Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0409 |
N/A
|
Netscape 4.73 and earlier follows symlinks when i… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.541Z |
| CVE-2000-0410 |
N/A
|
ColdFusion Server 4.5.1 allows remote attackers t… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.539Z |
| CVE-2000-0411 |
N/A
|
Matt Wright's FormMail CGI script allows remote a… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.478Z |
| CVE-2000-0414 |
N/A
|
Vulnerability in shutdown command for HP-UX 11.X … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.501Z |
| CVE-2000-0416 |
N/A
|
NTMail 5.x allows network users to bypass the NTM… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.569Z |
| CVE-2000-0417 |
N/A
|
The HTTP administration interface to the Cayman 3… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.632Z |
| CVE-2000-0418 |
N/A
|
The Cayman 3220-H DSL router allows remote attack… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.506Z |
| CVE-2000-0419 |
N/A
|
The Office 2000 UA ActiveX Control is marked as "… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.483Z |
| CVE-2000-0421 |
N/A
|
The process_bug.cgi script in Bugzilla allows rem… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.507Z |
| CVE-2000-0424 |
N/A
|
The CGI counter 4.0.7 by George Burgyan allows re… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.489Z |
| CVE-2000-0425 |
N/A
|
Buffer overflow in the Web Archives component of … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.546Z |
| CVE-2000-0427 |
N/A
|
The Aladdin Knowledge Systems eToken device allow… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.477Z |
| CVE-2000-0428 |
N/A
|
Buffer overflow in the SMTP gateway for InterScan… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.538Z |
| CVE-2000-0431 |
N/A
|
Cobalt RaQ2 and RaQ3 does not properly set the ac… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.516Z |
| CVE-2000-0432 |
N/A
|
The calender.pl and the calendar_admin.pl calenda… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.678Z |
| CVE-2000-0435 |
N/A
|
The allmanageup.pl file upload CGI script in the … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.706Z |
| CVE-2000-0436 |
N/A
|
MetaProducts Offline Explorer 1.2 and earlier all… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.681Z |
| CVE-2000-0437 |
N/A
|
Buffer overflow in the CyberPatrol daemon "cyberd… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.627Z |
| CVE-2000-0438 |
N/A
|
Buffer overflow in fdmount on Linux systems allow… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.665Z |
| CVE-2000-0439 |
N/A
|
Internet Explorer 4.0 and 5.0 allows a malicious … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.410Z |
| CVE-2000-0441 |
N/A
|
Vulnerability in AIX 3.2.x and 4.x allows local u… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.948Z |
| CVE-2000-0442 |
N/A
|
Qpopper 2.53 and earlier allows local users to ga… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.648Z |
| CVE-2000-0452 |
N/A
|
Buffer overflow in the ESMTP service of Lotus Dom… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.954Z |
| CVE-2000-0453 |
N/A
|
XFree86 3.3.x and 4.0 allows a user to cause a de… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.681Z |
| CVE-2000-0454 |
N/A
|
Buffer overflow in Linux cdrecord allows local us… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.843Z |
| CVE-2000-0455 |
N/A
|
Buffer overflow in xlockmore xlock program versio… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:31.201Z |
| CVE-2000-0456 |
N/A
|
NetBSD 1.4.2 and earlier allows local users to ca… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:31.322Z |
| CVE-2000-0460 |
N/A
|
Buffer overflow in KDE kdesud on Linux allows loc… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.917Z |
| CVE-2000-0461 |
N/A
|
The undocumented semconfig system call in BSD fre… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.555Z |
| CVE-2000-0462 |
N/A
|
ftpd in NetBSD 1.4.2 does not properly parse entr… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.311Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0409 |
N/A
|
Netscape 4.73 and earlier follows symlinks when i… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.541Z |
| CVE-2000-0410 |
N/A
|
ColdFusion Server 4.5.1 allows remote attackers t… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.539Z |
| CVE-2000-0411 |
N/A
|
Matt Wright's FormMail CGI script allows remote a… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.478Z |
| CVE-2000-0414 |
N/A
|
Vulnerability in shutdown command for HP-UX 11.X … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.501Z |
| CVE-2000-0416 |
N/A
|
NTMail 5.x allows network users to bypass the NTM… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.569Z |
| CVE-2000-0417 |
N/A
|
The HTTP administration interface to the Cayman 3… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.632Z |
| CVE-2000-0418 |
N/A
|
The Cayman 3220-H DSL router allows remote attack… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.506Z |
| CVE-2000-0419 |
N/A
|
The Office 2000 UA ActiveX Control is marked as "… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.483Z |
| CVE-2000-0421 |
N/A
|
The process_bug.cgi script in Bugzilla allows rem… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.507Z |
| CVE-2000-0424 |
N/A
|
The CGI counter 4.0.7 by George Burgyan allows re… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.489Z |
| CVE-2000-0425 |
N/A
|
Buffer overflow in the Web Archives component of … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.546Z |
| CVE-2000-0427 |
N/A
|
The Aladdin Knowledge Systems eToken device allow… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.477Z |
| CVE-2000-0428 |
N/A
|
Buffer overflow in the SMTP gateway for InterScan… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:14:21.538Z |
| CVE-2000-0431 |
N/A
|
Cobalt RaQ2 and RaQ3 does not properly set the ac… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.516Z |
| CVE-2000-0432 |
N/A
|
The calender.pl and the calendar_admin.pl calenda… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.678Z |
| CVE-2000-0435 |
N/A
|
The allmanageup.pl file upload CGI script in the … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.706Z |
| CVE-2000-0436 |
N/A
|
MetaProducts Offline Explorer 1.2 and earlier all… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.681Z |
| CVE-2000-0437 |
N/A
|
Buffer overflow in the CyberPatrol daemon "cyberd… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.627Z |
| CVE-2000-0438 |
N/A
|
Buffer overflow in fdmount on Linux systems allow… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.665Z |
| CVE-2000-0439 |
N/A
|
Internet Explorer 4.0 and 5.0 allows a malicious … |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.410Z |
| CVE-2000-0441 |
N/A
|
Vulnerability in AIX 3.2.x and 4.x allows local u… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.948Z |
| CVE-2000-0442 |
N/A
|
Qpopper 2.53 and earlier allows local users to ga… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.648Z |
| CVE-2000-0452 |
N/A
|
Buffer overflow in the ESMTP service of Lotus Dom… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.954Z |
| CVE-2000-0453 |
N/A
|
XFree86 3.3.x and 4.0 allows a user to cause a de… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.681Z |
| CVE-2000-0454 |
N/A
|
