Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-7698 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Tiandy Easy7 Integrated Management Platform updateDbBa… |
Tiandy |
Easy7 Integrated Management Platform |
2026-05-03T13:30:40.287Z | 2026-05-04T13:03:46.060Z |
| CVE-2026-7691 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Wavlink WL-WN570HA1 adm.cgi set_sys_cmd command injection |
Wavlink |
WL-WN570HA1 |
2026-05-03T10:15:11.137Z | 2026-05-04T13:02:51.934Z |
| CVE-2026-42368 |
9.9 (3.1)
|
GeoVision LPC2011/LPC2211 Web Interface privilege esca… |
GeoVision Inc. |
GV-LPC2011/LPC2211 |
2026-05-04T00:45:53.668Z | 2026-05-04T13:01:56.434Z |
| CVE-2026-7716 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
code-projects Gym Management System In PHP/Windows NT … |
code-projects |
Gym Management System In PHP |
2026-05-04T00:45:13.763Z | 2026-05-04T13:01:17.516Z |
| CVE-2026-20450 |
6.5 (3.1)
|
In Modem, there is a possible system crash due to… |
MediaTek, Inc. |
MediaTek chipset |
2026-05-04T05:41:56.258Z | 2026-05-04T12:59:48.327Z |
| CVE-2026-42366 |
7.4 (3.1)
|
GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi refl… |
GeoVision Inc. |
GV-LPC2011/LPC2211 |
2026-05-04T00:42:39.182Z | 2026-05-04T12:59:22.360Z |
| CVE-2026-20449 |
6.5 (3.1)
|
In Modem, there is a possible system crash due to… |
MediaTek, Inc. |
MediaTek chipset |
2026-05-04T05:41:54.581Z | 2026-05-04T12:59:15.818Z |
| CVE-2026-42365 |
8.6 (3.1)
|
GeoVision LPC2011/LPC2211 Web Interface guessable sess… |
GeoVision Inc. |
GV-LPC2011/LPC2211 |
2026-05-04T00:42:08.487Z | 2026-05-04T12:58:48.734Z |
| CVE-2026-42364 |
9.9 (3.1)
|
GeoVision LPC2011/LPC2211 Web Interface / DdnsSetting.… |
GeoVision Inc. |
GV-LPC2011/LPC2211 |
2026-05-04T00:41:33.908Z | 2026-05-04T12:58:13.050Z |
| CVE-2026-20448 |
6.7 (3.1)
|
In geniezone, there is a possible escalation of p… |
MediaTek, Inc. |
MediaTek chipset |
2026-05-04T05:41:52.927Z | 2026-05-04T12:57:21.672Z |
| CVE-2026-7729 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
pixelsock directus-mcp MCP index.ts validateUrl server… |
pixelsock |
directus-mcp |
2026-05-04T03:45:14.096Z | 2026-05-04T12:57:18.618Z |
| CVE-2026-7708 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
Open5GS UDR subscription.c ogs_dbi_subscription_data d… |
n/a |
Open5GS |
2026-05-03T22:45:13.612Z | 2026-05-04T12:56:53.880Z |
| CVE-2026-7628 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
crazyrabbitLTC mcp-code-review-server RepoMix repomix.… |
crazyrabbitLTC |
mcp-code-review-server |
2026-05-02T12:00:14.660Z | 2026-05-04T12:56:34.250Z |
| CVE-2026-7722 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
PrefectHQ prefect Health Check API health endswith imp… |
PrefectHQ |
prefect |
2026-05-04T02:15:18.541Z | 2026-05-04T12:56:25.514Z |
| CVE-2026-20447 |
6.7 (3.1)
|
In geniezone, there is a possible escalation of p… |
MediaTek, Inc. |
MediaTek chipset |
2026-05-04T05:41:51.218Z | 2026-05-04T12:56:24.654Z |
| CVE-2026-7714 |
6.9 (4.0)
6.5 (3.1)
6.5 (3.0)
|
crocodilestick Calibre-Web-Automated Admin Endpoint cw… |
crocodilestick |
Calibre-Web-Automated |
2026-05-04T00:15:11.837Z | 2026-05-04T12:56:04.600Z |
| CVE-2026-20451 |
6.7 (3.1)
|
In slbc, there is a possible out of bounds write … |
MediaTek, Inc. |
MediaTek chipset |
2026-05-04T05:42:29.660Z | 2026-05-04T12:55:49.245Z |
| CVE-2026-7720 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Totolink WA300 POST Request cstecgi.cgi setLanguageCfg… |
Totolink |
WA300 |
2026-05-04T01:45:14.135Z | 2026-05-04T12:55:27.383Z |
| CVE-2026-34032 |
N/A
|
Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Re… |
Apache Software Foundation |
Apache HTTP Server |
2026-05-04T12:54:54.383Z | 2026-05-04T12:54:54.383Z |
| CVE-2026-42370 |
9 (3.1)
|
GeoVision GV-VMS V20 WebCam Server Login stack overflo… |
GeoVision Inc. |
GV-VMS V20.0.2 |
2026-05-04T00:48:05.154Z | 2026-05-04T12:54:22.231Z |
| CVE-2026-33845 |
7.5 (3.1)
|
Gnutls: gnutls: denial of service via dtls zero-length… |
|
|
2026-04-30T17:41:34.076Z | 2026-05-04T12:54:18.629Z |
| CVE-2026-4062 |
7.5 (3.1)
|
Geo Mashup <= 1.13.18 - Unauthenticated Time-Based SQL… |
cyberhobo |
Geo Mashup |
2026-05-02T11:16:10.178Z | 2026-05-04T12:54:08.995Z |
| CVE-2026-7727 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Shandong Hoteam Software PDM Product Data Management S… |
Shandong Hoteam Software |
PDM Product Data Management System |
2026-05-04T03:15:27.138Z | 2026-05-04T12:54:03.162Z |
| CVE-2026-5335 |
5.3 (3.1)
|
Magic Export & Import < 1.2.0 - Unauthenticated PII Di… |
Unknown |
Magic Export & Import |
2026-05-04T06:00:08.987Z | 2026-05-04T12:53:55.367Z |
| CVE-2026-7372 |
9 (3.1)
|
GeoVision GV-VMS V20 WebCam Server Login stack overflo… |
GeoVision Inc. |
GV-VMS V20.0.2 |
2026-05-04T00:47:36.651Z | 2026-05-04T12:52:41.934Z |
| CVE-2026-7733 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
funadmin Frontend Chunked Upload Endpoint UploadServic… |
n/a |
funadmin |
2026-05-04T04:45:24.024Z | 2026-05-04T12:52:12.894Z |
| CVE-2026-42369 |
10 (3.1)
|
GeoVision GV-VMS V20 WebCam Server stack overflow vuln… |
GeoVision Inc. |
GV-VMS V20.0.2 |
2026-05-04T00:47:00.507Z | 2026-05-04T12:51:44.914Z |
| CVE-2026-7608 |
5.1 (4.0)
5.5 (3.1)
5.5 (3.0)
|
TRENDnet TEW-821DAP tools_diagnostic os command injection |
TRENDnet |
TEW-821DAP |
2026-05-02T08:45:12.294Z | 2026-05-04T12:51:20.648Z |
| CVE-2026-43860 |
3.7 (3.1)
|
mutt before 2.3.2 sometimes truncates the hash_pa… |
mutt |
mutt |
2026-05-04T05:45:05.581Z | 2026-05-04T12:50:27.250Z |
| CVE-2026-6457 |
6.5 (3.1)
|
Geo Mashup <= 1.13.19 - Authenticated (Subscriber+) SQ… |
cyberhobo |
Geo Mashup |
2026-05-02T07:46:41.352Z | 2026-05-04T12:49:54.803Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-29199 | phpBB before 3.3.16 is vulnerable to Host Header Injection that can lead to password rest link pois… | 2026-05-04T07:15:59.960 | 2026-05-04T07:15:59.960 |
| fkie_cve-2026-20451 | In slbc, there is a possible out of bounds write due to type confusion. This could lead to local es… | 2026-05-04T07:15:59.840 | 2026-05-04T07:15:59.840 |
| fkie_cve-2026-20450 | In Modem, there is a possible system crash due to incorrect error handling. This could lead to remo… | 2026-05-04T07:15:59.723 | 2026-05-04T07:15:59.723 |
| fkie_cve-2026-20449 | In Modem, there is a possible system crash due to a heap buffer overflow. This could lead to remote… | 2026-05-04T07:15:59.610 | 2026-05-04T07:15:59.610 |
| fkie_cve-2026-20448 | In geniezone, there is a possible escalation of privilege due to a missing permission check. This c… | 2026-05-04T07:15:59.500 | 2026-05-04T07:15:59.500 |
| fkie_cve-2026-20447 | In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could… | 2026-05-04T07:15:58.450 | 2026-05-04T07:15:58.450 |
| fkie_cve-2026-7735 | A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.Dec… | 2026-05-04T06:16:02.367 | 2026-05-04T06:16:02.367 |
| fkie_cve-2026-7734 | A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAt… | 2026-05-04T06:16:02.197 | 2026-05-04T06:16:02.197 |
