Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-23220 |
N/A
|
ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_o… |
Linux |
Linux |
2026-02-18T14:53:23.376Z | 2026-02-23T03:16:23.982Z |
| CVE-2025-71237 |
N/A
|
nilfs2: Fix potential block overflow that cause system hang |
Linux |
Linux |
2026-02-18T14:53:22.436Z | 2026-02-23T03:16:22.003Z |
| CVE-2025-71236 |
N/A
|
scsi: qla2xxx: Validate sp before freeing associated memory |
Linux |
Linux |
2026-02-18T14:53:21.339Z | 2026-02-23T03:16:20.252Z |
| CVE-2025-71235 |
N/A
|
scsi: qla2xxx: Delay module unload while fabric scan i… |
Linux |
Linux |
2026-02-18T14:53:20.222Z | 2026-02-23T03:16:18.318Z |
| CVE-2025-71234 |
N/A
|
wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add |
Linux |
Linux |
2026-02-18T14:53:18.893Z | 2026-02-23T03:16:16.722Z |
| CVE-2025-71233 |
N/A
|
PCI: endpoint: Avoid creating sub-groups asynchronously |
Linux |
Linux |
2026-02-18T14:53:17.926Z | 2026-02-23T03:16:14.735Z |
| CVE-2025-71232 |
N/A
|
scsi: qla2xxx: Free sp in error path to fix system crash |
Linux |
Linux |
2026-02-18T14:53:16.709Z | 2026-02-23T03:16:12.756Z |
| CVE-2025-71231 |
N/A
|
crypto: iaa - Fix out-of-bounds index in find_empty_ia… |
Linux |
Linux |
2026-02-18T14:53:15.668Z | 2026-02-23T03:16:10.782Z |
| CVE-2025-71230 |
N/A
|
hfs: ensure sb->s_fs_info is always cleaned up |
Linux |
Linux |
2026-02-18T14:53:14.519Z | 2026-02-23T03:16:08.802Z |
| CVE-2025-71229 |
N/A
|
wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() |
Linux |
Linux |
2026-02-18T14:53:13.412Z | 2026-02-23T03:16:06.988Z |
| CVE-2026-2447 |
8.8 (3.1)
|
Heap buffer overflow in libvpx |
Mozilla |
Firefox |
2026-02-16T14:13:23.559Z | 2026-02-22T21:05:42.890Z |
| CVE-2026-26930 |
7.2 (3.1)
|
SmarterTools SmarterMail before 9526 allows XSS v… |
SmarterTools |
SmarterMail |
2026-02-16T16:27:14.946Z | 2026-02-22T19:08:16.471Z |
| CVE-2025-60711 |
6.3 (3.1)
|
Microsoft Edge (Chromium-based) Remote Code Execution … |
Microsoft |
Microsoft Edge (Chromium-based) |
2025-10-31T19:29:01.444Z | 2026-02-22T17:26:17.376Z |
| CVE-2025-59501 |
4.8 (3.1)
|
Microsoft Configuration Manager Spoofing Vulnerability |
Microsoft |
Microsoft Configuration Manager |
2025-10-31T16:45:40.699Z | 2026-02-22T17:26:16.812Z |
| CVE-2025-59503 |
10 (3.1)
|
Azure Compute Resource Provider Elevation of Privilege… |
Microsoft |
Azure Compute Resource Provider |
2025-10-23T21:18:06.047Z | 2026-02-22T17:26:15.321Z |
| CVE-2025-59500 |
7.7 (3.1)
|
Azure Notification Service Elevation of Privilege Vuln… |
Microsoft |
Azure Notification Service |
2025-10-23T21:07:30.428Z | 2026-02-22T17:26:15.972Z |
| CVE-2025-59273 |
7.3 (3.1)
|
Azure Event Grid System Elevation of Privilege Vulnerability |
Microsoft |
Azure Event Grid System |
2025-10-23T21:17:49.064Z | 2026-02-22T17:26:14.421Z |
| CVE-2025-59286 |
9.3 (3.1)
|
Copilot Information Disclosure Vulnerability |
Microsoft |
Microsoft 365 Copilot's Business Chat |
2025-10-09T21:04:15.392Z | 2026-02-22T17:26:13.748Z |
| CVE-2025-55321 |
9.3 (3.1)
|
Azure Monitor Log Analytics Spoofing Vulnerability |
Microsoft |
Azure Monitor |
2025-10-09T21:04:12.117Z | 2026-02-22T17:26:13.128Z |
| CVE-2025-59272 |
9.3 (3.1)
|
Copilot Information Disclosure Vulnerability |
Microsoft |
Microsoft 365 Copilot's Business Chat |
2025-10-09T21:04:14.254Z | 2026-02-22T17:26:12.621Z |
| CVE-2025-59271 |
8.7 (3.1)
|
Redis Enterprise Elevation of Privilege Vulnerability |
Microsoft |
Azure Cache for Redis Enterprise |
2025-10-09T21:04:13.580Z | 2026-02-22T17:26:11.958Z |
| CVE-2025-59252 |
9.3 (3.1)
|
M365 Copilot Information Disclosure Vulnerability |
Microsoft |
Microsoft 365 Word Copilot |
2025-10-09T21:04:12.988Z | 2026-02-22T17:26:11.465Z |
| CVE-2025-59247 |
8.8 (3.1)
|
Azure PlayFab Elevation of Privilege Vulnerability |
Microsoft |
Azure PlayFab |
2025-10-09T21:04:10.867Z | 2026-02-22T17:26:10.829Z |
| CVE-2025-59246 |
9.8 (3.1)
|
Azure Entra ID Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Entra |
2025-10-09T21:04:09.291Z | 2026-02-22T17:26:10.159Z |
| CVE-2025-59218 |
9.6 (3.1)
|
Azure Entra ID Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Entra |
2025-10-09T21:04:07.739Z | 2026-02-22T17:26:09.569Z |
| CVE-2025-59497 |
7 (3.1)
|
Microsoft Defender for Linux Denial of Service Vulnerability |
Microsoft |
Microsoft Defender for Endpoint for Linux |
2025-10-14T17:01:48.832Z | 2026-02-22T17:26:08.986Z |
| CVE-2025-59289 |
7 (3.1)
|
Windows Bluetooth Service Elevation of Privilege Vulne… |
Microsoft |
Windows 10 Version 21H2 |
2025-10-14T17:01:48.272Z | 2026-02-22T17:26:08.390Z |
| CVE-2025-59287 |
9.8 (3.1)
|
Windows Server Update Service (WSUS) Remote Code Execu… |
Microsoft |
Windows Server 2012 |
2025-10-14T17:01:47.629Z | 2026-02-22T17:26:07.844Z |
| CVE-2025-59285 |
7 (3.1)
|
Azure Monitor Agent Elevation of Privilege Vulnerability |
Microsoft |
Azure Monitor |
2025-10-14T17:01:46.994Z | 2026-02-22T17:26:07.147Z |
| CVE-2025-59278 |
7.8 (3.1)
|
Windows Authentication Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1507 |
2025-10-14T17:01:46.365Z | 2026-02-22T17:26:06.456Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-7517 |
8.5 (4.0)
|
Privileged escalation via crafted use of portcfg command |
Brocade |
Fabric OS |
2024-11-21T05:53:34.442Z | 2025-09-09T19:02:20.886Z |
| CVE-2025-66405 |
6.9 (4.0)
|
Portkey.ai Gateway: Server-Side Request Forgery (SSRF)… |
Portkey-AI |
gateway |
2025-12-01T22:25:36.311Z | 2025-12-02T14:11:29.966Z |
| CVE-2025-7808 |
6.1 (3.1)
|
WP Shopify < 1.5.4 - Reflected XSS |
Unknown |
WP Shopify |
2025-08-14T06:00:05.544Z | 2025-08-14T13:29:10.567Z |
| CVE-2026-25521 |
9.4 (4.0)
|
Locutus is vulnerable to Prototype Pollution |
locutusjs |
locutus |
2026-02-04T21:20:32.643Z | 2026-02-05T14:31:43.203Z |
| CVE-2026-25517 |
5.1 (4.0)
|
Wagtail has improper permission handling on admin prev… |
wagtail |
wagtail |
2026-02-04T20:48:19.160Z | 2026-02-05T14:32:08.136Z |
| CVE-2026-25481 |
9.4 (4.0)
|
Langroid has WAF Bypass Leading to RCE in TableChatAgent |
langroid |
langroid |
2026-02-04T20:03:32.017Z | 2026-02-04T20:40:26.952Z |
| CVE-2025-68699 |
6.5 (3.1)
|
NanoMQ $share/ Subscription Validation and Forwarding … |
nanomq |
nanomq |
2026-02-04T19:25:12.716Z | 2026-02-04T19:51:10.769Z |
| CVE-2024-0407 |
6.5 (3.1)
|
Certain HP Enterprise LaserJet, HP LaserJet Managed Pr… |
HP Inc. |
Certain HP Enterprise LaserJet, HP LaserJet Managed Printers |
2024-02-20T18:35:41.291Z | 2024-11-15T18:08:33.405Z |
| CVE-2025-71242 |
5.3 (4.0)
4.3 (3.1)
|
SPIP < 4.3.6 Authorization Bypass Leading to Content D… |
SPIP |
SPIP |
2026-02-19T14:58:14.582Z | 2026-02-20T20:30:04.920Z |
| CVE-2025-15563 |
5.3 (3.1)
|
Broken Access Control results in Denial of Service in … |
NesterSoft Inc. |
WorkTime (on-prem/cloud) |
2026-02-19T11:01:56.524Z | 2026-02-20T20:35:11.872Z |
| CVE-2025-15562 |
6.1 (3.1)
|
Reflected Cross-Site Scripting in NesterSoft WorkTime |
NesterSoft Inc. |
WorkTime (on-prem/cloud) |
2026-02-19T10:54:52.516Z | 2026-02-20T20:34:10.495Z |
| CVE-2025-13590 |
9.1 (3.1)
|
Authenticated arbitrary file upload via a System REST … |
WSO2 |
WSO2 API Manager |
2026-02-19T10:05:06.083Z | 2026-02-20T20:33:02.933Z |
| CVE-2019-1258 |
N/A
|
Azure Active Directory Authentication Library Elevatio… |
Microsoft |
ADAL.NET |
2019-08-14T20:55:06.000Z | 2024-08-04T18:13:29.539Z |
| CVE-2019-1229 |
N/A
|
Dynamics On-Premise Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Dynamics 365 (on-premises) version 9.0 |
2019-08-14T20:55:06.000Z | 2024-08-04T18:13:30.206Z |
| CVE-2019-1228 |
5.5 (3.1)
|
Windows Kernel Information Disclosure Vulnerability |
Microsoft |
Windows 7 |
2019-08-14T20:55:06.000Z | 2024-08-04T18:13:29.252Z |
| CVE-2019-1227 |
5.5 (3.1)
|
Windows Kernel Information Disclosure Vulnerability |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.702Z |
| CVE-2019-1226 |
9.8 (3.1)
|
Remote Desktop Services Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.557Z |
| CVE-2019-1225 |
7.5 (3.1)
|
Remote Desktop Protocol Server Information Disclosure … |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:30.371Z |
| CVE-2019-1224 |
7.5 (3.1)
|
Remote Desktop Protocol Server Information Disclosure … |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.334Z |
| CVE-2019-1223 |
7.5 (3.1)
|
Windows Remote Desktop Protocol (RDP) Denial of Servic… |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.520Z |
| CVE-2019-1222 |
9.8 (3.1)
|
Remote Desktop Services Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.535Z |
| CVE-2019-1218 |
N/A
|
Outlook iOS Spoofing Vulnerability |
Microsoft |
Outlook for iOS |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:30.317Z |
| CVE-2019-1213 |
9.8 (3.1)
|
Windows DHCP Server Remote Code Execution Vulnerability |
Microsoft |
Windows Server 2008 Service Pack 2 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.693Z |
| CVE-2019-1212 |
9.8 (3.1)
|
Windows DHCP Server Denial of Service Vulnerability |
Microsoft |
Windows 10 Version 1803 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.460Z |
| CVE-2019-1211 |
N/A
|
Git for Visual Studio Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Visual Studio 2017 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.223Z |
| CVE-2019-1206 |
7.5 (3.1)
|
Windows DHCP Server Denial of Service Vulnerability |
Microsoft |
Windows Server, version 1803 (Server Core Installation) |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:30.215Z |
| CVE-2019-1205 |
9.8 (3.1)
|
Microsoft Word Remote Code Execution Vulnerability |
Microsoft |
Microsoft SharePoint Server 2019 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:30.290Z |
| CVE-2019-1204 |
N/A
|
Microsoft Outlook Elevation of Privilege Vulnerability |
Microsoft |
Microsoft Office 2019 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.173Z |
| CVE-2019-1203 |
N/A
|
Microsoft Office SharePoint XSS Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.068Z |
| CVE-2019-1202 |
N/A
|
SharePoint Information Disclosure Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016 |
2019-08-14T20:55:05.000Z | 2024-08-04T18:13:29.131Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-15563 | Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specifi… | 2026-02-19T11:15:56.983 | 2026-02-20T21:19:24.563 |
