Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-jvxp-2488-w24g | Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers … | 2022-04-30T00:02:23Z | 2025-10-22T00:31:12Z |
| ghsa-pqg2-q88q-5h4p | BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML Extern… | 2022-04-30T00:02:23Z | 2025-10-22T00:31:17Z |
| ghsa-x7ww-99cr-qmmw | Race condition in signal handling routine in ftpd, allowing read/write arbitrary files. | 2022-04-30T18:09:50Z | 2025-10-20T18:30:28Z |
| ghsa-53gp-9cgv-fj68 | smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs… | 2022-04-30T18:19:06Z | 2025-10-22T03:30:26Z |
| ghsa-xqgm-4493-f736 | HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary comm… | 2022-05-01T02:11:36Z | 2025-10-22T03:30:26Z |
| ghsa-7qwv-cwgj-c8rj | Improper Input Validation in Apache Struts | 2022-05-01T06:50:42Z | 2025-10-22T19:30:57Z |
| ghsa-pvcc-qqxr-p978 | Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and M… | 2022-05-01T06:59:35Z | 2025-10-22T03:30:26Z |
| ghsa-p77v-j929-9938 | Multiple cross-site scripting (XSS) vulnerabilities in JBMC Software DirectAdmin 1.28.1 allow remot… | 2022-05-01T07:33:45Z | 2022-05-01T07:33:45Z |
| ghsa-h24h-phxr-rg3x | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other O… | 2022-05-01T17:46:12Z | 2025-10-22T03:30:26Z |
| ghsa-39ch-q5j8-9rjh | Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled wit… | 2022-05-01T17:53:17Z | 2025-12-11T18:30:31Z |
| ghsa-pqc5-6q65-965r | Cross-site scripting (XSS) vulnerability in CMD_USER_STATS in DirectAdmin allows remote attackers t… | 2022-05-01T17:54:18Z | 2022-05-01T17:54:18Z |
| ghsa-4g5h-x2gw-q6h2 | Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 does not properl… | 2022-05-01T17:58:25Z | 2022-05-01T17:58:25Z |
| ghsa-xxqh-84mj-whcj | The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execut… | 2022-05-01T18:03:36Z | 2025-11-05T00:31:11Z |
| ghsa-27fx-q398-q8vr | masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 a… | 2022-05-01T18:09:27Z | 2025-10-22T03:30:26Z |
| ghsa-xjr9-phw2-2wjx | Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to e… | 2022-05-01T18:35:41Z | 2025-10-22T03:30:26Z |
| ghsa-qw37-hh98-8g3j | Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact a… | 2022-05-01T23:32:10Z | 2025-10-22T03:30:26Z |
| ghsa-c6vf-qwc3-92qf | Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers t… | 2022-05-01T23:55:30Z | 2025-10-22T03:30:26Z |
| ghsa-pxp3-358m-6vfm | The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METH… | 2022-05-02T00:00:06Z | 2025-10-22T03:30:26Z |
| ghsa-f5c7-c9q4-9h6j | Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Micr… | 2022-05-02T03:16:36Z | 2025-10-22T03:30:26Z |
| ghsa-fmc6-x6ww-78h8 | Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Ma… | 2022-05-02T03:16:36Z | 2025-10-22T03:30:26Z |
| ghsa-wr9v-3qgm-q33g | Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 … | 2022-05-02T03:19:52Z | 2025-10-22T03:30:26Z |
| ghsa-gwqf-cc2p-xjrw | The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2… | 2022-05-02T03:21:38Z | 2025-10-22T03:30:27Z |
| ghsa-fw5c-3235-cprv | Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x befor… | 2022-05-02T03:22:04Z | 2025-10-22T03:30:26Z |
| ghsa-wx6p-35hf-vhhj | Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x… | 2022-05-02T03:29:27Z | 2025-10-22T03:30:27Z |
| ghsa-2j56-f322-jxrm | Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session rese… | 2022-05-02T03:31:14Z | 2025-10-22T03:30:27Z |
| ghsa-gm83-wf9j-jhqj | Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows r… | 2022-05-02T03:33:03Z | 2025-12-16T21:30:48Z |
| ghsa-58g7-f54v-2jg8 | stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictio… | 2022-05-02T03:33:20Z | 2025-11-05T00:31:11Z |
| ghsa-8325-hmcc-g9mq | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open… | 2022-05-02T03:42:06Z | 2025-10-22T03:30:27Z |
| ghsa-5wf6-gpr3-53cq | Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, L… | 2022-05-02T03:50:11Z | 2025-10-22T03:30:27Z |
| ghsa-q4f6-24ph-r6rm | The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Ma… | 2022-05-02T03:50:11Z | 2025-10-22T03:30:27Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2016-0185 | N/A | Media Center in Microsoft Windows Vista SP2, Wind… |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.588Z |
| cve-2016-0189 | N/A | The Microsoft (1) JScript 5.8 and (2) VBScript 5.… |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-10-21T23:55:52.367Z |
| cve-2016-4117 | N/A | Adobe Flash Player 21.0.0.226 and earlier allows … |
n/a |
n/a |
2016-05-11T01:00:00.000Z | 2025-11-17T19:45:00.514Z |
