Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33337 | Firebird has a buffer overflow when parsing corrupted … |
FirebirdSQL |
firebird |
2026-04-17T18:48:47.953Z | 2026-04-17T19:21:17.132Z | |
| cve-2026-6437 | 6.5 (v3.1) 6.9 (v4.0) | AWS EFS CSI Driver Mount Option Injection |
Amazon |
AWS EFS CSI Driver |
2026-04-17T18:41:36.075Z | 2026-04-17T19:57:02.728Z |
| cve-2026-28224 | Firebird Null Pointer Dereference via CryptCallback ca… |
FirebirdSQL |
firebird |
2026-04-17T18:38:58.138Z | 2026-04-17T19:31:38.952Z | |
| cve-2026-28214 | Firebird server hangs when using specific clumplet on … |
FirebirdSQL |
firebird |
2026-04-17T18:35:46.974Z | 2026-04-20T13:46:08.635Z | |
| cve-2026-40525 | 9.1 (v4.0) 9.1 (v3.1) | OpenViking < 0.3.9 Authentication Bypass via VikingBot… |
volcengine |
OpenViking |
2026-04-17T18:19:12.315Z | 2026-04-21T13:34:32.327Z |
| cve-2026-27890 | Firebird has Pre-Auth DOS when Processing Out of Order… |
FirebirdSQL |
firebird |
2026-04-17T18:14:29.433Z | 2026-04-17T18:50:22.134Z | |
| cve-2026-28212 | Firebird has potential server crash via null pointer d… |
FirebirdSQL |
firebird |
2026-04-17T18:05:25.854Z | 2026-04-20T13:46:08.904Z | |
| cve-2025-65104 | Firebird: Information leak vulnerability in firebird3 … |
FirebirdSQL |
firebird |
2026-04-17T17:47:42.109Z | 2026-04-17T18:25:11.941Z | |
| cve-2026-5718 | Drag and Drop Multiple File Upload for Contact Form 7 … |
glenwpcoder |
Drag and Drop Multiple File Upload for Contact Form 7 |
2026-04-17T17:25:55.466Z | 2026-04-17T18:34:48.917Z | |
| cve-2026-5710 | Drag and Drop Multiple File Upload for Contact Form 7 … |
glenwpcoder |
Drag and Drop Multiple File Upload for Contact Form 7 |
2026-04-17T17:25:54.940Z | 2026-04-17T17:50:00.362Z | |
| cve-2026-40320 | Giskard has an Unsandboxed Jinja2 Template Rendering i… |
Giskard-AI |
giskard-oss |
2026-04-17T17:25:50.449Z | 2026-04-20T13:46:09.036Z | |
| cve-2026-40319 | Giskard has a Regular Expression Denial of Service (Re… |
Giskard-AI |
giskard-oss |
2026-04-17T17:16:37.676Z | 2026-04-20T13:46:09.167Z | |
| cve-2026-40518 | 7.1 (v4.0) 7.1 (v3.1) | ByteDance DeerFlow Path Traversal and Arbitrary File W… |
bytedance |
deer-flow |
2026-04-17T16:43:42.387Z | 2026-04-17T18:35:51.128Z |
| cve-2026-3464 | WP Customer Area <= 8.3.4 - Authenticated (Subscriber+… |
aguilatechnologies |
WP Customer Area |
2026-04-17T16:26:50.576Z | 2026-04-17T18:37:36.472Z | |
| cve-2026-21733 | N/A | GPU DDK - Incorrect flags validation in RGXDerivePTEPr… |
Imagination Technologies |
Graphics DDK |
2026-04-17T16:08:25.661Z | 2026-04-17T17:20:54.424Z |
| cve-2026-40516 | 7.8 (v4.0) 8.3 (v3.1) | OpenHarness SSRF via web_fetch and web_search |
HKUDS |
OpenHarness |
2026-04-17T16:02:09.082Z | 2026-04-17T16:27:11.780Z |
| cve-2026-40515 | 8.7 (v4.0) 7.5 (v3.1) | OpenHarness Permission Bypass via grep and glob root a… |
HKUDS |
OpenHarness |
2026-04-17T16:00:07.116Z | 2026-04-20T14:58:22.999Z |
| cve-2026-21709 | N/A | A vulnerability allowing a local attacker with ad… |
Veeam |
Backup and Replication |
2026-04-17T15:32:10.755Z | 2026-04-20T14:06:52.636Z |
