Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-839c-8x38-qf59 | bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down… | 2022-03-04T00:00:22Z | 2025-11-04T18:30:38Z |
| ghsa-j3vw-4g3g-wvjc | A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompr… | 2022-03-05T00:00:43Z | 2025-11-03T21:30:38Z |
| ghsa-vvw7-v96v-gmxr | On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka F… | 2022-03-05T00:00:43Z | 2025-10-22T00:32:30Z |
| ghsa-jvfv-hrrc-6q72 | Improper Restriction of XML External Entity Reference in Liquibase | 2022-03-05T00:00:45Z | 2025-11-03T22:28:08Z |
| ghsa-3p6x-mw8p-qjh9 | An authenticated user can create a link with reflected Javascript code inside it for items’ page … | 2022-03-10T00:00:29Z | 2025-11-04T00:30:31Z |
| ghsa-vv83-2f3m-pvxg | An authenticated user can create a link with reflected XSS payload for actions’ pages, and send i… | 2022-03-10T00:00:29Z | 2025-11-04T00:30:31Z |
| ghsa-87fp-835h-vrgc | An authenticated user can create a link with reflected Javascript code inside it for services’ pa… | 2022-03-10T00:00:30Z | 2025-11-04T00:30:31Z |
| ghsa-cf7c-p4p5-gq5x | An authenticated user can create a link with reflected Javascript code inside it for graphs’ page… | 2022-03-10T00:00:30Z | 2025-11-04T00:30:31Z |
| ghsa-xh7f-2c8g-37p4 | The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Expre… | 2022-03-11T00:02:03Z | 2025-10-22T00:32:30Z |
| ghsa-g2fr-rq52-c2h3 | A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local … | 2022-03-11T00:02:25Z | 2025-11-04T18:30:38Z |
| ghsa-wj55-vqcq-gxcp | There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTT… | 2022-03-11T00:02:31Z | 2025-11-04T00:30:31Z |
| ghsa-2h5q-vphx-mcwx | A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker … | 2022-03-17T00:00:25Z | 2025-11-03T21:30:38Z |
| ghsa-mx45-vcw4-89j8 | In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to … | 2022-03-17T00:00:36Z | 2025-10-22T00:32:30Z |
| ghsa-2vw2-587w-g9v6 | Improper limitation of path names in Veeam Backup & Replication 9.5U3, 9.5U4,10.x, and 11.x allows … | 2022-03-18T00:01:08Z | 2025-10-22T00:32:30Z |
| ghsa-vhpf-rh57-x3v9 | Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). | 2022-03-18T00:01:08Z | 2025-10-22T00:32:30Z |
| ghsa-2886-x646-53fj | A use after free issue was addressed with improved memory management. This issue is fixed in macOS … | 2022-03-19T00:00:54Z | 2025-10-22T00:32:30Z |
| ghsa-g28r-w65r-h89m | OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication pl… | 2022-03-19T00:00:57Z | 2025-11-03T21:30:38Z |
| ghsa-p75p-vc6x-p9wf | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS … | 2022-03-19T00:00:57Z | 2025-10-22T00:32:30Z |
| ghsa-f8q4-jwww-x3wv | Race Condition in Paramiko | 2022-03-19T00:01:03Z | 2025-12-20T02:31:13Z |
| ghsa-w87j-439w-p9f3 | A vulnerability was found in the 389 Directory Server that allows expired passwords to access the d… | 2022-03-24T00:00:16Z | 2025-11-03T21:30:38Z |
| ghsa-vvgm-gfhp-rj9x | An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is a… | 2022-03-24T00:00:17Z | 2025-12-11T15:30:29Z |
| ghsa-cgwh-hfr7-38m2 | A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_deriva… | 2022-03-25T00:00:32Z | 2025-11-03T21:30:38Z |
| ghsa-9gcv-6rm7-vw3w | An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to … | 2022-03-26T00:00:32Z | 2025-10-22T00:32:30Z |
| ghsa-phrq-v4q2-hmq6 | Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors() | 2022-03-26T00:15:22Z | 2025-11-03T21:51:16Z |
| ghsa-r7c9-c69m-rph8 | Code Injection in PHPUnit | 2022-03-26T00:19:30Z | 2025-10-22T17:32:06Z |
| ghsa-wc8x-f5rv-3653 | The combination of primitives offered by SMB and AFP in their default configuration allows the arbi… | 2022-03-27T00:00:38Z | 2025-11-04T00:30:31Z |
| ghsa-qf97-3r3x-x56v | D-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability vi… | 2022-03-29T00:01:17Z | 2025-10-22T00:32:31Z |
| ghsa-j827-v44f-fw4p | An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated r… | 2022-03-30T00:00:14Z | 2025-10-22T00:32:31Z |
| ghsa-mgm9-ffv2-wpc6 | The vCenter Server contains an information disclosure vulnerability due to improper permission of f… | 2022-03-30T00:00:14Z | 2025-10-22T00:32:31Z |
| ghsa-4x8v-rchj-qvpf | A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input d… | 2022-03-30T00:00:16Z | 2025-11-03T21:30:39Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2015-0666 | N/A | Directory traversal vulnerability in the fmserver… |