Buffer overflow in Linux cdrecord allows local us… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.843Z |
| CVE-2000-0455 |
N/A
|
Buffer overflow in xlockmore xlock program versio… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:31.201Z |
| CVE-2000-0456 |
N/A
|
NetBSD 1.4.2 and earlier allows local users to ca… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:31.322Z |
| CVE-2000-0460 |
N/A
|
Buffer overflow in KDE kdesud on Linux allows loc… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:29.917Z |
| CVE-2000-0461 |
N/A
|
The undocumented semconfig system call in BSD fre… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.555Z |
| CVE-2000-0462 |
N/A
|
ftpd in NetBSD 1.4.2 does not properly parse entr… |
n/a |
n/a |
2000-07-12T04:00:00 | 2024-08-08T05:21:30.311Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-1999-1352 | mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain… | 1999-09-28T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1350 | ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, whi… | 1999-09-29T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0931 | Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands. | 1999-09-30T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0932 | Mediahouse Statistics Server allows remote attackers to read the administrator password, which is s… | 1999-09-30T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1469 | Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitr… | 1999-09-30T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1583 | Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hos… | 1999-09-30T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0794 | Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0877 | Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME. | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0879 | Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges … | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0880 | Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly. | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0933 | TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1236 | Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which c… | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1500 | Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (cras… | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0016 | Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of … | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0047 | Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of servic… | 1999-10-01T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0942 | UnixWare dos7utils allows a local user to gain root privileges by using the STATICMERGE environment… | 1999-10-04T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1454 | Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled all… | 1999-10-04T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1523 | Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, an… | 1999-10-04T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1540 | shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attac… | 1999-10-04T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1541 | shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files b… | 1999-10-04T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1542 | RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell met… | 1999-10-04T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1344 | Auto_FTP.pl script in Auto_FTP 0.2 stores usernames and passwords in plaintext in the auto_ftp.conf… | 1999-10-05T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1345 | Auto_FTP.pl script in Auto_FTP 0.2 uses the /tmp/ftp_tmp as a shared directory with insecure permis… | 1999-10-05T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1357 | Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating syst… | 1999-10-05T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0791 | Hybrid Network cable modems do not include an authentication mechanism for administration, allowing… | 1999-10-06T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1349 | NFS daemon (nfsd.exe) for Omni-NFS/X 6.1 allows remote attackers to cause a denial of service (reso… | 1999-10-06T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1346 | PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule… | 1999-10-07T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1347 | Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass … | 1999-10-07T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1522 | Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursi… | 1999-10-07T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-1082 | Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready ar… | 1999-10-08T04:00:00.000 | 2025-04-03T01:03:51.193 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-cjjf-94ff-43w7 |
7.5 (3.1)
|
jackson-databind Deserialization of Untrusted Data vulnerability | 2019-03-25T18:03:09Z | 2024-03-01T21:49:04Z |
| ghsa-gwg9-rgvj-4h5j |
9.8 (3.1)
|
Code Injection in morgan | 2019-03-25T18:03:23Z | 2023-09-12T20:50:05Z |
| ghsa-v588-qcp3-jv46 |
7.5 (3.1)
|
Path Traversal in serve | 2019-03-25T18:03:58Z | 2025-07-15T19:34:30Z |
| ghsa-xg75-3277-gvvj |
7.5 (3.1)
|
Directory Traversal in serve | 2019-03-25T18:04:01Z | 2021-09-21T22:30:46Z |
| ghsa-h2f4-v4c4-6wx4 |
7.5 (3.1)
|
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server | 2019-03-28T18:33:38Z | 2022-09-17T00:33:03Z |
| ghsa-q2xp-75m7-gv52 |
9.8 (3.1)
|
Improper Input Validation in net.sf.robocode:robocode.host allows for external service interaction | 2019-04-02T15:36:49Z | 2025-12-22T18:41:59Z |
| ghsa-jpv3-g4cc-6vfx |
7.5 (3.1)
|
Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client | 2019-04-02T15:46:42Z | 2024-03-14T22:09:43Z |
| ghsa-fmpq-w5q6-9vf9 |
6.1 (3.1)
|
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main | 2019-04-02T15:46:48Z | 2021-06-10T23:43:17Z |
| ghsa-72p5-2r6g-fm6v |
6.1 (3.1)
|
Moderate severity vulnerability that affects total.js | 2019-04-02T15:46:52Z | 2021-06-11T14:16:33Z |
| ghsa-rv62-4pmj-xw6h |
6.1 (3.1)
|
Open Redirect vulnerability in jupyterhub and notebook | 2019-04-02T15:46:54Z | 2023-09-05T12:34:54Z |
| ghsa-535v-4x9q-446c |
7.5 (3.1)
|
Improper Authorization in org.apache.hbase:hbase | 2019-04-02T15:47:00Z | 2022-09-17T00:57:03Z |
| ghsa-vqqv-v9m2-48p2 |
9.8 (3.1)
|
Bootstrap-sass contains code execution backdoor | 2019-04-04T16:28:47Z | 2023-08-25T23:39:10Z |
| ghsa-gm29-35c7-8cfw |
|
Cross-Site Scripting in buttle | 2019-04-08T15:18:38Z | 2020-08-31T18:43:56Z |
| ghsa-2hhw-p8mg-jrm6 |
|
Path Traversal in http-live-simulator | 2019-04-08T15:18:40Z | 2020-08-31T18:36:11Z |
| ghsa-r8h9-hq9c-2p5c |
8.1 (3.1)
|
High severity vulnerability that affects com.github.shyiko.ktlint:ktlint-core | 2019-04-08T15:18:54Z | 2021-09-17T14:43:23Z |
| ghsa-c6fm-rgw4-8q73 |
7.5 (3.1)
8.7 (4.0)
|
CoAPthon3 vulnerable to Deserialization of Untrusted Data | 2019-04-08T15:18:57Z | 2024-09-06T15:42:53Z |
| ghsa-5xc6-fpc7-4qvg |
7.5 (3.1)
8.7 (4.0)
|
CoAPthon DoS due to Exceptions | 2019-04-08T15:19:01Z | 2024-09-13T14:31:59Z |
| ghsa-pffw-p2q5-w6vh |
7.5 (3.1)
|
Improper Limitation of a Pathname ('Path Traversal') in org.apache.jspwiki:jspwiki-war | 2019-04-08T16:23:36Z | 2022-09-17T00:13:09Z |
| ghsa-fvpg-qx3g-7mp7 |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:29Z | 2021-09-10T19:58:26Z |
| ghsa-3w9q-c44j-37jj |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:32Z | 2021-08-31T21:35:30Z |
