Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-34386 | Fleet vulnerable to SQL injection in MDM bootstrap pa… |
fleetdm |
fleet |
2026-03-27T18:30:10.512Z | 2026-03-30T19:02:07.123Z | |
| cve-2026-34385 | Fleet's Apple MDM profile delivery has second-order SQ… |
fleetdm |
fleet |
2026-03-27T18:29:05.556Z | 2026-03-31T18:54:35.661Z | |
| cve-2026-29180 | Fleet's team maintainer can transfer hosts from any te… |
fleetdm |
fleet |
2026-03-27T18:27:15.576Z | 2026-03-31T18:54:40.828Z | |
| cve-2026-4970 | code-projects Social Networking Site Endpoint delete_p… |
code-projects |
Social Networking Site |
2026-03-27T18:24:14.173Z | 2026-03-30T19:02:33.126Z | |
| cve-2026-4969 | code-projects Social Networking Site Alert home.php cr… |
code-projects |
Social Networking Site |
2026-03-27T18:24:11.735Z | 2026-03-31T13:42:07.140Z | |
| cve-2026-26061 | Fleet's unbounded request body read allows remote Deni… |
fleetdm |
fleet |
2026-03-27T18:23:49.791Z | 2026-03-31T13:38:29.843Z | |
| cve-2026-26060 | Fleet: Password reset tokens remain valid after passwo… |
fleetdm |
fleet |
2026-03-27T18:22:43.244Z | 2026-03-27T19:32:38.862Z | |
| cve-2026-34375 | AVideo Vulnerable to Reflected XSS via Unsanitized plu… |
WWBN |
AVideo |
2026-03-27T18:17:32.604Z | 2026-03-31T13:36:50.491Z | |
| cve-2026-34374 | AVideo has SQL Injection in Live_schedule::keyExists()… |
WWBN |
AVideo |
2026-03-27T18:16:22.155Z | 2026-03-27T19:33:12.013Z | |
| cve-2025-15612 | 6.3 (v4.0) 4.8 (v3.1) | Wazuh Provisioning Scripts / Build Infrastructure Impr… |
Wazuh |
Wazuh Provisioning Scripts (Agent Build Environment) |
2026-03-27T18:16:11.058Z | 2026-03-31T13:35:46.422Z |
| cve-2026-34369 | AVIdeo has Video Password Protection Bypass via API En… |
WWBN |
AVideo |
2026-03-27T18:13:23.534Z | 2026-03-30T19:03:08.076Z | |
| cve-2026-34368 | AVideo Vulnerable to Wallet Balance Double-Spend via T… |
WWBN |
AVideo |
2026-03-27T18:12:18.760Z | 2026-03-30T19:03:46.321Z | |
| cve-2026-34364 | AVideo has User Group-Based Category Access Control By… |
WWBN |
AVideo |
2026-03-27T18:11:05.866Z | 2026-03-27T19:56:56.507Z | |
| cve-2025-15617 | 6.3 (v4.0) 6.5 (v3.1) | Wazuh GitHub Actions Workflow Exposure of Sensitive Cr… |
Wazuh |
Wazuh (GitHub Actions) |
2026-03-27T18:04:13.691Z | 2026-03-31T14:34:15.734Z |
| cve-2026-4968 | SourceCodester Diary App diary.php cross-site request … |
SourceCodester |
Diary App |
2026-03-27T17:41:52.979Z | 2026-03-27T22:17:15.085Z | |
| cve-2026-4966 | itsourcecode Free Hotel Reservation System index.php s… |
itsourcecode |
Free Hotel Reservation System |
2026-03-27T17:41:49.607Z | 2026-03-27T22:08:05.053Z | |
| cve-2026-4965 | letta-ai letta Incomplete Fix CVE-2025-6101 ast_parser… |
letta-ai |
letta |
2026-03-27T17:41:46.743Z | 2026-03-27T22:07:55.514Z | |
| cve-2026-4964 | letta-ai letta File URL message_helper.py _convert_mes… |
letta-ai |
letta |
2026-03-27T17:05:22.689Z | 2026-03-31T15:11:01.435Z | |
| cve-2026-4963 | huggingface smolagents Incomplete Fix CVE-2025-9959 lo… |
huggingface |
smolagents |
2026-03-27T17:05:20.096Z | 2026-03-31T13:32:41.488Z | |
| cve-2026-4962 | UltraVNC Service version.dll uncontrolled search path |
n/a |
UltraVNC |
2026-03-27T17:05:16.691Z | 2026-03-27T22:07:28.414Z | |
| cve-2026-34362 | AVideo's WebSocket Token Never Expires Due to Commente… |
WWBN |
AVideo |
2026-03-27T16:42:28.779Z | 2026-03-31T13:30:30.433Z | |
| cve-2026-34247 | AVideo's IDOR in uploadPoster.php Allows Any Authentic… |
WWBN |
AVideo |
2026-03-27T16:39:05.219Z | 2026-03-27T17:29:15.757Z | |
| cve-2025-15616 | 7.1 (v4.0) 6.7 (v3.1) | Wazuh Agent and Manager OS Command Injection and Untru… |
Wazuh |
wazuh-agent |
2026-03-27T16:38:20.559Z | 2026-03-27T19:46:04.116Z |
| cve-2026-34245 | AVideo's Missing Authorization in Playlist Schedule Cr… |
WWBN |
AVideo |
2026-03-27T16:32:35.615Z | 2026-03-31T15:10:30.387Z | |
| cve-2026-33867 | AVideo has Plaintext Video Password Storage |
WWBN |
AVideo |
2026-03-27T16:30:17.182Z | 2026-03-27T19:57:15.696Z | |
| cve-2026-34411 | 6.9 (v4.0) 5.3 (v3.1) | Appsmith < 1.98 Unauthenticated Instance Configuration… |
Appsmith |
Appsmith |
2026-03-27T16:24:16.385Z | 2026-03-27T19:57:26.175Z |
