17:00:00.000Z | 2025-11-16T16:04:32.959Z |
| cve-2018-13374 | A Improper Access Control in Fortinet FortiOS 6.0… |
Fortinet |
Fortinet FortiOS, fortiADC |
2019-01-22T14:00:00.000Z | 2025-10-21T23:45:44.273Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-22d95e82784e0b93 | Pentesting or research code in pckaging (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-236aa203e10ac293 | Pentesting or research code in shiva123456 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2371553e5caae552 | Pentesting or research code in oe-extract-idss (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-238c137f1939d99c | Pentesting or research code in hello-wordl (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-23fce2f66a9ce5b8 | Pentesting or research code in rqeuets (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-254a6f89fa4e8c08 | Pentesting or research code in chosenrce18 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-25814cf8cbc379ad | Pentesting or research code in dependency908 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-25cefd0eb9561401 | Pentesting or research code in jamasp (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-25e8e6d558201146 | Pentesting or research code in myhexsender (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-27a338ac57b1ede5 | Pentesting or research code in stationschedule (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-27dade3f3b8cda7f | Pentesting or research code in akatest (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-27e0c1b0bb778a76 | Pentesting or research code in jd-mlops (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-289124b27a8ab9dc | Pentesting or research code in appetize-cli (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2a602bedb500f9fd | Pentesting or research code in graphemer (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2abe44e01cf21033 | Pentesting or research code in interasdasdnal-data-parser (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2b054dba9521b126 | Pentesting or research code in saml-helper (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2b6e87a0fb56928d | Pentesting or research code in quizdom (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2b7d1ce9935c7363 | Pentesting or research code in golden-gates (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2ba0bc38d901a237 | Pentesting or research code in szn-search-mlops-serp-downloader (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2c2ace108f00364a | Pentesting or research code in terraformness (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2c63ae8357166fc3 | Pentesting or research code in route-search (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2c9fad947ec58900 | Pentesting or research code in rtxt-dep2 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2cfb384457354805 | Pentesting or research code in deepseek-fake (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2e2517663059a395 | Pentesting or research code in wave-opensdk (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2e2d2c15300b9d63 | Pentesting or research code in cloudx-base (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-2e592ca324ac2994 | Pentesting or research code in szn-rain-client (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-31dbb318d93b1d1c | Pentesting or research code in cittronn (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-33a5fe27d39d8d3a | Pentesting or research code in interasdasdnal-data-parser (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-33c61715e1c2960c | Pentesting or research code in mkdsli (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-34f516638c010eaf | Pentesting or research code in voto3 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2005:838 | Red Hat Security Advisory: php security update | 2005-11-10T19:19:00+00:00 | 2025-11-21T17:29:43+00:00 |
| rhsa-2005:825 | Red Hat Security Advisory: lm_sensors security update | 2005-11-10T19:22:00+00:00 | 2025-11-21T17:29:42+00:00 |
| rhsa-2005:839 | Red Hat Security Advisory: lynx security update | 2005-11-12T00:10:00+00:00 | 2025-11-21T17:29:44+00:00 |
| rhsa-2005:810 | Red Hat Security Advisory: gdk-pixbuf security update | 2005-11-15T14:30:00+00:00 | 2025-11-21T17:29:41+00:00 |
