Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-vxc9-8m8h-9cp6 | In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default installation… | 2022-04-27T00:00:21Z | 2025-10-22T00:32:32Z |
| ghsa-8m5h-hrqm-pxm2 | Path traversal in the OWASP Enterprise Security API | 2022-04-27T21:09:43Z | 2025-11-03T22:28:22Z |
| ghsa-q77q-vx4q-xx6q | Cross-site Scripting in org.owasp.esapi:esapi | 2022-04-27T21:09:46Z | 2025-11-03T22:28:35Z |
| ghsa-867p-9w54-69hp | The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrar… | 2022-04-29T02:57:20Z | 2025-10-22T03:30:26Z |
| ghsa-7757-mj68-c29v | Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (v… | 2022-04-29T02:59:39Z | 2025-10-22T03:30:26Z |
| ghsa-6w47-3vvr-m9hm | Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windo… | 2022-04-30T00:02:23Z | 2025-10-22T00:31:21Z |
| ghsa-jvxp-2488-w24g | Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers … | 2022-04-30T00:02:23Z | 2025-10-22T00:31:12Z |
| ghsa-pqg2-q88q-5h4p | BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML Extern… | 2022-04-30T00:02:23Z | 2025-10-22T00:31:17Z |
| ghsa-x7ww-99cr-qmmw | Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | 2022-04-30T18:09:50Z | 2025-10-20T18:30:28Z |
| ghsa-53gp-9cgv-fj68 | smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs… | 2022-04-30T18:19:06Z | 2025-10-22T03:30:26Z |
| ghsa-xqgm-4493-f736 | HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary comm… | 2022-05-01T02:11:36Z | 2025-10-22T03:30:26Z |
| ghsa-7qwv-cwgj-c8rj | Improper Input Validation in Apache Struts | 2022-05-01T06:50:42Z | 2025-10-22T19:30:57Z |
| ghsa-pvcc-qqxr-p978 | Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and M… | 2022-05-01T06:59:35Z | 2025-10-22T03:30:26Z |
| ghsa-h24h-phxr-rg3x | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other O… | 2022-05-01T17:46:12Z | 2025-10-22T03:30:26Z |
| ghsa-xxqh-84mj-whcj | The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execut… | 2022-05-01T18:03:36Z | 2025-11-05T00:31:11Z |
| ghsa-27fx-q398-q8vr | masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 a… | 2022-05-01T18:09:27Z | 2025-10-22T03:30:26Z |
| ghsa-xjr9-phw2-2wjx | Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to e… | 2022-05-01T18:35:41Z | 2025-10-22T03:30:26Z |
| ghsa-qw37-hh98-8g3j | Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact a… | 2022-05-01T23:32:10Z | 2025-10-22T03:30:26Z |
| ghsa-c6vf-qwc3-92qf | Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers t… | 2022-05-01T23:55:30Z | 2025-10-22T03:30:26Z |
| ghsa-pxp3-358m-6vfm | The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METH… | 2022-05-02T00:00:06Z | 2025-10-22T03:30:26Z |
| ghsa-f5c7-c9q4-9h6j | Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Micr… | 2022-05-02T03:16:36Z | 2025-10-22T03:30:26Z |
| ghsa-fmc6-x6ww-78h8 | Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Ma… | 2022-05-02T03:16:36Z | 2025-10-22T03:30:26Z |
| ghsa-wr9v-3qgm-q33g | Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 … | 2022-05-02T03:19:52Z | 2025-10-22T03:30:26Z |
| ghsa-gwqf-cc2p-xjrw | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2… | 2022-05-02T03:21:38Z | 2025-10-22T03:30:27Z |
| ghsa-fw5c-3235-cprv | Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x befor… | 2022-05-02T03:22:04Z | 2025-10-22T03:30:26Z |
| ghsa-wx6p-35hf-vhhj | Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x… | 2022-05-02T03:29:27Z | 2025-10-22T03:30:27Z |
| ghsa-2j56-f322-jxrm | Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session rese… | 2022-05-02T03:31:14Z | 2025-10-22T03:30:27Z |
| ghsa-58g7-f54v-2jg8 | stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictio… | 2022-05-02T03:33:20Z | 2025-11-05T00:31:11Z |
| ghsa-8325-hmcc-g9mq | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open… | 2022-05-02T03:42:06Z | 2025-10-22T03:30:27Z |