| ghsa-jhx3-2w5x-x39x |
6.5 (3.1)
|
Microsoft.ChakraCore vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | 2019-04-09T19:43:38Z | 2022-09-17T00:21:19Z |
| ghsa-8qh8-cv77-h83g |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:46Z | 2021-09-07T20:30:00Z |
| ghsa-7ph8-f946-q5r7 |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:54Z | 2021-09-03T21:01:09Z |
| ghsa-fv38-4c3m-25v8 |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:56Z | 2021-09-10T19:20:26Z |
| ghsa-pjpj-f6r8-56rm |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:43:59Z | 2021-09-16T18:14:38Z |
| ghsa-6jf5-rmhv-38cw |
7.5 (3.1)
|
High severity vulnerability that affects Microsoft.ChakraCore | 2019-04-09T19:44:03Z | 2021-09-02T16:39:07Z |
| ghsa-rg3q-jxmp-pvjj |
6.1 (3.1)
|
Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation | 2019-04-09T19:44:37Z | 2022-09-17T00:24:09Z |
| ghsa-7752-f4gf-94gc |
6.1 (3.1)
|
Materialize-css vulnerable to Cross-site Scripting in autocomplete component | 2019-04-09T19:44:38Z | 2023-08-28T15:35:45Z |
| ghsa-98f7-p5rc-jx67 |
6.1 (3.1)
|
Materialize-css vulnerable to Cross-site Scripting in tooltip component | 2019-04-09T19:44:40Z | 2023-08-28T15:34:40Z |
| ghsa-926q-wxr6-3crq |
6.1 (3.1)
|
Moderate severity vulnerability that affects roundup | 2019-04-09T19:47:14Z | 2024-10-21T21:43:43Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2021-27 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-04-12T21:15:00Z | 2021-04-21T17:02:00Z |
| pysec-2021-25 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-04-12T22:15:00Z | 2021-04-26T18:40:00Z |
| pysec-2021-26 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-04-12T22:15:00Z | 2021-04-21T16:45:00Z |
| pysec-2021-10 |
|
A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.… | django-debug-toolbar | 2021-04-14T18:15:00Z | 2021-04-21T15:05:00Z |
| pysec-2021-24 |
|
### Impact Missing input validation of some parameters on the endpoints used to confirm t… | matrix-sydent | 2021-04-15T18:15:00Z | 2021-04-22T17:17:00Z |
| pysec-2021-21 |
|
Sydent is a reference Matrix identity server. Sydent does not limit the size of requests … | matrix-sydent | 2021-04-15T21:15:00Z | 2021-04-22T17:19:00Z |
| pysec-2021-22 |
|
Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requ… | matrix-sydent | 2021-04-15T21:15:00Z | 2021-04-22T15:27:00Z |
| pysec-2021-23 |
|
Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send… | matrix-sydent | 2021-04-15T21:15:00Z | 2021-04-22T15:25:00Z |
| pysec-2021-114 |
|
Wagtail is a Django content management system. In affected versions of Wagtail, when savi… | wagtail | 2021-04-19T19:15:00Z | 2021-04-29T14:24:00Z |
| pysec-2021-56 |
|
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the … | salt | 2021-04-23T06:15:00Z | 2022-06-21T15:53:31.288525Z |
| pysec-2021-128 |
|
Apache Superset up to and including 1.0.1 allowed for the creation of an external URL tha… | apache-superset | 2021-04-27T10:15:00Z | 2021-08-27T03:21:55.733407Z |
| pysec-2021-1 |
|
A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by defa… | ansible | 2021-04-29T16:15:00Z | 2021-05-03T20:43:00Z |
| pysec-2021-64 |
|
django-filter is a generic system for filtering Django QuerySets based on user selections… | django-filter | 2021-04-29T21:15:00Z | 2021-05-10T17:55:00Z |
| pysec-2021-4 |
|
The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to … | apache-airflow | 2021-05-02T08:15:00Z | 2021-05-10T20:07:00Z |
| pysec-2021-17 |
|
Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22.… | impacket | 2021-05-05T11:15:00Z | 2021-09-01T08:19:03.897095Z |
| pysec-2021-7 |
|
In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, Upl… | django | 2021-05-05T15:15:00Z | 2021-05-13T13:41:00Z |
| pysec-2021-8 |
|
In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 (with Python 3.9.5+)… | django | 2021-05-06T16:15:00Z | 2021-05-12T08:15:00Z |
| pysec-2021-101 |
|
The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitra… | localstack | 2021-05-07T05:15:00Z | 2021-06-22T04:54:56.080124Z |
| pysec-2021-102 |
|
A Cross-site scripting (XSS) vulnerability exists in StackLift LocalStack 0.12.6. | localstack | 2021-05-07T05:15:00Z | 2021-06-22T04:54:56.108960Z |
| pysec-2021-12 |
|
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memo… | eventlet | 2021-05-07T15:15:00Z | 2021-05-14T17:02:00Z |
| pysec-2021-29 |
|
The Logging subsystem in OctoPrint before 1.6.0 has incorrect access control because it a… | octoprint | 2021-05-11T14:15:00Z | 2021-05-11T15:18:00Z |
| pysec-2021-30 |
|
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input … | octoprint | 2021-05-11T14:15:00Z | 2021-05-11T15:18:00Z |
| pysec-2021-135 |
|
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).… | matrix-synapse | 2021-05-11T15:15:00Z | 2021-08-27T03:22:06.756710Z |
| pysec-2021-47 |
|
Pydantic is a data validation and settings management using Python type hinting. In affec… | pydantic | 2021-05-13T19:15:00Z | 2021-05-13T19:15:00Z |
| pysec-2021-13 |
|
The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, … | flask-caching | 2021-05-13T23:15:00Z | 2023-07-25T00:34:15.721702Z |
| pysec-2021-149 |
|
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` ar… | tensorflow | 2021-05-14T19:15:00Z | 2021-08-27T03:22:23.518786Z |
| pysec-2021-191 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow | 2021-05-14T19:15:00Z | 2021-08-27T03:22:31.001831Z |
| pysec-2021-440 |
|
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` ar… | tensorflow-cpu | 2021-05-14T19:15:00Z | 2021-12-09T06:34:45.216617Z |
| pysec-2021-482 |
|
TensorFlow is an end-to-end open source platform for machine learning. An attacker can ca… | tensorflow-cpu | 2021-05-14T19:15:00Z | 2021-12-09T06:34:51.766391Z |
| pysec-2021-638 |
|
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` ar… | tensorflow-gpu | 2021-05-14T19:15:00Z | 2021-12-09T06:35:17.036607Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| MAL-2022-171 | Malicious code in @clalit/fetlife-assets (npm) | 2022-06-20T18:20:00Z | 2022-06-20T18:20:01Z |
| MAL-2022-172 | Malicious code in @clenergy/fetlife-assets (npm) | 2022-06-20T18:20:00Z | 2022-06-20T18:20:01Z |
| mal-2022-170 | Malicious code in @cirrusinsight/fetlife-assets (npm) | 2022-06-20T18:20:00Z | 2022-06-20T18:20:01Z |
| mal-2022-171 | Malicious code in @clalit/fetlife-assets (npm) | 2022-06-20T18:20:00Z | 2022-06-20T18:20:01Z |
| mal-2022-172 | Malicious code in @clenergy/fetlife-assets (npm) | 2022-06-20T18:20:00Z | 2022-06-20T18:20:01Z |
| MAL-2022-176 | Malicious code in @codacontent/fetlife-assets (npm) | 2022-06-20T18:20:01Z | 2022-06-20T18:20:03Z |
| MAL-2022-177 | Malicious code in @codahosted/fetlife-assets (npm) | 2022-06-20T18:20:01Z | 2022-06-20T18:20:03Z |
| mal-2022-176 | Malicious code in @codacontent/fetlife-assets (npm) | 2022-06-20T18:20:01Z | 2022-06-20T18:20:03Z |
| mal-2022-177 | Malicious code in @codahosted/fetlife-assets (npm) | 2022-06-20T18:20:01Z | 2022-06-20T18:20:03Z |
| MAL-2022-179 | Malicious code in @coinalpha/fetlife-assets (npm) | 2022-06-20T18:20:03Z | 2022-06-20T18:20:04Z |
| MAL-2022-182 | Malicious code in @cooley/fetlife-assets (npm) | 2022-06-20T18:20:03Z | 2022-06-20T18:20:04Z |
| mal-2022-179 | Malicious code in @coinalpha/fetlife-assets (npm) | 2022-06-20T18:20:03Z | 2022-06-20T18:20:04Z |
| mal-2022-182 | Malicious code in @cooley/fetlife-assets (npm) | 2022-06-20T18:20:03Z | 2022-06-20T18:20:04Z |
