Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-6wr2-qx99-98mg | In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1… | 2022-05-24T16:45:20Z | 2025-10-22T00:31:39Z |
| ghsa-9h95-rv82-cwrc | LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary cod… | 2022-05-24T16:45:37Z | 2025-10-22T00:31:40Z |
| ghsa-cmw5-mmg8-r4fr | A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially … | 2022-05-24T16:45:40Z | 2025-10-22T00:31:39Z |
| ghsa-fq64-gmq7-jjvg | A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal … | 2022-05-24T16:45:48Z | 2025-10-22T00:31:40Z |
| ghsa-2v97-h8v8-m3px | An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles fil… | 2022-05-24T16:45:49Z | 2025-10-22T00:31:40Z |
| ghsa-cwjr-6hc3-vpjm | A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which coul… | 2022-05-24T16:46:13Z | 2025-10-22T00:31:40Z |
| ghsa-cqg8-w8fp-8gm6 | Citrix Workspace App before 1904 for Windows has Incorrect Access Control. | 2022-05-24T16:46:14Z | 2025-10-22T00:31:40Z |
| ghsa-cjc8-2cq5-7jq7 | A heap buffer overflow in Fortinet FortiOS all versions below 6.0.5 in the SSL VPN web portal may c… | 2022-05-24T16:46:48Z | 2025-10-22T00:31:41Z |
| ghsa-pj74-pf28-5qjw | mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External… | 2022-05-24T16:46:53Z | 2025-10-22T00:31:41Z |
| ghsa-7gvq-j6pg-875g | Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authent… | 2022-05-24T16:46:56Z | 2025-10-22T00:31:41Z |
| ghsa-wfwm-vf76-3692 | Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in Sitec… | 2022-05-24T16:46:56Z | 2025-10-22T00:31:41Z |
| ghsa-2q79-m25p-r2q3 | An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet Forti… | 2022-05-24T16:47:08Z | 2025-10-22T00:31:41Z |
| ghsa-chg2-j3mj-m3rj | An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.… | 2022-05-24T16:47:09Z | 2025-10-22T00:31:41Z |
| ghsa-5r7w-xvrp-rg22 | A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient addres… | 2022-05-24T16:47:12Z | 2025-10-22T00:31:41Z |
| ghsa-7q5j-w2g3-7f8v | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) impro… | 2022-05-24T16:47:54Z | 2025-10-22T00:31:42Z |
| ghsa-gf8w-3v8h-w6hr | An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates cert… | 2022-05-24T16:47:55Z | 2025-10-22T00:31:42Z |
| ghsa-f72j-hf57-7h84 | In Audio File Library (aka audiofile) 0.3.6, there exists one NULL pointer dereference bug in ulaw2… | 2022-05-24T16:49:15Z | 2025-11-03T21:30:30Z |
| ghsa-5c53-gj37-m7jp | A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka … | 2022-05-24T16:50:14Z | 2025-10-22T00:31:42Z |
| ghsa-gxfx-4m5q-qcqf | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) impro… | 2022-05-24T16:50:24Z | 2025-10-22T00:31:42Z |
| ghsa-jcpw-f7c4-6wr7 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) impro… | 2022-05-24T16:50:24Z | 2025-10-22T00:31:42Z |
| ghsa-wjj5-qcfr-vxxf | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-24T16:50:24Z | 2025-10-22T00:31:42Z |
| ghsa-462p-6gjx-6wj6 | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Va… | 2022-05-24T16:50:28Z | 2025-10-22T00:31:43Z |
| ghsa-9q4p-22w8-h32x | Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow SQL Injection. | 2022-05-24T16:50:28Z | 2025-10-22T00:31:43Z |
| ghsa-87j5-gppq-mq6h | In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the c… | 2022-05-24T16:50:31Z | 2025-10-22T00:31:43Z |
| ghsa-3w36-wf5x-rjfv | Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2 and… | 2022-05-24T16:50:47Z | 2025-10-22T00:31:43Z |
| ghsa-f989-xw5v-4w5p | An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code exe… | 2022-05-24T16:50:47Z | 2025-11-04T18:30:34Z |
| ghsa-7ff5-p6pm-jw35 | A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked … | 2022-05-24T16:50:56Z | 2025-11-25T18:32:16Z |
| ghsa-rm3r-xfmr-5622 | The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers … | 2022-05-24T16:50:56Z | 2025-11-25T18:32:16Z |
| ghsa-xhg3-p7wr-4hrx | Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Fire… | 2022-05-24T16:50:58Z | 2025-11-25T18:32:16Z |
