Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-q59q-mg6r-4mfm | The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). | 2022-05-24T16:57:45Z | 2025-12-03T21:30:57Z |
| ghsa-x5g3-55pg-9g4m | The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_nex… | 2022-05-24T16:57:45Z | 2025-12-03T21:30:57Z |
| ghsa-6pxp-xhw6-v2fw | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print… | 2022-05-24T16:57:46Z | 2025-12-03T21:30:57Z |
| ghsa-hpcf-2qgx-qx94 | The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. | 2022-05-24T16:57:46Z | 2025-12-03T21:30:57Z |
| ghsa-qcfp-9c2v-6hq6 | The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). | 2022-05-24T16:57:46Z | 2025-12-03T21:30:58Z |
| ghsa-43jj-c4fj-r633 | The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_R… | 2022-05-24T16:57:47Z | 2025-12-03T21:30:57Z |
| ghsa-q5wq-8g35-qxj4 | The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAIL… | 2022-05-24T16:57:47Z | 2025-12-03T21:30:58Z |
| ghsa-4jh3-696v-qm6r | sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocat… | 2022-05-24T16:57:48Z | 2025-12-03T21:30:58Z |
| ghsa-5p6g-rfgv-93xw | lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 2022-05-24T16:57:49Z | 2025-12-03T21:30:58Z |
| ghsa-44h5-7p9r-q2m9 | An elevation of privilege vulnerability exists when Windows improperly handles authentication reque… | 2022-05-24T16:58:26Z | 2025-10-22T00:31:43Z |
| ghsa-jg5r-v4q8-v8jv | An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly hand… | 2022-05-24T16:58:26Z | 2025-10-22T00:31:43Z |
| ghsa-m7g6-9cwp-6jgm | A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kern… | 2022-05-24T16:58:40Z | 2025-10-22T00:31:49Z |
| ghsa-495x-r3cr-6rgx | Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker… | 2022-05-24T16:58:43Z | 2025-10-22T00:31:48Z |
| ghsa-w255-p3v2-q6mg | Vulnerability in the Oracle Solaris product of Oracle Systems (component: XScreenSaver). The suppor… | 2022-05-24T16:59:11Z | 2025-10-22T00:31:48Z |
| ghsa-6qjm-m8fp-j2mm | In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurat… | 2022-05-24T16:59:59Z | 2025-10-22T00:31:49Z |
| ghsa-cjq6-9jh6-x2vg | Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a di… | 2022-05-24T17:00:00Z | 2025-10-29T15:31:49Z |
| ghsa-jc5j-4728-w8pc | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) serv… | 2022-05-24T17:00:44Z | 2025-10-22T00:31:48Z |
| ghsa-hx92-84x6-67mx | Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup file… | 2022-05-24T17:01:46Z | 2025-10-22T00:31:48Z |
| ghsa-3qg6-gw2x-w9cq | Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to pote… | 2022-05-24T17:01:58Z | 2025-10-22T00:31:48Z |
| ghsa-3xc7-8f3r-h948 | Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker … | 2022-05-24T17:02:01Z | 2025-10-22T00:31:48Z |
| ghsa-87q2-rr35-r6c9 | A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Rou… | 2022-05-24T17:02:07Z | 2025-10-22T00:31:48Z |
| ghsa-756f-h55r-pvqq | In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a ty… | 2022-05-24T17:02:27Z | 2025-11-03T21:30:30Z |
| ghsa-997h-jrc2-j4f2 | Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with th… | 2022-05-24T17:02:29Z | 2025-12-19T21:30:14Z |
| ghsa-4wch-cg8h-vqc6 | This external control of file name or path vulnerability allows remote attackers to access or modif… | 2022-05-24T17:02:46Z | 2025-10-22T00:31:49Z |
| ghsa-5h7g-3542-fw4q | This external control of file name or path vulnerability allows remote attackers to access or modif… | 2022-05-24T17:02:46Z | 2025-10-22T00:31:48Z |
| ghsa-964w-hfj4-c2g7 | This improper input validation vulnerability allows remote attackers to inject arbitrary code to th… | 2022-05-24T17:02:46Z | 2025-10-22T00:31:49Z |
| ghsa-9p75-w4p8-7gvx | This improper access control vulnerability allows remote attackers to gain unauthorized access to t… | 2022-05-24T17:02:46Z | 2025-10-22T00:31:48Z |
