Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-phrq-v4q2-hmq6 | Sabberworm PHP CSS Parser Code injection vulnerability in allSelectors() | 2022-03-26T00:15:22Z | 2025-11-03T21:51:16Z |
| ghsa-r7c9-c69m-rph8 | Code Injection in PHPUnit | 2022-03-26T00:19:30Z | 2025-10-22T17:32:06Z |
| ghsa-wc8x-f5rv-3653 | The combination of primitives offered by SMB and AFP in their default configuration allows the arbi… | 2022-03-27T00:00:38Z | 2025-11-04T00:30:31Z |
| ghsa-qf97-3r3x-x56v | D-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability vi… | 2022-03-29T00:01:17Z | 2025-10-22T00:32:31Z |
| ghsa-j827-v44f-fw4p | An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated r… | 2022-03-30T00:00:14Z | 2025-10-22T00:32:31Z |
| ghsa-mgm9-ffv2-wpc6 | The vCenter Server contains an information disclosure vulnerability due to improper permission of f… | 2022-03-30T00:00:14Z | 2025-10-22T00:32:31Z |
| ghsa-4x8v-rchj-qvpf | A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input d… | 2022-03-30T00:00:16Z | 2025-11-03T21:30:39Z |
| ghsa-v37p-j5qh-w8c9 | Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init. | 2022-03-30T00:00:31Z | 2025-11-04T00:30:31Z |
| ghsa-36p3-wjmg-h94x | Remote Code Execution in Spring Framework | 2022-03-31T18:30:50Z | 2025-10-22T19:18:34Z |
| ghsa-6v73-fgf6-w5j7 | Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression | 2022-04-03T00:00:59Z | 2025-10-22T19:18:02Z |
| ghsa-8hfj-j24r-96c4 | Path Traversal: 'dir/../../filename' in moment.locale | 2022-04-04T21:25:48Z | 2025-11-04T16:35:41Z |
| ghsa-q7xc-35g4-g566 | VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due … | 2022-04-12T00:00:29Z | 2025-10-22T00:32:31Z |
| ghsa-8r7c-vjv4-wp6x | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalatio… | 2022-04-14T00:00:16Z | 2025-10-22T00:32:31Z |
| ghsa-wvcr-2gc8-63gg | In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into comm… | 2022-04-14T00:00:18Z | 2025-11-04T00:30:32Z |
| ghsa-cf7g-gj99-69w3 | Windows User Profile Service Elevation of Privilege Vulnerability. | 2022-04-16T00:00:29Z | 2025-10-22T00:32:31Z |
| ghsa-59qr-cc8f-v837 | Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique f… | 2022-04-16T00:00:38Z | 2025-10-22T00:32:31Z |
| ghsa-rh37-88v6-qm47 | A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo. | 2022-04-19T00:00:49Z | 2025-11-04T00:30:31Z |
| ghsa-xq25-8g7f-6hc5 | Stack buffer overflow issues were found in Opensc before version 0.22.0 in various places that coul… | 2022-04-19T00:00:49Z | 2025-11-04T00:30:31Z |
| ghsa-qc73-mcqm-3m29 | A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either accidentally… | 2022-04-19T00:00:50Z | 2025-11-03T21:30:38Z |
| ghsa-rcjw-9639-853h | A heap use after free issue was found in Opensc before version 0.22.0 in sc_file_valid. | 2022-04-19T00:00:50Z | 2025-11-04T00:30:31Z |
| ghsa-7wjg-mhwg-m2rc | A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that coul… | 2022-04-19T00:00:51Z | 2025-11-04T00:30:31Z |
| ghsa-93j9-4rqq-x6gr | Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that co… | 2022-04-19T00:00:52Z | 2025-11-04T00:30:31Z |
| ghsa-q392-qg7v-xvc4 | Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote cod… | 2022-04-19T00:00:57Z | 2025-10-22T00:32:32Z |
| ghsa-7f3x-fvqf-q6q5 | Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces). … | 2022-04-20T00:00:26Z | 2025-10-22T00:32:31Z |
| ghsa-mfgw-52pj-hrhg | Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This aff… | 2022-04-20T00:00:34Z | 2025-10-22T00:32:32Z |