| ghsa-3cqf-mfjf-xv44 | When an inner window is reused, it does not consider the use of document.domain for cross-origin pr… | 2022-05-24T16:50:59Z | 2025-11-25T18:32:16Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2021-26857 | 7.8 (v3.1) | Microsoft Exchange Server Remote Code Execution Vulner… |
Microsoft |
Microsoft Exchange Server 2016 Cumulative Update 19 |
2021-03-02T23:55:26.000Z | 2025-10-21T23:25:52.982Z |
| cve-2021-26858 | 7.8 (v3.1) | Microsoft Exchange Server Remote Code Execution Vulner… |
Microsoft |
Microsoft Exchange Server 2019 |
2021-03-02T23:55:27.000Z | 2025-10-21T23:25:52.837Z |
| cve-2021-27065 | 7.8 (v3.1) | Microsoft Exchange Server Remote Code Execution Vulner… |
Microsoft |
Microsoft Exchange Server 2019 |
2021-03-02T23:55:28.000Z | 2025-10-21T23:25:52.706Z |
| cve-2021-25337 | Improper access control in clipboard service in S… |
Samsung Mobile |
Samsung Mobile Devices |
2021-03-04T20:59:13.000Z | 2025-10-21T23:25:52.563Z | |
| cve-2021-3377 | N/A | The npm package ansi_up converts ANSI escape code… |
n/a |
n/a |
2021-03-05T19:03:58.000Z | 2025-11-03T21:44:49.008Z |
| cve-2021-21166 | N/A | Data race in audio in Google Chrome prior to 89.0… |
Google |
Chrome |
2021-03-09T17:46:13.000Z | 2025-10-21T23:25:52.370Z |
| cve-2021-26411 | 8.8 (v3.1) | Internet Explorer Memory Corruption Vulnerability |
Microsoft |
Internet Explorer 9 |
2021-03-11T15:07:28.000Z | 2025-10-21T23:25:52.201Z |
| cve-2021-27085 | 8.8 (v3.1) | Internet Explorer Remote Code Execution Vulnerability |
Microsoft |
Internet Explorer 11 |
2021-03-11T15:46:59.000Z | 2025-10-21T23:25:52.044Z |
| cve-2021-27059 | 7.6 (v3.1) | Microsoft Office Remote Code Execution Vulnerability |
Microsoft |
Microsoft Office 2016 |
2021-03-11T15:49:00.000Z | 2025-10-21T23:25:51.897Z |
| cve-2021-20232 | N/A | A flaw was found in gnutls. A use after free issu… |
n/a |
gnutls |
2021-03-12T18:25:29.000Z | 2025-12-03T15:03:30.272Z |
| cve-2021-21193 | N/A | Use after free in Blink in Google Chrome prior to… |
Google |
Chrome |
2021-03-16T14:10:18.000Z | 2025-10-21T23:25:51.739Z |
| cve-2020-27827 | N/A | A flaw was found in multiple versions of OpenvSwi… |
n/a |
lldp/openvswitch |
2021-03-18T00:00:00.000Z | 2025-12-03T18:20:03.875Z |
| cve-2021-28831 | decompress_gunzip.c in BusyBox through 1.32.1 mis… |
n/a |
n/a |
2021-03-19T04:01:54.000Z | 2025-12-17T21:57:37.805Z | |
| cve-2021-28957 | N/A | An XSS vulnerability was discovered in python-lxm… |
n/a |
n/a |
2021-03-21T04:39:35.000Z | 2025-12-17T21:31:43.446Z |
| cve-2021-1435 | Cisco IOS XE Software Web UI Command Injection Vulnerability |
Cisco |
Cisco IOS XE Software |
2021-03-24T20:05:43.689Z | 2025-12-16T18:23:27.205Z | |
| cve-2021-22506 | N/A | Advance configuration exposing Information Leakag… |
n/a |
Access Manager. |
2021-03-26T13:37:22.000Z | 2025-10-21T23:25:51.576Z |
| cve-2021-20197 | N/A | There is an open race window when writing output … |
n/a |
binutils |
2021-03-26T16:47:20.000Z | 2025-12-03T15:08:21.724Z |
| cve-2021-25369 | An improper access control vulnerability in sec_l… |
Samsung Mobile |
Samsung Mobile Devices |
2021-03-26T18:22:48.000Z | 2025-10-21T23:25:51.373Z | |
| cve-2021-25370 | An incorrect implementation handling file descrip… |
Samsung Mobile |
Samsung Mobile Devices |
2021-03-26T18:23:25.000Z | 2025-10-21T23:25:51.240Z | |
| cve-2021-25371 | A vulnerability in DSP driver prior to SMR Mar-20… |
Samsung Mobile |
Samsung Mobile Devices |
2021-03-26T18:24:15.000Z | 2025-10-21T23:25:51.106Z | |
| cve-2021-25372 | An improper boundary check in DSP driver prior to… |
Samsung Mobile |
Samsung Mobile Devices |
2021-03-26T18:25:04.000Z | 2025-10-21T23:25:50.969Z | |
| cve-2021-23358 | Arbitrary Code Injection |
n/a |
underscore |
2021-03-29T13:15:34.770Z | 2025-11-03T21:44:35.654Z | |
| cve-2018-1109 | N/A | A vulnerability was found in Braces versions 2.2.… |
n/a |
nodejs-braces |
2021-03-30T01:52:55 | 2025-12-01T14:18:10.499Z |
| cve-2021-22986 | N/A | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x… |
n/a |
BIG-IP; BIG-IQ |
