Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-43859 |
3.7 (3.1)
|
mutt before 2.3.2 sometimes uses strfcpy instead … |
mutt |
mutt |
2026-05-04T05:41:07.610Z | 2026-05-04T12:49:47.783Z |
| CVE-2026-3833 |
6.5 (3.1)
|
Gnutls: gnutls: policy bypass due to case-sensitive na… |
|
|
2026-04-30T17:37:05.818Z | 2026-05-04T12:49:43.936Z |
| CVE-2026-7735 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
osrg GoBGP AIGP Attribute bgp.go PathAttributeAigp.Dec… |
osrg |
GoBGP |
2026-05-04T05:15:11.921Z | 2026-05-04T12:49:04.665Z |
| CVE-2026-7739 |
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
|
justdan96 tsMuxer hevc.cpp setFPS denial of service |
justdan96 |
tsMuxer |
2026-05-04T06:15:11.339Z | 2026-05-04T12:48:41.801Z |
| CVE-2026-7647 |
8.1 (3.1)
|
Profile Builder Pro <= 3.14.5 - Unauthenticated PHP Ob… |
Cozmoslabs |
Profile Builder Pro |
2026-05-02T05:29:30.319Z | 2026-05-04T12:48:13.345Z |
| CVE-2026-5112 |
7.2 (3.1)
|
Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross… |
Gravity Forms |
Gravity Forms |
2026-05-02T05:29:28.846Z | 2026-05-04T12:47:31.518Z |
| CVE-2026-7745 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
CodeAstro Online Classroom facultydetails sql injection |
CodeAstro |
Online Classroom |
2026-05-04T07:45:11.285Z | 2026-05-04T12:47:29.054Z |
| CVE-2026-7741 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
CodeAstro Online Classroom studentlogin sql injection |
CodeAstro |
Online Classroom |
2026-05-04T06:45:11.689Z | 2026-05-04T12:46:32.316Z |
| CVE-2026-6963 |
8.8 (3.1)
|
WP Mail Gateway <= 1.8 - Missing Authorization to Auth… |
shahariaazam |
WP Mail Gateway |
2026-05-02T04:27:45.687Z | 2026-05-04T12:46:11.007Z |
| CVE-2026-7209 |
6.4 (3.1)
|
Simple Link Directory <= 8.9.2 - Authenticated (Contri… |
quantumcloud |
Simple Link Directory |
2026-05-02T03:36:43.260Z | 2026-05-04T12:45:30.248Z |
| CVE-2026-43861 |
3.7 (3.1)
|
mutt before 2.3.2 does not check for '\0' in url_… |
mutt |
mutt |
2026-05-04T05:52:59.642Z | 2026-05-04T12:45:20.875Z |
| CVE-2026-7602 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
JeecgBoot FillRuleUtil edit improper authorization |
n/a |
JeecgBoot |
2026-05-02T03:15:12.820Z | 2026-05-04T12:44:49.809Z |
| CVE-2025-14320 |
9.8 (3.1)
|
XSS in Tegsoft's Online Support Application |
Tegsoft Management and Information Services Trade Limited Company |
Online Support Application |
2026-05-04T07:41:35.813Z | 2026-05-04T12:44:35.681Z |
| CVE-2026-7747 |
9.3 (4.0)
9.8 (3.1)
9.8 (3.0)
|
Totolink N300RH Parameter cstecgi.cgi loginauth buffer… |
Totolink |
N300RH |
2026-05-04T08:15:14.596Z | 2026-05-04T12:43:29.421Z |
| CVE-2026-3120 |
7.2 (3.1)
|
RCE in Profelis Informatics' SambaBox |
Profelis Information and Consulting Trade and Industry Limited Company |
SambaBox |
2026-05-04T11:53:27.437Z | 2026-05-04T12:42:30.558Z |
| CVE-2026-34059 |
N/A
|
Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and … |
Apache Software Foundation |
Apache HTTP Server |
2026-05-04T12:39:42.273Z | 2026-05-04T12:39:42.273Z |
| CVE-2026-34001 |
7.8 (3.1)
|
Xorg: xwayland: x.org x server: use-after-free vulnera… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-04-23T14:54:00.333Z | 2026-05-04T12:38:28.663Z |
| CVE-2026-34003 |
7.8 (3.1)
|
Xorg: xwayland: x.org x server: information exposure a… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-04-23T14:54:05.479Z | 2026-05-04T12:38:28.602Z |
| CVE-2026-33999 |
7.8 (3.1)
|
Xorg: xwayland: x.org x server: denial of service via … |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-04-23T14:53:59.414Z | 2026-05-04T12:38:28.558Z |
| CVE-2026-7482 |
9.1 (3.1)
8.8 (4.0)
|
Ollama heap out-of-bounds read in GGUF tensor parsing … |
ollama |
ollama |
2026-05-04T12:38:28.464Z | 2026-05-04T12:38:28.464Z |
| CVE-2026-24072 |
N/A
|
Apache HTTP Server: mod_rewrite elevation of privilege… |
Apache Software Foundation |
Apache HTTP Server |
2026-05-04T12:37:57.673Z | 2026-05-04T12:37:57.673Z |
| CVE-2026-35352 |
7 (3.1)
|
uutils coreutils mkfifo Privilege Escalation via TOCTO… |
Uutils |
coreutils |
2026-04-22T16:08:07.422Z | 2026-05-04T11:35:02.635Z |
| CVE-2026-7723 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
PrefectHQ prefect WebSocket Endpoint in missing authen… |
PrefectHQ |
prefect |
2026-05-04T02:30:18.099Z | 2026-05-04T11:34:08.175Z |
| CVE-2026-7717 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Totolink WA300 POST Request cstecgi.cgi UploadCustomMo… |
Totolink |
WA300 |
2026-05-04T01:00:23.203Z | 2026-05-04T11:33:35.250Z |
| CVE-2026-7730 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
privsim mcp-test-runner MCP index.ts child_process.spa… |
privsim |
mcp-test-runner |
2026-05-04T04:00:19.191Z | 2026-05-04T10:59:44.627Z |
| CVE-2026-7736 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
osrg GoBGP mrt.go parseRibEntry integer underflow |
osrg |
GoBGP |
2026-05-04T05:30:16.444Z | 2026-05-04T10:37:55.302Z |
| CVE-2026-7742 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
CodeAstro Online Classroom facultylogin sql injection |
CodeAstro |
Online Classroom |
2026-05-04T07:00:15.853Z | 2026-05-04T10:33:28.119Z |
| CVE-2026-7748 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Totolink N300RH POST Request cstecgi.cgi setUpgradeFW … |
Totolink |
N300RH |
2026-05-04T08:30:14.631Z | 2026-05-04T10:32:32.518Z |
| CVE-2026-7601 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
Open5GS AMF gmm-handler.c denial of service |
n/a |
Open5GS |
2026-05-02T02:00:17.083Z | 2026-05-04T09:08:48.573Z |
| CVE-2026-7750 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Totolink N300RH POST Request cstecgi.cgi setMacFilterR… |
Totolink |
N300RH |
2026-05-04T09:00:17.932Z | 2026-05-04T09:00:17.932Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-7715 | A vulnerability has been found in ravenwits mcp-server-arangodb up to 0.4.7. This affects the funct… | 2026-05-04T01:16:05.037 | 2026-05-04T01:16:05.037 |
| fkie_cve-2026-7714 | A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue i… | 2026-05-04T01:16:04.863 | 2026-05-04T01:16:04.863 |
| fkie_cve-2026-7372 | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS … | 2026-05-04T01:16:04.730 | 2026-05-04T01:16:04.730 |
| fkie_cve-2026-7371 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi … | 2026-05-04T01:16:04.590 | 2026-05-04T01:16:04.590 |
| fkie_cve-2026-7161 | An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVi… | 2026-05-04T01:16:04.447 | 2026-05-04T01:16:04.447 |
| fkie_cve-2026-42370 | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS … | 2026-05-04T01:16:04.310 | 2026-05-04T01:16:04.310 |
| fkie_cve-2026-42369 | GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and… | 2026-05-04T01:16:04.153 | 2026-05-04T01:16:04.153 |
| fkie_cve-2026-42368 | A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011… | 2026-05-04T01:16:04.020 | 2026-05-04T01:16:04.020 |
| fkie_cve-2026-42367 | A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVisi… | 2026-05-04T01:16:03.890 | 2026-05-04T01:16:03.890 |
| fkie_cve-2026-42366 | Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi … | 2026-05-04T01:16:03.753 | 2026-05-04T01:16:03.753 |
| fkie_cve-2026-42365 | A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC… | 2026-05-04T01:16:03.620 | 2026-05-04T01:16:03.620 |
| fkie_cve-2026-42364 | An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2… | 2026-05-04T01:16:03.470 | 2026-05-04T01:16:03.470 |