| ghsa-c5j2-ggvf-gwvg | On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP… | 2022-04-21T01:57:42Z | 2025-10-22T00:31:41Z |
| ghsa-763p-5rx7-r4qf | Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject arbitrar… | 2022-04-22T00:00:38Z | 2025-10-22T00:32:32Z |
| ghsa-chc6-9436-6wfq | A reflected cross-site scripting (XSS) vulnerability in the /public/launchNewWindow.jsp component o… | 2022-04-22T00:00:38Z | 2025-10-22T00:32:32Z |
| ghsa-j5r7-6rm3-99mm | Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP arch… | 2022-04-22T00:00:38Z | 2025-10-22T00:32:32Z |
| ghsa-f4rg-w9qm-5f42 | The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execut… | 2022-04-27T00:00:21Z | 2025-10-22T00:32:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2015-1701 | N/A | Win32k.sys in the kernel-mode drivers in Microsof… |
n/a |
n/a |
2015-04-21T10:00:00.000Z | 2025-10-21T23:56:02.628Z |
| cve-2014-8361 | N/A | The miniigd SOAP service in Realtek SDK allows re… |
n/a |
n/a |
2015-05-01T00:00:00.000Z | 2025-10-21T23:56:01.609Z |
| cve-2015-1671 | N/A | The Windows DirectWrite library, as used in Micro… |
n/a |
n/a |
2015-05-13T10:00:00.000Z | 2025-10-21T23:56:01.311Z |
| cve-2015-4068 | N/A | Directory traversal vulnerability in Arcserve UDP… |
n/a |
n/a |
2015-05-29T15:00:00.000Z | 2025-10-21T23:56:01.094Z |
| cve-2015-1770 | N/A | Microsoft Office 2013 SP1 and 2013 RT SP1 allows … |
n/a |
n/a |
2015-06-10T01:00:00.000Z | 2025-10-21T23:56:00.777Z |
| cve-2015-2360 | N/A | win32k.sys in the kernel-mode drivers in Microsof… |
n/a |
n/a |
2015-06-10T01:00:00.000Z | 2025-10-21T23:56:00.635Z |
| cve-2015-3113 | N/A | Heap-based buffer overflow in Adobe Flash Player … |
n/a |
n/a |
2015-06-23T21:00:00.000Z | 2025-10-21T23:56:00.435Z |
| cve-2014-5406 | 7.6 (v2.0) | Hospira LifeCare PCA Infusion System |
Hospira |
LifeCare PCA Infusion System |
2015-07-06T19:10:00 | 2025-11-03T18:34:36.324Z |
| cve-2015-5119 | N/A | Use-after-free vulnerability in the ByteArray cla… |
n/a |
n/a |
2015-07-08T14:00:00.000Z | 2025-10-21T23:55:59.892Z |
| cve-2015-5122 | N/A | Use-after-free vulnerability in the DisplayObject… |
n/a |
n/a |
2015-07-14T10:00:00.000Z | 2025-10-21T23:55:59.750Z |
| cve-2015-5123 | N/A | Use-after-free vulnerability in the BitmapData cl… |
n/a |
n/a |
2015-07-14T10:00:00.000Z | 2025-10-21T23:55:59.583Z |
| cve-2015-2419 | N/A | JScript 9 in Microsoft Internet Explorer 10 and 1… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.360Z |
| cve-2015-2424 | N/A | Microsoft PowerPoint 2007 SP3, Word 2007 SP3, Pow… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.213Z |
| cve-2015-2425 | N/A | Microsoft Internet Explorer 11 allows remote atta… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.064Z |
| cve-2015-2387 | N/A | ATMFD.DLL in the Adobe Type Manager Font Driver i… |
n/a |
n/a |
2015-07-14T22:00:00.000Z | 2025-10-21T23:55:58.933Z |
| cve-2015-2590 | N/A | Unspecified vulnerability in Oracle Java SE 6u95,… |
n/a |
n/a |
2015-07-16T10:00:00.000Z | 2025-10-21T23:55:58.775Z |
| cve-2015-2426 | N/A | Buffer underflow in atmfd.dll in the Windows Adob… |
n/a |
n/a |
2015-07-20T18:00:00.000Z | 2025-10-21T23:55:58.633Z |
| cve-2015-4495 | N/A | The PDF reader in Mozilla Firefox before 39.0.3, … |
n/a |
n/a |
2015-08-08T00:00:00.000Z | 2025-10-21T23:55:58.479Z |
| cve-2015-1642 | N/A | Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1… |
n/a |
n/a |
2015-08-15T00:00:00.000Z | 2025-10-21T23:55:58.312Z |
| cve-2015-1769 | N/A | Mount Manager in Microsoft Windows Vista SP2, Win… |
n/a |
n/a |
