Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-3cqf-mfjf-xv44 | When an inner window is reused, it does not consider the use of document.domain for cross-origin pr… | 2022-05-24T16:50:59Z | 2025-11-25T18:32:16Z |
| ghsa-8ffr-q7j8-h445 | A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Arra… | 2022-05-24T16:50:59Z | 2025-10-22T00:31:43Z |
| ghsa-w2hj-6j62-2w9f | Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent… | 2022-05-24T16:50:59Z | 2025-10-22T00:31:43Z |
| ghsa-mg9h-wcqm-m3mw | When importing a curve25519 private key in PKCS#8format with leading 0x00 bytes, it is possible to … | 2022-05-24T16:51:00Z | 2025-11-25T18:32:16Z |
| ghsa-vp8c-39q7-pxqc | A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs… | 2022-05-24T16:51:00Z | 2025-11-25T18:32:16Z |
| ghsa-x7fr-mw8m-fh4w | Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improper… | 2022-05-24T16:51:01Z | 2025-11-25T18:32:16Z |
| ghsa-pvgx-mr5j-54w6 | An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed l… | 2022-05-24T16:51:52Z | 2025-11-03T21:30:30Z |
| ghsa-55hv-x43w-phcv | There was a server-side template injection vulnerability in Jira Server and Data Center, in the Con… | 2022-05-24T16:53:00Z | 2025-10-22T00:31:42Z |
| ghsa-75jg-chc9-wv8p | Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5… | 2022-05-24T16:53:26Z | 2025-10-22T00:31:43Z |
| ghsa-69hp-hrv4-rxrr | An issue was discovered in Webmin through 1.920. The parameter old in password_change.cgi contains … | 2022-05-24T16:53:49Z | 2025-10-22T00:31:43Z |
| ghsa-pg68-prcj-h956 | Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a … | 2022-05-24T16:55:04Z | 2025-10-22T00:31:43Z |
| ghsa-22h8-5mmq-pgx3 | Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.… | 2022-05-24T16:55:11Z | 2025-10-22T00:31:43Z |
| ghsa-8qv6-943v-r8gm | Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the … | 2022-05-24T16:55:31Z | 2025-10-22T00:31:43Z |
| ghsa-2q4x-j5p2-9wxv | An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) drive… | 2022-05-24T16:56:00Z | 2025-10-22T00:31:43Z |
| ghsa-63x7-m3j2-hxwg | An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles object… | 2022-05-24T16:56:00Z | 2025-10-22T00:31:43Z |
| ghsa-wp5j-ppw9-22mw | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly h… | 2022-05-24T16:56:01Z | 2025-10-22T00:31:43Z |
| ghsa-mq4h-3x66-jfc7 | Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which m… | 2022-05-24T16:56:03Z | 2025-10-22T00:31:43Z |
| ghsa-5786-v8v7-87fq | A remote code execution vulnerability exists in the way that the scripting engine handles objects i… | 2022-05-24T16:56:40Z | 2025-10-22T00:31:43Z |
| ghsa-5p5j-jvxx-68mp | Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR-652… | 2022-05-24T16:57:00Z | 2025-10-22T00:31:43Z |
| ghsa-pf22-jf54-7q9c | When a master password is set, it is required to be entered again before stored passwords can be ac… | 2022-05-24T16:57:02Z | 2025-11-25T18:32:16Z |
| ghsa-6wqx-grg2-grhw | Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox… | 2022-05-24T16:57:03Z | 2025-11-25T18:32:16Z |
| ghsa-98fg-hp5j-cm68 | Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specificat… | 2022-05-24T16:57:03Z | 2025-11-25T18:32:17Z |
| ghsa-xg2f-gj2p-r7xq | Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-1584… | 2022-05-24T16:57:08Z | 2025-10-22T00:31:43Z |
| ghsa-hcfh-v4x2-gm2f | In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could … | 2022-05-24T16:57:20Z | 2025-11-05T00:31:12Z |
| ghsa-g6qh-mc7h-56g2 | RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) and 4.1.4 (in 4.1.x) and RSA … | 2022-05-24T16:57:32Z | 2025-11-05T00:31:12Z |