| fkie_cve-2025-15562 | The server API endpoint /report/internet/urls reflects received data into the HTML response without… | 2026-02-19T11:15:56.860 | 2026-02-20T21:19:24.343 |
| fkie_cve-2025-13590 | A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled … | 2026-02-19T10:16:11.003 | 2026-02-20T21:19:23.787 |
| fkie_cve-2019-1258 | An elevation of privilege vulnerability exists in Azure Active Directory Authentication Library On-… | 2019-08-14T21:15:19.173 | 2026-02-20T21:18:58.150 |
| fkie_cve-2019-1229 | An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfu… | 2019-08-14T21:15:19.097 | 2026-02-20T21:18:52.390 |
| fkie_cve-2019-1228 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects i… | 2019-08-14T21:15:19.033 | 2026-02-20T21:18:52.187 |
| fkie_cve-2019-1227 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects i… | 2019-08-14T21:15:18.953 | 2026-02-20T21:18:51.987 |
| fkie_cve-2019-1226 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Termina… | 2019-08-14T21:15:18.877 | 2026-02-20T21:18:51.740 |
| fkie_cve-2019-1225 | An information disclosure vulnerability exists when the Windows RDP server improperly discloses the… | 2019-08-14T21:15:18.813 | 2026-02-20T21:18:51.527 |
| fkie_cve-2019-1224 | An information disclosure vulnerability exists when the Windows RDP server improperly discloses the… | 2019-08-14T21:15:18.750 | 2026-02-20T21:18:51.297 |
| fkie_cve-2019-1223 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects… | 2019-08-14T21:15:18.690 | 2026-02-20T21:18:51.110 |
| fkie_cve-2019-1222 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Termina… | 2019-08-14T21:15:18.610 | 2026-02-20T21:18:50.893 |
| fkie_cve-2019-1218 | A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically craft… | 2019-08-14T21:15:18.547 | 2026-02-20T21:18:48.497 |
| fkie_cve-2019-1213 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends … | 2019-08-14T21:15:18.470 | 2026-02-20T21:18:47.393 |
| fkie_cve-2019-1212 | A memory corruption vulnerability exists in the Windows Server DHCP service when processing special… | 2019-08-14T21:15:18.423 | 2026-02-20T21:18:47.070 |
| fkie_cve-2019-1211 | An elevation of privilege vulnerability exists in Git for Visual Studio when it improperly parses c… | 2019-08-14T21:15:18.347 | 2026-02-20T21:18:46.940 |
| fkie_cve-2019-1206 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends … | 2019-08-14T21:15:18.283 | 2026-02-20T21:18:46.437 |
| fkie_cve-2019-1205 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly h… | 2019-08-14T21:15:18.220 | 2026-02-20T21:18:46.203 |
| fkie_cve-2019-1204 | An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incom… | 2019-08-14T21:15:18.157 | 2026-02-20T21:18:46.067 |
| fkie_cve-2019-1203 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properl… | 2019-08-14T21:15:18.097 | 2026-02-20T21:18:45.940 |
| fkie_cve-2019-1202 | An information disclosure vulnerability exists in the way Microsoft SharePoint handles session obje… | 2019-08-14T21:15:18.033 | 2026-02-20T21:18:45.813 |
| fkie_cve-2019-1201 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly h… | 2019-08-14T21:15:17.970 | 2026-02-20T21:18:45.557 |
| fkie_cve-2019-1200 | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properl… | 2019-08-14T21:15:17.907 | 2026-02-20T21:18:45.407 |
| fkie_cve-2019-1199 | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to proper… | 2019-08-14T21:15:17.847 | 2026-02-20T21:18:45.277 |
| fkie_cve-2019-1198 | An elevation of privilege exists in SyncController.dll. An attacker who successfully exploited the … | 2019-08-14T21:15:17.783 | 2026-02-20T21:18:45.037 |
| fkie_cve-2019-1197 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles ob… | 2019-08-14T21:15:17.720 | 2026-02-20T21:18:44.863 |
| fkie_cve-2019-1196 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles ob… | 2019-08-14T21:15:17.643 | 2026-02-20T21:18:44.707 |
| fkie_cve-2019-1195 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles ob… | 2019-08-14T21:15:17.580 | 2026-02-20T21:18:44.553 |
| fkie_cve-2019-1194 | A remote code execution vulnerability exists in the way that the scripting engine handles objects i… | 2019-08-14T21:15:17.517 | 2026-02-20T21:18:44.363 |
| fkie_cve-2019-1193 | A remote code execution vulnerability exists in the way that Microsoft browsers access objects in m… | 2019-08-14T21:15:17.440 | 2026-02-20T21:18:44.150 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-p5xg-68wr-hm3m |
8.1 (3.1)
|
jsPDF has a PDF Injection in AcroForm module allows Arbitrary JavaScript Execution (RadioButton.cre… | 2026-02-19T19:32:48Z | 2026-02-19T19:32:48Z |
| ghsa-9vjf-qc39-jprp |
8.1 (3.1)
|
jsPDF has a PDF Object Injection via Unsanitized Input in addJS Method | 2026-02-19T19:32:36Z | 2026-02-19T19:32:36Z |
| ghsa-qpc7-wrgr-p3hh |
4.4 (3.1)
4.8 (4.0)
|
Use of insecure directory in Spring Data Geode snapshot import extracts archives into predictable, … | 2026-02-19T18:31:55Z | 2026-02-19T18:31:55Z |
| ghsa-hfvw-4xjp-v33q |
7.5 (3.1)
|
The Product Table and List Builder for WooCommerce Lite plugin for WordPress is vulnerable to time-… | 2026-02-19T18:31:55Z | 2026-02-19T18:31:55Z |
| ghsa-cw9w-w7fx-35q6 |
5.1 (3.1)
|
A flaw was found in QEMU. A specially crafted VMDK image could trigger an out-of-bounds read vulner… | 2026-02-19T18:31:55Z | 2026-02-19T18:31:55Z |
| ghsa-chcm-r33m-g233 |
9.3 (4.0)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-02-19T18:31:55Z | 2026-02-19T18:31:55Z |
| ghsa-3rcw-598c-wmjr |
7.5 (3.1)
|
The wpForo Forum plugin for WordPress is vulnerable to time-based SQL Injection via the 'wpfob' par… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:55Z |
| ghsa-x3gw-vh56-pg6x |
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-v9v3-ph54-r6qw |
6.4 (3.1)
|
The Dealia – Request a Quote plugin for WordPress is vulnerable to Stored Cross-Site Scripting via … | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-v6q3-r5cf-wh3r |
9.8 (3.1)
|
Execution After Redirect (EAR), Missing Authentication for Critical Function vulnerability in Inrov… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-rpjf-2xrw-h2w5 |
5.4 (3.1)
4.8 (4.0)
|
SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The co… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-qfch-9m87-pgm2 |
8.1 (3.1)
9.2 (4.0)
|
SPIP before 4.4.9 allows Insecure Deserialization in the public area through the table_valeur filte… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-pxr8-26wq-vfvp |
6.3 (3.1)
|
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assign… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-j9vh-hh8h-9h88 |
4.3 (3.1)
|
Cross-Site Request Forgery (CSRF) vulnerability in WP Moose Kenta Companion kenta-companion allows … | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-j95j-w4wp-8mqv |
5.4 (3.1)
4.8 (4.0)
|
SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the private area via malicious iframe tags. … | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-j3q6-84fv-fg88 |
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-hpg7-358g-wg3c |
4.4 (3.1)
|
The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-hj2m-xgwr-hhp4 |
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-h972-rpm4-hj8q |
6.5 (3.1)
|
The Simple Membership plugin for WordPress is vulnerable to Improper Handling of Missing Values in … | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-h72r-rmwf-cp7j |
5.4 (3.1)
4.8 (4.0)
|
SPIP before 4.4.9 allows Cross-Site Scripting (XSS) in the private area, complementing an incomplet… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-ffpr-483m-cpm5 |
8.1 (3.1)
|
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Incorrect Privilege Assign… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-f6rv-5qch-vwvw |
8.5 (4.0)
|
A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-2… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-f5cj-cgw5-mj38 |
4.3 (3.1)
5.3 (4.0)
|
SPIP before 4.4.9 allows Blind Server-Side Request Forgery (SSRF) via syndicated sites in the priva… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-cjfp-957w-fgm8 |
9.8 (3.1)
|
Authorization Bypass Through User-Controlled SQL Primary Key vulnerability in DATABASE Software Tra… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-cgwr-5223-r4pg |
4.3 (3.1)
5.3 (4.0)
|
SPIP before 4.3.6, 4.2.17, and 4.1.20 allows unauthorized content disclosure in the private area. T… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-c977-4m9f-fcfc |
5.3 (3.1)
|
The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulne… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-9cwr-5hg5-h48h |
4.7 (3.1)
|
Dell PowerProtect Data Manager, version(s) prior to 19.22, contain(s) an Improper Verification of S… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-8v9w-wqxw-hp8g |
10.0 (3.1)
|
Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin p… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-86cf-7cvr-x43r |
6.1 (3.1)
5.1 (4.0)
|
SPIP before 4.4.5 and 4.3.9 allows an Open Redirect via the login form when used in AJAX mode. An a… | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ghsa-7wc5-wjpj-2r5j |
4.7 (3.1)
2.1 (4.0)
|
SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area for certain edge-case usage … | 2026-02-19T18:31:54Z | 2026-02-19T18:31:54Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2023-31 |
|
Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4. | modoboa | 2023-01-26T23:15:00Z | 2023-05-04T03:49:46.722786Z |
| pysec-2023-30 |
|
Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4. | modoboa | 2023-01-26T22:15:00Z | 2023-05-04T03:49:46.669829Z |
| pysec-2023-29 |
|
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.2.1. | mlflow | 2023-03-24T15:15:00Z | 2023-05-04T03:49:46.618607Z |
| pysec-2023-28 |
|
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2. | mlflow | 2023-03-24T15:15:00Z | 2023-05-04T03:49:46.565156Z |
| pysec-2023-27 |
|
mindsdb is a Machine Learning platform to help developers build AI solutions. In affected… | mindsdb | 2023-04-21T21:15:00Z | 2023-05-04T03:49:46.507545Z |
| pysec-2023-26 |
|