2021-03-31T14:04:47.000Z | 2025-10-21T23:25:50.810Z |
| cve-2021-22991 | N/A | On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x… |
n/a |
BIG-IP |
2021-03-31T17:23:14.000Z | 2025-10-21T23:25:50.646Z |
| cve-2021-21975 | N/A | Server Side Request Forgery in vRealize Operation… |
n/a |
VMware vRealize Operations |
2021-03-31T17:51:51.000Z | 2025-10-21T23:25:50.479Z |
| cve-2021-1782 | N/A | A race condition was addressed with improved lock… |
Apple |
iOS and iPadOS |
2021-04-02T17:59:21.000Z | 2025-10-21T23:25:50.291Z |
| cve-2021-1789 | N/A | A type confusion issue was addressed with improve… |
Apple |
iOS and iPadOS |
2021-04-02T18:01:18.000Z | 2025-10-21T23:25:50.136Z |
| cve-2021-1870 | N/A | A logic issue was addressed with improved restric… |
Apple |
iOS and iPadOS |
2021-04-02T18:06:42.000Z | 2025-10-21T23:25:49.985Z |
| cve-2021-1871 | N/A | A logic issue was addressed with improved restric… |
Apple |
iOS and iPadOS |
2021-04-02T18:06:58.000Z | 2025-10-21T23:25:49.836Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2019-11581 | N/A | There was a server-side template injection vulner… |
Atlassian |
Jira Server and Data Center |
2019-08-09T19:30:59.317Z | 2025-10-21T23:45:32.328Z |
| cve-2019-0344 | N/A | Due to unsafe deserialization used in SAP Commerc… |
SAP SE |
SAP Commerce Cloud (virtualjdbc extension) |
2019-08-14T13:53:21.000Z | 2025-10-21T23:45:32.174Z |
| cve-2019-15107 | N/A | An issue was discovered in Webmin <=1.920. The pa… |
n/a |
n/a |
2019-08-16T02:44:04.000Z | 2025-10-21T23:45:32.008Z |
| cve-2019-15752 | N/A | Docker Desktop Community Edition before 2.1.0.1 a… |
n/a |
n/a |
2019-08-28T20:24:33.000Z | 2025-10-21T23:45:31.831Z |
| cve-2019-13608 | N/A | Citrix StoreFront Server before 1903, 7.15 LTSR b… |
n/a |
n/a |
2019-08-29T18:33:18.000Z | 2025-10-21T23:45:31.593Z |
| cve-2019-15949 | N/A | Nagios XI before 5.6.6 allows remote command exec… |
n/a |
n/a |
2019-09-05T16:50:38.000Z | 2025-10-21T23:45:31.401Z |
| cve-2019-1214 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-09-11T21:24:58.000Z | 2025-10-21T23:45:31.259Z |
| cve-2019-1215 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-09-11T21:24:58.000Z | 2025-10-21T23:45:31.121Z |
| cve-2019-1253 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-09-11T21:24:59.000Z | 2025-10-21T23:45:30.968Z |
| cve-2019-1297 | N/A | A remote code execution vulnerability exists in M… |
Microsoft |
Microsoft Excel |
2019-09-11T21:25:01.000Z | 2025-10-21T23:45:30.774Z |
| cve-2019-16256 | N/A | Some Samsung devices include the SIMalliance Tool… |
n/a |
n/a |
2019-09-12T12:56:18.000Z | 2025-10-21T23:45:30.632Z |
| cve-2019-16057 | N/A | The login_mgr.cgi script in D-Link DNS-320 throug… |
n/a |
n/a |
2019-09-16T11:58:14.000Z | 2025-10-21T23:45:30.475Z |
| cve-2019-1367 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Internet Explorer 9 |
2019-09-23T19:14:38.000Z | 2025-10-21T23:45:30.274Z |
| cve-2019-16759 | N/A | vBulletin 5.x through 5.5.4 allows remote command… |
n/a |
n/a |
2019-09-24T21:01:49.000Z | 2025-10-21T23:45:30.090Z |
| cve-2019-16920 | N/A | Unauthenticated remote code execution occurs in D… |
n/a |
n/a |
2019-09-27T11:34:12.000Z | 2025-10-21T23:45:29.886Z |
| cve-2019-11733 | N/A | When a master password is set, it is required to … |
Mozilla |
Firefox |
2019-09-27T17:22:10 | 2024-08-04T23:03:32.451Z |
| cve-2019-11740 | N/A | Mozilla developers and community members reported… |
Mozilla |
Firefox |
2019-09-27T17:19:13 | 2024-08-04T23:03:32.636Z |
| cve-2019-11742 | N/A | A same-origin policy violation occurs allowing th… |
Mozilla |
Firefox |
2019-09-27T17:18:22 | 2024-08-04T23:03:32.489Z |
| cve-2019-11743 | N/A | Navigation events were not fully adhering to the … |
Mozilla |
Firefox |
2019-09-27T17:17:50 | 2024-08-04T23:03:32.640Z |
| cve-2019-11744 | N/A | Some HTML elements, such as <title> and <… |
Mozilla |
Firefox |
2019-09-27T17:17:13 | 2024-08-04T23:03:32.580Z |
| cve-2019-11746 | N/A | A use-after-free vulnerability can occur while ma… |
Mozilla |
Firefox |