| ghsa-5wf6-gpr3-53cq | Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, L… | 2022-05-02T03:50:11Z | 2025-10-22T03:30:27Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2015-8651 | N/A | Integer overflow in Adobe Flash Player before 18.… |
n/a |
n/a |
2015-12-28T23:00:00.000Z | 2025-10-21T23:55:56.425Z |
| cve-2015-7450 | N/A | Serialized-object interfaces in certain IBM analy… |
n/a |
n/a |
2016-01-02T21:00:00.000Z | 2025-10-21T23:55:56.246Z |
| cve-2016-0034 | N/A | Microsoft Silverlight 5 before 5.1.41212.0 mishan… |
n/a |
n/a |
2016-01-13T02:00:00.000Z | 2025-10-21T23:55:56.096Z |
| cve-2016-0040 | N/A | The kernel in Microsoft Windows Vista SP2, Window… |
n/a |
n/a |
2016-02-10T11:00:00.000Z | 2025-10-21T23:55:55.948Z |
| cve-2016-0984 | N/A | Use-after-free vulnerability in Adobe Flash Playe… |
n/a |
n/a |
2016-02-10T20:00:00.000Z | 2025-10-21T23:55:55.589Z |
| cve-2016-0752 | N/A | Directory traversal vulnerability in Action View … |
n/a |
n/a |
2016-02-16T02:00:00.000Z | 2025-10-21T23:55:55.440Z |
| cve-2016-2386 | N/A | SQL injection vulnerability in the UDDI server in… |
n/a |
n/a |
2016-02-16T15:00:00.000Z | 2025-10-21T23:55:55.277Z |
| cve-2016-2388 | N/A | The Universal Worklist Configuration in SAP NetWe… |
n/a |
n/a |
2016-02-16T15:00:00.000Z | 2025-10-21T23:55:55.132Z |
| cve-2016-0099 | N/A | The Secondary Logon Service in Microsoft Windows … |
n/a |
n/a |
2016-03-09T11:00:00.000Z | 2025-10-21T23:55:54.947Z |
| cve-2016-1010 | N/A | Integer overflow in Adobe Flash Player before 18.… |
n/a |
n/a |
2016-03-12T15:00:00.000Z | 2025-10-21T23:55:54.744Z |
| cve-2016-1646 | N/A | The Array.prototype.concat implementation in buil… |
n/a |
n/a |
2016-03-29T10:00:00.000Z | 2025-10-21T23:55:54.355Z |
| cve-2016-1019 | N/A | Adobe Flash Player 21.0.0.197 and earlier allows … |
n/a |
n/a |
2016-04-07T10:00:00.000Z | 2025-10-21T23:55:54.185Z |
| cve-2016-3976 | N/A | Directory traversal vulnerability in SAP NetWeave… |
n/a |
n/a |
2016-04-07T23:00:00.000Z | 2025-10-21T23:55:54.035Z |
| cve-2016-0151 | N/A | The Client-Server Run-time Subsystem (CSRSS) in M… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.897Z |
| cve-2016-0162 | N/A | Microsoft Internet Explorer 9 through 11 allows r… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.729Z |
| cve-2016-0165 | N/A | The kernel-mode driver in Microsoft Windows Vista… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.587Z |
| cve-2016-0167 | N/A | The kernel-mode driver in Microsoft Windows Vista… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.432Z |
| cve-2016-3427 | N/A | Unspecified vulnerability in Oracle Java SE 6u113… |
n/a |
n/a |
2016-04-21T10:00:00.000Z | 2025-10-21T23:55:53.262Z |
| cve-2016-3714 | N/A | The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (… |
n/a |
n/a |
2016-05-05T18:00:00.000Z | 2025-10-21T23:55:53.098Z |
| cve-2016-3715 | N/A | The EPHEMERAL coder in ImageMagick before 6.9.3-1… |
n/a |
n/a |
2016-05-05T18:00:00.000Z | 2025-10-21T23:55:52.910Z |
| cve-2016-3718 | N/A | The (1) HTTP and (2) FTP coders in ImageMagick be… |
n/a |
n/a |
2016-05-05T18:00:00.000Z | 2025-10-21T23:55:52.756Z |
| cve-2016-0185 | N/A | Media Center in Microsoft Windows Vista SP2, Wind… |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.588Z |
| cve-2016-0189 | N/A | The Microsoft (1) JScript 5.8 and (2) VBScript 5.… |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.367Z |
| cve-2016-4117 | N/A | Adobe Flash Player 21.0.0.226 and earlier allows … |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.219Z |
| cve-2010-5326 | N/A | The Invoker Servlet on SAP NetWeaver Application … |
n/a |
n/a |
2016-05-13T10:00:00.000Z | 2025-10-21T23:55:52.045Z |
| cve-2016-3088 | N/A | The Fileserver web application in Apache ActiveMQ… |
n/a |
n/a |
2016-06-01T20:00:00.000Z | 2025-10-21T23:55:51.892Z |
| cve-2016-4437 | N/A | Apache Shiro before 1.2.5, when a cipher key has … |
n/a |
n/a |
2016-06-07T14:00:00.000Z | 2025-10-21T23:55:51.717Z |
| cve-2016-4523 | N/A | The WAP interface in Trihedral VTScada (formerly … |
n/a |
n/a |