| ghsa-4f2v-4fxm-hw3f | The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | 2022-05-24T16:57:43Z | 2025-12-03T21:30:56Z |
| ghsa-6hrq-9c58-j26c | The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | 2022-05-24T16:57:43Z | 2025-12-03T21:30:56Z |
| ghsa-jh65-6gq2-4wq3 | The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | 2022-05-24T16:57:44Z | 2025-12-18T00:34:04Z |
| ghsa-75jx-pcxc-2v2f | The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | 2022-05-24T16:57:45Z | 2025-12-03T21:30:56Z |
| ghsa-cq2q-g8h5-4923 | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print… | 2022-05-24T16:57:45Z | 2025-12-03T21:30:56Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2021-1879 | N/A | This issue was addressed by improved management o… |
Apple |
iOS and iPadOS |
2021-04-02T18:07:52.000Z | 2025-10-21T23:25:49.688Z |
| cve-2020-36309 | N/A | ngx_http_lua_module (aka lua-nginx-module) before… |
n/a |
n/a |
2021-04-06T17:32:45.000Z | 2025-11-03T19:25:36.582Z |
| cve-2021-3448 | N/A | A flaw was found in dnsmasq in versions before 2.… |
n/a |
dnsmasq |
2021-04-08T22:06:45.000Z | 2025-12-03T00:40:40.220Z |
| cve-2021-20021 | N/A | A vulnerability in the SonicWall Email Security v… |
SonicWall |
Email Security |
2021-04-09T17:50:14.000Z | 2025-10-21T23:25:49.537Z |
| cve-2021-20022 | N/A | SonicWall Email Security version 10.0.9.x contain… |
SonicWall |
Email Security |
2021-04-09T17:50:15.000Z | 2025-10-21T23:25:49.388Z |
| cve-2021-30481 | Valve Steam before 2021-04-17, when a Source engi… |
n/a |
n/a |
2021-04-10T18:31:34.000Z | 2025-11-03T05:30:21.447Z | |
| cve-2021-28310 | 7.8 (v3.1) | Win32k Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1803 |
2021-04-13T19:32:47.000Z | 2025-10-21T23:25:49.229Z |
| cve-2021-29338 | N/A | Integer Overflow in OpenJPEG v2.4.0 allows remote… |
n/a |
n/a |
2021-04-14T13:52:26.000Z | 2025-11-03T19:25:43.869Z |
| cve-2021-27129 | N/A | CASAP Automated Enrollment System version 1.0 con… |
n/a |
n/a |
2021-04-15T11:15:34.000Z | 2025-11-11T17:37:07.343Z |
| cve-2020-2509 | N/A | Command Injection Vulnerability in QTS and QuTS hero |
QNAP Systems Inc. |
QTS |
2021-04-17T03:50:12.655Z | 2025-10-21T23:25:49.063Z |
| cve-2021-3493 | The overlayfs implementation in the linux kernel … |
Ubuntu |
linux kernel |
2021-04-17T04:20:16.706Z | 2025-10-21T23:25:48.908Z | |
| cve-2021-20023 | N/A | SonicWall Email Security version 10.0.9.x contain… |
SonicWall |
Email Security |
2021-04-20T11:55:13.000Z | 2025-10-21T23:25:48.746Z |
| cve-2021-22893 | N/A | Pulse Connect Secure 9.0R3/9.1R1 and higher is vu… |
n/a |
Pulse Connect Secure |
2021-04-23T16:29:43.000Z | 2025-10-21T23:25:48.614Z |
| cve-2021-22204 | Improper neutralization of user data in the DjVu … |
ExifTool |
ExifTool |
2021-04-23T17:22:15.000Z | 2025-10-21T23:25:48.455Z | |
| cve-2021-22205 | An issue has been discovered in GitLab CE/EE affe… |
GitLab |
GitLab |
2021-04-23T17:39:36.000Z | 2025-10-21T23:25:48.290Z | |
| cve-2021-20086 | N/A | Improperly Controlled Modification of Object Prot… |
n/a |
jquery-bbq |
2021-04-23T18:11:07.000Z | 2025-11-03T21:44:34.084Z |
| cve-2021-21220 | N/A | Insufficient validation of untrusted input in V8 … |
Google |
Chrome |
2021-04-26T00:00:00.000Z | 2025-10-21T23:25:48.124Z |
| cve-2021-21206 | N/A | Use after free in Blink in Google Chrome prior to… |
Google |
Chrome |
2021-04-26T16:00:33.000Z | 2025-10-21T23:25:47.925Z |
| cve-2021-21224 | N/A | Type confusion in V8 in Google Chrome prior to 90… |
Google |
Chrome |
