Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33419 | MinIO: LDAP login brute-force via user enumeration and… |
minio |
minio |
2026-03-24T19:05:30.937Z | 2026-03-25T13:24:44.452Z | |
| cve-2026-33322 | MinIO: JWT Algorithm Confusion in OIDC Authentication |
minio |
minio |
2026-03-24T19:05:04.705Z | 2026-03-25T14:28:14.561Z | |
| cve-2026-33511 | pyload-ng: Authentication Bypass via Host Header Injec… |
pyload |
pyload |
2026-03-24T18:56:08.886Z | 2026-03-25T14:28:19.605Z | |
| cve-2026-33509 | pyload-ng: SETTINGS Permission Users Can Achieve Remot… |
pyload |
pyload |
2026-03-24T18:55:37.033Z | 2026-03-26T19:52:12.902Z | |
| cve-2026-33314 | pyload-ng: Improper Authentication and Origin Validati… |
pyload |
pyload |
2026-03-24T18:52:28.834Z | 2026-03-26T19:52:13.088Z | |
| cve-2026-32948 | sbt: Source dependency feature (via crafted VCS URL) l… |
sbt |
sbt |
2026-03-24T18:48:30.620Z | 2026-03-26T13:21:23.354Z | |
| cve-2026-30932 | Froxlor is vulnerable to BIND zone file injection via … |
froxlor |
froxlor |
2026-03-24T18:46:13.137Z | 2026-03-25T13:31:13.459Z | |
| cve-2026-33769 | Astro: Remote allowlist bypass via unanchored matchPat… |
withastro |
astro |
2026-03-24T18:44:29.169Z | 2026-03-24T20:13:25.845Z | |
| cve-2026-33768 | Astro: Unauthenticated Path Override via `x-astro-path… |
withastro |
astro |
2026-03-24T18:40:12.549Z | 2026-03-24T18:53:24.069Z | |
| cve-2026-29772 | Astro: Memory exhaustion DoS due to missing request bo… |
withastro |
astro |
2026-03-24T18:38:02.733Z | 2026-03-24T20:17:11.483Z | |
| cve-2026-33627 | Parse Server: Auth data exposed via /users/me endpoint |
parse-community |
parse-server |
2026-03-24T18:31:14.703Z | 2026-03-25T13:38:33.224Z | |
| cve-2026-23924 | 6.1 (v4.0) | Agent 2 Docker plugin arbitrary file read via Docker A… |
Zabbix |
Zabbix |
2026-03-24T18:30:00.615Z | 2026-03-25T19:25:38.321Z |
| cve-2026-23923 | 6.9 (v4.0) | Unauthenticated arbitrary PHP class instantiation |
Zabbix |
Zabbix |
2026-03-24T18:29:23.165Z | 2026-03-25T19:25:01.128Z |
| cve-2026-33624 | Parse Server: MFA recovery code single-use bypass via … |
parse-community |
parse-server |
2026-03-24T18:28:52.114Z | 2026-03-25T14:28:24.585Z | |
| cve-2026-23921 | 8.7 (v4.0) | Blind, read-only SQL injection in Zabbix API via sortf… |
Zabbix |
Zabbix |
2026-03-24T18:28:41.491Z | 2026-03-26T03:55:36.177Z |
| cve-2026-23920 | 7.7 (v4.0) | Host and event action script regex validation can be b… |
Zabbix |
Zabbix |
2026-03-24T18:27:52.882Z | 2026-03-26T03:55:29.372Z |
| cve-2026-33539 | Parse Server: SQL injection via aggregate and distinct… |
parse-community |
parse-server |
2026-03-24T18:26:56.046Z | 2026-03-26T19:52:13.216Z | |
| cve-2026-23919 | 7.1 (v4.0) | Insufficient isolation of JavaScript (Duktape) executi… |
Zabbix |
Zabbix |
2026-03-24T18:26:43.877Z | 2026-04-22T07:06:32.148Z |
| cve-2026-33538 | Parse Server: Denial of service via unindexed database… |
parse-community |