MindsDB is an open source machine learning platform. An unsafe extraction is being perfor… | mindsdb | 2023-03-30T19:15:00Z | 2023-05-04T03:49:46.430565Z |
| pysec-2023-25 |
|
mechanize, a library for automatically interacting with HTTP web servers, contains a regu… | mechanize | 2023-01-17T22:15:00Z | 2023-05-04T03:49:46.357040Z |
| pysec-2023-24 |
|
Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was al… | markdown-it-py | 2023-02-23T00:15:00Z | 2023-05-04T03:49:46.302314Z |
| pysec-2023-23 |
|
Denial of service could be caused to the command line interface of markdown-it-py, before… | markdown-it-py | 2023-02-22T23:15:00Z | 2023-05-04T03:49:46.254022Z |
| pysec-2023-22 |
|
An issue was discovered in Mailman Core before 3.3.5. An attacker with access to the REST… | mailman | 2023-04-15T20:16:00Z | 2023-05-04T03:49:46.203477Z |
| pysec-2023-21 |
|
LTI Consumer XBlock implements the consumer side of the LTI specification enabling integr… | lti-consumer-xblock | 2023-01-26T21:18:00Z | 2023-05-04T03:49:46.153608Z |
| pysec-2023-20 |
|
Netflix Lemur before version 1.3.2 used insufficiently random values when generating de… | lemur | 2023-04-19T20:15:00Z | 2023-05-04T03:49:46.100234Z |
| pysec-2023-19 |
|
A vulnerability, which was classified as problematic, was found in kakwa LdapCherry up to… | ldapcherry | 2023-01-05T08:15:00Z | 2023-05-04T03:49:46.049521Z |
| pysec-2023-18 |
|
In LangChain through 0.0.131, the LLMMathChain chain allows prompt injection attacks that… | langchain | 2023-04-05T02:15:00Z | 2023-05-04T03:49:46.000016Z |
| pysec-2023-17 |
|
IPython (Interactive Python) is a command shell for interactive computing in multiple pro… | ipython | 2023-02-10T20:15:00Z | 2023-05-04T03:49:45.922825Z |
| pysec-2023-16 |
|
Gradio is an open-source Python library to build machine learning and data science demos … | gradio | 2023-02-23T22:15:00Z | 2023-05-04T03:49:45.858658Z |
| pysec-2023-15 |
|
GeoNode is an open source platform that facilitates the creation, sharing, and collaborat… | geonode | 2023-02-27T21:15:00Z | 2023-05-04T03:49:45.721412Z |
| pysec-2023-14 |
|
** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classifie… | django-ucamlookup | 2023-01-05T09:15:00Z | 2023-05-04T03:49:45.271028Z |
| pysec-2023-13 |
|
An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 … | django | 2023-02-15T01:15:00Z | 2023-05-04T03:49:45.612158Z |
| pysec-2023-12 |
|
In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of… | django | 2023-02-01T19:15:00Z | 2023-05-04T03:49:45.437728Z |
| pysec-2023-11 |
|
cryptography is a package designed to expose cryptographic primitives and recipes to Pyth… | cryptography | 2023-02-07T21:15:00Z | 2023-05-04T03:49:45.221186Z |
| pysec-2023-10 |
|
Changedetection.io before v0.40.1.1 was discovered to contain a stored cross-site scripti… | changedetection-io | 2023-02-17T22:15:00Z | 2023-05-04T03:49:45.088821Z |
| pysec-2022-42992 |
|
All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to im… | gitpython | 2022-12-06T05:15:00Z | 2023-05-04T03:49:45.777062Z |
| pysec-2022-42991 |
|
An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers … | future | 2022-12-23T00:15:00Z | 2023-05-04T03:49:45.660760Z |
| pysec-2022-42989 |
|
A vulnerability, which was classified as problematic, has been found in collective.dms.ba… | collective-dms-basecontent | 2022-12-14T15:15:00Z | 2023-05-04T03:49:45.138352Z |
| pysec-2022-42986 |
|
Certifi is a curated collection of Root Certificates for validating the trustworthiness o… | certifi | 2022-12-07T22:15:00Z | 2023-05-04T03:49:45.039819Z |
| pysec-2023-9 |
|
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.… | cairosvg | 2023-03-20T16:15:00Z | 2023-05-04T03:49:44.989748Z |
| pysec-2023-8 |
|
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This iss… | apache-iotdb | 2023-04-17T08:15:00Z | 2023-05-04T03:49:44.939309Z |
| pysec-2023-7 |
|
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This iss… | apache-iotdb | 2023-04-17T07:15:00Z | 2023-05-04T03:49:44.888533Z |
| pysec-2023-6 |
|
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This iss… | apache-iotdb | 2023-01-30T17:15:00Z | 2023-05-04T03:49:44.840128Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33073 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.641767Z |
| gsd-2024-33072 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.692854Z |
| gsd-2024-33071 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.625514Z |
| gsd-2024-33070 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.621129Z |
| gsd-2024-33069 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.645844Z |
| gsd-2024-33068 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.754188Z |
| gsd-2024-33067 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.725270Z |
| gsd-2024-33066 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.640877Z |
| gsd-2024-33065 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.601841Z |
| gsd-2024-33064 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.742494Z |
| gsd-2024-33063 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.606683Z |
| gsd-2024-33062 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.623763Z |
| gsd-2024-33061 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.698231Z |
| gsd-2024-33060 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.709441Z |
| gsd-2024-33059 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.758936Z |
| gsd-2024-33058 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.680057Z |
| gsd-2024-33057 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.714140Z |
| gsd-2024-33056 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.614834Z |
| gsd-2024-33055 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.636678Z |
| gsd-2024-33054 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.672967Z |
| gsd-2024-33053 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.619733Z |
| gsd-2024-33052 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.640443Z |
| gsd-2024-33051 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.658888Z |
| gsd-2024-33050 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.695724Z |
| gsd-2024-33049 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.604696Z |
| gsd-2024-33048 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.709832Z |
| gsd-2024-33047 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.624631Z |
| gsd-2024-33046 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.708183Z |
| gsd-2024-33045 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.670079Z |
| gsd-2024-33044 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:09.614126Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| MAL-2026-495 | Malicious code in h-jsencrypt (npm) | 2026-01-23T18:12:42Z | 2026-01-28T17:27:44Z |
| mal-2026-494 | Malicious code in eits (npm) | 2026-01-23T18:12:42Z | 2026-01-28T17:27:43Z |
| MAL-2026-494 | Malicious code in eits (npm) | 2026-01-23T18:12:42Z | 2026-01-28T17:27:43Z |
| mal-2026-484 | Malicious code in translation-note (npm) | 2026-01-23T01:13:12Z | 2026-01-28T08:26:42Z |
| MAL-2026-484 | Malicious code in translation-note (npm) | 2026-01-23T01:13:12Z | 2026-01-28T08:26:42Z |
| mal-2026-489 | Malicious code in rank4222wun (npm) | 2026-01-23T08:25:42Z | 2026-01-28T06:49:15Z |
| MAL-2026-489 | Malicious code in rank4222wun (npm) | 2026-01-23T08:25:42Z | 2026-01-28T06:49:15Z |
| mal-2024-2814 | Malicious code in overstock-logger (npm) | 2024-06-25T12:54:37Z | 2026-01-28T06:49:14Z |
| MAL-2024-2814 | Malicious code in overstock-logger (npm) | 2024-06-25T12:54:37Z | 2026-01-28T06:49:14Z |
| mal-2026-547 | Malicious code in solhint-plugin-hyperlane (PyPI) | 2026-01-27T09:15:48Z | 2026-01-27T09:15:48Z |
| MAL-2026-547 | Malicious code in solhint-plugin-hyperlane (PyPI) | 2026-01-27T09:15:48Z | 2026-01-27T09:15:48Z |
| mal-2026-198 | Malicious code in shopee-chat (npm) | 2026-01-11T13:21:17Z | 2026-01-27T08:27:34Z |
| MAL-2026-198 | Malicious code in shopee-chat (npm) | 2026-01-11T13:21:17Z | 2026-01-27T08:27:34Z |
| mal-2026-480 | Malicious code in kwp-shared-components-production-system (npm) | 2026-01-23T01:13:12Z | 2026-01-27T08:27:32Z |
| MAL-2026-480 | Malicious code in kwp-shared-components-production-system (npm) | 2026-01-23T01:13:12Z | 2026-01-27T08:27:32Z |
| mal-2026-266 | Malicious code in @wbgo/shared (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:30Z |
| mal-2026-265 | Malicious code in @wb-team/uikit-myteam-web (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:30Z |
| MAL-2026-266 | Malicious code in @wbgo/shared (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:30Z |
| MAL-2026-265 | Malicious code in @wb-team/uikit-myteam-web (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:30Z |
| mal-2026-263 | Malicious code in @spx-workforceops/shared-vue (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| mal-2026-262 | Malicious code in @spx-smartsorting/vue (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| mal-2026-261 | Malicious code in @spx-delivery/react (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| mal-2026-260 | Malicious code in @servicepoint/vue-project (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| mal-2026-259 | Malicious code in @riag-libs/pattern-library-react-hooks (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| mal-2026-249 | Malicious code in @flipster/utils (npm) | 2026-01-13T08:19:50Z | 2026-01-27T08:27:29Z |