| ghsa-4734-5452-r5fh | OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has eval… | 2022-05-24T17:02:49Z | 2025-10-22T00:31:49Z |
| ghsa-hqp5-7hf2-3rq4 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to proper… | 2022-05-24T17:03:06Z | 2025-10-22T00:31:49Z |
| ghsa-c655-3j45-33xw | Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerabil… | 2022-05-24T17:03:14Z | 2025-10-22T00:31:49Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2021-31166 | 9.8 (v3.1) | HTTP Protocol Stack Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 2004 |
2021-05-11T19:11:19.000Z | 2025-10-21T23:25:45.988Z |
| cve-2021-31207 | 6.6 (v3.1) | Microsoft Exchange Server Security Feature Bypass Vuln… |
Microsoft |
Microsoft Exchange Server 2013 Cumulative Update 23 |
2021-05-11T19:11:41.000Z | 2025-10-21T23:25:45.697Z |
| cve-2021-28799 | Improper Authorization Vulnerability in HBS 3 (Hybrid … |
QNAP Systems Inc. |
HBS 3 |
2021-05-13T02:55:13.827Z | 2025-10-21T23:25:45.551Z | |
| cve-2021-3517 | N/A | There is a flaw in the xml entity encoding functi… |
n/a |
libxml2 |
2021-05-19T13:45:00.000Z | 2025-12-02T21:34:00.585Z |
| cve-2021-3426 | N/A | There's a flaw in Python 3's pydoc. A local or ad… |
n/a |
python |
2021-05-20T00:00:00.000Z | 2025-12-18T11:45:56.551Z |
| cve-2020-26560 | N/A | Bluetooth Mesh Provisioning in the Bluetooth Mesh… |
n/a |
n/a |
2021-05-24T17:06:57.000Z | 2025-11-04T19:12:21.032Z |
| cve-2020-26559 | N/A | Bluetooth Mesh Provisioning in the Bluetooth Mesh… |
n/a |
n/a |
2021-05-24T17:13:12.000Z | 2025-11-04T19:12:19.938Z |
| cve-2020-26558 | N/A | Bluetooth LE and BR/EDR secure pairing in Bluetoo… |
n/a |
n/a |
2021-05-24T17:22:16.000Z | 2025-11-04T19:12:18.753Z |
| cve-2020-26557 | N/A | Mesh Provisioning in the Bluetooth Mesh profile 1… |
n/a |
n/a |
2021-05-24T17:28:56.000Z | 2025-11-04T19:12:17.663Z |
| cve-2020-26555 | N/A | Bluetooth legacy BR/EDR PIN code pairing in Bluet… |
n/a |
n/a |
2021-05-24T17:41:15.000Z | 2025-11-04T19:12:16.581Z |
| cve-2021-29256 | N/A | . The Arm Mali GPU kernel driver allows an unpriv… |
n/a |
n/a |
2021-05-24T17:56:27.000Z | 2025-10-21T23:25:45.386Z |
| cve-2021-27562 | N/A | In Arm Trusted Firmware M through 1.2, the NS wor… |
n/a |
n/a |
2021-05-25T18:27:20.000Z | 2025-10-21T23:25:45.217Z |
| cve-2021-30498 | N/A | A flaw was found in libcaca. A heap buffer overfl… |
n/a |
libcaca |
2021-05-26T00:00:00.000Z | 2025-11-03T19:25:45.270Z |
| cve-2021-21985 | N/A | The vSphere Client (HTML5) contains a remote code… |
n/a |
VMware vCenter Server and VMware Cloud Foundation |
2021-05-26T14:04:30.000Z | 2025-10-21T23:25:44.978Z |
| cve-2021-30499 | N/A | A flaw was found in libcaca. A buffer overflow of… |
n/a |
libcaca |
2021-05-26T23:50:10.000Z | 2025-11-03T19:25:46.633Z |
| cve-2021-22894 | N/A | A buffer overflow vulnerability exists in Pulse C… |
n/a |
Pulse Connect Secure |
2021-05-27T11:15:11.000Z | 2025-10-21T23:25:44.830Z |
| cve-2021-22899 | N/A | A command injection vulnerability exists in Pulse… |
n/a |
Pulse Connect Secure |
2021-05-27T11:15:22.000Z | 2025-10-21T23:25:44.693Z |
| cve-2021-22900 | N/A | A vulnerability allowed multiple unrestricted upl… |
n/a |
Pulse Secure Secure |
2021-05-27T11:15:27.000Z | 2025-10-21T23:25:44.296Z |
| cve-2021-27852 | Deserialization of Untrusted Data vulnerability i… |
Checkbox |
Survey |
2021-05-27T20:55:11.000Z | 2025-10-21T23:25:44.136Z | |
| cve-2017-20005 | N/A | NGINX before 1.13.6 has a buffer overflow for yea… |
n/a |
n/a |
2021-06-06T21:04:06.000Z | 2025-12-05T14:54:13.321Z |
| cve-2021-20698 | N/A | Sharp NEC Displays (UN462A R1.300 and prior to it… |
Sharp Display Solutions, Ltd. |
UN462A |
2021-06-07T13:25:26.000Z | 2025-12-08T15:51:59.123Z |
| cve-2021-20699 | N/A | Sharp NEC Displays ((UN462A R1.300 and prior to i… |
Sharp Display Solutions, Ltd. |
UN462A |
2021-06-07T13:25:33.000Z | 2025-12-08T15:51:04.541Z |
| cve-2021-30533 | N/A | Insufficient policy enforcement in PopupBlocker i… |
