Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0824 |
N/A
|
The unsetenv function in glibc 2.1.1 does not pro… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:28:41.572Z |
| CVE-2000-0834 |
N/A
|
The Windows 2000 telnet client attempts to perfor… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:28:41.655Z |
| CVE-2000-0837 |
N/A
|
FTP Serv-U 2.5e allows remote attackers to cause … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:28:41.644Z |
| CVE-2000-0844 |
N/A
|
Some functions that implement the locale subsyste… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.623Z |
| CVE-2000-0846 |
N/A
|
Buffer overflow in Darxite 0.4 and earlier allows… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.518Z |
| CVE-2000-0847 |
N/A
|
Buffer overflow in University of Washington c-cli… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.638Z |
| CVE-2000-0848 |
N/A
|
Buffer overflow in IBM WebSphere web application … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.512Z |
| CVE-2000-0849 |
N/A
|
Race condition in Microsoft Windows Media server … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.610Z |
| CVE-2000-0850 |
N/A
|
Netegrity SiteMinder before 4.11 allows remote at… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.511Z |
| CVE-2000-0851 |
N/A
|
Buffer overflow in the Still Image Service in Win… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.587Z |
| CVE-2000-0852 |
N/A
|
Multiple buffer overflows in eject on FreeBSD and… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.612Z |
| CVE-2000-0853 |
N/A
|
YaBB Bulletin Board 9.1.2000 allows remote attack… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.513Z |
| CVE-2000-0858 |
N/A
|
Vulnerability in Microsoft Windows NT 4.0 allows … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.900Z |
| CVE-2000-0860 |
N/A
|
The file upload capability in PHP versions 3 and … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.522Z |
| CVE-2000-0861 |
N/A
|
Mailman 1.1 allows list administrators to execute… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.653Z |
| CVE-2000-0862 |
N/A
|
Vulnerability in an administrative interface util… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.705Z |
| CVE-2000-0863 |
N/A
|
Buffer overflow in listmanager earlier than 2.105… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.693Z |
| CVE-2000-0864 |
N/A
|
Race condition in the creation of a Unix domain s… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.637Z |
| CVE-2000-0865 |
N/A
|
Buffer overflow in dvtermtype in Tridia Double Vi… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.637Z |
| CVE-2000-0867 |
N/A
|
Kernel logging daemon (klogd) in Linux does not p… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.337Z |
| CVE-2000-0868 |
N/A
|
The default configuration of Apache 1.3.12 in SuS… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.439Z |
| CVE-2000-0869 |
N/A
|
The default configuration of Apache 1.3.12 in SuS… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.511Z |
| CVE-2000-0870 |
N/A
|
Buffer overflow in EFTP allows remote attackers t… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.639Z |
| CVE-2000-0871 |
N/A
|
Buffer overflow in EFTP allows remote attackers t… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.291Z |
| CVE-2000-0873 |
N/A
|
netstat in AIX 4.x.x does not properly restrict a… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.236Z |
| CVE-2000-0878 |
N/A
|
The mailto CGI script allows remote attacker to e… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.324Z |
| CVE-2000-0883 |
N/A
|
The default configuration of mod_perl for Apache … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.433Z |
| CVE-2000-0884 |
N/A
|
IIS 4.0 and 5.0 allows remote attackers to read d… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.540Z |
| CVE-2000-0886 |
N/A
|
IIS 5.0 allows remote attackers to execute arbitr… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.493Z |
| CVE-2000-0887 |
N/A
|
named in BIND 8.2 through 8.2.2-P6 allows remote … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.266Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2000-0824 |
N/A
|
The unsetenv function in glibc 2.1.1 does not pro… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:28:41.572Z |
| CVE-2000-0834 |
N/A
|
The Windows 2000 telnet client attempts to perfor… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:28:41.655Z |
| CVE-2000-0837 |
N/A
|
FTP Serv-U 2.5e allows remote attackers to cause … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:28:41.644Z |
| CVE-2000-0844 |
N/A
|
Some functions that implement the locale subsyste… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.623Z |
| CVE-2000-0846 |
N/A
|
Buffer overflow in Darxite 0.4 and earlier allows… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.518Z |
| CVE-2000-0847 |
N/A
|
Buffer overflow in University of Washington c-cli… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.638Z |
| CVE-2000-0848 |
N/A
|
Buffer overflow in IBM WebSphere web application … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.512Z |
| CVE-2000-0849 |
N/A
|
Race condition in Microsoft Windows Media server … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.610Z |
| CVE-2000-0850 |
N/A
|
Netegrity SiteMinder before 4.11 allows remote at… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.511Z |
| CVE-2000-0851 |
N/A
|
Buffer overflow in the Still Image Service in Win… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.587Z |
| CVE-2000-0852 |
N/A
|
Multiple buffer overflows in eject on FreeBSD and… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.612Z |
| CVE-2000-0853 |
N/A
|
YaBB Bulletin Board 9.1.2000 allows remote attack… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.513Z |
| CVE-2000-0858 |
N/A
|
Vulnerability in Microsoft Windows NT 4.0 allows … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.900Z |
| CVE-2000-0860 |
N/A
|
The file upload capability in PHP versions 3 and … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.522Z |
| CVE-2000-0861 |
N/A
|
Mailman 1.1 allows list administrators to execute… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.653Z |
| CVE-2000-0862 |
N/A
|
Vulnerability in an administrative interface util… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.705Z |
| CVE-2000-0863 |
N/A
|
Buffer overflow in listmanager earlier than 2.105… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.693Z |
| CVE-2000-0864 |
N/A
|
Race condition in the creation of a Unix domain s… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.637Z |
| CVE-2000-0865 |
N/A
|
Buffer overflow in dvtermtype in Tridia Double Vi… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.637Z |
| CVE-2000-0867 |
N/A
|
Kernel logging daemon (klogd) in Linux does not p… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.337Z |
| CVE-2000-0868 |
N/A
|
The default configuration of Apache 1.3.12 in SuS… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.439Z |
| CVE-2000-0869 |
N/A
|
The default configuration of Apache 1.3.12 in SuS… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.511Z |
| CVE-2000-0870 |
N/A
|
Buffer overflow in EFTP allows remote attackers t… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:30.639Z |
| CVE-2000-0871 |
N/A
|
Buffer overflow in EFTP allows remote attackers t… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.291Z |
| CVE-2000-0873 |
N/A
|
netstat in AIX 4.x.x does not properly restrict a… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.236Z |
| CVE-2000-0878 |
N/A
|
The mailto CGI script allows remote attacker to e… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.324Z |
| CVE-2000-0883 |
N/A
|