| fkie_cve-2026-7733 | A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUp… | 2026-05-04T06:16:02.027 | 2026-05-04T06:16:02.027 |
| fkie_cve-2026-7732 | A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element i… | 2026-05-04T06:16:01.857 | 2026-05-04T06:16:01.857 |
| fkie_cve-2026-7731 | A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. The affe… | 2026-05-04T06:16:01.640 | 2026-05-04T06:16:01.640 |
| fkie_cve-2026-7669 | A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokeni… | 2026-05-02T22:16:24.080 | 2026-05-04T06:16:01.440 |
| fkie_cve-2026-7163 | A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service)… | 2026-04-30T14:16:36.093 | 2026-05-04T06:16:01.313 |
| fkie_cve-2026-39087 | ntfy before 2.22.0 allows SSRF because of an unanchored regular expression. | 2026-04-23T16:16:25.063 | 2026-05-04T06:16:00.913 |
| fkie_cve-2026-7730 | A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function child_pro… | 2026-05-04T05:16:01.340 | 2026-05-04T05:16:01.340 |
| fkie_cve-2026-7729 | A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the functio… | 2026-05-04T05:16:01.153 | 2026-05-04T05:16:01.153 |
| fkie_cve-2026-7728 | A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the functi… | 2026-05-04T05:16:00.977 | 2026-05-04T05:16:00.977 |
| fkie_cve-2026-7727 | A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to… | 2026-05-04T05:16:00.800 | 2026-05-04T05:16:00.800 |
| fkie_cve-2026-7725 | A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some un… | 2026-05-04T05:16:00.577 | 2026-05-04T05:16:00.577 |
| fkie_cve-2026-31431 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to… | 2026-04-22T09:16:21.270 | 2026-05-04T05:16:00.220 |
| fkie_cve-2026-7724 | A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerabili… | 2026-05-04T03:16:13.317 | 2026-05-04T03:16:13.317 |
| fkie_cve-2026-7723 | A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the fil… | 2026-05-04T03:16:13.143 | 2026-05-04T03:16:13.143 |
| fkie_cve-2026-7722 | A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith … | 2026-05-04T03:16:12.967 | 2026-05-04T03:16:12.967 |
| fkie_cve-2026-7721 | A security vulnerability has been detected in Totolink WA300 5.2cu.7112_B20190227. This affects the… | 2026-05-04T03:16:12.683 | 2026-05-04T03:16:12.683 |
| fkie_cve-2026-7720 | A weakness has been identified in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the … | 2026-05-04T02:15:58.840 | 2026-05-04T02:15:58.840 |
| fkie_cve-2026-7719 | A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is… | 2026-05-04T02:15:58.657 | 2026-05-04T02:15:58.657 |
| fkie_cve-2026-7718 | A vulnerability was identified in Totolink WA300 5.2cu.7112_B20190227. Impacted is the function set… | 2026-05-04T02:15:58.477 | 2026-05-04T02:15:58.477 |
| fkie_cve-2026-4878 | A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (T… | 2026-04-09T16:16:31.987 | 2026-05-04T02:15:58.233 |
| fkie_cve-2026-7717 | A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the funct… | 2026-05-04T01:16:05.380 | 2026-05-04T01:16:05.380 |
| fkie_cve-2026-7716 | A vulnerability was found in code-projects Gym Management System In PHP and Windows NT 1.0. This vu… | 2026-05-04T01:16:05.207 | 2026-05-04T01:16:05.207 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-4h8f-84cr-w3fg |
|
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Kee… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:37Z |
| ghsa-2g4h-425m-78f8 |
|
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmsmac: Fix dma_free_c… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:37Z |
| ghsa-29w7-pv74-wpq7 |
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free… | 2026-04-24T15:32:37Z | 2026-04-24T15:32:37Z |
| ghsa-xx6p-pxpq-h557 |
|
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page pool le… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-vv8c-r99f-f6q8 |
|
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix page_pool er… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-q4rh-73g2-jf4j |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-q2xh-vwfq-mwpc |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count lea… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-pqj5-xfrj-pv58 |
|
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc repeat… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-p4pm-x7ch-5mvc |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading … | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-mw37-p938-g4hg |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authentica… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-jv6m-v86w-343p |
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer under… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-jp52-g472-3cpx |
|
In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: deallocate damo… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-gwvh-rgq7-hjcw |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb wh… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-gv6p-37ww-qhq7 |
|
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-f5xm-f2m7-vrg6 |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE … | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-f2r4-35m8-fgwm |
|
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-fre… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-cmpj-rg49-j7hv |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-cfpg-q83x-6923 |
|
In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return … | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-9m92-4vqv-mrj9 |
|
In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer de… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:36Z |
| ghsa-9grw-fpvr-3468 |
|
In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Ze… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:36Z |
| ghsa-9g7x-mw42-qjmh |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buff… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:36Z |
| ghsa-79jm-hgj4-5mpx |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix leak of rxgk contex… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:36Z |
| ghsa-76f4-xjp9-xcxc |
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb … | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-5vqj-w88j-2624 |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref i… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-5j64-84jf-59q3 |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-5fx9-vhx9-34xx |
|
In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPT_RT raw/bh sp… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-5fqc-9jpf-8wjm |
|
In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nr_pages calc… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-4xm4-6p23-gp97 |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-45qq-4p94-jp2v |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rx… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ghsa-24xp-grcx-7gv9 |
|
In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-fr… | 2026-04-24T15:32:36Z | 2026-04-24T15:32:36Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-56 |