| rhsa-2005:811 | Red Hat Security Advisory: gtk2 security update | 2005-11-15T14:40:00+00:00 | 2025-11-21T17:29:41+00:00 |
| rhsa-2005:850 | Red Hat Security Advisory: imap security update | 2005-12-06T14:33:00+00:00 | 2025-11-21T17:29:48+00:00 |
| rhsa-2005:840 | Red Hat Security Advisory: xpdf security update | 2005-12-06T14:40:00+00:00 | 2025-11-21T17:29:44+00:00 |
| rhsa-2005:848 | Red Hat Security Advisory: libc-client security update | 2005-12-06T14:46:00+00:00 | 2025-11-21T17:29:47+00:00 |
| rhsa-2005:882 | Red Hat Security Advisory: openssl, php, mod_ssl, mod_imap security update for Stronghold | 2005-12-19T17:29:00+00:00 | 2025-11-21T17:29:49+00:00 |
| rhsa-2005:878 | Red Hat Security Advisory: cups security update | 2005-12-20T14:20:00+00:00 | 2025-11-21T17:29:48+00:00 |
| rhsa-2005:867 | Red Hat Security Advisory: gpdf security update | 2005-12-20T14:24:00+00:00 | 2025-11-21T17:29:47+00:00 |
| rhsa-2005:864 | Red Hat Security Advisory: udev security update | 2005-12-20T14:26:00+00:00 | 2025-11-21T17:29:47+00:00 |
| rhsa-2005:880 | Red Hat Security Advisory: perl security update | 2005-12-20T14:33:00+00:00 | 2025-11-21T17:29:48+00:00 |
| rhsa-2005:843 | Red Hat Security Advisory: netpbm security update | 2005-12-20T14:42:00+00:00 | 2025-11-21T17:29:44+00:00 |
| rhsa-2005:875 | Red Hat Security Advisory: curl security update | 2005-12-20T14:46:00+00:00 | 2025-11-21T17:29:47+00:00 |
| rhsa-2005:868 | Red Hat Security Advisory: kdegraphics security update | 2005-12-20T14:52:00+00:00 | 2025-11-21T17:29:51+00:00 |
| rhsa-2005:881 | Red Hat Security Advisory: perl security update | 2005-12-20T15:00:00+00:00 | 2025-11-21T17:29:49+00:00 |
| rhsa-2006:0159 | Red Hat Security Advisory: httpd security update | 2006-01-05T15:59:00+00:00 | 2025-11-21T17:29:55+00:00 |
| rhsa-2006:0164 | Red Hat Security Advisory: mod_auth_pgsql security update | 2006-01-06T02:50:00+00:00 | 2025-11-21T17:29:57+00:00 |
| rhsa-2006:0179 | Red Hat Security Advisory: auth_ldap security update | 2006-01-10T19:32:00+00:00 | 2025-11-21T17:29:58+00:00 |
| rhsa-2006:0157 | Red Hat Security Advisory: struts security update for Red Hat Application Server | 2006-01-11T18:38:00+00:00 | 2025-11-21T17:29:54+00:00 |
| rhsa-2006:0163 | Red Hat Security Advisory: cups security update | 2006-01-11T18:46:00+00:00 | 2025-11-21T17:29:57+00:00 |
| rhsa-2006:0156 | Red Hat Security Advisory: ethereal security update | 2006-01-11T18:58:00+00:00 | 2025-11-21T17:29:54+00:00 |
| rhsa-2006:0177 | Red Hat Security Advisory: gpdf security update | 2006-01-11T19:04:00+00:00 | 2025-11-21T17:29:58+00:00 |
| rhsa-2006:0158 | Red Hat Security Advisory: apache security update | 2006-01-17T08:23:00+00:00 | 2025-11-21T17:29:55+00:00 |
| rhsa-2006:0101 | Red Hat Security Advisory: kernel security update | 2006-01-17T08:36:00+00:00 | 2025-11-21T17:29:51+00:00 |
| rhsa-2006:0140 | Red Hat Security Advisory: kernel security update | 2006-01-19T16:03:00+00:00 | 2025-11-21T17:29:53+00:00 |
| rhsa-2006:0160 | Red Hat Security Advisory: tetex security update | 2006-01-19T17:38:00+00:00 | 2025-11-21T17:30:01+00:00 |
| rhsa-2006:0184 | Red Hat Security Advisory: kdelibs security update | 2006-01-19T17:50:00+00:00 | 2025-11-21T17:29:58+00:00 |
| rhsa-2006:0190 | Red Hat Security Advisory: kernel security update | 2006-02-01T17:48:00+00:00 | 2025-11-21T17:29:59+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2020-26571 | The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init. | 2020-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-26572 | The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. | 2020-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27194 | An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values aka CID-5b9fbeb75b6a. | 2020-10-02T00:00:00.000Z | 2020-11-02T00:00:00.000Z |
| msrc_cve-2020-27619 | In Python 3 through 3.9.0 the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. | 2020-10-02T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| msrc_cve-2020-27675 | An issue was discovered in the Linux kernel through 5.9.1 as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device aka CID-073d0552ead5. | 2020-10-02T00:00:00.000Z | 2020-11-04T00:00:00.000Z |