| MAL-2026-263 | Malicious code in @spx-workforceops/shared-vue (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| MAL-2026-262 | Malicious code in @spx-smartsorting/vue (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| MAL-2026-261 | Malicious code in @spx-delivery/react (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| MAL-2026-260 | Malicious code in @servicepoint/vue-project (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| MAL-2026-259 | Malicious code in @riag-libs/pattern-library-react-hooks (npm) | 2026-01-16T00:10:24Z | 2026-01-27T08:27:29Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1418 | IBM MQ Appliance/Client: Schwachstelle ermöglicht Denial of Service | 2025-06-29T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1379 | Red Hat Enterprise Linux (iputils): Schwachstelle ermöglicht Denial of Service | 2025-06-23T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1056 | IBM Semeru Runtime: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-05-14T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0967 | Mitel SIP Phone: Mehrere Schwachstellen | 2025-05-07T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0790 | MediaWiki Erweiterungen und -Komponenten: Mehrere Schwachstellen | 2025-04-13T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0788 | MediaWiki: Mehrere Schwachstellen | 2025-04-10T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0622 | Apache Commons: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2025-03-23T23:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0512 | Red Hat Advanced Cluster Security: Schwachstelle ermöglicht Denial of Service | 2025-03-10T23:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0469 | libarchive: Schwachstelle ermöglicht Denial of Service und weitere nicht spezifizierte Angriffe | 2025-03-02T23:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0394 | OpenSSH: Mehrere Schwachstellen | 2025-02-17T23:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0316 | OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-11T23:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3249 | Red Hat JBoss Enterprise Application Platform (Wildfly): Schwachstelle ermöglicht Cross-Site Scripting | 2024-10-21T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3230 | OpenSSL: Schwachstelle ermöglicht Denial of Service und Remote-Code-Ausführung | 2024-10-16T22:00:00.000+00:00 | 2025-07-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1608 | CrushFTP: Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-07-20T22:00:00.000+00:00 | 2025-07-22T22:00:00.000+00:00 |
| wid-sec-w-2025-1491 | Microsoft Office: Mehrere Schwachstellen | 2025-07-08T22:00:00.000+00:00 | 2025-07-22T22:00:00.000+00:00 |
| wid-sec-w-2025-0981 | SysAid Technologies Ltd SysAid: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2025-05-07T22:00:00.000+00:00 | 2025-07-22T22:00:00.000+00:00 |
| wid-sec-w-2025-1598 | Microsoft SharePoint (On-premises): Mehrere Schwachstellen | 2025-07-20T22:00:00.000+00:00 | 2025-07-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1508 | Irfan Skiljan IrfanView CADImage Plugin: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-07-08T22:00:00.000+00:00 | 2025-07-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1489 | Fortinet FortiWeb: Schwachstelle ermöglicht SQL Injection | 2025-07-08T22:00:00.000+00:00 | 2025-07-20T22:00:00.000+00:00 |
| wid-sec-w-2025-1585 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2025-07-16T22:00:00.000+00:00 | 2025-07-17T22:00:00.000+00:00 |
| wid-sec-w-2025-1402 | Cisco Identity Services Engine (ISE): Mehrere Schwachstellen | 2025-06-25T22:00:00.000+00:00 | 2025-07-16T22:00:00.000+00:00 |
| wid-sec-w-2025-1550 | Red Hat Enterprise Linux (LZ4): Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-07-14T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1490 | Fortinet FortiOS: Schwachstelle ermöglicht Codeausführung | 2025-07-08T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1365 | IBM QRadar SIEM: Mehrere Schwachstellen | 2025-06-19T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1271 | Linux Kernel: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2025-06-09T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1167 | IBM DB2: Mehrere Schwachstellen | 2025-05-29T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1150 | Redis: Schwachstelle ermöglicht Denial of Service | 2025-05-27T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-1132 | OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-05-22T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-0938 | IBM DB2: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-05-05T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| wid-sec-w-2025-0912 | IBM DB2: Schwachstelle ermöglicht Denial of Service | 2025-05-01T22:00:00.000+00:00 | 2025-07-15T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2020:3637 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.9 on RHEL 6 security update | 2020-09-07T12:57:26+00:00 | 2026-02-23T19:17:50+00:00 |
| rhsa-2020:3600 | Red Hat Security Advisory: Ansible security and bug fix update (2.8.15) | 2020-09-01T19:32:43+00:00 | 2026-02-23T19:17:49+00:00 |
| rhsa-2020:3192 | Red Hat Security Advisory: Red Hat Fuse 7.7.0 release and security update | 2020-07-28T15:54:02+00:00 | 2026-02-23T19:17:48+00:00 |
| rhsa-2020:2938 | Red Hat Security Advisory: .NET Core security and bugfix update | 2020-07-15T11:08:07+00:00 | 2026-02-23T19:17:48+00:00 |
| rhsa-2020:3053 | Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update | 2020-07-21T15:33:37+00:00 | 2026-02-23T19:17:47+00:00 |
| rhsa-2020:3003 | Red Hat Security Advisory: Red Hat Ceph Storage 4.1 security and bug fix update | 2020-07-20T14:23:01+00:00 | 2026-02-23T19:17:47+00:00 |
| rhsa-2020:2989 | Red Hat Security Advisory: .NET Core security update | 2020-07-17T14:49:26+00:00 | 2026-02-23T19:17:47+00:00 |
| rhsa-2020:2988 | Red Hat Security Advisory: .NET Core security and bugfix update | 2020-07-16T19:21:20+00:00 | 2026-02-23T19:17:47+00:00 |
| rhsa-2020:2954 | Red Hat Security Advisory: .NET Core 3.1 security and bugfix update | 2020-07-15T14:36:18+00:00 | 2026-02-23T19:17:45+00:00 |
| rhsa-2020:2939 | Red Hat Security Advisory: .NET Core 3.1 on Red Hat Enterprise Linux security and bugfix update | 2020-07-15T11:06:50+00:00 | 2026-02-23T19:17:45+00:00 |
| rhsa-2020:2937 | Red Hat Security Advisory: .NET Core 2.1 on Red Hat Enterprise Linux security and bugfix update | 2020-07-15T11:05:50+00:00 | 2026-02-23T19:17:44+00:00 |
| rhsa-2020:2905 | Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update | 2020-07-23T07:03:40+00:00 | 2026-02-23T19:17:44+00:00 |
| rhsa-2020:2840 | Red Hat Security Advisory: tomcat security update | 2020-07-07T10:31:39+00:00 | 2026-02-23T19:17:42+00:00 |
| rhsa-2020:2783 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update | 2020-07-01T11:21:09+00:00 | 2026-02-23T19:17:41+00:00 |
| rhsa-2020:2781 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update | 2020-07-01T10:57:21+00:00 | 2026-02-23T19:17:40+00:00 |
| rhsa-2020:2780 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update | 2020-07-01T10:55:01+00:00 | 2026-02-23T19:17:40+00:00 |
| rhsa-2020:2779 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.23 security update | 2020-07-01T10:57:42+00:00 | 2026-02-23T19:17:40+00:00 |
| rhsa-2020:2515 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update | 2020-06-10T19:23:36+00:00 | 2026-02-23T19:17:37+00:00 |
| rhsa-2020:2513 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update | 2020-06-11T07:09:57+00:00 | 2026-02-23T19:17:37+00:00 |
| rhsa-2020:2367 | Red Hat Security Advisory: Red Hat support for Spring Boot 2.1.13 security and bug fix update | 2020-06-04T13:11:36+00:00 | 2026-02-23T19:17:35+00:00 |
| rhsa-2020:2512 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update | 2020-06-11T09:03:28+00:00 | 2026-02-23T19:17:34+00:00 |
| rhsa-2020:2511 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.1 Security update | 2020-06-11T09:11:50+00:00 | 2026-02-23T19:17:34+00:00 |
| rhsa-2020:2472 | Red Hat Security Advisory: virt:rhel security update | 2020-06-10T10:39:14+00:00 | 2026-02-23T19:17:33+00:00 |
| rhsa-2020:2333 | Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 19 security update | 2020-05-28T15:58:41+00:00 | 2026-02-23T19:17:32+00:00 |
| rhsa-2020:2142 | Red Hat Security Advisory: Ansible security and bug fix update (2.7.18) | 2020-05-13T16:13:01+00:00 | 2026-02-23T19:17:32+00:00 |
| rhsa-2020:2112 | Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update | 2020-05-12T17:16:57+00:00 | 2026-02-23T19:17:30+00:00 |
| rhsa-2020:2061 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 security update | 2020-05-11T20:19:28+00:00 | 2026-02-23T19:17:28+00:00 |
| rhsa-2020:2060 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 8 security update | 2020-05-11T20:17:00+00:00 | 2026-02-23T19:17:28+00:00 |
| rhsa-2020:2058 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 6 security update | 2020-05-11T20:12:12+00:00 | 2026-02-23T19:17:28+00:00 |
| rhsa-2020:2059 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.8 on RHEL 7 security update | 2020-05-11T20:15:02+00:00 | 2026-02-23T19:17:27+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-16-147-03 | Black Box AlertWerks ServSensor Credential Management Vulnerability | 2016-02-27T07:00:00.000000Z | 2025-06-05T21:43:04.061979Z |
| icsa-16-147-02 | Sixnet BT Series Hard-coded Credentials Vulnerability | 2016-02-27T07:00:00.000000Z | 2025-06-05T21:42:57.849367Z |
| icsa-16-147-01b | Environmental Systems Corporation Data Controllers Vulnerabilities | 2016-02-27T07:00:00.000000Z | 2025-06-05T21:42:45.384997Z |
| icsa-16-140-02 | Siemens SIPROTEC Information Disclosure Vulnerabilities (Update B) | 2016-02-20T07:00:00.000000Z | 2025-06-05T21:42:14.185644Z |
| icsa-16-140-01a | Resource Data Management Intuitive 650 TDB Controller Vulnerabilities (Update A) | 2016-02-20T07:00:00.000000Z | 2025-06-05T21:42:01.240546Z |
| icsa-16-138-01a | IRZ RUH2 3G Firmware Overwrite Vulnerability (Update A) | 2016-02-18T07:00:00.000000Z | 2025-06-05T21:41:55.027480Z |
| icsa-16-133-01a | Meteocontrol WEB'log Vulnerabilities (Update A) | 2016-02-13T07:00:00.000000Z | 2025-06-05T21:41:29.855368Z |
| icsa-16-131-01 | Panasonic FPWIN Pro Vulnerabilities | 2016-02-11T07:00:00.000000Z | 2025-06-05T21:41:04.960389Z |
| icsa-16-126-01 | KMC Controls Conquest BACnet Router Vulnerabilities | 2016-02-06T07:00:00.000000Z | 2025-06-05T21:40:52.513486Z |
| icsa-16-105-03 | Ecava IntegraXor Vulnerabilities | 2016-01-16T07:00:00.000000Z | 2025-06-05T21:40:02.682378Z |
| icsa-16-105-02 | Accuenergy Acuvim II Series AXM-NET Module Vulnerabilities | 2016-01-16T07:00:00.000000Z | 2025-06-05T21:39:50.227619Z |
| icsa-16-105-01 | Sierra Wireless ACEmanager Information Exposure Vulnerability | 2016-01-16T07:00:00.000000Z | 2025-06-05T21:39:44.005014Z |