| fkie_cve-2026-7713 | A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this … | 2026-05-04T00:16:40.167 | 2026-05-04T00:16:40.167 |
| fkie_cve-2026-7712 | A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.… | 2026-05-04T00:16:39.990 | 2026-05-04T00:16:39.990 |
| fkie_cve-2026-7711 | A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file m… | 2026-05-04T00:16:39.817 | 2026-05-04T00:16:39.817 |
| fkie_cve-2026-7710 | A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function do… | 2026-05-04T00:16:39.633 | 2026-05-04T00:16:39.633 |
| fkie_cve-2026-6948 | Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's a… | 2026-05-04T00:16:39.467 | 2026-05-04T00:16:39.467 |
| fkie_cve-2026-7709 | A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the fu… | 2026-05-03T23:16:42.383 | 2026-05-03T23:16:42.383 |
| fkie_cve-2026-7708 | A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi… | 2026-05-03T23:16:42.207 | 2026-05-03T23:16:42.207 |
| fkie_cve-2026-7707 | A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subsc… | 2026-05-03T23:16:42.027 | 2026-05-03T23:16:42.027 |
| fkie_cve-2026-7706 | A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmm_handle_s… | 2026-05-03T23:16:41.850 | 2026-05-03T23:16:41.850 |
| fkie_cve-2026-7705 | A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_ip… | 2026-05-03T23:16:41.643 | 2026-05-03T23:16:41.643 |
| fkie_cve-2026-4426 | A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompress… | 2026-03-19T15:16:28.510 | 2026-05-03T21:16:11.863 |
| fkie_cve-2026-3833 | A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive compar… | 2026-04-30T18:16:30.577 | 2026-05-03T20:16:02.713 |
| fkie_cve-2026-3832 | A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a spec… | 2026-04-30T18:16:30.433 | 2026-05-03T20:16:02.537 |
| fkie_cve-2026-33845 | A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero of… | 2026-04-30T18:16:28.003 | 2026-05-03T20:16:02.377 |
| fkie_cve-2026-7704 | A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected el… | 2026-05-03T17:16:13.580 | 2026-05-03T17:16:13.580 |
| fkie_cve-2026-7703 | A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown f… | 2026-05-03T17:16:13.393 | 2026-05-03T17:16:13.393 |
| fkie_cve-2026-7702 | A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function a… | 2026-05-03T16:15:57.937 | 2026-05-03T16:15:57.937 |
| fkie_cve-2026-7701 | A security vulnerability has been detected in Telegram Desktop up to 6.7.5. This vulnerability affe… | 2026-05-03T16:15:57.757 | 2026-05-03T16:15:57.757 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-v24g-wpq8-cwqx |
|
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: validate m… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-rfh9-x593-fmpr |
|
In the Linux kernel, the following vulnerability has been resolved: staging: sm750fb: fix division… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-rc8c-94m4-frfh |
|
In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-qx6q-mqg9-4px7 |
|
In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-q8hh-7xg8-pfvm |
|
In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size o… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-q633-5j2j-rqx5 |
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in … | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-p37w-xhv5-6c8j |
|
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 boun… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-mgh3-34fv-3j84 |
|
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate EaNameLength i… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-jq95-p6v7-8mxr |
|
In the Linux kernel, the following vulnerability has been resolved: bnge: return after auxiliary_d… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-jg3h-4jh8-mfwr |
|
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NU… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-jcj3-vp6r-4j69 |
|
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak o… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-h96r-xqwg-w67w |
|
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_phonet: fix skb… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-gggw-8cq2-45cp |
|
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesas_usb3: val… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-g5hw-v48q-45pv |
|
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-fcfj-3h7q-75mq |
|
In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_pack… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-cxgj-pqq4-q34h |
|
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-c947-xgxx-fj67 |
|
In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-8pwc-q4rq-xxf3 |
|
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in o… | 2026-04-24T15:32:34Z | 2026-04-24T15:32:35Z |
| ghsa-879h-m867-cpjq |
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: tdfxfb: avoid divide-by… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-7r46-pv4v-9gxj |
|
In the Linux kernel, the following vulnerability has been resolved: HID: core: clamp report_size i… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-5q38-6rwh-6r7q |
|
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require 3 sub-authoriti… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-5j7x-34ch-2fxf |
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-48xp-r2j8-cfx4 |
|
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_hid: don't call… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-426x-jc5h-fmgg |
|
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a si… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-3w37-m4pg-q585 |
|
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads par… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-3r85-565g-4jhq |
|
In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC… | 2026-04-24T15:32:35Z | 2026-04-24T15:32:35Z |
| ghsa-x7q8-xcw2-7mfg |
|
In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-… | 2026-04-24T15:32:34Z | 2026-04-24T15:32:34Z |
| ghsa-x6jh-jrg5-6v49 |
|
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer… | 2026-04-24T15:32:34Z | 2026-04-24T15:32:34Z |
| ghsa-wrgv-v45w-6gxv |
|
In the Linux kernel, the following vulnerability has been resolved: media: as102: fix to not free … | 2026-04-24T15:32:34Z | 2026-04-24T15:32:34Z |
| ghsa-w5vp-hvm6-339g |
|
In the Linux kernel, the following vulnerability has been resolved: clockevents: Add missing reset… | 2026-04-24T15:32:34Z | 2026-04-24T15:32:34Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-36 |
9.8 (3.1)
|
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… | langflow | 2025-04-07T15:15:44+00:00 | 2025-05-07T19:22:44.993642+00:00 |
| pysec-2024-246 |
5.3 (3.1)
|
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in… | vyper | 2024-04-25T17:15:50+00:00 | 2025-05-05T19:21:20.899426+00:00 |
| pysec-2024-111 |
9.1 (3.1)
|
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha… | langchain | 2024-10-29T13:15:00Z | 2025-05-02T18:39:47.588215Z |
| pysec-2024-245 |
|
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated user… | apache-airflow | 2024-02-29T11:15:08+00:00 | 2025-05-01T21:22:38.598048+00:00 |
| pysec-2025-35 |
7.5 (3.1)
|
Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… | weblate | 2025-04-15T21:16:04+00:00 | 2025-04-30T17:22:51.467257+00:00 |
| pysec-2025-34 |
|
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… | picklescan | 2025-04-24T01:15:49+00:00 | 2025-04-24T03:08:15.436691+00:00 |