Google |
Chrome |
2021-06-07T19:25:48.000Z | 2025-10-21T23:25:43.992Z |
| cve-2021-33560 | N/A | Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mis… |
n/a |
n/a |
2021-06-08T00:00:00.000Z | 2025-12-03T14:39:10.763Z |
| cve-2021-1675 | 7.8 (v3.1) | Windows Print Spooler Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2021-06-08T22:46:11.000Z | 2025-10-21T23:25:43.841Z |
| cve-2021-31199 | 5.2 (v3.1) | Microsoft Enhanced Cryptographic Provider Elevation of… |
Microsoft |
Windows 10 Version 1809 |
2021-06-08T22:46:13.000Z | 2025-10-21T23:25:43.672Z |
| cve-2021-31201 | 5.2 (v3.1) | Microsoft Enhanced Cryptographic Provider Elevation of… |
Microsoft |
Windows 10 Version 1809 |
2021-06-08T22:46:13.000Z | 2025-10-21T23:25:43.529Z |
| cve-2021-31955 | 5.5 (v3.1) | Windows Kernel Information Disclosure Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2021-06-08T22:46:25.000Z | 2025-10-21T23:25:43.374Z |
| cve-2021-31956 | 7.8 (v3.1) | Windows NTFS Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2021-06-08T22:46:25.000Z | 2025-10-21T23:25:43.228Z |
| cve-2021-33739 | 8.4 (v3.1) | Microsoft DWM Core Library Elevation of Privilege Vuln… |
Microsoft |
Windows 10 Version 1909 |
2021-06-08T22:46:43.000Z | 2025-10-21T23:25:43.048Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2019-7192 | N/A | This improper access control vulnerability allows… |
n/a |
QNAP NAS devices running Photo Station |
2019-12-05T16:17:29.000Z | 2025-10-21T23:35:57.175Z |
| cve-2019-7193 | N/A | This improper input validation vulnerability allo… |
n/a |
QNAP NAS devices |
2019-12-05T16:22:19.000Z | 2025-10-21T23:35:57.020Z |
| cve-2019-7194 | N/A | This external control of file name or path vulner… |
n/a |
QNAP NAS devices running Photo Station |
2019-12-05T16:30:53.000Z | 2025-10-21T23:35:56.883Z |
| cve-2019-7195 | N/A | This external control of file name or path vulner… |
n/a |
QNAP NAS devices running Photo Station |
2019-12-05T16:34:38.000Z | 2025-10-21T23:35:56.749Z |
| cve-2019-5544 | N/A | OpenSLP as used in ESXi and the Horizon DaaS appl… |
n/a |
ESXi and Horizon DaaS |
2019-12-06T15:54:18.000Z | 2025-10-21T23:35:56.590Z |
| cve-2019-1458 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2019-12-10T21:40:57.000Z | 2025-10-21T23:35:56.426Z |
| cve-2019-18935 | N/A | Progress Telerik UI for ASP.NET AJAX through 2019… |
n/a |
n/a |
2019-12-11T00:00:00.000Z | 2025-10-21T23:35:56.289Z |
| cve-2019-7481 | N/A | Vulnerability in SonicWall SMA100 allow unauthent… |
SonicWall |
SMA100 |
2019-12-17T22:25:16.000Z | 2025-10-21T23:35:56.139Z |
| cve-2019-4716 | IBM Planning Analytics 2.0.0 through 2.0.8 is vul… |
IBM |
Planning Analytics |
2019-12-18T16:15:16.452Z | 2025-10-21T23:35:55.984Z | |
| cve-2019-7286 | N/A | A memory corruption issue was addressed with impr… |
Apple |
iOS |
2019-12-18T17:33:16.000Z | 2025-10-21T23:35:55.589Z |
| cve-2019-7287 | N/A | A memory corruption issue was addressed with impr… |
Apple |
iOS |
2019-12-18T17:33:15.000Z | 2025-10-21T23:35:55.813Z |
| cve-2019-8506 | N/A | A type confusion issue was addressed with improve… |
Apple |
iOS |
2019-12-18T17:33:16.000Z | 2025-10-21T23:35:55.429Z |
| cve-2019-8526 | N/A | A use after free issue was addressed with improve… |
Apple |
macOS |
2019-12-18T17:33:16.000Z | 2025-10-21T23:35:55.289Z |
| cve-2019-8605 | N/A | A use after free issue was addressed with improve… |
Apple |
iOS |
2019-12-18T17:33:18.000Z | 2025-10-21T23:35:55.110Z |
| cve-2018-1311 | N/A | The Apache Xerces-C 3.0.0 to 3.2.3 XML parser con… |
Apache Software Foundation |
Apache Xerces-C |
2019-12-18T00:00:00.000Z | 2025-11-04T18:14:14.531Z |
| cve-2019-1387 | N/A | An issue was found in Git before v2.24.1, v2.23.1… |
Microsoft Corporation |
Git |
2019-12-18T20:11:53.000Z | 2025-11-04T16:09:13.231Z |
| cve-2019-7483 | N/A | In SonicWall SMA100, an unauthenticated Directory… |
SonicWall |
SMA100 |