| cve-2026-6497 | prasathmani TinyFileManager File Upload filemanager.ph… |
prasathmani |
TinyFileManager |
2026-04-17T15:30:12.319Z | 2026-04-17T18:39:49.310Z | |
| cve-2026-6284 | 9.3 (v4.0) 9.1 (v3.1) | Horner Automation Cscape and XL4, XL7 PLC Weak passwor… |
Horner Automation |
Cscape |
2026-04-17T15:14:06.346Z | 2026-04-20T14:58:32.621Z |
| cve-2026-6496 | prasathmani TinyFileManager POST Parameter filemanager… |
prasathmani |
TinyFileManager |
2026-04-17T14:30:12.997Z | 2026-04-17T16:35:16.121Z | |
| cve-2026-41153 | 5.8 (v3.1) | In JetBrains Junie before 252.549.29 command exec… |
JetBrains |
Junie |
2026-04-17T14:29:04.503Z | 2026-04-20T14:58:41.237Z |
| cve-2026-6493 | lukevella rallly Reset Password reset-password-form.ts… |
lukevella |
rallly |
2026-04-17T14:15:15.422Z | 2026-04-20T14:58:49.011Z | |
| cve-2026-6492 | arnobt78 Hotel Booking Management System Health Check … |
arnobt78 |
Hotel Booking Management System |
2026-04-17T14:00:15.221Z | 2026-04-17T14:32:34.042Z | |
| cve-2026-6491 | libvips nip2 vips7compat.c im_minpos_vec heap-based overflow |
n/a |
libvips |
2026-04-17T13:45:11.506Z | 2026-04-18T02:59:14.319Z | |
| cve-2026-40459 | 8.7 (v4.0) | LDAP Injection in PAC4J |
PAC4J |
PAC4J |
2026-04-17T13:18:39.181Z | 2026-04-17T13:54:22.069Z |
| cve-2026-40458 | 7 (v4.0) | Cross-Site Request Forgery in PAC4J |
PAC4J |
PAC4J |
2026-04-17T13:18:26.308Z | 2026-04-17T14:00:04.811Z |
| cve-2026-6490 | QueryMine sms GET Request Parameter deletecourse.php s… |
QueryMine |
sms |
2026-04-17T13:15:11.136Z | 2026-04-17T14:04:14.886Z | |
| cve-2026-6489 | QueryMine sms Background Management addteacher.php unr… |
QueryMine |
sms |
2026-04-17T13:00:21.493Z | 2026-04-17T16:36:28.077Z | |
| cve-2026-6488 | QueryMine sms GET Request Parameter editcourse.php sql… |
QueryMine |
sms |
2026-04-17T12:45:11.275Z | 2026-04-20T14:58:56.910Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-001345 | Information Disclosure Vulnerability in Cosminexus | 2021-04-13T16:46+09:00 | 2021-04-13T16:46+09:00 |
| jvndb-2021-001344 | Vulnerability in JP1/VERITAS | 2021-04-13T16:42+09:00 | 2021-04-13T16:42+09:00 |
| jvndb-2021-001343 | D-Link DAP-1880AC contains multiple vulnerabilities | 2021-04-12T15:32+09:00 | 2021-04-12T15:32+09:00 |
| jvndb-2021-000028 | Multiple vulnerabilities in multiple Aterm products | 2021-04-09T17:16+09:00 | 2021-04-09T17:16+09:00 |
| jvndb-2021-000030 | Multiple vulnerabilities in Aterm WF1200CR, Aterm WG1200CR, Aterm WG2600HS, and Aterm WX3000HP | 2021-04-09T16:42+09:00 | 2021-04-09T16:42+09:00 |
| jvndb-2021-000029 | Archive collectively operation utility vulnerable to directory traversal | 2021-04-01T14:44+09:00 | 2021-04-01T14:44+09:00 |
| jvndb-2021-000027 | Multiple vulnerabilities in baserCMS | 2021-03-26T14:25+09:00 | 2021-03-26T14:25+09:00 |
| jvndb-2021-000908 | rNote vulnerable to cross-site scripting | 2021-03-25T18:14+09:00 | 2021-03-25T18:14+09:00 |
| jvndb-2021-000907 | Yomi-Search vulnerable to cross-site scripting | 2021-03-25T18:12+09:00 | 2021-03-25T18:12+09:00 |