| pysec-2025-33 |
7.5 (3.1)
|
Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the… | vyper | 2025-01-14T18:16:05+00:00 | 2025-04-23T21:23:01.322686+00:00 |
| pysec-2025-32 |
9.8 (3.1)
|
BentoML is a Python library for building online serving systems optimized for AI apps and… | bentoml | 2025-04-09T16:15:25+00:00 | 2025-04-22T19:21:34.073355+00:00 |
| pysec-2025-31 |
|
vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.116292+00:00 |
| pysec-2025-30 |
|
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.064106+00:00 |
| pysec-2025-29 |
|
vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.005382+00:00 |
| pysec-2025-28 |
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.772920+00:00 |
| pysec-2025-27 |
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.711157+00:00 |
| pysec-2025-26 |
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.645758+00:00 |
| pysec-2021-891 |
7.8 (3.1)
|
CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 S… | salt | 2021-03-03T10:15:13+00:00 | 2025-04-09T17:27:27.582884+00:00 |
| pysec-2025-25 |
6.5 (3.1)
|
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… | rembg | 2025-03-03T17:15:14+00:00 | 2025-04-09T17:27:27.532849+00:00 |
| pysec-2025-24 |
7.5 (3.1)
|
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… | rembg | 2025-03-03T17:15:14+00:00 | 2025-04-09T17:27:27.486485+00:00 |
| pysec-2025-23 |
|
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… | ray | 2025-03-06T05:15:16+00:00 | 2025-04-09T17:27:27.434099+00:00 |
| pysec-2022-43179 |
7.3 (3.1)
|
Poetry is a dependency manager for Python. To handle dependencies that come from a Git re… | poetry | 2022-09-07T19:15:08+00:00 | 2025-04-09T17:27:27.255151+00:00 |
| pysec-2025-22 |
9.8 (3.1)
|
A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… | plotai | 2025-03-10T14:15:24+00:00 | 2025-04-09T17:27:27.203714+00:00 |
| pysec-2023-311 |
5.4 (3.1)
|
plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen… | plone-namedfile | 2023-09-21T15:15:10+00:00 | 2025-04-09T17:27:27.153848+00:00 |
| pysec-2025-21 |
9.8 (3.1)
|
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… | picklescan | 2025-03-10T12:15:12+00:00 | 2025-04-09T17:27:27.016747+00:00 |
| pysec-2025-20 |
6.5 (3.1)
|
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… | picklescan | 2025-03-10T12:15:10+00:00 | 2025-04-09T17:27:26.966215+00:00 |
| pysec-2025-19 |
9.8 (3.1)
|
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … | picklescan | 2025-03-03T19:15:34+00:00 | 2025-04-09T17:27:26.916350+00:00 |
| pysec-2025-18 |
|
picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… | picklescan | 2025-02-26T15:15:24+00:00 | 2025-04-09T17:27:26.867210+00:00 |
| pysec-2023-310 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO… | mobsf | 2023-09-21T22:15:11+00:00 | 2025-04-09T17:27:26.663665+00:00 |
| pysec-2025-17 |
5.5 (3.1)
|
In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… | mlflow | 2025-03-20T10:15:54+00:00 | 2025-04-09T17:27:26.322333+00:00 |
| pysec-2023-309 |
8.8 (3.1)
|
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. | mlflow | 2023-12-13T00:15:07+00:00 | 2025-04-09T17:27:26.271200+00:00 |
| pysec-2023-308 |
10.0 (3.1)
|
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | mlflow | 2023-07-19T01:15:10+00:00 | 2025-04-09T17:27:26.223213+00:00 |
| pysec-2025-16 |
7.5 (3.1)
|
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… | lnbits | 2025-04-06T20:15:15+00:00 | 2025-04-09T17:27:25.872691+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33855 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.741239Z |
| gsd-2024-33851 | phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point… | 2024-04-28T05:02:07.732559Z |
| gsd-2024-33879 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.727068Z |
| gsd-2024-4294 | A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Ap… | 2024-04-28T05:02:06.079201Z |
| gsd-2024-4292 | A vulnerability classified as critical has been found in Contemporary Controls BASrouter … | 2024-04-28T05:02:06.073286Z |
| gsd-2024-4295 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:06.068263Z |
| gsd-2024-4291 | A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri… | 2024-04-28T05:02:06.058388Z |
| gsd-2024-4293 | A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana… | 2024-04-28T05:02:06.052534Z |
| gsd-2023-52722 | An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER … | 2024-04-28T05:01:28.746814Z |
| gsd-2022-48685 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:00:27.870720Z |
| gsd-2022-48684 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:00:27.715598Z |
| gsd-2024-24777 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:24.547536Z |
| gsd-2024-28875 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:20.401696Z |
| gsd-2024-33786 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.606155Z |
| gsd-2024-33697 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.598872Z |
| gsd-2024-33722 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.598142Z |
| gsd-2024-33784 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.595808Z |
| gsd-2024-33788 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.591276Z |
| gsd-2024-33814 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.590797Z |
| gsd-2024-33701 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.589032Z |
| gsd-2024-33776 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.587852Z |
| gsd-2024-33712 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.587066Z |
| gsd-2024-33840 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.586722Z |
| gsd-2024-33838 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.585807Z |
| gsd-2024-33749 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.584613Z |
| gsd-2024-33839 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.579161Z |
| gsd-2024-33733 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.577869Z |
| gsd-2024-33845 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.569462Z |
| gsd-2024-33741 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.568527Z |
| gsd-2024-33738 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.562140Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-3286 | Malicious code in wagner-horizon (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:46Z |
| mal-2026-3285 | Malicious code in vpi-guides (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:46Z |
| mal-2026-3284 | Malicious code in tinfoil-shops (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:46Z |
| mal-2026-3283 | Malicious code in temhe-dev (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:46Z |
| mal-2026-3027 | Malicious code in wrapped-logger-utils (npm) | 2026-04-24T03:07:24Z | 2026-05-12T07:30:46Z |
| mal-2026-3422 | Malicious code in rsflows-pexml (npm) | 2026-05-10T15:15:31Z | 2026-05-12T07:30:45Z |
| mal-2026-3412 | Malicious code in post-purchase-bundler (npm) | 2026-05-10T10:00:29Z | 2026-05-12T07:30:45Z |
| mal-2026-3374 | Malicious code in playgod (npm) | 2026-05-08T05:16:26Z | 2026-05-12T07:30:45Z |
| mal-2026-3330 | Malicious code in seek-pass (npm) | 2026-05-04T16:40:53Z | 2026-05-12T07:30:45Z |
| mal-2026-3328 | Malicious code in pocpoc2626 (npm) | 2026-05-04T16:36:10Z | 2026-05-12T07:30:45Z |
| mal-2026-3326 | Malicious code in paychex-common-vendor-lib (npm) | 2026-05-04T13:20:41Z | 2026-05-12T07:30:45Z |
| mal-2026-3323 | Malicious code in paypal-payouts-bridge (npm) | 2026-05-04T00:00:00Z | 2026-05-12T07:30:45Z |
