Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-40286 | WeGIA has Cross-Site Scripting in Controle de Contribuição |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:27:59.131Z | 2026-04-20T15:49:44.569Z | |
| cve-2026-23500 | Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_P… |
Dolibarr |
dolibarr |
2026-04-17T20:25:49.843Z | 2026-04-18T03:06:20.406Z | |
| cve-2026-40285 | WeGIA has SQL Injection via Session Variable Override … |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:25:33.185Z | 2026-04-20T16:21:07.084Z | |
| cve-2026-40527 | 8.5 (v4.0) 7.8 (v3.1) | radare2 Command Injection via DWARF Parameter Names |
radareorg |
radare2 |
2026-04-17T20:25:20.143Z | 2026-04-20T14:20:04.639Z |
| cve-2026-40284 | WeGIA has stored XSS in listar_despachos.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:24:10.282Z | 2026-04-20T16:26:32.113Z | |
| cve-2026-35512 | xrdp: Heap buffer overflow in EGFX channel |
neutrinolabs |
xrdp |
2026-04-17T20:21:59.868Z | 2026-04-22T03:55:37.686Z | |
| cve-2026-40282 | WeGIA has stored XSS in intercorrencia_visualizar.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:16:46.878Z | 2026-04-20T14:57:55.798Z | |
| cve-2026-33689 | xrdp: Pre-authentication out-of-bounds reads in channe… |
neutrinolabs |
xrdp |
2026-04-17T20:16:31.248Z | 2026-04-20T16:21:39.933Z | |
| cve-2026-33145 | xrdp: Authenticated RCE via unsanitized AlternateShell… |
neutrinolabs |
xrdp |
2026-04-17T20:14:14.048Z | 2026-04-22T13:57:26.244Z | |
| cve-2026-40283 | WeGIA has stored XSS in profile_paciente.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:03:14.016Z | 2026-04-20T14:58:05.365Z | |
| cve-2026-32624 | xrdp: Heap buffer overflow in xrdp_sec_process_logon_i… |
neutrinolabs |
xrdp |
2026-04-17T19:58:08.687Z | 2026-04-20T16:22:13.525Z | |
| cve-2026-33516 | xrdp: Pre-authentication out-of-bounds reads in RDP ca… |
neutrinolabs |
xrdp |
2026-04-17T19:56:11.990Z | 2026-04-20T15:43:53.801Z | |
| cve-2026-32650 | 7.5 (v3.1) | Anviz CrossChex Standard Algorithm Downgrade |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:52:45.308Z | 2026-04-17T20:26:17.922Z |
| cve-2026-40434 | 8.1 (v3.1) | Anviz CrossChex Standard Improper Verification of Sour… |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:49:28.099Z | 2026-04-17T20:28:02.785Z |
| cve-2026-35682 | 8.8 (v3.1) | Anviz CX2 Lite Command Injection |
Anviz |
Anviz CX2 Lite Firmware |
2026-04-17T19:46:26.716Z | 2026-04-17T20:30:18.510Z |
| cve-2026-32623 | xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly |
neutrinolabs |
xrdp |
2026-04-17T19:43:58.682Z | 2026-04-22T03:55:35.336Z | |
| cve-2026-40066 | 8.8 (v3.1) | Anviz Products Download of Code Without Integrity Check |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:43:20.709Z | 2026-04-17T20:00:36.786Z |
| cve-2026-35546 | 9.8 (v3.1) | Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:39:25.110Z | 2026-04-17T20:05:28.411Z |
| cve-2026-40461 | 7.5 (v3.1) | Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:36:29.842Z | 2026-04-17T20:03:18.872Z |
| cve-2026-32648 | 5.3 (v3.1) | Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:34:21.522Z | 2026-04-17T20:09:05.861Z |
| cve-2026-33569 | 6.5 (v3.1) | Anviz Products Cleartext Transmission of Sensitive Inf… |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:30:46.066Z | 2026-04-17T20:32:48.104Z |
| cve-2026-32105 | xrdp: RDP MAC signature (dataSignature) never verified… |
neutrinolabs |
xrdp |
2026-04-17T19:27:39.809Z | 2026-04-20T16:22:50.262Z | |
| cve-2026-32107 | xrdp: Fail-open privilege drop in sesexec — child proc… |
neutrinolabs |
xrdp |
2026-04-17T19:25:20.274Z | 2026-04-22T03:55:34.190Z | |
| cve-2026-31927 | 4.9 (v3.1) | Anviz CX7 Firmware Relative Path Traversal |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:24:53.893Z | 2026-04-17T20:34:41.679Z |
| cve-2026-40342 | Firebird: Path Traversal + Arbitrary File Write Leads … |
FirebirdSQL |
firebird |
2026-04-17T19:22:46.644Z | 2026-04-22T13:56:49.927Z | |