2019-09-27T17:16:39 | 2024-08-04T23:03:32.561Z |
| cve-2019-11752 | N/A | It is possible to delete an IndexedDB key value a… |
Mozilla |
Firefox |
2019-09-27T17:14:08 | 2024-08-04T23:03:32.828Z |
| cve-2019-11753 | N/A | The Firefox installer allows Firefox to be instal… |
Mozilla |
Firefox |
2019-09-27T17:13:06 | 2024-08-04T23:03:32.842Z |
| cve-2019-9283 | N/A | In AAC Codec, there is a possible resource exhaus… |
n/a |
Android |
2019-09-27T18:05:14.000Z | 2025-11-04T21:08:10.542Z |
| cve-2019-16928 | N/A | Exim 4.92 through 4.92.2 allows remote code execu… |
n/a |
n/a |
2019-09-27T20:07:12.000Z | 2025-10-21T23:45:29.725Z |
| cve-2019-3728 | 7.5 (v3.1) | RSA BSAFE Crypto-C Micro Edition versions from 4.… |
Dell |
RSA BSAFE Crypto-C Micro Edition |
2019-09-30T21:48:40.164Z | 2025-11-04T21:08:09.233Z |
| cve-2018-14461 | N/A | The LDP parser in tcpdump before 4.9.3 has a buff… |
n/a |
n/a |
2019-10-03T15:09:53.000Z | 2025-12-03T21:04:23.550Z |
| cve-2018-14462 | N/A | The ICMP parser in tcpdump before 4.9.3 has a buf… |
n/a |
n/a |
2019-10-03T15:11:19.000Z | 2025-12-03T21:03:17.761Z |
| cve-2018-14465 | N/A | The RSVP parser in tcpdump before 4.9.3 has a buf… |
n/a |
n/a |
2019-10-03T15:15:01.000Z | 2025-12-17T21:47:14.287Z |
| cve-2018-14467 | N/A | The BGP parser in tcpdump before 4.9.3 has a buff… |
n/a |
n/a |
2019-10-03T15:24:35.000Z | 2025-12-03T20:57:25.934Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-7cbefc979dbe0ce2 | Pentesting or research code in puffioner131 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-7d4a7e9cfee7bc08 | Pentesting or research code in alksdjpureranser (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-7df3ea38b3232572 | Pentesting or research code in szn-zbozi-ab-testing-fulltext (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-7df6de918146aa73 | Pentesting or research code in adent-core-api (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-7df901b4edfbd807 | Pentesting or research code in vfsrcetest (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-7f0791abf81cd0c9 | Pentesting or research code in appetize-cli (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-7f8dd5658c27181f | Pentesting or research code in python-dateutil-malicious (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-80a02e95092a88f9 | Pentesting or research code in puffionerlolpo2131 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8370663b3132616c | Pentesting or research code in shinchina (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-83d4c8f45a091092 | Pentesting or research code in tomli-dzw (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8411903876a67df4 | Pentesting or research code in vsc-accountpage-clients (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-84dfa9bc8aa010dc | Pentesting or research code in manoj3121pip (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-852253e5499f5bc5 | Pentesting or research code in private-test-2 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-85ef10e21c20c3c7 | Pentesting or research code in akatest (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-870d6e991bf31676 | Pentesting or research code in yt-yson-bindings (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-879334350e72d99e | Pentesting or research code in netsec-monitor (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-87f55ac62324b5fc | Pentesting or research code in postgresql-connector-python (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-88aefb022ab10a43 | Pentesting or research code in matlibplot (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-88c42654181376ac | Pentesting or research code in elbloadmonitor (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-89db6f974f1dbda7 | Pentesting or research code in tomli-dzw (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8a8294853a418584 | Pentesting or research code in gwpythonsectt2 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8aa23eba2b20f0b0 | Pentesting or research code in rapyd-logger (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8aa4f83b01c83a30 | Pentesting or research code in dependency-confusion-test-666 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8b2eeb802796706d | Pentesting or research code in python-drgn-commons-all (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8b6b4d13b866d39a | Pentesting or research code in szn-url (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8bc4c59155ce2dd5 | Pentesting or research code in google-cloud-datacatalog-lineage-producer-client (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8d7f8fa3d57d117b | Pentesting or research code in flexssl (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8dbd5099f883c22c | Pentesting or research code in szn-url (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8dca9366a1d6999b | Pentesting or research code in shiva123456 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8de001a262d51e97 | Pentesting or research code in opengrep (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2006:0697 | Red Hat Security Advisory: openssh security update | 2006-09-29T00:18:00+00:00 | 2025-11-21T17:30:50+00:00 |
| rhsa-2006:0698 | Red Hat Security Advisory: openssh security update | 2006-09-29T00:23:00+00:00 | 2025-11-21T17:30:51+00:00 |
| rhsa-2006:0692 | Red Hat Security Advisory: apache security update for Stronghold | 2006-09-29T15:47:00+00:00 | 2025-11-21T17:30:50+00:00 |
| rhsa-2006:0688 | Red Hat Security Advisory: php security update | 2006-10-05T11:30:00+00:00 | 2025-11-21T17:30:49+00:00 |
| rhsa-2006:0708 | Red Hat Security Advisory: php security update | 2006-10-05T11:38:00+00:00 | 2025-11-21T17:30:51+00:00 |
| rhsa-2006:0689 | Red Hat Security Advisory: kernel security update | 2006-10-05T19:16:00+00:00 | 2025-11-21T17:30:50+00:00 |
| rhsa-2006:0713 | Red Hat Security Advisory: python security update | 2006-10-09T21:39:00+00:00 | 2025-11-21T17:30:52+00:00 |
| rhsa-2006:0720 | Red Hat Security Advisory: kdelibs security update | 2006-10-18T04:52:00+00:00 | 2025-11-21T17:30:53+00:00 |
| rhsa-2006:0710 | Red Hat Security Advisory: kernel security update | 2006-10-20T10:28:00+00:00 | 2025-11-21T17:30:52+00:00 |
| rhsa-2006:0725 | Red Hat Security Advisory: qt security update | 2006-11-01T14:37:00+00:00 | 2025-11-21T17:30:58+00:00 |
| rhsa-2006:0730 | Red Hat Security Advisory: php security update | 2006-11-06T22:28:00+00:00 | 2025-11-21T17:30:55+00:00 |
| rhsa-2006:0733 | Red Hat Security Advisory: firefox security update | 2006-11-08T08:30:00+00:00 | 2025-11-21T17:30:56+00:00 |
| rhsa-2006:0735 | Red Hat Security Advisory: thunderbird security update | 2006-11-08T08:46:00+00:00 | 2025-11-21T17:30:57+00:00 |
| rhsa-2006:0734 | Red Hat Security Advisory: seamonkey security update | 2006-11-08T09:45:00+00:00 | 2025-11-21T17:30:57+00:00 |
| rhsa-2006:0727 | Red Hat Security Advisory: texinfo security update | 2006-11-08T10:01:00+00:00 | 2025-11-21T17:30:54+00:00 |
| rhsa-2006:0729 | Red Hat Security Advisory: ruby security update | 2006-11-08T15:46:00+00:00 | 2025-11-21T17:30:55+00:00 |
| rhsa-2006:0726 | Red Hat Security Advisory: wireshark security update | 2006-11-09T19:03:00+00:00 | 2025-11-21T17:30:54+00:00 |
| rhsa-2006:0731 | Red Hat Security Advisory: php security update | 2006-11-10T09:05:00+00:00 | 2025-11-21T17:30:56+00:00 |
| rhsa-2006:0738 | Red Hat Security Advisory: openssh security update | 2006-11-15T14:18:00+00:00 | 2025-11-21T17:30:58+00:00 |
| rhsa-2006:0719 | Red Hat Security Advisory: nss_ldap security update | 2006-11-15T14:25:00+00:00 | 2025-11-21T17:30:53+00:00 |
| rhsa-2006:0742 | Red Hat Security Advisory: elinks security update | 2006-11-15T19:53:00+00:00 | 2025-11-21T17:30:58+00:00 |
| rhsa-2006:0743 | Red Hat Security Advisory: jbossas security update | 2006-11-27T15:42:00+00:00 | 2025-11-21T17:30:59+00:00 |
| rhsa-2006:0746 | Red Hat Security Advisory: mod_auth_kerb security update | 2006-12-06T17:46:00+00:00 | 2025-11-21T17:30:59+00:00 |
| rhsa-2006:0754 | Red Hat Security Advisory: gnupg security update | 2006-12-06T17:53:00+00:00 | 2025-11-21T17:30:59+00:00 |