2015-08-15T00:00:00.000Z | 2025-10-21T23:55:58.179Z |
| cve-2015-2502 | N/A | Microsoft Internet Explorer 7 through 11 allows r… |
n/a |
n/a |
2015-08-19T10:00:00.000Z | 2025-10-21T23:55:57.999Z |
| cve-2015-2545 | N/A | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, an… |
n/a |
n/a |
2015-09-09T00:00:00.000Z | 2025-10-21T23:55:57.852Z |
| cve-2015-2546 | N/A | The kernel-mode driver in Microsoft Windows Vista… |
n/a |
n/a |
2015-09-09T00:00:00.000Z | 2025-10-21T23:55:57.696Z |
| cve-2015-7645 | N/A | Adobe Flash Player 18.x through 18.0.0.252 and 19… |
n/a |
n/a |
2015-10-15T10:00:00.000Z | 2025-10-21T23:55:57.550Z |
| cve-2015-4902 | N/A | Unspecified vulnerability in Oracle Java SE 6u101… |
n/a |
n/a |
2015-10-21T23:00:00.000Z | 2025-10-21T23:55:57.316Z |
| cve-2015-4852 | N/A | The WLS Security component in Oracle WebLogic Ser… |
n/a |
n/a |
2015-11-18T15:00:00.000Z | 2025-10-21T23:55:57.062Z |
| cve-2015-5317 | N/A | The Fingerprints pages in Jenkins before 1.638 an… |
n/a |
n/a |
2015-11-25T20:00:00.000Z | 2025-10-21T23:55:56.897Z |
| cve-2015-6175 | N/A | The kernel in Microsoft Windows 10 Gold allows lo… |
n/a |
n/a |
2015-12-09T11:00:00.000Z | 2025-10-21T23:55:56.760Z |
| cve-2015-7755 | N/A | Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0… |
n/a |
n/a |
2015-12-19T11:00:00.000Z | 2025-10-21T23:55:56.610Z |
| cve-2015-7928 | N/A | eWON devices with firmware before 10.1s0 do not h… |
n/a |
n/a |
2015-12-23T11:00:00.000Z | 2025-11-04T16:09:06.301Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2015-1641 | N/A | Microsoft Word 2007 SP3, Office 2010 SP2, Word 20… |
n/a |
n/a |
2015-04-14T20:00:00.000Z | 2025-10-21T23:56:03.725Z |
| cve-2015-3043 | N/A | Adobe Flash Player before 13.0.0.281 and 14.x thr… |
n/a |
n/a |
2015-04-14T22:00:00.000Z | 2025-10-21T23:56:03.325Z |
| cve-2015-1318 | N/A | The crash reporting feature in Apport 2.13 throug… |
n/a |
n/a |
2015-04-17T17:00:00.000Z | 2025-11-03T19:25:15.372Z |
| cve-2015-1701 | N/A | Win32k.sys in the kernel-mode drivers in Microsof… |
n/a |
n/a |
2015-04-21T10:00:00.000Z | 2025-10-21T23:56:02.628Z |
| cve-2015-3035 | N/A | Directory traversal vulnerability in TP-LINK Arch… |
n/a |
n/a |
2015-04-17T18:00:00.000Z | 2025-10-21T23:56:02.932Z |
| cve-2014-8361 | N/A | The miniigd SOAP service in Realtek SDK allows re… |
n/a |
n/a |
2015-05-01T00:00:00.000Z | 2025-10-21T23:56:01.609Z |
| cve-2015-1671 | N/A | The Windows DirectWrite library, as used in Micro… |
n/a |
n/a |
2015-05-13T10:00:00.000Z | 2025-10-21T23:56:01.311Z |
| cve-2015-4068 | N/A | Directory traversal vulnerability in Arcserve UDP… |
n/a |
n/a |
2015-05-29T15:00:00.000Z | 2025-10-21T23:56:01.094Z |
| cve-2015-1770 | N/A | Microsoft Office 2013 SP1 and 2013 RT SP1 allows … |
n/a |
n/a |
2015-06-10T01:00:00.000Z | 2025-10-21T23:56:00.777Z |
| cve-2015-2360 | N/A | win32k.sys in the kernel-mode drivers in Microsof… |
n/a |
n/a |
2015-06-10T01:00:00.000Z | 2025-10-21T23:56:00.635Z |
| cve-2015-3113 | N/A | Heap-based buffer overflow in Adobe Flash Player … |
n/a |
n/a |
2015-06-23T21:00:00.000Z | 2025-10-21T23:56:00.435Z |
| cve-2014-5406 | 7.6 (v2.0) | Hospira LifeCare PCA Infusion System |
Hospira |
LifeCare PCA Infusion System |
2015-07-06T19:10:00 | 2025-11-03T18:34:36.324Z |
| cve-2015-5119 | N/A | Use-after-free vulnerability in the ByteArray cla… |
n/a |
n/a |
2015-07-08T14:00:00.000Z | 2025-10-21T23:55:59.892Z |
| cve-2015-5122 | N/A | Use-after-free vulnerability in the DisplayObject… |
n/a |
n/a |
2015-07-14T10:00:00.000Z | 2025-10-21T23:55:59.750Z |