| cve-2010-5326 | N/A | The Invoker Servlet on SAP NetWeaver Application … |
n/a |
n/a |
2016-05-13T10:00:00.000Z | 2025-10-21T23:55:52.045Z |
| cve-2016-3627 | N/A | The xmlStringGetNodeList function in tree.c in li… |
n/a |
n/a |
2016-05-17T14:00:00.000Z | 2025-12-04T17:11:28.323Z |
| cve-2016-4425 | N/A | Jansson 2.7 and earlier allows context-dependent … |
n/a |
n/a |
2016-05-17T14:00:00.000Z | 2025-12-04T17:09:13.364Z |
| cve-2016-1834 | N/A | Heap-based buffer overflow in the xmlStrncat func… |
n/a |
n/a |
2016-05-20T10:00:00.000Z | 2025-12-04T17:15:15.868Z |
| cve-2016-3088 | N/A | The Fileserver web application in Apache ActiveMQ… |
n/a |
n/a |
2016-06-01T20:00:00.000Z | 2025-10-21T23:55:51.892Z |
| cve-2016-4437 | N/A | Apache Shiro before 1.2.5, when a cipher key has … |
n/a |
n/a |
2016-06-07T14:00:00.000Z | 2025-10-21T23:55:51.717Z |
| cve-2016-4523 | N/A | The WAP interface in Trihedral VTScada (formerly … |
n/a |
n/a |
2016-06-09T10:00:00.000Z | 2025-10-21T23:55:51.558Z |
| cve-2016-3235 | N/A | Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2… |
n/a |
n/a |
2016-06-16T01:00:00.000Z | 2025-10-21T23:55:51.339Z |
| cve-2016-4171 | N/A | Unspecified vulnerability in Adobe Flash Player 2… |
n/a |
n/a |
2016-06-16T14:00:00.000Z | 2025-11-17T19:40:40.799Z |
| cve-2016-3643 | N/A | SolarWinds Virtualization Manager 6.3.1 and earli… |
n/a |
n/a |
2016-06-17T15:00:00.000Z | 2025-10-21T23:55:51.005Z |
| cve-2016-5131 | N/A | Use-after-free vulnerability in libxml2 through 2… |
n/a |
n/a |
2016-07-23T19:00:00.000Z | 2025-12-04T16:49:22.168Z |
| cve-2016-3309 | N/A | The kernel-mode drivers in Microsoft Windows Vist… |
n/a |
n/a |
2016-08-09T21:00:00.000Z | 2025-10-21T23:55:50.847Z |
| cve-2016-6366 | N/A | Buffer overflow in Cisco Adaptive Security Applia… |
n/a |
n/a |
2016-08-18T18:00:00.000Z | 2025-10-21T23:55:50.638Z |
| cve-2016-6367 | N/A | Cisco Adaptive Security Appliance (ASA) Software … |
n/a |
n/a |
2016-08-18T18:00:00.000Z | 2025-10-21T23:55:50.466Z |
| cve-2016-4655 | N/A | The kernel in Apple iOS before 9.3.5 allows attac… |
n/a |
n/a |
2016-08-25T21:00:00.000Z | 2025-10-21T23:55:50.320Z |
| cve-2016-4656 | N/A | The kernel in Apple iOS before 9.3.5 allows attac… |
n/a |
n/a |
2016-08-25T21:00:00.000Z | 2025-10-21T23:55:50.185Z |
| cve-2016-4657 | N/A | WebKit in Apple iOS before 9.3.5 allows remote at… |
n/a |
n/a |
2016-08-25T21:00:00.000Z | 2025-10-21T23:55:50.057Z |
| cve-2016-3351 | N/A | Microsoft Internet Explorer 9 through 11 and Micr… |
n/a |
n/a |
2016-09-14T10:00:00.000Z | 2025-10-21T23:55:49.907Z |
| cve-2016-7420 | N/A | Crypto++ (aka cryptopp) through 5.6.4 does not do… |
n/a |
n/a |
2016-09-16T00:00:00.000Z | 2025-11-14T20:04:12.033Z |
| cve-2016-6415 | N/A | The server IKEv1 implementation in Cisco IOS 12.2… |
n/a |
n/a |
2016-09-19T01:00:00.000Z | 2025-10-21T23:55:49.758Z |
| cve-2014-5414 | 9.1 (v3.1) | Beckhoff Embedded PC Images and TwinCAT Components Imp… |
Beckhoff |
Embedded PC Images |
2016-10-05T10:00:00 | 2025-11-04T23:09:34.639Z |
| cve-2014-5415 | 9.1 (v3.1) | Beckhoff Embedded PC Images and TwinCAT Components Exp… |
Beckhoff |
Embedded PC Images |
2016-10-05T10:00:00 | 2025-11-04T23:12:23.266Z |
| cve-2016-3298 | N/A | Microsoft Internet Explorer 9 through 11 and the … |
n/a |
n/a |
2016-10-14T01:00:00.000Z | 2025-10-21T23:55:49.581Z |
| cve-2016-3393 | N/A | Graphics Device Interface (aka GDI or GDI+) in Mi… |
n/a |
n/a |
2016-10-14T01:00:00.000Z | 2025-10-21T23:55:49.334Z |
| cve-2016-7193 | N/A | Microsoft Word 2007 SP2, Office 2010 SP2, Word 20… |
n/a |
n/a |
2016-10-14T01:00:00.000Z | 2025-10-21T23:55:49.146Z |
| cve-2016-5597 | N/A | Unspecified vulnerability in Oracle Java SE 6u121… |
n/a |
n/a |
2016-10-25T14:00:00.000Z | 2025-11-04T21:08:07.929Z |
| cve-2016-7855 | N/A | Use-after-free vulnerability in Adobe Flash Playe… |
n/a |
n/a |
2016-11-01T22:46:00.000Z | 2025-10-21T23:55:49.007Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2014-5417 | 7.5 (v2.0) | Meinberg Radio Clocks LANTIME M-Series |
Meinberg Radio Clocks |
LANTIME M-Series |
2014-11-05T11:00:00 | 2025-11-04T23:19:36.651Z |
| cve-2014-4077 | N/A | Microsoft Windows Server 2003 SP2, Windows Vista … |
n/a |
n/a |
2014-11-11T22:00:00.000Z | 2025-10-22T00:05:34.855Z |
| cve-2014-6332 | N/A | OleAut32.dll in OLE in Microsoft Windows Server 2… |
n/a |
n/a |
2014-11-11T22:00:00.000Z | 2025-10-22T00:05:34.718Z |
| cve-2014-6324 | N/A | The Kerberos Key Distribution Center (KDC) in Mic… |
n/a |
n/a |
2014-11-18T23:00:00.000Z | 2025-10-22T00:05:34.565Z |