| rhsa-2006:0736 | Red Hat Security Advisory: php security update for Stronghold | 2006-12-11T11:31:00+00:00 | 2025-11-21T17:30:58+00:00 |
| rhsa-2006:0760 | Red Hat Security Advisory: thunderbird security update | 2006-12-19T21:01:00+00:00 | 2025-11-21T17:31:01+00:00 |
| rhsa-2006:0759 | Red Hat Security Advisory: seamonkey security update | 2006-12-19T22:20:00+00:00 | 2025-11-21T17:31:01+00:00 |
| rhsa-2006:0758 | Red Hat Security Advisory: firefox security update | 2006-12-19T22:40:00+00:00 | 2025-11-21T17:31:00+00:00 |
| rhsa-2006:0749 | Red Hat Security Advisory: tar security update | 2006-12-19T22:47:00+00:00 | 2025-11-21T17:30:59+00:00 |
| rhsa-2007:0001 | Red Hat Security Advisory: openoffice.org security update | 2007-01-03T18:25:00+00:00 | 2025-11-21T17:31:01+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2020-35498 | A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide potentially causing a denial of service. The highest threat from this vulnerability is to system availability. | 2021-02-02T00:00:00.000Z | 2021-02-18T00:00:00.000Z |
| msrc_cve-2020-35499 | A NULL pointer dereference flaw in Linux kernel versions prior to 5.11 may be seen if sco_sock_getsockopt function in net/bluetooth/sco.c do not have a sanity check for a socket connection when using BT_SNDMTU/BT_RCVMTU for SCO sockets. This could allow a local attacker with a special user privilege to crash the system (DOS) or leak kernel internal information. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-36242 | In the cryptography package before 3.3.2 for Python certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow as demonstrated by the Fernet class. | 2021-02-02T00:00:00.000Z | 2021-02-10T00:00:00.000Z |
| msrc_cve-2020-7021 | Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitive information such as password hashes or authentication tokens. This could allow an Elasticsearch administrator to view these details. | 2021-02-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2020-7071 | FILTER_VALIDATE_URL accepts URLs with invalid userinfo | 2021-02-02T00:00:00.000Z | 2025-10-01T23:11:07.000Z |
| msrc_cve-2020-8032 | Local privilege escalation to root due to insecure tmp file usage | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-8625 | A vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack | 2021-02-02T00:00:00.000Z | 2021-02-27T00:00:00.000Z |
| msrc_cve-2021-20194 | There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y CONFIG_BPF=y CONFIG_CGROUPS=y CONFIG_CGROUP_BPF=y CONFIG_HARDENED_USERCOPY not set and BPF hook to getsockopt is registered). As result of BPF execution the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20199 | Rootless containers run with Podman receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards. | 2021-02-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-20203 | An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario. | 2021-02-02T00:00:00.000Z | 2021-03-04T00:00:00.000Z |
| msrc_cve-2021-20229 | A flaw was found in PostgreSQL in versions before 13.2. This flaw allows a user with SELECT privilege on one column to craft a special query that returns all columns of the table. The highest threat from this vulnerability is to confidentiality. | 2021-02-02T00:00:00.000Z | 2021-02-27T00:00:00.000Z |
| msrc_cve-2021-20230 | A flaw was found in stunnel before 5.57 where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority which is not the one accepted by the stunnel server to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality. | 2021-02-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-21284 | privilege escalation in Moby | 2021-02-02T00:00:00.000Z | 2021-07-27T00:00:00.000Z |
| msrc_cve-2021-21285 | Docker daemon crash during image pull of malicious image | 2021-02-02T00:00:00.000Z | 2021-07-27T00:00:00.000Z |
| msrc_cve-2021-21303 | Injection attack in Helm | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-21309 | Integer overflow on 32-bit systems | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-21702 | Null Dereference in SoapClient | 2021-02-02T00:00:00.000Z | 2025-10-01T23:11:07.000Z |