parse-server |
2026-03-24T18:24:51.595Z | 2026-03-24T18:37:24.020Z | |
| cve-2026-33527 | Parse Server: Session update endpoint allows overwriti… |
parse-community |
parse-server |
2026-03-24T18:22:44.613Z | 2026-03-24T20:36:39.104Z | |
| cve-2026-33508 | Parse Server: LiveQuery subscription query depth bypass |
parse-community |
parse-server |
2026-03-24T18:21:08.477Z | 2026-03-25T14:28:29.657Z | |
| cve-2026-33498 | Parse Server: Query condition depth bypass via pre-val… |
parse-community |
parse-server |
2026-03-24T18:18:44.587Z | 2026-03-26T19:52:13.415Z | |
| cve-2026-33429 | Parse Server: Protected field change detection oracle … |
parse-community |
parse-server |
2026-03-24T18:16:35.414Z | 2026-03-25T13:34:05.792Z | |
| cve-2026-33421 | Parse Server: LiveQuery bypasses CLP pointer permissio… |
parse-community |
parse-server |
2026-03-24T18:14:30.444Z | 2026-03-24T20:21:04.887Z | |
| cve-2026-33409 | Parse Server: Auth provider validation bypass on login… |
parse-community |
parse-server |
2026-03-24T18:11:36.824Z | 2026-03-25T13:39:23.559Z | |
| cve-2026-2417 | 9.3 (v4.0) | Missing Authentication for Critical Function in Pharos… |
Pharos Controls |
Mosaic Show Controller |
2026-03-24T18:06:32.303Z | 2026-03-24T18:38:05.206Z |
| cve-2026-33323 | Parse Server: Email verification resend page leaks use… |
parse-community |
parse-server |
2026-03-24T18:06:32.189Z | 2026-03-25T14:28:34.748Z | |
| cve-2026-33417 | Wallos: Password Reset Tokens Never Expire |
ellite |
Wallos |
2026-03-24T18:01:07.765Z | 2026-03-24T18:37:53.873Z | |
| cve-2026-1995 | N/A | IDrive Cloud Backup Client for Windows contains a priv… |
IDrive |
IDrive Cloud Backup Client for Windows |
2026-03-24T18:00:15.664Z | 2026-03-25T13:14:39.639Z |
| cve-2026-33401 | Wallos: Incomplete fix for CVE-2026-30840 - SSRF in AI… |
ellite |
Wallos |
2026-03-24T17:58:47.336Z | 2026-03-24T18:11:38.820Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2015-avi-147 | Multiples vulnérabilités dans les produits Apple | 2015-04-13T00:00:00.000000 | 2015-04-13T00:00:00.000000 |
| certfr-2015-avi-146 | Multiples vulnérabilités dans les produits Juniper | 2015-04-13T00:00:00.000000 | 2015-04-13T00:00:00.000000 |
| certfr-2015-avi-145 | Multiples vulnérabilités dans IBM Systems Director Storage Control | 2015-04-10T00:00:00.000000 | 2015-04-10T00:00:00.000000 |
| certfr-2015-avi-144 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2015-04-10T00:00:00.000000 | 2015-04-10T00:00:00.000000 |
| certfr-2015-avi-143 | Vulnérabilité dans les produits Cisco | 2015-04-09T00:00:00.000000 | 2015-04-09T00:00:00.000000 |
| certfr-2015-avi-142 | Multiples vulnérabilités dans les produits Cisco | 2015-04-09T00:00:00.000000 | 2015-04-09T00:00:00.000000 |
| certfr-2015-avi-141 | Multiples vulnérabilités dans Apple Safari | 2015-04-09T00:00:00.000000 | 2015-04-09T00:00:00.000000 |