| mal-2026-3313 | Malicious code in service-gateway (npm) | 2026-04-30T21:30:37Z | 2026-05-12T07:30:45Z |
| mal-2026-3282 | Malicious code in shopify-draggable (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:45Z |
| mal-2026-3281 | Malicious code in pos-next-react-native (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:45Z |
| mal-2026-3280 | Malicious code in pi-exa-mcp (npm) | 2026-05-04T01:43:31Z | 2026-05-12T07:30:45Z |
| mal-2026-3262 | Malicious code in react-native-parallax-scroll-view-updated (npm) | 2026-04-29T14:00:00Z | 2026-05-12T07:30:45Z |
| mal-2026-3026 | Malicious code in sagat-core (npm) | 2026-04-24T02:39:04Z | 2026-05-12T07:30:45Z |
| mal-2026-3421 | Malicious code in oneblk-design-system (npm) | 2026-05-08T22:46:52Z | 2026-05-12T07:30:44Z |
| mal-2026-3420 | Malicious code in noon-contracts (npm) | 2026-05-10T10:36:34Z | 2026-05-12T07:30:44Z |
| mal-2026-3419 | Malicious code in msal-browser-1p (npm) | 2026-05-08T06:00:49Z | 2026-05-12T07:30:44Z |
| mal-2026-3409 | Malicious code in mw-filesystem-events-nodream (npm) | 2026-05-10T00:20:40Z | 2026-05-12T07:30:44Z |
| mal-2026-3399 | Malicious code in money-badger-open-rpc-test-bugbount (npm) | 2026-05-08T18:05:43Z | 2026-05-12T07:30:44Z |
| mal-2026-3373 | Malicious code in owa-analytics-utils (npm) | 2026-05-07T16:08:35Z | 2026-05-12T07:30:44Z |
| mal-2026-3363 | Malicious code in mrdaa-frontend (npm) | 2026-05-07T03:55:55Z | 2026-05-12T07:30:44Z |
| mal-2026-3353 | Malicious code in money-badger-open-rpc (npm) | 2026-05-06T09:15:52Z | 2026-05-12T07:30:44Z |
| mal-2026-3339 | Malicious code in nf-ui-components (npm) | 2026-05-05T11:40:12Z | 2026-05-12T07:30:44Z |
| mal-2026-3338 | Malicious code in ms.analytics-web (npm) | 2026-05-04T19:06:03Z | 2026-05-12T07:30:44Z |
| mal-2026-3322 | Malicious code in microsoft-agents-auth-service (npm) | 2026-05-04T00:00:00Z | 2026-05-12T07:30:44Z |
| mal-2026-3312 | Malicious code in path-internal-util (npm) | 2026-05-01T07:11:51Z | 2026-05-12T07:30:44Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-php-2026-7259 | Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() | 2026-05-12T08:56:05.400Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-7258 | Out-of-bounds read in urldecode() on NetBSD | 2026-05-12T08:56:03.887Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-6735 | XSS within PHP-FPM status endpoint | 2026-05-12T08:56:02.433Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-6722 | Use-After-Free in SOAP using Apache map | 2026-05-12T08:56:01.004Z | 2026-05-12T09:14:35.689Z |
| bit-php-2026-6104 | Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding | 2026-05-12T08:55:59.545Z | 2026-05-12T09:14:35.689Z |
| bit-php-2025-14179 | SQL injection in pdo_firebird via NUL bytes in quoted strings | 2026-05-12T08:55:48.927Z | 2026-05-12T09:14:35.689Z |
| bit-pgbouncer-2026-6667 | PgBouncer missing authorization check in KILL_CLIENT admin command | 2026-05-12T08:52:54.700Z | 2026-05-12T09:14:35.689Z |
| bit-pgbouncer-2026-6666 | PgBouncer crash in kill_pool_logins_server_error | 2026-05-12T08:52:53.259Z | 2026-05-12T09:14:35.689Z |
| bit-pgbouncer-2026-6665 | PgBouncer buffer overflow in SCRAM | 2026-05-12T08:52:51.850Z | 2026-05-12T09:14:35.689Z |
| bit-pgbouncer-2026-6664 | PgBouncer integer overflow in PgBouncer network packet parsing | 2026-05-12T08:52:50.459Z | 2026-05-12T09:14:35.689Z |
| bit-mongodb-2026-8063 | Post-auth null pointer dereference when aggregating against a view with empty search pipeline | 2026-05-12T08:52:12.873Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-7568 | Signed integer overflow in metaphone() | 2026-05-12T08:50:34.032Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-7263 | DoS attack via DOMNode::C14N() | 2026-05-12T08:50:32.155Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-7262 | NULL pointer dereference in SOAP apache:Map decoder with missing <value> | 2026-05-12T08:50:30.384Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-7261 | SoapServer session-persisted object use-after-free via SOAP header fault | 2026-05-12T08:50:28.657Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-7259 | Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init() | 2026-05-12T08:50:27.221Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-7258 | Out-of-bounds read in urldecode() on NetBSD | 2026-05-12T08:50:25.509Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-6735 | XSS within PHP-FPM status endpoint | 2026-05-12T08:50:23.891Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-6722 | Use-After-Free in SOAP using Apache map | 2026-05-12T08:50:21.977Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2026-6104 | Global buffer over-read in mb_convert_encoding() with attacker-supplied encoding | 2026-05-12T08:50:20.245Z | 2026-05-12T09:14:35.689Z |
| bit-libphp-2025-14179 | SQL injection in pdo_firebird via NUL bytes in quoted strings | 2026-05-12T08:50:08.761Z | 2026-05-12T09:14:35.689Z |
| bit-cilium-2026-41520 | Cillium exposes sensitive information included in the cilium-bugtool debug archive | 2026-05-12T08:39:50.452Z | 2026-05-12T09:14:35.689Z |
| bit-python-2024-4032 | Incorrect IPv4 and IPv6 private ranges | 2024-06-20T11:17:24.961Z | 2026-05-11T18:04:15.512Z |
| bit-python-2024-0397 | Memory race condition in ssl.SSLContext certificate store methods | 2024-06-20T11:18:14.556Z | 2026-05-11T18:04:15.512Z |
| bit-python-2022-0391 | 2024-03-06T11:05:40.083Z | 2026-05-11T18:04:15.512Z | |
| bit-python-2021-3426 | 2024-03-06T11:06:24.568Z | 2026-05-11T18:04:15.512Z | |
| bit-python-2020-15523 | 2024-03-06T11:07:56.206Z | 2026-05-11T18:04:15.512Z | |
| bit-python-2020-14422 | 2024-03-06T11:08:07.283Z | 2026-05-11T18:04:15.512Z | |
| bit-nifi-2026-39816 | Apache NiFi: Missing Execute Code Required Permission on TinkerpopClientService | 2026-05-11T17:36:01.106Z | 2026-05-11T18:04:15.512Z |
| bit-mlflow-2024-37057 | 2024-06-10T11:49:36.085Z | 2026-05-11T18:04:15.512Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-ec57959 | protojson | 2026-04-15T00:38:38.411296Z | 2026-04-14T11:35:55Z |
| cleanstart-2026-bz28794 | Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service | 2026-04-15T00:41:09.072733Z | 2026-04-14T10:03:45Z |
| cleanstart-2026-fa60324 | It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session | 2026-04-15T00:42:39.375533Z | 2026-04-14T09:27:59Z |
| cleanstart-2026-kc83705 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-15T00:53:10.163760Z | 2026-04-14T09:04:57Z |
| cleanstart-2026-fz27876 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-15T00:44:39.850466Z | 2026-04-14T08:58:37Z |
| cleanstart-2026-fd98843 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-15T00:43:03.053896Z | 2026-04-14T08:58:37Z |
| cleanstart-2026-eo57061 | In libexpat before 2 | 2026-04-15T00:45:38.991412Z | 2026-04-14T08:58:37Z |
| cleanstart-2026-mw52599 | OpenVPN version 2 | 2026-04-15T00:50:39.610141Z | 2026-04-14T06:07:21Z |
| cleanstart-2026-nh62318 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-14T00:38:02.309746Z | 2026-04-13T11:37:38Z |
| cleanstart-2026-ka64649 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-14T00:38:03.199310Z | 2026-04-13T11:37:38Z |
| cleanstart-2026-jh41080 | In libexpat before 2 | 2026-04-14T00:41:12.662437Z | 2026-04-13T11:37:38Z |
| cleanstart-2026-nj21771 | png_image_free in png | 2026-04-14T00:41:12.278705Z | 2026-04-13T10:08:55Z |