The default configuration of mod_perl for Apache … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.433Z |
| CVE-2000-0884 |
N/A
|
IIS 4.0 and 5.0 allows remote attackers to read d… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.540Z |
| CVE-2000-0886 |
N/A
|
IIS 5.0 allows remote attackers to execute arbitr… |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.493Z |
| CVE-2000-0887 |
N/A
|
named in BIND 8.2 through 8.2.2-P6 allows remote … |
n/a |
n/a |
2001-01-22T05:00:00 | 2024-08-08T05:37:31.266Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2000-0273 | PCAnywhere allows remote attackers to cause a denial of service by terminating the connection befor… | 2000-04-09T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0274 | The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file o… | 2000-04-10T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0275 | CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows a… | 2000-04-10T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0276 | BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls u… | 2000-04-10T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0294 | Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. | 2000-04-10T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0695 | The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (d… | 2000-04-11T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0699 | The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs. | 2000-04-11T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0701 | After an unattended installation of Windows NT 4.0, an installation file could include sensitive in… | 2000-04-11T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-1999-0979 | The SCO UnixWare privileged process system allows local users to gain root privileges by using a de… | 2000-04-11T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0252 | The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shel… | 2000-04-11T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0253 | The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase i… | 2000-04-11T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0258 | IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a la… | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0259 | The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Win… | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0261 | The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0262 | The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed… | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0282 | TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arb… | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0283 | The default installation of IRIX Performance Copilot allows remote attackers to access sensitive sy… | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0287 | The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via she… | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0288 | Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents … | 2000-04-12T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0250 | The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. | 2000-04-14T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0254 | The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart da… | 2000-04-14T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0260 | Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a deni… | 2000-04-14T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-1218 | The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and … | 2000-04-14T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0263 | The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a ma… | 2000-04-16T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0284 | Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to … | 2000-04-16T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0285 | Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbma… | 2000-04-16T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0286 | X fontserver xfs allows local users to cause a denial of service via malformed input to the server. | 2000-04-16T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0291 | Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a lon… | 2000-04-16T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0264 | Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privil… | 2000-04-17T04:00:00.000 | 2025-04-03T01:03:51.193 |
| fkie_cve-2000-0265 | Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet. | 2000-04-17T04:00:00.000 | 2025-04-03T01:03:51.193 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-qvrv-2x7x-78x2 |
6.1 (3.1)
|
Reflected XSS in SilverStripe | 2020-02-24T17:33:31Z | 2024-02-06T17:33:37Z |
| ghsa-q65m-pv3f-wr5r |
6.1 (3.1)
5.3 (4.0)
|
XSS in Bleach when noscript and raw tag whitelisted | 2020-02-24T17:33:44Z | 2024-09-13T15:05:52Z |
| ghsa-9r27-994c-4xch |
|
discord-html not escaping HTML code blocks when lacking a language identifier | 2020-02-24T17:34:02Z | 2020-02-21T20:20:53Z |
| ghsa-7553-jr98-vx47 |
7.5 (3.1)
|
libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation | 2020-02-24T19:12:36Z | 2022-04-22T17:29:45Z |
| ghsa-3m93-m4q6-mc6v |
6.5 (3.1)
|
Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible | 2020-02-26T19:54:31Z | 2024-09-04T20:27:06Z |
| ghsa-fxjm-wvj9-9c39 |
6.5 (3.1)
|
Information disclosure in Apache Superset | 2020-02-26T19:54:57Z | 2024-09-05T21:34:03Z |
| ghsa-9c29-9h4m-wg5p |
5.3 (3.1)
6.9 (4.0)
|
Users can view database names in Apache Superset | 2020-02-26T19:55:14Z | 2024-09-05T21:39:46Z |
| ghsa-p5w7-qmq6-pmjr |
5.3 (3.1)
6.9 (4.0)
|
Users able to query database metadata in Apache Superset | 2020-02-26T19:55:32Z | 2024-09-05T21:41:06Z |
| ghsa-8rc5-hx3v-2jg7 |
6.1 (3.1)
|
Sanitizer bypass in svg-sanitizer | 2020-02-27T20:36:29Z | 2021-08-19T19:25:06Z |
| ghsa-2gc7-w4hw-rr2m |
9.8 (3.1)
|
class.upload.php in verot.net omits .pht from the set of dangerous file extensions | 2020-02-28T01:10:17Z | 2021-08-19T19:29:17Z |
| ghsa-qxf4-chvg-4r8r |
4.8 (3.1)
|
Potential HTTP request smuggling in Apache Tomcat | 2020-02-28T01:10:48Z | 2021-08-19T19:30:36Z |
| ghsa-767j-jfh2-jvrc |
4.8 (3.1)
|
Potential HTTP request smuggling in Apache Tomcat | 2020-02-28T01:10:58Z | 2022-09-08T14:06:08Z |
| ghsa-84j7-475p-hp8v |
6.5 (3.1)
|
HTTP Response Splitting in Puma | 2020-02-28T16:53:55Z | 2023-05-16T16:16:12Z |
| ghsa-jppv-gw3r-w3q8 |
6.4 (3.1)
|
OS Command Injection in Rake | 2020-02-28T16:54:36Z | 2023-08-29T15:03:03Z |
| ghsa-6v7p-v754-j89v |
6.5 (3.1)
|
HTTP Response Splitting in Styx | 2020-03-03T15:32:03Z | 2021-08-19T19:37:59Z |
| ghsa-33vf-4xgg-9r58 |
6.5 (3.1)
|
HTTP Response Splitting (Early Hints) in Puma | 2020-03-03T23:33:16Z | 2023-05-16T16:16:20Z |
| ghsa-h4mf-75hf-67w4 |
7.7 (3.1)
|
Information disclosure in parse-server | 2020-03-04T20:20:27Z | 2021-01-08T20:27:29Z |
| ghsa-gww7-p5w4-wrfv |
9.8 (3.1)
|
Deserialization of Untrusted Data in jackson-databind | 2020-03-04T20:52:11Z | 2024-03-15T00:52:58Z |
| ghsa-4w82-r329-3q67 |
9.8 (3.1)
|
Deserialization of Untrusted Data in jackson-databind | 2020-03-04T20:52:14Z | 2023-06-08T19:02:11Z |
| ghsa-7w4p-72j7-v7c2 |
8.8 (3.1)
|
Phar object injection in PHPMailer | 2020-03-05T22:08:55Z | 2021-08-19T19:57:58Z |
| ghsa-4x5h-cr29-fhp6 |
5.5 (3.1)
|
Local file disclosure in PHPMailer | 2020-03-05T22:09:10Z | 2021-08-19T19:50:50Z |
| ghsa-58mj-pw57-4vm2 |
6.1 (3.1)
|
Cross-site scripting in PHPMailer | 2020-03-05T22:09:13Z | 2021-08-19T19:44:10Z |
| ghsa-4pc3-96mx-wwc8 |
9.8 (3.1)
|
Remote code execution in PHPMailer | 2020-03-05T22:09:14Z | 2025-04-14T22:05:57Z |
| ghsa-5f37-gxvh-23v6 |
9.8 (3.1)
|
Remote code execution in PHPMailer | 2020-03-05T22:09:17Z | 2025-10-22T17:33:42Z |