| MAL-2022-190 | Malicious code in @cvshealth/fetlife-assets (npm) | 2022-06-20T18:20:04Z | 2022-06-20T18:20:05Z |
| MAL-2022-197 | Malicious code in @defectdojo/fetlife-assets (npm) | 2022-06-20T18:20:04Z | 2022-06-20T18:20:10Z |
| mal-2022-190 | Malicious code in @cvshealth/fetlife-assets (npm) | 2022-06-20T18:20:04Z | 2022-06-20T18:20:05Z |
| mal-2022-197 | Malicious code in @defectdojo/fetlife-assets (npm) | 2022-06-20T18:20:04Z | 2022-06-20T18:20:10Z |
| MAL-2022-198 | Malicious code in @dentrix/fetlife-assets (npm) | 2022-06-20T18:20:05Z | 2022-06-20T18:20:06Z |
| MAL-2022-205 | Malicious code in @dozuki/fetlife-assets (npm) | 2022-06-20T18:20:05Z | 2022-06-20T18:20:06Z |
| mal-2022-198 | Malicious code in @dentrix/fetlife-assets (npm) | 2022-06-20T18:20:05Z | 2022-06-20T18:20:06Z |
| mal-2022-205 | Malicious code in @dozuki/fetlife-assets (npm) | 2022-06-20T18:20:05Z | 2022-06-20T18:20:06Z |
| MAL-2022-208 | Malicious code in @drive2/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:06Z |
| MAL-2022-209 | Malicious code in @dropbox/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:06Z |
| MAL-2022-210 | Malicious code in @dropcontact/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:07Z |
| MAL-2022-226 | Malicious code in @edwardjones/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:07Z |
| mal-2022-208 | Malicious code in @drive2/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:06Z |
| mal-2022-209 | Malicious code in @dropbox/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:06Z |
| mal-2022-210 | Malicious code in @dropcontact/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:07Z |
| mal-2022-226 | Malicious code in @edwardjones/fetlife-assets (npm) | 2022-06-20T18:20:06Z | 2022-06-20T18:20:07Z |
| MAL-2022-252 | Malicious code in @eset/fetlife-assets (npm) | 2022-06-20T18:20:07Z | 2022-06-20T18:20:07Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-3309 | IBM Tivoli Netcool/OMNIbus: Schwachstelle ermöglicht Codeausführung | 2022-03-14T23:00:00.000+00:00 | 2024-10-29T23:00:00.000+00:00 |
| wid-sec-w-2022-0065 | OpenSSL: Schwachstelle ermöglicht Denial of Service | 2022-03-15T23:00:00.000+00:00 | 2025-05-22T22:00:00.000+00:00 |
| wid-sec-w-2022-0730 | libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-03-15T23:00:00.000+00:00 | 2022-12-07T23:00:00.000+00:00 |
| wid-sec-w-2022-1130 | Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2022-03-15T23:00:00.000+00:00 | 2024-09-05T22:00:00.000+00:00 |
| wid-sec-w-2022-0116 | OpenVPN: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-03-16T23:00:00.000+00:00 | 2025-03-09T23:00:00.000+00:00 |
| wid-sec-w-2022-0969 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2022-03-16T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2022-1004 | Red Hat Virtualization: Schwachstelle ermöglicht Manipulation von Dateien | 2022-03-16T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| bsi-2022-0001 | CVRF-CSAF-Converter: XML External Entities Vulnerability | 2022-03-17T13:03:42.105Z | 2022-07-14T08:20:40.872Z |
| wid-sec-w-2022-0156 | Linux Kernel: Mehrere Schwachstellen | 2022-03-20T23:00:00.000+00:00 | 2025-05-29T22:00:00.000+00:00 |
| wid-sec-w-2022-0691 | OTRS: Mehrere Schwachstellen | 2022-03-20T23:00:00.000+00:00 | 2023-08-30T22:00:00.000+00:00 |
| wid-sec-w-2022-0157 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-03-22T23:00:00.000+00:00 | 2022-12-20T23:00:00.000+00:00 |
| wid-sec-w-2022-0158 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-03-23T23:00:00.000+00:00 | 2024-09-30T22:00:00.000+00:00 |
| wid-sec-w-2022-0159 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-03-23T23:00:00.000+00:00 | 2025-01-26T23:00:00.000+00:00 |
| wid-sec-w-2022-0250 | Red Hat OpenStack: Mehrere Schwachstellen | 2022-03-23T23:00:00.000+00:00 | 2023-05-10T22:00:00.000+00:00 |
| wid-sec-w-2022-1133 | QEMU: Schwachstelle ermöglicht Denial of Service | 2022-03-27T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2022-1946 | gcc: Schwachstelle ermöglicht Denial of Service | 2022-03-27T22:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-1989 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-03-27T22:00:00.000+00:00 | 2024-03-06T23:00:00.000+00:00 |
| wid-sec-w-2023-0842 | PowerDNS: Schwachstelle ermöglicht Denial of Service | 2022-03-27T22:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2022-0066 | libarchive: Schwachstelle ermöglicht Denial of Service | 2022-03-28T22:00:00.000+00:00 | 2024-11-11T23:00:00.000+00:00 |
| wid-sec-w-2022-0117 | Linux Kernel: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-03-28T22:00:00.000+00:00 | 2025-04-14T22:00:00.000+00:00 |
| wid-sec-w-2022-0160 | Linux Kernel: Mehrere Schwachstellen | 2022-03-28T22:00:00.000+00:00 | 2025-04-14T22:00:00.000+00:00 |
| wid-sec-w-2022-1035 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Denial of Service | 2022-03-28T22:00:00.000+00:00 | 2024-10-14T22:00:00.000+00:00 |
| wid-sec-w-2022-1962 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2022-03-28T22:00:00.000+00:00 | 2022-12-28T23:00:00.000+00:00 |
| wid-sec-w-2023-0173 | QEMU: Schwachstelle ermöglicht Codeausführung | 2022-03-28T22:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2023-2190 | Wind River VxWorks: Schwachstelle ermöglicht Denial of Service | 2022-03-28T22:00:00.000+00:00 | 2023-08-28T22:00:00.000+00:00 |
| wid-sec-w-2022-0004 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2022-03-29T22:00:00.000+00:00 | 2024-03-06T23:00:00.000+00:00 |
| wid-sec-w-2022-0923 | OpenJPEG: Schwachstelle ermöglicht Denial of Service | 2022-03-29T22:00:00.000+00:00 | 2025-04-01T22:00:00.000+00:00 |
| wid-sec-w-2023-1449 | VMware vCenter Server und VMware Cloud Foundation: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-03-29T22:00:00.000+00:00 | 2023-06-15T22:00:00.000+00:00 |
| wid-sec-w-2023-2843 | SaltStack Salt: Mehrere Schwachstellen | 2022-03-29T22:00:00.000+00:00 | 2023-11-06T23:00:00.000+00:00 |
| wid-sec-w-2022-0033 | VMware Tanzu Spring Framework: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode | 2022-03-30T22:00:00.000+00:00 | 2024-12-18T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2005:344 | Red Hat Security Advisory: gtk2 security update | 2005-04-01T14:47:00+00:00 | 2025-11-21T17:28:52+00:00 |
| rhsa-2005_344 | Red Hat Security Advisory: gtk2 security update | 2005-04-01T14:47:00+00:00 | 2024-11-21T23:37:46+00:00 |
| rhsa-2005:348 | Red Hat Security Advisory: mysql-server security update | 2005-04-05T15:02:00+00:00 | 2025-11-21T17:28:53+00:00 |
| rhsa-2005_348 | Red Hat Security Advisory: mysql-server security update | 2005-04-05T15:02:00+00:00 | 2024-11-14T10:03:46+00:00 |
| rhsa-2005:340 | Red Hat Security Advisory: curl security update | 2005-04-05T15:06:00+00:00 | 2025-11-21T17:28:51+00:00 |
| rhsa-2005_340 | Red Hat Security Advisory: curl security update | 2005-04-05T15:06:00+00:00 | 2024-11-21T23:37:25+00:00 |
| rhsa-2005:343 | Red Hat Security Advisory: gdk-pixbuf security update | 2005-04-05T15:11:00+00:00 | 2025-11-21T17:28:53+00:00 |
| rhsa-2005_343 | Red Hat Security Advisory: gdk-pixbuf security update | 2005-04-05T15:11:00+00:00 | 2024-11-21T23:37:41+00:00 |
| rhsa-2005:307 | Red Hat Security Advisory: kdelibs security update | 2005-04-06T17:54:00+00:00 | 2025-11-21T17:28:46+00:00 |
| rhsa-2005_307 | Red Hat Security Advisory: kdelibs security update | 2005-04-06T17:54:00+00:00 | 2024-11-21T23:35:13+00:00 |