4.3 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2024-256 |
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-12-03T16:15:24+00:00 | 2025-06-27T17:22:53.325430+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| pysec-2025-53 |
|
vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-51 |
|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-50 |
|
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2024-255 |
|
Gradio before 4.20 allows credential leakage on Windows. | gradio | 2024-05-05T20:15:07+00:00 | 2025-06-17T19:21:48.983901+00:00 |
| pysec-2024-254 |
4.2 (3.1)
|
A session fixation vulnerability exists in the zenml-io/zenml application, where JWT toke… | zenml | 2024-04-16T00:15:11+00:00 | 2025-06-13T00:48:41.806476+00:00 |
| pysec-2025-49 |
8.8 (3.1)
|
setuptools is a package that allows users to download, build, install, upgrade, and unins… | setuptools | 2025-05-17T16:15:19+00:00 | 2025-06-12T22:23:11.115559+00:00 |
| pysec-2025-48 |
9.8 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2025-03-31T17:15:42+00:00 | 2025-06-12T22:23:10.476087+00:00 |
| pysec-2024-253 |
|
pretix before 2024.1.1 mishandles file validation. | pretix | 2024-02-26T16:28:00+00:00 | 2025-06-11T15:23:51.683422+00:00 |
| pysec-2024-252 |
|
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in t… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T19:22:08.948962+00:00 |
| pysec-2024-251 |
|
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T03:12:59.077932+00:00 |
| pysec-2025-47 |
|
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-46 |
5.5 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri… | pypickle | 2025-05-26T08:15:19+00:00 | 2025-06-03T17:36:58.579358+00:00 |
| pysec-2025-45 |
7.8 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.… | pypickle | 2025-05-26T07:15:26+00:00 | 2025-06-03T17:36:58.528116+00:00 |
| pysec-2024-250 |
|
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csr… | torch | 2024-04-19T21:15:08+00:00 | 2025-06-03T15:23:56.072490+00:00 |
| pysec-2023-312 |
5.9 (3.1)
|
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b… | redis | 2023-07-15T23:15:09Z | 2025-06-02T11:48:06.372423Z |
| pysec-2025-44 |
|
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-43 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions sta… | vllm | 2025-05-29T17:15:21+00:00 | 2025-05-29T19:21:01.611587+00:00 |
| pysec-2025-42 |
9.8 (3.1)
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver… | vllm | 2025-04-30T01:15:51+00:00 | 2025-05-28T21:23:12.396609+00:00 |
| pysec-2025-41 |
9.8 (3.1)
|
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… | torch | 2025-04-18T16:15:23+00:00 | 2025-05-28T15:23:37.843138+00:00 |
| pysec-2025-40 |
7.5 (3.1)
|
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`… | transformers | 2025-05-19T12:15:19+00:00 | 2025-05-21T19:22:10.801823+00:00 |
| pysec-2024-249 |
6.1 (3.1)
|
### Summary On all Label Studio versions prior to 1.11.0, data imported via file upload f… | label-studio | 2024-02-22T22:15:47+00:00 | 2025-05-19T11:22:35.312280+00:00 |
| pysec-2024-248 |
7.8 (3.1)
|
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its … | opencanary | 2024-10-14T21:15:12+00:00 | 2025-05-16T14:23:05.150356+00:00 |
| pysec-2025-39 |
|
motionEye is an online interface for the software motion, a video surveillance program wi… | motioneye | 2025-05-14T16:15:29+00:00 | 2025-05-14T17:22:51.050788+00:00 |
| pysec-2025-38 |
|
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im… | ironic | 2025-05-08T17:16:01Z | 2025-05-13T04:24:03.083929Z |
| pysec-2024-247 |
9.9 (3.1)
|
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically… | zenml | 2024-04-16T00:15:11+00:00 | 2025-05-12T15:23:53.861001+00:00 |
| pysec-2025-37 |
|
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2… | django | 2025-05-08T04:17:18+00:00 | 2025-05-08T05:23:16.210893+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33874 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.959238Z |
| gsd-2024-33861 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.958057Z |
| gsd-2024-33850 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.952536Z |
| gsd-2024-33856 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.944669Z |
| gsd-2024-33870 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.943118Z |
| gsd-2024-33849 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.924449Z |
| gsd-2024-33854 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.916266Z |
| gsd-2024-33868 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.896638Z |
| gsd-2024-33881 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.886591Z |
| gsd-2024-33880 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.882744Z |
| gsd-2024-33877 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.871220Z |
| gsd-2024-33873 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.870402Z |
| gsd-2024-33859 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.867340Z |
| gsd-2024-33875 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.862083Z |
| gsd-2024-33878 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.850311Z |
| gsd-2024-33858 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.848478Z |
| gsd-2024-33872 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.839468Z |
| gsd-2024-33857 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.834866Z |
| gsd-2024-33853 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.825026Z |
| gsd-2024-33863 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.824810Z |
| gsd-2024-33852 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.824312Z |
| gsd-2024-33866 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.819755Z |
| gsd-2024-33867 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.808129Z |
| gsd-2024-33882 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.803998Z |
| gsd-2024-33871 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.800751Z |
| gsd-2024-33862 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.799465Z |
| gsd-2024-33864 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.792101Z |
| gsd-2024-33865 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.790923Z |
| gsd-2024-33869 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.784255Z |
| gsd-2024-33860 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.777612Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-3620 | Malicious code in github.com/BufferZoneCorp/config-loader (Go) | 2026-05-13T03:09:00Z | 2026-05-13T03:51:44Z |
| mal-2026-3637 | Malicious code in intercom-php (Packagist) | 2026-05-13T03:14:00Z | 2026-05-13T03:14:00Z |
| mal-2026-3653 | Malicious code in @design-system-coopeuch/web (npm) | 2026-05-13T02:46:17Z | 2026-05-13T02:46:17Z |
| mal-2026-3652 | Malicious code in supabase-javascript (npm) | 2026-05-13T00:00:00Z | 2026-05-13T00:00:00Z |
| mal-2026-3651 | Malicious code in ms-graph-types (npm) | 2026-05-13T00:00:00Z | 2026-05-13T00:00:00Z |
| mal-2026-3650 | Malicious code in microsoft-applicationinsights-common (npm) | 2026-05-13T00:00:00Z | 2026-05-13T00:00:00Z |