| ghsa-738m-f33v-qc2r |
|
SMTP Injection in PHPMailer | 2020-03-05T22:09:19Z | 2020-03-05T21:57:18Z |
| ghsa-ff5x-w9wg-h275 |
|
Holder can generate proof of ownership for credentials it does not control in vp-toolkit | 2020-03-06T01:15:46Z | 2020-02-28T16:38:18Z |
| ghsa-p94w-42g3-f7h4 |
|
Holder can (re)create authentic credentials after receiving a credential in vp-toolkit | 2020-03-06T01:16:00Z | 2020-02-28T16:38:09Z |
| ghsa-wh37-37xw-54hr |
9.8 (3.1)
9.3 (4.0)
|
Improper Authentication in requests-kerberos | 2020-03-10T18:02:31Z | 2024-10-26T22:45:17Z |
| ghsa-pcqq-5962-hvcw |
|
Denial of Service in uap-core when processing crafted User-Agent strings | 2020-03-10T18:02:49Z | 2025-05-22T17:12:55Z |
| ghsa-jxfh-8wgv-vfr2 |
7.7 (3.1)
|
Prototype pollution in dojo | 2020-03-10T18:03:14Z | 2022-02-08T22:06:45Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2021-795 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-gpu | 2021-08-12T23:15:00Z | 2021-12-09T06:35:39.693273Z |
| pysec-2021-796 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-gpu | 2021-08-12T23:15:00Z | 2021-12-09T06:35:39.778016Z |
| pysec-2021-798 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-gpu | 2021-08-12T23:15:00Z | 2021-12-09T06:35:39.946066Z |
| pysec-2021-802 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-gpu | 2021-08-12T23:15:00Z | 2021-12-09T06:35:40.308304Z |
| pysec-2021-803 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-gpu | 2021-08-12T23:15:00Z | 2021-12-09T06:35:40.404135Z |
| pysec-2021-312 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow | 2021-08-13T00:15:00Z | 2021-08-27T03:22:47.685921Z |
| pysec-2021-603 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-cpu | 2021-08-13T00:15:00Z | 2021-12-09T06:35:06.680335Z |
| pysec-2021-801 |
|
TensorFlow is an end-to-end open source platform for machine learning. In affected versio… | tensorflow-gpu | 2021-08-13T00:15:00Z | 2021-12-09T06:35:40.227651Z |
| pysec-2021-344 |
|
OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuz… | onefuzz | 2021-08-13T21:15:00Z | 2021-09-26T23:32:40.198740Z |
| pysec-2021-116 |
|
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source f… | bikeshed | 2021-08-16T08:15:00Z | 2021-08-16T10:33:00.121184Z |
| pysec-2021-117 |
|
This affects the package bikeshed before 3.0.0. This can occur when an untrusted source f… | bikeshed | 2021-08-16T08:15:00Z | 2021-08-16T10:33:00.179750Z |
| pysec-2021-122 |
|
If remote logging is not used, the worker (in the case of CeleryExecutor) or the schedule… | apache-airflow | 2021-08-16T08:15:00Z | 2021-08-24T14:30:45.545655Z |
| pysec-2021-143 |
|
Cross Site Scripting (XSS) in Quokka v0.4.0 allows remote attackers to execute arbitrary … | quokka | 2021-08-16T18:15:00Z | 2021-08-27T03:22:19.002010Z |
| pysec-2021-144 |
|
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary… | quokka | 2021-08-16T18:15:00Z | 2021-08-27T03:22:19.043898Z |
| pysec-2021-145 |
|
XML External Entities (XXE) in Quokka v0.4.0 allows remote attackers to execute arbitrary… | quokka | 2021-08-16T18:15:00Z | 2021-08-27T03:22:19.070898Z |
| pysec-2021-336 |
|
Unrestricted Upload of File with Dangerous Type in Django-Widgy v0.8.4 allows remote atta… | django-widgy | 2021-08-16T18:15:00Z | 2021-09-26T23:32:19.117278Z |
| pysec-2021-339 |
|
Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute f… | lin-cms | 2021-08-16T18:15:00Z | 2022-03-16T02:19:49.985623Z |
| pysec-2021-340 |
|
Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arb… | lin-cms | 2021-08-16T18:15:00Z | 2022-03-16T02:19:50.038358Z |
| pysec-2021-341 |
|
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensit… | lin-cms | 2021-08-16T18:15:00Z | 2022-03-16T02:19:50.092963Z |
| pysec-2021-120 |
|
Webrecorder pywb before 2.6.0 allows XSS because it does not ensure that Jinja2 templates… | pywb | 2021-08-18T18:15:00Z | 2021-08-18T20:29:26.806388Z |
| pysec-2021-879 |
6.5 (3.1)
|
An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof(box)) function of E… | exiv2 | 2021-08-19T22:15:00+00:00 | 2024-10-15T17:22:01.866867+00:00 |
| pysec-2021-885 |
6.5 (3.1)
|
A stack exhaustion issue in the printIFDStructure function of Exiv2 0.27 allows remote at… | exiv2 | 2021-08-19T22:15:00Z | 2024-11-21T14:22:50.094265Z |
| pysec-2021-121 |
|
An XML external entity (XXE) injection in PyWPS before 4.5.0 allows an attacker to view f… | pywps | 2021-08-23T01:15:00Z | 2021-08-23T05:26:18.647869Z |
| pysec-2021-360 |
|
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address i… | neutron | 2021-08-23T05:15:00Z | 2021-10-11T01:16:41.119513Z |
| pysec-2021-882 |
8.1 (3.1)
|
Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0… | exiv2 | 2021-08-23T22:15:00Z | 2024-11-21T14:22:49.911764Z |
| pysec-2021-883 |
6.5 (3.1)
|
An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows att… | exiv2 | 2021-08-23T22:15:00Z | 2024-11-21T14:22:49.973408Z |
| pysec-2021-884 |
6.5 (3.1)
|
A float point exception in the printLong function in tags_int.cpp of Exiv2 0.27.99.0 allo… | exiv2 | 2021-08-23T22:15:00Z | 2024-11-21T14:22:50.034285Z |
| pysec-2021-315 |
|
nbgitpuller is a Jupyter server extension to sync a git repository one-way to a local pat… | nbgitpuller | 2021-08-25T18:15:00Z | 2021-08-30T18:40:30.558311Z |
| pysec-2021-371 |
|
BinderHub is a kubernetes-based cloud service that allows users to share reproducible int… | binderhub | 2021-08-25T19:15:00Z | 2021-09-01T12:23:00Z |
| pysec-2021-343 |
|
Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote attackers to execute arbitra… | mezzanine | 2021-08-27T19:15:00Z | 2022-02-23T20:45:43.686053Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2022-1691 | Malicious code in brock-react-button (npm) | 2022-06-20T20:09:10Z | 2022-06-20T20:09:18Z |
| mal-2022-1890 | Malicious code in chat-web-sdk (npm) | 2022-06-20T20:09:10Z | 2022-06-20T20:09:10Z |
| mal-2022-6175 | Malicious code in smartsuite-ui (npm) | 2022-06-20T20:09:10Z | 2022-06-20T20:09:10Z |
| mal-2022-892 | Malicious code in aggregator-dashboard-microfrontend (npm) | 2022-06-20T20:09:10Z | 2022-06-20T20:09:10Z |
| MAL-2022-1038 | Malicious code in api-camel (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:11Z |
| MAL-2022-2341 | Malicious code in datacoral (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:11Z |
| MAL-2022-5071 | Malicious code in on-products-ui (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:12Z |
| MAL-2022-6890 | Malicious code in vanillaforums (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:12Z |
| mal-2022-1038 | Malicious code in api-camel (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:11Z |
| mal-2022-2341 | Malicious code in datacoral (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:11Z |
| mal-2022-5071 | Malicious code in on-products-ui (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:12Z |
| mal-2022-6890 | Malicious code in vanillaforums (npm) | 2022-06-20T20:09:11Z | 2022-06-20T20:09:12Z |
| MAL-2022-4056 | Malicious code in js-access-token-lib (npm) | 2022-06-20T20:09:12Z | 2022-06-20T20:09:17Z |
| MAL-2022-4814 | Malicious code in new-fingerprint (npm) | 2022-06-20T20:09:12Z | 2022-06-20T20:09:13Z |
| MAL-2022-5672 | Malicious code in react-select-v1-deprecated (npm) | 2022-06-20T20:09:12Z | 2022-06-20T20:09:12Z |
| mal-2022-4056 | Malicious code in js-access-token-lib (npm) | 2022-06-20T20:09:12Z | 2022-06-20T20:09:17Z |
| mal-2022-4814 | Malicious code in new-fingerprint (npm) | 2022-06-20T20:09:12Z | 2022-06-20T20:09:13Z |
| mal-2022-5672 | Malicious code in react-select-v1-deprecated (npm) | 2022-06-20T20:09:12Z | 2022-06-20T20:09:12Z |
| MAL-2022-1689 | Malicious code in brock-date-time (npm) | 2022-06-20T20:09:17Z | 2022-06-20T20:09:18Z |