2019-12-19T00:35:43.000Z | 2025-10-21T23:35:54.935Z |
| cve-2019-19956 | N/A | xmlParseBalancedChunkMemoryRecover in parser.c in… |
n/a |
n/a |
2019-12-24T15:12:57.000Z | 2025-12-03T18:29:29.480Z |
| cve-2019-10758 | N/A | mongo-express before 0.54.0 is vulnerable to Remo… |
n/a |
mongo-express |
2019-12-24T21:08:36.000Z | 2025-10-21T23:35:54.793Z |
| cve-2019-19781 | N/A | An issue was discovered in Citrix Application Del… |
n/a |
n/a |
2019-12-27T13:06:46.000Z | 2025-10-21T23:35:54.648Z |
| cve-2019-20085 | N/A | TVT NVMS-1000 devices allow GET /.. Directory Traversal |
n/a |
n/a |
2019-12-30T02:28:29.000Z | 2025-10-21T23:35:54.497Z |
| cve-2019-17558 | N/A | Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulner… |
n/a |
Apache Solr |
2019-12-30T16:36:08.000Z | 2025-10-21T23:35:54.150Z |
| cve-2019-17621 | N/A | The UPnP endpoint URL /gena.cgi in the D-Link DIR… |
n/a |
n/a |
2019-12-30T16:09:17.000Z | 2025-10-21T23:35:54.315Z |
| cve-2019-16790 | Remote Code Execution in Tiny File Manager |
Tiny File Manager |
Tiny File Manager |
2019-12-30T19:15:14 | 2024-08-05T01:24:48.387Z | |
| cve-2019-14863 | There is a vulnerability in all angular versions … |
Red Hat |
angular: |
2020-01-02T14:20:50 | 2024-08-05T00:26:39.196Z | |
| cve-2020-5510 | N/A | PHPGurukul Hostel Management System v2.0 allows S… |
n/a |
n/a |
2020-01-08T17:32:49.000Z | 2025-11-11T18:20:39.843Z |
| cve-2019-9812 | N/A | Given a compromised sandboxed content process due… |
Mozilla |
Firefox ESR |
2020-01-08T21:41:06 | 2024-08-04T22:01:54.689Z |
| cve-2020-0601 | N/A | A spoofing vulnerability exists in the way Window… |
Microsoft |
Windows |
2020-01-14T23:11:20.000Z | 2025-10-21T23:35:53.978Z |
| cve-2020-0638 | N/A | An elevation of privilege vulnerability exists in… |
Microsoft |
Windows |
2020-01-14T23:11:35.000Z | 2025-10-21T23:35:53.819Z |
| cve-2020-0646 | N/A | A remote code execution vulnerability exists when… |
Microsoft |
Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2 |
2020-01-14T23:11:38.000Z | 2025-10-21T23:35:53.664Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-a861a1b1fd666a56 | Pentesting or research code in chain00x (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a95ae4f8a374465b | Pentesting or research code in wasig4321 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a9b09fddb2e713c5 | Pentesting or research code in sklearns (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-a9bcdecd02cbe4e6 | Pentesting or research code in pydiolag6688 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ab3a2e41c89efbfa | Pentesting or research code in aiopbotocore (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ac46cb60f0875363 | Pentesting or research code in graphcore-cloud-tools (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ac9157a60c675576 | Pentesting or research code in libspatialindex (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ada8c4232f51dd43 | Pentesting or research code in arnold-toolbox (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-aede90914832dcbb | Pentesting or research code in rapyd-logger (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-aef5897e3e41898c | Pentesting or research code in hello-world-installer-test (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-af6d29f552749830 | Pentesting or research code in globrex (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b13d01b97f019791 | Pentesting or research code in wr-test (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b1d6624169e8b51b | Pentesting or research code in dependency908 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b2737cac48f109d9 | Pentesting or research code in optimux (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b296048ddff2480d | Pentesting or research code in python-drgn-commons-notebooks (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b2b16bcb5b1deabf | Pentesting or research