| cleanstart-2026-fh63386 | When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint | 2026-04-14T00:44:12.807187Z | 2026-04-13T10:06:48Z |
| cleanstart-2026-lk73694 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-14T00:43:42.897096Z | 2026-04-13T05:21:32Z |
| cleanstart-2026-ne70100 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-12T00:36:10.440964Z | 2026-04-11T06:04:40Z |
| cleanstart-2026-mz25894 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-12T00:36:10.207025Z | 2026-04-11T06:04:40Z |
| cleanstart-2026-hu81793 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-12T00:36:09.840766Z | 2026-04-11T06:04:40Z |
| cleanstart-2026-jt73156 | protojson | 2026-04-11T00:42:17.168521Z | 2026-04-10T12:27:18Z |
| cleanstart-2026-ei21238 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-11T00:37:54.711613Z | 2026-04-10T10:45:58Z |
| cleanstart-2026-lb69194 | In libexpat before 2 | 2026-04-11T00:39:42.680532Z | 2026-04-10T05:48:24Z |
| cleanstart-2026-ay21238 | security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion | 2026-04-10T00:37:58.214935Z | 2026-04-09T11:56:50Z |
| cleanstart-2026-ng75665 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-10T00:56:28.527348Z | 2026-04-09T11:53:35Z |
| cleanstart-2026-bm53321 | attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing | 2026-04-10T00:51:58.426076Z | 2026-04-09T11:53:35Z |
| cleanstart-2026-ng28268 | gRPC-Go is the Go language implementation of gRPC | 2026-04-10T00:47:58.418185Z | 2026-04-09T11:52:13Z |
| cleanstart-2026-jy63371 | Delete function fails to properly validate offsets when processing malformed JSON input | 2026-04-10T00:45:58.478015Z | 2026-04-09T11:52:13Z |
| cleanstart-2026-cd13174 | gRPC-Go is the Go language implementation of gRPC | 2026-04-10T00:49:58.731115Z | 2026-04-09T11:52:13Z |
| cleanstart-2026-dk61762 | filippo | 2026-04-10T00:51:28.611547Z | 2026-04-09T11:46:58Z |
| cleanstart-2026-ar20742 | attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing | 2026-04-10T00:51:28.608050Z | 2026-04-09T11:46:58Z |
| cleanstart-2026-in87004 | In libexpat before 2 | 2026-04-10T00:52:28.484967Z | 2026-04-09T11:45:48Z |
| cleanstart-2026-ag20129 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-10T00:51:29.221302Z | 2026-04-09T11:45:48Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-103 | 2025-08-27T17:20:16.000Z | 2025-08-27T17:20:16.000Z | |
| drupal-contrib-2025-102 | 2025-08-27T17:20:11.000Z | 2025-08-27T17:20:11.000Z | |
| drupal-contrib-2025-099 | 2025-08-27T17:19:24.000Z | 2025-08-27T17:19:24.000Z | |
| drupal-contrib-2025-098 | 2025-08-27T17:19:14.000Z | 2025-08-27T17:19:14.000Z | |
| drupal-contrib-2025-096 | 2025-08-13T17:33:24.000Z | 2025-08-13T20:10:05.000Z | |
| drupal-contrib-2025-095 | 2025-08-06T16:50:43.000Z | 2025-08-06T16:50:43.000Z | |
| drupal-contrib-2025-094 | 2025-07-30T16:31:23.000Z | 2025-07-30T16:31:23.000Z | |
| drupal-contrib-2025-093 | 2025-07-30T16:30:44.000Z | 2025-07-30T16:30:44.000Z | |
| drupal-contrib-2025-092 | 2025-07-23T17:10:19.000Z | 2025-07-23T17:10:19.000Z | |
| drupal-contrib-2025-091 | 2025-07-16T16:46:49.000Z | 2025-07-17T14:42:36.000Z | |
| drupal-contrib-2025-090 | 2025-07-16T16:46:26.000Z | 2025-07-16T16:46:26.000Z | |
| drupal-contrib-2025-089 | 2025-07-16T16:46:08.000Z | 2025-07-16T16:46:08.000Z | |
| drupal-contrib-2025-087 | 2025-07-09T16:37:27.000Z | 2025-07-09T16:37:27.000Z | |
| drupal-contrib-2025-086 | 2025-07-02T17:37:13.000Z | 2025-07-02T17:37:13.000Z | |
| drupal-contrib-2025-085 | 2025-07-02T17:37:03.000Z | 2025-07-02T17:37:03.000Z | |
| drupal-contrib-2025-081 | 2025-06-25T18:42:06.000Z | 2025-06-26T18:17:29.000Z | |
| drupal-contrib-2025-084 | 2025-06-25T18:43:00.000Z | 2025-06-25T18:43:00.000Z | |
| drupal-contrib-2025-083 | 2025-06-25T18:42:38.000Z | 2025-06-25T18:42:38.000Z | |
| drupal-contrib-2025-082 | 2025-06-25T18:42:17.000Z | 2025-06-25T18:42:17.000Z | |
| drupal-contrib-2025-080 | 2025-06-25T18:41:56.000Z | 2025-06-25T18:41:56.000Z | |
| drupal-contrib-2025-079 | 2025-06-25T18:41:34.000Z | 2025-06-25T18:41:34.000Z | |
| drupal-contrib-2025-078 | 2025-06-25T18:41:20.000Z | 2025-06-25T18:41:20.000Z | |
| drupal-contrib-2025-077 | 2025-06-25T18:41:06.000Z | 2025-06-25T18:41:06.000Z | |
| drupal-contrib-2025-001 | 2025-01-08T17:22:11.000Z | 2025-06-19T22:05:09.000Z | |
| drupal-contrib-2025-004 | 2025-01-22T16:50:12.000Z | 2025-05-29T18:26:44.000Z | |
| drupal-contrib-2025-034 | 2025-04-16T16:24:49.000Z | 2025-05-29T18:24:01.000Z | |
| drupal-contrib-2025-041 | 2025-04-23T16:58:39.000Z | 2025-05-29T18:23:44.000Z | |
| drupal-contrib-2025-048 | 2025-05-07T17:06:26.000Z | 2025-05-29T18:20:11.000Z | |
| drupal-contrib-2025-049 | 2025-05-07T17:06:36.000Z | 2025-05-29T18:20:00.000Z | |
| drupal-contrib-2025-050 | 2025-05-07T17:06:52.000Z | 2025-05-29T18:19:50.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000032 | Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) | 2026-03-04T12:20+09:00 | 2026-03-04T12:20+09:00 |
| jvndb-2026-005746 | Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) | 2026-03-04T10:40+09:00 | 2026-03-04T10:40+09:00 |
| jvndb-2026-005744 | Canon IJ Scan Utility registers Windows services with unquoted file paths | 2026-03-04T10:40+09:00 | 2026-03-04T10:40+09:00 |
| jvndb-2026-000030 | IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization | 2026-02-27T15:41+09:00 | 2026-03-03T10:06+09:00 |
| jvndb-2026-005259 | Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) | 2026-03-02T11:46+09:00 | 2026-03-02T11:46+09:00 |
| jvndb-2026-000031 | Improper file access permission settings in the installers for multiple Soliton Systems products | 2026-02-27T15:41+09:00 | 2026-02-27T15:41+09:00 |
| jvndb-2026-000029 | Multiple vulnerabilities in the installer of FinalCode Client | 2026-02-26T14:24+09:00 | 2026-02-26T14:24+09:00 |
| jvndb-2026-004811 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-004810 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-000026 | Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal | 2026-02-25T15:14+09:00 | 2026-02-25T15:14+09:00 |
| jvndb-2026-004359 | Security information for Hitachi Disk Array Systems | 2026-02-20T18:35+09:00 | 2026-02-20T18:35+09:00 |
| jvndb-2026-000027 | WordPress Plugin "Survey Maker" vulnerable to cross-site scripting | 2026-02-20T12:32+09:00 | 2026-02-20T12:32+09:00 |
| jvndb-2026-000028 | Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries | 2026-02-20T12:31+09:00 | 2026-02-20T12:31+09:00 |
| jvndb-2026-003912 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003911 | Vulnerability in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003910 | Multiple Vulnerabilities in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003909 | Multiple Vulnerabilities in Hitachi Command Suite products | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003908 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003907 | Multiple Vulnerabilities in JP1 | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003906 | Multiple Vulnerabilities in Cosminexus | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003905 | Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-000025 | Joomla! CMS vulnerable to cross-site scripting | 2026-02-17T12:46+09:00 | 2026-02-17T12:46+09:00 |
| jvndb-2026-000023 | FileZen vulnerable to OS command injection | 2026-02-13T16:51+09:00 | 2026-02-13T17:08+09:00 |