| icsa-16-103-03c | Siemens Industrial Products DROWN Vulnerability (Update C) | 2016-01-14T07:00:00.000000Z | 2025-06-05T21:39:37.691594Z |
| icsa-16-103-02 | Siemens SCALANCE S613 Denial-of-Service Vulnerability | 2016-01-14T07:00:00.000000Z | 2025-06-05T21:39:31.467405Z |
| icsa-16-103-01c | Siemens Industrial Products glibc Library Vulnerability (Update C) | 2016-01-14T07:00:00.000000Z | 2025-06-05T21:39:25.169040Z |
| icsa-16-096-01 | Pro-face GP-Pro EX HMI Vulnerabilities | 2016-01-07T07:00:00.000000Z | 2025-06-05T21:39:00.224867Z |
| icsa-16-091-01 | ICONICS WebHMI Directory Traversal Vulnerability | 2016-01-02T07:00:00.000000Z | 2025-06-05T21:38:53.967020Z |
| icsa-16-084-01 | Cogent DataHub Elevation of Privilege Vulnerability | 2016-12-26T07:00:00.000000Z | 2025-06-05T21:38:47.730754Z |
| icsa-16-082-01a | Siemens APOGEE Insight Incorrect File Permissions Vulnerability (Update A) | 2016-12-24T07:00:00.000000Z | 2025-06-05T21:38:41.495940Z |
| icsa-16-077-01a | ABB Panel Builder 800 DLL Hijacking Vulnerability (Update A) | 2016-12-19T07:00:00.000000Z | 2025-06-05T21:38:35.243611Z |
| icsa-16-075-01 | Siemens SIMATIC S7-1200 CPU Protection Mechanism Failure | 2016-12-17T07:00:00.000000Z | 2025-06-05T21:38:29.015812Z |
| icsa-16-070-02a | Honeywell Uniformance PHD Denial Of Service (Update A) | 2016-12-12T07:00:00.000000Z | 2025-06-05T21:38:22.775325Z |
| icsa-16-070-01 | Schneider Electric Telvent RTU Improper Ethernet Frame Padding Vulnerability | 2016-12-12T07:00:00.000000Z | 2025-06-05T21:38:16.518332Z |
| icsa-16-063-01 | Moxa ioLogik E2200 Series Weak Authentication Practices | 2016-12-05T07:00:00.000000Z | 2025-06-05T21:38:04.104993Z |
| icsa-16-061-03 | Eaton Lighting Systems EG2 Web Control Authentication Bypass Vulnerabilities | 2016-12-03T07:00:00.000000Z | 2025-06-05T21:37:51.714610Z |
| icsa-16-061-02 | Rockwell Automation Allen-Bradley CompactLogix Reflective Cross-Site Scripting Vulnerability (Update A) | 2016-12-03T07:00:00.000000Z | 2025-06-05T21:37:45.425599Z |
| icsa-16-061-01 | Schneider Electric Building Operation Automation Server Vulnerability | 2016-12-03T07:00:00.000000Z | 2025-06-05T21:37:39.217752Z |
| icsa-16-056-01 | Rockwell Automation Integrated Architecture Builder Access Violation Memory Error | 2016-11-28T07:00:00.000000Z | 2025-06-05T21:37:32.767943Z |
| icsa-16-049-02a | AMX Multiple Products Credential Management Vulnerabilities (Update A) | 2016-11-21T07:00:00.000000Z | 2025-06-05T21:37:20.275376Z |
| icsa-16-049-01 | B+B SmartWorx VESP211 Authentication Bypass Vulnerability | 2016-11-21T07:00:00.000000Z | 2025-06-05T21:37:14.043505Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-npe-hardening-dkel83jp | Identifying and Mitigating Security Exposures When Using No Payload Encryption Images with Existing Cryptographic Configuration | 2023-01-18T16:00:00+00:00 | 2023-01-18T16:00:00+00:00 |
| cisco-sa-npe-hardening-Dkel83jP | Identifying and Mitigating Security Exposures When Using No Payload Encryption Images with Existing Cryptographic Configuration | 2023-01-18T16:00:00+00:00 | 2023-01-18T16:00:00+00:00 |
| cisco-sa-cucm-sql-rppczr8n | Cisco Unified Communications Manager SQL Injection Vulnerability | 2023-01-18T16:00:00+00:00 | 2023-01-18T16:00:00+00:00 |
| cisco-sa-cucm-sql-rpPczR8n | Cisco Unified Communications Manager SQL Injection Vulnerability | 2023-01-18T16:00:00+00:00 | 2023-01-18T16:00:00+00:00 |
| cisco-sa-expressway-filewrite-bsfvwuev | Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities | 2022-05-18T16:00:00+00:00 | 2023-01-17T20:24:01+00:00 |
| cisco-sa-expressway-filewrite-bsFVwueV | Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities | 2022-05-18T16:00:00+00:00 | 2023-01-17T20:24:01+00:00 |
| cisco-sa-sb-rv-rcedos-7hjp74jd | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Remote Code Execution and Denial of Service Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-12T16:07:37+00:00 |
| cisco-sa-sb-rv-rcedos-7HjP74jD | Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Remote Code Execution and Denial of Service Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-12T16:07:37+00:00 |
| cisco-sa-rv-cmd-exe-n47kjqle | Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-rv-cmd-exe-n47kJQLE | Cisco Small Business RV160 and RV260 Series VPN Routers Remote Command Execution Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-lldp-memlk-mcoecpt | Cisco Webex Room Phone and Cisco Webex Share Link Layer Discovery Protocol Memory Leak Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-lldp-memlk-McOecPT | Cisco Webex Room Phone and Cisco Webex Share Link Layer Discovery Protocol Memory Leak Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-ip-phone-auth-bypass-psqxzrpr | Cisco IP Phone 7800 and 8800 Series Web Management Interface Authentication Bypass Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-ip-phone-auth-bypass-pSqxZRPR | Cisco IP Phone 7800 and 8800 Series Web Management Interface Authentication Bypass Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-ind-fzyvjjtg | Cisco Industrial Network Director Vulnerabilities | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-ind-fZyVjJtG | Cisco Industrial Network Director Vulnerabilities | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-cxagent-goq9qjqz | Cisco CX Cloud Agent Privilege Escalation Vulnerabilities | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-cxagent-gOq9QjqZ | Cisco CX Cloud Agent Privilege Escalation Vulnerabilities | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-bw-xss-ezqdxqg4 | Cisco BroadWorks Application Delivery Platform, Application Server, and Xtended Services Platform Cross-Site Scripting Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-bw-xss-EzqDXqG4 | Cisco BroadWorks Application Delivery Platform, Application Server, and Xtended Services Platform Cross-Site Scripting Vulnerability | 2023-01-11T16:00:00+00:00 | 2023-01-11T16:00:00+00:00 |
| cisco-sa-20170927-profinet | Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability | 2017-09-27T16:00:00+00:00 | 2022-12-17T05:54:03+00:00 |
| cisco-sa-20170927-dhcp | Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability | 2017-09-27T16:00:00+00:00 | 2022-12-17T05:51:12+00:00 |
| cisco-sa-20170927-ike | Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability | 2017-09-27T16:00:00+00:00 | 2022-12-17T05:27:48+00:00 |
| cisco-sa-20170927-rbip-dos | Cisco IOS Software for Cisco Integrated Services Routers Generation 2 Denial of Service Vulnerability | 2017-09-27T16:00:00+00:00 | 2022-12-17T04:17:58+00:00 |
| cisco-sa-20171103-bgp | Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial of Service Vulnerability | 2017-11-03T16:00:00+00:00 | 2022-12-16T21:17:38+00:00 |
| cisco-sa-20170927-nat | Cisco IOS Software Network Address Translation Denial of Service Vulnerability | 2017-09-27T16:00:00+00:00 | 2022-12-16T21:17:38+00:00 |
| cisco-sa-20170927-cip | Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities | 2017-09-27T16:00:00+00:00 | 2022-12-16T21:17:37+00:00 |
| cisco-sa-20180328-dhcpr3 | Cisco IOS and IOS XE Software DHCP Version 4 Relay Denial of Service Vulnerability | 2018-03-28T16:00:00+00:00 | 2022-12-15T22:19:57+00:00 |
| cisco-sa-20180328-ike-dos | Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability | 2018-03-28T16:00:00+00:00 | 2022-12-15T22:19:56+00:00 |
| cisco-sa-20180328-dos | Cisco IOS Software Integrated Services Module for VPN Denial of Service Vulnerability | 2018-03-28T16:00:00+00:00 | 2022-12-15T22:19:54+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-39990 | bpf: Check the helper function is valid in get_helper_proto | 2025-10-02T00:00:00.000Z | 2026-02-18T15:01:37.000Z |
| msrc_cve-2024-47737 | nfsd: call cache_put if xdr_reserve_space returns NULL | 2024-10-01T07:00:00.000Z | 2026-02-18T15:01:37.000Z |
| msrc_cve-2023-52508 | nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid() | 2024-03-02T08:00:00.000Z | 2026-02-18T15:01:37.000Z |
| msrc_cve-2023-53466 | wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit | 2025-10-02T00:00:00.000Z | 2026-02-18T15:01:35.000Z |
| msrc_cve-2023-1981 | A vulnerability was found in the avahi library. This flaw allows an unprivileged user to make a dbus call causing the avahi daemon to crash. | 2023-05-01T00:00:00.000Z | 2026-02-18T15:01:30.000Z |
| msrc_cve-2025-15281 | wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory | 2026-01-02T00:00:00.000Z | 2026-02-18T15:01:17.000Z |
| msrc_cve-2024-26812 | vfio/pci: Create persistent INTx handler | 2024-04-02T07:00:00.000Z | 2026-02-18T15:01:17.000Z |
| msrc_cve-2023-38473 | Reachable assertion in avahi_alternative_host_name | 2023-11-01T07:00:00.000Z | 2026-02-18T15:01:08.000Z |
| msrc_cve-2024-46870 | drm/amd/display: Disable DMCUB timeout for DCN35 | 2024-10-01T07:00:00.000Z | 2026-02-18T15:01:07.000Z |
| msrc_cve-2024-43858 | jfs: Fix array-index-out-of-bounds in diFree | 2024-08-02T00:00:00.000Z | 2026-02-18T15:00:59.000Z |
| msrc_cve-2024-26765 | LoongArch: Disable IRQ before init_fn() for nonboot CPUs | 2024-04-02T07:00:00.000Z | 2026-02-18T15:00:57.000Z |
| msrc_cve-2023-38472 | Reachable assertion in avahi_rdata_parse | 2023-11-01T07:00:00.000Z | 2026-02-18T15:00:46.000Z |
| msrc_cve-2024-47697 | drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error | 2024-10-01T07:00:00.000Z | 2026-02-18T15:00:41.000Z |
| msrc_cve-2026-0992 | Libxml2: libxml2: denial of service via crafted xml catalogs | 2026-01-02T00:00:00.000Z | 2026-02-18T15:00:26.000Z |
| msrc_cve-2024-42313 | media: venus: fix use after free in vdec_close | 2024-08-02T00:00:00.000Z | 2026-02-18T15:00:26.000Z |
| msrc_cve-2025-39981 | Bluetooth: MGMT: Fix possible UAFs | 2025-10-02T00:00:00.000Z | 2026-02-18T15:00:22.000Z |
| msrc_cve-2023-38471 | Reachable assertion in dbus_set_host_name | 2023-11-01T07:00:00.000Z | 2026-02-18T15:00:22.000Z |
| msrc_cve-2024-27983 | An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a TCP connection is abruptly closed by the client triggering the Http2Session destructor while header frames are still being processed (and stored in memory) causing a race condition. | 2024-04-02T07:00:00.000Z | 2026-02-18T15:00:19.000Z |
| msrc_cve-2024-50055 | driver core: bus: Fix double free in driver API bus_register() | 2024-10-01T07:00:00.000Z | 2026-02-18T15:00:02.000Z |
| msrc_cve-2023-38470 | Reachable assertion in avahi_escape_label | 2023-11-01T07:00:00.000Z | 2026-02-18T14:59:56.000Z |
| msrc_cve-2024-56433 | shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid. | 2024-12-02T00:00:00.000Z | 2026-02-18T14:59:52.000Z |
| msrc_cve-2026-0989 | Libxml2: unbounded relaxng include recursion leading to stack overflow | 2026-01-02T00:00:00.000Z | 2026-02-18T14:59:51.000Z |
| msrc_cve-2024-43853 | cgroup/cpuset: Prevent UAF in proc_cpuset_show() | 2024-08-02T00:00:00.000Z | 2026-02-18T14:59:46.000Z |
| msrc_cve-2024-31080 | Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents | 2024-04-02T07:00:00.000Z | 2026-02-18T14:59:42.000Z |
| msrc_cve-2023-38469 | Reachable assertion in avahi_dns_packet_append_record | 2023-11-01T07:00:00.000Z | 2026-02-18T14:59:32.000Z |
| msrc_cve-2025-2295 | Potential iSCSI R2T PDU Vulnerability | 2025-03-02T00:00:00.000Z | 2026-02-18T14:59:30.000Z |
| msrc_cve-2024-49858 | efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption | 2024-10-01T07:00:00.000Z | 2026-02-18T14:59:30.000Z |
| msrc_cve-2026-0990 | Libxml2: libxml2: denial of service via uncontrolled recursion in xml catalog processing | 2026-01-02T00:00:00.000Z | 2026-02-18T14:59:23.000Z |
| msrc_cve-2024-40896 | In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | 2024-12-02T00:00:00.000Z | 2026-02-18T14:59:19.000Z |
| msrc_cve-2024-31083 | Xorg-x11-server: use-after-free in procrenderaddglyphs | 2024-04-02T07:00:00.000Z | 2026-02-18T14:59:18.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2025:15207-1 | alloy-1.9.1-1.1 on GA media | 2025-07-03T00:00:00Z | 2025-07-03T00:00:00Z |
| opensuse-su-2025:15206-1 | SDL2-2.32.8-1.1 on GA media | 2025-07-03T00:00:00Z | 2025-07-03T00:00:00Z |
| opensuse-su-2025:15205-1 | SDL-1.2.15-1.1 on GA media | 2025-07-03T00:00:00Z | 2025-07-03T00:00:00Z |
| opensuse-su-2025:15204-1 | MozillaThunderbird-128.11.1-2.1 on GA media | 2025-07-03T00:00:00Z | 2025-07-03T00:00:00Z |
| opensuse-su-2025:15203-1 | MozillaFirefox-139.0.4-1.1 on GA media | 2025-07-03T00:00:00Z | 2025-07-03T00:00:00Z |
| opensuse-su-2025:15202-1 | python311-selenium-4.25.0-5.1 on GA media | 2025-06-04T00:00:00Z | 2025-06-04T00:00:00Z |
| opensuse-su-2025:15201-1 | python311-nh3-0.2.17-2.1 on GA media | 2025-06-04T00:00:00Z | 2025-06-04T00:00:00Z |
| opensuse-su-2025:15200-1 | haproxy-3.2.0+git0.e134140d2-2.1 on GA media | 2025-06-04T00:00:00Z | 2025-06-04T00:00:00Z |
| opensuse-su-2025:15199-1 | perl-Crypt-OpenSSL-RSA-0.350.0-1.1 on GA media | 2025-06-03T00:00:00Z | 2025-06-03T00:00:00Z |
| opensuse-su-2025:15198-1 | assimp-devel-6.0.1-1.1 on GA media | 2025-06-03T00:00:00Z | 2025-06-03T00:00:00Z |
| opensuse-su-2025:15197-1 | apache2-mod_security2-2.9.10-1.1 on GA media | 2025-06-03T00:00:00Z | 2025-06-03T00:00:00Z |
| opensuse-su-2025:15196-1 | MozillaFirefox-139.0.1-1.1 on GA media | 2025-06-03T00:00:00Z | 2025-06-03T00:00:00Z |
| opensuse-su-2025:15195-1 | golang-github-v2fly-v2ray-core-5.33.0-1.1 on GA media | 2025-06-02T00:00:00Z | 2025-06-02T00:00:00Z |
| opensuse-su-2025:15194-1 | sslh-2.2.4-1.1 on GA media | 2025-06-02T00:00:00Z | 2025-06-02T00:00:00Z |
| opensuse-su-2025:15193-1 | golang-github-teddysun-v2ray-plugin-5.25.0-1.1 on GA media | 2025-06-02T00:00:00Z | 2025-06-02T00:00:00Z |
| opensuse-su-2025:15192-1 | python39-3.9.22-3.1 on GA media | 2025-06-02T00:00:00Z | 2025-06-02T00:00:00Z |
| opensuse-su-2025:15191-1 | python311-3.11.12-4.1 on GA media | 2025-06-02T00:00:00Z | 2025-06-02T00:00:00Z |
| opensuse-su-2025:15190-1 | python310-3.10.17-4.1 on GA media | 2025-06-02T00:00:00Z | 2025-06-02T00:00:00Z |
| opensuse-su-2025:15189-1 | libsoup-2_4-1-2.74.3-11.1 on GA media | 2025-06-01T00:00:00Z | 2025-06-01T00:00:00Z |
| opensuse-su-2025:15188-1 | govulncheck-vulndb-0.0.20250529T205903-1.1 on GA media | 2025-06-01T00:00:00Z | 2025-06-01T00:00:00Z |
| opensuse-su-2025:15187-1 | perl-Net-Dropbox-API-1.900.0-2.1 on GA media | 2025-05-31T00:00:00Z | 2025-05-31T00:00:00Z |
| opensuse-su-2025:15186-1 | openbao-2.2.2-1.1 on GA media | 2025-05-31T00:00:00Z | 2025-05-31T00:00:00Z |
| opensuse-su-2025:15185-1 | libsoup-3_0-0-3.6.5-5.1 on GA media | 2025-05-31T00:00:00Z | 2025-05-31T00:00:00Z |
| opensuse-su-2025:15184-1 | pluto-5.21.7-1.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| opensuse-su-2025:15183-1 | libopenssl-3-devel-3.5.0-3.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| opensuse-su-2025:15182-1 | nodejs-electron-35.5.0-1.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| opensuse-su-2025:15181-1 | kea-2.6.3-1.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| opensuse-su-2025:15180-1 | icinga2-2.14.6-1.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| opensuse-su-2025:15179-1 | govulncheck-vulndb-0.0.20250527T204717-1.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| opensuse-su-2025:15178-1 | golang-github-prometheus-alertmanager-0.28.1-2.1 on GA media | 2025-05-30T00:00:00Z | 2025-05-30T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2023-738 | Use-of-uninitialized-value in _PyFunction_FromConstructor | 2023-08-25T14:00:42.118304Z | 2023-08-25T14:00:42.118579Z |
| osv-2023-734 | Container-overflow in libbrotlidec.so.1 | 2023-08-24T14:02:58.433195Z | 2023-08-24T14:02:58.433472Z |
| osv-2023-715 | Stack-use-after-scope in ulocimp_addLikelySubtags_74 | 2023-08-21T14:00:19.885505Z | 2023-08-23T15:32:00.801902Z |
| osv-2023-726 | Heap-buffer-overflow in Flow::dissectNetBIOS | 2023-08-23T14:02:47.143481Z | 2023-08-23T14:02:47.143744Z |
| osv-2023-723 | Heap-buffer-overflow in H5MM_memcpy | 2023-08-22T14:03:07.334340Z | 2023-08-22T14:03:07.334606Z |
| osv-2023-721 | Stack-buffer-overflow in crc24q_check | 2023-08-21T14:02:51.271773Z | 2023-08-21T14:02:51.272060Z |
| osv-2023-719 | Security exception in org.apache.commons.jxpath.ri.compiler.CoreFunction.toString | 2023-08-21T14:02:38.497581Z | 2023-08-21T14:02:38.497866Z |
| osv-2023-709 | Heap-buffer-overflow in QOIHandler::read | 2023-08-18T14:02:53.146275Z | 2023-08-20T14:15:45.069773Z |
| osv-2023-705 | Security exception in org.apache.lucene.util.automaton.RegExp.toAutomaton | 2023-08-17T14:00:59.717535Z | 2023-08-19T14:26:28.816770Z |
| osv-2021-367 | Heap-buffer-overflow in H5MM_memcpy | 2021-02-11T00:00:57.089990Z | 2023-08-19T14:11:01.241936Z |
| osv-2021-218 | Heap-buffer-overflow in H5F_addr_decode_len | 2021-01-22T00:00:16.221512Z | 2023-08-19T14:10:58.688694Z |
| osv-2023-714 | Security exception in org.apache.poi.ddf.EscherContainerRecord.fillFields | 2023-08-19T14:02:15.130219Z | 2023-08-19T14:02:15.130475Z |
| osv-2023-710 | Heap-buffer-overflow in Flow::dissectMDNS | 2023-08-19T14:00:12.746394Z | 2023-08-19T14:00:12.746652Z |
| osv-2023-640 | Stack-buffer-overflow in initialize_encryption_key | 2023-08-04T14:00:55.352181Z | 2023-08-17T14:21:56.675468Z |
| osv-2023-697 | Heap-buffer-overflow in IEC104Stats::processPacket | 2023-08-15T14:01:02.977387Z | 2023-08-15T14:01:02.977646Z |
| osv-2023-696 | Security exception in org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone | 2023-08-14T14:00:47.094365Z | 2023-08-14T14:00:47.094611Z |
| osv-2023-693 | Security exception in org.json.JSONArray.writeTo | 2023-08-13T14:00:24.146135Z | 2023-08-13T14:00:24.146368Z |
| osv-2023-356 | Heap-buffer-overflow in pdf_nextobject | 2023-04-30T14:03:00.823786Z | 2023-08-12T14:21:32.402904Z |
| osv-2023-689 | Use-of-uninitialized-value | 2023-08-12T14:02:14.530750Z | 2023-08-12T14:02:14.531027Z |
| osv-2023-688 | Invalid-free in Flow::~Flow | 2023-08-12T14:00:58.558753Z | 2023-08-12T14:00:58.559035Z |
| osv-2023-684 | Heap-use-after-free in __xmlRaiseError | 2023-08-11T14:02:03.986718Z | 2023-08-11T14:02:03.986997Z |
| osv-2023-680 | Security exception in org.apache.poi.hdgf.streams.PointerContainingStream.findChildren | 2023-08-11T14:00:29.963332Z | 2023-08-11T14:00:29.963569Z |
| osv-2023-674 | Heap-buffer-overflow in get_grouplength | 2023-08-09T14:02:09.770996Z | 2023-08-09T14:02:09.771217Z |
| osv-2023-673 | Heap-buffer-overflow in match | 2023-08-09T14:01:09.834447Z | 2023-08-09T14:01:09.834676Z |
| osv-2023-665 | Security exception in org.apache.poi.hdgf.streams.PointerContainingStream.findChildren | 2023-08-08T14:02:01.481029Z | 2023-08-08T14:02:01.481263Z |
| osv-2023-663 | Segv on unknown address in decUnitCompare | 2023-08-08T14:00:59.624933Z | 2023-08-08T14:00:59.625154Z |
| osv-2023-662 | Security exception in org.apache.commons.io.IOUtils.byteArray | 2023-08-08T14:00:57.801101Z | 2023-08-08T14:00:57.801377Z |
| osv-2023-660 | Security exception in org.apache.poi.hwpf.model.StyleSheet.createPap | 2023-08-08T14:00:31.168112Z | 2023-08-08T14:00:31.168352Z |
| osv-2022-134 | Heap-use-after-free in RDKit::Chirality::cleanupStereoGroups | 2022-02-10T00:00:40.784389Z | 2023-08-07T14:12:28.790532Z |
| osv-2023-455 | Heap-buffer-overflow in bit_TV_to_utf8 | 2023-06-05T14:00:16.339269Z | 2023-08-05T14:19:01.096560Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gitlab-2025-7739 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2025-08-18T08:34:35.004Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2025-7734 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2025-08-18T08:34:33.153Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2025-6186 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2025-08-18T08:34:27.752Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2025-2937 | Inefficient Regular Expression Complexity in GitLab | 2025-08-18T08:33:51.319Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2025-2614 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-08-18T08:33:45.566Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2025-2498 | Insufficient Granularity of Access Control in GitLab | 2025-08-18T08:33:37.870Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2025-1477 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-08-18T08:33:11.173Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2024-12303 | Incorrect Privilege Assignment in GitLab | 2025-08-18T08:28:02.622Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2024-10383 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork | 2025-02-11T07:26:57.802Z | 2025-08-18T08:35:59.174Z |