code in deepseekai (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b36366cbc65a0e7a | Pentesting or research code in postgresql-connector-python (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b578abcc63323112 | Pentesting or research code in kms-tls-sdk (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b661819d2457bce1 | Pentesting or research code in multiutils (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b675638019d08df4 | Pentesting or research code in matlibplot (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b67e1d0a9f54f2ca | Pentesting or research code in masirkhan (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b6a9045d673f8b20 | Pentesting or research code in gwpythonsectt1 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b6b268ce057d03d0 | Pentesting or research code in murkh1111 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b73d94e4cfd78613 | Pentesting or research code in confirmedbywaseem (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b84a7ac7e82cf445 | Pentesting or research code in quizdom (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b94beda1abe6cca6 | Pentesting or research code in c8test (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-b9a3d67880a71829 | Pentesting or research code in testresearchpackagedc (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-bb5eb354916e4d9f | Pentesting or research code in search-python-common (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-bbbe44a9dde17f1d | Pentesting or research code in manojmacpy (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-bc1ea66b7bd97f15 | Pentesting or research code in blab111 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2007:0089 | Red Hat Security Advisory: php security update for Stronghold | 2007-02-26T09:49:00+00:00 | 2025-11-21T17:31:18+00:00 |
| rhsa-2007:0085 | Red Hat Security Advisory: kernel security update | 2007-02-27T07:41:00+00:00 | 2025-11-21T17:31:17+00:00 |
| rhsa-2007:0078 | Red Hat Security Advisory: thunderbird security update | 2007-03-02T18:27:00+00:00 | 2025-11-21T17:31:15+00:00 |
| rhsa-2007:0096 | Red Hat Security Advisory: mod_jk security update | 2007-03-02T18:30:00+00:00 | 2025-11-21T17:31:23+00:00 |
| rhsa-2007:0106 | Red Hat Security Advisory: gnupg security update | 2007-03-06T09:15:00+00:00 | 2025-11-21T17:31:20+00:00 |
| rhsa-2007:0075 | Red Hat Security Advisory: spamassassin security update | 2007-03-13T23:23:00+00:00 | 2025-11-21T17:31:18+00:00 |
| rhsa-2007:0107 | Red Hat Security Advisory: gnupg security update | 2007-03-14T00:18:00+00:00 | 2025-11-21T17:31:20+00:00 |
| rhsa-2007:0108 | Red Hat Security Advisory: thunderbird security update | 2007-03-14T00:24:00+00:00 | 2025-11-21T17:31:20+00:00 |
| rhsa-2007:0087 | Red Hat Security Advisory: ekiga security update | 2007-03-14T00:47:00+00:00 | 2025-11-21T17:31:18+00:00 |
| rhsa-2007:0082 | Red Hat Security Advisory: php security update | 2007-03-14T02:01:00+00:00 | 2025-11-21T17:31:17+00:00 |
| rhsa-2007:0057 | Red Hat Security Advisory: bind security update | 2007-03-14T04:51:00+00:00 | 2025-11-21T17:31:09+00:00 |
| rhsa-2007:0061 | Red Hat Security Advisory: samba security update | 2007-03-14T04:55:00+00:00 | 2025-11-21T17:31:09+00:00 |
| rhsa-2007:0097 | Red Hat Security Advisory: firefox security update | 2007-03-14T05:02:00+00:00 | 2025-11-21T17:31:20+00:00 |
| rhsa-2007:0114 | Red Hat Security Advisory: xen security update | 2007-03-14T05:06:00+00:00 | 2025-11-21T17:31:20+00:00 |
| rhsa-2007:0068 | Red Hat Security Advisory: postgresql security update | 2007-03-14T05:07:00+00:00 | 2025-11-21T17:31:12+00:00 |
| rhsa-2007:0099 | Red Hat Security Advisory: kernel security and bug fix update | 2007-03-14T05:22:00+00:00 | 2025-11-21T17:31:20+00:00 |
| rhsa-2007:0066 | Red Hat Security Advisory: wireshark security update | 2007-03-14T16:29:00+00:00 | 2025-11-21T17:31:10+00:00 |