2016-06-09T10:00:00.000Z | 2025-10-21T23:55:51.558Z |
| cve-2016-3235 | N/A | Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2… |
n/a |
n/a |
2016-06-16T01:00:00.000Z | 2025-10-21T23:55:51.339Z |
| cve-2016-4171 | N/A | Unspecified vulnerability in Adobe Flash Player 2… |
n/a |
n/a |
2016-06-16T14:00:00.000Z | 2025-10-21T23:55:51.186Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2015-5317 | N/A | The Fingerprints pages in Jenkins before 1.638 an… |
n/a |
n/a |
2015-11-25T20:00:00.000Z | 2025-10-21T23:55:56.897Z |
| cve-2015-6175 | N/A | The kernel in Microsoft Windows 10 Gold allows lo… |
n/a |
n/a |
2015-12-09T11:00:00.000Z | 2025-10-21T23:55:56.760Z |
| cve-2015-7755 | N/A | Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0… |
n/a |
n/a |
2015-12-19T11:00:00.000Z | 2025-10-21T23:55:56.610Z |
| cve-2015-7928 | N/A | eWON devices with firmware before 10.1s0 do not h… |
n/a |
n/a |
2015-12-23T11:00:00.000Z | 2025-11-04T16:09:06.301Z |
| cve-2015-8651 | N/A | Integer overflow in Adobe Flash Player before 18.… |
n/a |
n/a |
2015-12-28T23:00:00.000Z | 2025-10-21T23:55:56.425Z |
| cve-2015-7450 | N/A | Serialized-object interfaces in certain IBM analy… |
n/a |
n/a |
2016-01-02T21:00:00.000Z | 2025-10-21T23:55:56.246Z |
| cve-2016-0034 | N/A | Microsoft Silverlight 5 before 5.1.41212.0 mishan… |
n/a |
n/a |
2016-01-13T02:00:00.000Z | 2025-10-21T23:55:56.096Z |
| cve-2016-0040 | N/A | The kernel in Microsoft Windows Vista SP2, Window… |
n/a |
n/a |
2016-02-10T11:00:00.000Z | 2025-10-21T23:55:55.948Z |
| cve-2016-0984 | N/A | Use-after-free vulnerability in Adobe Flash Playe… |
n/a |
n/a |
2016-02-10T20:00:00.000Z | 2025-10-21T23:55:55.589Z |
| cve-2016-0752 | N/A | Directory traversal vulnerability in Action View … |
n/a |
n/a |
2016-02-16T02:00:00.000Z | 2025-10-21T23:55:55.440Z |
| cve-2016-2386 | N/A | SQL injection vulnerability in the UDDI server in… |
n/a |
n/a |
2016-02-16T15:00:00.000Z | 2025-10-21T23:55:55.277Z |
| cve-2016-2388 | N/A | The Universal Worklist Configuration in SAP NetWe… |
n/a |
n/a |
2016-02-16T15:00:00.000Z | 2025-10-21T23:55:55.132Z |
| cve-2016-0099 | N/A | The Secondary Logon Service in Microsoft Windows … |
n/a |
n/a |
2016-03-09T11:00:00.000Z | 2025-10-21T23:55:54.947Z |
| cve-2016-1010 | N/A | Integer overflow in Adobe Flash Player before 18.… |
n/a |
n/a |
2016-03-12T15:00:00.000Z | 2025-10-21T23:55:54.744Z |
| cve-2016-1646 | N/A | The Array.prototype.concat implementation in buil… |
n/a |
n/a |
2016-03-29T10:00:00.000Z | 2025-10-21T23:55:54.355Z |
| cve-2016-1019 | N/A | Adobe Flash Player 21.0.0.197 and earlier allows … |
n/a |
n/a |
2016-04-07T10:00:00.000Z | 2025-10-21T23:55:54.185Z |
| cve-2016-3976 | N/A | Directory traversal vulnerability in SAP NetWeave… |
n/a |
n/a |
2016-04-07T23:00:00.000Z | 2025-10-21T23:55:54.035Z |
| cve-2016-0151 | N/A | The Client-Server Run-time Subsystem (CSRSS) in M… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.897Z |
| cve-2016-0162 | N/A | Microsoft Internet Explorer 9 through 11 allows r… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.729Z |
| cve-2016-0165 | N/A | The kernel-mode driver in Microsoft Windows Vista… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.587Z |
| cve-2016-0167 | N/A | The kernel-mode driver in Microsoft Windows Vista… |
n/a |
n/a |
2016-04-12T23:00:00.000Z | 2025-10-21T23:55:53.432Z |
| cve-2016-3427 | N/A | Unspecified vulnerability in Oracle Java SE 6u113… |
n/a |
n/a |
2016-04-21T10:00:00.000Z | 2025-10-21T23:55:53.262Z |
| cve-2016-3714 | N/A | The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (… |
n/a |
n/a |
2016-05-05T18:00:00.000Z | 2025-10-21T23:55:53.098Z |
| cve-2016-3715 | N/A | The EPHEMERAL coder in ImageMagick before 6.9.3-1… |
n/a |
n/a |
2016-05-05T18:00:00.000Z | 2025-10-21T23:55:52.910Z |
| cve-2016-3718 | N/A | The (1) HTTP and (2) FTP coders in ImageMagick be… |
n/a |
n/a |
2016-05-05T18:00:00.000Z | 2025-10-21T23:55:52.756Z |