| bit-gitlab-2024-10219 | Incorrect Authorization in GitLab | 2025-08-18T08:27:32.914Z | 2025-08-18T08:35:59.174Z |
| bit-vault-2025-4166 | Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin | 2025-05-07T05:56:55.608Z | 2025-08-13T06:08:53.695Z |
| bit-vault-2025-3879 | Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login | 2025-05-07T05:56:52.014Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-5982 | Insufficient Granularity of Access Control in GitLab | 2025-06-14T06:15:34.466Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-5846 | Missing Authorization in GitLab | 2025-06-30T15:16:31.446Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-5121 | Missing Authorization in GitLab | 2025-06-24T15:15:54.671Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-2938 | Business Logic Errors in GitLab | 2025-06-30T15:16:20.004Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-2443 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2025-06-24T15:15:42.090Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-2255 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2025-03-29T07:10:19.692Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-2242 | Incorrect Authorization in GitLab | 2025-03-29T07:10:26.493Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2025-0811 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab | 2025-03-29T07:11:18.091Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2024-9773 | Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab | 2025-03-29T07:12:34.592Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2024-7586 | Insertion of Sensitive Information into Log File in GitLab | 2025-06-24T15:13:54.274Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2024-4025 | Inefficient Regular Expression Complexity in GitLab | 2025-06-24T15:12:39.853Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2024-12619 | Insufficient Granularity of Access Control in GitLab | 2025-04-01T08:16:40.753Z | 2025-08-13T06:08:53.695Z |
| bit-gitlab-2024-10307 | Allocation of Resources Without Limits or Throttling in GitLab | 2025-04-01T08:18:31.847Z | 2025-08-13T06:08:53.695Z |
| bit-moodle-2025-26530 | Reflected XSS via question bank filter | 2025-08-12T05:51:56.886Z | 2025-08-12T06:09:16.254Z |
| bit-libpython-2025-4517 | Arbitrary writes via tarfile realpath overflow | 2025-08-11T13:53:16.345Z | 2025-08-11T14:19:40.295Z |
| bit-libpython-2025-4516 | Use-after-free in "unicode_escape" decoder with error handler | 2025-08-11T13:53:13.759Z | 2025-08-11T14:19:40.295Z |
| bit-libpython-2025-4435 | Tarfile extracts filtered members when errorlevel=0 | 2025-08-11T13:53:11.552Z | 2025-08-11T14:19:40.295Z |
| bit-libpython-2025-4330 | Extraction filter bypass for linking outside extraction directory | 2025-08-11T13:53:09.546Z | 2025-08-11T14:19:40.295Z |
| ID | Description | Updated |
|---|---|---|
| var-200807-0659 | ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS… | 2024-07-23T20:10:45.133000Z |
| var-200704-0225 | Buffer overflow in the AirPortDriver module for AirPort in Apple Mac OS X 10.3.9 through … | 2024-07-23T20:10:45.084000Z |
| var-201006-1188 | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in … | 2024-07-23T20:10:35.248000Z |
| var-201711-0445 | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari be… | 2024-07-23T20:10:30.264000Z |
| var-201511-0037 | The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip in… | 2024-07-23T20:10:29.538000Z |
| var-200901-0719 | Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKi… | 2024-07-23T20:10:28.318000Z |
| var-200609-1080 | WebKit in Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 allows remote atta… | 2024-07-23T20:10:27.537000Z |
| var-200703-0020 | Stack-based buffer overflow in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remot… | 2024-07-23T20:10:24.518000Z |
| var-201411-0450 | parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when ent… | 2024-07-23T20:10:22.216000Z |
| var-201806-1469 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS bef… | 2024-07-23T20:09:50.388000Z |
| var-201211-0168 | Use-after-free vulnerability in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0… | 2024-07-23T20:09:49.294000Z |
| var-201812-0273 | Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers … | 2024-07-23T20:09:48.925000Z |
| var-201912-0508 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-07-23T20:09:18.614000Z |
| var-201001-0654 | The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial … | 2024-07-23T20:08:47.142000Z |
| var-202203-0034 | A carefully crafted request body can cause a read to a random memory area which could cau… | 2024-07-23T20:08:45.595000Z |
| var-201508-0365 | The xmlreader in libxml allows remote attackers to cause a denial of service (memory cons… | 2024-07-23T20:08:45.504000Z |
| var-202109-0747 | A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could a… | 2024-07-23T20:08:29.365000Z |
| var-201912-0593 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-07-23T20:08:16.158000Z |
| var-200407-0196 | Floating point information leak in the context switch code for Linux 2.4.x only checks th… | 2024-07-23T20:08:16.659000Z |
| var-200704-0224 | Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 thro… | 2024-07-23T20:08:14.670000Z |
| var-202203-0072 | Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are e… | 2024-07-23T20:08:13.500000Z |
| var-200706-0660 | cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabl… | 2024-07-23T20:08:13.677000Z |
| var-200512-0212 | Perl in Apple Mac OS X Server 10.3.9 does not properly drop privileges when using the "$<… | 2024-07-23T20:08:00.279000Z |
| var-200704-0216 | Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 al… | 2024-07-23T20:07:26.135000Z |
| var-201107-0097 | Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGra… | 2024-07-23T20:07:25.589000Z |
| var-201912-1863 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-07-23T20:07:23.498000Z |
| var-201302-0303 | Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on … | 2024-07-23T20:07:23.926000Z |
| var-201302-0232 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2024-07-23T20:07:23.855000Z |
| var-201210-0144 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2024-07-23T20:07:23.613000Z |
| var-200809-0194 | VideoConference in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows remote attackers… | 2024-07-23T20:07:23.438000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-006617 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-07-14T10:40+09:00 | 2020-07-14T10:40+09:00 |
| jvndb-2020-006586 | Server Side Request Forgery Vulnerability in Hitachi Ops Center Analyzer viewpoint | 2020-07-13T14:25+09:00 | 2020-07-13T14:25+09:00 |
| jvndb-2020-006469 | Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series | 2020-07-09T15:46+09:00 | 2020-07-09T15:46+09:00 |
| jvndb-2020-000045 | SHIRASAGI vulnerable to open redirect | 2020-07-09T15:08+09:00 | 2020-07-09T15:08+09:00 |
| jvndb-2020-000043 | Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of the Java object | 2020-07-08T16:04+09:00 | 2020-07-08T16:04+09:00 |
| jvndb-2020-000042 | Multiple vulnerabilities in Cybozu Garoon | 2020-06-29T16:17+09:00 | 2020-06-29T16:17+09:00 |
| jvndb-2020-006031 | DoS Vulnerability in Hitachi Device Manager | 2020-06-29T12:25+09:00 | 2020-06-29T12:25+09:00 |
| jvndb-2019-000056 | Panasonic Video Insight VMS vulnerable to SQL injection | 2019-09-02T13:57+09:00 | 2020-06-26T12:27+09:00 |
| jvndb-2020-000032 | Panasonic Video Insight VMS vulnerable to arbitrary code execution | 2020-05-19T16:04+09:00 | 2020-06-26T12:19+09:00 |
| jvndb-2020-000040 | Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution | 2020-06-24T14:25+09:00 | 2020-06-24T14:25+09:00 |
| jvndb-2020-005854 | Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information | 2020-06-24T10:32+09:00 | 2020-06-24T10:32+09:00 |
| jvndb-2020-005743 | Vulnerability in Cosminexus HTTP Server | 2020-06-22T15:40+09:00 | 2020-06-22T15:40+09:00 |
| jvndb-2020-000039 | EC-CUBE vulnerable to directory traversal | 2020-06-18T13:48+09:00 | 2020-06-18T13:48+09:00 |
| jvndb-2020-005443 | Path Traversal Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator | 2020-06-15T16:29+09:00 | 2020-06-15T16:29+09:00 |
| jvndb-2020-000038 | Multiple vulnerabilities in Zenphoto | 2020-06-11T17:17+09:00 | 2020-06-11T17:17+09:00 |
| jvndb-2020-000037 | Multiple SONY Wireless Headphones allow improper Bluetooth pairing | 2020-06-09T15:49+09:00 | 2020-06-09T15:49+09:00 |
| jvndb-2020-000036 | XACK DNS vulnerable to denial-of-service (DoS) | 2020-06-05T15:16+09:00 | 2020-06-05T15:16+09:00 |
| jvndb-2020-000035 | Multiples security updates for multiple Cybozu products | 2020-05-29T15:40+09:00 | 2020-05-29T15:40+09:00 |
| jvndb-2020-004667 | Privilege escalation vulnerability in Hitachi Ops Center Common Services | 2020-05-25T16:17+09:00 | 2020-05-25T16:17+09:00 |
| jvndb-2020-000034 | Cybozu Desktop for Windows vulenerable to arbitrary code execution | 2020-05-25T15:09+09:00 | 2020-05-25T15:09+09:00 |
| jvndb-2020-000033 | WordPress Plugin "Paid Memberships Pro" vulnerable to SQL injection | 2020-05-19T16:07+09:00 | 2020-05-19T16:07+09:00 |
| jvndb-2020-004476 | DoS Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 | 2020-05-19T10:38+09:00 | 2020-05-19T10:38+09:00 |
| jvndb-2020-004477 | Multiple Vulnerabilities in Hitachi Compute Systems Manager | 2020-05-19T10:33+09:00 | 2020-05-19T10:33+09:00 |
| jvndb-2020-000031 | BookStack vulnerable to cross-site scripting | 2020-05-13T18:06+09:00 | 2020-05-13T18:06+09:00 |
| jvndb-2020-000030 | Multiple vulnerabilities in Movable Type | 2020-05-13T17:59+09:00 | 2020-05-13T17:59+09:00 |
| jvndb-2020-000029 | PALLET CONTROL vulnerable to arbitrary code execution | 2020-05-11T15:16+09:00 | 2020-05-11T15:16+09:00 |
| jvndb-2020-000028 | Sales Force Assistant vulnerable to cross-site scripting | 2020-04-28T15:49+09:00 | 2020-04-28T15:49+09:00 |