| jvndb-2026-000024 | Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries | 2026-02-12T13:32+09:00 | 2026-02-12T13:32+09:00 |
| jvndb-2026-000022 | Oki Electric Industry products and OEM products register Windows services with unquoted file paths | 2026-02-09T15:21+09:00 | 2026-02-09T15:21+09:00 |
| jvndb-2026-000021 | web2py vulnerable to open redirect | 2026-02-05T15:01+09:00 | 2026-02-05T15:01+09:00 |
| jvndb-2026-000017 | Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows | 2026-02-03T14:57+09:00 | 2026-02-05T14:41+09:00 |
| jvndb-2026-000020 | Multiple vulnerabilities in Movable Type | 2026-02-04T16:15+09:00 | 2026-02-04T16:15+09:00 |
| jvndb-2026-000016 | Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries | 2026-02-03T14:57+09:00 | 2026-02-04T12:39+09:00 |
| jvndb-2024-002831 | ELECOM wireless LAN routers vulnerable to OS command injection | 2024-02-22T08:15+09:00 | 2026-02-04T12:02+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-18681 | Adobe Connect跨站脚本漏洞(CNVD-2026-18681) | 2026-04-15 | 2026-04-27 |
| cnvd-2026-18680 | Adobe Connect跨站脚本漏洞(CNVD-2026-18680) | 2026-04-15 | 2026-04-27 |
| cnvd-2026-18679 | Adobe Bridge数字错误漏洞 | 2026-04-15 | 2026-04-27 |
| cnvd-2026-18678 | Adobe Connect跨站脚本漏洞(CNVD-2026-18678) | 2026-04-15 | 2026-04-27 |
| cnvd-2026-18677 | Adobe Commerce授权不当漏洞 | 2026-03-17 | 2026-04-27 |
| cnvd-2026-18676 | Adobe DNG SDK输入验证错误漏洞 | 2026-03-16 | 2026-04-27 |
| cnvd-2026-18675 | Adobe DNG SDK越界写入漏洞 | 2026-03-16 | 2026-04-27 |
| cnvd-2026-18674 | Adobe Substance3D Stager越界读取漏洞(CNVD-2026-18674) | 2026-02-12 | 2026-04-27 |
| cnvd-2026-18673 | Adobe Substance3D Modeler越界读取漏洞(CNVD-2026-18673) | 2026-02-12 | 2026-04-27 |
| cnvd-2026-18672 | Adobe Lightroom Desktop越界写入漏洞 | 2026-02-12 | 2026-04-27 |
| cnvd-2026-18601 | OpenClaw远程代码执行漏洞(CNVD-2026-18601) | 2026-04-24 | 2026-04-24 |
| cnvd-2026-18591 | Microsoft Partner Center访问控制漏洞 | 2026-04-24 | 2026-04-24 |
| cnvd-2026-18578 | Oracle MySQL Server Optimizer拒绝服务漏洞(CNVD-2026-18578) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18577 | Oracle Solaris内核拒绝服务漏洞 | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18576 | Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18576) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18575 | Oracle MySQL Server JSON组件拒绝服务漏洞 | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18574 | Oracle MySQL Shell Core Client拒绝服务漏洞(CNVD-2026-18574) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18573 | Oracle MySQL Shell Core Client拒绝服务漏洞(CNVD-2026-18573) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18572 | Oracle Database Server Java VM组件数据泄露漏洞 | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18571 | Oracle MySQL Server Partition组件拒绝服务漏洞 | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18570 | Oracle MySQL Server GIS组件拒绝服务漏洞 | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18569 | Oracle VM VirtualBox Core组件拒绝服务漏洞(CNVD-2026-18569) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18539 | Oracle VM VirtualBox Core组件权限提升漏洞(CNVD-2026-18539) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18538 | Oracle Fusion Middleware Dynamic Monitoring Service跨站脚本漏洞 | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18537 | IBM Guardium Data Protection目录遍历漏洞 | 2026-04-23 | 2026-04-24 |
| cnvd-2026-18536 | IBM Guardium Data Protection Web UI跨站脚本漏洞 | 2026-04-23 | 2026-04-24 |
| cnvd-2026-18535 | IBM Verify Identity Access Container弱加密算法漏洞 | 2026-04-23 | 2026-04-24 |
| cnvd-2026-18432 | Oracle MySQL Server InnoDB拒绝服务漏洞(CNVD-2026-18432) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18431 | Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18431) | 2026-04-22 | 2026-04-24 |
| cnvd-2026-18430 | Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18430) | 2026-04-22 | 2026-04-24 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2025-15829 | Уязвимость системы управления базами данных MySQL и MariaDB, связанная с раскрытием инфор… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15825 | Уязвимость компонентов mm ядра операционной системы Linux, позволяющая нарушителю получит… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15824 | Уязвимость компонента hugetlb.c ядра операционной системы Linux, позволяющая нарушителю п… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15822 | Уязвимость ядра операционной системы Linux, связанная с неправильной проверкой возвращаем… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15821 | Уязвимость компонента drm/sched ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15820 | Уязвимость компонента pinctrl-msm ядра операционной системы Linux, позволяющая нарушителю… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15816 | Уязвимость компонента smb ядра операционной системы Linux, позволяющая нарушителю нарушит… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15815 | Уязвимость ядра операционной системы Linux, связанная с чтением за допустимыми границами … | 15.12.2025 | 16.02.2026 |
| bdu:2025-15814 | Уязвимость ядра операционной системы Linux, связанная с чтением за границами буфера данны… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15811 | Уязвимость компонента xusb ядра операционной системы Linux, позволяющая нарушителю вызват… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15810 | Уязвимость ядра операционной системы Linux, связанная с одновременным выполнением с испол… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15809 | Уязвимость компонента appletalk ядра операционной системы Linux, позволяющая нарушителю н… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15808 | Уязвимость компонента drm/tegra ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15806 | Уязвимость компонента atm ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15804 | Уязвимость компонента mcast ядра операционной системы Linux, позволяющая нарушителю вызва… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15803 | Уязвимость компонентов tmptcp ядра операционной системы Linux, позволяющая нарушителю пол… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15802 | Уязвимость компонента perf/core ядра операционной системы Linux, позволяющая нарушителю в… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15800 | Уязвимость компонента mm/vmalloc.c ядра операционной системы Linux, позволяющая нарушител… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15799 | Уязвимость модуля powerpc/eeh ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15798 | Уязвимость компонента crypto ядра операционной системы Linux, позволяющая нарушителю вызв… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15797 | Уязвимость компонента xilinx ядра операционной системы Linux, позволяющая нарушителю вызв… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15796 | Уязвимость компонента iwlwifi ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15795 | Уязвимость ядра операционной системы Linux, связанная с ошибками разыменования указателя,… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15794 | Уязвимость компонента dtpm_cpu ядра операционной системы Linux, позволяющая нарушителю вы… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15793 | Уязвимость компонента fbtft ядра операционной системы Linux, позволяющая нарушителю вызва… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15792 | Уязвимость компонента net/tls ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15791 | Уязвимость компонента net/packet/af_packet.c ядра операционной системы Linux, позволяющая… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15790 | Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15789 | Уязвимость компонента pnv_php операционной системы Linux, позволяющая нарушителю вызвать … | 15.12.2025 | 16.02.2026 |