| MAL-2022-621 | Malicious code in @talent-journey/tj-fe-commons (npm) | 2022-06-20T20:09:17Z | 2022-06-20T20:09:18Z |
| mal-2022-1689 | Malicious code in brock-date-time (npm) | 2022-06-20T20:09:17Z | 2022-06-20T20:09:18Z |
| mal-2022-621 | Malicious code in @talent-journey/tj-fe-commons (npm) | 2022-06-20T20:09:17Z | 2022-06-20T20:09:18Z |
| MAL-2022-498 | Malicious code in @pb-shared/storybook-react-library (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:19Z |
| MAL-2022-594 | Malicious code in @smartsteuer/solo-vue-heroicons (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:19Z |
| MAL-2022-704 | Malicious code in @vimeo-date-time/relative (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:18Z |
| MAL-2022-710 | Malicious code in @vrtoeni/shared (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:18Z |
| mal-2022-498 | Malicious code in @pb-shared/storybook-react-library (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:19Z |
| mal-2022-594 | Malicious code in @smartsteuer/solo-vue-heroicons (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:19Z |
| mal-2022-704 | Malicious code in @vimeo-date-time/relative (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:18Z |
| mal-2022-710 | Malicious code in @vrtoeni/shared (npm) | 2022-06-20T20:09:18Z | 2022-06-20T20:09:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2022-2145 | Trend Micro Apex One: Mehrere Schwachstellen | 2022-11-21T23:00:00.000+00:00 | 2023-02-09T23:00:00.000+00:00 |
| wid-sec-w-2022-2150 | xpdf: Schwachstelle ermöglicht Denial of Service | 2022-11-22T23:00:00.000+00:00 | 2024-09-24T22:00:00.000+00:00 |
| wid-sec-w-2022-2151 | Pro-FTPd: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-11-22T23:00:00.000+00:00 | 2024-01-30T23:00:00.000+00:00 |
| wid-sec-w-2022-2154 | Mattermost: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-11-22T23:00:00.000+00:00 | 2022-11-27T23:00:00.000+00:00 |
| wid-sec-w-2022-2155 | Aruba EdgeConnect: Mehrere Schwachstellen | 2022-11-22T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2157 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2022-11-22T23:00:00.000+00:00 | 2023-04-26T22:00:00.000+00:00 |
| wid-sec-w-2022-2152 | Linux Kernel: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2022-11-23T23:00:00.000+00:00 | 2024-05-01T22:00:00.000+00:00 |
| wid-sec-w-2022-2160 | Apache Tomcat: Schwachstelle ermöglicht Denial of Service | 2022-11-23T23:00:00.000+00:00 | 2023-05-04T22:00:00.000+00:00 |
| wid-sec-w-2022-2165 | systemd: Schwachstelle ermöglicht Denial of Service | 2022-11-23T23:00:00.000+00:00 | 2024-05-05T22:00:00.000+00:00 |
| wid-sec-w-2022-2166 | Red Hat OpenShift: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-11-23T23:00:00.000+00:00 | 2025-04-29T22:00:00.000+00:00 |
| wid-sec-w-2022-2167 | PostgreSQL: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-11-23T23:00:00.000+00:00 | 2024-12-17T23:00:00.000+00:00 |
| wid-sec-w-2022-2171 | Linux Kernel: Mehrere Schwachstellen | 2022-11-24T23:00:00.000+00:00 | 2025-01-02T23:00:00.000+00:00 |
| wid-sec-w-2022-2172 | ILIAS: Mehrere Schwachstellen | 2022-11-24T23:00:00.000+00:00 | 2022-12-05T23:00:00.000+00:00 |
| wid-sec-w-2022-2173 | Ruby: Schwachstelle ermöglicht Manipulation von Dateien | 2022-11-24T23:00:00.000+00:00 | 2025-04-22T22:00:00.000+00:00 |
| wid-sec-w-2022-2174 | Google Chrome / Microsoft Edge: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-11-24T23:00:00.000+00:00 | 2022-11-28T23:00:00.000+00:00 |
| wid-sec-w-2022-2176 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2022-11-27T23:00:00.000+00:00 | 2024-12-17T23:00:00.000+00:00 |
| wid-sec-w-2022-2177 | vim: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-11-27T23:00:00.000+00:00 | 2025-03-30T22:00:00.000+00:00 |
| wid-sec-w-2022-2178 | Red Hat OpenShift: Schwachstelle ermöglicht Darstellen falscher Informationen | 2022-11-27T23:00:00.000+00:00 | 2022-11-27T23:00:00.000+00:00 |
| wid-sec-w-2022-2179 | QEMU: Schwachstelle ermöglicht Denial of Service | 2022-11-27T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2022-2180 | Wind River VxWorks: Schwachstelle ermöglicht Denial of Service | 2022-11-27T23:00:00.000+00:00 | 2023-03-21T23:00:00.000+00:00 |
| wid-sec-w-2022-2181 | GNU Emacs: Schwachstelle ermöglicht Codeausführung | 2022-11-27T23:00:00.000+00:00 | 2024-09-19T22:00:00.000+00:00 |
| wid-sec-w-2022-2183 | Nextcloud: Mehrere Schwachstellen | 2022-11-27T23:00:00.000+00:00 | 2025-09-17T22:00:00.000+00:00 |
| wid-sec-w-2022-2184 | Unify OpenScape 4000: Schwachstelle ermöglicht Erlangen von Administratorrechten | 2022-11-27T23:00:00.000+00:00 | 2022-12-13T23:00:00.000+00:00 |
| wid-sec-w-2022-2185 | QEMU: Schwachstelle ermöglicht Denial of Service | 2022-11-28T23:00:00.000+00:00 | 2024-09-02T22:00:00.000+00:00 |
| wid-sec-w-2022-2186 | Linux Kernel: Schwachstellen ermöglicht Denial of Service | 2022-11-28T23:00:00.000+00:00 | 2025-08-18T22:00:00.000+00:00 |
| wid-sec-w-2022-2187 | IBM WebSphere Application Server: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-11-28T23:00:00.000+00:00 | 2025-05-29T22:00:00.000+00:00 |
| wid-sec-w-2022-2194 | Prometheus: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2022-11-29T23:00:00.000+00:00 | 2024-02-27T23:00:00.000+00:00 |
| wid-sec-w-2022-2195 | FreeBSD Project FreeBSD OS: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2022-11-29T23:00:00.000+00:00 | 2022-12-11T23:00:00.000+00:00 |
| wid-sec-w-2022-2196 | VMware Tools: Schwachstelle ermöglicht Denial of Service | 2022-11-29T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2197 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2022-11-29T23:00:00.000+00:00 | 2024-03-20T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2006:0618 | Red Hat Security Advisory: apache security update | 2006-08-08T19:50:00+00:00 | 2026-01-13T22:31:59+00:00 |
| rhsa-2006_0618 | Red Hat Security Advisory: apache security update | 2006-08-08T19:50:00+00:00 | 2024-11-14T10:04:35+00:00 |
| rhsa-2006:0612 | Red Hat Security Advisory: krb5 security update | 2006-08-08T20:09:00+00:00 | 2026-01-13T22:39:47+00:00 |
| rhsa-2006_0612 | Red Hat Security Advisory: krb5 security update | 2006-08-08T20:09:00+00:00 | 2024-11-22T00:27:13+00:00 |
| rhba-2006:0288 | Red Hat Bug Fix Advisory: bind bug fix update | 2006-08-09T00:00:00+00:00 | 2025-11-21T17:20:47+00:00 |
| rhba-2006_0288 | Red Hat Bug Fix Advisory: bind bug fix update | 2006-08-09T00:00:00+00:00 | 2024-11-22T00:12:38+00:00 |
| rhea-2006:0355 | Red Hat Enhancement Advisory: oprofile enhancement update | 2006-08-09T00:00:00+00:00 | 2025-11-21T17:23:54+00:00 |
| rhea-2006_0355 | Red Hat Enhancement Advisory: oprofile enhancement update | 2006-08-09T00:00:00+00:00 | 2024-11-22T00:14:29+00:00 |
| rhsa-2006:0393 | Red Hat Security Advisory: ntp security update | 2006-08-10T18:33:00+00:00 | 2025-11-21T17:30:11+00:00 |
| rhsa-2006_0393 | Red Hat Security Advisory: ntp security update | 2006-08-10T18:33:00+00:00 | 2024-11-22T00:14:44+00:00 |
| rhsa-2006:0354 | Red Hat Security Advisory: elfutils security update | 2006-08-10T18:37:00+00:00 | 2026-01-08T09:19:23+00:00 |
| rhsa-2006_0354 | Red Hat Security Advisory: elfutils security update | 2006-08-10T18:37:00+00:00 | 2024-11-21T23:56:35+00:00 |
| rhsa-2006:0582 | Red Hat Security Advisory: kdebase security fix | 2006-08-10T19:09:00+00:00 | 2025-11-21T17:30:24+00:00 |
| rhsa-2006_0582 | Red Hat Security Advisory: kdebase security fix | 2006-08-10T19:09:00+00:00 | 2024-11-22T00:14:33+00:00 |
| rhsa-2006:0605 | Red Hat Security Advisory: perl security update | 2006-08-10T19:14:00+00:00 | 2025-11-21T17:30:27+00:00 |
| rhsa-2006_0605 | Red Hat Security Advisory: perl security update | 2006-08-10T19:14:00+00:00 | 2024-11-22T00:27:04+00:00 |