n/a |
n/a |
2015-04-03T10:00:00.000Z | 2025-10-22T00:05:32.918Z |
| cve-2015-1130 | N/A | The XPC implementation in Admin Framework in Appl… |
n/a |
n/a |
2015-04-10T14:00:00.000Z | 2025-10-22T00:05:32.768Z |
| cve-2015-1635 | N/A | HTTP.sys in Microsoft Windows 7 SP1, Windows Serv… |
n/a |
n/a |
2015-04-14T20:00:00.000Z | 2025-10-22T00:05:32.590Z |
| cve-2015-1641 | N/A | Microsoft Word 2007 SP3, Office 2010 SP2, Word 20… |
n/a |
n/a |
2015-04-14T20:00:00.000Z | 2025-10-21T23:56:03.725Z |
| cve-2015-3043 | N/A | Adobe Flash Player before 13.0.0.281 and 14.x thr… |
n/a |
n/a |
2015-04-14T22:00:00.000Z | 2025-11-17T20:02:02.669Z |
| cve-2015-1318 | N/A | The crash reporting feature in Apport 2.13 throug… |
n/a |
n/a |
2015-04-17T17:00:00.000Z | 2025-11-03T19:25:15.372Z |
| cve-2015-3035 | N/A | Directory traversal vulnerability in TP-LINK Arch… |
n/a |
n/a |
2015-04-17T18:00:00.000Z | 2025-10-21T23:56:02.932Z |
| cve-2015-1701 | N/A | Win32k.sys in the kernel-mode drivers in Microsof… |
n/a |
n/a |
2015-04-21T10:00:00.000Z | 2025-10-21T23:56:02.628Z |
| cve-2014-8361 | N/A | The miniigd SOAP service in Realtek SDK allows re… |
n/a |
n/a |
2015-05-01T00:00:00.000Z | 2025-10-21T23:56:01.609Z |
| cve-2015-1671 | N/A | The Windows DirectWrite library, as used in Micro… |
n/a |
n/a |
2015-05-13T10:00:00.000Z | 2025-10-21T23:56:01.311Z |
| cve-2015-4068 | N/A | Directory traversal vulnerability in Arcserve UDP… |
n/a |
n/a |
2015-05-29T15:00:00.000Z | 2025-10-21T23:56:01.094Z |
| cve-2015-1770 | N/A | Microsoft Office 2013 SP1 and 2013 RT SP1 allows … |
n/a |
n/a |
2015-06-10T01:00:00.000Z | 2025-10-21T23:56:00.777Z |
| cve-2015-2360 | N/A | win32k.sys in the kernel-mode drivers in Microsof… |
n/a |
n/a |
2015-06-10T01:00:00.000Z | 2025-10-21T23:56:00.635Z |
| cve-2015-3113 | N/A | Heap-based buffer overflow in Adobe Flash Player … |
n/a |
n/a |
2015-06-23T21:00:00.000Z | 2025-11-17T19:58:58.523Z |
| cve-2014-5406 | 7.6 (v2.0) | Hospira LifeCare PCA Infusion System |
Hospira |
LifeCare PCA Infusion System |
2015-07-06T19:10:00 | 2025-11-03T18:34:36.324Z |
| cve-2015-5119 | N/A | Use-after-free vulnerability in the ByteArray cla… |
n/a |
n/a |
2015-07-08T14:00:00.000Z | 2025-11-17T19:55:30.322Z |
| cve-2015-5122 | N/A | Use-after-free vulnerability in the DisplayObject… |
n/a |
n/a |
2015-07-14T10:00:00.000Z | 2025-11-17T22:01:00.592Z |
| cve-2015-5123 | N/A | Use-after-free vulnerability in the BitmapData cl… |
n/a |
n/a |
2015-07-14T10:00:00.000Z | 2025-11-17T19:54:01.023Z |
| cve-2015-2419 | N/A | JScript 9 in Microsoft Internet Explorer 10 and 1… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.360Z |
| cve-2015-2424 | N/A | Microsoft PowerPoint 2007 SP3, Word 2007 SP3, Pow… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.213Z |
| cve-2015-2425 | N/A | Microsoft Internet Explorer 11 allows remote atta… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.064Z |
| cve-2015-2387 | N/A | ATMFD.DLL in the Adobe Type Manager Font Driver i… |
n/a |
n/a |
2015-07-14T22:00:00.000Z | 2025-10-21T23:55:58.933Z |
| cve-2015-2590 | N/A | Unspecified vulnerability in Oracle Java SE 6u95,… |
n/a |
n/a |
2015-07-16T10:00:00.000Z | 2025-10-21T23:55:58.775Z |
| cve-2015-2426 | N/A | Buffer underflow in atmfd.dll in the Windows Adob… |
n/a |
n/a |
2015-07-20T18:00:00.000Z | 2025-10-21T23:55:58.633Z |
| cve-2015-4495 | N/A | The PDF reader in Mozilla Firefox before 39.0.3, … |
n/a |
n/a |
2015-08-08T00:00:00.000Z | 2025-10-21T23:55:58.479Z |
| cve-2015-1642 | N/A | Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1… |
n/a |
n/a |
2015-08-15T00:00:00.000Z | 2025-10-21T23:55:58.312Z |
| cve-2015-1769 | N/A | Mount Manager in Microsoft Windows Vista SP2, Win… |
n/a |
n/a |
2015-08-15T00:00:00.000Z | 2025-10-21T23:55:58.179Z |
| cve-2015-2502 | N/A | Microsoft Internet Explorer 7 through 11 allows r… |
n/a |
n/a |
2015-08-19T10:00:00.000Z | 2025-10-21T23:55:57.999Z |
| cve-2015-5621 | N/A | The snmp_pdu_parse function in snmp_api.c in net-… |
n/a |
n/a |
2015-08-19T15:00:00.000Z | 2025-12-04T17:20:54.452Z |
| cve-2015-2545 | N/A | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, an… |
n/a |
n/a |
2015-09-09T00:00:00.000Z | 2025-10-21T23:55:57.852Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2014-1514 | N/A | vmtypedarrayobject.cpp in Mozilla Firefox before … |
n/a |
n/a |
2014-03-19T10:00:00 | 2024-08-06T09:42:36.390Z |
| cve-2014-1761 | N/A | Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and S… |