| rhsa-2007:0055 | Red Hat Security Advisory: libwpd security update | 2007-03-16T14:18:00+00:00 | 2025-11-21T17:31:08+00:00 |
| rhsa-2007:0033 | Red Hat Security Advisory: openoffice.org security update | 2007-03-22T10:37:00+00:00 | 2025-11-21T17:31:07+00:00 |
| rhsa-2007:0069 | Red Hat Security Advisory: openoffice.org security update | 2007-03-22T13:40:00+00:00 | 2025-11-21T17:31:12+00:00 |
| rhsa-2007:0124 | Red Hat Security Advisory: file security update | 2007-03-23T10:08:00+00:00 | 2025-11-21T17:31:22+00:00 |
| rhsa-2007:0095 | Red Hat Security Advisory: krb5 security update | 2007-04-03T18:20:00+00:00 | 2025-11-21T17:31:19+00:00 |
| rhsa-2007:0132 | Red Hat Security Advisory: libXfont security update | 2007-04-03T18:30:00+00:00 | 2025-11-21T17:31:23+00:00 |
| rhsa-2007:0127 | Red Hat Security Advisory: xorg-x11-server security update | 2007-04-03T18:43:00+00:00 | 2025-11-21T17:31:22+00:00 |
| rhsa-2007:0126 | Red Hat Security Advisory: xorg-x11 security update | 2007-04-03T18:48:00+00:00 | 2025-11-21T17:31:22+00:00 |
| rhsa-2007:0131 | Red Hat Security Advisory: squid security update | 2007-04-03T18:53:00+00:00 | 2025-11-21T17:31:22+00:00 |
| rhsa-2007:0152 | Red Hat Security Advisory: mysql security update | 2007-04-03T18:58:00+00:00 | 2025-11-21T17:31:25+00:00 |
| rhsa-2007:0125 | Red Hat Security Advisory: XFree86 security update | 2007-04-03T19:10:00+00:00 | 2025-11-21T17:31:22+00:00 |
| rhsa-2007:0164 | Red Hat Security Advisory: mod_jk security update | 2007-04-12T23:31:00+00:00 | 2025-11-21T17:31:27+00:00 |
| rhsa-2007:0162 | Red Hat Security Advisory: php security update | 2007-04-16T11:24:00+00:00 | 2025-11-21T17:31:26+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-20268 | An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-03-02T00:00:00.000Z | 2021-03-25T00:00:00.000Z |
| msrc_cve-2021-20270 | An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file as demonstrated by input that only contains the "exception" keyword. | 2021-03-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-20271 | A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package whose signature header was modified to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity confidentiality and system availability. | 2021-03-02T00:00:00.000Z | 2021-04-01T00:00:00.000Z |
| msrc_cve-2021-20286 | A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. | 2021-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-21334 | environment variable leak | 2021-03-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2021-22134 | A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view. | 2021-03-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2021-23358 | Arbitrary Code Injection | 2021-03-02T00:00:00.000Z | 2025-09-03T21:42:37.000Z |
| msrc_cve-2021-24032 | Beginning in v1.4.1 and prior to v1.4.9 due to an incomplete fix for CVE-2021-24031 the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties. | 2021-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-27291 | In pygments 1.1+ fixed in 2.7.4 the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input an attacker can cause a denial of service. | 2021-03-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-27363 | An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem the transport's handle is available to unprivileged users via the sysfs file system at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27364 | An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27365 | An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI and has a length up to the maximum length of a Netlink message. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-27506 | The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19 3.11.7 and 4.2.1. | 2021-03-02T00:00:00.000Z | 2021-03-25T00:00:00.000Z |