| msrc_cve-2020-7020 | Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices. | 2020-10-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2020-0569 | Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | 2020-11-02T00:00:00.000Z | 2023-05-25T00:00:00.000Z |
| msrc_cve-2020-15436 | Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| msrc_cve-2020-15437 | The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized. | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| msrc_cve-2020-15999 | Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-11-02T00:00:00.000Z | 2025-02-08T00:00:00.000Z |
| msrc_cve-2020-25013 | JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler. | 2020-11-02T00:00:00.000Z | 2025-10-01T23:11:04.000Z |
| msrc_cve-2020-25207 | JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler. | 2020-11-02T00:00:00.000Z | 2025-10-01T23:11:05.000Z |
| msrc_cve-2020-25650 | A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service for spice-vdagentd or even other processes in the VM system. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and previous versions. | 2020-11-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2020-25651 | A flaw was found in the SPICE file transfer protocol. File data from the host system can end up in full or in parts in the client connection of an illegitimate local user in the VM system. Active file transfers from other users could also be interrupted resulting in a denial of service. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior. | 2020-11-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2020-25652 | A flaw was found in the spice-vdagentd daemon where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to the spice-vdagentd daemon resulting in a denial of service. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and prior. | 2020-11-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2020-25653 | A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd possibly resulting in a denial of service or information leakage from the host. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior. | 2020-11-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2020-25694 | A flaw was found in PostgreSQL versions before 13.1 before 12.5 before 11.10 before 10.15 before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters an opportunity for a man-in-the-middle attack or the ability to observe clear-text transmissions could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2020-11-02T00:00:00.000Z | 2020-11-20T00:00:00.000Z |
| msrc_cve-2020-25695 | A flaw was found in PostgreSQL versions before 13.1 before 12.5 before 11.10 before 10.15 before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2020-11-02T00:00:00.000Z | 2020-11-20T00:00:00.000Z |
| msrc_cve-2020-25696 | A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1 before 12.5 before 11.10 before 10.15 before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2020-11-02T00:00:00.000Z | 2020-12-08T00:00:00.000Z |
| msrc_cve-2020-25705 | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| msrc_cve-2020-27152 | An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering aka CID-77377064c3a9. | 2020-11-02T00:00:00.000Z | 2020-11-17T00:00:00.000Z |
| msrc_cve-2020-28196 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | 2020-11-02T00:00:00.000Z | 2021-10-15T00:00:00.000Z |
| msrc_cve-2020-28362 | Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. | 2020-11-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2020-28366 | Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo | 2020-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2020-28367 | Arbitrary code execution via the go command with cgo in cmd/go | 2020-11-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2020-28915 | A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory aka CID-6735b4632def. | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| msrc_cve-2020-28941 | An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once. | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| msrc_cve-2020-28974 | A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. | 2020-11-02T00:00:00.000Z | 2020-12-02T00:00:00.000Z |