| cve-2015-5123 | N/A | Use-after-free vulnerability in the BitmapData cl… |
n/a |
n/a |
2015-07-14T10:00:00.000Z | 2025-10-21T23:55:59.583Z |
| cve-2015-2419 | N/A | JScript 9 in Microsoft Internet Explorer 10 and 1… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.360Z |
| cve-2015-2424 | N/A | Microsoft PowerPoint 2007 SP3, Word 2007 SP3, Pow… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.213Z |
| cve-2015-2425 | N/A | Microsoft Internet Explorer 11 allows remote atta… |
n/a |
n/a |
2015-07-14T21:00:00.000Z | 2025-10-21T23:55:59.064Z |
| cve-2015-2387 | N/A | ATMFD.DLL in the Adobe Type Manager Font Driver i… |
n/a |
n/a |
2015-07-14T22:00:00.000Z | 2025-10-21T23:55:58.933Z |
| cve-2015-2590 | N/A | Unspecified vulnerability in Oracle Java SE 6u95,… |
n/a |
n/a |
2015-07-16T10:00:00.000Z | 2025-10-21T23:55:58.775Z |
| cve-2015-2426 | N/A | Buffer underflow in atmfd.dll in the Windows Adob… |
n/a |
n/a |
2015-07-20T18:00:00.000Z | 2025-10-21T23:55:58.633Z |
| cve-2015-4495 | N/A | The PDF reader in Mozilla Firefox before 39.0.3, … |
n/a |
n/a |
2015-08-08T00:00:00.000Z | 2025-10-21T23:55:58.479Z |
| cve-2015-1642 | N/A | Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1… |
n/a |
n/a |
2015-08-15T00:00:00.000Z | 2025-10-21T23:55:58.312Z |
| cve-2015-1769 | N/A | Mount Manager in Microsoft Windows Vista SP2, Win… |
n/a |
n/a |
2015-08-15T00:00:00.000Z | 2025-10-21T23:55:58.179Z |
| cve-2015-2502 | N/A | Microsoft Internet Explorer 7 through 11 allows r… |
n/a |
n/a |
2015-08-19T10:00:00.000Z | 2025-10-21T23:55:57.999Z |
| cve-2015-2545 | N/A | Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, an… |
n/a |
n/a |
2015-09-09T00:00:00.000Z | 2025-10-21T23:55:57.852Z |
| cve-2015-2546 | N/A | The kernel-mode driver in Microsoft Windows Vista… |
n/a |
n/a |
2015-09-09T00:00:00.000Z | 2025-10-21T23:55:57.696Z |
| cve-2015-7645 | N/A | Adobe Flash Player 18.x through 18.0.0.252 and 19… |
n/a |
n/a |
2015-10-15T10:00:00.000Z | 2025-10-21T23:55:57.550Z |
| cve-2015-4902 | N/A | Unspecified vulnerability in Oracle Java SE 6u101… |
n/a |
n/a |
2015-10-21T23:00:00.000Z | 2025-10-21T23:55:57.316Z |
| cve-2015-4852 | N/A | The WLS Security component in Oracle WebLogic Ser… |
n/a |
n/a |
2015-11-18T15:00:00.000Z | 2025-10-21T23:55:57.062Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-8952 | Malicious code in node-request-ip (npm) | 2024-09-23T03:18:02Z | 2025-03-31T07:07:49Z |
| mal-2024-8945 | Malicious code in dcnm-core (npm) | 2024-09-23T13:47:21Z | 2025-03-26T00:35:03Z |
| mal-2024-8947 | Malicious code in flow-multisig (npm) | 2024-09-23T15:10:47Z | 2025-05-17T00:37:00Z |
| mal-2024-8958 | Malicious code in livingdesign-components (npm) | 2024-09-24T02:52:05Z | 2024-12-09T14:39:22Z |
| mal-2024-11568 | Malicious code in cryptograohy (PyPI) | 2024-09-28T16:06:10Z | 2025-02-10T05:36:19Z |
| mal-2024-11560 | Malicious code in colotama (PyPI) | 2024-09-29T16:36:08Z | 2025-02-10T05:36:19Z |
| mal-2024-9041 | Malicious code in dx-hotels-ui (npm) | 2024-09-29T18:55:47Z | 2025-02-08T00:32:01Z |
| mal-2024-9055 | Malicious code in visionmedia-debug (npm) | 2024-09-30T02:12:09Z | 2024-12-09T14:39:22Z |
| mal-2024-9053 | Malicious code in express-eval (npm) | 2024-10-01T00:08:21Z | 2025-03-31T07:07:49Z |
| mal-2024-9064 | Malicious code in xto10x (npm) | 2024-10-01T06:23:46Z | 2024-12-09T14:39:22Z |
| mal-2024-9058 | Malicious code in cloudflare-docs-starlight (npm) | 2024-10-01T22:40:44Z | 2025-08-11T09:41:07Z |
| mal-2024-9076 | Malicious code in dsp_login_front (npm) | 2024-10-02T08:02:10Z | 2024-12-09T14:39:21Z |