| cve-2014-8439 | N/A | Adobe Flash Player before 13.0.0.258 and 14.x and… |
n/a |
n/a |
2014-11-25T23:00:00.000Z | 2025-10-22T00:05:34.383Z |
| cve-2014-9163 | N/A | Stack-based buffer overflow in Adobe Flash Player… |
n/a |
n/a |
2014-12-10T21:00:00.000Z | 2025-11-17T20:12:40.464Z |
| cve-2014-1587 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2014-12-11T11:00:00 | 2024-08-06T09:42:36.640Z |
| cve-2014-1590 | N/A | The XMLHttpRequest.prototype.send method in Mozil… |
n/a |
n/a |
2014-12-11T11:00:00 | 2024-08-06T09:42:36.608Z |
| cve-2014-1592 | N/A | Use-after-free vulnerability in the nsHtml5TreeOp… |
n/a |
n/a |
2014-12-11T11:00:00 | 2024-08-06T09:42:36.623Z |
| cve-2014-1593 | N/A | Stack-based buffer overflow in the mozilla::FileB… |
n/a |
n/a |
2014-12-11T11:00:00 | 2024-08-06T09:42:36.539Z |
| cve-2014-1594 | N/A | Mozilla Firefox before 34.0, Firefox ESR 31.x bef… |
n/a |
n/a |
2014-12-11T11:00:00 | 2024-08-06T09:50:09.592Z |
| cve-2014-100005 | N/A | Multiple cross-site request forgery (CSRF) vulner… |
n/a |
n/a |
2015-01-13T11:00:00.000Z | 2025-10-22T00:05:34.069Z |
| cve-2015-0016 | N/A | Directory traversal vulnerability in the TS WebPr… |
n/a |
n/a |
2015-01-13T22:00:00.000Z | 2025-10-22T00:05:33.942Z |
| cve-2014-5418 | 5 (v2.0) | GE Multilink Uncontrolled Resource Consumption |
GE |
Multilink ML800/1200/1600/2400 |
2015-01-17T02:00:00 | 2025-11-04T23:30:32.557Z |
| cve-2014-5419 | 10 (v2.0) | GE Multilink Use of Hard-coded Cryptographic Key |
GE |
Multilink ML800/1200/1600/2400 |
2015-01-17T02:00:00 | 2025-11-04T23:32:07.026Z |
| cve-2015-0310 | N/A | Adobe Flash Player before 13.0.0.262 and 14.x thr… |
n/a |
n/a |
2015-01-23T21:00:00.000Z | 2025-11-17T20:10:36.688Z |
| cve-2015-0311 | N/A | Unspecified vulnerability in Adobe Flash Player t… |
n/a |
n/a |
2015-01-23T21:00:00.000Z | 2025-11-17T20:19:18.996Z |
| cve-2015-0313 | N/A | Use-after-free vulnerability in Adobe Flash Playe… |
n/a |
n/a |
2015-02-02T19:00:00.000Z | 2025-11-17T20:03:39.557Z |
| cve-2015-0071 | N/A | Microsoft Internet Explorer 9 through 11 allows r… |
n/a |
n/a |
2015-02-11T02:00:00.000Z | 2025-10-22T00:05:33.391Z |
| cve-2015-1427 | N/A | The Groovy scripting engine in Elasticsearch befo… |
n/a |
n/a |
2015-02-17T15:00:00.000Z | 2025-10-22T00:05:33.236Z |
| cve-2015-2051 | N/A | The D-Link DIR-645 Wired/Wireless Router Rev. Ax … |
n/a |
n/a |
2015-02-23T17:00:00.000Z | 2025-10-22T00:05:33.088Z |
| cve-2014-5409 | 6.4 (v2.0) | GE Hydran M2 Predictable Value Range from Previous Values |
GE |
Hydran M2, containing the 17046 Ethernet option |
2015-03-14T01:00:00 | 2025-11-03T18:58:26.900Z |
| cve-2015-0801 | N/A | Mozilla Firefox before 37.0, Firefox ESR 31.x bef… |
n/a |
n/a |
2015-04-01T10:00:00 | 2024-08-06T04:26:10.191Z |
| cve-2015-0813 | N/A | Use-after-free vulnerability in the AppendElement… |
n/a |
n/a |
2015-04-01T10:00:00 | 2024-08-06T04:26:11.047Z |
| cve-2015-0815 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2015-04-01T10:00:00 | 2024-08-06T04:26:11.210Z |
| cve-2015-0816 | N/A | Mozilla Firefox before 37.0, Firefox ESR 31.x bef… |
n/a |
n/a |
2015-04-01T10:00:00 | 2024-08-06T04:26:10.591Z |
| cve-2014-5400 | 6.8 (v2.0) | Hospira MedNet Password in Configuration File |
Hospira |
MedNet |
2015-04-03T10:00:00 | 2025-11-03T18:26:56.284Z |
| cve-2014-5403 | 6.8 (v2.0) | Hospira MedNet Use of Hard-coded Cryptographic Key |
Hospira |
MedNet |
2015-04-03T10:00:00 | 2025-11-03T18:22:39.434Z |
| cve-2014-5405 | 9 (v2.0) | Hospira MedNet Use of Hard-coded Password |
Hospira |
MedNet |
2015-04-03T10:00:00 | 2025-11-03T18:25:50.764Z |
| cve-2015-0666 | N/A | Directory traversal vulnerability in the fmserver… |
n/a |
n/a |
2015-04-03T10:00:00.000Z | 2025-10-22T00:05:32.918Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-kam193-411f66d1a60ae39b | Malicious code in pyhthon (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-432fe7421d089148 | Malicious code in pytoh (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-44e524ba1270f215 | Malicious code in opnsea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4561502f40fc21ea | Malicious code in pythn (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-465af33359aa2b6f | Malicious code in eetherium (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-485cfeca7b1b4291 | Malicious code in web3-py9 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4c4d93355035a5eb | Malicious code in etheruem (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4ccbe307e1f41f25 | Malicious code in openes (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4e16e380733398d3 | Malicious code in pytonn (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4e8d1e65eace420c | Malicious code in eethereum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4f116d23a37e9b35 | Malicious code in etheerum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4f1e93899ee0ae5c | Malicious code in etheriuim (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4f67c5544c9c465e | Malicious code in openza (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4f70df8d1c347a28 | Malicious code in opwnsea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4ff00f77ce8280bb | Malicious code in wbe3-py (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-4ff5f4e75785e3b7 | Malicious code in opensae (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-50b23b39e8aa23e8 | Malicious code in werb3 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-53d392d18cc1c9bf | Malicious code in pythob (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5428b21b872ea57a | Malicious code in openseaa (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-55a0dc7e2a2ad07f | Malicious code in openzea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5679b6387d167da8 | Malicious code in webt3 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-56c0b9137145905e | Malicious code in opnesea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-57ba1fb9aaee1e82 | Malicious code in openxsea (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5925cc4bda2e0614 | Malicious code in opensear (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5a6e156a1104c296 | Malicious code in etherreumm (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5dc2b9d9e5d1ece7 | Malicious code in bussardweg4av2 (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5e99f0017efe6001 | Malicious code in ethererum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5f66125ba1d079e7 | Malicious code in etheereium (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5f76ef7ba4e36d9f | Malicious code in ethereuum (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| mal-0000-kam193-5f8ba67720db5dc3 | Malicious code in etheraem (PyPI) | 2024-06-28T20:16:20Z | 2024-06-28T20:16:20Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2078 | Red Hat Enterprise Linux (Developer Hub): Mehrere Schwachstellen | 2025-09-16T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2080 | Google Chrome / Microsoft Edge: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-09-17T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2083 | Ruby: Schwachstelle ermöglicht Denial of Service | 2025-09-17T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2087 | Linux Kernel: Mehrere Schwachstellen | 2025-09-17T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2092 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-18T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2099 | Linux Kernel: Mehrere Schwachstellen | 2025-09-21T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2101 | Ghostscript: Schwachstellen ermöglichen Codeausführung | 2025-09-21T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2104 | WebKitGTK: Mehrere Schwachstellen | 2025-09-22T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2107 | Linux Kernel: Mehrere Schwachstellen | 2025-09-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2109 | Autodesk Produkte: Schwachstelle ermöglicht Codeausführung | 2025-09-22T22:00:00.000+00:00 | 2025-11-09T23:00:00.000+00:00 |
| wid-sec-w-2025-2110 | LibTiff: Schwachstelle ermöglicht Codeausführung | 2025-09-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2114 | Dell PowerEdge BIOS und iDRAC9: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-09-23T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2115 | WordPress Core: Mehrere Schwachstellen | 2025-09-23T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2126 | Drupal Module: Mehrere Schwachstellen | 2025-09-24T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2129 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-09-24T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2132 | Linux Kernel: Mehrere Schwachstellen | 2025-09-24T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2134 | Red Hat Enterprise Linux (Developer Hub): Schwachstelle ermöglicht Denial of Service | 2025-09-25T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2144 | binutils: Mehrere Schwachstellen | 2025-09-28T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2150 | Red Hat Enterprise