| msrc_cve-2021-27918 | encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode DecodeElement or Skip method. | 2021-03-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-27928 | A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37 10.3 before 10.3.28 10.4 before 10.4.18 and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product. | 2021-03-02T00:00:00.000Z | 2021-03-27T00:00:00.000Z |
| msrc_cve-2021-28041 | ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios such as unconstrained agent-socket access on a legacy operating system or the forwarding of an agent to an attacker-controlled host. | 2021-03-02T00:00:00.000Z | 2021-03-10T00:00:00.000Z |
| msrc_cve-2021-28153 | An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink it incorrectly also creates the target of the symlink as an empty file which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists then the contents of that file correctly remain unchanged.) | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28361 | An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected) the iSCSI target can crash with a NULL pointer dereference. | 2021-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2021-28375 | An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28543 | Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service (daemon restart) in some configurations. This does not affect organizations that only install the Varnish Cache product; however, it is common to install both Varnish Cache and varnish-modules. Specifically, an assertion failure or NULL pointer dereference can be triggered in Varnish Cache through the varnish-modules header.append() and header.copy() functions. For some Varnish Configuration Language (VCL) files, this gives remote clients an opportunity to cause a Varnish Cache restart. A restart reduces overall availability and performance due to an increased number of cache misses, and may cause higher load on backend servers. | 2021-03-02T00:00:00.000Z | 2025-10-01T23:11:09.000Z |
| msrc_cve-2021-28660 | rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases CVE IDs are not normally used for drivers/staging/* (unfinished work); however system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28831 | decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer with a resultant invalid free or segmentation fault via malformed gzip data. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28950 | An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode aka CID-775c5033a0d1. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28951 | An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread but concurrently that SQPOLL thread is waiting for a signal to start aka CID-3ebba796fa25. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28952 | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28957 | An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safe_attrs_only and forms arguments the Cleaner class does not remove the formaction attribute allowing for JS to bypass the sanitizer. A remote attacker could exploit this flaw to run arbitrary JS code on users who interact with incorrectly sanitized HTML. This issue is patched in lxml 4.6.3. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28964 | A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation aka CID-dbcc7d57bffc. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28971 | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled aka CID-d88d05a9e0b6. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28972 | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8 the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination aka CID-cc7a0bb058b8. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-29264 | An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled aka CID-d8861bab48b6. | 2021-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000004 | NeoFiler vulnerable to directory traversal | 2014-01-10T14:44+09:00 | 2014-01-15T12:32+09:00 |