2021-04-26T16:56:09.000Z | 2025-10-21T23:25:47.768Z |
| cve-2021-20090 | N/A | A path traversal vulnerability in the web interfa… |
n/a |
Buffalo WSR-2533DHPL2, Buffalo WSR-2533DHP3 |
2021-04-29T00:00:00.000Z | 2025-10-21T23:25:47.628Z |
| cve-2021-21551 | 8.8 (v3.1) | Dell dbutil_2_3.sys driver contains an insufficie… |
Dell |
dbutil |
2021-05-04T15:15:21.388Z | 2025-10-21T23:25:47.458Z |
| cve-2021-29921 | N/A | In Python before 3,9,5, the ipaddress library mis… |
n/a |
n/a |
2021-05-06T00:00:00.000Z | 2025-11-03T21:44:43.122Z |
| cve-2021-1497 | Cisco HyperFlex HX Command Injection Vulnerabilities |
Cisco |
Cisco HyperFlex HX Data Platform |
2021-05-06T12:41:27.712Z | 2025-10-21T23:25:47.305Z | |
| cve-2021-1498 | Cisco HyperFlex HX Command Injection Vulnerabilities |
Cisco |
Cisco HyperFlex HX Data Platform |
2021-05-06T12:41:31.982Z | 2025-10-21T23:25:47.170Z | |
| cve-2021-32030 | N/A | The administrator application on ASUS GT-AC2900 d… |
n/a |
n/a |
2021-05-06T14:54:31.000Z | 2025-10-21T23:25:47.016Z |
| cve-2021-1905 | Possible use after free due to improper handling … |
Qualcomm, Inc. |
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2021-05-07T09:10:40.000Z | 2025-10-21T23:25:46.858Z | |
| cve-2021-1906 | Improper handling of address deregistration on fa… |
Qualcomm, Inc. |
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
2021-05-07T09:10:40.000Z | 2025-10-21T23:25:46.727Z | |
| cve-2021-31755 | N/A | An issue was discovered on Tenda AC11 devices wit… |
n/a |
n/a |
2021-05-07T22:01:44.000Z | 2025-10-21T23:25:46.571Z |
| cve-2021-28663 | N/A | The Arm Mali GPU kernel driver allows privilege e… |
n/a |
n/a |
2021-05-10T00:00:00.000Z | 2025-10-21T23:25:46.291Z |
| cve-2021-28664 | N/A | The Arm Mali GPU kernel driver allows privilege e… |
n/a |
n/a |
2021-05-10T00:00:00.000Z | 2025-10-21T23:25:46.137Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-14468 | N/A | The FRF.16 parser in tcpdump before 4.9.3 has a b… |
n/a |
n/a |
2019-10-03T15:27:45.000Z | 2025-12-03T20:45:24.915Z |
| cve-2018-14470 | N/A | The Babel parser in tcpdump before 4.9.3 has a bu… |
n/a |
n/a |
2019-10-03T15:31:18.000Z | 2025-12-03T20:42:09.545Z |
| cve-2018-14879 | N/A | The command-line argument parser in tcpdump befor… |
n/a |
n/a |
2019-10-03T15:33:33.000Z | 2025-12-03T20:39:47.533Z |
| cve-2018-14881 | N/A | The BGP parser in tcpdump before 4.9.3 has a buff… |
n/a |
n/a |
2019-10-03T15:36:44.000Z | 2025-12-03T20:34:34.490Z |
| cve-2018-14882 | N/A | The ICMPv6 parser in tcpdump before 4.9.3 has a b… |
n/a |
n/a |
2019-10-03T15:41:37.000Z | 2025-12-03T20:31:48.804Z |
| cve-2018-16228 | N/A | The HNCP parser in tcpdump before 4.9.3 has a buf… |
n/a |
n/a |
2019-10-03T15:46:38.000Z | 2025-12-03T20:05:56.417Z |
| cve-2018-16230 | N/A | The BGP parser in tcpdump before 4.9.3 has a buff… |
n/a |
n/a |
2019-10-03T15:49:01.000Z | 2025-12-03T19:48:44.187Z |
| cve-2018-16300 | N/A | The BGP parser in tcpdump before 4.9.3 allows sta… |
n/a |
n/a |
2019-10-03T15:52:39.000Z | 2025-12-03T19:45:17.934Z |
| cve-2018-16451 | N/A | The SMB parser in tcpdump before 4.9.3 has buffer… |
n/a |
n/a |
2019-10-03T15:57:34.000Z | 2025-12-03T19:29:33.198Z |
| cve-2018-16452 | N/A | The SMB parser in tcpdump before 4.9.3 has stack … |
n/a |
n/a |
2019-10-03T15:58:44.000Z | 2025-12-03T19:15:43.318Z |
| cve-2019-15166 | lmp_print in tcpdump lacks certain boundary checks |
n/a |
n/a |
2019-10-03T16:01:34.000Z | 2025-12-03T18:47:27.498Z | |
| cve-2019-15165 | N/A | sf-pcapng.c in libpcap before 1.9.1 does not prop… |
n/a |
n/a |