| jvndb-2021-000906 | Yomi-Search vulnerable to cross-site scripting | 2021-03-25T18:06+09:00 | 2021-03-25T18:06+09:00 |
| jvndb-2021-000905 | Yomi-Search vulnerable to cross-site scripting | 2021-03-25T18:01+09:00 | 2021-03-25T18:01+09:00 |
| jvndb-2021-000904 | Click Ranker vulnerable to cross-site scripting | 2021-03-25T17:52+09:00 | 2021-03-25T17:52+09:00 |
| jvndb-2021-000903 | Kagemai vulnerable to cross-site request forgery | 2021-03-25T17:50+09:00 | 2021-03-25T17:50+09:00 |
| jvndb-2021-000902 | Kagemai vulnerable to cross-site scripting | 2021-03-25T17:46+09:00 | 2021-03-25T17:46+09:00 |
| jvndb-2021-000901 | Kagemai vulnerable to cross-site scripting | 2021-03-25T17:43+09:00 | 2021-03-25T17:43+09:00 |
| jvndb-2021-000900 | MagazinegerZ vulnerable to cross-site scripting | 2021-03-25T17:32+09:00 | 2021-03-25T17:32+09:00 |
| jvndb-2021-000023 | UNIVERGE Aspire series PBX vulnerable to denial-of-service (DoS) | 2021-03-22T14:57+09:00 | 2021-03-22T14:57+09:00 |
| jvndb-2021-000026 | Fuji Xerox multifunction devices and printers vulnerable to denial-of-service (DoS) | 2021-03-19T15:32+09:00 | 2021-04-12T13:30+09:00 |
| jvndb-2021-000025 | WordPress plugin "Paid Memberships Pro" vulnerable to SQL injection | 2021-03-17T16:24+09:00 | 2021-03-17T16:24+09:00 |
| jvndb-2021-000022 | Multiple vulnerabilities in Cybozu Office | 2021-03-15T15:56+09:00 | 2021-12-17T17:51+09:00 |
| jvndb-2021-000021 | M-System DL8 contains multiple vulnerabilities | 2021-03-12T15:59+09:00 | 2021-03-12T15:59+09:00 |
| jvndb-2021-000020 | Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries | 2021-03-11T14:53+09:00 | 2021-03-11T14:53+09:00 |
| jvndb-2021-000019 | Multiple cross-site scripting vulnerabilities in GROWI | 2021-03-10T16:11+09:00 | 2021-03-10T16:11+09:00 |
| jvndb-2021-001123 | Multiple vulnerabilities in GROWI | 2021-03-09T14:17+09:00 | 2021-09-24T13:34+09:00 |
| jvndb-2021-001122 | Trend Micro Security (Consumer) vulnerable to code injection | 2021-03-08T17:26+09:00 | 2021-03-08T17:26+09:00 |
| jvndb-2021-000018 | The installers of E START products may insecurely load Dynamic Link Libraries | 2021-03-05T17:03+09:00 | 2023-11-16T15:41+09:00 |
| jvndb-2021-000017 | Multiple cross-site scripting vulnerabilities in Movable Type | 2021-02-24T15:20+09:00 | 2021-02-24T15:20+09:00 |
| jvndb-2021-000016 | Multiple vulnerabilities in SolarView Compact | 2021-02-19T16:44+09:00 | 2021-02-25T15:31+09:00 |
| jvndb-2021-001026 | Multiple Vulnerabilities in JP1/Automatic Operation | 2021-02-16T17:23+09:00 | 2021-02-16T17:23+09:00 |
| jvndb-2021-000015 | FileZen vulnerable to OS command injection | 2021-02-16T15:07+09:00 | 2021-03-05T17:31+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0662 | Multiples vulnérabilités dans les produits Centreon | 2025-08-07T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-avi-0661 | Multiples vulnérabilités dans les produits Splunk | 2025-08-07T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-avi-0660 | Vulnérabilité dans Tenable Identity Exposure | 2025-08-07T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-avi-0659 | Vulnérabilité dans Microsoft Exchange Server | 2025-08-07T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-avi-0658 | Multiples vulnérabilités dans Trend Micro Apex One | 2025-08-06T00:00:00.000000 | 2025-08-06T00:00:00.000000 |