| mal-2026-3649 | Malicious code in iceberg-javascript (npm) | 2026-05-13T00:00:00Z | 2026-05-13T00:00:00Z |
| mal-2026-3648 | Malicious code in auth-javascript (npm) | 2026-05-13T00:00:00Z | 2026-05-13T00:00:00Z |
| mal-2026-3408 | Malicious code in textwrap-ext (PyPI) | 2026-05-09T20:16:27Z | 2026-05-12T21:58:01Z |
| mal-2026-3407 | Malicious code in textwrap-toolkit (PyPI) | 2026-05-09T19:14:44Z | 2026-05-12T21:58:01Z |
| mal-2026-3403 | Malicious code in textwrap-formatter (PyPI) | 2026-05-09T16:56:23Z | 2026-05-12T21:58:01Z |
| mal-2026-3396 | Malicious code in ninja-core-optimizer (PyPI) | 2026-05-08T14:04:00Z | 2026-05-12T21:58:01Z |
| mal-2026-3372 | Malicious code in ninja-core-utils (PyPI) | 2026-05-07T21:25:50Z | 2026-05-12T21:58:01Z |
| mal-2026-3619 | Malicious code in txwrap (PyPI) | 2026-05-12T21:40:10Z | 2026-05-12T21:40:10Z |
| mal-2026-3616 | Malicious code in afk-react-intl (npm) | 2026-05-12T19:05:40Z | 2026-05-12T19:05:40Z |
| mal-2026-3617 | Malicious code in katal-platform-versions (npm) | 2026-05-12T18:50:04Z | 2026-05-12T18:50:04Z |
| mal-2026-3615 | Malicious code in ai-spellcheckers (PyPI) | 2026-05-12T18:21:01Z | 2026-05-12T18:21:01Z |
| mal-2026-3461 | Malicious code in @tanstack/eslint-plugin-router (npm) | 2026-05-11T23:38:39Z | 2026-05-12T17:01:11Z |
| mal-2026-3614 | Malicious code in aoflmkt (npm) | 2026-05-12T16:35:41Z | 2026-05-12T16:35:41Z |
| mal-2026-3463 | Malicious code in @tanstack/history (npm) | 2026-05-11T23:39:34Z | 2026-05-12T13:57:30Z |
| mal-2026-3432 | Malicious code in @mistralai/mistralai (npm) | 2026-05-11T23:00:35Z | 2026-05-12T13:57:30Z |
| mal-2026-3613 | Malicious code in aoflcorp (npm) | 2026-05-12T12:10:42Z | 2026-05-12T12:10:42Z |
| mal-2026-3612 | Malicious code in jwscube (npm) | 2026-05-12T11:23:10Z | 2026-05-12T11:23:10Z |
| mal-2026-3611 | Malicious code in justenv (npm) | 2026-05-12T11:23:10Z | 2026-05-12T11:23:10Z |
| mal-2026-3618 | Malicious code in mimecast-web-components (npm) | 2026-05-12T11:03:22Z | 2026-05-12T11:03:22Z |
| mal-2026-3505 | Malicious code in ts-dna (npm) | 2026-05-12T00:24:26Z | 2026-05-12T07:30:46Z |
| mal-2026-3397 | Malicious code in tecken (npm) | 2026-05-08T14:55:34Z | 2026-05-12T07:30:46Z |
| mal-2026-3340 | Malicious code in trevlo (npm) | 2026-05-05T11:51:48Z | 2026-05-12T07:30:46Z |
| mal-2026-3315 | Malicious code in update-db (npm) | 2026-05-01T15:01:41Z | 2026-05-12T07:30:46Z |
| mal-2026-3314 | Malicious code in update-browserslist (npm) | 2026-05-01T15:01:09Z | 2026-05-12T07:30:46Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-java-2026-21932 | 2026-05-06T14:46:01.161Z | 2026-05-13T12:07:18.771Z | |
| bit-java-2026-21925 | 2026-05-06T14:45:59.793Z | 2026-05-13T12:07:18.771Z | |
| bit-java-2025-7425 | Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | 2026-05-06T14:45:49.607Z | 2026-05-13T12:07:18.771Z |
| bit-java-2025-61748 | 2026-05-06T14:45:46.797Z | 2026-05-13T12:07:18.771Z | |
| bit-java-2025-6052 | Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring | 2026-05-06T14:45:45.337Z | 2026-05-13T12:07:18.771Z |
| bit-java-2025-6021 | Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2 | 2026-05-06T14:45:43.734Z | 2026-05-13T12:07:18.771Z |
| bit-java-2025-53066 | 2026-05-06T14:45:42.187Z | 2026-05-13T12:07:18.771Z | |
| bit-java-2025-53057 | 2026-05-06T14:45:40.894Z | 2026-05-13T12:07:18.771Z | |
| bit-java-2025-47219 | 2026-05-06T14:45:35.623Z | 2026-05-13T12:07:18.771Z | |
| bit-grafana-2025-41117 | XSS in Grafana Explore stack trace | 2026-02-20T08:41:19.089Z | 2026-05-13T12:07:18.771Z |
| bit-golang-2025-22871 | Request smuggling due to acceptance of invalid chunked data in net/http | 2025-04-10T07:19:26.353Z | 2026-05-13T12:07:18.771Z |
| bit-golang-2023-44487 | 2024-03-06T10:53:14.274Z | 2026-05-13T12:07:18.771Z | |
| bit-envoy-2023-44487 | 2024-03-06T10:52:27.702Z | 2026-05-13T12:07:18.771Z | |
| bit-dotnet-2023-44487 | 2024-03-06T10:52:07.879Z | 2026-05-13T12:07:18.771Z | |
| bit-contour-2023-44487 | 2024-03-06T10:50:58.800Z | 2026-05-13T12:07:18.771Z | |
| bit-apisix-2023-44487 | 2024-03-06T10:50:34.863Z | 2026-05-13T12:07:18.771Z | |
| bit-mongodb-2026-4148 | ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators | 2026-05-13T08:10:48.611Z | 2026-05-13T08:39:31.580Z |
| bit-mongodb-2026-4147 | Stack memory disclosure in filemd5 command | 2026-05-13T08:10:45.999Z | 2026-05-13T08:39:31.580Z |
| bit-mongodb-2025-14345 | Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server | 2026-05-13T08:09:51.528Z | 2026-05-13T08:39:31.580Z |
| bit-thrift-2026-43870 | Apache Thrift: Node.js web_server.js multi-vulnerability | 2026-05-07T08:53:18.614Z | 2026-05-12T09:14:35.689Z |
| bit-thrift-2026-43869 | Apache Thrift: TSSLTransportFactory.java hostname verification | 2026-05-07T08:53:17.253Z | 2026-05-12T09:14:35.689Z |
| bit-thrift-2026-43868 | Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern | 2026-05-07T08:53:15.762Z | 2026-05-12T09:14:35.689Z |
| bit-pillow-2026-42311 | Pillow: OOB Write with Invalid PSD Tile Extents (Integer Overflow) | 2026-05-12T08:54:05.960Z | 2026-05-12T09:14:35.689Z |
| bit-pillow-2026-42310 | Pillow: PDF Parsing Trailer Infinite Loop (DoS) | 2026-05-12T08:54:04.533Z | 2026-05-12T09:14:35.689Z |
| bit-pillow-2026-42309 | Pillow: Heap buffer overflow with nested list coordinates | 2026-05-12T08:54:03.041Z | 2026-05-12T09:14:35.689Z |
| bit-pillow-2026-42308 | Pillow: Integer overflow when processing fonts | 2026-05-12T08:54:01.462Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-7568 | Signed integer overflow in metaphone() | 2026-05-12T08:56:11.806Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-7263 | DoS attack via DOMNode::C14N() | 2026-05-12T08:56:10.333Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-7262 | NULL pointer dereference in SOAP apache:Map decoder with missing <value> | 2026-05-12T08:56:08.827Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-7261 | SoapServer session-persisted object use-after-free via SOAP header fault | 2026-05-12T08:56:07.065Z | 2026-05-12T09:14:35.689Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-bb70412 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-22T00:41:59.291167Z | 2026-04-21T09:28:36Z |
| cleanstart-2026-lf33811 | In libexpat before 2 | 2026-04-22T00:40:28.653558Z | 2026-04-21T09:26:32Z |
| cleanstart-2026-lt06489 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-22T00:37:51.095485Z | 2026-04-21T07:42:07Z |
| cleanstart-2026-af45008 | When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers | 2026-04-21T00:40:00.550928Z | 2026-04-20T07:28:24Z |
| cleanstart-2026-ad31975 | Security fixes for ghsa-72hv-8253-57qq, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.5.6-r3 | 2026-04-21T00:36:59.139031Z | 2026-04-20T07:28:24Z |
| cleanstart-2026-dy53885 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-21T00:37:09.087233Z | 2026-04-20T05:52:44Z |
| cleanstart-2026-dk70097 | In libexpat before 2 | 2026-04-21T00:38:59.570153Z | 2026-04-20T05:52:44Z |