| rhsa-2006:0575 | Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4 | 2006-08-10T19:31:00+00:00 | 2026-01-13T20:57:58+00:00 |
| rhsa-2006_0575 | Red Hat Security Advisory: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4 | 2006-08-10T19:31:00+00:00 | 2024-11-22T00:23:49+00:00 |
| rhsa-2006:0619 | Red Hat Security Advisory: httpd security update | 2006-08-10T20:55:00+00:00 | 2026-01-13T22:38:33+00:00 |
| rhsa-2006_0619 | Red Hat Security Advisory: httpd security update | 2006-08-10T20:55:00+00:00 | 2024-11-14T10:04:38+00:00 |
| rhsa-2006:0602 | Red Hat Security Advisory: wireshark security update (was ethereal) | 2006-08-16T13:41:00+00:00 | 2026-01-13T22:08:18+00:00 |
| rhsa-2006_0602 | Red Hat Security Advisory: wireshark security update (was ethereal) | 2006-08-16T13:41:00+00:00 | 2024-11-22T00:26:05+00:00 |
| rhsa-2006:0635 | Red Hat Security Advisory: XFree86 security update | 2006-08-21T22:06:00+00:00 | 2026-01-13T22:40:41+00:00 |
| rhsa-2006_0635 | Red Hat Security Advisory: XFree86 security update | 2006-08-21T22:06:00+00:00 | 2024-11-22T00:28:33+00:00 |
| rhsa-2006:0634 | Red Hat Security Advisory: xorg-x11 security update | 2006-08-21T23:00:00+00:00 | 2026-01-08T02:51:43+00:00 |
| rhsa-2006_0634 | Red Hat Security Advisory: xorg-x11 security update | 2006-08-21T23:00:00+00:00 | 2024-11-22T00:28:28+00:00 |
| rhsa-2006:0617 | Red Hat Security Advisory: kernel security update | 2006-08-22T18:39:00+00:00 | 2026-01-13T22:06:41+00:00 |
| rhsa-2006_0617 | Red Hat Security Advisory: kernel security update | 2006-08-22T18:39:00+00:00 | 2024-11-22T00:39:08+00:00 |
| rhsa-2006:0633 | Red Hat Security Advisory: ImageMagick security update | 2006-08-24T11:57:00+00:00 | 2026-01-13T22:32:15+00:00 |
| rhsa-2006_0633 | Red Hat Security Advisory: ImageMagick security update | 2006-08-24T11:57:00+00:00 | 2024-11-22T00:28:11+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-21-350-18 | Siemens Teamcenter Active Workspace | 2021-12-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-21-350-19 | Siemens SiPass Integrated | 2021-12-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-21-350-20 | Siemens JTTK and JT Utilities | 2021-12-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-21-350-01 | Xylem AquaView | 2021-12-16T00:00:00.000000Z | 2021-12-16T00:00:00.000000Z |
| icsa-21-350-02 | Delta Electronics CNCSoft | 2021-12-16T00:00:00.000000Z | 2021-12-16T00:00:00.000000Z |
| icsa-21-350-03 | Wibu-Systems CodeMeter Runtime | 2021-12-16T00:00:00.000000Z | 2021-12-16T00:00:00.000000Z |
| icsa-21-350-04 | Mitsubishi Electric GX Works2 | 2021-12-16T00:00:00.000000Z | 2021-12-16T00:00:00.000000Z |
| icsa-21-350-05 | Mitsubishi Electric FA Engineering Software (Update B) | 2021-12-16T00:00:00.000000Z | 2021-12-16T00:00:00.000000Z |
| icsa-21-350-13 | Siemens Questa and ModelSim | 2021-12-16T00:00:00.000000Z | 2021-12-16T00:00:00.000000Z |
| icsa-21-350-16 | Siemens Healthineers syngo fastView (Update A) | 2021-12-16T00:00:00.000000Z | 2022-02-10T00:00:00.000000Z |
| icsa-25-155-02 | Hitachi Energy Relion 670 650 series and SAM600-IO Product | 2021-12-16T13:30:00.000000Z | 2025-05-27T12:30:00.000000Z |
| icsa-21-355-01 | mySCADA myPRO | 2021-12-21T00:00:00.000000Z | 2021-12-21T00:00:00.000000Z |
| icsa-21-355-02 | Horner Automation Cscape EnvisionRV | 2021-12-21T00:00:00.000000Z | 2021-12-21T00:00:00.000000Z |
| icsa-21-355-03 | WECON LeviStudioU | 2021-12-21T00:00:00.000000Z | 2021-12-21T00:00:00.000000Z |
| icsa-21-355-04 | Emerson DeltaV | 2021-12-21T00:00:00.000000Z | 2021-12-21T00:00:00.000000Z |
| icsma-21-355-01 | Fresenius Kabi Agilia Connect Infusion System (Update A) | 2021-12-21T00:00:00.000000Z | 2022-01-27T00:00:00.000000Z |
| icsa-21-357-01 | Moxa MGate Protocol Gateways | 2021-12-23T00:00:00.000000Z | 2021-12-23T00:00:00.000000Z |
| icsa-21-357-02 | Johnson Controls exacq Enterprise Manager | 2021-12-23T00:00:00.000000Z | 2021-12-23T00:00:00.000000Z |
| icsa-22-006-01 | Omron CX-One | 2022-01-06T00:00:00.000000Z | 2022-01-06T00:00:00.000000Z |
| icsa-22-006-02 | Fernhill SCADA | 2022-01-06T00:00:00.000000Z | 2022-01-06T00:00:00.000000Z |
| icsa-22-006-03 | IDEC PLCs | 2022-01-06T00:00:00.000000Z | 2022-01-06T00:00:00.000000Z |
| icsma-22-006-01 | Philips Engage Software | 2022-01-06T00:00:00.000000Z | 2022-01-06T00:00:00.000000Z |
| icsa-22-011-01 | Johnson Controls VideoEdge | 2022-01-11T00:00:00.000000Z | 2022-01-11T00:00:00.000000Z |
| icsa-22-013-02 | Siemens SICAM A8000 | 2022-01-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-013-03 | Siemens Energy PLUSCONTROL | 2022-01-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-013-04 | Siemens SIPROTEC 5 Devices | 2022-01-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-013-05 | Siemens COMOS Web (Update A) | 2022-01-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-013-06 | Siemens SICAM PQ Analyzer | 2022-01-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-013-01 | Mitsubishi Electric MELSEC-F Series | 2022-01-13T00:00:00.000000Z | 2022-01-13T00:00:00.000000Z |
| icsa-22-013-07 | Mitsubishi Electric MELSEC-F Series | 2022-01-13T00:00:00.000000Z | 2022-01-13T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-asaftd-snmpaccess-m6yoweq3 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Access Control Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-asaftd-xss-webui-gqlsfypm | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-fmc-dir-traversal-95uyw5tk | Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-fmc-infodisc-ft2wvmnu | Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-fmc-xss-openredir-tvpmwjyg | Cisco Firepower Management Center Software Cross-Site Scripting and Open Redirect Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-cmdinject-fmzsln8 | Cisco Firepower Threat Defense Software Command Injection Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-dos-rudsew3r | Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-enip-bypass-efsxd8kp | Cisco Firepower Threat Defense Software Ethernet Industrial Protocol Policy Bypass Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-ftd-file-write-shvcmqvc | Cisco Firepower Threat Defense Software CLI Arbitrary File Write Vulnerability | 2021-10-27T16:00:00+00:00 | 2023-05-26T11:54:17+00:00 |
| cisco-sa-ftd-tls-decrypt-dos-bmxyjm8m | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-natalg-bypass-cpkgqkng | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-snort-dos-rywh7ezm | Multiple Cisco Products Snort Rule Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-27T16:00:00+00:00 |
| cisco-sa-snort-dos-s2r7w9uu | Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability | 2021-10-27T16:00:00+00:00 | 2021-10-29T14:07:40+00:00 |
| cisco-sa-anyconnect-nam-priv-ycsrnugt | Cisco AnyConnect Secure Mobility Client for Windows with Network Access Manager Module Privilege Escalation Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-catpon-multivulns-ce3dsygr | Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-cpar-strd-xss-a4dcvetg | Cisco Prime Access Registrar Stored Cross-Site Scripting Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-cps-static-key-jms92hnv | Cisco Policy Suite Static SSH Keys Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-04T17:32:39+00:00 |
| cisco-sa-cspc-info-disc-km3bgvl | Cisco Common Services Platform Collector Information Disclosure Vulnerability | 2021-11-03T16:00:00+00:00 | 2022-01-06T17:54:37+00:00 |