| certfr-2025-avi-0657 | Multiples vulnérabilités dans Google Chrome | 2025-08-06T00:00:00.000000 | 2025-08-06T00:00:00.000000 |
| certfr-2025-avi-0656 | Vulnérabilité dans Google Pixel | 2025-08-06T00:00:00.000000 | 2025-08-06T00:00:00.000000 |
| certfr-2025-avi-0655 | Multiples vulnérabilités dans les produits Liferay | 2025-08-05T00:00:00.000000 | 2025-08-05T00:00:00.000000 |
| certfr-2025-avi-0654 | Multiples vulnérabilités dans les produits Netgate | 2025-08-05T00:00:00.000000 | 2025-08-05T00:00:00.000000 |
| certfr-2025-avi-0653 | Multiples vulnérabilités dans Google Android | 2025-08-05T00:00:00.000000 | 2025-08-05T00:00:00.000000 |
| certfr-2025-avi-0652 | Vulnérabilité dans le greffon "WASM Client" pour Traefik | 2025-08-04T00:00:00.000000 | 2025-08-04T00:00:00.000000 |
| certfr-2025-avi-0651 | Multiples vulnérabilités dans les produits IBM | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0650 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0649 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0648 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0647 | Vulnérabilité dans Squid | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0646 | Vulnérabilité dans Microsoft Edge | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0645 | Multiples vulnérabilités dans Asterisk | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0644 | Vulnérabilité dans Progress MOVEit Transfer | 2025-08-01T00:00:00.000000 | 2025-08-01T00:00:00.000000 |
| certfr-2025-avi-0643 | Vulnérabilité dans Mattermost Server | 2025-07-31T00:00:00.000000 | 2025-08-25T00:00:00.000000 |
| certfr-2025-avi-0642 | Multiples vulnérabilités dans Apple Safari | 2025-07-31T00:00:00.000000 | 2025-07-31T00:00:00.000000 |
| certfr-2025-avi-0641 | Multiples vulnérabilités dans les produits Splunk | 2025-07-31T00:00:00.000000 | 2025-07-31T00:00:00.000000 |
| certfr-2025-avi-0640 | Multiples vulnérabilités dans les produits Apple | 2025-07-30T00:00:00.000000 | 2025-07-31T00:00:00.000000 |
| certfr-2025-avi-0639 | Multiples vulnérabilités dans Google Chrome | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |
| certfr-2025-avi-0638 | Vulnérabilité dans les produits Sonicwall | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |
| certfr-2025-avi-0637 | Vulnérabilité dans SolarWinds Web Help Desk | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |
| certfr-2025-avi-0636 | Multiples vulnérabilités dans les produits Elastic | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |
| certfr-2025-avi-0635 | Vulnérabilité dans VMware vCenter | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |
| certfr-2025-avi-0634 | Vulnérabilité dans Python | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |
| certfr-2025-avi-0633 | Vulnérabilité dans Tenable Patch Management | 2025-07-30T00:00:00.000000 | 2025-07-30T00:00:00.000000 |