| cve-2025-15615 | 6.9 (v4.0) 6.5 (v3.1) | Wazuh Manager authd service Improper SSL/TLS Renegotia… |
Wazuh |
wazuh-manager |
2026-03-27T16:23:03.804Z | 2026-03-27T19:43:38.523Z |
| cve-2025-15381 | Unauthorized Access to Tracing and Assessment Endpoint… |
mlflow |
mlflow/mlflow |
2026-03-27T16:17:30.328Z | 2026-03-28T03:55:49.775Z | |
| cve-2026-33770 | AVideo has SQL Injection in category.php fixCleanTitle… |
WWBN |
AVideo |
2026-03-27T16:13:51.872Z | 2026-03-31T13:29:27.273Z | |
| cve-2026-28369 | 8.7 (v3.1) | Undertow: undertow: request smuggling via malformed ht… |
Red Hat |
Red Hat build of Apache Camel for Spring Boot 4 |
2026-03-27T16:13:05.719Z | 2026-04-08T08:29:32.945Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2018-avi-394 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-393 | Multiples vulnérabilités dans les produits Cisco | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-392 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-391 | Multiples vulnérabilités dans Citrix XenServer | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-390 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-389 | Multiples vulnérabilités dans les produits Adobe | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-388 | Multiples vulnérabilités dans Xen | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-387 | Multiples vulnérabilités dans les produits Intel | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-386 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-385 | Multiples vulnérabilités dans les produits VMware | 2018-08-16T00:00:00.000000 | 2018-08-16T00:00:00.000000 |
| certfr-2018-avi-384 | Multiples vulnérabilités dans Samba | 2018-08-14T00:00:00.000000 | 2018-08-14T00:00:00.000000 |
| certfr-2018-avi-383 | Vulnérabilité dans Oracle Database Server | 2018-08-13T00:00:00.000000 | 2018-08-13T00:00:00.000000 |
| certfr-2018-avi-382 | Vulnérabilité dans le noyau Linux de SUSE | 2018-08-10T00:00:00.000000 | 2018-08-10T00:00:00.000000 |
| certfr-2018-avi-381 | Multiples vulnérabilités dans Google Chrome | 2018-08-10T00:00:00.000000 | 2018-08-10T00:00:00.000000 |
| certfr-2018-avi-380 | Vulnérabilité dans BIND | 2018-08-09T00:00:00.000000 | 2018-08-09T00:00:00.000000 |
| certfr-2018-avi-379 | Vulnérabilité dans VMware Horizon | 2018-08-08T00:00:00.000000 | 2018-08-08T00:00:00.000000 |
| certfr-2018-avi-378 | Multiples vulnérabilités dans Google Chrome OS | 2018-08-08T00:00:00.000000 | 2018-08-08T00:00:00.000000 |
| certfr-2018-avi-377 | Vulnérabilité dans Moxa NPort | 2018-08-08T00:00:00.000000 | 2018-08-08T00:00:00.000000 |
| certfr-2018-avi-376 | Multiples vulnérabilités dans SCADA les produits Siemens | 2018-08-07T00:00:00.000000 | 2018-08-07T00:00:00.000000 |
| certfr-2018-avi-375 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-07T00:00:00.000000 | 2018-08-07T00:00:00.000000 |
| certfr-2018-avi-374 | Vulnérabilité dans le noyau Linux d'Ubuntu | 2018-08-07T00:00:00.000000 | 2018-08-07T00:00:00.000000 |
| certfr-2018-avi-373 | Multiples vulnérabilités dans Mozilla Thunderbird | 2018-08-07T00:00:00.000000 | 2018-08-07T00:00:00.000000 |
| certfr-2018-avi-372 | Multiples vulnérabilités dans Google Android | 2018-08-07T00:00:00.000000 | 2018-08-07T00:00:00.000000 |
| certfr-2018-avi-371 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-03T00:00:00.000000 | 2018-08-06T00:00:00.000000 |
| certfr-2018-avi-370 | Vulnérabilité dans Drupal | 2018-08-02T00:00:00.000000 | 2018-08-02T00:00:00.000000 |
| certfr-2018-avi-369 | Vulnérabilité dans Cisco Prime Collaboration Provisioning | 2018-08-02T00:00:00.000000 | 2018-08-02T00:00:00.000000 |
| certfr-2018-avi-368 | Vulnérabilité dans le noyau Linux de RedHat | 2018-08-01T00:00:00.000000 | 2018-08-01T00:00:00.000000 |
| certfr-2018-avi-367 | Multiples vulnérabilités dans Google Chrome | 2018-08-01T00:00:00.000000 | 2018-08-01T00:00:00.000000 |
| certfr-2018-avi-366 | Multiples vulnérabilités dans Tenable SecurityCenter | 2018-08-01T00:00:00.000000 | 2018-08-01T00:00:00.000000 |
| certfr-2018-avi-365 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2018-08-01T00:00:00.000000 | 2018-08-01T00:00:00.000000 |