| cleanstart-2026-cp08056 | In libexpat before 2 | 2026-04-21T00:38:29.529453Z | 2026-04-20T05:52:44Z |
| cleanstart-2026-mw34654 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-18T00:36:20.394488Z | 2026-04-17T12:37:31Z |
| cleanstart-2026-js27352 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-18T00:36:20.590981Z | 2026-04-17T12:37:31Z |
| cleanstart-2026-bc44092 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-18T00:36:20.226066Z | 2026-04-17T12:37:31Z |
| cleanstart-2026-kf53276 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-17T00:38:05.902586Z | 2026-04-16T05:00:01Z |
| cleanstart-2026-gw37659 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-17T00:38:05.744772Z | 2026-04-16T05:00:01Z |
| cleanstart-2026-co09549 | In libexpat before 2 | 2026-04-17T00:39:07.237615Z | 2026-04-16T05:00:01Z |
| cleanstart-2026-ak18460 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-17T00:38:05.524563Z | 2026-04-16T05:00:01Z |
| cleanstart-2026-mn70386 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-16T00:37:18.538311Z | 2026-04-15T10:48:12Z |
| cleanstart-2026-io64153 | In libexpat before 2 | 2026-04-16T00:38:53.556040Z | 2026-04-15T10:48:12Z |
| cleanstart-2026-hh39661 | In libexpat before 2 | 2026-04-16T00:38:49.545664Z | 2026-04-15T10:48:12Z |
| cleanstart-2026-ez90321 | Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s... | 2026-04-16T00:40:49.655378Z | 2026-04-15T10:23:29Z |
| cleanstart-2026-cf62516 | Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s... | 2026-04-16T00:42:51.354420Z | 2026-04-15T10:18:15Z |
| cleanstart-2026-gn18755 | gRPC-Go is the Go language implementation of gRPC | 2026-04-16T00:38:55.766955Z | 2026-04-15T10:06:08Z |
| cleanstart-2026-bh97849 | gRPC-Go is the Go language implementation of gRPC | 2026-04-16T00:46:20.819037Z | 2026-04-15T10:00:00Z |
| cleanstart-2026-an01004 | filippo | 2026-04-16T00:44:50.314232Z | 2026-04-15T09:36:13Z |
| cleanstart-2026-jz43336 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-16T00:45:49.932786Z | 2026-04-15T09:24:00Z |
| cleanstart-2026-iy92636 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-04-16T00:46:49.187187Z | 2026-04-15T09:17:00Z |
| cleanstart-2026-ks09647 | Axios is a promise based HTTP client for the browser and Node | 2026-04-16T00:55:51.498867Z | 2026-04-15T07:43:47Z |
| cleanstart-2026-dr81473 | HashiCorp’s go-getter library up to v1 | 2026-04-16T00:55:21.838513Z | 2026-04-15T06:15:46Z |
| cleanstart-2026-cr55131 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-16T01:01:17.387205Z | 2026-04-15T04:54:42Z |
| cleanstart-2026-fb07695 | When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint | 2026-04-15T00:45:38.848496Z | 2026-04-14T11:38:13Z |
| cleanstart-2026-mp87020 | If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources | 2026-04-15T00:39:08.262212Z | 2026-04-14T11:37:13Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2026-003 | 2026-01-14T17:55:41.000Z | 2026-01-14T17:55:41.000Z | |
| drupal-contrib-2026-002 | 2026-01-14T17:54:33.000Z | 2026-01-14T17:54:33.000Z | |
| drupal-contrib-2026-001 | 2026-01-14T17:53:33.000Z | 2026-01-14T17:53:33.000Z | |
| drupal-contrib-2025-126 | 2025-12-17T17:47:13.000Z | 2025-12-17T17:47:13.000Z | |
| drupal-contrib-2025-125 | 2025-12-10T17:53:01.000Z | 2025-12-10T19:09:57.000Z | |
| drupal-contrib-2025-119 | 2025-12-03T18:48:23.000Z | 2025-12-03T19:05:53.000Z | |
| drupal-contrib-2025-124 | 2025-12-03T18:49:57.000Z | 2025-12-03T18:49:57.000Z | |
| drupal-contrib-2025-123 | 2025-12-03T18:49:40.000Z | 2025-12-03T18:49:40.000Z | |
| drupal-contrib-2025-122 | 2025-12-03T18:49:18.000Z | 2025-12-03T18:49:18.000Z | |
| drupal-contrib-2025-121 | 2025-12-03T18:48:57.000Z | 2025-12-03T18:48:57.000Z | |
| drupal-contrib-2025-120 | 2025-12-03T18:48:37.000Z | 2025-12-03T18:48:37.000Z | |
| drupal-contrib-2025-118 | 2025-12-03T18:48:10.000Z | 2025-12-03T18:48:10.000Z | |
| drupal-contrib-2025-117 | 2025-12-03T18:47:37.000Z | 2025-12-03T18:47:37.000Z | |
| drupal-contrib-2025-088 | 2025-07-09T16:37:40.000Z | 2025-11-22T09:22:47.000Z | |
| drupal-contrib-2025-116 | 2025-11-05T18:09:13.000Z | 2025-11-05T18:09:13.000Z | |
| drupal-contrib-2025-115 | 2025-11-05T18:08:01.000Z | 2025-11-05T18:08:01.000Z | |
| drupal-contrib-2025-114 | 2025-10-29T16:44:39.000Z | 2025-10-29T20:15:52.000Z | |
| drupal-contrib-2025-113 | 2025-10-22T16:35:12.000Z | 2025-10-22T16:35:12.000Z | |
| drupal-contrib-2025-112 | 2025-10-22T16:34:46.000Z | 2025-10-22T16:34:46.000Z | |
| drupal-contrib-2025-111 | 2025-09-24T17:28:05.000Z | 2025-09-24T17:28:05.000Z | |
| drupal-contrib-2025-110 | 2025-09-24T17:27:41.000Z | 2025-09-24T17:27:41.000Z | |
| drupal-contrib-2025-109 | 2025-09-24T17:27:33.000Z | 2025-09-24T17:27:33.000Z | |
| drupal-contrib-2025-108 | 2025-09-24T17:27:20.000Z | 2025-09-24T17:27:20.000Z | |
| drupal-contrib-2025-107 | 2025-09-24T17:18:08.000Z | 2025-09-24T17:18:08.000Z | |
| drupal-contrib-2025-106 | 2025-09-24T17:16:20.000Z | 2025-09-24T17:16:20.000Z | |
| drupal-contrib-2025-101 | 2025-08-27T17:19:59.000Z | 2025-09-03T18:55:46.000Z | |
| drupal-contrib-2025-097 | 2025-08-13T17:33:34.000Z | 2025-09-03T18:53:10.000Z | |
| drupal-contrib-2025-105 | 2025-09-03T16:15:48.000Z | 2025-09-03T16:15:48.000Z | |
| drupal-contrib-2025-100 | 2025-08-27T17:19:45.000Z | 2025-08-27T17:23:11.000Z | |
| drupal-contrib-2025-104 | 2025-08-27T17:20:41.000Z | 2025-08-27T17:20:41.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-010300 | Multiple Vulnerabilities in Hitachi Ops Center Viewpoint | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010299 | Multiple Vulnerabilities in Hitachi Ops Center Common Services | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-009720 | Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) | 2026-04-02T14:58+09:00 | 2026-04-03T15:50+09:00 |
| jvndb-2026-000049 | Multiple vulnerabilities in NEC Aterm series (NV26-001) | 2026-04-03T15:09+09:00 | 2026-04-03T15:09+09:00 |
| jvndb-2026-009412 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009411 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009410 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009409 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009408 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009406 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009147 | Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2026-03-27T18:18+09:00 | 2026-03-27T18:18+09:00 |
| jvndb-2026-009148 | Open Redirect Vulnerability in Hitachi Ops Center Administrator | 2026-03-27T18:17+09:00 | 2026-03-27T18:17+09:00 |
| jvndb-2026-000047 | Multiple vulnerabilities in baserCMS | 2026-03-27T18:00+09:00 | 2026-03-27T18:00+09:00 |
| jvndb-2026-000045 | WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting | 2026-03-27T17:34+09:00 | 2026-03-27T17:34+09:00 |
| jvndb-2026-000046 | Multiple vulnerabilities in BUFFALO Wi-Fi routers | 2026-03-27T17:18+09:00 | 2026-03-27T17:18+09:00 |
| jvndb-2026-000044 | Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000042 | Digital Photo Frame GH-WDF10A vulnerable to improper access restriction | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000043 | SHARP routers missing authentication for some web APIs | 2026-03-25T18:41+09:00 | 2026-03-25T18:41+09:00 |