| cve-2026-32324 | 7.7 (v3.1) | Anviz CX7 Firmware Use of Hard-coded Cryptographic Key |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:22:12.097Z | 2026-04-17T20:10:48.189Z |
| cve-2026-35061 | 5.3 (v3.1) | Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:19:25.884Z | 2026-04-17T20:07:00.826Z |
| cve-2026-33093 | 5.3 (v3.1) | Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:17:15.274Z | 2026-04-17T19:54:36.104Z |
| cve-2026-35215 | Firebird: DoS via malicious slice descriptor in slice packet |
FirebirdSQL |
firebird |
2026-04-17T18:59:23.663Z | 2026-04-20T15:40:39.510Z | |
| cve-2026-34232 | Firebird: DoS via `op_response` packet from client |
FirebirdSQL |
firebird |
2026-04-17T18:52:11.693Z | 2026-04-20T13:46:08.507Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-000054 | Inkdrop vulnerable to OS command injection | 2021-06-22T15:06+09:00 | 2021-06-22T15:06+09:00 |
| jvndb-2021-000053 | Hitachi Virtual File Platform vulnerable to OS command injection | 2021-06-18T15:45+09:00 | 2021-06-18T15:45+09:00 |
| jvndb-2021-000052 | Hitachi Application Server Help vulnerable cross-site scripting | 2021-06-17T15:11+09:00 | 2021-06-17T15:11+09:00 |
| jvndb-2021-000051 | Multiple cross-site scripting vulnerabilities in multiple EC-CUBE plugins provided by EC-CUBE | 2021-06-16T16:18+09:00 | 2021-06-16T16:18+09:00 |
| jvndb-2021-000049 | Multiple ETUNA EC-CUBE plugins vulnerable to cross-site scripting | 2021-06-15T16:09+09:00 | 2021-06-16T11:52+09:00 |
| jvndb-2021-000050 | Multiple vulnerabilities in GROWI | 2021-06-14T15:10+09:00 | 2021-06-14T15:10+09:00 |
| jvndb-2021-000048 | Asken App for Android fails to restrict custom URL schemes properly | 2021-06-14T15:10+09:00 | 2021-06-14T15:10+09:00 |
| jvndb-2021-000047 | WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting | 2021-06-11T15:24+09:00 | 2021-06-11T15:24+09:00 |
| jvndb-2021-001756 | urllib3 vulnerable to Regular expression Denial-of-Service (ReDoS) | 2021-06-08T12:21+09:00 | 2021-06-08T12:21+09:00 |
| jvndb-2021-000046 | ATOM - Smart life App vulnerable to improper server certificate verification | 2021-06-03T14:05+09:00 | 2021-06-03T14:05+09:00 |
| jvndb-2021-000045 | goo blog App fails to restrict custom URL schemes properly | 2021-06-02T15:46+09:00 | 2021-06-02T15:46+09:00 |
| jvndb-2021-001575 | Multiple vulnerabilities in Buffalo WSR-1166DHP3 and WSR-1166DHP4 routers | 2021-06-01T15:18+09:00 | 2021-06-01T15:18+09:00 |
| jvndb-2021-000044 | Zettlr vulnerable to cross-site scripting | 2021-05-26T14:50+09:00 | 2021-06-03T16:21+09:00 |
| jvndb-2021-001506 | Hitachi Ops Center Analyzer vulnerability of communication using a certificate not intended by the user | 2021-05-25T14:11+09:00 | 2021-05-25T14:11+09:00 |
| jvndb-2021-000041 | The installers of ScanSnap Manager may insecurely load Dynamic Link Libraries | 2021-05-21T16:34+09:00 | 2021-05-21T16:34+09:00 |
| jvndb-2021-000043 | Installer of Overwolf may insecurely load Dynamic Link Libraries | 2021-05-21T16:07+09:00 | 2021-05-21T16:07+09:00 |
| jvndb-2021-000042 | Multiple cross-site scripting vulnerabilities in multiple PHP Factory products | 2021-05-21T15:38+09:00 | 2021-05-21T15:38+09:00 |
| jvndb-2021-000040 | QND vulnerable to privilege escalation | 2021-05-21T14:21+09:00 | 2021-05-21T14:21+09:00 |
| jvndb-2021-000037 | mod_auth_openidc vulnerable to denial-of-service (DoS) | 2021-05-14T15:35+09:00 | 2021-05-14T15:35+09:00 |
| jvndb-2021-000038 | Multiple vulnerabilities in Cisco Small Business Series Wireless Access Points | 2021-05-14T15:26+09:00 | 2021-05-14T15:26+09:00 |
| jvndb-2021-000039 | RFNTPS vulnerable to OS command injection | 2021-05-13T16:05+09:00 | 2021-05-13T16:05+09:00 |
| jvndb-2021-000036 | Multiple vulnerabilities in KonaWiki2 | 2021-05-13T16:05+09:00 | 2021-05-13T16:05+09:00 |
| jvndb-2021-000035 | EC-CUBE vulnerable to cross-site scripting | 2021-05-10T18:08+09:00 | 2021-05-10T18:08+09:00 |
| jvndb-2021-001380 | Multiple Buffalo network devices contain hidden functionality | 2021-04-28T16:15+09:00 | 2021-05-07T16:16+09:00 |