Linux: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-09-29T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2152 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-09-29T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2166 | OpenSSL und LibreSSL: Mehrere Schwachstellen | 2025-09-30T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2170 | Linux Kernel: Mehrere Schwachstellen | 2025-09-30T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2187 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-01T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2190 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-10-01T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2193 | QEMU: Schwachstelle ermöglicht Denial of Service | 2025-10-05T22:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2194 | Linux Kernel: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2195 | Oracle E-Business Suite: Schwachstelle ermöglicht Codeausführung | 2025-10-05T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-2196 | Redis: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2198 | MediaWiki: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2202 | fetchmail: Schwachstelle ermöglicht Denial of Service | 2025-10-05T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-686975 | SSA-686975: IPU 2022.3 Vulnerabilities in Siemens Industrial Products using Intel CPUs | 2023-02-14T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-260625 | SSA-260625: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.2 | 2023-03-14T00:00:00Z | 2023-03-14T00:00:00Z |
| ssa-320629 | SSA-320629: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.3 | 2023-03-14T00:00:00Z | 2023-03-14T00:00:00Z |
| ssa-322980 | SSA-322980: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2023-04-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-632164 | SSA-632164: External Entity Injection Vulnerability in Polarion ALM | 2023-04-11T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-699404 | SSA-699404: Observable Response Discrepancy in Mendix Forgot Password Module | 2023-04-11T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-325383 | SSA-325383: Multiple Vulnerabilities in SCALANCE LPE9403 before V2.1 | 2023-05-09T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-516174 | SSA-516174: Wi-Fi Encryption Bypass Vulnerabilities in SCALANCE W1750D | 2023-05-09T00:00:00Z | 2023-10-10T00:00:00Z |
| ssa-555292 | SSA-555292: Security Vulnerabilities Fixed in SIMATIC Cloud Connect 7 V2.1 | 2023-05-09T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-789345 | SSA-789345: Code Execution Vulnerabilities in Siveillance Video Event and Management Servers | 2023-05-09T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-042050 | SSA-042050: Know-How Protection Mechanism Failure in TIA Portal | 2023-06-13T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-482956 | SSA-482956: Information Disclosure Vulnerability in SIMOTION before V5.5 | 2023-06-13T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-508677 | SSA-508677: Use of Obsolete Function Vulnerability in SIMATIC WinCC before V8 | 2023-06-13T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-538795 | SSA-538795: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go | 2023-06-13T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-731916 | SSA-731916: Multiple Vulnerabilities in CPCI85 Firmware of SICAM A8000 Devices | 2023-06-13T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-887249 | SSA-887249: Multiple Vulnerabilities in the Web Interface of SICAM Q200 Devices | 2023-06-13T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-942865 | SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products | 2023-06-13T00:00:00Z | 2023-06-14T00:00:00Z |
| ssa-764801 | SSA-764801: File Parsing Vulnerabilities in Tecnomatix Plant Simulation | 2023-07-11T00:00:00Z | 2023-09-12T00:00:00Z |
| ssa-924149 | SSA-924149: Stack Overflow Vulnerability in SiPass Integrated before V2.90.3.8 | 2023-07-11T00:00:00Z | 2023-07-11T00:00:00Z |