| msrc_cve-2021-23336 | Web Cache Poisoning | 2021-02-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-23840 | Integer overflow in CipherUpdate | 2021-02-02T00:00:00.000Z | 2025-09-03T20:05:49.000Z |
| msrc_cve-2021-23841 | Null pointer deref in X509_issuer_and_serial_hash() | 2021-02-02T00:00:00.000Z | 2025-09-03T22:33:59.000Z |
| msrc_cve-2021-26708 | A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support. | 2021-02-02T00:00:00.000Z | 2021-02-11T00:00:00.000Z |
| msrc_cve-2021-26720 | avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc/network/if-up.d/avahi-daemon and allows a local attacker to cause a denial of service or create arbitrary empty files via a symlink attack on files under /run/avahi-daemon. NOTE: this only affects the packaging for Debian GNU/Linux (used indirectly by SUSE) not the upstream Avahi product. | 2021-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2021-26926 | A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2_decode function whic may lead to disclosure of information or program crash. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-26927 | A flaw was found in jasper before 2.0.25. A null pointer dereference in jp2_decode in jp2_dec.c may lead to program crash and denial of service. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-26930 | An issue was discovered in the Linux kernel 3.11 through 5.10.16 as used by Xen. To service requests to the PV backend the driver maps grant references provided by the frontend. In this process errors may be encountered. In one case an error encountered earlier might be discarded by later processing resulting in the caller assuming successful mapping and hence subsequent operations trying to access space that wasn't mapped. In another case internal state would be insufficiently updated preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c. | 2021-02-02T00:00:00.000Z | 2021-02-25T00:00:00.000Z |
| msrc_cve-2021-26931 | An issue was discovered in the Linux kernel 2.6.39 through 5.10.16 as used in Xen. Block net and SCSI backends consider certain errors a plain bug deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions) it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c. | 2021-02-02T00:00:00.000Z | 2021-02-25T00:00:00.000Z |
| msrc_cve-2021-26932 | An issue was discovered in the Linux kernel 3.2 through 5.10.16 as used by Xen. Grant mapping operations often occur in batch hypercalls where a number of operations are done in a single hypercall the success or failure of each one is reported to the backend driver and the backend driver then loops over the results performing follow-up actions based on the success or failure of each operation. Unfortunately when running in PV mode the Linux backend drivers mishandle this: Some errors are ignored effectively implying their success from the success of related batch elements. In other cases errors resulting from one batch element lead to further batch elements not being inspected and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable. This affects arch/*/xen/p2m.c and drivers/xen/gntdev.c. | 2021-02-02T00:00:00.000Z | 2021-02-26T00:00:00.000Z |
| msrc_cve-2021-26934 | An issue was discovered in the Linux kernel 4.18 through 5.10.16 as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration but this wasn't stated accordingly in its support status entry. | 2021-02-02T00:00:00.000Z | 2021-02-25T00:00:00.000Z |
| msrc_cve-2021-26937 | encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service (invalid write access and application crash) or possibly have unspecified other impact via a crafted UTF-8 character sequence. | 2021-02-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-27135 | xterm before Patch #366 allows remote attackers to execute arbitrary code or cause a denial of service (segmentation fault) via a crafted UTF-8 combining character sequence. | 2021-02-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2013-000077 | Cybozu Mailwise vulnerable to information disclosure | 2013-08-13T12:22+09:00 | 2013-08-20T11:37+09:00 |