| jvndb-2026-000040 | Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries | 2026-03-25T18:13+09:00 | 2026-03-25T18:13+09:00 |
| jvndb-2026-000041 | SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths | 2026-03-25T17:58+09:00 | 2026-03-25T17:58+09:00 |
| jvndb-2026-007524 | Vulnerability in Hitachi Command Suite | 2026-03-17T16:42+09:00 | 2026-03-17T16:42+09:00 |
| jvndb-2026-000038 | Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries | 2026-03-17T14:57+09:00 | 2026-03-17T14:57+09:00 |
| jvndb-2026-000039 | Missing authorization in the OpenAI thread/message API endpoints of GROWI | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-000037 | OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-006887 | Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 | 2026-03-12T17:22+09:00 | 2026-03-12T17:22+09:00 |
| jvndb-2026-000036 | Improper file access permission settings in multiple Digital Arts products | 2026-03-09T14:57+09:00 | 2026-03-09T16:23+09:00 |
| jvndb-2026-000035 | Installer for Qsee Client may insecurely load Dynamic Link Libraries | 2026-03-09T14:57+09:00 | 2026-03-09T14:57+09:00 |
| jvndb-2026-006102 | Security issues in ESC/POS | 2026-03-06T10:31+09:00 | 2026-03-06T10:31+09:00 |
| jvndb-2026-000034 | django-allauth vulnerable to open redirect | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000033 | EC-CUBE vulnerable to multi-factor authentication bypass | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ts-2022-005 | TS-2022-005 | 2022-11-21T00:00 |
| ts-2022-004 | TS-2022-004 | 2022-11-21T00:00 |
| ts-2022-003 | TS-2022-003 | 2022-06-14T00:00 |
| ts-2022-002 | TS-2022-002 | 2022-05-11T00:00 |
| ts-2022-001 | TS-2022-001 | 2022-02-07T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-18818 | TOTOLINK A3300R hour参数命令注入漏洞 | 2026-04-24 | 2026-04-29 |
| cnvd-2026-18817 | TOTOLINK A3300R mode参数命令注入漏洞 | 2026-04-24 | 2026-04-29 |
| cnvd-2026-18815 | TOTOLINK A3300R week参数命令注入漏洞 | 2026-04-24 | 2026-04-29 |
| cnvd-2026-18803 | TOTOLINK A3300R stunServerAddr参数操作系统命令注入漏洞 | 2026-04-24 | 2026-04-29 |
| cnvd-2026-18816 | TOTOLINK A3300R recHour参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18814 | TOTOLINK A3300R user参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18813 | TOTOLINK A3300R interval参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18809 | TOTOLINK A3300R informEnable参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18808 | TOTOLINK A3300R stunEnable参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18807 | TOTOLINK A3300R stun_user参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18806 | TOTOLINK A3300R stunMinAlive参数命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18805 | TOTOLINK A3300R stunMaxAlive参数操作系统命令注入漏洞 | 2026-04-24 | 2026-04-28 |
| cnvd-2026-18802 | Huawei HarmonyOS设备安全管理模块竞争条件漏洞 | 2026-03-09 | 2026-04-28 |
| cnvd-2026-18801 | Huawei HarmonyOS窗口模块双重释放漏洞 | 2026-03-09 | 2026-04-28 |
| cnvd-2026-18800 | Huawei HarmonyOS打印模块竞争条件漏洞(CNVD-2026-18800) | 2026-03-09 | 2026-04-28 |
| cnvd-2026-18799 | Huawei HarmonyOS扫描模块缓冲区溢出漏洞 | 2026-03-12 | 2026-04-28 |
| cnvd-2026-18798 | Huawei HarmonyOS打印模块竞争条件漏洞 | 2026-03-12 | 2026-04-28 |
| cnvd-2026-18797 | Huawei HarmonyOS屏幕管理模块内存错误引用漏洞 | 2026-04-14 | 2026-04-28 |
| cnvd-2026-18796 | Huawei HarmonyOS通知服务竞争条件漏洞 | 2026-04-14 | 2026-04-28 |
| cnvd-2026-18795 | Huawei HarmonyOS事件通知模块竞争条件漏洞 | 2026-04-14 | 2026-04-28 |
| cnvd-2026-18794 | Google Chrome安全绕过漏洞(CNVD-2026-18794) | 2026-03-04 | 2026-04-28 |
| cnvd-2026-18793 | Google Chrome安全绕过漏洞(CNVD-2026-18793) | 2026-03-04 | 2026-04-28 |
| cnvd-2026-18792 | Google Chrome安全绕过漏洞(CNVD-2026-18792) | 2026-03-04 | 2026-04-28 |
| cnvd-2026-18791 | Google Chrome代码执行漏洞(CNVD-2026-18791) | 2026-03-04 | 2026-04-28 |
| cnvd-2026-18790 | Google Android权限绕过漏洞 | 2026-03-06 | 2026-04-28 |
| cnvd-2026-18789 | Google Android存在未明漏洞(CNVD-2026-18789) | 2026-03-06 | 2026-04-28 |
| cnvd-2026-18788 | Google Android越界写入漏洞(CNVD-2026-18788) | 2026-03-06 | 2026-04-28 |
| cnvd-2026-18787 | Google Android信息泄露漏洞(CNVD-2026-18787) | 2026-03-06 | 2026-04-28 |
| cnvd-2026-18786 | Google Android权限提升漏洞(CNVD-2026-18786) | 2026-03-06 | 2026-04-28 |
| cnvd-2026-18785 | Google Android权限管理不当漏洞 | 2026-03-06 | 2026-04-28 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01814 | Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01813 | Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01812 | Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01811 | Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01810 | Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01809 | Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01808 | Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01807 | Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01806 | Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01805 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01804 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01803 | Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01802 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01801 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01800 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01799 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01798 | Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01797 | Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01796 | Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01795 | Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01794 | Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01792 | Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… | 13.02.2026 | 16.02.2026 |
| bdu:2026-01727 | Уязвимость функции оценки избирательности расширения Intarray системы управления базами д… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01726 | Уязвимость функции обработки типов данных oidvector системы управления базами данных Post… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01724 | Уязвимость компонента pg_trgm системы управления базами данных PostgreSQL, позволяющая на… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01723 | Уязвимость системы управления базами данных PostgreSQL, связанная с неверным индексирован… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01722 | Уязвимость компонента pgcrypto системы управления базами данных PostgreSQL, позволяющая н… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01017 | Уязвимость ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код | 30.01.2026 | 16.02.2026 |