| jvndb-2014-000005 | EC-CUBE vulnerable to information alteration | 2014-01-22T15:27+09:00 | 2014-01-27T09:51+09:00 |
| jvndb-2014-000006 | EC-CUBE vulnerable to authorization bypass | 2014-01-22T15:28+09:00 | 2024-05-15T14:59+09:00 |
| jvndb-2014-000007 | Information disclosure vulnerability in Sleipnir Mobile for Android | 2014-01-22T15:29+09:00 | 2014-01-27T09:47+09:00 |
| jvndb-2014-001203 | A Problem of CPU Consumption in Host Data Collector bundled with Hitachi Device Manager Software | 2014-01-22T18:06+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000008 | SimZip (Simple Zip Viewer) vulnerable to directory traversal | 2014-01-24T12:34+09:00 | 2014-01-28T18:03+09:00 |
| jvndb-2014-000009 | OpenPNE vulnerable to PHP Object Injection | 2014-01-24T12:36+09:00 | 2014-01-28T18:02+09:00 |
| jvndb-2014-000010 | Multiple SQL injection vulnerabilities in Cybozu Garoon | 2014-01-28T14:40+09:00 | 2014-01-30T14:22+09:00 |
| jvndb-2014-000011 | Sanshiro Series vulnerable to arbitrary code execution | 2014-01-28T14:48+09:00 | 2014-01-30T14:24+09:00 |
| jvndb-2014-000013 | Joyful Note vulnerable to cross-site scripting | 2014-01-31T13:41+09:00 | 2014-02-04T17:38+09:00 |
| jvndb-2014-000014 | Opera browser for Android issue in handling intent scheme URL's | 2014-02-06T12:20+09:00 | 2014-02-10T19:09+09:00 |
| jvndb-2014-000015 | phpMyFAQ vulnerable to cross-site scripting | 2014-02-07T12:25+09:00 | 2014-02-20T14:00+09:00 |
| jvndb-2014-000016 | phpMyFAQ vulnerable to cross-site request forgery | 2014-02-07T12:26+09:00 | 2014-02-20T13:58+09:00 |
| jvndb-2014-000017 | Apache Commons FileUpload vulnerable to denial-of-service (DoS) | 2014-02-10T17:21+09:00 | 2016-12-27T11:49+09:00 |
| jvndb-2014-000012 | Blackboard Vista/CE vulnerable to cross-site scripting | 2014-02-21T14:12+09:00 | 2014-02-25T16:40+09:00 |
| jvndb-2014-000019 | AutoCAD vulnerable to arbitrary VBScript execution | 2014-02-21T14:16+09:00 | 2014-02-25T16:39+09:00 |
| jvndb-2014-000020 | AutoCAD may insecurely load dynamic libraries | 2014-02-21T14:19+09:00 | 2014-02-25T16:38+09:00 |
| jvndb-2014-000025 | XooNIps vulnerable to cross-site scripting | 2014-02-26T15:19+09:00 | 2014-03-03T18:50+09:00 |
| jvndb-2014-000026 | Norman Security Suite vulnerable to privilege escalation | 2014-02-26T15:20+09:00 | 2014-03-03T18:47+09:00 |
| jvndb-2014-000021 | Cybozu Garoon vulnerable to session management | 2014-02-26T15:21+09:00 | 2014-03-03T18:45+09:00 |
| jvndb-2014-000022 | Denny's App for Android. contains an issue where it fails to verify SSL server certificates | 2014-02-26T15:21+09:00 | 2014-03-03T18:49+09:00 |
| jvndb-2014-000023 | Cybozu Garoon vulnerable to directory traversal | 2014-02-26T15:22+09:00 | 2014-03-03T18:44+09:00 |
| jvndb-2014-000024 | Cybozu Garoon vulnerable to SQL injection | 2014-02-26T15:23+09:00 | 2014-03-03T18:42+09:00 |
| jvndb-2014-001593 | JP1/Integrated Management - Service Support vulnerable to cross-site scripting | 2014-03-11T15:54+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-001594 | JP1/File Transmission Server / FTP vulnerable to access control violation | 2014-03-11T16:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000030 | Demaecan for Android. contains an issue where it fails to verify SSL server certificates | 2014-03-17T13:43+09:00 | 2014-03-19T15:14+09:00 |
| jvndb-2014-000031 | Unzipper vulnerable to directory traversal | 2014-03-17T13:45+09:00 | 2014-03-19T15:15+09:00 |
| jvndb-2014-000027 | sp mode mail issue when accessing attachments in incoming mail | 2014-03-18T14:07+09:00 | 2014-03-24T19:04+09:00 |
| jvndb-2014-000028 | sp mode mail issue where emails in the process of creation may be accessed | 2014-03-18T14:08+09:00 | 2014-03-25T19:24+09:00 |
| jvndb-2014-000029 | sp mode mail vulnerability where Java methods may be executed | 2014-03-18T14:09+09:00 | 2014-03-25T19:25+09:00 |
| ID | Description | Updated |
|---|