| bdu:2025-15788 | Уязвимость компонента pnv_php ядра операционной системы Linux, позволяющая нарушителю выз… | 15.12.2025 | 16.02.2026 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0512 | Vulnérabilité dans Microsoft Edge | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0511 | Vulnérabilité dans Elastic Package Registry | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0510 | Multiples vulnérabilités dans Citrix XenServer | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0509 | Multiples vulnérabilités dans Xen | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0508 | Multiples vulnérabilités dans Moodle | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0507 | Multiples vulnérabilités dans les produits Mozilla | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0506 | Multiples vulnérabilités dans Google Chrome | 2026-04-29T00:00:00.000000 | 2026-04-29T00:00:00.000000 |
| certfr-2026-avi-0505 | Vulnérabilité dans Python | 2026-04-28T00:00:00.000000 | 2026-04-28T00:00:00.000000 |
| certfr-2026-avi-0504 | Multiples vulnérabilités dans Spring | 2026-04-28T00:00:00.000000 | 2026-04-28T00:00:00.000000 |
| certfr-2026-avi-0487 | Multiples vulnérabilités dans Google Chrome | 2026-04-23T00:00:00.000000 | 2026-04-28T00:00:00.000000 |
| certfr-2026-avi-0503 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-27T00:00:00.000000 | 2026-04-27T00:00:00.000000 |
| certfr-2026-avi-0502 | Multiples vulnérabilités dans Microsoft Edge | 2026-04-27T00:00:00.000000 | 2026-04-27T00:00:00.000000 |
| certfr-2026-avi-0501 | Multiples vulnérabilités dans les produits FoxIT | 2026-04-27T00:00:00.000000 | 2026-04-27T00:00:00.000000 |
| certfr-2026-avi-0500 | Multiples vulnérabilités dans VMware Tanzu | 2026-04-27T00:00:00.000000 | 2026-04-27T00:00:00.000000 |
| certfr-2026-avi-0499 | Multiples vulnérabilités dans les produits Moxa | 2026-04-27T00:00:00.000000 | 2026-04-27T00:00:00.000000 |
| certfr-2026-avi-0498 | Multiples vulnérabilités dans Zabbix Agent2 | 2026-04-27T00:00:00.000000 | 2026-04-27T00:00:00.000000 |
| certfr-2026-avi-0497 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0496 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0495 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0494 | Vulnérabilité dans les produits Microsoft | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0493 | Vulnérabilité dans Microsoft Edge | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0492 | Multiples vulnérabilités dans les produits IBM | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0491 | Multiples vulnérabilités dans Synology DSM | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0490 | Multiples vulnérabilités dans Traefik | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0489 | Vulnérabilité dans les produits Tenable | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0488 | Multiples vulnérabilités dans Spring Boot | 2026-04-24T00:00:00.000000 | 2026-04-24T00:00:00.000000 |
| certfr-2026-avi-0486 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-23T00:00:00.000000 | 2026-04-23T00:00:00.000000 |
| certfr-2026-avi-0485 | Vulnérabilité dans Mattermost Server | 2026-04-23T00:00:00.000000 | 2026-04-23T00:00:00.000000 |
| certfr-2026-avi-0484 | Multiples vulnérabilités dans strongSwan | 2026-04-23T00:00:00.000000 | 2026-04-23T00:00:00.000000 |
| certfr-2026-avi-0483 | Multiples vulnérabilités dans Stormshield Management Center | 2026-04-23T00:00:00.000000 | 2026-04-23T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2022-ale-001 | [MaJ] Vulnérabilité dans Microsoft Windows | 2022-01-12T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-022 | [MaJ] Vulnérabilité dans Apache Log4j | 2021-12-10T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-021 | Vulnérabilité dans Microsoft Exchange | 2021-11-10T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-019 | [MaJ] Vulnérabilité dans Microsoft Windows | 2021-09-08T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-017 | Multiples vulnérabilités dans Microsoft Exchange | 2021-08-27T00:00:00.000000 | 2022-05-04T00:00:00.000000 |
| certfr-2021-ale-020 | [Maj] Multiples vulnérabilités dans Microsoft Azure Open Management Infrastructure | 2021-09-17T00:00:00.000000 | 2022-01-05T00:00:00.000000 |
| certfr-2021-ale-018 | Vulnérabilité dans Atlassian Confluence Server et Data Center | 2021-09-06T00:00:00.000000 | 2022-01-05T00:00:00.000000 |
| certfr-2021-ale-014 | [MaJ] Multiples vulnérabilités dans Microsoft Windows | 2021-07-02T00:00:00.000000 | 2022-01-05T00:00:00.000000 |
| certfr-2021-ale-015 | Multiples vulnérabilités dans SolarWinds Serv-U | 2021-07-13T00:00:00.000000 | 2021-10-19T00:00:00.000000 |
| certfr-2021-ale-012 | Multiples vulnérabilités dans Microsoft Windows | 2021-06-09T00:00:00.000000 | 2021-10-19T00:00:00.000000 |
| certfr-2021-ale-011 | Vulnérabilité dans VMware vCenter Server | 2021-06-07T00:00:00.000000 | 2021-10-19T00:00:00.000000 |
| certfr-2021-ale-016 | Vulnérabilité dans SonicWall | 2021-07-15T00:00:00.000000 | 2021-08-19T00:00:00.000000 |
| certfr-2021-ale-004 | [MàJ] Multiples vulnérabilités dans Microsoft Exchange Server | 2021-03-03T00:00:00.000000 | 2021-07-16T00:00:00.000000 |
| certfr-2021-ale-013 | [MaJ] Vulnérabilité dans Microsoft Windows | 2021-06-30T00:00:00.000000 | 2021-07-02T00:00:00.000000 |
| certfr-2021-ale-010 | Vulnérabilité dans Adobe Acrobat et Acrobat Reader | 2021-05-12T00:00:00.000000 | 2021-06-29T00:00:00.000000 |
| certfr-2021-ale-007 | [MàJ] Vulnérabilité dans Pulse Connect Secure | 2021-04-20T00:00:00.000000 | 2021-06-21T00:00:00.000000 |
| certfr-2021-ale-009 | [MàJ] Vulnérabilité dans Microsoft Windows | 2021-05-12T00:00:00.000000 | 2021-06-10T00:00:00.000000 |
| certfr-2021-ale-008 | Multiples vulnérabilités dans Exim | 2021-05-05T00:00:00.000000 | 2021-06-10T00:00:00.000000 |
| certfr-2021-ale-005 | Multiples vulnérabilités dans Microsoft DNS server | 2021-03-12T00:00:00.000000 | 2021-05-12T00:00:00.000000 |
| certfr-2021-ale-003 | [MàJ] Vulnérabilité dans VMware vCenter Server | 2021-02-25T00:00:00.000000 | 2021-05-12T00:00:00.000000 |
| certfr-2021-ale-001 | |MàJ] Vulnérabilité dans SonicWall SMA100 | 2021-02-02T00:00:00.000000 | 2021-05-12T00:00:00.000000 |
| certfr-2021-ale-006 | [MàJ] Vulnérabilité dans F5 BIG-IP | 2021-03-22T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2020-ale-026 | [MaJ] Présence de code malveillant dans SolarWinds Orion | 2020-12-14T00:00:00.000000 | 2021-04-15T00:00:00.000000 |
| certfr-2021-ale-002 | [MàJ] Vulnérabilité dans Google Chrome et Microsoft Edge | 2021-02-05T00:00:00.000000 | 2021-03-11T00:00:00.000000 |
| certfr-2020-ale-021 | Vulnérabilité dans Samba | 2020-09-18T00:00:00.000000 | 2021-03-11T00:00:00.000000 |
| certfr-2020-ale-020 | [MàJ] Vulnérabilité dans Microsoft Netlogon | 2020-09-15T00:00:00.000000 | 2021-03-11T00:00:00.000000 |
| certfr-2020-ale-019 | Recrudescence d'activité Emotet en France | 2020-09-07T00:00:00.000000 | 2021-02-09T00:00:00.000000 |
| certfr-2020-ale-025 | Vulnérabilité dans Fortinet FortiOS SSL-VPN | 2020-11-27T00:00:00.000000 | 2021-02-08T00:00:00.000000 |
| certfr-2020-ale-024 | [MaJ] Vulnérabilité dans les produits VMware | 2020-11-24T00:00:00.000000 | 2020-12-17T00:00:00.000000 |