| ssa-001569 | SSA-001569: JT File Parsing Vulnerabilities in JT Open, JT Utilities and Parasolid | 2023-08-08T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-116172 | SSA-116172: Nullsoft Scriptable Install System (NSIS) Vulnerability (CVE-2023-37378) in Parasolid Installer | 2023-08-08T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-131450 | SSA-131450: File parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization | 2023-08-08T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-188491 | SSA-188491: DLL Hijacking Vulnerabilities in Siemens Software Center | 2023-08-08T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-264814 | SSA-264814: Timing Based Side Channel Vulnerability in the OpenSSL RSA Decryption in SIMATIC Products | 2023-08-08T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-264815 | SSA-264815: Type Confusion Vulnerability in OpenSSL X.400 Address Processing in SIMATIC Products | 2023-08-08T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-472630 | SSA-472630: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.4 | 2023-08-08T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-811403 | SSA-811403: Multiple File Parsing Vulnerabilities in Solid Edge before V223 Update 7 | 2023-08-08T00:00:00Z | 2023-08-08T00:00:00Z |
| ssa-147266 | SSA-147266: Multiple Vulnerabilities in QMS Automotive before V12.39 | 2023-09-12T00:00:00Z | 2023-09-12T00:00:00Z |
| ssa-711309 | SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | 2023-09-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-957369 | SSA-957369: Insyde BIOS Vulnerabilities in RUGGEDCOM APE1808 Product Family | 2023-09-12T00:00:00Z | 2023-09-12T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2003:066 | Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes | 2003-06-25T15:52:00+00:00 | 2025-11-21T17:25:39+00:00 |
| rhsa-2003:190 | Red Hat Security Advisory: : : : Updated 2.4 kernel for pSeries and iSeries fixes vulnerabilities | 2003-06-25T17:45:00+00:00 | 2025-11-21T17:26:07+00:00 |
| rhsa-2003:212 | Red Hat Security Advisory: : : : Updated glibc packages fix vulnerabilities | 2003-06-26T22:28:00+00:00 | 2025-11-21T17:26:18+00:00 |
| rhsa-2003:159 | Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities | 2003-06-30T14:37:00+00:00 | 2025-11-21T17:26:03+00:00 |
| rhsa-2003:214 | Red Hat Security Advisory: : : : Updated tcpdump packages fix various vulnerabilities | 2003-06-30T16:10:00+00:00 | 2025-11-21T17:26:13+00:00 |
| rhsa-2003:216 | Red Hat Security Advisory: : : : Updated Xpdf packages fix security vulnerability | 2003-06-30T22:36:00+00:00 | 2025-11-21T17:26:14+00:00 |
| rhsa-2003:199 | Red Hat Security Advisory: : Updated unzip packages fix trojan vulnerability | 2003-07-01T09:16:00+00:00 | 2025-11-21T17:26:10+00:00 |
| rhsa-2003:200 | Red Hat Security Advisory: unzip security update | 2003-07-01T15:24:00+00:00 | 2025-11-21T17:26:10+00:00 |
| rhsa-2003:218 | Red Hat Security Advisory: : : : Updated unzip and tar packages that fix vulnerabilities are now available | 2003-07-01T20:10:00+00:00 | 2025-11-21T17:26:14+00:00 |
| rhsa-2003:158 | Red Hat Security Advisory: : : : Updated mm packages fix temporary file handling | 2003-07-02T14:26:00+00:00 | 2025-11-21T17:26:03+00:00 |
| rhsa-2003:203 | Red Hat Security Advisory: : Updated Ethereal packages fix security issues | 2003-07-03T08:31:00+00:00 | 2025-11-21T17:26:10+00:00 |
| rhsa-2003:208 | Red Hat Security Advisory: : : : Updated openldap packages available for iSeries and pSeries | 2003-07-07T19:58:00+00:00 | 2025-11-21T17:26:12+00:00 |
| rhsa-2003:071 | Red Hat Security Advisory: hanterm-xf security update | 2003-07-08T19:44:00+00:00 | 2025-11-21T17:25:40+00:00 |
| rhsa-2003:077 | Red Hat Security Advisory: ethereal security update | 2003-07-08T19:59:00+00:00 | 2025-11-21T17:25:48+00:00 |
| rhsa-2003:227 | Red Hat Security Advisory: : : : Updated sendmail packages fix vulnerabilities | 2003-07-08T20:37:00+00:00 | 2025-11-21T17:26:17+00:00 |
| rhsa-2003:027 | Red Hat Security Advisory: netscape security update | 2003-07-09T07:57:00+00:00 | 2025-11-21T17:25:26+00:00 |
| rhsa-2003:229 | Red Hat Security Advisory: : : : Updated ypserv packages fix various vulnerabilities | 2003-07-14T16:00:00+00:00 | 2025-11-21T17:26:18+00:00 |
| rhsa-2003:207 | Red Hat Security Advisory: nfs-utils security update | 2003-07-14T16:08:00+00:00 | 2025-11-21T17:26:12+00:00 |
| rhsa-2003:206 | Red Hat Security Advisory: : : : Updated nfs-utils packages fix denial of service vulnerability | 2003-07-14T16:10:00+00:00 | 2025-11-21T17:26:12+00:00 |
| rhsa-2003:225 | Red Hat Security Advisory: : : : Updated LPRng packages fix psbanner vulnerability | 2003-07-14T16:12:00+00:00 | 2025-11-21T17:26:16+00:00 |
| rhsa-2003:228 | Red Hat Security Advisory: : : : Updated xinetd packages fix denial-of-service attacks and other bugs | 2003-07-14T19:33:00+00:00 | 2025-11-21T17:26:17+00:00 |
| rhsa-2003:162 | Red Hat Security Advisory: : : : Updated Mozilla packages fix security vulnerability. | 2003-07-15T07:42:00+00:00 | 2025-11-21T17:26:04+00:00 |