n/a |
n/a |
2014-03-24T19:00:00.000Z | 2025-10-22T00:05:38.376Z |
| cve-2014-0160 | N/A | The (1) TLS and (2) DTLS implementations in OpenS… |
n/a |
n/a |
2014-04-07T00:00:00.000Z | 2025-10-22T00:05:38.217Z |
| cve-2014-0780 | 7.5 (v2.0) | InduSoft Web Studio Path Traversal |
InduSoft |
Web Studio |
2014-04-25T01:00:00.000Z | 2025-10-22T00:05:38.084Z |
| cve-2014-1776 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2014-04-27T10:00:00.000Z | 2025-10-22T00:05:37.934Z |
| cve-2014-1518 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.283Z |
| cve-2014-1520 | N/A | maintenservice_installer.exe in the Maintenance S… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.281Z |
| cve-2014-1523 | N/A | Heap-based buffer overflow in the read_u32 functi… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.194Z |
| cve-2014-1524 | N/A | The nsXBLProtoImpl::InstallImplementation functio… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.208Z |
| cve-2014-1529 | N/A | The Web Notification API in Mozilla Firefox befor… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.171Z |
| cve-2014-1530 | N/A | The docshell implementation in Mozilla Firefox be… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.223Z |
| cve-2014-1531 | N/A | Use-after-free vulnerability in the nsGenericHTML… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.209Z |
| cve-2014-1532 | N/A | Use-after-free vulnerability in the nsHostResolve… |
n/a |
n/a |
2014-04-30T10:00:00 | 2024-08-06T09:42:36.282Z |
| cve-2014-0130 | N/A | Directory traversal vulnerability in actionpack/l… |
n/a |
n/a |
2014-05-07T10:00:00.000Z | 2025-10-22T00:05:37.800Z |
| cve-2014-0196 | N/A | The n_tty_write function in drivers/tty/n_tty.c i… |
n/a |
n/a |
2014-05-07T10:00:00.000Z | 2025-10-22T00:05:37.666Z |
| cve-2014-1812 | N/A | The Group Policy implementation in Microsoft Wind… |
n/a |
n/a |
2014-05-14T10:00:00.000Z | 2025-10-22T00:05:37.525Z |
| cve-2014-3146 | N/A | Incomplete blacklist vulnerability in the lxml.ht… |
n/a |
n/a |
2014-05-14T19:00:00.000Z | 2025-12-17T21:03:02.761Z |
| cve-2014-2349 | 6.2 (v2.0) | Emerson DeltaV Use of Improper Authorization |
Emerson |
DeltaV |
2014-05-22T20:00:00 | 2025-10-31T22:56:34.809Z |
| cve-2014-2350 | 2.4 (v2.0) | Emerson DeltaV Use of Hard-coded Credentials |
Emerson |
DeltaV |
2014-05-22T20:00:00 | 2025-10-31T22:55:07.498Z |
| cve-2014-3153 | N/A | The futex_requeue function in kernel/futex.c in t… |
n/a |
n/a |
2014-06-07T14:00:00.000Z | 2025-10-22T00:05:37.360Z |
| cve-2014-1533 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2014-06-11T10:00:00 | 2024-08-06T09:42:36.182Z |
| cve-2014-1538 | N/A | Use-after-free vulnerability in the nsTextEditRul… |
n/a |
n/a |
2014-06-11T10:00:00 | 2024-08-06T09:42:36.298Z |
| cve-2014-1541 | N/A | Use-after-free vulnerability in the RefreshDriver… |
n/a |
n/a |
2014-06-11T10:00:00 | 2024-08-06T09:42:36.251Z |
| cve-2013-3993 | N/A | IBM InfoSphere BigInsights before 2.1.0.3 allows … |
n/a |
n/a |
2014-07-07T10:00:00.000Z | 2025-12-20T04:56:07.295Z |
| cve-2014-0207 | N/A | The cdf_read_short_sector function in cdf.c in fi… |
n/a |
n/a |
2014-07-09T10:00:00.000Z | 2025-12-04T20:29:06.728Z |
| cve-2014-3478 | N/A | Buffer overflow in the mconvert function in softm… |
n/a |
n/a |
2014-07-09T10:00:00.000Z | 2025-12-04T20:26:53.242Z |
| cve-2014-3480 | N/A | The cdf_count_chain function in cdf.c in file bef… |
n/a |
n/a |
2014-07-09T10:00:00.000Z | 2025-12-04T20:25:29.415Z |
| cve-2014-1544 | N/A | Use-after-free vulnerability in the CERT_DestroyC… |
n/a |
n/a |
2014-07-23T10:00:00 | 2024-08-06T09:42:36.185Z |
| cve-2014-1547 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2014-07-23T10:00:00 | 2024-08-06T09:42:36.193Z |
| cve-2014-1551 | N/A | Use-after-free vulnerability in the FontTableRec … |
n/a |
n/a |