| jvndb-2013-000078 | Yafuoku! contains an issue where it fails to verify SSL server certificates | 2013-08-19T15:35+09:00 | 2013-08-23T18:43+09:00 |
| jvndb-2013-000079 | Yahoo! Japan Shopping for Android contains an issue where it fails to verify SSL server certificates | 2013-08-19T15:50+09:00 | 2013-08-23T18:42+09:00 |
| jvndb-2013-000080 | PHP OpenID Library vulnerable to XML external entity injection | 2013-08-21T14:26+09:00 | 2013-08-23T18:38+09:00 |
| jvndb-2013-000081 | EC-CUBE vulnerable to directory traversal when used in Windows | 2013-08-30T14:38+09:00 | 2013-09-02T18:25+09:00 |
| jvndb-2013-000084 | VMware ESX and ESXi vulnerable to directory traversal | 2013-09-06T13:59+09:00 | 2013-09-11T13:59+09:00 |
| jvndb-2013-000085 | VMware ESX and ESXi vulnerable to buffer overflow | 2013-09-06T14:03+09:00 | 2013-09-11T14:06+09:00 |
| jvndb-2013-003469 | Apache Struts vulnerable to remote command execution | 2013-09-06T14:12+09:00 | 2015-08-11T15:19+09:00 |
| jvndb-2013-000082 | Cybozu Office vulnerable to cross-site scripting | 2013-09-10T13:56+09:00 | 2013-09-11T13:34+09:00 |
| jvndb-2013-000086 | Opera vulnerable to cross-site scripting | 2013-09-12T14:13+09:00 | 2013-09-17T14:20+09:00 |
| jvndb-2013-000088 | ChamaCargo vulnerable to cross-site scripting | 2013-09-13T12:21+09:00 | 2013-09-18T16:12+09:00 |
| jvndb-2013-000087 | Multiple broadband routers may behave as open resolvers | 2013-09-19T13:29+09:00 | 2014-08-28T18:10+09:00 |
| jvndb-2013-000093 | Internet Explorer vulnerable to arbitrary code execution | 2013-09-19T14:39+09:00 | 2013-10-10T18:12+09:00 |
| jvndb-2013-000091 | SEIL Series routers vulnerable in RADIUS authentication | 2013-09-20T14:52+09:00 | 2013-10-08T15:36+09:00 |
| jvndb-2013-000092 | SEIL Series routers vulnerable to buffer overflow | 2013-09-20T14:57+09:00 | 2013-09-30T16:46+09:00 |
| jvndb-2013-000089 | D-Link DWL-2100AP vulnerable to denial-of-service (DoS) | 2013-09-20T15:07+09:00 | 2013-09-30T15:47+09:00 |
| jvndb-2013-000090 | D-Link DES-3810 Series vulnerable to denial-of-service (DoS) | 2013-09-20T15:12+09:00 | 2013-09-30T15:52+09:00 |
| jvndb-2013-004318 | Multiple vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i | 2013-09-27T14:49+09:00 | 2013-09-27T14:49+09:00 |
| jvndb-2013-004319 | Multiple vulnerabilities in Java bundled with Hitachi JP1/Cm2/Network Node Manager i | 2013-09-27T14:51+09:00 | 2013-09-27T14:51+09:00 |
| jvndb-2013-004409 | Arbitrary Commands Execution Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 | 2013-10-03T19:24+09:00 | 2013-10-03T19:24+09:00 |
| jvndb-2013-004410 | Arbitrary Commands Execution Vulnerability in JP1/Base | 2013-10-03T19:26+09:00 | 2013-10-03T19:26+09:00 |
| jvndb-2013-000094 | Accela BizSearch vulnerable to cross-site scripting | 2013-10-04T12:36+09:00 | 2013-10-08T14:56+09:00 |
| jvndb-2013-000095 | HDL-A and HDL2-A Series vulnerable in session management | 2013-10-18T14:30+09:00 | 2013-10-22T17:56+09:00 |
| jvndb-2013-000096 | RockDisk vulnerable to cross-site scripting | 2013-10-29T14:40+09:00 | 2014-07-02T14:36+09:00 |
| jvndb-2013-001665 | Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS) | 2013-10-30T16:08+09:00 | 2015-10-28T10:05+09:00 |
| jvndb-2013-004446 | Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU) | 2013-10-30T16:32+09:00 | 2015-10-28T10:05+09:00 |
| jvndb-2013-000099 | Tiki Wiki CMS Groupware vulnerable to cross-site scripting | 2013-11-05T15:05+09:00 | 2013-11-07T17:55+09:00 |
| jvndb-2013-000100 | Tiki Wiki CMS Groupware vulnerable to SQL injection | 2013-11-05T15:11+09:00 | 2013-11-07T17:57+09:00 |
| jvndb-2013-000101 | TOWN (modified version) vulnerable to cross-site scripting | 2013-11-07T13:59+09:00 | 2013-11-11T16:34+09:00 |
| jvndb-2013-000102 | Page Scroller vulnerable to cross-site scripting | 2013-11-07T14:03+09:00 | 2013-11-07T14:03+09:00 |
| ID | Description | Updated |
|---|