| rhsa-2003:226 | Red Hat Security Advisory: : : : Updated samba packages fix security vulnerabilities | 2003-07-15T16:51:00+00:00 | 2025-11-21T17:26:20+00:00 |
| rhsa-2003:238 | Red Hat Security Advisory: : : : Updated 2.4 kernel fixes vulnerabilities | 2003-07-21T15:36:00+00:00 | 2025-11-21T17:26:20+00:00 |
| rhsa-2003:234 | Red Hat Security Advisory: : Updated semi packages fix vulnerability | 2003-07-23T16:33:00+00:00 | 2025-11-21T17:26:24+00:00 |
| rhsa-2003:221 | Red Hat Security Advisory: : Updated stunnel packages fix signal vulnerability | 2003-07-25T13:14:00+00:00 | 2025-11-21T17:26:14+00:00 |
| rhsa-2003:223 | Red Hat Security Advisory: stunnel security update | 2003-07-25T13:17:00+00:00 | 2025-11-21T17:26:15+00:00 |
| rhsa-2003:224 | Red Hat Security Advisory: openssh security update | 2003-07-29T07:27:00+00:00 | 2025-11-21T17:26:16+00:00 |
| rhsa-2003:222 | Red Hat Security Advisory: : Updated openssh packages available | 2003-07-29T16:06:00+00:00 | 2025-11-21T17:26:14+00:00 |
| rhsa-2003:236 | Red Hat Security Advisory: kdelibs security update | 2003-07-30T20:48:00+00:00 | 2025-11-21T17:26:20+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2018-1000156 | GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time. | 2018-04-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-10392 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | 2018-04-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-10393 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | 2018-04-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-1000168 | nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1. | 2018-05-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-10689 | blktrace (aka Block IO Tracing) 1.2.0 as used with the Linux kernel and Android has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small as demonstrated by an invalid free when using the btt program with a crafted file. | 2018-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2018-11439 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | 2018-05-02T00:00:00.000Z | 2022-01-19T00:00:00.000Z |
| msrc_cve-2018-7159 | The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete. | 2018-05-02T00:00:00.000Z | 2025-12-07T01:36:21.000Z |
| msrc_cve-2017-16046 | `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2018-1000182 | A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 2018-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file". | 2018-06-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2018-11694 | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | 2018-06-02T00:00:00.000Z | 2023-08-01T00:00:00.000Z |
| msrc_cve-2018-7161 | All versions of Node.js 8.x 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node server providing an http2 server to crash. This can be accomplished by interacting with the http2 server in a manner that triggers a cleanup bug where objects are used in native code after they are no longer available. This has been addressed by updating the http2 implementation. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-7162 | All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending duplicate/unexpected messages during the handshake. This vulnerability has been addressed by updating the TLS implementation. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-7164 | Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker could use this cause a denial of service by sending tiny chunks of data in short succession. This vulnerability was restored by reverting to the prior behaviour. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2018-7167 | Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron") 8.x (LTS "Carbon") and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. | 2018-06-02T00:00:00.000Z | 2021-06-06T00:00:00.000Z |
| msrc_cve-2017-12150 | It was found that samba before 4.4.16 4.5.x before 4.5.14 and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. | 2018-07-02T00:00:00.000Z | 2024-10-15T00:00:00.000Z |
| msrc_cve-2018-10906 | In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system accessible by other users and trick them into accessing files on that file system possibly causing Denial of Service or other unspecified effects. | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-1129 | A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable. | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-13139 | A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | 2018-07-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2018-13410 | Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value given that the entire purpose of -TT is execution of arbitrary commands | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-13419 | An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue | 2018-07-02T00:00:00.000Z | 2021-01-28T00:00:00.000Z |