| bdu:2025-15831 | Уязвимость программного обеспечения для настройки безопасности astra-safepolicy, связанна… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15830 | Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0542 | Multiples vulnérabilités dans Progress Telerik | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0541 | Multiples vulnérabilités dans Zabbix | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0540 | Multiples vulnérabilités dans VMware Tanzu Gemfire | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0539 | Multiples vulnérabilités dans Juniper Networks Secure Analytics | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0538 | Multiples vulnérabilités dans Asterisk | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0537 | Vulnérabilité dans Palo Alto Networks User-ID Authentication Portal | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0536 | Multiples vulnérabilités dans Redis | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0535 | Multiples vulnérabilités dans Google Chrome | 2026-05-06T00:00:00.000000 | 2026-05-06T00:00:00.000000 |
| certfr-2026-avi-0534 | Vulnérabilité dans Google Android | 2026-05-05T00:00:00.000000 | 2026-05-05T00:00:00.000000 |
| certfr-2026-avi-0533 | Multiples vulnérabilités dans Papercut | 2026-05-05T00:00:00.000000 | 2026-05-05T00:00:00.000000 |
| certfr-2026-avi-0532 | Multiples vulnérabilités dans Progress MOVEit Automation | 2026-05-05T00:00:00.000000 | 2026-05-05T00:00:00.000000 |
| certfr-2026-avi-0531 | Vulnérabilité dans Traefik | 2026-05-05T00:00:00.000000 | 2026-05-05T00:00:00.000000 |
| certfr-2026-avi-0530 | Multiples vulnérabilités dans Apache HTTP Server | 2026-05-05T00:00:00.000000 | 2026-05-05T00:00:00.000000 |
| certfr-2026-avi-0529 | Multiples vulnérabilités dans Mozilla Thunderbird | 2026-05-04T00:00:00.000000 | 2026-05-04T00:00:00.000000 |
| certfr-2026-avi-0528 | Vulnérabilité dans Qnap QTS | 2026-05-04T00:00:00.000000 | 2026-05-04T00:00:00.000000 |
| certfr-2026-avi-0527 | Multiples vulnérabilités dans VMware Tanzu Kubernetes Runtime | 2026-05-04T00:00:00.000000 | 2026-05-04T00:00:00.000000 |
| certfr-2026-avi-0526 | Multiples vulnérabilités dans les produits Microsoft | 2026-05-04T00:00:00.000000 | 2026-05-04T00:00:00.000000 |
| certfr-2026-avi-0525 | Multiples vulnérabilités dans Microsoft Edge | 2026-05-04T00:00:00.000000 | 2026-05-04T00:00:00.000000 |
| certfr-2026-avi-0524 | Multiples vulnérabilités dans Exim | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0523 | Multiples vulnérabilités dans les produits IBM | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0522 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0521 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0520 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0519 | Multiples vulnérabilités dans Microsoft Azure Linux | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0518 | Multiples vulnérabilités dans Wireshark | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0517 | Multiples vulnérabilités dans les produits SonicWall | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0516 | Vulnérabilité dans les produits Netgate | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0515 | Multiples vulnérabilités dans MISP | 2026-04-30T00:00:00.000000 | 2026-04-30T00:00:00.000000 |
| certfr-2026-avi-0514 | Multiples vulnérabilités dans Curl | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0513 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-ale-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways | 2024-01-11T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-002 | [MàJ] Multiples Vulnérabilités dans GitLab | 2024-01-12T00:00:00.000000 | 2024-02-22T00:00:00.000000 |
| certfr-2023-ale-013 | Vulnérabilité dans Apache Struts 2 | 2023-12-13T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-012 | [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2023-10-23T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-011 | [MàJ] Multiples vulnérabilités dans Cisco IOS XE | 2023-10-17T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-010 | Multiples vulnérabilités dans Exim | 2023-10-02T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2023-ale-008 | [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2023-07-19T00:00:00.000000 | 2024-01-02T00:00:00.000000 |
| certfr-2023-ale-007 | [MàJ] Vulnérabilité dans Zimbra Collaboration Suite | 2023-07-17T00:00:00.000000 | 2024-01-02T00:00:00.000000 |
| certfr-2023-ale-006 | Vulnérabilité dans les produits Microsoft | 2023-12-12T00:00:00.000000 | 2023-07-12T00:00:00.000000 |
| certfr-2023-ale-009 | [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile | 2023-07-26T00:00:00.000000 | 2023-09-15T00:00:00.000000 |
| certfr-2023-ale-005 | Synthèse sur l'exploitation d'une vulnérabilité dans MOVEit Transfer | 2023-07-05T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2023-ale-004 | Vulnérabilité dans les produits Fortinet | 2023-06-13T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2022-ale-014 | Multiples vulnérabilités dans AMI MegaRAC | 2022-12-16T00:00:00.000000 | 2023-09-11T00:00:00.000000 |
| certfr-2023-ale-002 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2023-03-15T00:00:00.000000 | 2023-05-11T00:00:00.000000 |
| certfr-2023-ale-003 | [MàJ] Compromission de l'application 3CX Desktop App | 2023-03-31T00:00:00.000000 | 2023-04-12T00:00:00.000000 |
| certfr-2023-ale-015 | [MàJ] Campagne d'exploitation d'une vulnérabilité affectant VMware ESXi | 2023-02-03T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2023-ale-001 | Vulnérabilité dans Fortinet FortiOS | 2023-03-14T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-013 | [MàJ] Vulnérabilité dans Citrix ADC et Gateway | 2022-12-13T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-010 | Multiples vulnérabilités dans GLPI | 2022-10-07T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-009 | [MaJ] Vulnérabilité dans Zimbra Collaboration | 2022-10-07T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-008 | [MaJ] Multiples vulnérabilités dans Microsoft Exchange | 2022-09-30T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-007 | Multiples vulnérabilités dans Microsoft Windows | 2022-09-16T00:00:00.000000 | 2023-03-14T00:00:00.000000 |
| certfr-2022-ale-012 | [MàJ] Vulnérabilité dans FortiOS SSL-VPN | 2022-12-13T00:00:00.000000 | 2022-12-20T00:00:00.000000 |
| certfr-2022-ale-011 | Vulnérabilité dans les produits Fortinet | 2022-10-14T00:00:00.000000 | 2022-10-14T00:00:00.000000 |
| certfr-2022-ale-006 | [MàJ] Vulnérabilité dans Atlassian Confluence | 2022-06-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-002 | Vulnérabilité dans VMware Spring Cloud Gateway | 2022-03-03T00:00:00.000000 | 2022-10-07T00:00:00.000000 |
| certfr-2022-ale-005 | [MàJ] Vulnérabilité dans Microsoft Windows | 2022-05-31T00:00:00.000000 | 2022-09-16T00:00:00.000000 |
| certfr-2022-ale-004 | Vulnérabilité dans F5 BIG-IP | 2022-05-11T00:00:00.000000 | 2022-09-16T00:00:00.000000 |
| certfr-2022-ale-003 | [MàJ] Vulnérabilité dans l'implémentation du protocole RPC par Microsoft | 2022-04-13T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2023-307 | Heap-buffer-overflow in bit_read_BB | 2023-04-13T14:02:09.774988Z | 2026-05-07T14:17:01.342020Z |
| osv-2022-714 | Heap-buffer-overflow in dynapi_set_helper | 2022-08-15T00:00:47.794062Z | 2026-05-07T14:13:31.834583Z |
| osv-2022-653 | Heap-double-free in dwg_free_common_entity_data | 2022-07-30T00:01:52.491112Z | 2026-05-07T14:13:24.635002Z |