| mal-2024-9110 | Malicious code in sd-template-main (npm) | 2024-10-08T16:00:37Z | 2024-12-09T14:39:22Z |
| mal-2024-9123 | Malicious code in agoda-design-toolkit-2 (npm) | 2024-10-09T05:06:26Z | 2024-12-09T14:39:21Z |
| mal-2024-9160 | Malicious code in language-rego (npm) | 2024-10-09T05:06:26Z | 2024-12-09T14:39:22Z |
| mal-2024-9165 | Malicious code in makebetteremail (npm) | 2024-10-09T05:06:26Z | 2024-12-09T14:39:22Z |
| mal-2024-9187 | Malicious code in svelte-hms-world (npm) | 2024-10-09T05:06:26Z | 2024-12-09T14:39:22Z |
| mal-2024-9191 | Malicious code in uchiwa (npm) | 2024-10-09T05:06:26Z | 2024-12-09T14:39:22Z |
| mal-2024-9134 | Malicious code in branch-design-system (npm) | 2024-10-09T05:06:27Z | 2024-12-09T14:39:21Z |
| mal-2024-9140 | Malicious code in d11-conventional-jira-changelog (npm) | 2024-10-09T05:06:27Z | 2024-12-09T14:39:21Z |
| mal-2024-9175 | Malicious code in openai-examples (npm) | 2024-10-09T05:06:27Z | 2024-12-09T14:39:22Z |
| mal-2024-9201 | Malicious code in uploadcare-ckeditor (npm) | 2024-10-09T05:06:27Z | 2024-12-09T14:39:22Z |
| mal-2024-9137 | Malicious code in cap-frontend (npm) | 2024-10-09T06:51:10Z | 2024-12-09T14:39:21Z |
| mal-2024-9144 | Malicious code in entrevista_devops (npm) | 2024-10-09T06:51:10Z | 2024-12-09T14:39:21Z |
| mal-2024-9258 | Malicious code in wassup-shiva (npm) | 2024-10-10T04:23:26Z | 2024-12-09T14:39:22Z |
| mal-2024-9242 | Malicious code in node-red-contrib-lowwercase (npm) | 2024-10-10T05:07:17Z | 2024-12-09T14:39:22Z |
| mal-2024-9233 | Malicious code in foldl (npm) | 2024-10-10T06:34:16Z | 2024-12-09T14:39:21Z |
| mal-2024-9259 | Malicious code in weekopendays (npm) | 2024-10-10T06:34:16Z | 2024-12-09T14:39:22Z |
| mal-2024-9262 | Malicious code in xs2aframe (npm) | 2024-10-10T06:34:16Z | 2024-12-09T14:39:22Z |
| mal-2024-9214 | Malicious code in 1-2-customization-basic-format (npm) | 2024-10-10T06:35:27Z | 2024-12-09T14:39:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2009:1548 | Red Hat Security Advisory: kernel security and bug fix update | 2009-11-03T19:28:00+00:00 | 2025-11-08T03:27:03+00:00 |
| rhsa-2009:1551 | Red Hat Security Advisory: java-1.4.2-ibm security update | 2009-11-04T15:14:00+00:00 | 2025-11-08T03:24:16+00:00 |
| rhsa-2009:1560 | Red Hat Security Advisory: java-1.6.0-sun security update | 2009-11-09T15:04:00+00:00 | 2025-11-08T03:27:03+00:00 |
| rhsa-2009:1571 | Red Hat Security Advisory: java-1.5.0-sun security update | 2009-11-10T19:30:00+00:00 | 2025-11-08T03:27:04+00:00 |
| rhsa-2009:1579 | Red Hat Security Advisory: httpd security update | 2009-11-11T22:00:00+00:00 | 2025-11-08T03:27:04+00:00 |
| rhsa-2009:1580 | Red Hat Security Advisory: httpd security update | 2009-11-11T22:02:00+00:00 | 2025-11-08T03:27:04+00:00 |
| rhsa-2009:1582 | Red Hat Security Advisory: java-1.6.0-ibm security update | 2009-11-12T18:15:00+00:00 | 2025-11-08T03:27:05+00:00 |
| rhsa-2009:1585 | Red Hat Security Advisory: samba3x security and bug fix update | 2009-11-16T15:39:00+00:00 | 2025-11-08T03:27:05+00:00 |
| rhsa-2009:1584 | Red Hat Security Advisory: java-1.6.0-openjdk security update | 2009-11-16T15:44:00+00:00 | 2025-11-08T03:27:05+00:00 |
| rhsa-2009:1615 | Red Hat Security Advisory: xerces-j2 security update | 2009-11-30T15:11:00+00:00 | 2025-11-08T03:27:06+00:00 |
| rhsa-2009:1643 | Red Hat Security Advisory: java-1.4.2-ibm security update | 2009-12-08T02:56:00+00:00 | 2025-11-08T03:27:06+00:00 |