| cve-2016-0185 | N/A | Media Center in Microsoft Windows Vista SP2, Wind… |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.588Z |
| cve-2016-0189 | N/A | The Microsoft (1) JScript 5.8 and (2) VBScript 5.… |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.367Z |
| cve-2016-4117 | N/A | Adobe Flash Player 21.0.0.226 and earlier allows … |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.219Z |
| cve-2010-5326 | N/A | The Invoker Servlet on SAP NetWeaver Application … |
n/a |
n/a |
2016-05-13T10:00:00.000Z | 2025-10-21T23:55:52.045Z |
| cve-2016-3088 | N/A | The Fileserver web application in Apache ActiveMQ… |
n/a |
n/a |
2016-06-01T20:00:00.000Z | 2025-10-21T23:55:51.892Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-9237 | Malicious code in hubs-bot (npm) | 2024-10-10T06:35:27Z | 2024-12-09T14:39:22Z |
| mal-2024-9252 | Malicious code in sendbird-uikit-integration (npm) | 2024-10-10T06:35:27Z | 2024-12-09T14:39:22Z |
| mal-2024-9257 | Malicious code in vtadmin (npm) | 2024-10-10T06:35:27Z | 2024-12-09T14:39:22Z |
| mal-2024-9220 | Malicious code in com.sendbird.calls (npm) | 2024-10-10T06:35:28Z | 2024-12-09T14:39:21Z |
| mal-2024-9236 | Malicious code in hubs-admin (npm) | 2024-10-10T06:35:28Z | 2024-12-09T14:39:22Z |
| mal-2024-9239 | Malicious code in jacoco-report (npm) | 2024-10-10T06:35:28Z | 2024-12-09T14:39:22Z |
| mal-2024-9251 | Malicious code in sendbird-hubs (npm) | 2024-10-10T06:35:28Z | 2024-12-09T14:39:22Z |
| mal-2024-9256 | Malicious code in typescript-error-reporter-action (npm) | 2024-10-10T06:35:28Z | 2024-12-09T14:39:22Z |
| mal-2024-9244 | Malicious code in prismjs-editor-v2 (npm) | 2024-10-10T06:44:45Z | 2024-12-09T14:39:22Z |
| mal-2024-9240 | Malicious code in mohamedsaqib (npm) | 2024-10-10T06:56:10Z | 2024-12-09T14:39:22Z |
| mal-2024-9222 | Malicious code in duckc2 (npm) | 2024-10-10T23:27:22Z | 2024-12-09T14:39:21Z |
| mal-2024-9223 | Malicious code in duckc2-api (npm) | 2024-10-10T23:27:22Z | 2024-12-09T14:39:21Z |
| mal-2024-9224 | Malicious code in duckc2-apis (npm) | 2024-10-10T23:27:22Z | 2024-12-09T14:39:21Z |
| mal-2024-9245 | Malicious code in pt-validate (npm) | 2024-10-10T23:56:11Z | 2024-12-09T14:39:22Z |
| mal-2024-9249 | Malicious code in request-ip-check (npm) | 2024-10-11T00:07:36Z | 2025-03-31T07:07:49Z |
| mal-2024-9273 | Malicious code in cbdev2024test (npm) | 2024-10-11T03:28:51Z | 2024-12-09T14:39:21Z |
| mal-2024-9274 | Malicious code in gcp-monitor-prod (npm) | 2024-10-11T03:28:51Z | 2024-12-09T14:39:22Z |
| mal-2024-9277 | Malicious code in opti-distube (npm) | 2024-10-11T04:45:28Z | 2024-12-09T14:39:22Z |
| mal-2024-9276 | Malicious code in o-typography (npm) | 2024-10-11T05:02:39Z | 2024-12-09T14:39:22Z |
| mal-2024-9286 | Malicious code in hdhh.hiijack (npm) | 2024-10-13T18:40:43Z | 2025-03-26T00:35:03Z |
| mal-2024-9295 | Malicious code in redis-oracle (npm) | 2024-10-14T02:04:26Z | 2024-12-09T14:39:22Z |
| mal-2024-9333 | Malicious code in aria-web-telemetry (npm) | 2024-10-16T01:40:19Z | 2024-12-09T14:39:21Z |
| mal-2024-9490 | Malicious code in @zva/web (npm) | 2024-10-16T12:26:46Z | 2024-12-09T14:39:21Z |
| mal-2024-9495 | Malicious code in agora-rtc-web (npm) | 2024-10-16T12:28:24Z | 2025-04-28T05:47:09Z |
| mal-2024-9514 | Malicious code in autogen_studio (npm) | 2024-10-16T12:32:50Z | 2025-03-03T15:08:00Z |
| mal-2024-9523 | Malicious code in bnppf-font-icons (npm) | 2024-10-16T12:35:20Z | 2024-12-09T14:39:21Z |
| mal-2024-9565 | Malicious code in config-conventional (npm) | 2024-10-16T12:41:08Z | 2025-08-01T10:42:04Z |
| mal-2024-9583 | Malicious code in dfx-api (npm) | 2024-10-16T12:43:48Z | 2025-04-28T05:47:09Z |
| mal-2024-9598 | Malicious code in eslint-v7 (npm) | 2024-10-16T12:51:03Z | 2025-03-31T07:07:49Z |
| mal-2024-9661 | Malicious code in icons-material (npm) | 2024-10-16T12:57:41Z | 2025-04-28T05:47:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2010:0053 | Red Hat Security Advisory: kernel security and bug fix update | 2010-01-20T00:07:00+00:00 | 2025-11-08T03:24:19+00:00 |