| certfr-2015-avi-140 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2015-04-09T00:00:00.000000 | 2015-04-09T00:00:00.000000 |
| certfr-2015-avi-139 | Multiples vulnérabilités dans Apple Macintosh OS X | 2015-04-09T00:00:00.000000 | 2015-04-09T00:00:00.000000 |
| certfr-2015-avi-138 | Multiples vulnérabilités dans SCADA Siemens SIMATIC | 2015-04-08T00:00:00.000000 | 2015-04-08T00:00:00.000000 |
| certfr-2015-avi-137 | Vulnérabilité dans IBM Tivoli Storage Manager FastBack | 2015-04-08T00:00:00.000000 | 2015-04-08T00:00:00.000000 |
| certfr-2015-avi-136 | Multiples vulnérabilités dans Red Hat Enterprise Linux Server | 2015-04-08T00:00:00.000000 | 2015-04-08T00:00:00.000000 |
| certfr-2015-avi-135 | Vulnérabilité dans Cisco Prime DCNM | 2015-04-02T00:00:00.000000 | 2015-04-02T00:00:00.000000 |
| certfr-2015-avi-134 | Multiples vulnérabilités dans Cisco Unity Connection | 2015-04-02T00:00:00.000000 | 2015-04-02T00:00:00.000000 |
| certfr-2015-avi-133 | Multiples vulnérabilités dans Google Chrome | 2015-04-02T00:00:00.000000 | 2015-04-02T00:00:00.000000 |
| certfr-2015-avi-132 | Multiples vulnérabilités dans les produits Schneider Electric | 2015-04-01T00:00:00.000000 | 2015-04-01T00:00:00.000000 |
| certfr-2015-avi-131 | Multiples vulnérabilités dans les produits Mozilla | 2015-04-01T00:00:00.000000 | 2015-04-01T00:00:00.000000 |
| certfr-2015-avi-130 | Multiples vulnérabilités dans Xen | 2015-04-01T00:00:00.000000 | 2015-04-01T00:00:00.000000 |
| certfr-2015-avi-129 | Vulnérabilité dans Huawei Campus Switch | 2015-03-31T00:00:00.000000 | 2015-03-31T00:00:00.000000 |
| certfr-2015-avi-128 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2015-03-27T00:00:00.000000 | 2015-03-27T00:00:00.000000 |
| certfr-2015-avi-127 | Multiples vulnérabilités dans Citrix Command Center | 2015-03-26T00:00:00.000000 | 2015-03-26T00:00:00.000000 |
| certfr-2015-avi-126 | Vulnérabilité dans EMC Isilon OneFS | 2015-03-26T00:00:00.000000 | 2015-03-26T00:00:00.000000 |
| certfr-2015-avi-125 | Multiples vulnérabilités dans les produits Cisco | 2015-03-26T00:00:00.000000 | 2015-03-26T00:00:00.000000 |
| certfr-2015-avi-124 | Vulnérabilité dans Cisco IOS XR | 2015-03-25T00:00:00.000000 | 2015-03-25T00:00:00.000000 |
| certfr-2015-avi-123 | Vulnérabilité dans Cisco WebEx Meetings Server | 2015-03-24T00:00:00.000000 | 2015-03-24T00:00:00.000000 |
| certfr-2015-avi-122 | Vulnérabilité dans Cisco IOS | 2015-03-24T00:00:00.000000 | 2015-03-24T00:00:00.000000 |
| certfr-2015-avi-121 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2015-03-24T00:00:00.000000 | 2015-03-24T00:00:00.000000 |
| certfr-2015-avi-120 | Vulnérabilité dans IBM Rational ClearCase | 2015-03-23T00:00:00.000000 | 2015-03-23T00:00:00.000000 |
| certfr-2015-avi-119 | Multiples vulnérabilités dans Mozilla Firefox | 2015-03-23T00:00:00.000000 | 2015-03-23T00:00:00.000000 |
| certfr-2015-avi-118 | Multiples vulnérabilités dans Mac OS X Yosemite | 2015-03-20T00:00:00.000000 | 2015-03-20T00:00:00.000000 |