| osv-2022-1259 | Heap-buffer-overflow in dwg_decode_INSERT_private | 2022-12-13T13:00:46.870838Z | 2026-05-07T14:10:02.070092Z |
| osv-2022-1198 | Heap-buffer-overflow in dwg_json_LTYPE | 2022-11-23T13:02:06.623044Z | 2026-05-07T14:09:47.448031Z |
| osv-2022-1176 | Heap-double-free in dwg_free | 2022-11-18T13:00:26.857477Z | 2026-05-07T14:08:05.880700Z |
| osv-2022-1165 | Heap-buffer-overflow in parse_content_length | 2022-11-12T13:00:05.964113Z | 2026-05-07T14:07:27.321654Z |
| osv-2021-1343 | Heap-buffer-overflow in get_next_owned_entity | 2021-09-21T00:01:33.177403Z | 2026-05-07T14:07:09.424954Z |
| osv-2022-400 | Heap-double-free in dwg_free_XRECORD_private | 2022-05-08T00:00:40.782520Z | 2026-05-07T14:07:07.574564Z |
| osv-2021-1086 | Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 | 2021-08-02T00:00:31.888461Z | 2026-05-07T14:07:06.078048Z |
| osv-2022-388 | Segv on unknown address in dwg_ref_get_object | 2022-05-01T00:01:54.904711Z | 2026-05-07T14:07:03.424302Z |
| osv-2022-379 | Segv on unknown address in bit_write_TV | 2022-04-27T00:00:44.539231Z | 2026-05-07T14:07:00.834986Z |
| osv-2022-372 | Heap-buffer-overflow in dwg_encode_VERTEX_2D | 2022-04-26T00:00:09.352798Z | 2026-05-07T14:04:57.284808Z |
| osv-2024-719 | Heap-buffer-overflow in hevc_ref_pic_lists_modification | 2024-08-07T00:05:22.699506Z | 2026-05-06T14:47:57.671872Z |
| osv-2024-695 | Stack-buffer-overflow in gf_vvc_parse_nalu_bs | 2024-07-31T00:02:35.217594Z | 2026-05-06T14:46:48.762980Z |
| osv-2024-664 | Heap-buffer-overflow in gf_dash_group_get_template | 2024-07-18T00:13:55.576218Z | 2026-05-06T14:44:38.886623Z |
| osv-2024-659 | Index-out-of-bounds in gf_vvc_parse_nalu_bs | 2024-07-18T00:01:18.765548Z | 2026-05-06T14:43:22.128420Z |
| osv-2026-76 | Security exception in org.htmlunit.cyberneko.HTMLTagBalancer.endElement | 2026-01-18T00:02:11.715201Z | 2026-05-06T14:36:18.326705Z |
| osv-2022-1235 | Heap-buffer-overflow in _rrparse | 2022-12-04T13:00:30.303410Z | 2026-05-06T14:23:13.848368Z |
| osv-2022-882 | Use-of-uninitialized-value in SfxEntry::test_condition | 2022-09-11T00:01:48.463118Z | 2026-05-05T14:11:40.775630Z |
| osv-2024-680 | Security exception in com.github.javaparser.GeneratedJavaParser.Expression | 2024-07-26T00:06:29.761307Z | 2026-05-04T14:22:08.224431Z |
| osv-2024-675 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-07-24T00:07:37.523933Z | 2026-05-04T14:21:28.619874Z |
| osv-2024-662 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-07-18T00:06:40.832938Z | 2026-05-04T14:21:15.393865Z |
| osv-2024-248 | Security exception in com.github.javaparser.CommentsInserter.insertComments | 2024-04-10T00:06:40.907073Z | 2026-05-04T14:19:23.695308Z |
| osv-2024-195 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-03-24T00:14:24.746452Z | 2026-05-04T14:18:35.195926Z |
| osv-2023-606 | Heap-buffer-overflow in ZSTD_decompressMultiFrame | 2023-07-23T14:01:02.159160Z | 2026-05-04T14:15:29.176008Z |
| osv-2023-1350 | Heap-buffer-overflow in inflate | 2023-12-23T00:12:38.562149Z | 2026-05-04T14:15:26.036213Z |
| osv-2023-319 | Heap-buffer-overflow in ZSTD_decompressSequencesLong_bmi2 | 2023-04-16T14:01:58.406534Z | 2026-05-04T14:14:52.268260Z |
| osv-2022-1134 | Heap-buffer-overflow in ndlz8_decompress | 2022-11-04T00:02:11.463429Z | 2026-05-04T14:09:28.582818Z |
| osv-2024-85 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-02-08T00:13:58.690460Z | 2026-05-04T14:09:11.112779Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2026-0107 | `mysten-metrics` was removed from crates.io for malicious code | 2026-04-22T12:00:00Z | 2026-05-06T06:32:50Z |
| rustsec-2026-0113 | `unpack_in` can chmod arbitrary directories by following symlinks | 2026-04-27T12:00:00Z | 2026-04-28T13:17:23Z |
| rustsec-2026-0112 | PAX Header Desynchronization in astral-tokio-tar | 2026-04-27T12:00:00Z | 2026-04-28T13:17:23Z |
| rustsec-2026-0103 | Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics | 2026-04-14T12:00:00Z | 2026-04-27T20:28:03Z |
| rustsec-2026-0105 | core2 is unmaintained, all versions yanked | 2026-04-14T12:00:00Z | 2026-04-25T15:01:07Z |
| rustsec-2026-0078 | Symbol confusion after hasher panic in `intaglio` interners | 2026-03-30T12:00:00Z | 2026-04-25T07:25:22Z |
| rustsec-2023-0071 | Marvin Attack: potential key recovery through timing sidechannels | 2023-11-22T12:00:00Z | 2026-04-25T06:40:09Z |
| rustsec-2026-0110 | bare-metal is deprecated | 2026-04-23T12:00:00Z | 2026-04-24T09:37:01Z |
| rustsec-2026-0106 | Record cache accepts AUTHORITY section NS from sibling zone via parent-pool zone-context elevation | 2026-04-22T12:00:00Z | 2026-04-22T19:53:31Z |
| rustsec-2026-0104 | Reachable panic in certificate revocation list parsing | 2026-04-22T12:00:00Z | 2026-04-22T08:56:10Z |
| rustsec-2026-0097 | Rand is unsound with a custom logger using `rand::rng()` | 2026-04-09T12:00:00Z | 2026-04-17T15:55:25Z |
| rustsec-2026-0102 | `microsoftsystem64` was removed from crates.io for malicious code | 2026-04-13T12:00:00Z | 2026-04-15T21:38:09Z |
| rustsec-2026-0101 | `safe-agent-rs` was removed from crates.io for being affiliated with malicious code | 2026-04-13T12:00:00Z | 2026-04-15T21:38:09Z |
| rustsec-2026-0100 | `pretty-changelog-logger` was removed from crates.io for malicious code | 2026-04-13T12:00:00Z | 2026-04-15T21:38:09Z |
| rustsec-2026-0099 | Name constraints were accepted for certificates asserting a wildcard name | 2026-04-14T12:00:00Z | 2026-04-15T09:57:12Z |
| rustsec-2026-0098 | Name constraints for URI names were incorrectly accepted | 2026-04-14T12:00:00Z | 2026-04-15T07:36:20Z |
| rustsec-2025-0161 | libsecp256k1 is unmaintained | 2025-01-14T12:00:00Z | 2026-04-14T11:24:03Z |
| rustsec-2026-0096 | Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0095 | Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0094 | Improperly masked return value from `table.grow` with Winch compiler backend | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0093 | Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0092 | Panic when transcoding misaligned component model UTF-16 strings | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0091 | Out-of-bounds write or crash when transcoding component model strings | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0090 | Use-after-free bug after cloning `wasmtime::Linker` | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0089 | Host panic when Winch compiler executes `table.fill` | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0088 | Data leakage between pooling allocator instances | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0087 | Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64 | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0086 | Host data leakage with 64-bit tables and Winch | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0085 | Panic when lifting `flags` component value | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0084 | `logprinter` was removed from crates.io for malicious code | 2026-04-09T12:00:00Z | 2026-04-09T11:23:07Z |