| cisco-sa-cucm-path-trav-dkcvktvo | Cisco Unified Communications Products Path Traversal Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-esa-dos-jom9etfo | Cisco Email Security Appliance Denial of Service Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-pi-epnm-xss-u2jk537j | Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-sbrv-cmdinjection-z5cwfdk | Cisco Small Business RV Series Routers Command Injection Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-smb-switches-tokens-uzwpr4e5 | Cisco Small Business Series Switches Session Credentials Replay Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-smb-switches-web-dos-xmyffkt8 | Cisco Small Business 200, 300, and 500 Series Switches Web-Based Management Interface Denial of Service Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-ucm-csrf-xrtkdu3h | Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-umbrella-user-enum-s7xfjwde | Cisco Umbrella Email Enumeration Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-videomesh-xss-qjm2bdqf | Cisco Webex Video Mesh Cross-Site Scripting Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-vmesh-openred-agnrmf5 | Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-webex-activation-3sdnfxcy | Cisco Webex Meetings Email Content Injection Vulnerability | 2021-11-03T16:00:00+00:00 | 2021-11-03T16:00:00+00:00 |
| cisco-sa-cspc-ilr-8qmw8y8x | Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability | 2021-11-17T16:00:00+00:00 | 2021-11-18T22:48:15+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2021-3631 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-36368 | An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose and an attacker has silently modified the server to support the None authentication option then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass since nothing is being bypassed. | 2022-03-02T00:00:00.000Z | 2022-03-20T00:00:00.000Z |
| msrc_cve-2021-3638 | An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service. | 2022-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-3640 | A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. | 2022-03-02T00:00:00.000Z | 2022-03-17T00:00:00.000Z |
| msrc_cve-2021-3656 | A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result the L2 guest would be allowed to read/write physical pages of the host resulting in a crash of the entire system leak of sensitive data or potential guest-to-host escape. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3660 | Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website inside an <iFrame> HTML entry. This may be used by a malicious website in clickjacking or similar attacks. | 2022-03-02T00:00:00.000Z | 2022-03-15T00:00:00.000Z |
| msrc_cve-2021-3667 | An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3677 | A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include max_worker_processes=0 the known versions of this attack are infeasible. However undiscovered variants of the attack may be independent of that setting. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-3698 | A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully regardless of the Certificate Revocation List (CRL) configuration or the certificate status. The highest threat from this vulnerability is to confidentiality. | 2022-03-02T00:00:00.000Z | 2022-03-15T00:00:00.000Z |
| msrc_cve-2021-3716 | A flaw was found in nbdkit due to to improperly caching plaintext state across the STARTTLS encryption boundary. A MitM attacker could use this flaw to inject a plaintext NBD_OPT_STRUCTURED_REPLY before proxying everything else a client sends to the server, potentially leading the client to terminate the NBD session. The highest threat from this vulnerability is to system availability. | 2022-03-02T00:00:00.000Z | 2025-10-01T23:11:11.000Z |
| msrc_cve-2021-3732 | A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible. | 2022-03-02T00:00:00.000Z | 2022-03-15T00:00:00.000Z |
| msrc_cve-2021-3733 | There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. | 2022-03-02T00:00:00.000Z | 2022-06-02T00:00:00.000Z |
| msrc_cve-2021-3737 | A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker who controls the HTTP server to make the client script enter an infinite loop consuming CPU time. The highest threat from this vulnerability is to system availability. | 2022-03-02T00:00:00.000Z | 2022-03-16T00:00:00.000Z |
| msrc_cve-2021-3738 | In DCE/RPC it is possible to share the handles (cookies for resource state) between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared the user credentials state was only pointed at and when one connection within that association group ended the database would be left pointing at an invalid 'struct session_info'. The most likely outcome here is a crash but it is possible that the use-after-free could instead allow different user state to be pointed at and this might allow more privileged access. | 2022-03-02T00:00:00.000Z | 2024-10-15T00:00:00.000Z |
| msrc_cve-2021-3739 | A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability. | 2022-03-02T00:00:00.000Z | 2022-03-15T00:00:00.000Z |
| msrc_cve-2021-3743 | An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | 2022-03-02T00:00:00.000Z | 2022-03-12T00:00:00.000Z |
| msrc_cve-2021-3744 | A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c which allows attackers to cause a denial of service (memory consumption). This vulnerability is similar with the older CVE-2019-18808. | 2022-03-02T00:00:00.000Z | 2022-03-12T00:00:00.000Z |
| msrc_cve-2021-3748 | A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU resulting in a denial of service condition or potentially execute code on the host with the privileges of the QEMU process. | 2022-03-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2021-3772 | A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. | 2022-03-02T00:00:00.000Z | 2022-03-11T00:00:00.000Z |
| msrc_cve-2021-38578 | Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. | 2022-03-02T00:00:00.000Z | 2025-09-04T05:09:29.000Z |
| msrc_cve-2021-3981 | A flaw in grub2 was found where its configuration file known as grub.cfg is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue as those users can eventually read any encrypted passwords present in grub.cfg. This flaw affects grub2 2.06 and previous versions. This issue has been fixed in grub upstream but no version with the fix is currently released. | 2022-03-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2021-4002 | A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. | 2022-03-02T00:00:00.000Z | 2022-03-17T00:00:00.000Z |
| msrc_cve-2021-4023 | A flaw was found in the io-workqueue implementation in the Linux kernel versions prior to 5.15-rc1. The kernel can panic when an improper cancellation operation triggers the submission of new io-uring operations during a shortage of free space. This flaw allows a local user with permissions to execute io-uring requests to possibly crash the system. | 2022-03-02T00:00:00.000Z | 2022-03-16T00:00:00.000Z |
| msrc_cve-2021-4095 | A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of service by issuing a KVM_XEN_HVM_SET_ATTR ioctl. This flaw affects Linux kernel versions prior to 5.17-rc1. | 2022-03-02T00:00:00.000Z | 2022-03-16T00:00:00.000Z |
| msrc_cve-2021-4148 | A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4149 | A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4150 | A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4157 | An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user having access to the NFS mount could potentially use this flaw to crash the system or escalate privileges on the system. | 2022-03-02T00:00:00.000Z | 2022-04-09T00:00:00.000Z |
| msrc_cve-2021-4197 | An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. | 2022-03-02T00:00:00.000Z | 2022-03-31T00:00:00.000Z |