| rhsa-2010:0054 | Red Hat Security Advisory: openssl security update | 2010-01-20T00:23:00+00:00 | 2025-11-08T03:27:09+00:00 |
| rhsa-2010:0060 | Red Hat Security Advisory: acroread security update | 2010-01-20T14:38:00+00:00 | 2025-11-08T03:27:09+00:00 |
| rhsa-2010:0041 | Red Hat Security Advisory: kernel-rt security and bug fix update | 2010-01-21T14:10:00+00:00 | 2025-11-08T03:27:13+00:00 |
| rhsa-2010:0079 | Red Hat Security Advisory: kernel security and bug fix update | 2010-02-02T21:01:00+00:00 | 2025-11-08T03:24:20+00:00 |
| rhsa-2010:0088 | Red Hat Security Advisory: kvm security and bug fix update | 2010-02-09T10:01:00+00:00 | 2025-11-08T03:27:09+00:00 |
| rhsa-2010:0095 | Red Hat Security Advisory: rhev-hypervisor security and bug fix update | 2010-02-09T15:23:00+00:00 | 2025-11-08T03:24:20+00:00 |
| rhsa-2010:0102 | Red Hat Security Advisory: flash-plugin security update | 2010-02-12T14:24:00+00:00 | 2025-11-08T03:27:10+00:00 |
| rhsa-2010:0103 | Red Hat Security Advisory: flash-plugin security update | 2010-02-12T14:24:00+00:00 | 2025-11-08T03:27:10+00:00 |
| rhsa-2010:0111 | Red Hat Security Advisory: kernel security update | 2010-02-16T16:57:00+00:00 | 2025-11-08T03:27:10+00:00 |
| rhsa-2010:0114 | Red Hat Security Advisory: acroread security and bug fix update | 2010-02-18T15:48:00+00:00 | 2025-11-08T03:27:10+00:00 |
| rhsa-2010:0119 | Red Hat Security Advisory: JBoss Enterprise Web Server 1.0.1 update | 2010-02-23T20:20:00+00:00 | 2025-11-08T03:27:11+00:00 |
| rhsa-2010:0126 | Red Hat Security Advisory: kvm security and bug fix update | 2010-03-01T19:23:00+00:00 | 2025-11-08T03:27:11+00:00 |
| rhsa-2010:0130 | Red Hat Security Advisory: java-1.5.0-ibm security update | 2010-03-03T18:20:00+00:00 | 2025-11-08T03:27:13+00:00 |
| rhsa-2010:0147 | Red Hat Security Advisory: kernel security and bug fix update | 2010-03-17T00:13:00+00:00 | 2025-11-08T03:27:12+00:00 |
| rhsa-2010:0146 | Red Hat Security Advisory: kernel security and bug fix update | 2010-03-17T00:42:00+00:00 | 2025-11-08T03:27:11+00:00 |
| rhsa-2010:0148 | Red Hat Security Advisory: kernel security and bug fix update | 2010-03-17T03:01:00+00:00 | 2025-11-08T03:27:12+00:00 |
| rhsa-2010:0149 | Red Hat Security Advisory: kernel security and bug fix update | 2010-03-17T03:59:00+00:00 | 2025-11-08T03:27:12+00:00 |
| rhsa-2010:0155 | Red Hat Security Advisory: java-1.4.2-ibm security and bug fix update | 2010-03-17T17:19:00+00:00 | 2025-11-08T03:27:13+00:00 |
| rhsa-2010:0172 | Red Hat Security Advisory: rhev-hypervisor security and bug fix update | 2010-03-24T15:46:00+00:00 | 2025-11-08T03:27:19+00:00 |
| rhsa-2010:0162 | Red Hat Security Advisory: openssl security update | 2010-03-25T08:52:00+00:00 | 2025-11-08T03:27:13+00:00 |
| rhsa-2010:0163 | Red Hat Security Advisory: openssl security update | 2010-03-25T09:11:00+00:00 | 2025-11-08T03:27:14+00:00 |
| rhsa-2010:0164 | Red Hat Security Advisory: openssl097a security update | 2010-03-25T09:20:00+00:00 | 2025-11-08T03:27:14+00:00 |
| rhsa-2010:0173 | Red Hat Security Advisory: openssl096b security update | 2010-03-25T09:51:00+00:00 | 2025-11-08T03:27:15+00:00 |
| rhsa-2010:0165 | Red Hat Security Advisory: nss security update | 2010-03-25T10:01:00+00:00 | 2025-11-08T03:27:14+00:00 |
| rhsa-2010:0166 | Red Hat Security Advisory: gnutls security update | 2010-03-25T10:19:00+00:00 | 2025-11-08T03:27:14+00:00 |
| rhsa-2010:0167 | Red Hat Security Advisory: gnutls security update | 2010-03-25T10:31:00+00:00 | 2025-11-08T03:27:14+00:00 |
| rhsa-2010:0178 | Red Hat Security Advisory: Red Hat Enterprise Linux 5.5 kernel security and bug fix update | 2010-03-29T12:00:00+00:00 | 2025-11-08T03:27:15+00:00 |
| rhsa-2010:0271 | Red Hat Security Advisory: kvm security, bug fix and enhancement update | 2010-03-29T12:00:00+00:00 | 2025-11-08T03:27:20+00:00 |