| certfr-2020-ale-022 | [MàJ] Vulnérabilité dans Oracle Weblogic | 2020-10-30T00:00:00.000000 | 2020-12-17T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2021-1672 | Heap-buffer-overflow in blosc_d | 2021-12-12T00:01:29.747137Z | 2026-05-04T14:07:55.244481Z |
| osv-2021-1070 | Heap-buffer-overflow in ZSTD_decompressBlock_internal | 2021-07-29T00:01:10.187569Z | 2026-05-04T14:07:41.491351Z |
| osv-2026-678 | UNKNOWN WRITE in ___interceptor_strncpy | 2026-05-04T00:04:49.943355Z | 2026-05-04T00:04:49.943663Z |
| osv-2024-696 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-07-31T00:03:10.056663Z | 2026-05-02T14:28:43.223547Z |
| osv-2024-641 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-07-14T00:06:37.034414Z | 2026-05-02T14:28:29.616182Z |
| osv-2024-400 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-05-02T00:03:16.309384Z | 2026-05-02T14:28:03.527863Z |
| osv-2024-245 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-04-08T00:11:03.595756Z | 2026-05-02T14:27:51.488017Z |
| osv-2024-278 | Security exception in com.puppycrawl.tools.checkstyle.grammar.java.JavaLanguageParser.expr | 2024-04-19T00:12:11.684954Z | 2026-05-02T14:21:46.603660Z |
| osv-2025-280 | Heap-buffer-overflow in Assimp::SceneCombiner::CopyScene | 2025-04-15T00:04:03.423453Z | 2026-05-01T14:27:37.508431Z |
| osv-2026-610 | Memcpy-param-overlap in htx_replace_blk_value | 2026-04-22T00:07:53.902461Z | 2026-05-01T14:26:40.032545Z |
| osv-2024-1220 | UNKNOWN READ in Assimp::NDOImporter::InternReadFile | 2024-10-14T00:17:45.088625Z | 2026-05-01T14:23:35.230004Z |
| osv-2023-869 | Heap-buffer-overflow in Assimp::MD5::MD5MeshParser::MD5MeshParser | 2023-09-17T14:01:25.028324Z | 2026-05-01T14:22:59.941483Z |
| osv-2022-675 | Heap-buffer-overflow in void RDKit::ParseV3000AtomProps<std::__1::vector<std::__1::basic_string_view<cha | 2022-08-06T00:00:51.363676Z | 2026-05-01T14:20:42.587775Z |
| osv-2022-1288 | Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*> | 2024-11-04T00:16:22.516312Z | 2026-05-01T14:18:55.851744Z |
| osv-2026-659 | Heap-buffer-overflow in ___interceptor_strncpy | 2026-05-01T00:18:13.867231Z | 2026-05-01T00:18:13.867552Z |
| osv-2022-867 | Heap-buffer-overflow in get_utf_8_string | 2022-09-09T00:01:54.157712Z | 2026-04-30T16:25:40.002563Z |
| osv-2026-605 | Heap-buffer-overflow in DwaCompressor_uncompress | 2026-04-21T00:16:42.288653Z | 2026-04-30T14:32:28.224899Z |
| osv-2025-580 | UNKNOWN READ in signed char Assimp::StreamReader<false, false>::Get<signed char> | 2025-07-29T00:16:41.422221Z | 2026-04-30T14:29:31.343013Z |
| osv-2026-651 | Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal | 2026-04-30T00:09:19.136667Z | 2026-04-30T00:09:19.137235Z |
| osv-2026-650 | Use-of-uninitialized-value in Mat_int32Swap | 2026-04-29T00:19:17.230021Z | 2026-04-29T14:32:22.076704Z |
| osv-2026-623 | Use-of-uninitialized-value in Mat_PrintNumber | 2026-04-25T00:20:05.313883Z | 2026-04-29T14:30:10.451501Z |
| osv-2026-649 | Container-overflow in OGRGeometryFactory::organizePolygons | 2026-04-29T00:10:47.581403Z | 2026-04-29T00:10:47.581821Z |
| osv-2026-646 | Heap-buffer-overflow in sentencepiece::unigram::Model::EncodeOptimized | 2026-04-29T00:04:02.164830Z | 2026-04-29T00:04:02.165140Z |
| osv-2026-629 | Security exception in org.apache.thrift.protocol.TProtocolUtil.skip | 2026-04-26T00:19:19.237477Z | 2026-04-28T14:18:36.402139Z |
| osv-2022-763 | Heap-buffer-overflow in sqlite3VdbeExec | 2022-08-21T00:00:23.656015Z | 2026-04-26T14:19:51.633996Z |
| osv-2024-440 | UNKNOWN READ | 2024-05-07T00:06:11.033336Z | 2026-04-25T14:18:51.314914Z |
| osv-2026-621 | Use-of-uninitialized-value in vcardtime_from_string | 2026-04-25T00:17:10.236683Z | 2026-04-25T00:17:10.237046Z |
| osv-2024-396 | UNKNOWN READ in jvp_object_free | 2024-05-01T00:11:24.552935Z | 2026-04-24T14:19:17.552379Z |
| osv-2024-914 | UNKNOWN READ in boost::re_detail_500::basic_regex_formatter<std::__1::ostream_iterator<char, cha | 2024-08-16T00:08:20.277708Z | 2026-04-24T14:18:54.995966Z |
| osv-2024-112 | Stack-overflow in boost::read_graphviz_detail::parser::parse_subgraph | 2024-02-16T00:05:47.896843Z | 2026-04-24T14:13:21.773842Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2026-0083 | zantetsu-trainer is unmaintained | 2026-04-07T12:00:00Z | 2026-04-08T08:55:27Z |
| rustsec-2026-0082 | zantetsu-ffi is unmaintained | 2026-04-07T12:00:00Z | 2026-04-08T08:55:27Z |
| rustsec-2026-0081 | `logtrace` was removed from crates.io for malicious code | 2026-04-05T12:00:00Z | 2026-04-05T23:52:05Z |
| rustsec-2026-0080 | Multiple soundness issues in `scaly` safe APIs | 2026-01-19T12:00:00Z | 2026-04-05T05:30:42Z |
| rustsec-2026-0079 | `DynFuture` drop can construct a dangling reference | 2026-01-21T12:00:00Z | 2026-04-05T05:30:42Z |
| rustsec-2023-0125 | Logs AWS credentials when TRACE-level logging is enabled | 2023-04-19T12:00:00Z | 2026-04-02T14:44:59Z |
| rustsec-2025-0160 | `custom-req-on-workers` was removed from crates.io for malicious code | 2025-01-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0159 | `sophosfirewall-python` was removed from crates.io for malicious code | 2025-02-15T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0158 | `jfrog_quotes` was removed from crates.io for malicious code | 2025-01-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0157 | `statsrelay-protobuf` was removed from crates.io for malicious code | 2025-08-26T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0156 | `tree-sitter-pkl` was removed from crates.io for malicious code | 2025-03-10T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2026-0077 | Incorrect Check of Signer Response Norm During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0076 | Panic in Signature Hint Decoding During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0075 | All-Zero Key Generation on Catastrophic RNG Failure | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0074 | Incorrect Output of Incremental Portable SHAKE API | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0073 | Panic in Standalone MAC Operations | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2025-0155 | `rands` was removed from crates.io for malicious code | 2025-02-10T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0124 | `bit-flags` was removed from crates.io for malicious code | 2023-12-22T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0123 | `hann-rs-service` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0122 | `winx-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0121 | `libusb1-main` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0120 | `windows-service-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0119 | `openvpn-plugin-rs` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0118 | `win_run_rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0117 | `tauri-winrt-notifications` was removed from crates.io for malicious code | 2023-11-20T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0116 | `registry-win` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0115 | `acceptxmr-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0114 | `tiny-server` was removed from crates.io for malicious code | 2023-11-06T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0113 | `win-base64-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0112 | `monero-rpc-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |