Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-53fh-qcq6-xwhv | Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated at… | 2022-05-24T17:17:31Z | 2025-10-22T00:31:55Z |
| ghsa-3797-gmjf-45gm | json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demon… | 2022-05-24T17:17:32Z | 2025-11-03T21:30:31Z |
| ghsa-5qfv-hvxp-fg32 | An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails… | 2022-05-24T17:18:23Z | 2025-10-22T00:31:55Z |
| ghsa-v4fw-xc8h-7p52 | Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a … | 2022-05-24T17:18:53Z | 2025-10-22T00:31:55Z |
| ghsa-8gxc-83hw-9578 | Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1) decapsul… | 2022-05-24T17:18:58Z | 2025-11-03T21:30:31Z |
| ghsa-frwv-8c9x-7766 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS … | 2022-05-24T17:19:27Z | 2025-10-22T00:31:55Z |
| ghsa-44qp-5pm8-6j8p | An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via… | 2022-05-24T17:19:37Z | 2025-10-22T00:31:55Z |
| ghsa-r647-89qj-xwmp | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iO… | 2022-05-24T17:19:43Z | 2025-10-22T00:31:55Z |
| ghsa-x45r-8w3c-gwgc | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS … | 2022-05-24T17:19:43Z | 2025-10-22T00:31:55Z |
| ghsa-5wgx-4x92-f6pf | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obj… | 2022-05-24T17:19:47Z | 2025-10-22T00:31:55Z |
| ghsa-6r3w-c7h6-wfhg | The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | 2022-05-24T17:20:41Z | 2025-10-22T00:31:56Z |
| ghsa-cffj-7w5c-jqjh | Mattermost Server vulnerable to Cross-site Scripting through file preview feature | 2022-05-24T17:21:00Z | 2025-10-21T22:26:11Z |
| ghsa-379p-37xc-q963 | Mattermost Server does not check if cookies are used over SSL | 2022-05-24T17:21:01Z | 2025-10-22T20:54:31Z |
| ghsa-43m6-wvc8-2m7j | Mattermost Server's Session ID and Session Token are potentially compromised | 2022-05-24T17:21:01Z | 2025-10-22T20:42:18Z |
| ghsa-7vmw-6c7h-rrrv | Mattermost Server is vulnerable to Code Injection through its LDAP fields | 2022-05-24T17:21:01Z | 2025-10-22T15:32:17Z |
| ghsa-9jrx-fgrm-96qh | Mattermost Server is vulnerable to XSS via a Legal or Support setting | 2022-05-24T17:21:01Z | 2025-10-22T20:52:14Z |
| ghsa-9w4v-9c99-hv7r | Mattermost Server exposes sensitive information via its System Console UI | 2022-05-24T17:21:01Z | 2025-10-22T20:56:05Z |
| ghsa-ffcc-qr2v-3qmv | Mattermost Server is vulnerable to Uncontrolled Resource Consumption | 2022-05-24T17:21:01Z | 2025-10-21T22:39:11Z |
| ghsa-h3qg-w9j5-wh3m | Mattermost Server is vulnerable to XSS through lack of link relationship attributes `noreferrer` an… | 2022-05-24T17:21:01Z | 2025-10-22T20:56:50Z |
| ghsa-h8qw-xqm9-q66j | Mattermost Server is vulnerable to XSS through customizable theme color-code values | 2022-05-24T17:21:01Z | 2025-10-22T19:52:13Z |
| ghsa-j26g-95ph-2mwv | Mattermost Server: Insufficient Password-Reset Link Invalidation | 2022-05-24T17:21:01Z | 2025-10-22T20:52:49Z |
| ghsa-q3g9-hgrx-hwhx | Mattermost Server exposes sensitive information about team URLs via an API | 2022-05-24T17:21:01Z | 2025-10-22T20:53:18Z |
| ghsa-qrf6-h5fc-7m96 | Mattermost Server does not enforce rate limits on password change attempts | 2022-05-24T17:21:01Z | 2025-10-22T19:47:35Z |
| ghsa-r93j-3mmp-px57 | Mattermost Server: initial_load API exposes unnecessary information | 2022-05-24T17:21:01Z | 2025-10-21T22:38:56Z |
| ghsa-2j9c-76pp-xc5q | Mattermost Server allows XSS via redirect URL | 2022-05-24T17:21:02Z | 2025-10-22T20:57:09Z |
| ghsa-5q37-9874-qxcw | Mattermost Server exposes information stored by a web browser | 2022-05-24T17:21:02Z | 2025-10-22T21:47:15Z |
| ghsa-8qg8-c7mw-6fj7 | Mattermost Server is vulnerable to Directory Traversal by System Admins | 2022-05-24T17:21:02Z | 2025-11-20T21:02:48Z |
| ghsa-g3f3-p9rc-775p | Mattermost Server exposes account details to any Team Administrator | 2022-05-24T17:21:02Z | 2025-10-22T21:46:32Z |
| ghsa-hgrp-fgm8-56g8 | Mattermost Server's OAuth 2.0 service is vulnerable to attack through Missing Authorization | 2022-05-24T17:21:02Z | 2025-10-24T18:39:08Z |
| ghsa-jc6w-8r7f-vmp5 | Mattermost Server vulnerable to Denial of Service through `@` character prefix inserted into JavaSc… | 2022-05-24T17:21:02Z | 2025-12-03T19:29:17Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2021-39256 | N/A | A crafted NTFS image can cause a heap-based buffe… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-02T21:18:48.916Z |
| cve-2021-39258 | N/A | A crafted NTFS image can cause out-of-bounds read… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-02T21:17:58.530Z |
| cve-2021-39259 | N/A | A crafted NTFS image can trigger an out-of-bounds… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-02T21:17:20.668Z |
| cve-2021-39260 | N/A | A crafted NTFS image can cause an out-of-bounds a… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-02T21:16:15.708Z |
| cve-2021-39261 | N/A | A crafted NTFS image can cause a heap-based buffe… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-05T14:54:41.065Z |
| cve-2021-39262 | N/A | A crafted NTFS image can cause an out-of-bounds a… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-02T21:08:53.511Z |
| cve-2021-39263 | N/A | A crafted NTFS image can trigger a heap-based buf… |
n/a |
n/a |
2021-09-07T00:00:00.000Z | 2025-12-02T20:58:06.311Z |
| cve-2021-40539 | N/A | Zoho ManageEngine ADSelfService Plus version 6113… |
n/a |
n/a |
2021-09-07T16:06:58.000Z | 2025-10-21T23:25:35.374Z |
| cve-2021-30761 | N/A | A memory corruption issue was addressed with impr… |
Apple |
iOS |
2021-09-08T13:45:58.000Z | 2025-10-21T23:25:35.227Z |
| cve-2021-30762 | N/A | A use after free issue was addressed with improve… |
Apple |
iOS |
2021-09-08T13:46:40.000Z | 2025-10-21T23:25:35.091Z |
| cve-2021-30665 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2021-09-08T14:25:00.000Z | 2025-10-21T23:25:34.957Z |
| cve-2021-30666 | N/A | A buffer overflow issue was addressed with improv… |
Apple |
iOS |
2021-09-08T14:25:25.000Z | 2025-10-21T23:25:34.810Z |
| cve-2021-30713 | N/A | A permissions issue was addressed with improved v… |
Apple |
macOS |
2021-09-08T14:29:13.000Z | 2025-10-21T23:25:34.662Z |
| cve-2021-30661 | N/A | A use after free issue was addressed with improve… |
Apple |
iOS and iPadOS |
2021-09-08T14:48:29.000Z | 2025-10-21T23:25:34.470Z |
| cve-2021-30657 | N/A | A logic issue was addressed with improved state m… |
Apple |
macOS |
2021-09-08T14:49:34.000Z | 2025-10-21T23:25:34.280Z |
| cve-2021-30663 | N/A | An integer overflow was addressed with improved i… |
Apple |
macOS |
2021-09-08T14:49:41.000Z | 2025-10-21T23:25:34.065Z |
| cve-2021-40870 | N/A | An issue was discovered in Aviatrix Controller 6.… |
n/a |
n/a |
2021-09-13T07:41:55.000Z | 2025-10-21T23:25:33.924Z |
| cve-2021-38163 | 9.9 (v3.1) | SAP NetWeaver (Visual Composer 7.0 RT) versions -… |
SAP SE |
SAP NetWeaver (Visual Composer 7.0 RT) |
2021-09-14T11:21:36.000Z | 2025-10-21T23:25:33.764Z |
| cve-2021-36955 | 7.8 (v3.1) | Windows Common Log File System Driver Elevation of Pri… |
Microsoft |
Windows 10 Version 1809 |
2021-09-15T11:23:32.000Z | 2025-10-21T23:25:33.593Z |
| cve-2021-38638 | 7.8 (v3.1) | Windows Ancillary Function Driver for WinSock Elevatio… |
Microsoft |
Windows 10 Version 1809 |
2021-09-15T11:23:59.000Z | 2025-12-16T18:05:18.371Z |
| cve-2021-38645 | 7.8 (v3.1) | Open Management Infrastructure Elevation of Privilege … |
Microsoft |
Open Management Infrastructure |
2021-09-15T11:24:05.000Z | 2025-10-21T23:25:33.443Z |
| cve-2021-38646 | 7.8 (v3.1) | Microsoft Office Access Connectivity Engine Remote Cod… |
Microsoft |
Microsoft Office 2019 |
2021-09-15T11:24:06.000Z | 2025-10-21T23:25:33.296Z |
| cve-2021-38647 | 9.8 (v3.1) | Open Management Infrastructure Remote Code Execution V… |
Microsoft |
Open Management Infrastructure |
2021-09-15T11:24:07.000Z | 2025-10-21T23:25:33.144Z |
| cve-2021-38648 | 7.8 (v3.1) | Open Management Infrastructure Elevation of Privilege … |
Microsoft |
Open Management Infrastructure |
2021-09-15T11:24:08.000Z | 2025-10-21T23:25:32.986Z |
| cve-2021-38649 | 7 (v3.1) | Open Management Infrastructure Elevation of Privilege … |
Microsoft |
Open Management Infrastructure |
2021-09-15T11:24:09.000Z | 2025-10-21T23:25:32.826Z |
| cve-2021-40444 | 8.8 (v3.1) | Microsoft MSHTML Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2021-09-15T11:24:26.000Z | 2025-12-16T17:58:03.479Z |
| cve-2021-33044 | N/A | The identity authentication bypass vulnerability … |
n/a |
Some Dahua IP Camera, Video Intercom, PTZ Dome Camera, Thermal Camera devices |
2021-09-15T21:36:04.000Z | 2025-10-21T23:25:32.563Z |
| cve-2021-33045 | N/A | The identity authentication bypass vulnerability … |
n/a |
Some Dahua IP Camera, Video Intercom, NVR, XVR devices |
2021-09-15T21:50:08.000Z | 2025-10-21T23:25:32.413Z |
| cve-2021-40438 | mod_proxy SSRF |
Apache Software Foundation |
Apache HTTP Server |
2021-09-16T14:40:23.000Z | 2025-10-21T23:25:32.274Z | |
| cve-2021-38406 | Delta Electronics DOPSoft 2 Out-of-Bounds Write |
Delta Electronics |
DOPSoft 2 |
2021-09-17T18:54:29.386Z | 2025-10-21T23:25:32.113Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2020-7676 | N/A | angular.js prior to 1.8.0 allows cross site scrip… |
n/a |
angular.js |
2020-06-08T13:34:09 | 2024-08-04T09:41:01.655Z |
| cve-2020-13965 | N/A | An issue was discovered in Roundcube Webmail befo… |
n/a |
n/a |
2020-06-09T02:45:24.000Z | 2025-10-21T23:35:42.715Z |
| cve-2020-9818 | N/A | An out-of-bounds write issue was addressed with i… |
Apple |
iOS |
2020-06-09T16:12:39.000Z | 2025-12-20T04:55:53.124Z |
| cve-2020-9819 | N/A | A memory consumption issue was addressed with imp… |
Apple |
iOS |
2020-06-09T16:12:28.000Z | 2025-12-20T04:55:57.815Z |
| cve-2020-0986 | N/A | An elevation of privilege vulnerability exists wh… |
Microsoft |
Windows |
2020-06-09T19:43:14.000Z | 2025-10-21T23:35:42.145Z |
| cve-2020-11899 | N/A | The Treck TCP/IP stack before 6.0.1.66 has an IPv… |
n/a |
n/a |
2020-06-17T10:27:59.000Z | 2025-10-21T23:35:41.992Z |
| cve-2020-14931 | N/A | A stack-based buffer overflow in DMitry (Deepmagi… |
n/a |
n/a |
2020-06-19T21:03:24.000Z | 2025-11-03T21:44:17.601Z |
| cve-2020-2021 | PAN-OS: Authentication Bypass in SAML Authentication |
Palo Alto Networks |
PAN-OS |
2020-06-29T15:10:11.350Z | 2025-10-21T23:35:41.842Z | |
| cve-2020-14145 | N/A | The client side in OpenSSH 5.7 through 8.4 has an… |
n/a |
n/a |
2020-06-29T17:33:36.000Z | 2025-12-18T14:41:37.776Z |
| cve-2020-15069 | N/A | Sophos XG Firewall 17.x through v17.5 MR12 allows… |
n/a |
n/a |
2020-06-29T17:30:18.000Z | 2025-10-21T23:35:41.702Z |
| cve-2020-15415 | N/A | On DrayTek Vigor3900, Vigor2960, and Vigor300B de… |
n/a |
n/a |
2020-06-30T13:37:56.000Z | 2025-10-21T23:35:41.567Z |
| cve-2020-5902 | N/A | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2… |
n/a |
BIG-IP |
2020-07-01T00:00:00.000Z | 2025-10-21T23:35:41.409Z |
| cve-2020-15505 | N/A | A remote code execution vulnerability in MobileIr… |
n/a |
n/a |
2020-07-07T01:43:52.000Z | 2025-10-21T23:35:41.248Z |
| cve-2020-9377 | N/A | D-Link DIR-610 devices allow Remote Command Execu… |
n/a |
n/a |
2020-07-09T12:06:48.000Z | 2025-10-21T23:35:41.082Z |
| cve-2018-12371 | N/A | An integer overflow vulnerability in the Skia lib… |
Mozilla |
Firefox ESR |
2020-07-09T13:54:29 | 2024-08-05T08:31:00.284Z |
| cve-2020-8193 | N/A | Improper access control in Citrix ADC and Citrix … |
n/a |
Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP |
2020-07-10T15:38:28.000Z | 2025-10-21T23:35:40.928Z |
| cve-2020-8195 | N/A | Improper input validation in Citrix ADC and Citri… |
n/a |
Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP |
2020-07-10T15:39:35.000Z | 2025-10-21T23:35:40.642Z |
| cve-2020-8196 | N/A | Improper access control in Citrix ADC and Citrix … |
n/a |
Citrix ADC, Citrix Gateway, Citrix SDWAN WAN-OP |
2020-07-10T15:39:54.000Z | 2025-10-21T23:35:40.361Z |
| cve-2020-10987 | N/A | The goform/setUsbUnload endpoint of Tenda AC15 AC… |
n/a |
n/a |
2020-07-13T18:46:12.000Z | 2025-10-21T23:35:40.165Z |
| cve-2020-6287 | SAP NetWeaver AS JAVA (LM Configuration Wizard), … |
SAP SE |
SAP NetWeaver AS JAVA (LM Configuration Wizard) |
2020-07-14T12:30:14.000Z | 2025-10-21T23:35:39.987Z | |
| cve-2020-1040 | N/A | A remote code execution vulnerability exists when… |
Microsoft |
Windows Server |
2020-07-14T22:53:58.000Z | 2025-10-21T23:35:39.818Z |
| cve-2020-1147 | N/A | A remote code execution vulnerability exists in .… |
Microsoft |
Microsoft SharePoint Enterprise Server |
2020-07-14T22:54:00.000Z | 2025-10-21T23:35:39.668Z |
| cve-2020-1350 | N/A | A remote code execution vulnerability exists in W… |
Microsoft |
Windows Server |
2020-07-14T22:54:06.000Z | 2025-10-21T23:35:39.529Z |
| cve-2020-14644 | Vulnerability in the Oracle WebLogic Server produ… |
Oracle Corporation |
WebLogic Server |
2020-07-15T17:34:31.000Z | 2025-10-21T23:35:39.380Z | |
| cve-2020-11978 | N/A | An issue was found in Apache Airflow versions 1.1… |
Apache Software Foundation |
Apache Airflow |
2020-07-16T00:00:00.000Z | 2025-10-21T23:35:39.214Z |
| cve-2020-15890 | N/A | LuaJit through 2.1.0-beta3 has an out-of-bounds r… |
n/a |
n/a |
2020-07-21T21:35:32.000Z | 2025-11-03T18:07:55.673Z |
| cve-2020-3452 | Cisco Adaptive Security Appliance Software and Firepow… |
Cisco |
Cisco Adaptive Security Appliance (ASA) Software |
2020-07-22T20:00:22.049Z | 2025-10-21T23:35:39.038Z | |
| cve-2020-12812 | N/A | An improper authentication vulnerability in SSL V… |
n/a |
Fortinet FortiOS |
2020-07-24T22:28:43.000Z | 2025-10-21T23:35:38.889Z |
| cve-2020-8218 | N/A | A code injection vulnerability exists in Pulse Co… |
n/a |
Pulse Connect Secure |
2020-07-30T12:53:02.000Z | 2025-10-21T23:35:38.731Z |
| cve-2020-15702 | TOCTOU in apport |
Canonical |
apport |
2020-08-06T22:50:22.871Z | 2025-11-03T19:25:30.971Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-f859a1da60d1617b | Pentesting or research code in mytonctrl (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-f8fe6fca9c136ecc | Pentesting or research code in appsec-utils (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-f959c1ec877a42f4 | Pentesting or research code in pckaging (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-f966d9bb86511c93 | Pentesting or research code in pyqubee (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-f997ec37c93c6c57 | Pentesting or research code in mytonctrl (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-faca94094d9aee6f | Pentesting or research code in merpe (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-fb255de615cbbe3d | Pentesting or research code in evil-pkk (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-fc71afc121f45abc | Pentesting or research code in piprce (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-fd257dee43f966ea | Pentesting or research code in oaieval (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-fd8bd3bbdfb911f1 | Pentesting or research code in python-drgn-commons-spark (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-fdbaa6dd50881789 | Pentesting or research code in confirmedbywaseem (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-fe3c7feab55eb545 | Pentesting or research code in chunqiuwestj-pkg-westj137 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ff192c815669701b | Pentesting or research code in opengrep (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ff31f4b93d445723 | Pentesting or research code in sumo-py-cli (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ffa5a1e2c14a2a41 | Pentesting or research code in python-drgn-commons-pandas (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-0000-kam193-ffda2d8463a0c5bb | Pentesting or research code in blabb111 (PyPI) | 2024-07-26T16:53:30Z | 2024-07-26T16:53:30Z |
| mal-2024-10032 | Malicious code in graphcore-cloud-tools (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:53Z |
| mal-2024-10040 | Malicious code in manojmacpy (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:53Z |
| mal-2024-10174 | Malicious code in this-is-poc-fortesting-dontinstall-12345 (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:54Z |
| mal-2024-10236 | Malicious code in blab111 (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| mal-2024-10238 | Malicious code in 123bla (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| mal-2024-10239 | Malicious code in debug-toolbar (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| mal-2024-10315 | Malicious code in nvidia-clara-sim (PyPI) | 2024-07-26T16:53:30Z | 2025-12-31T02:45:15Z |
| mal-2024-10895 | Malicious code in some-random-package-33 (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:54Z |
| mal-2024-11519 | Malicious code in aiopbotocore (PyPI) | 2024-07-26T16:53:30Z | 2025-12-31T02:45:15Z |
| mal-2024-11520 | Malicious code in akh-py (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| mal-2024-11523 | Malicious code in appsec-script-py (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| mal-2024-11525 | Malicious code in arnold-toolbox (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| mal-2024-11555 | Malicious code in chain00x (PyPI) | 2024-07-26T16:53:30Z | 2025-12-31T02:45:15Z |
| mal-2024-11556 | Malicious code in check-codeowners (PyPI) | 2024-07-26T16:53:30Z | 2025-12-11T09:27:52Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2007:0520 | Red Hat Security Advisory: xorg-x11-xfs security update | 2007-07-12T09:18:00+00:00 | 2025-11-21T17:31:52+00:00 |
| rhsa-2007:0519 | Red Hat Security Advisory: xorg-x11 security update | 2007-07-12T10:21:00+00:00 | 2025-11-21T17:31:51+00:00 |
| rhsa-2007:0557 | Red Hat Security Advisory: httpd security update | 2007-07-13T07:38:00+00:00 | 2025-11-21T17:31:56+00:00 |
| rhsa-2007:0662 | Red Hat Security Advisory: httpd security update | 2007-07-13T07:48:00+00:00 | 2025-11-21T17:31:59+00:00 |
| rhsa-2007:0569 | Red Hat Security Advisory: tomcat security update | 2007-07-17T10:36:00+00:00 | 2025-11-21T17:31:57+00:00 |
| rhsa-2007:0722 | Red Hat Security Advisory: seamonkey security update | 2007-07-19T01:54:00+00:00 | 2025-11-21T17:32:02+00:00 |
| rhsa-2007:0723 | Red Hat Security Advisory: thunderbird security update | 2007-07-19T02:33:00+00:00 | 2025-11-21T17:32:03+00:00 |
| rhsa-2007:0724 | Red Hat Security Advisory: firefox security update | 2007-07-19T02:46:00+00:00 | 2025-11-21T17:32:04+00:00 |
| rhsa-2007:0740 | Red Hat Security Advisory: bind security update | 2007-07-24T13:56:00+00:00 | 2025-11-21T17:32:06+00:00 |
| rhsa-2007:0729 | Red Hat Security Advisory: kdegraphics security update | 2007-07-30T18:02:00+00:00 | 2025-11-21T17:32:04+00:00 |
| rhsa-2007:0730 | Red Hat Security Advisory: gpdf security update | 2007-07-30T18:07:00+00:00 | 2025-11-21T17:32:06+00:00 |
| rhsa-2007:0735 | Red Hat Security Advisory: xpdf security update | 2007-07-30T18:20:00+00:00 | 2025-11-21T17:32:05+00:00 |
| rhsa-2007:0720 | Red Hat Security Advisory: cups security update | 2007-07-30T18:36:00+00:00 | 2025-11-21T17:32:01+00:00 |