2019-10-03T18:38:07.000Z | 2025-12-03T19:06:21.272Z |
| cve-2019-1315 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-10-10T13:28:40.000Z | 2025-10-21T23:45:29.583Z |
| cve-2019-1322 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-10-10T13:28:41.000Z | 2025-10-21T23:45:29.390Z |
| cve-2019-2215 | N/A | A use-after-free in binder.c allows an elevation … |
n/a |
Android |
2019-10-11T18:16:48.000Z | 2025-10-21T23:45:29.242Z |
| cve-2019-16278 | N/A | Directory Traversal in the function http_verify i… |
n/a |
n/a |
2019-10-14T16:06:03.000Z | 2025-10-21T23:45:29.067Z |
| cve-2019-3010 | N/A | Vulnerability in the Oracle Solaris product of Or… |
Oracle Corporation |
Solaris Operating System |
2019-10-16T17:40:59.000Z | 2025-10-21T23:45:28.835Z |
| cve-2019-11043 | Underflow in PHP-FPM can lead to RCE |
PHP |
PHP |
2019-10-28T14:19:04.252Z | 2025-10-21T23:45:28.408Z | |
| cve-2019-18187 | N/A | Trend Micro OfficeScan versions 11.0 and XG (12.0… |
Trend Micro |
Trend Micro OfficeScan |
2019-10-28T19:28:32.000Z | 2025-10-29T13:21:30.943Z |
| cve-2019-1385 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-11-12T18:52:54.000Z | 2025-10-21T23:35:58.416Z |
| cve-2019-1388 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-11-12T18:52:54.000Z | 2025-10-21T23:35:58.261Z |
| cve-2019-1405 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2019-11-12T18:53:00.000Z | 2025-10-21T23:35:58.095Z |
| cve-2019-1429 | N/A | A remote code execution vulnerability exists in t… |
Microsoft |
Internet Explorer 9 |
2019-11-12T18:53:10.000Z | 2025-10-21T23:35:57.927Z |
| cve-2019-10768 | N/A | In AngularJS before 1.7.9 the function `merge()` … |
n/a |
AngularJS |
2019-11-19T20:07:49 | 2024-08-04T22:32:01.679Z |
| cve-2019-6693 | N/A | Use of a hard-coded cryptographic key to cipher s… |
Fortinet |
FortiGate |
2019-11-21T15:08:05.000Z | 2025-10-21T23:35:57.795Z |
| cve-2019-13720 | N/A | Use after free in WebAudio in Google Chrome prior… |
Google |
Chrome |
2019-11-25T14:22:55.000Z | 2025-10-21T23:35:57.638Z |
| cve-2019-5825 | N/A | Out of bounds write in JavaScript in Google Chrom… |
Google |
Chrome |
2019-11-25T19:41:18.000Z | 2025-10-21T23:35:57.478Z |
| cve-2019-15271 | Cisco Small Business RV016, RV042, RV042G, and RV082 R… |
Cisco |
Cisco Small Business RV Series Router Firmware |
2019-11-26T03:12:26.649Z | 2025-10-21T23:35:57.315Z | |
| cve-2019-19391 | N/A | In LuaJIT through 2.0.5, as used in Moonjit befor… |
n/a |
n/a |
2019-11-29T15:18:49.000Z | 2025-11-03T18:07:53.427Z |
| cve-2019-19493 | N/A | Kentico before 12.0.50 allows file uploads in whi… |
n/a |
n/a |
2019-12-02T02:30:57 | 2024-08-05T02:16:47.416Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-8e35cfed38428b7a | Pentesting or research code in szn-search-mlops-serp-downloader (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8e36e2dea15a795b | Pentesting or research code in deepseek-fake (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8e98f53933a358e2 | Pentesting or research code in layoutspecs (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8eb82be602cc0d4c | Pentesting or research code in pysbark (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-8f37cdcaf6d8e49f | Pentesting or research code in flashinfer (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-906d5f09d6b21967 | Pentesting or research code in murkh1111 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-90fc0e90fe0827d2 | Pentesting or research code in springboot (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9182e332ef5bf851 | Pentesting or research code in c8tks94kspjghtb (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-927a9dbf7483280f | Pentesting or research code in rtxt-dep4 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-92b72b3d47781289 | Pentesting or research code in rqeuets (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9307e2c92efb0bcc | Pentesting or research code in szn-search-mlops-common (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9375172952f24589 | Pentesting or research code in elbloadmonitor (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-93e49fb052e30e7c | Pentesting or research code in comfyui-node-test (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-946e4f02e3bc9faf | Pentesting or research code in check-codeowners (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-967463eb5a6fc190 | Pentesting or research code in ctftestsowwy (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-97a46aef581f6d71 | Pentesting or research code in greensadway (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-98b9157bdd105e9b | Pentesting or research code in google-appengine-ext (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9a2b30e3149d4c02 | Pentesting or research code in szn-zbozi-ab-testing-fulltext (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9c7ba0bd6210c27f | Pentesting or research code in aiopbotocore (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9cc68a9f63c26e04 | Pentesting or research code in dependency133434fr43437 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9e1af18204b91fa2 | Pentesting or research code in akh-py (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9e465f1b8689bea6 | Pentesting or research code in testospkg (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-9f9b7d8ffb0ab51c | Pentesting or research code in szn-search-mlops-common (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a000a8e1a41ef3f9 | Pentesting or research code in merbe (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a202500c9717ad11 | Pentesting or research code in testpysecure (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a33040f7c4319171 | Pentesting or research code in chain00x (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a49cf5d0396d3f9d | Pentesting or research code in d5e54ncy1337 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a57cc46b973e99f3 | Pentesting or research code in blabb111 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a621ab5f633595c4 | Pentesting or research code in sensadway (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a736772e9e597e42 | Pentesting or research code in pd-py-cli (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2007:0009 | Red Hat Security Advisory: flash-plugin security update | 2007-01-09T14:10:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0003 | Red Hat Security Advisory: xorg-x11 security update | 2007-01-10T12:06:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0002 | Red Hat Security Advisory: XFree86 security update | 2007-01-10T14:01:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0017 | Red Hat Security Advisory: Adobe Acrobat Reader security update | 2007-01-11T11:10:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0011 | Red Hat Security Advisory: libgsf security update | 2007-01-11T11:27:00+00:00 | 2025-11-21T17:31:03+00:00 |
| rhsa-2007:0013 | Red Hat Security Advisory: kernel security update | 2007-01-17T10:13:00+00:00 | 2025-11-21T17:31:04+00:00 |
| rhsa-2007:0012 | Red Hat Security Advisory: kernel security update | 2007-01-17T10:51:00+00:00 | 2025-11-21T17:31:04+00:00 |