| rhsa-2009:1647 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2009-12-08T19:09:00+00:00 | 2025-11-08T03:27:06+00:00 |
| rhsa-2009:1657 | Red Hat Security Advisory: flash-plugin security update | 2009-12-09T16:11:00+00:00 | 2025-11-08T03:27:06+00:00 |
| rhsa-2009:1658 | Red Hat Security Advisory: flash-plugin security update | 2009-12-09T16:17:00+00:00 | 2025-11-08T03:27:07+00:00 |
| rhsa-2009:1659 | Red Hat Security Advisory: kvm security and bug fix update | 2009-12-09T16:28:00+00:00 | 2025-11-08T03:27:07+00:00 |
| rhsa-2009:1636 | Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP07 update | 2009-12-09T23:14:00+00:00 | 2025-11-08T03:24:21+00:00 |
| rhsa-2009:1637 | Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP08 update | 2009-12-09T23:32:00+00:00 | 2025-11-08T03:24:16+00:00 |
| rhsa-2009:1649 | Red Hat Security Advisory: JBoss Enterprise Application Platform 4.3.0.CP07 update | 2009-12-09T23:51:00+00:00 | 2025-11-08T03:24:17+00:00 |
| rhsa-2009:1650 | Red Hat Security Advisory: JBoss Enterprise Application Platform 4.2.0.CP08 update | 2009-12-10T00:03:00+00:00 | 2025-11-08T03:24:17+00:00 |
| rhsa-2009:1662 | Red Hat Security Advisory: Red Hat Network Satellite Server Sun Java Runtime security update | 2009-12-11T13:42:00+00:00 | 2025-11-08T03:24:18+00:00 |
| rhsa-2009:1671 | Red Hat Security Advisory: kernel security and bug fix update | 2009-12-15T17:12:00+00:00 | 2025-11-08T03:27:11+00:00 |
| rhsa-2009:1692 | Red Hat Security Advisory: rhev-hypervisor security and bug fix update | 2009-12-23T14:05:00+00:00 | 2025-11-08T03:27:07+00:00 |
| rhsa-2009:1694 | Red Hat Security Advisory: java-1.6.0-ibm security update | 2009-12-23T17:33:00+00:00 | 2025-11-08T03:24:18+00:00 |
| rhsa-2010:0011 | Red Hat Security Advisory: httpd and httpd22 security update | 2010-01-06T16:21:00+00:00 | 2025-11-08T03:27:08+00:00 |
| rhsa-2010:0019 | Red Hat Security Advisory: kernel security update | 2010-01-07T23:26:00+00:00 | 2025-11-08T03:24:18+00:00 |
| rhsa-2010:0020 | Red Hat Security Advisory: kernel security update | 2010-01-08T00:37:00+00:00 | 2025-11-08T03:27:07+00:00 |
| rhsa-2010:0037 | Red Hat Security Advisory: acroread security and bug fix update | 2010-01-13T16:03:00+00:00 | 2025-11-08T03:27:08+00:00 |
| rhsa-2010:0038 | Red Hat Security Advisory: acroread security update | 2010-01-13T16:08:00+00:00 | 2025-11-08T03:27:08+00:00 |
| rhsa-2010:0043 | Red Hat Security Advisory: Red Hat Network Satellite Server IBM Java Runtime security update | 2010-01-14T16:32:00+00:00 | 2025-11-08T03:24:19+00:00 |
| rhsa-2010:0046 | Red Hat Security Advisory: kernel security and bug fix update | 2010-01-19T23:30:00+00:00 | 2025-11-08T03:27:11+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2017-8363 | The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. | 2017-04-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-8365 | The i2les_array function in pcm.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file. | 2017-04-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2016-9840 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-9841 | inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-9842 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-9843 | The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. | 2017-05-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-6519 | avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809. | 2017-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2017-8244 | In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel variable "dbg_buf" "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. "buffer->curr" itself could also be overwritten which means that it may point to anywhere of kernel memory (for write). | 2017-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-8245 | In all Android releases from CAF using the Linux kernel while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size an out of bounds memory copy occurs. | 2017-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-8246 | In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel prtd is assigned substream->runtime->private_data. Later prtd is freed. However prtd is not sanitized and set to NULL resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check such as msm_pcm_volume_ctl_put() which means this freed memory could be used. | 2017-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-8923 | The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string. | 2017-05-02T00:00:00.000Z | 2025-10-01T23:11:00.000Z |
| msrc_cve-2017-6892 | In libsndfile version 1.0.28 an error in the "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an out-of-bounds read memory access via a specially crafted AIFF file. | 2017-06-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-10989 | The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. | 2017-07-02T00:00:00.000Z | 2025-09-04T00:00:20.000Z |
| msrc_cve-2017-11548 | The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service | 2017-07-02T00:00:00.000Z | 2025-10-01T23:10:54.000Z |
| msrc_cve-2017-11550 | The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service | 2017-07-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-11551 | The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service | 2017-07-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-12562 | Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 2017-08-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-12678 | In TagLib 1.11.1 the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. | 2017-08-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2017-14167 | Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values which trigger an out-of-bounds write. | 2017-09-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-14245 | An out of bounds read in the function d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure related to mishandling of the NAN and INFINITY floating-point values. | 2017-09-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-14246 | An out of bounds read in the function d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure related to mishandling of the NAN and INFINITY floating-point values. | 2017-09-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-14623 | In the ldap.v2 (aka go-ldap) package through 2.5.0 for Go an attacker may be able to login with an empty password. This issue affects an application using this package if these conditions are met: (1) it relies only on the return error of the Bind function call to determine whether a user is authorized (i.e. a nil return value is interpreted as successful authorization) and (2) it is used with an LDAP server allowing unauthenticated bind. | 2017-09-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2017-14634 | In libsndfile 1.0.28 a divide-by-zero error exists in the function double64_init() in double64.c which may lead to DoS when playing a crafted audio file. | 2017-09-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2017-14867 | Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support. | 2017-09-02T00:00:00.000Z | 2025-09-03T19:28:37.000Z |