| rhsa-2007:0732 | Red Hat Security Advisory: poppler security update | 2007-07-30T18:58:00+00:00 | 2025-11-21T17:32:05+00:00 |
| rhsa-2007:0721 | Red Hat Security Advisory: qt security update | 2007-07-31T17:59:00+00:00 | 2025-11-21T17:32:02+00:00 |
| rhsa-2007:0731 | Red Hat Security Advisory: tetex security update | 2007-08-01T09:46:00+00:00 | 2025-11-21T17:32:05+00:00 |
| rhsa-2007:0818 | Red Hat Security Advisory: java-1.5.0-sun security update | 2007-08-06T15:55:00+00:00 | 2025-11-21T17:32:10+00:00 |
| rhsa-2007:0817 | Red Hat Security Advisory: java-1.4.2-ibm security update | 2007-08-06T16:00:00+00:00 | 2025-11-21T17:32:10+00:00 |
| rhsa-2007:0777 | Red Hat Security Advisory: gdm security and bug fix update | 2007-08-07T19:20:00+00:00 | 2025-11-21T17:32:08+00:00 |
| rhsa-2007:0765 | Red Hat Security Advisory: libgtop2 security update | 2007-08-07T19:23:00+00:00 | 2025-11-21T17:32:07+00:00 |
| rhsa-2007:0829 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2007-08-07T19:36:00+00:00 | 2025-11-21T17:32:10+00:00 |
| rhsa-2007:0672 | Red Hat Security Advisory: kernel security update | 2007-08-08T18:16:00+00:00 | 2025-11-21T17:31:59+00:00 |
| rhsa-2007:0673 | Red Hat Security Advisory: kernel security update | 2007-08-08T18:54:00+00:00 | 2025-11-21T17:31:59+00:00 |
| rhsa-2007:0671 | Red Hat Security Advisory: kernel security and bugfix update | 2007-08-16T09:34:00+00:00 | 2025-11-21T17:32:03+00:00 |
| rhsa-2007:0841 | Red Hat Security Advisory: RealPlayer security update | 2007-08-17T08:11:00+00:00 | 2025-11-21T17:32:11+00:00 |
| rhsa-2007:0860 | Red Hat Security Advisory: tar security update | 2007-08-23T12:41:00+00:00 | 2025-11-21T17:32:12+00:00 |
| rhsa-2007:0868 | Red Hat Security Advisory: Red Hat Network Satellite Server security update | 2007-08-29T15:08:00+00:00 | 2025-11-21T17:32:12+00:00 |
| rhsa-2007:0875 | Red Hat Security Advisory: mysql security update | 2007-08-30T13:36:00+00:00 | 2025-11-21T17:32:13+00:00 |
| rhsa-2007:0539 | Red Hat Security Advisory: aide security update | 2007-09-04T14:02:00+00:00 | 2025-11-21T17:31:54+00:00 |
| rhsa-2007:0774 | Red Hat Security Advisory: kernel security and bugfix update | 2007-09-04T14:37:00+00:00 | 2025-11-21T17:32:08+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-3482 | A flaw was found in Exiv2 in versions before and including 0.27.4-RC1. Improper input validation of the rawData.size property in Jp2Image::readMetadata() in jp2image.cpp can lead to a heap-based buffer overflow via a crafted JPG image containing malicious EXIF data. | 2021-04-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-3487 | Rejected reason: Non Security Issue. See the binutils security policy for more details https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-3506 | An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | 2021-04-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2018-25009 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16(). | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2018-25010 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter(). | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2018-25011 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2018-25012 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2018-25013 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2018-25014 | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2020-10701 | A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0. | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-12403 | A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20 it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability. | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-14387 | A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise confidentiality and integrity of data transmitted using rsync-ssl. The highest threat from this vulnerability is to data confidentiality and integrity. This flaw affects rsync versions before 3.2.4. | 2021-05-02T00:00:00.000Z | 2022-01-20T00:00:00.000Z |
| msrc_cve-2020-20178 | Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long it will result in an exception. Attackers can make attacks by creating a series of account addresses. | 2021-05-02T00:00:00.000Z | 2021-05-29T00:00:00.000Z |
| msrc_cve-2020-25672 | A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | 2021-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2020-26558 | Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. | 2021-05-02T00:00:00.000Z | 2022-04-23T00:00:00.000Z |
| msrc_cve-2020-27815 | A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2020-27823 | A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted xy offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-05-02T00:00:00.000Z | 2024-07-23T00:00:00.000Z |
| msrc_cve-2020-27824 | A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2024-07-23T00:00:00.000Z |
| msrc_cve-2020-27840 | A flaw was found in samba. Spaces used in a string around a domain name (DN) while supposed to be ignored can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory resulting in a crash. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2020-35504 | A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2025-10-01T23:11:06.000Z |
| msrc_cve-2020-35505 | A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host resulting in a denial of service. The highest threat from this vulnerability is to system availability. | 2021-05-02T00:00:00.000Z | 2021-06-09T00:00:00.000Z |
| msrc_cve-2020-35506 | A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host resulting in a denial of service or potential code execution with the privileges of the QEMU process. | 2021-05-02T00:00:00.000Z | 2021-06-09T00:00:00.000Z |
| msrc_cve-2020-36328 | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in function WebPDecodeRGBInto is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2020-36329 | A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2020-36330 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2020-36331 | A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2020-36332 | A flaw was found in libwebp in versions before 1.0.1. When reading a file libwebp allocates an excessive amount of memory. The highest threat from this vulnerability is to the service availability. | 2021-05-02T00:00:00.000Z | 2021-05-25T00:00:00.000Z |
| msrc_cve-2021-20178 | A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerability is to confidentiality. | 2021-05-02T00:00:00.000Z | 2021-06-04T00:00:00.000Z |
| msrc_cve-2021-20181 | A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error potentially escalating their privileges on the system. The highest threat from this vulnerability is to confidentiality integrity as well as system availability. | 2021-05-02T00:00:00.000Z | 2021-06-05T00:00:00.000Z |
| msrc_cve-2021-20191 | A flaw was found in ansible. Credentials such as secrets are being disclosed in console log by default and not protected by no_log feature when using those modules. An attacker can take advantage of this information to steal those credentials. The highest threat from this vulnerability is to data confidentiality. Versions before ansible 2.9.18 are affected. | 2021-05-02T00:00:00.000Z | 2021-06-04T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-004833 | Vulnerability in JP1/NETM/DM and Job Management Partner 1/Software Distribution data reproduction functionality | 2014-11-11T15:33+09:00 | 2015-03-03T16:59+09:00 |
| jvndb-2014-000131 | Ichitaro series vulnerable to arbitrary code execution | 2014-11-13T16:52+09:00 | 2014-11-27T17:58+09:00 |