| rhsa-2007:0021 | Red Hat Security Advisory: Adobe Acrobat Reader security update | 2007-01-22T19:40:00+00:00 | 2025-11-21T17:31:09+00:00 |
| rhsa-2007:0072 | Red Hat Security Advisory: IBMJava2 security update | 2007-01-24T00:00:00+00:00 | 2025-11-21T17:31:12+00:00 |
| rhsa-2007:0019 | Red Hat Security Advisory: gtk2 security update | 2007-01-24T16:09:00+00:00 | 2025-11-21T17:31:06+00:00 |
| rhsa-2007:0014 | Red Hat Security Advisory: kernel security update | 2007-01-30T14:22:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0022 | Red Hat Security Advisory: squirrelmail security update | 2007-01-31T17:13:00+00:00 | 2025-11-21T17:31:07+00:00 |
| rhsa-2007:0018 | Red Hat Security Advisory: fetchmail security update | 2007-01-31T17:20:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0044 | Red Hat Security Advisory: bind security update | 2007-02-06T18:46:00+00:00 | 2025-11-21T17:31:07+00:00 |
| rhsa-2007:0064 | Red Hat Security Advisory: postgresql security update | 2007-02-07T18:10:00+00:00 | 2025-11-21T17:31:10+00:00 |
| rhsa-2007:0067 | Red Hat Security Advisory: postgresql security update | 2007-02-07T18:30:00+00:00 | 2025-11-21T17:31:11+00:00 |
| rhsa-2007:0062 | Red Hat Security Advisory: java-1.4.2-ibm security update | 2007-02-07T19:57:00+00:00 | 2025-11-21T17:31:09+00:00 |
| rhsa-2007:0008 | Red Hat Security Advisory: dbus security update | 2007-02-08T08:39:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0073 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2007-02-09T16:23:00+00:00 | 2025-11-21T17:31:12+00:00 |
| rhsa-2007:0015 | Red Hat Security Advisory: ImageMagick security update | 2007-02-15T16:33:00+00:00 | 2025-11-21T17:31:05+00:00 |
| rhsa-2007:0060 | Red Hat Security Advisory: samba security update | 2007-02-15T19:13:00+00:00 | 2025-11-21T17:31:14+00:00 |
| rhsa-2007:0083 | Red Hat Security Advisory: mysql security update | 2007-02-19T19:41:00+00:00 | 2025-11-21T17:31:17+00:00 |
| rhsa-2007:0076 | Red Hat Security Advisory: php security update | 2007-02-19T21:08:00+00:00 | 2025-11-21T17:31:14+00:00 |
| rhsa-2007:0086 | Red Hat Security Advisory: gnomemeeting security update | 2007-02-20T12:06:00+00:00 | 2025-11-21T17:31:17+00:00 |
| rhsa-2007:0010 | Red Hat Security Advisory: koffice security update | 2007-02-20T16:55:00+00:00 | 2025-11-21T17:31:02+00:00 |
| rhsa-2007:0081 | Red Hat Security Advisory: php security update | 2007-02-21T12:42:00+00:00 | 2025-11-21T17:31:15+00:00 |
| rhsa-2007:0074 | Red Hat Security Advisory: spamassassin security update | 2007-02-21T18:44:00+00:00 | 2025-11-21T17:31:13+00:00 |
| rhsa-2007:0088 | Red Hat Security Advisory: php security update | 2007-02-22T11:11:00+00:00 | 2025-11-21T17:31:18+00:00 |
| rhsa-2007:0079 | Red Hat Security Advisory: Firefox security update | 2007-02-23T21:06:00+00:00 | 2025-11-21T17:31:15+00:00 |
| rhsa-2007:0077 | Red Hat Security Advisory: seamonkey security update | 2007-02-24T02:41:00+00:00 | 2025-11-21T17:31:14+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-27212 | In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27218 | An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform the length would be truncated modulo 2**32 causing unintended length truncation. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27219 | An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27367 | Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in Bolt before 4.1.13 allow Directory Traversal. | 2021-02-02T00:00:00.000Z | 2025-10-01T23:11:09.000Z |