2014-07-23T10:00:00 | 2024-08-06T09:42:36.206Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-17ca0b734a90f2a5 | Malicious code in openzsea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-18aa9075a46b75fe | Malicious code in pythn (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1a0378066f6b09d4 | Malicious code in openes (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1b3fdcc2889818f3 | Malicious code in pytonn (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1b48e7ea99bb70a3 | Malicious code in etheriun (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1b73292eb092d83d | Malicious code in ethereun (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1daef115343fb7f5 | Malicious code in etheeruum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1dc09d335569f4bb | Malicious code in openxsa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-1fac0219b2be56c2 | Malicious code in web3e (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2058e03735551561 | Malicious code in we3-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-20d8171b271b67ee | Malicious code in ethreium (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-211d992ca803caf2 | Malicious code in etheerem (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-22b2a2eaee05556f | Malicious code in theerum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-22bf9d999129a2e5 | Malicious code in oopenwea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-22c092fc2a0aee25 | Malicious code in bussardweg4a (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-23dc7f982b6f5ef1 | Malicious code in pytoh (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-242a7685a364f7a6 | Malicious code in wev3 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-248f2c4080bb73ac | Malicious code in w3b (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-264db26b8ff2f7f0 | Malicious code in openwae (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2652ab7c4df27e0b | Malicious code in etheriuum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-266b2c0f184973e9 | Malicious code in etheum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-26c01b70f8d9eed3 | Malicious code in w3eb (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2716bf18d8e44c93 | Malicious code in openesaa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-27afc8ace2123315 | Malicious code in etheirum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-28131cba4135426f | Malicious code in opensar (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-29f763097312eb4a | Malicious code in wb3-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2a55e9a83b349df0 | Malicious code in openeaa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2a5c1d39e5b0966c | Malicious code in etheraem (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2b1b03656fd8e142 | Malicious code in wweb3-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-2bbf59c69e10559f | Malicious code in etheruem (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1665 | Linux Kernel: Mehrere Schwachstellen | 2025-07-28T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1699 | Red Hat Enterprise Linux (requests): Schwachstelle ermöglicht das Ausspähen von Informationen | 2025-08-03T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1700 | libTIFF: Schwachstelle ermöglicht einen Denial of Service | 2025-08-03T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1703 | WebKitGTK: Mehrere Schwachstellen | 2025-08-03T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1717 | libTIFF (tiff2ps): Schwachstelle ermöglicht Denial of Service | 2025-08-04T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1732 | Red Hat Enterprise Linux (libxslt): Schwachstelle ermöglicht Codeausführung | 2025-08-06T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1740 | Golang Go: Mehrere Schwachstellen ermöglichen Manipulation von Dateien | 2025-08-06T22:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-1748 | libarchive: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung | 2025-08-07T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-1754 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-08-10T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1757 | Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsmechanismen | 2025-08-11T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1785 | Intel Prozessoren: Mehrere Schwachstellen | 2025-08-12T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1807 | IBM WebSphere Application Server Liberty: Mehrere Schwachstellen | 2025-08-12T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1810 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-08-12T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1812 | Google Chrome und Microsoft Edge: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-08-12T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1822 | Ruby on Rails: Mehrere Schwachstellen | 2025-08-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1828 | PAM (linux-pam package): Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-08-13T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-1830 | http/2 Implementierungen: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1833 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1847 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2025-08-14T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1850 | Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-08-14T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1858 | Linux Kernel: Mehrere Schwachstellen | 2025-08-17T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1862 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-08-18T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1863 | libTIFF: Schwachstelle ermöglicht Denial of Service | 2025-08-19T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-1864 | Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2025-08-19T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1866 | Mozilla Firefox und Thunderbird: Mehrere Schwachstellen | 2025-08-19T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-1869 | Linux Kernel: Mehrere Schwachstellen | 2025-08-19T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-1870 | Keycloak: Schwachstelle ermöglicht Versand beliebiger E-Mails | 2025-08-19T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1883 | Apache Tika: Schwachstelle ermöglicht Infogewinn oder Manipulation | 2025-08-20T22:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-1898 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-08-24T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1913 | Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2025-08-26T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-789162 | SSA-789162: Vulnerabilities in Teamcenter | 2022-05-10T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-145224 | SSA-145224: Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-222547 | SSA-222547: Third-Party Component Vulnerabilities in SCALANCE LPE9403 before V2.0 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-330556 | SSA-330556: PwnKit Vulnerability in SCALANCE LPE9403 and SINUMERIK Edge Products (CVE-2021-4034) | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-388239 | SSA-388239: Default Password Leakage affecting the Component Shared HIS used in Spectrum Power Systems | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-401167 | SSA-401167: Cross-site scripting Vulnerability in Teamcenter Active Workspace | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-631336 | SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 | 2022-06-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-693555 | SSA-693555: Memory Corruption Vulnerability in EN100 Ethernet Module | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-740594 | SSA-740594: Privilege Escalation Vulnerability in Mendix SAML Module | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-911567 | SSA-911567: Missing HTTP headers in SINEMA Remote Connect Server before V3.0 SP2 | 2022-06-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-988345 | SSA-988345: Local Privilege Escalation Vulnerability in Xpedition Designer | 2022-06-14T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-111512 | SSA-111512: Client-side Authentication in SIMATIC WinCC OA | 2022-06-21T00:00:00Z | 2022-06-21T00:00:00Z |
| ssa-225578 | SSA-225578: Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3 | 2022-07-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-348662 | SSA-348662: Multiple Vulnerabilities in SIMATIC MV500 Devices before V3.3 | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-433782 | SSA-433782: Improper Access Control Vulnerability in Mendix | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-439148 | SSA-439148: File Parsing Vulnerabilities in PADS Standard/Plus Viewer | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-474231 | SSA-474231: File Parsing Vulnerability in Simcenter Femap before V2022.2 | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-491621 | SSA-491621: Denial of Service Vulnerability in CPC80 Firmware of SICAM A8000 Devices | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-492173 | SSA-492173: Expression Injection Vulnerability in Mendix Applications | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-580125 | SSA-580125: Multiple Vulnerabilities in SIMATIC eaSie | 2022-07-12T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-599506 | SSA-599506: Command Injection Vulnerability in RUGGEDCOM ROX | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-610768 | SSA-610768: XML Entity Expansion Injection Vulnerability in Mendix Excel Importer Module | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-865333 | SSA-865333: Memory Corruption Vulnerability in EN100 Ethernet Module | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-910883 | SSA-910883: DHCP Client Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-944952 | SSA-944952: Authentication Bypass Vulnerability in Opcenter Quality | 2022-07-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-710008 | SSA-710008: Multiple Web Vulnerabilities in SCALANCE Products | 2022-08-09T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-759952 | SSA-759952: Command Injection and Denial of Service Vulnerability in Teamcenter | 2022-08-09T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-638652 | SSA-638652: Authentication Bypass Vulnerability in Mendix SAML Module | 2022-09-13T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-258115 | SSA-258115: DWG File Parsing Vulnerability in Solid Edge before SE2022MP9 | 2022-10-11T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-360783 | SSA-360783: Multiple Webserver Vulnerabilities in Desigo PXM Devices | 2022-10-11T00:00:00Z | 2022-10-11T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2003:101 | Red Hat Security Advisory: : Updated OpenSSL packages fix vulnerabilities | 2003-04-01T15:50:00+00:00 | 2025-11-21T17:25:50+00:00 |
| rhsa-2003:091 | Red Hat Security Advisory: : Updated kerberos packages fix various vulnerabilities | 2003-04-02T09:57:00+00:00 | 2025-11-21T17:25:47+00:00 |
| rhsa-2003:060 | Red Hat Security Advisory: : Updated NetPBM packages fix multiple vulnerabilities | 2003-04-03T08:08:00+00:00 | 2025-11-21T17:25:40+00:00 |
| rhsa-2003:109 | Red Hat Security Advisory: : Updated balsa and mutt packages fix vulnerabilities | 2003-04-03T20:21:00+00:00 | 2025-11-21T17:25:52+00:00 |
| rhsa-2003:138 | Red Hat Security Advisory: samba security update | 2003-04-07T18:38:00+00:00 | 2025-11-21T17:25:57+00:00 |
| rhsa-2003:137 | Red Hat Security Advisory: : New samba packages fix security vulnerability | 2003-04-08T07:00:00+00:00 | 2025-11-21T17:25:57+00:00 |
| rhsa-2003:036 | Red Hat Security Advisory: : : : Updated mgetty packages available | 2003-04-08T12:16:00+00:00 | 2025-11-21T17:25:29+00:00 |
| rhsa-2003:139 | Red Hat Security Advisory: : Updated httpd packages fix security vulnerabilities. | 2003-04-09T16:31:00+00:00 | 2025-11-21T17:25:58+00:00 |
| rhsa-2003:075 | Red Hat Security Advisory: tomcat security update for Stronghold | 2003-04-09T20:14:00+00:00 | 2025-11-21T17:25:42+00:00 |
| rhsa-2003:117 | Red Hat Security Advisory: openssl security update for Stronghold | 2003-04-15T13:13:00+00:00 | 2025-11-21T17:25:54+00:00 |
| rhsa-2003:106 | Red Hat Security Advisory: : : : Updated apache and mod_ssl packages available | 2003-04-22T15:13:00+00:00 | 2025-11-21T17:25:52+00:00 |
| rhsa-2003:032 | Red Hat Security Advisory: : Updated tcpdump packages fix various vulnerabilities | 2003-04-23T14:55:00+00:00 | 2025-11-21T17:25:27+00:00 |
| rhsa-2003:076 | Red Hat Security Advisory: : Updated ethereal packages fix security vulnerabilities | 2003-04-23T20:20:00+00:00 | 2025-11-21T17:25:42+00:00 |
| rhsa-2003:155 | Red Hat Security Advisory: : : : Updated Fetchmail packages fix security vulnerabilities | 2003-04-24T15:29:00+00:00 | 2025-11-21T17:26:01+00:00 |
| rhsa-2003:157 | Red Hat Security Advisory: : : : Updated libpng packages fix vulnerabilities | 2003-04-24T18:50:00+00:00 | 2025-11-21T17:26:02+00:00 |
| rhsa-2003:134 | Red Hat Security Advisory: man security update | 2003-04-28T12:46:00+00:00 | 2025-11-21T17:25:56+00:00 |
| rhsa-2003:119 | Red Hat Security Advisory: micq security update | 2003-04-28T12:49:00+00:00 | 2025-11-21T17:25:59+00:00 |
| rhsa-2003:114 | Red Hat Security Advisory: mod_auth_any security update | 2003-04-28T12:51:00+00:00 | 2025-11-21T17:25:53+00:00 |
| rhsa-2003:094 | Red Hat Security Advisory: mysql security update | 2003-04-28T12:53:00+00:00 | 2025-11-21T17:25:48+00:00 |
| rhsa-2003:079 | Red Hat Security Advisory: : Updated zlib packages fix gzprintf buffer overflow vulnerability | 2003-04-29T08:12:00+00:00 | 2025-11-21T17:25:43+00:00 |
| rhsa-2003:093 | Red Hat Security Advisory: : Updated MySQL packages fix vulnerabilities | 2003-04-29T18:58:00+00:00 | 2025-11-21T17:25:48+00:00 |