| rhsa-2005:044 | Red Hat Security Advisory: XFree86 security update | 2005-04-06T18:05:00+00:00 | 2025-11-21T17:28:18+00:00 |
| rhsa-2005_044 | Red Hat Security Advisory: XFree86 security update | 2005-04-06T18:05:00+00:00 | 2024-11-21T23:24:01+00:00 |
| rhsa-2005:212 | Red Hat Security Advisory: dhcp security update | 2005-04-12T13:42:00+00:00 | 2025-11-21T17:28:38+00:00 |
| rhsa-2005_212 | Red Hat Security Advisory: dhcp security update | 2005-04-12T13:42:00+00:00 | 2024-11-21T23:31:28+00:00 |
| rhsa-2005:365 | Red Hat Security Advisory: gaim security update | 2005-04-12T13:56:00Z | 2005-04-12T00:00:00Z |
| rhsa-2005_365 | Red Hat Security Advisory: gaim security update | 2005-04-12T13:56:00Z | 2005-04-12T00:00:00Z |
| rhsa-2005:021 | Red Hat Security Advisory: kdegraphics security update | 2005-04-12T14:07:00+00:00 | 2025-11-21T17:28:13+00:00 |
| rhsa-2005_021 | Red Hat Security Advisory: kdegraphics security update | 2005-04-12T14:07:00+00:00 | 2024-11-21T23:22:25+00:00 |
| rhsa-2005:364 | Red Hat Security Advisory: logwatch security update | 2005-04-19T18:33:00+00:00 | 2025-11-21T17:28:55+00:00 |
| rhsa-2005_364 | Red Hat Security Advisory: logwatch security update | 2005-04-19T18:33:00+00:00 | 2024-11-21T23:38:37+00:00 |
| rhsa-2005:332 | Red Hat Security Advisory: xloadimage security update | 2005-04-19T18:36:00+00:00 | 2025-11-21T17:28:49+00:00 |
| rhsa-2005_332 | Red Hat Security Advisory: xloadimage security update | 2005-04-19T18:36:00+00:00 | 2024-11-21T23:36:41+00:00 |
| rhsa-2005:366 | Red Hat Security Advisory: kernel security update | 2005-04-19T18:52:00+00:00 | 2026-01-08T09:18:13+00:00 |
| rhsa-2005_366 | Red Hat Security Advisory: kernel security update | 2005-04-19T18:52:00+00:00 | 2024-11-21T23:56:34+00:00 |
| rhsa-2005:363 | Red Hat Security Advisory: RealPlayer security update | 2005-04-20T17:24:00+00:00 | 2025-11-21T17:28:55+00:00 |
| rhsa-2005_363 | Red Hat Security Advisory: RealPlayer security update | 2005-04-20T17:24:00+00:00 | 2024-11-14T10:03:39+00:00 |
| rhsa-2005:392 | Red Hat Security Advisory: HelixPlayer security update | 2005-04-20T17:26:00+00:00 | 2025-11-21T17:28:59+00:00 |
| rhsa-2005_392 | Red Hat Security Advisory: HelixPlayer security update | 2005-04-20T17:26:00+00:00 | 2024-11-14T10:03:42+00:00 |
| rhsa-2005:394 | Red Hat Security Advisory: RealPlayer security update | 2005-04-20T22:08:00+00:00 | 2025-11-21T17:29:00+00:00 |
| rhsa-2005_394 | Red Hat Security Advisory: RealPlayer security update | 2005-04-20T22:08:00+00:00 | 2024-11-14T10:03:46+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-20-079-01 | Systech NDS-5000 Terminal Server | 2020-03-19T00:00:00.000000Z | 2020-03-19T00:00:00.000000Z |
| icsma-20-079-01 | Insulet Omnipod | 2020-03-19T00:00:00.000000Z | 2020-03-19T00:00:00.000000Z |
| icsa-20-084-01 | VISAM Automation Base (VBASE) (Update B) | 2020-03-24T00:00:00.000000Z | 2021-11-18T00:00:00.000000Z |
| icsa-20-084-02 | Schneider Electric IGSS SCADA Software | 2020-03-24T00:00:00.000000Z | 2020-03-24T00:00:00.000000Z |
| icsa-20-086-01 | Advantech WebAccess | 2020-03-26T00:00:00.000000Z | 2020-03-26T00:00:00.000000Z |
| icsa-20-091-01 | Hirschmann Automation and Control HiOS and HiSecOS Products | 2020-03-31T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsa-20-091-02 | Mitsubishi Electric MELSEC | 2020-03-31T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsma-20-091-01 | BD Pyxis MedStation and Pyxis Anesthesia (PAS) ES System | 2020-03-31T00:00:00.000000Z | 2020-03-31T00:00:00.000000Z |
| icsa-20-093-01 | B&R Automation Studio | 2020-04-02T00:00:00.000000Z | 2020-04-02T00:00:00.000000Z |
| icsa-20-098-01 | Advantech WebAccess/NMS | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-02 | GE Digital CIMPLICITY | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-03 | HMS Networks eWON Flexy and Cosy | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-04 | Fuji Electric V-Server Lite | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-098-05 | ICSA-20-098-05_KUKA.Sim Pro | 2020-04-07T00:00:00.000000Z | 2020-04-07T00:00:00.000000Z |
| icsa-20-100-01 | Rockwell Automation RSLinx Classic | 2020-04-09T00:00:00.000000Z | 2020-04-09T00:00:00.000000Z |
| icsa-20-105-01 | Eaton HMiSoft VU3 | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-105-02 | Triangle MicroWorks DNP3 Outstation Libraries | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-105-03 | Triangle MicroWorks SCADA Data Gateway | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-105-04 | Siemens Climatix (Update A) | 2020-04-14T00:00:00.000000Z | 2021-02-09T00:00:00.000000Z |
| icsa-20-105-05 | Siemens RUGGEDCOM, SCALANCE, SIMATIC, SINEMA (Update B) | 2020-04-14T00:00:00.000000Z | 2020-09-08T00:00:00.000000Z |
| icsa-20-105-06 | Siemens SIMOTICS, Desigo, APOGEE, and TALON | 2020-04-14T00:00:00.000000Z | 2025-06-10T00:00:00.000000Z |
| icsa-20-105-07 | Siemens SCALANCE and SIMATIC (Update H) | 2020-04-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-20-105-08 | Siemens KTK, SIDOOR, SIMATIC, and SINAMICS (Update D) | 2020-04-14T00:00:00.000000Z | 2025-07-08T00:00:00.000000Z |
| icsa-20-105-09 | Siemens TIM 3V-IE and 4R-IE Family Devices | 2020-04-14T00:00:00.000000Z | 2020-04-14T00:00:00.000000Z |
| icsa-20-112-01 | Inductive Automation Ignition | 2020-04-21T00:00:00.000000Z | 2020-04-21T00:00:00.000000Z |
| icsa-20-119-01 | LCDS LAquis SCADA | 2020-04-28T00:00:00.000000Z | 2020-04-28T00:00:00.000000Z |
| icsa-20-126-01 | Fazecast jSerialComm | 2020-05-05T00:00:00.000000Z | 2020-05-05T00:00:00.000000Z |
| icsa-20-126-02 | SAE IT-systems FW-50 Remote Telemetry Unit (RTU) | 2020-05-05T00:00:00.000000Z | 2020-05-05T00:00:00.000000Z |
| icsa-20-128-01 | Advantech WebAccess Node | 2020-05-07T00:00:00.000000Z | 2020-05-07T00:00:00.000000Z |
| icsa-20-133-01 | Eaton Intelligent Power Manager | 2020-05-12T00:00:00.000000Z | 2020-05-12T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-anyconnect-dos-fexq4tav | Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-anyconnect-profile-7u3perkf | Cisco AnyConnect Secure Mobility Client for Windows Profile Modification Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-asr-dos-zjljfgbf | Cisco StarOS IPv6 Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-asr5k-ipv6-dos-ce3zhf8m | Cisco StarOS IPv6 Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-bgp-erkeqaer | Cisco IOS XR Software Additional Paths Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-10T13:37:52+00:00 |
| cisco-sa-cucm-cuc-imp-xss-xtpzfm5e | Cisco Unified Communications Products Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-cucm-selfcare-drasc7sr | Cisco Unified Communications Manager Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-cvc-bypass-k99cb2ff | Cisco Cyber Vision Center Software Access Control Bypass Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-dna-info-disc-3bz8bcgr | Cisco DNA Center Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-esa-sma-log-yxq6g2kg | Cisco Email Security Appliance and Cisco Content Security Management Appliance Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-ise-pass-disclosure-k8p2nsgg | Cisco Identity Services Engine Password Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-sbss-ipv6-dos-3blk6va | Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-09-04T14:34:39+00:00 |