| msrc_cve-2020-29368 | An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check aka CID-c444eb564fb1. | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| msrc_cve-2020-29369 | An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call aka CID-246c320a8cfe. | 2020-11-02T00:00:00.000Z | 2020-12-03T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2012-000056 | FeedDemon vulnerable to arbitrary script execution | 2012-06-07T15:39+09:00 | 2012-06-07T15:39+09:00 |
| jvndb-2012-000046 | Flash Player issue in implementations of the Same Origin Policy | 2012-06-11T15:05+09:00 | 2012-06-13T16:39+09:00 |
| jvndb-2012-000057 | Dolphin Browser vulnerable in the WebView class | 2012-06-14T14:20+09:00 | 2012-06-14T14:20+09:00 |
| jvndb-2012-000062 | WEB PATIO vulnerable to cross-site scripting | 2012-06-19T12:35+09:00 | 2012-06-19T12:35+09:00 |
| jvndb-2012-000060 | SmallPICT vulnerable to cross-site scripting | 2012-06-19T14:00+09:00 | 2012-06-19T14:00+09:00 |
| jvndb-2012-000061 | WEB PATIO vulnerable to cross-site scripting | 2012-06-19T14:31+09:00 | 2012-06-19T14:31+09:00 |
| jvndb-2012-000063 | Python SimpleHTTPServer vulnerable to cross-site scripting | 2012-06-19T14:38+09:00 | 2012-12-26T18:01+09:00 |
| jvndb-2012-000065 | Zenphoto vulnerable to cross-site scripting | 2012-07-03T14:49+09:00 | 2012-07-03T14:49+09:00 |
| jvndb-2012-000064 | Yome Collection for Android issue in management of IMEI | 2012-07-03T14:57+09:00 | 2012-07-03T14:57+09:00 |
| jvndb-2012-000066 | Ruby hash table implementation vulnerable to denial-of-service | 2012-07-06T17:11+09:00 | 2012-07-06T17:11+09:00 |
| jvndb-2012-000067 | Movable Type plugin MT4i vulnerable to cross-site scripting | 2012-07-06T17:14+09:00 | 2012-07-06T17:14+09:00 |
| jvndb-2012-000068 | YY-BOARD vulnerable to cross-site scripting | 2012-07-06T17:19+09:00 | 2012-07-06T17:19+09:00 |
| jvndb-2012-000069 | Movable Type plugin MT4i vulnerable to cross-site scripting | 2012-07-06T17:24+09:00 | 2012-07-06T17:24+09:00 |
| jvndb-2012-000070 | Yahoo! Browser vulnerable in the WebView class | 2012-07-13T15:00+09:00 | 2012-07-20T12:12+09:00 |
| jvndb-2012-003244 | Privilege escalation vulnerability in Hitachi JP1/NETM/DM | 2012-07-23T17:13+09:00 | 2012-07-23T17:13+09:00 |
| jvndb-2012-000071 | Sleipnir Mobile for Android vulnerable in the WebView class | 2012-07-24T14:05+09:00 | 2012-07-24T14:05+09:00 |
| jvndb-2012-000009 | Multiple web browsers vulnerable in processing Tranfer-Encoding header | 2012-07-30T14:53+09:00 | 2012-07-30T14:53+09:00 |
| jvndb-2012-000072 | Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration | 2012-07-30T14:56+09:00 | 2012-08-02T16:33+09:00 |
| jvndb-2012-000073 | GoodReader vulnerable to cross-site scripting | 2012-08-02T14:46+09:00 | 2012-08-02T14:46+09:00 |
| jvndb-2012-000074 | LINE for Android vulnerable in handling of implicit intents | 2012-08-07T13:33+09:00 | 2012-08-07T13:33+09:00 |
| jvndb-2012-000075 | Sleipnir Mobile for Android vulnerable to arbitrary Java method execution | 2012-08-08T14:39+09:00 | 2012-08-08T14:39+09:00 |
| jvndb-2012-000076 | Sleipnir Mobile for Android vulnerable to arbitrary script execution | 2012-08-08T14:43+09:00 | 2012-08-08T14:43+09:00 |
| jvndb-2012-003525 | Cross-site Scripting Vulnerability in JP1/Integrated Management - Service Support | 2012-08-10T15:05+09:00 | 2012-08-10T15:05+09:00 |
| jvndb-2012-000077 | Multiple GREE Android applications vulnerable in the WebView class | 2012-08-17T15:52+09:00 | 2012-08-17T15:52+09:00 |
| jvndb-2012-000078 | mixi for Android information management vulnerability | 2012-08-17T15:58+09:00 | 2012-08-17T15:58+09:00 |
| jvndb-2012-000079 | Adobe Reader fails to properly handle signatures | 2012-08-30T13:57+09:00 | 2014-05-23T18:34+09:00 |
| jvndb-2012-000080 | Opera address bar spoofing vulnerability | 2012-08-30T14:00+09:00 | 2013-06-26T13:48+09:00 |
| jvndb-2012-000081 | Cybozu Live for Android vulnerable to arbitrary Java method execution | 2012-09-03T10:34+09:00 | 2012-09-03T10:34+09:00 |
| jvndb-2012-000082 | Cybozu Live for Android vulnerable in the WebView class | 2012-09-03T10:41+09:00 | 2012-09-03T10:41+09:00 |
| jvndb-2012-000083 | Cybozu KUNAI for Android vulnerable to arbitrary Java method execution | 2012-09-07T16:39+09:00 | 2012-09-07T16:39+09:00 |
| ID | Description | Updated |
|---|