| rhsa-2003:168 | Red Hat Security Advisory: : : : Updated kerberos packages fix various vulnerabilities | 2003-04-29T21:21:00+00:00 | 2025-11-21T17:26:05+00:00 |
| rhsa-2003:133 | Red Hat Security Advisory: : Updated man packages fix minor vulnerability | 2003-05-01T07:47:00+00:00 | 2025-11-21T17:25:55+00:00 |
| rhsa-2003:113 | Red Hat Security Advisory: : Updated mod_auth_any packages available | 2003-05-02T11:57:00+00:00 | 2025-11-21T17:25:53+00:00 |
| rhsa-2003:002 | Red Hat Security Advisory: : Updated KDE packages fix security issues | 2003-05-12T16:32:00+00:00 | 2025-11-21T17:25:20+00:00 |
| rhsa-2003:160 | Red Hat Security Advisory: : Updated xinetd packages fix a denial-of-service attack and other bugs | 2003-05-13T17:15:00+00:00 | 2025-11-21T17:26:03+00:00 |
| rhsa-2003:166 | Red Hat Security Advisory: : : : Updated MySQL packages fix vulnerabilities | 2003-05-15T20:18:00+00:00 | 2025-11-21T17:26:05+00:00 |
| rhsa-2003:175 | Red Hat Security Advisory: : Updated gnupg packages fix validation bug | 2003-05-21T03:45:00+00:00 | 2025-11-21T17:26:07+00:00 |
| rhsa-2003:111 | Red Hat Security Advisory: balsa security update | 2003-05-22T16:41:00+00:00 | 2025-11-21T17:25:52+00:00 |
| rhsa-2003:090 | Red Hat Security Advisory: glibc security update | 2003-05-22T16:44:00+00:00 | 2025-11-21T17:25:46+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2017-8363 | The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. | 2017-04-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-8365 | The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | 2017-04-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2016-9840 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-9841 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-9842 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-9843 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-6519 | avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809. | 2017-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2017-8244 | In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel variable "dbg_buf" "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. "buffer->curr" itself could also be overwritten which means that it may point to anywhere of kernel memory (for write). | 2017-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-8245 | In all Android releases from CAF using the Linux kernel while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size an out of bounds memory copy occurs. | 2017-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-8246 | In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel prtd is assigned substream->runtime->private_data. Later prtd is freed. However prtd is not sanitized and set to NULL resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check such as msm_pcm_volume_ctl_put() which means this freed memory could be used. | 2017-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-8923 | The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string. | 2017-05-02T00:00:00.000Z | 2025-10-01T23:11:00.000Z |
| msrc_cve-2017-6892 | In libsndfile version 1.0.28 an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file. | 2017-06-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-10989 | The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | 2017-07-02T00:00:00.000Z | 2025-09-04T00:00:20.000Z |
| msrc_cve-2017-11548 | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service | 2017-07-02T00:00:00.000Z | 2025-10-01T23:10:54.000Z |
| msrc_cve-2017-11550 | The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service | 2017-07-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-11551 | The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service | 2017-07-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-12562 | Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-08-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-12678 | In TagLib 1.11.1 the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | 2017-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2017-14167 | Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values which trigger an out-of-bounds write. | 2017-09-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-14245 | An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure related to mishandling of the NAN and INFINITY floating-point values. | 2017-09-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-14246 | An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure related to mishandling of the NAN and INFINITY floating-point values. | 2017-09-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-14623 | In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go an attacker may be able to login with an empty password. This issue affects an application using this package if these conditions are met: (1) it relies only on the return error of the Bind function call to determine whether a user is authorized (i.e. a nil return value is interpreted as successful authorization) and (2) it is used with an LDAP server allowing unauthenticated bind. | 2017-09-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2017-14634 | In libsndfile 1.0.28 a divide-by-zero error exists in the function double64_init() in double64.c which may lead to DoS when playing a crafted audio file. | 2017-09-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-14867 | Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support. | 2017-09-02T00:00:00.000Z | 2025-09-03T19:28:37.000Z |
| msrc_cve-2014-0047 | Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | 2017-10-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2015-2158 | Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service | 2017-10-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2015-7504 | Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. | 2017-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-1000097 | On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate. | 2017-10-02T00:00:00.000Z | 2025-09-03T21:38:46.000Z |
| msrc_cve-2017-1000118 | Akka HTTP versions <= 10.0.5 Illegal Media Range in Accept Header Causes StackOverflowError Leading to Denial of Service | 2017-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-1000256 | libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default. | 2017-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000071 | Fresh Reader RSS feed cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000073 | Movable Type cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000074 | phpAdsNew cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000085 | CGI RESCUE WebFORM vulnerable to HTTP header injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000086 | CGI RESCUE WebFORM vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000087 | CGI RESCUE WebFORM missing mail content vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000088 | Shopping Basket Professional vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000090 | b2evolution cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000091 | Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000093 | Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000094 | MODx cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000127 | CCC Cleaner buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000134 | Sage vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000135 | CCC Cleaner buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000159 | Adobe JRun cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000160 | ColdFusion cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000161 | ColdFusion error page cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000165 | Ariel AirOne series cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000176 | Mozilla Firefox cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000199 | CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000200 | Trac cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000215 | FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000218 | Interstage Application Server cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000225 | NewsGlue and Ikinari Jijyoutsuu arbitrary script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000226 | BASP21 vulnerable to mail header injection | 2008-05-21T00:00+09:00 | 2016-10-13T14:45+09:00 |
| jvndb-2007-000227 | CruiseWorks and Minna De Office vulnerable in access restrictions | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000228 | MailDwarf cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000229 | MailDwarf vulnerability allows unauthorized sending of emails | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000236 | Overlay Weaver cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000259 | open-gorotto cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|