| cisco-sa-ucs-director-xss-o7t8oryr | Cisco UCS Director Stored Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-client-g3zevbcp | Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-makmv4qc | Cisco Webex Meetings User Email Address Information Disclosure Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-mttngs-xss-3vbdxduf | Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtcreate-ymud5sk | Cisco Webex Meetings Scheduled Meeting Template Creation Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-webex-smtdelete-gjdurogr | Cisco Webex Meetings Scheduled Meeting Template Deletion Vulnerability | 2020-08-05T16:00:00+00:00 | 2020-08-05T16:00:00+00:00 |
| cisco-sa-cdp-memleak-k5z7m55t | Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Memory Leak Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cmx-prvesc-6g37hjal | Cisco Connected Mobile Experiences Privilege Escalation Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cmx-rshell-esc-l6hbwjbg | Cisco Connected Mobile Experiences Restricted Shell Escape Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cvdsd-pathtrv-5tljrrfn | Cisco Vision Dynamic Signage Director Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cvdsd-rbac-y9lm5jw4 | Cisco Vision Dynamic Signage Director Role-Based Access Control Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-cvdsd-xss-temmlyur | Cisco Vision Dynamic Signage Director Stored Cross-Site Scripting Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-auth-bypass-myefpfcf | Cisco Data Center Network Manager Authorization Bypass Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-authbypass-yvjzqgk2 | Cisco Data Center Network Manager Authorization Bypass Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-bypass-auth-mvdr6ygt | Cisco Data Center Network Manager Authorization Bypass Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-file-path-6pkonjhe | Cisco Data Center Network Manager Read File Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-infordisc-doaxvvfv | Cisco Data Center Network Manager Information Disclosure Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| cisco-sa-dcnm-pa-trav-bmdfsttq | Cisco Data Center Network Manager Path Traversal Vulnerability | 2020-08-19T16:00:00+00:00 | 2020-08-19T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-22924 | libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup.Due to errors in the logic the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*which could lead to libcurl reusing wrong connections.File paths are or can be case sensitive on many systems but not all and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22925 | curl supports the `-t` command line option known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22926 | libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`) a malicious user can create a file name with the same name as the app wants to use by name and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22931 | Node.js before 16.6.0 14.17.4 and 12.22.4 is vulnerable to Remote Code Execution XSS Application crashes due to missing input validation of host names returned by Domain Name Servers in Node.js dns library which can lead to output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22939 | If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter no error was returned and connections to servers with an expired certificate would have been accepted. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-22940 | Node.js before 16.6.1 14.17.5 and 12.22.5 is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption to change process behavior. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-28216 | BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. | 2021-08-02T00:00:00.000Z | 2025-09-04T04:00:29.000Z |
| msrc_cve-2021-29923 | Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet which (in some situations) allows attackers to bypass access control that is based on IP addresses because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-32066 | An issue was discovered in Ruby through 2.6.7 2.7.x through 2.7.3 and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command aka a "StartTLS stripping attack." | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-32815 | Denial of service due to assertion failure in crwimage_int.cpp | 2021-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-33193 | Request splitting via HTTP/2 method injection and mod_proxy | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-33195 | Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers and thus a return value may contain an unsafe injection (e.g. XSS) that does not conform to the RFC1035 format. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33196 | In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5 a crafted file count (in an archive's header) can cause a NewReader or OpenReader panic. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33197 | In Go before 1.15.13 and 1.16.x before 1.16.5 some configurations of ReverseProxy (from net/http/httputil) result in a situation where an attacker is able to drop arbitrary headers. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-33198 | In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-34334 | Denial of service due to integer overflow in loop counter | 2021-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-34335 | Denial of service due to FPE in Exiv2::Internal::resolveLens0xffff | 2021-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2021-34556 | In the Linux kernel through 5.13.7 an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-35477 | In the Linux kernel through 5.13.7 an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3573 | A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add() hci_sock_blacklist_del() hci_get_conn_info() hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3580 | A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-36221 | Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort. | 2021-08-02T00:00:00.000Z | 2021-08-20T00:00:00.000Z |
| msrc_cve-2021-3634 | A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secret_hash and the other session_id. Initially, both of them are the same, but after key re-exchange, previous session_id is kept and used as an input to new secret_hash. Historically, both of these buffers had shared length variable, which worked as long as these buffers were same. But the key re-exchange operation can also change the key exchange method, which can be based on hash of different size, eventually creating "secret_hash" of different size than the session_id has. This becomes an issue when the session_id memory is zeroed or when it is used again during second key re-exchange. | 2021-08-02T00:00:00.000Z | 2025-10-01T23:11:10.000Z |
| msrc_cve-2021-36370 | An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection the fingerprint of the server is neither checked nor displayed. As a result a user connects to the server without the ability to verify its authenticity. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3655 | A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-36690 | A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g. is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library. | 2021-08-02T00:00:00.000Z | 2022-02-10T00:00:00.000Z |