| rhsa-2010:0291 | Red Hat Security Advisory: gfs-kmod security, bug fix and enhancement update | 2010-03-29T12:00:00+00:00 | 2025-11-08T03:27:16+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2017-12613 | When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input. | 2017-10-02T00:00:00.000Z | 2025-10-01T23:10:55.000Z |
| msrc_cve-2017-15042 | An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STARTTLS and does advertise that PLAIN auth is OK, the smtp.PlainAuth implementation sends the username and password. | 2017-10-02T00:00:00.000Z | 2025-09-03T22:44:27.000Z |
| msrc_cve-2017-15370 | There is a heap-based buffer overflow in the ImaExpandS function of ima_rw.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. | 2017-10-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2017-15371 | There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file. | 2017-10-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2017-1000232 | A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors. | 2017-11-02T00:00:00.000Z | 2022-08-04T00:00:00.000Z |
| msrc_cve-2017-14176 | Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands | 2017-11-02T00:00:00.000Z | 2025-10-01T23:10:55.000Z |
| msrc_cve-2017-14992 | Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0 1.10.3 17.03.0 17.03.1 17.03.2 17.06.0 17.06.1 17.06.2 17.09.0 and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload aka gzip bombing. | 2017-11-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2017-15275 | Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. | 2017-11-02T00:00:00.000Z | 2024-10-15T00:00:00.000Z |
| msrc_cve-2017-16754 | Bolt before 3.3.6 does not properly restrict access to _profiler routes | 2017-11-02T00:00:00.000Z | 2025-10-01T23:10:55.000Z |
| msrc_cve-2017-16844 | Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size a different vulnerability than CVE-2014-3618. | 2017-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2017-11697 | The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file. | 2017-12-02T00:00:00.000Z | 2025-09-03T22:48:37.000Z |
| msrc_cve-2017-17522 | Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting | 2017-12-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2012-6708 | jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common. | 2018-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2015-9251 | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option causing text/javascript responses to be executed. | 2018-01-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2017-17969 | Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | 2018-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-5996 | Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. | 2018-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2004-2779 | id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS). | 2018-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2014-5282 | Docker before 1.3 does not properly validate image IDs which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. | 2018-02-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2018-1000026 | Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.. | 2018-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2018-1000035 | A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution. | 2018-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-6951 | An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault associated with a NULL pointer dereference leading to a denial of service in the intuit_diff_type function in pch.c aka a "mangled rename" issue. | 2018-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-6952 | A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. | 2018-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-7263 | The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service | 2018-02-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2017-18207 | The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions. | 2018-03-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2017-18214 | The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string a different vulnerability than CVE-2016-4055. | 2018-03-02T00:00:00.000Z | 2024-09-11T00:00:00.000Z |