| msrc_cve-2021-27378 | An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too little data. | 2021-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2021-27803 | A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code) for an attacker within radio range. | 2021-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3348 | nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup aka CID-b98e762e3d71. | 2021-02-02T00:00:00.000Z | 2021-02-06T00:00:00.000Z |
| msrc_cve-2020-14372 | A flaw was found in grub2 in versions prior to 2.06 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-17525 | Remote unauthenticated denial-of-service in Subversion mod_authz_svn | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25632 | A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25639 | A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-25647 | A flaw was found in grub2 in versions prior to 2.06. During USB device initialization descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27170 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27171 | An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory aka CID-10d2bb2e6b1d. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27749 | A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents using a 1kB stack buffer for temporary storage without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload it is possible to overflow the stack buffer corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27779 | A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-27827 | A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs potentially causing a denial of service. The highest threat from this vulnerability is to system availability. | 2021-03-02T00:00:00.000Z | 2022-08-06T00:00:00.000Z |
| msrc_cve-2020-35492 | A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example by convincing a user to open a file in an application using cairo or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-03-30T00:00:00.000Z |
| msrc_cve-2020-35508 | A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35521 | A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c a crafted TIFF file can lead to an abort resulting in denial of service. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35522 | In LibTIFF there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort resulting in a remote denial of service attack. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35523 | An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-35524 | A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20197 | There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar objcopy strip ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users) an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-20225 | A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20227 | A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. | 2021-03-02T00:00:00.000Z | 2021-03-27T00:00:00.000Z |
| msrc_cve-2021-20231 | A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20232 | A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20233 | A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-20255 | A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host resulting in a denial of service. The highest threat from this vulnerability is to system availability. | 2021-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2013-000103 | Ichitaro series vulnerable to arbitrary code execution | 2013-11-12T14:33+09:00 | 2013-11-15T10:22+09:00 |
| jvndb-2011-003557 | ASP.NET vulnerable to open redirect | 2013-11-15T15:54+09:00 | 2013-11-15T15:54+09:00 |