| msrc_cve-2021-3679 | A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. | 2021-08-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2021-3682 | A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host. | 2021-08-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-3712 | Read buffer overruns processing ASN.1 strings | 2021-08-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2021-3713 | An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked which can lead to out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially achieve code execution with the privileges of the QEMU process on the host. | 2021-08-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201710-1443 | The Fixon K2 wireless router is a wireless router for home use. Shanghai Feixun Data Com… | 2022-05-04T09:34:03.185000Z |
| var-201709-1242 | Arris Modems is a modem produced by telecommunications equipment manufacturer Arris, a ne… | 2022-05-04T09:34:04.710000Z |
| var-201707-1355 | The HP OfficeJet Pro 8210 is an all-in-one printer from Hewlett Packard. A remote command… | 2022-05-04T09:34:10.039000Z |
| var-201706-1121 | Foscamcamera is a webcam that can push messages to mobile phones and directly implement v… | 2022-05-04T09:34:11.790000Z |
| var-201706-1142 | Ambowtone Application Gateway is an inter-network device developed by Beijing Ableton Tec… | 2022-05-04T09:34:11.779000Z |
| var-201705-4195 | CIIC Xi'an Recruitment System is a resume information storage and entry system. Ther… | 2022-05-04T09:34:15.940000Z |
| var-201703-1380 | DBL Technology (DBL Technology Co., Ltd.) is a communication equipment manufacturer locat… | 2022-05-04T09:34:21.033000Z |
| var-201701-1163 | Guofuan Security Authentication Gateway is a device for user identity authentication, acc… | 2022-05-04T09:34:25.711000Z |
| var-201611-0405 | There is a weak background password on the Asvision camera, allowing initial password login | 2022-05-04T09:34:27.744000Z |
| var-201612-0631 | MPSec-VPN3005S-AC is a security gateway developed by Maipu. The MPSec-VPN3005S-AC model … | 2022-05-04T09:34:27.291000Z |
| var-201612-0652 | Huawei Imagine 5 is the smartphone of China Huawei. Huawei enjoys a memory leak vulnerabi… | 2022-05-04T09:34:27.276000Z |
| var-201610-0710 | AVTECH, founded in 1996, is one of the world's leading manufacturers of CCTV. The main pr… | 2022-05-04T09:34:28.904000Z |
| var-201610-0731 | Hangzhou Hikvision Digital Technology Co., Ltd. ElisaLiveIPcamera is a network camera. Hi… | 2022-05-04T09:34:28.894000Z |
| var-201608-0419 | Yushi SD camera video stream can be accessed without authorization | 2022-05-04T09:34:30.479000Z |
| var-201605-0676 | eFront is an online learning system. eFront has a cross-site scripting vulnerability… | 2022-05-04T09:34:33.949000Z |
| var-201512-0624 | A cross-site scripting vulnerability was found in uCosminexus Portal Framework and Groupm… | 2022-05-04T09:34:38.569000Z |
| var-201312-0604 | ZyXEL GS1510-16 intelligent super fast Ethernet switch. ZyXEL GS1510-16 Web-Managed 16-Po… | 2022-05-04T09:34:59.689000Z |
| var-201402-0584 | OpenVox VoxStack is a series of Asterisk-based analog voice gateways designed for small a… | 2022-05-04T09:34:59.092000Z |
| var-201310-0807 | The JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 conta… | 2022-05-04T09:35:03.661000Z |
| var-201305-0499 | The PlayStation 3 is a home game console developed by Sony Computer Entertainment. A secu… | 2022-05-04T09:35:05.502000Z |
| var-201006-0514 | Collaboration Common Utility, a component of multiple Hitachi products, is vulnerable to … | 2022-05-04T09:35:39.991000Z |
| var-200809-0456 | Plesk is a comprehensive control panel solution for managing sites. If SHORTNAMES = 1 i… | 2022-05-04T09:35:56.950000Z |
| var-200810-0529 | JP1/File Transmission Server/FTP is an FTP-based file transfer server designed by Hitachi… | 2022-05-04T09:35:56.452000Z |
| var-200410-0102 | Java 2 Micro Edition is a Java technology implementation that supports mobile devices. … | 2022-05-04T09:37:14.135000Z |
| var-200303-0129 | D-Link DSL-500 is a DSL broadband router. The D-Link DSL-500 has a default public SNMP … | 2022-05-04T09:37:19.269000Z |
| var-202203-0230 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that… | 2022-05-04T09:37:30.871000Z |
| var-202203-0231 | A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulner… | 2022-05-04T09:37:30.855000Z |
| var-202108-2305 | HG6145D is a gigabit passive optical fiber access user equipment (GPON ONU) under Fiberho… | 2022-05-04T09:37:40.739000Z |
| var-202108-2326 | Hangzhou Hikvision System Technology Co., Ltd. is a smart IoT solution provider and opera… | 2022-05-04T09:37:40.728000Z |
| var-202108-2347 | Ricoh (China) Investment Co., Ltd. provides office image processing equipment (such as MF… | 2022-05-04T09:37:40.718000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000125 | Apache Struts vulnerable to cross-site scripting | 2015-09-04T15:12+09:00 | 2017-10-02T12:08+09:00 |
| jvndb-2015-000128 | OpenDocMan vulnerable to cross-site scripting | 2015-09-04T18:13+09:00 | 2015-09-09T14:02+09:00 |
| jvndb-2015-000127 | ELPhoneBtnV6 ActiveX control vulnerable to buffer overflow | 2015-09-07T13:38+09:00 | 2015-09-09T14:02+09:00 |
| jvndb-2015-000115 | Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass | 2015-09-11T14:16+09:00 | 2016-05-27T14:32+09:00 |
| jvndb-2015-000116 | Japan Connected-free Wi-Fi vulnerable to script injection | 2015-09-11T14:17+09:00 | 2015-09-15T17:17+09:00 |
| jvndb-2015-000129 | PIXMA MG7500 Series vulnerable to cross-site request forgery | 2015-09-11T14:17+09:00 | 2015-09-15T17:17+09:00 |
| jvndb-2015-000130 | applican vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-14T16:30+09:00 |
| jvndb-2015-000131 | Auction Camera vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-09-16T16:58+09:00 |
| jvndb-2015-000132 | MEGAPHONE MUSIC vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:22+09:00 |
| jvndb-2015-000133 | Koritore vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:22+09:00 |
| jvndb-2015-000134 | Reversi vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:18+09:00 |
| jvndb-2015-000135 | Photon vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-02T17:15+09:00 |
| jvndb-2015-000136 | H2O vulnerable to directory traversal | 2015-09-17T13:36+09:00 | 2015-10-05T17:32+09:00 |
| jvndb-2015-000142 | Apache Cordova plugin cordova-plugin-file-transfer vulnerable to HTTP header injection | 2015-09-29T14:04+09:00 | 2015-12-21T17:45+09:00 |
| jvndb-2015-000137 | niconico App for iOS fails to verify SSL server certificates | 2015-09-29T14:05+09:00 | 2018-03-07T12:26+09:00 |
| jvndb-2015-000138 | baserCMS fails to restrict access permissions | 2015-09-30T14:46+09:00 | 2015-10-07T17:38+09:00 |
| jvndb-2015-000139 | baserCMS vulnerable to SQL injection | 2015-09-30T14:46+09:00 | 2015-10-07T17:38+09:00 |
| jvndb-2015-000143 | MATCHA INVOICE vulnerable to SQL injection | 2015-09-30T15:04+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000144 | MATCHA INVOICE vulnerable to code injection | 2015-09-30T15:04+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000145 | MATCHA SNS vulnerable to code injection | 2015-09-30T15:05+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000146 | MATCHA SNS access restriction bypass vulnerability | 2015-09-30T15:05+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000140 | Canary Labs Trend Web Server vulnerable to buffer overflow | 2015-10-01T14:11+09:00 | 2015-10-06T18:00+09:00 |
| jvndb-2015-000141 | Python for Windows may insecurely load dynamic libraries | 2015-10-01T14:11+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000147 | AjaXplorer vulnerable to directory traversal | 2015-10-01T14:11+09:00 | 2015-10-07T17:38+09:00 |