| jvndb-2014-000117 | Direct Web Remoting (DWR) vulnerable to XML external entity injection | 2014-11-14T14:33+09:00 | 2014-11-25T17:50+09:00 |
| jvndb-2014-000118 | Direct Web Remoting (DWR) vulnerable to cross-site scripting | 2014-11-14T14:37+09:00 | 2014-11-25T17:51+09:00 |
| jvndb-2014-000133 | iLogScanner vulnerable to cross-site scripting | 2014-11-14T14:38+09:00 | 2014-11-18T18:22+09:00 |
| jvndb-2014-000134 | BSD Operating Systems vulnerable to denial-of-service (DoS) | 2014-11-21T14:10+09:00 | 2014-12-16T17:08+09:00 |
| jvndb-2014-000141 | FAST/TOOLS vulnerable to improper restriction of XML external entity references | 2014-11-28T14:54+09:00 | 2014-12-10T10:16+09:00 |
| jvndb-2014-000135 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2014-12-01T15:18+09:00 | 2014-12-09T15:32+09:00 |
| jvndb-2014-000136 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2014-12-01T15:24+09:00 | 2014-12-09T15:31+09:00 |
| jvndb-2014-000137 | Multiple improper data validation vulnerabilities in Syslink driver for Texas Instruments OMAP mobile processors | 2014-12-02T13:56+09:00 | 2014-12-09T15:34+09:00 |
| jvndb-2014-000138 | OS command injection vulnerability in multiple FUJITSU Android devices | 2014-12-02T14:21+09:00 | 2014-12-09T15:33+09:00 |
| jvndb-2014-000139 | ARROWS Me F-11D vulnerability where arbitrary areas may be accessed | 2014-12-02T14:26+09:00 | 2014-12-08T16:06+09:00 |
| jvndb-2014-000140 | LG Electronics mobile access routers lack access restrictions | 2014-12-02T14:27+09:00 | 2014-12-08T16:07+09:00 |
| jvndb-2014-000142 | DBD::PgPP vulnerable to SQL injection | 2014-12-03T15:09+09:00 | 2014-12-03T15:09+09:00 |
| jvndb-2014-000147 | KENT-WEB Clip Board vulnerable to cross-site scripting | 2014-12-04T12:22+09:00 | 2014-12-08T16:03+09:00 |
| jvndb-2014-000148 | Kaku-San-Sei Million Arthur for Android information management vulnerability | 2014-12-04T12:28+09:00 | 2014-12-08T16:05+09:00 |
| jvndb-2014-000143 | "File Upload BBS" of i-HTTPD vulnerable to remote command execution | 2014-12-09T14:40+09:00 | 2014-12-16T17:10+09:00 |
| jvndb-2014-000144 | i-HTTPD vulnerable to cross-site scripting | 2014-12-09T14:41+09:00 | 2014-12-16T17:09+09:00 |
| jvndb-2014-000145 | "Omake BBS" of i-HTTPD vulnerable to cross-site scripting | 2014-12-09T14:44+09:00 | 2014-12-15T19:16+09:00 |
| jvndb-2014-000146 | i-HTTPD vulnerable to cross-site scripting | 2014-12-09T14:45+09:00 | 2014-12-09T14:45+09:00 |
| jvndb-2014-000149 | Chyrp vulnerable to cross-site scripting | 2014-12-10T14:18+09:00 | 2014-12-15T18:06+09:00 |
| jvndb-2014-000150 | LinPHA vulnerable to cross-site scripting | 2014-12-12T13:48+09:00 | 2014-12-16T17:07+09:00 |
| jvndb-2014-005986 | Multiple buffer overflows in Hitachi JP1/Cm2/Network Node Manager i | 2014-12-16T17:30+09:00 | 2016-02-26T17:32+09:00 |
| jvndb-2014-005987 | Multiple Vulnerabilities in JP1/Cm2/Network Node Manager i | 2014-12-16T17:31+09:00 | 2016-02-26T17:52+09:00 |
| jvndb-2014-000124 | TSUTAYA App for Android vulnerable to arbitrary Java method execution | 2014-12-18T13:41+09:00 | 2014-12-22T17:52+09:00 |
| jvndb-2014-000132 | Multiple Allied Telesis products vulnerable to buffer overflow | 2014-12-18T14:47+09:00 | 2015-01-28T17:38+09:00 |
| jvndb-2014-000151 | WBS Gantt-Chart for JIRA vulnerable to cross-site scripting | 2014-12-18T14:48+09:00 | 2014-12-22T17:30+09:00 |
| jvndb-2014-000152 | WBS Gantt-Chart for JIRA vulnerable to cross-site scripting | 2014-12-18T14:49+09:00 | 2014-12-22T17:33+09:00 |
| jvndb-2015-000006 | SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal | 2015-01-19T13:54+09:00 | 2015-02-13T15:09+09:00 |
| jvndb-2015-000008 | shiromuku(bu2)BBS vulnerable to arbitrary file creation | 2015-01-23T14:22+09:00 | 2015-02-13T09:51+09:00 |
| ID | Description | Updated |
|---|