| jvndb-2021-001381 | Multiple vulnerabilities in Buffalo broadband routers | 2021-04-28T16:14+09:00 | 2021-05-07T16:28+09:00 |
| jvndb-2021-000034 | WordPress plugin "WP Fastest Cache" vulnerable to directory traversal | 2021-04-27T17:12+09:00 | 2021-04-27T17:12+09:00 |
| jvndb-2021-000033 | Hot Pepper Gourmet App fails to restrict access permissions | 2021-04-27T17:10+09:00 | 2023-03-08T17:02+09:00 |
| jvndb-2021-000909 | yappa-ng vulnerable to cross-site scripting | 2021-04-22T16:33+09:00 | 2021-04-22T16:33+09:00 |
| jvndb-2021-001374 | Trend Micro Password Manager may insecurely load Dynamic Link Libraries | 2021-04-20T12:25+09:00 | 2021-04-20T12:25+09:00 |
| jvndb-2021-000031 | Gurunavi Apps fail to restrict access permissions | 2021-04-14T17:22+09:00 | 2023-03-08T17:02+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0692 | Multiples vulnérabilités dans Ruby on Rails | 2025-08-14T00:00:00.000000 | 2025-08-14T00:00:00.000000 |
| certfr-2025-avi-0691 | Vulnérabilité dans Nginx | 2025-08-14T00:00:00.000000 | 2025-08-14T00:00:00.000000 |
| certfr-2025-avi-0690 | Multiples vulnérabilités dans GitLab | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0689 | Multiples vulnérabilités dans les produits Microsoft | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0688 | Multiples vulnérabilités dans Microsoft Azure | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0687 | Multiples vulnérabilités dans Microsoft Windows | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0686 | Multiples vulnérabilités dans Microsoft Office | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0685 | Multiples vulnérabilités dans Microsoft Edge | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0684 | Multiples vulnérabilités dans les produits Intel | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0683 | Multiples vulnérabilités dans les produits Ivanti | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0682 | Multiples vulnérabilités dans Liferay | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0681 | Multiples vulnérabilités dans Google Chrome | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0680 | Multiples vulnérabilités dans les produits FoxIT | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0679 | Multiples vulnérabilités dans les produits Fortinet | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0678 | Multiples vulnérabilités dans les produits Adobe | 2025-08-13T00:00:00.000000 | 2025-08-13T00:00:00.000000 |
| certfr-2025-avi-0677 | Multiples vulnérabilités dans les produits Siemens | 2025-08-12T00:00:00.000000 | 2025-08-12T00:00:00.000000 |
| certfr-2025-avi-0676 | Multiples vulnérabilités dans les produits Schneider Electric | 2025-08-12T00:00:00.000000 | 2025-08-12T00:00:00.000000 |
| certfr-2025-avi-0675 | Vulnérabilité dans Liferay | 2025-08-12T00:00:00.000000 | 2025-08-12T00:00:00.000000 |
| certfr-2025-avi-0674 | Multiples vulnérabilités dans les produits SAP | 2025-08-12T00:00:00.000000 | 2025-08-12T00:00:00.000000 |
| certfr-2025-avi-0673 | Vulnérabilité dans Centreon Gorgone | 2025-08-12T00:00:00.000000 | 2025-08-12T00:00:00.000000 |
| certfr-2025-avi-0672 | Multiples vulnérabilités dans Liferay | 2025-08-11T00:00:00.000000 | 2025-08-11T00:00:00.000000 |
| certfr-2025-avi-0671 | Multiples vulnérabilités dans les produits IBM | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0670 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0669 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0668 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0667 | Multiples vulnérabilités dans Juniper Secure Analytics | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0666 | Multiples vulnérabilités dans Microsoft Azure | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0665 | Multiples vulnérabilités dans Microsoft Office | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0664 | Multiples vulnérabilités dans Microsoft Edge | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |
| certfr-2025-avi-0663 | Multiples vulnérabilités dans GnuTLS | 2025-08-08T00:00:00.000000 | 2025-08-08T00:00:00.000000 |