| msrc_cve-2021-4202 | A use-after-free flaw was found in nci_request in net/nfc/nci/core.c in NFC Controller Interface (NCI) in the Linux kernel. This flaw could allow a local attacker with user privileges to cause a data race problem while the device is getting removed leading to a privilege escalation problem. | 2022-03-02T00:00:00.000Z | 2022-04-09T00:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201302-0585 | Emerson EC2-552 Condensing Unit Controller is a controller used in Emerson products. By d… | 2022-05-04T09:52:11.357000Z |
| var-201003-0521 | F5's FirePass server is a powerful network device that can provide users with secure acce… | 2022-05-04T09:52:57.839000Z |
| var-200904-0402 | The TrendMicro Activity Monitor Module (tmactmon.sys) 2.52.0.1002 in Trend Micro Internet… | 2022-05-04T09:53:04.934000Z |
| var-200406-0054 | The D-Link DI-614 + SOHO router running in firmware 2.30 and the DI-704 SOHO router runni… | 2022-05-04T09:53:06.084000Z |
| var-200802-0532 | D-Link MPEG4 SHM Audio Control, 4XEM VatCtrl Class and Vivotek RTSP MPEG4 SP Control are … | 2022-05-04T09:53:16.722000Z |
| var-200512-0082 | The 802.1q VLAN protocol allows remote attackers to bypass network segmentation and spoof… | 2022-05-04T09:54:10.876000Z |
| var-200512-0083 | The PVLAN protocol allows remote attackers to bypass network segmentation and spoof PVLAN… | 2022-05-04T09:54:10.847000Z |
| var-202112-1087 | LSW6600-48XGS6CQ is a switch product of Hangzhou DPtech Co., Ltd. There is a command … | 2022-05-04T09:55:03.005000Z |
| var-202110-0175 | A possible heap buffer overflow vulnerability in libSPenBase library of Samsung Notes pri… | 2022-05-04T09:55:08.979000Z |
| var-202108-2311 | Sangfor Technology Co., Ltd. is a provider of products, services and solutions focusing o… | 2022-05-04T09:55:10.400000Z |
| var-202108-2332 | Xindu (Qingdao) Office System Co., Ltd. was established in 1960. It is a multinational co… | 2022-05-04T09:55:10.389000Z |
| var-202108-2353 | Samsung Galaxy S10 is the flagship model of a new generation of smartphones launched by S… | 2022-05-04T09:55:10.379000Z |
| var-202108-2374 | Hewlett-Packard (Hewlett-Packard, referred to as HP) is one of the information technology… | 2022-05-04T09:55:10.369000Z |
| var-202108-2395 | Schneider Electric (China) Co., Ltd. is a leader in the field of global energy efficiency… | 2022-05-04T09:55:10.357000Z |
| var-202108-2416 | Fuji Xerox (China) Co., Ltd. was established on January 3, 1995. It is a wholly-owned hol… | 2022-05-04T09:55:10.346000Z |
| var-202108-2437 | Samsung (China) Investment Co., Ltd. is the headquarters of Samsung Group in China. As of… | 2022-05-04T09:55:10.336000Z |
| var-202108-2458 | X4255LX is a printer of Samsung (China) Investment Co., Ltd. Samsung (China) Investme… | 2022-05-04T09:55:10.320000Z |
| var-202108-2479 | RG-NBR800GW is an Internet behavior management router launched by Ruijie. It is a router … | 2022-05-04T09:55:10.309000Z |
| var-202108-2500 | ECOSYS M5520cdn is an all-in-one printer. KYOCERA ECOSYS M5520cdn has a weak password… | 2022-05-04T09:55:10.298000Z |
| var-202108-2521 | The HP OfficeJet Pro 8210 is an all-in-one printer. HP OfficeJet Pro 8210 has an unau… | 2022-05-04T09:55:10.287000Z |
| var-202108-2542 | Suzhou Keda Technology Co., Ltd. is a leading provider of video and security products and… | 2022-05-04T09:55:10.275000Z |
| var-202108-2563 | Beijing Link Technology Co., Ltd. is a company that has professional Wi-Fi technology and… | 2022-05-04T09:55:10.264000Z |
| var-202107-1696 | RG-UAC 6000-ISG series video surveillance security gateway is a video surveillance networ… | 2022-05-04T09:55:11.827000Z |
| var-202107-1717 | Beijing Kanghai Times Technology Co., Ltd. is a private high-tech enterprise. It has been… | 2022-05-04T09:55:11.817000Z |
| var-202107-1738 | Axis 211 is a network camera of Axis Communications AB. Axis Communications AB 211 ha… | 2022-05-04T09:55:11.806000Z |
| var-202107-1759 | Hewlett-Packard Trading (Shanghai) Co., Ltd. is a company whose business scope includes c… | 2022-05-04T09:55:11.796000Z |
| var-202107-1780 | Shangrui 4220G is a router device of Shanghai Aitai Technology Co., Ltd. Shang Rui 42… | 2022-05-04T09:55:11.785000Z |
| var-202107-1801 | Shenzhen Jixiang Tengda Technology Co., Ltd. is a high-tech enterprise integrating indepe… | 2022-05-04T09:55:11.774000Z |
| var-202107-1822 | Vsmart Joy 2+ is a smart phone. Vsmart Joy 2+ has an information disclosure vulnerabi… | 2022-05-04T09:55:11.763000Z |
| var-202107-1843 | Matsushita Electric (China) was established in 1994 and is mainly responsible for the sal… | 2022-05-04T09:55:11.754000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-010280 | Fluentd vulenrable to escape sequence injection | 2017-12-11T14:13+09:00 | 2017-12-11T14:13+09:00 |
| jvndb-2017-000249 | Multiple vulnerabilities in H2O | 2017-12-18T15:17+09:00 | 2018-04-04T13:49+09:00 |
| jvndb-2017-000248 | OneThird CMS vulnerable to directory traversal | 2017-12-19T13:48+09:00 | 2018-04-04T13:58+09:00 |
| jvndb-2017-000250 | The installer of Music Center for PC may insecurely load Dynamic Link Libraries | 2017-12-22T15:50+09:00 | 2018-04-04T13:53+09:00 |
| jvndb-2017-000251 | The installer of Content Manager Assistant for PlayStation may insecurely load Dynamic Link Libraries | 2017-12-22T15:50+09:00 | 2018-04-04T14:04+09:00 |
| jvndb-2017-000252 | MQTT.js issue in handling PUBLISH packets | 2017-12-25T14:00+09:00 | 2018-04-04T14:02+09:00 |
| jvndb-2018-000001 | Lhaplus vulnerable to improper verification when expanding ZIP64 archives | 2018-01-11T14:18+09:00 | 2018-04-04T12:33+09:00 |
| jvndb-2017-004687 | Cross-site Scripting Vulnerability in Fujitsu Interstage List Works | 2018-01-12T14:58+09:00 | 2018-01-12T14:58+09:00 |
| jvndb-2017-010236 | Cross-site Scripting Vulnerability in Fujitsu NetCOBOL | 2018-01-12T15:07+09:00 | 2018-01-12T15:07+09:00 |
| jvndb-2017-010584 | AssetView and AssetView PLATINUM contain multiple vulnerabilities | 2018-01-12T15:32+09:00 | 2018-01-12T15:32+09:00 |
| jvndb-2017-002290 | Trend Micro Control Manager vulnerable to SQL injection | 2018-01-17T16:15+09:00 | 2018-01-17T16:15+09:00 |
| jvndb-2017-005606 | Multiple vulnerabilities in Deep Discovery Email Inspector | 2018-01-17T16:15+09:00 | 2018-01-17T16:15+09:00 |
| jvndb-2018-000002 | Nootka App for Android vulnerable to OS command injection | 2018-01-19T14:19+09:00 | 2018-04-11T11:46+09:00 |
| jvndb-2018-000003 | GroupSession vulnerable to open redirect | 2018-01-19T14:19+09:00 | 2018-04-11T11:37+09:00 |
| jvndb-2018-000004 | The installer of "FLET'S VIRUS CLEAR Easy Setup & Application Tool" and "FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool" may insecurely load Dynamic Link Libraries | 2018-01-22T14:17+09:00 | 2018-04-11T11:44+09:00 |
| jvndb-2018-000005 | WordPress plugin "WP Retina 2x" vulnerable to cross-site scripting | 2018-01-30T12:30+09:00 | 2018-04-11T11:53+09:00 |
| jvndb-2017-004607 | Deep Discovery Email Inspector vulnerable to arbitrary code execution | 2018-01-31T13:43+09:00 | 2018-01-31T13:43+09:00 |
| jvndb-2018-000006 | Multiple vulnerabilities in epg search result viewer(kkcald) | 2018-02-01T13:58+09:00 | 2018-04-11T11:49+09:00 |
| jvndb-2018-000008 | Spring Security and Spring Framework vulnerable to authentication bypass | 2018-02-02T12:28+09:00 | 2018-06-14T13:48+09:00 |
| jvndb-2018-000010 | WordPress plugin "MTS Simple Booking C" vulnerable to cross-site scripting | 2018-02-02T13:39+09:00 | 2018-04-11T11:53+09:00 |
| jvndb-2018-000007 | Multiple I-O DATA network devices incorporating "MagicalFinder" vulnerable to OS command injection | 2018-02-06T14:22+09:00 | 2018-04-11T11:51+09:00 |
| jvndb-2018-000009 | The installer of Anshin net security for Windows may insecurely load Dynamic Link Libraries | 2018-02-06T15:05+09:00 | 2018-04-11T12:13+09:00 |
| jvndb-2018-000011 | MP Form Mail CGI eCommerce Edition vulnerable to OS command injection | 2018-02-08T12:21+09:00 | 2018-04-11T11:57+09:00 |