| jvndb-2020-000027 | Cybozu Garoon contains multiple vulnerabilities | 2020-04-28T14:48+09:00 | 2020-04-28T14:48+09:00 |
| jvndb-2020-003896 | Directory Permission Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-04-28T12:21+09:00 | 2020-04-28T12:21+09:00 |
| jvndb-2020-000026 | Multiple SHARP Android devices vulnerable to information disclosure | 2020-04-24T15:32+09:00 | 2020-04-24T15:32+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2025:20917-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20916-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20915-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20880-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_11 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20879-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20878-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_9 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20877-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_8 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20876-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_7 | 2025-10-24T10:10:54Z | 2025-10-24T10:10:54Z |
| suse-su-2025:20914-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 | 2025-10-24T10:10:53Z | 2025-10-24T10:10:53Z |
| suse-su-2025:20913-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 | 2025-10-24T10:10:53Z | 2025-10-24T10:10:53Z |
| suse-su-2025:20875-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_6 | 2025-10-24T10:10:53Z | 2025-10-24T10:10:53Z |
| suse-su-2025:20874-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_5 | 2025-10-24T10:10:53Z | 2025-10-24T10:10:53Z |
| suse-su-2025:20912-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 | 2025-10-24T09:55:54Z | 2025-10-24T09:55:54Z |
| suse-su-2025:20873-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_4 | 2025-10-24T09:55:54Z | 2025-10-24T09:55:54Z |
| suse-su-2025:3772-1 | Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP7) | 2025-10-24T06:06:43Z | 2025-10-24T06:06:43Z |
| suse-su-2025:3771-1 | Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP7) | 2025-10-24T06:06:36Z | 2025-10-24T06:06:36Z |
| suse-su-2025:3768-1 | Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP6) | 2025-10-24T05:37:07Z | 2025-10-24T05:37:07Z |
| suse-su-2025:3769-1 | Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP7) | 2025-10-23T20:47:55Z | 2025-10-23T20:47:55Z |
| suse-su-2025:3770-1 | Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP7) | 2025-10-23T20:47:48Z | 2025-10-23T20:47:48Z |
| suse-su-2025:3765-1 | Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP7) | 2025-10-23T18:33:53Z | 2025-10-23T18:33:53Z |
| suse-su-2025:3764-1 | Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP6) | 2025-10-23T18:33:44Z | 2025-10-23T18:33:44Z |
| suse-su-2025:3762-1 | Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP6) | 2025-10-23T18:04:24Z | 2025-10-23T18:04:24Z |
| suse-su-2025:20870-1 | Security update for the Linux Kernel | 2025-10-23T16:01:09Z | 2025-10-23T16:01:09Z |
| suse-su-2025:20872-1 | Security update for haproxy | 2025-10-23T15:27:42Z | 2025-10-23T15:27:42Z |
| suse-su-2025:20911-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_13 | 2025-10-23T15:08:57Z | 2025-10-23T15:08:57Z |
| suse-su-2025:20871-1 | Security update for kernel-livepatch-MICRO-6-0-RT_Update_13 | 2025-10-23T15:08:57Z | 2025-10-23T15:08:57Z |
| suse-su-2025:3761-1 | Security update for the Linux Kernel | 2025-10-23T15:04:37Z | 2025-10-23T15:04:37Z |
| suse-su-2025:3760-1 | Security update for mozilla-nss | 2025-10-23T14:01:15Z | 2025-10-23T14:01:15Z |
| suse-su-2025:3759-1 | Security update for mozilla-nss | 2025-10-23T14:00:31Z | 2025-10-23T14:00:31Z |
| suse-su-2025:20898-1 | Security update for the Linux Kernel | 2025-10-23T13:59:20Z | 2025-10-23T13:59:20Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-00675 | WordPress插件Restaurant Menu by MotoPress信息泄露漏洞 | 2025-12-25 | 2026-01-07 |
| cnvd-2026-00674 | Tenda AC20堆栈缓冲区溢出漏洞(CNVD-2026-00674) | 2025-08-15 | 2026-01-07 |
| cnvd-2026-00665 | D-Link DCS-930L命令注入漏洞 | 2025-12-10 | 2026-01-07 |
| cnvd-2026-00656 | D-Link DIR-803信息泄露漏洞 | 2025-12-18 | 2026-01-07 |
| cnvd-2026-00632 | Huawei HarmonyOS竞争条件漏洞(CNVD-2026-00632) | 2025-12-10 | 2026-01-07 |
| cnvd-2026-00621 | Huawei HarmonyOS camera framework模块多线程条件竞争漏洞(CNVD-2026-00621) | 2025-12-10 | 2026-01-07 |
| cnvd-2026-00615 | Huawei HarmonyOS camera framework模块多线程条件竞争漏洞 | 2025-12-10 | 2026-01-07 |
| cnvd-2026-04795 | 贵州黔狐科技股份有限公司Foxcms存在XSS漏洞 | 2025-11-22 | 2026-01-06 |
| cnvd-2026-02658 | CMSimple跨站脚本漏洞(CNVD-2026-02658) | 2024-04-22 | 2026-01-06 |
| cnvd-2026-02657 | CMSimple跨站脚本漏洞(CNVD-2026-02657) | 2024-04-22 | 2026-01-06 |
| cnvd-2026-02656 | CMSimple跨站脚本漏洞(CNVD-2026-02656) | 2024-04-23 | 2026-01-06 |
| cnvd-2026-02647 | CMSimple存在未明漏洞(CNVD-2026-02647) | 2025-02-10 | 2026-01-06 |
| cnvd-2026-02640 | Employee Profile Management System edit_personnel.php文件SQL注入漏洞 | 2025-12-15 | 2026-01-06 |
| cnvd-2026-00837 | Online Appointment Booking System clinic参数SQL注入漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00836 | ChurchCRM特权提升漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00827 | Prison Management System search1.php文件SQL注入漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00826 | Prison Management System search.php文件SQL注入漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00825 | Online Appointment Booking System deletemanager.php文件SQL注入漏洞 | 2025-12-25 | 2026-01-06 |
| cnvd-2026-00824 | CMSimple跨站脚本漏洞(CNVD-2026-0082457) | 2025-12-29 | 2026-01-06 |
| cnvd-2026-00823 | CMSimple跨站脚本漏洞 | 2025-12-29 | 2026-01-06 |
| cnvd-2026-00822 | CMSimple文件包含漏洞 | 2025-12-29 | 2026-01-06 |
| cnvd-2026-00557 | CMSimple代码执行漏洞 | 2025-12-29 | 2026-01-06 |
| cnvd-2026-00541 | College Notes Uploading System代码问题漏洞 | 2025-12-31 | 2026-01-06 |
| cnvd-2026-00539 | College Notes Uploading System /login.php文件SQL注入漏洞 | 2025-12-31 | 2026-01-06 |
| cnvd-2026-00537 | CMSimple存在未明漏洞(CNVD-2026-00537) | 2025-02-18 | 2026-01-06 |
| cnvd-2026-00536 | CMSimple存在未明漏洞 | 2025-02-18 | 2026-01-06 |
| cnvd-2026-00535 | CMSimple跨站脚本漏洞(CNVD-2026-00535) | 2025-02-27 | 2026-01-06 |
| cnvd-2026-00534 | CMSimple跨站脚本漏洞(CNVD-2026-00534) | 2025-02-28 | 2026-01-06 |
| cnvd-2026-00533 | Prison Management System栈缓冲区溢出漏洞 | 2025-05-07 | 2026-01-06 |
| cnvd-2026-00532 | Simple Shopping Cart save_order.php文件SQL注入漏洞 | 2025-07-21 | 2026-01-06 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTFR-2025-AVI-0824 | Multiples vulnérabilités dans les produits FoxIT | 2025-09-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-AVI-0823 | Vulnérabilité dans Liferay | 2025-09-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-AVI-0822 | Multiples vulnérabilités dans Tenable Security Center | 2025-09-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-AVI-0821 | Multiples vulnérabilités dans Microsoft Edge | 2025-09-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-AVI-0820 | Multiples vulnérabilités dans GitLab | 2025-09-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-avi-0819 | Multiples vulnérabilités dans les produits Cisco | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| certfr-2025-avi-0818 | Multiples vulnérabilités dans Cisco IOS et IOS XE | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| certfr-2025-avi-0817 | Vulnérabilité dans Microsoft OmniParser | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| certfr-2025-avi-0816 | Vulnérabilité dans StormShield Network Security | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| CERTFR-2025-AVI-0819 | Multiples vulnérabilités dans les produits Cisco | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| CERTFR-2025-AVI-0818 | Multiples vulnérabilités dans Cisco IOS et IOS XE | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| CERTFR-2025-AVI-0817 | Vulnérabilité dans Microsoft OmniParser | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| CERTFR-2025-AVI-0816 | Vulnérabilité dans StormShield Network Security | 2025-09-25T00:00:00.000000 | 2025-09-25T00:00:00.000000 |
| certfr-2025-avi-0815 | Vulnérabilité dans Liferay | 2025-09-24T00:00:00.000000 | 2025-09-24T00:00:00.000000 |
| certfr-2025-avi-0814 | Multiples vulnérabilités dans Google Chrome | 2025-09-24T00:00:00.000000 | 2025-09-24T00:00:00.000000 |
| CERTFR-2025-AVI-0815 | Vulnérabilité dans Liferay | 2025-09-24T00:00:00.000000 | 2025-09-24T00:00:00.000000 |
| CERTFR-2025-AVI-0814 | Multiples vulnérabilités dans Google Chrome | 2025-09-24T00:00:00.000000 | 2025-09-24T00:00:00.000000 |
| certfr-2025-avi-0813 | Vulnérabilité dans SolarWinds Web Help Desk | 2025-09-23T00:00:00.000000 | 2025-09-23T00:00:00.000000 |
| certfr-2025-avi-0812 | Vulnérabilité dans Synology Safe Access pour SRM | 2025-09-23T00:00:00.000000 | 2025-09-23T00:00:00.000000 |
| certfr-2025-avi-0811 | Multiples vulnérabilités dans Liferay | 2025-09-23T00:00:00.000000 | 2025-09-23T00:00:00.000000 |
| CERTFR-2025-AVI-0813 | Vulnérabilité dans SolarWinds Web Help Desk | 2025-09-23T00:00:00.000000 | 2025-09-23T00:00:00.000000 |
| CERTFR-2025-AVI-0812 | Vulnérabilité dans Synology Safe Access pour SRM | 2025-09-23T00:00:00.000000 | 2025-09-23T00:00:00.000000 |
| CERTFR-2025-AVI-0811 | Multiples vulnérabilités dans Liferay | 2025-09-23T00:00:00.000000 | 2025-09-23T00:00:00.000000 |
| certfr-2025-avi-0810 | Vulnérabilité dans Liferay | 2025-09-22T00:00:00.000000 | 2025-09-22T00:00:00.000000 |
| certfr-2025-avi-0809 | Multiples vulnérabilités dans Microsoft Edge | 2025-09-22T00:00:00.000000 | 2025-09-22T00:00:00.000000 |
| CERTFR-2025-AVI-0810 | Vulnérabilité dans Liferay | 2025-09-22T00:00:00.000000 | 2025-09-22T00:00:00.000000 |
| CERTFR-2025-AVI-0809 | Multiples vulnérabilités dans Microsoft Edge | 2025-09-22T00:00:00.000000 | 2025-09-22T00:00:00.000000 |
| certfr-2025-avi-0808 | Multiples vulnérabilités dans les produits IBM | 2025-09-19T00:00:00.000000 | 2025-09-19T00:00:00.000000 |
| certfr-2025-avi-0807 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-09-19T00:00:00.000000 | 2025-09-19T00:00:00.000000 |
| certfr-2025-avi-0806 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-09-19T00:00:00.000000 | 2025-09-19T00:00:00.000000 |