| msrc_cve-2014-0047 | Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | 2017-10-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2015-2158 | Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service | 2017-10-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2015-7504 | Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. | 2017-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-1000097 | On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate. | 2017-10-02T00:00:00.000Z | 2025-09-03T21:38:46.000Z |
| msrc_cve-2017-1000118 | Akka HTTP versions <= 10.0.5 Illegal Media Range in Accept Header Causes StackOverflowError Leading to Denial of Service | 2017-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-1000256 | libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default. | 2017-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000071 | Fresh Reader RSS feed cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000073 | Movable Type cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000074 | phpAdsNew cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000085 | CGI RESCUE WebFORM vulnerable to HTTP header injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000086 | CGI RESCUE WebFORM vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000087 | CGI RESCUE WebFORM missing mail content vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000088 | Shopping Basket Professional vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000090 | b2evolution cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000091 | Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000093 | Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000094 | MODx cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000127 | CCC Cleaner buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000134 | Sage vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000135 | CCC Cleaner buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000159 | Adobe JRun cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000160 | ColdFusion cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000161 | ColdFusion error page cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000165 | Ariel AirOne series cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000176 | Mozilla Firefox cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000199 | CCC Cleaner division-by-zero vulnerability when scanning UPX-packed executables | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000200 | Trac cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000215 | FENCE-Pro and Systemwalker Desktop Encryption self-decoding file vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000218 | Interstage Application Server cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000225 | NewsGlue and Ikinari Jijyoutsuu arbitrary script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000226 | BASP21 vulnerable to mail header injection | 2008-05-21T00:00+09:00 | 2016-10-13T14:45+09:00 |
| jvndb-2007-000227 | CruiseWorks and Minna De Office vulnerable in access restrictions | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000228 | MailDwarf cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000229 | MailDwarf vulnerability allows unauthorized sending of emails | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000236 | Overlay Weaver cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000259 | open-gorotto cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|