| jvndb-2013-000104 | EC-CUBE vulnerable to information disclosure | 2013-11-20T15:19+09:00 | 2013-11-22T14:42+09:00 |
| jvndb-2013-000105 | EC-CUBE vulnerable to cross-site scripting | 2013-11-20T15:34+09:00 | 2013-11-22T14:40+09:00 |
| jvndb-2013-000097 | EC-CUBE vulnerable to cross-site request forgery | 2013-11-20T15:40+09:00 | 2013-11-22T14:37+09:00 |
| jvndb-2013-000098 | EC-CUBE information disclosure vulnerability | 2013-11-20T15:48+09:00 | 2013-11-22T14:35+09:00 |
| jvndb-2013-000107 | EC-CUBE vulnerable to cross-site scripting | 2013-11-20T15:56+09:00 | 2013-11-22T13:57+09:00 |
| jvndb-2013-000106 | EC-CUBE information disclosure vulnerability | 2013-11-20T16:14+09:00 | 2013-11-22T14:18+09:00 |
| jvndb-2013-000109 | D-Link DES-3800 Series vulnerable to denial-of-service (DoS) | 2013-11-22T14:50+09:00 | 2013-11-26T16:09+09:00 |
| jvndb-2013-000110 | D-Link DES-3800 Series vulnerable to denial-of-service (DoS) | 2013-11-22T14:51+09:00 | 2013-11-26T16:15+09:00 |
| jvndb-2013-000108 | KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates | 2013-11-22T17:39+09:00 | 2013-11-26T16:02+09:00 |
| jvndb-2013-005262 | Buffer Overflow Vulnerability in the log function of Interstage HTTP Server | 2013-11-28T16:38+09:00 | 2013-12-18T16:16+09:00 |
| jvndb-2013-000112 | TOWN (modified version) vulnerable to directory traversal | 2013-11-29T14:23+09:00 | 2013-12-06T10:38+09:00 |
| jvndb-2013-000113 | Multiple cross-site scripting vulnerabilities in Cybozu Garoon | 2013-12-03T13:37+09:00 | 2013-12-06T10:42+09:00 |
| jvndb-2013-000114 | Cybozu Garoon vulnerable to SQL injection | 2013-12-03T13:45+09:00 | 2013-12-06T10:47+09:00 |
| jvndb-2013-000115 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2013-12-03T13:46+09:00 | 2013-12-06T10:48+09:00 |
| jvndb-2013-000116 | Cybozu Garoon vulnerable to mail header injection | 2013-12-03T13:49+09:00 | 2013-12-06T10:50+09:00 |
| jvndb-2013-000117 | Cybozu Garoon vulnerable to session fixation | 2013-12-03T13:51+09:00 | 2013-12-06T10:52+09:00 |
| jvndb-2013-000118 | Cybozu Dezie vulnerable to cross-site scripting | 2013-12-10T14:13+09:00 | 2013-12-18T14:51+09:00 |
| jvndb-2013-000119 | Juniper ScreenOS vulnerable to denial-of-service (DoS) | 2013-12-13T12:23+09:00 | 2013-12-18T15:23+09:00 |
| jvndb-2013-000111 | Android OS vulnerable to arbitrary Java method execution | 2013-12-17T13:57+09:00 | 2014-03-05T17:27+09:00 |
| jvndb-2013-000120 | IrfanView vulnerable to buffer overflow | 2013-12-24T15:02+09:00 | 2014-01-07T19:25+09:00 |
| jvndb-2013-000123 | VMware ESX and ESXi may allow access to arbitrary files | 2013-12-24T15:02+09:00 | 2013-12-25T14:01+09:00 |
| jvndb-2013-000124 | Cybozu Garoon vulnerable to SQL injection | 2013-12-25T12:21+09:00 | 2014-01-07T19:22+09:00 |
| jvndb-2013-000125 | Cybozu Garoon Keitai vulnerable to authentication bypass | 2013-12-25T12:22+09:00 | 2014-01-07T16:12+09:00 |
| jvndb-2013-005669 | Xml eXternal Entity Vulnerability in Hitachi Cosminexus | 2013-12-25T19:13+09:00 | 2013-12-25T19:13+09:00 |
| jvndb-2013-000126 | HP Autonomy Ultraseek vulnerable to cross-site scripting | 2013-12-26T12:32+09:00 | 2013-12-26T12:32+09:00 |
| jvndb-2014-000001 | ZIP with Pass vulnerable to directory traversal | 2014-01-10T14:34+09:00 | 2014-01-10T14:34+09:00 |
| jvndb-2014-000002 | tetra filer vulnerable to directory traversal | 2014-01-10T14:41+09:00 | 2014-01-10T14:41+09:00 |
| jvndb-2014-000003 | Security File Manager vulnerable to directory traversal | 2014-01-10T14:42+09:00 | 2014-01-10T14:42+09:00 |
| ID | Description | Updated |
|---|