| msrc_cve-2018-1000097 | Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file.. | 2018-03-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-1000110 | An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. | 2018-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2018-1050 | All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. | 2018-03-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-1057 | On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords including administrative users and privileged service accounts (eg Domain Controllers). | 2018-03-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-9057 | aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password. | 2018-03-02T00:00:00.000Z | 2022-04-02T00:00:00.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000260 | Shihonkanri Plus Ver2 GOOUT directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000290 | InfoBarrier4 self-decrypted file vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000295 | APOP password recovery vulnerability | 2008-05-21T00:00+09:00 | 2009-08-06T11:39+09:00 |
| jvndb-2007-000297 | Apache Tomcat Accept-Language Header Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-07-11T13:47+09:00 |
| jvndb-2007-000301 | Canon Network Camera Server VB100 Series vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000322 | Lunascape RSS reader arbitrary script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000329 | Java Web Start vulnerable to execution of unauthorized system classes | 2008-05-21T00:00+09:00 | 2008-06-06T16:22+09:00 |
| jvndb-2007-000395 | Homepage Builder sample CGI programs vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000400 | Advance-Flow cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000420 | HP System Management Homepage cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000429 | Meneame cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000434 | ADPLAN cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000446 | Internet Explorer vulnerable in MHTML handling | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000447 | Internet Explorer vulnerable in handling MHTML protocol | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000454 | dotProject cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000456 | Apache Tomcat sample web application cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-07-11T13:48+09:00 |
| jvndb-2007-000457 | Apache Tomcat cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-07-11T13:48+09:00 |
| jvndb-2007-000471 | RaidenHTTPD cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000476 | Hiki arbitrary file deletion vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000486 | rktSNS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000487 | sHTTPd cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000491 | Lhaca LHZ Archive Extended Header Size Processing Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000494 | KDDI sample CGI download program directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000507 | Flash Player allows to send arbitrary Referer headers | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000548 | Nessus report function vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000551 | Aruba Mobility Controller Series cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000559 | Yayoi Kaikei improper handling of credential information | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000560 | Safari URL spoofing vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000572 | WebCart cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000598 | Apache Tomcat Host Manager cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|