| jvndb-2015-000148 | Dotclear vulnerable to cross-site scripting | 2015-10-02T13:36+09:00 | 2015-10-06T18:02+09:00 |
| jvndb-2015-000149 | gollum vulnerable to file exposure | 2015-10-02T13:36+09:00 | 2015-10-08T15:26+09:00 |
| jvndb-2015-000151 | Multiple PHP code execution vulnerabilitles in Cybozu Garoon | 2015-10-07T14:48+09:00 | 2016-05-30T15:34+09:00 |
| jvndb-2015-000152 | Cybozu Garoon vulnerable to LDAP injection | 2015-10-07T14:48+09:00 | 2016-06-02T19:15+09:00 |
| jvndb-2015-000153 | Dojo Toolkit vulnerable to cross-site scripting | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| jvndb-2015-000154 | phpRechnung vulnerable to SQL injection | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-01249 | MIT Kerberos拒绝服务漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01250 | Red Hat JBoss Enterprise Application Platform访问限制绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01252 | OpenLDAP双重释放漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01253 | WordPress Elegant Themes Divi主题目录遍历漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01254 | Rsync任意文件写入漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01255 | OpenLDAP拒绝服务漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01256 | Piwigo 'admin.php' SQL注入漏洞(CNVD-2015-01256) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01257 | Exponent CMS存在多个跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01258 | Android整数溢出漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01259 | Jython访问限制绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01260 | Phusion Passenger符号链接攻击漏洞(CNVD-2015-01260) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01261 | Red Hat JBoss Enterprise Application Platform Application Server JacORB子系统信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01262 | Red Hat JBoss Weld竞争条件信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01263 | Piwigo 'admin.php'跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01264 | Samsung Security Manager安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01265 | Motorola Mobility Scanner SDK本地特权提升漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01266 | Motorola Mobility Scanner SDK存在多个栈缓冲区溢出漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01267 | IBM Flex System Manager本地信息泄露漏洞 | 2015-02-21 | 2015-02-26 |
| cnvd-2015-01268 | Ogaki Kyoritsu bank Smartphone Passbook for Android信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01269 | Ogaki Kyoritsu bank Smartphone Passbook安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01270 | Red Hat JBoss Enterprise Application Platform Role Based Access Control组件安全绕过漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01271 | IBM WebSphere MQ资源管理拒绝服务漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01272 | McAfee Data Loss Prevention Endpoint信息泄露漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01273 | IBM WebSphere Portal跨站脚本漏洞(CNVD-2015-01273) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01274 | McAfee Email Gateway跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01275 | McAfee Data Loss Prevention Endpoint跨站脚本漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01276 | McAfee Data Loss Prevention Endpoint SQL注入漏洞(CNVD-2015-01276) | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01277 | WordPress插件Redirection Page存在多个跨站请求伪造漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01278 | WordPress插件Mobile Domain存在多个跨站请求伪造漏洞 | 2015-02-21 | 2015-02-27 |
| cnvd-2015-01294 | Android 'GraphicBuffer::unflatten'函数整数溢出漏洞 | 2015-02-21 | 2015-02-27 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2003-AVI-088 | Vulnérabilité du Java Media Framework | 2003-05-19T00:00:00.000000 | 2003-05-19T00:00:00.000000 |
| CERTA-2003-AVI-089 | Vulnérabilité dans cdrecord | 2003-05-19T00:00:00.000000 | 2003-05-19T00:00:00.000000 |
| certa-2003-avi-088 | Vulnérabilité du Java Media Framework | 2003-05-19T00:00:00.000000 | 2003-05-19T00:00:00.000000 |
| certa-2003-avi-089 | Vulnérabilité dans cdrecord | 2003-05-19T00:00:00.000000 | 2003-05-19T00:00:00.000000 |
| CERTA-2003-AVI-090 | Multiples vulnérabilités sous HP-UX | 2003-05-23T00:00:00.000000 | 2003-05-30T00:00:00.000000 |
| certa-2003-avi-090 | Multiples vulnérabilités sous HP-UX | 2003-05-23T00:00:00.000000 | 2003-05-30T00:00:00.000000 |
| CERTA-2003-AVI-091 | Vulnérabilité de IPSec sous MacOS X | 2003-05-27T00:00:00.000000 | 2003-05-27T00:00:00.000000 |
| certa-2003-avi-091 | Vulnérabilité de IPSec sous MacOS X | 2003-05-27T00:00:00.000000 | 2003-05-27T00:00:00.000000 |
| CERTA-2003-AVI-092 | Correctif cumulatif pour Internet Information Server | 2003-05-30T00:00:00.000000 | 2003-05-30T00:00:00.000000 |
| CERTA-2003-AVI-093 | Vulnérabilité de Microsoft Windows Media Services Extension | 2003-05-30T00:00:00.000000 | 2003-05-30T00:00:00.000000 |
| CERTA-2003-AVI-094 | Vulnérabilité du service d'impression CUPS | 2003-05-30T00:00:00.000000 | 2003-06-12T00:00:00.000000 |
| certa-2003-avi-092 | Correctif cumulatif pour Internet Information Server | 2003-05-30T00:00:00.000000 | 2003-05-30T00:00:00.000000 |
| certa-2003-avi-093 | Vulnérabilité de Microsoft Windows Media Services Extension | 2003-05-30T00:00:00.000000 | 2003-05-30T00:00:00.000000 |
| certa-2003-avi-094 | Vulnérabilité du service d'impression CUPS | 2003-05-30T00:00:00.000000 | 2003-06-12T00:00:00.000000 |
| CERTA-2003-AVI-095 | Multiples vulnérabilités du serveur HTTP Apache | 2003-06-02T00:00:00.000000 | 2003-06-02T00:00:00.000000 |
| certa-2003-avi-095 | Multiples vulnérabilités du serveur HTTP Apache | 2003-06-02T00:00:00.000000 | 2003-06-02T00:00:00.000000 |
| CERTA-2003-AVI-096 | Vulnérabilité dans SunMC Change Manager | 2003-06-04T00:00:00.000000 | 2003-06-04T00:00:00.000000 |
| certa-2003-avi-096 | Vulnérabilité dans SunMC Change Manager | 2003-06-04T00:00:00.000000 | 2003-06-04T00:00:00.000000 |
| CERTA-2003-AVI-097 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2003-06-05T00:00:00.000000 | 2003-06-05T00:00:00.000000 |
| CERTA-2003-AVI-098 | Multiples vulnérabilités de CDE sur les plate-formes HP Tru64 UNIX et HP-UX | 2003-06-05T00:00:00.000000 | 2003-06-05T00:00:00.000000 |
| certa-2003-avi-097 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2003-06-05T00:00:00.000000 | 2003-06-05T00:00:00.000000 |
| certa-2003-avi-098 | Multiples vulnérabilités de CDE sur les plate-formes HP Tru64 UNIX et HP-UX | 2003-06-05T00:00:00.000000 | 2003-06-05T00:00:00.000000 |
| CERTA-2003-AVI-099 | Multiples vulnérabilités sous Solaris | 2003-06-23T00:00:00.000000 | 2003-06-23T00:00:00.000000 |
| certa-2003-avi-099 | Multiples vulnérabilités sous Solaris | 2003-06-23T00:00:00.000000 | 2003-06-23T00:00:00.000000 |
| CERTA-2003-AVI-100 | Multiples vulnérabilités d'Ethereal | 2003-06-24T00:00:00.000000 | 2003-07-15T00:00:00.000000 |
| certa-2003-avi-100 | Multiples vulnérabilités d'Ethereal | 2003-06-24T00:00:00.000000 | 2003-07-15T00:00:00.000000 |
| CERTA-2003-AVI-101 | Vulnérabilité dans Windows Media Player 9 | 2003-06-27T00:00:00.000000 | 2003-06-27T00:00:00.000000 |
| certa-2003-avi-101 | Vulnérabilité dans Windows Media Player 9 | 2003-06-27T00:00:00.000000 | 2003-06-27T00:00:00.000000 |
| CERTA-2003-AVI-102 | Vulnérabilités dans Windows 2000 | 2003-07-04T00:00:00.000000 | 2003-11-13T00:00:00.000000 |
| certa-2003-avi-102 | Vulnérabilités dans Windows 2000 | 2003-07-04T00:00:00.000000 | 2003-11-13T00:00:00.000000 |