| jvndb-2018-000012 | Installer of "FLET'S Azukeru Backup Tool" may insecurely load Dynamic Link Libraries | 2018-02-13T15:37+09:00 | 2018-04-11T12:25+09:00 |
| jvndb-2018-000014 | Application and self-extracting archive containing the application of "FLET'S v4 / v6 address selection tool" may insecurely load Dynamic Link Libraries | 2018-02-13T15:43+09:00 | 2018-04-11T12:28+09:00 |
| jvndb-2018-001388 | Multiple Vulnerabilities in Hitachi Command Suite | 2018-02-14T14:58+09:00 | 2018-03-01T15:20+09:00 |
| jvndb-2018-001389 | XXE Vulnerability in Hitachi Device Manager | 2018-02-14T14:59+09:00 | 2018-03-01T15:20+09:00 |
| jvndb-2018-000013 | Insecure DLL Loading issue in multiple Trend Micro products | 2018-02-15T16:39+09:00 | 2018-04-11T12:23+09:00 |
| jvndb-2018-000015 | Multiple vulnerabilities in FS010W | 2018-02-22T15:29+09:00 | 2018-04-11T12:31+09:00 |
| jvndb-2018-000016 | LINE for iOS fails to verify SSL server certificates | 2018-02-22T15:29+09:00 | 2018-06-14T12:23+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2015-01831 | Cisco AnyConnect Secure Mobility Client Hostscan路径遍历漏洞 | 2015-03-18 | 2015-03-19 |
| cnvd-2015-01832 | Cisco AnyConnect Secure Mobility Client任意文件写漏洞 | 2015-03-18 | 2015-03-19 |
| cnvd-2015-01833 | Cisco AnyConnect Secure Mobility Client权限提升漏洞 | 2015-03-18 | 2015-03-19 |
| cnvd-2016-00940 | FreeVimager处理TIFF文件内存破坏漏洞 | 2015-03-18 | 2015-05-04 |
| cnvd-2016-00943 | IcoFx处理BMP文件内存破坏漏洞 | 2015-03-18 | 2015-05-04 |
| cnvd-2015-01834 | Honeywell XL Web Controller目录遍历漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01835 | Xen提升权限漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01836 | IBM Bluemix信息泄露漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01837 | phpMoAdmin任意命令执行漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01838 | Apache mod-gnutls证书欺骗漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01839 | automount权限提升漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01840 | IBM API Management信息泄露漏洞(CNVD-2015-01840) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01841 | 724CMS目录遍历漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01842 | 724CMS存在多个跨站脚本漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01843 | Cisco Content Services Switch安全限制绕过漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01844 | eXtplorer存在多个跨站脚本漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01845 | 724CMS存在多个SQL注入漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01846 | 724CMS SQL 'ID'参数SQL注入漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01847 | Apple Safari WebKit钓鱼攻击漏洞 | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01848 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01848) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01849 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01849) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01850 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01850) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01851 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01851) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01852 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01852) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01853 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01853) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01854 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01854) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01855 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01855) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01856 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01856) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01857 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01857) | 2015-03-19 | 2015-03-20 |
| cnvd-2015-01858 | Apple Safari WebKit内存破坏漏洞(CNVD-2015-01858) | 2015-03-19 | 2015-03-20 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2004-avi-152 | Vulnérabilité de MPlayer et Xine | 2004-05-03T00:00:00.000000 | 2004-06-01T00:00:00.000000 |
| certa-2004-avi-153 | Vulnérabilité de Rsync | 2004-05-03T00:00:00.000000 | 2004-09-08T00:00:00.000000 |
| CERTA-2004-AVI-154 | Vulnérabilités sur les systèmes IBM AIX 5.1 et 5.2 | 2004-05-04T00:00:00.000000 | 2004-06-14T00:00:00.000000 |
| certa-2004-avi-154 | Vulnérabilités sur les systèmes IBM AIX 5.1 et 5.2 | 2004-05-04T00:00:00.000000 | 2004-06-14T00:00:00.000000 |
| CERTA-2004-AVI-155 | Vulnérabilité ISAKMP dans Checkpoint VPN-1 | 2004-05-05T00:00:00.000000 | 2004-05-05T00:00:00.000000 |
| certa-2004-avi-155 | Vulnérabilité ISAKMP dans Checkpoint VPN-1 | 2004-05-05T00:00:00.000000 | 2004-05-05T00:00:00.000000 |
| CERTA-2004-AVI-156 | Multiples vulnérabilités dans Mac OS X | 2004-05-06T00:00:00.000000 | 2004-05-06T00:00:00.000000 |
| certa-2004-avi-156 | Multiples vulnérabilités dans Mac OS X | 2004-05-06T00:00:00.000000 | 2004-05-06T00:00:00.000000 |
| CERTA-2004-AVI-157 | Vulnérabilités dans Exim | 2004-05-07T00:00:00.000000 | 2004-05-17T00:00:00.000000 |
| certa-2004-avi-157 | Vulnérabilités dans Exim | 2004-05-07T00:00:00.000000 | 2004-05-17T00:00:00.000000 |
| CERTA-2004-AVI-158 | Vulnérabilité dans la Machine Virtuelle Java de SUN | 2004-05-10T00:00:00.000000 | 2004-05-27T00:00:00.000000 |
| CERTA-2004-AVI-159 | Multiples vulnérabilités du réseau sous SGI IRIX | 2004-05-10T00:00:00.000000 | 2004-05-10T00:00:00.000000 |
| certa-2004-avi-158 | Vulnérabilité dans la Machine Virtuelle Java de SUN | 2004-05-10T00:00:00.000000 | 2004-05-27T00:00:00.000000 |
| certa-2004-avi-159 | Multiples vulnérabilités du réseau sous SGI IRIX | 2004-05-10T00:00:00.000000 | 2004-05-10T00:00:00.000000 |
| CERTA-2004-AVI-160 | Vulnérabilité dans le Centre d'Aide et de Support de Microsoft Windows | 2004-05-12T00:00:00.000000 | 2004-05-12T00:00:00.000000 |
| CERTA-2004-AVI-161 | Vulnérabilité de Clamav | 2004-05-12T00:00:00.000000 | 2004-05-12T00:00:00.000000 |
| certa-2004-avi-160 | Vulnérabilité dans le Centre d'Aide et de Support de Microsoft Windows | 2004-05-12T00:00:00.000000 | 2004-05-12T00:00:00.000000 |
| certa-2004-avi-161 | Vulnérabilité de Clamav | 2004-05-12T00:00:00.000000 | 2004-05-12T00:00:00.000000 |
| CERTA-2004-AVI-162 | Multiples vulnérabilités dans BEA WebLogic | 2004-05-13T00:00:00.000000 | 2004-05-13T00:00:00.000000 |
| CERTA-2004-AVI-163 | Multiples vulnérabilités dans des produits de sécurité Symantec | 2004-05-13T00:00:00.000000 | 2004-05-13T00:00:00.000000 |
| CERTA-2004-AVI-164 | Vulnérabilité du noyau OpenBSD | 2004-05-13T00:00:00.000000 | 2004-05-13T00:00:00.000000 |
| CERTA-2004-AVI-165 | Vulnérabilité du navigateur Opera | 2004-05-13T00:00:00.000000 | 2004-05-27T00:00:00.000000 |
| certa-2004-avi-162 | Multiples vulnérabilités dans BEA WebLogic | 2004-05-13T00:00:00.000000 | 2004-05-13T00:00:00.000000 |
| certa-2004-avi-163 | Multiples vulnérabilités dans des produits de sécurité Symantec | 2004-05-13T00:00:00.000000 | 2004-05-13T00:00:00.000000 |
| certa-2004-avi-164 | Vulnérabilité du noyau OpenBSD | 2004-05-13T00:00:00.000000 | 2004-05-13T00:00:00.000000 |
| certa-2004-avi-165 | Vulnérabilité du navigateur Opera | 2004-05-13T00:00:00.000000 | 2004-05-27T00:00:00.000000 |
| CERTA-2004-AVI-166 | Multiples vulnérabilités dans Ethereal | 2004-05-14T00:00:00.000000 | 2004-07-12T00:00:00.000000 |
| certa-2004-avi-166 | Multiples vulnérabilités dans Ethereal | 2004-05-14T00:00:00.000000 | 2004-07-12T00:00:00.000000 |
| CERTA-2004-AVI-167 | Multiples vulnérabilités du serveur HTTP Apache | 2004-05-18T00:00:00.000000 | 2004-06-30T00:00:00.000000 |
| certa-2004-avi-167 | Multiples vulnérabilités du serveur HTTP Apache | 2004-05-18T00:00:00.000000 | 2004-06-30T00:00:00.000000 |