| msrc_cve-2018-13420 | Google gperftools 2.7 has a memory leak in malloc_extension.cc related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program | 2018-07-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2018-14040 | In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute | 2018-07-02T00:00:00.000Z | 2025-09-03T22:09:33.000Z |
| msrc_cve-2018-14042 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. | 2018-07-02T00:00:00.000Z | 2025-09-03T23:08:20.000Z |
| msrc_cve-2018-1999023 | The Battle for Wesnoth Project contains a Code Injection that can result in code execution outside the sandbox | 2018-07-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2018-1999024 | MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability | 2018-07-02T00:00:00.000Z | 2025-09-03T22:22:20.000Z |
| msrc_cve-2017-9118 | PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 2018-08-02T00:00:00.000Z | 2025-10-01T23:11:00.000Z |
| msrc_cve-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string. | 2018-08-02T00:00:00.000Z | 2025-10-01T23:11:00.000Z |
| msrc_cve-2018-1000215 | Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service | 2018-08-02T00:00:00.000Z | 2025-09-04T01:12:38.000Z |
| msrc_cve-2018-1000216 | Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could be either local or over a network. This vulnerability appears to have been fixed in 1.7.3. | 2018-08-02T00:00:00.000Z | 2025-09-03T20:53:58.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2007-000625 | Tuigwaa cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000626 | Mayaa cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000639 | Shopping Basket Pro directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000640 | Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000645 | 7-ZIP32.DLL buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000646 | Fuktommy.com httpd.pl including HTML preprocessor vulnerable to directory traversal | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000647 | Fuktommy.com httpd.pl included in its HTML preprocessor vulnerable in allowing an attacker to view arbitrary CGI source code | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000678 | Fingerprint Authentication Software for Sony Pocket Bit installs hidden folders and files | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000697 | Lhaplus buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000699 | JP1/NETM/DM Manager SQL Injection Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000700 | Cosminexus javadoc Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000701 | Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000702 | Cosminexus Developer's Kit for Java Buffer Overflow and Denial of Service Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000710 | Cosminexus Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000711 | TPBroker Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000712 | Cosminexus Agent Process Crash Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000727 | Safari allows access from HTTP to HTTPS | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000729 | Aipo session fixation vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000730 | Webmin OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000745 | PowerArchiver buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000772 | Hitachi Web Server SSL Client Authentication Vulnerability | 2008-05-21T00:00+09:00 | 2014-05-23T18:32+09:00 |
| jvndb-2007-000773 | Hitachi Web Server Cross-Site Scripting Vulnerability with Server-Status Page | 2008-05-21T00:00+09:00 | 2014-05-21T18:27+09:00 |
| jvndb-2007-000779 | MouseoverDictionary vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000801 | NetCommons cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000802 | Lotus Domino cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000803 | Cross-site scripting vulnerability in updir.php in UPDIR.NET | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000804 | Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000805 | RoundCube Webmail cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000806 | Feed2JS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2007-000807 | FileMaker cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|