Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-4485 | itsourcecode College Management System search_student.… |
itsourcecode |
College Management System |
2026-03-20T13:32:12.209Z | 2026-03-20T21:30:14.666Z | |
| cve-2026-31382 | 6.1 (v3.1) | Gainsight Assist reflected XSS/HTML injection |
Gainsight |
Gainsight Assist |
2026-03-20T13:04:45.195Z | 2026-03-23T10:21:50.305Z |
| cve-2026-31381 | 5.3 (v3.1) | Gainsight Assist plugin information disclosure |
Gainsight |
Gainsight Assist |
2026-03-20T13:02:07.185Z | 2026-03-23T10:21:31.048Z |
| cve-2026-4434 | N/A | Improper certificate validation in the PAM propag… |
Devolutions |
Server |
2026-03-20T12:52:55.762Z | 2026-03-23T14:12:02.673Z |
| cve-2026-33136 | WeGIA has Reflected Cross-Site Scripting (XSS) in `lis… |
LabRedesCefetRJ |
WeGIA |
2026-03-20T10:41:05.336Z | 2026-03-20T15:33:03.599Z | |
| cve-2026-33135 | WeGIA has Reflected Cross-Site Scripting (XSS) in `nov… |
LabRedesCefetRJ |
WeGIA |
2026-03-20T10:38:44.065Z | 2026-03-20T13:44:02.877Z | |
| cve-2026-33134 | WeGIA has Authenticated Time-Based Blind SQL Injection… |
LabRedesCefetRJ |
WeGIA |
2026-03-20T10:35:43.400Z | 2026-03-20T18:07:03.967Z | |
| cve-2026-33133 | WeGIA has an arbitrary SQL execution vulnerability via… |
LabRedesCefetRJ |
WeGIA |
2026-03-20T10:31:38.420Z | 2026-03-24T01:59:18.010Z | |
| cve-2026-33132 | ZITADEL is missing enforcement of organization scopes |
zitadel |
zitadel |
2026-03-20T10:21:19.373Z | 2026-03-20T19:31:30.207Z | |
| cve-2026-33131 | h3 has a middleware bypass with one gadget |
h3js |
h3 |
2026-03-20T10:16:29.556Z | 2026-03-20T11:25:53.880Z | |
| cve-2026-32595 | Traefik: BasicAuth Middleware Timing Attack Allows Use… |
traefik |
traefik |
2026-03-20T10:08:41.636Z | 2026-03-20T15:38:35.378Z | |
| cve-2026-25792 | Greenshot Vulnerable to OS Command Injection via Exter… |
greenshot |
greenshot |
2026-03-20T10:04:34.752Z | 2026-03-24T03:55:58.579Z | |
| cve-2026-32305 | Traefik mTLS bypass via fragmented ClientHello SNI ext… |
traefik |
traefik |
2026-03-20T10:01:13.620Z | 2026-03-20T13:45:04.503Z | |
| cve-2026-33130 | Uptime Kuma: SSTI in Notification Templates Allows Arb… |
louislam |
uptime-kuma |
2026-03-20T09:50:55.124Z | 2026-03-20T21:18:35.209Z | |
| cve-2026-33129 | h3 has an observable timing discrepancy in basic auth utils |
h3js |
h3 |
2026-03-20T09:41:21.933Z | 2026-03-20T19:33:49.871Z | |
| cve-2026-33128 | h3 has a Server-Sent Events Injection via Unsanitized … |
h3js |
h3 |
2026-03-20T09:37:07.206Z | 2026-03-20T11:40:27.956Z | |
| cve-2026-22324 | 8.1 (v3.1) | WordPress Melania theme <= 2.5.0 - Local File Inclusio… |
ThemeREX |
Melania |
2026-03-20T09:36:37.854Z | 2026-04-28T16:14:40.624Z |
| cve-2026-0677 | N/A | WordPress TotalContest Lite plugin <= 2.9.1 - PHP Obje… |
TotalSuite |
TotalContest Lite |
2026-03-20T09:31:42.957Z | 2026-04-28T16:14:40.444Z |
| cve-2026-33125 | Frigate Broken Access Control: Users assigned the view… |
blakeblackshear |
frigate |
2026-03-20T09:22:39.139Z | 2026-03-20T15:39:11.110Z | |
| cve-2026-33124 | Frigate has insecure password change functionality |
blakeblackshear |
frigate |
2026-03-20T09:16:04.830Z | 2026-03-20T13:47:08.894Z | |
| cve-2024-32537 | 7.1 (v3.1) | WordPress Flash Video Player plugin <= 5.0.4 - CSRF to… |
joshuae1974 |
Flash Video Player |
2026-03-20T09:09:46.014Z | 2026-04-28T16:09:36.808Z |
| cve-2026-33123 | pypdf has inefficient decoding of array-based streams |
py-pdf |
pypdf |
2026-03-20T09:09:12.831Z | 2026-03-20T18:07:16.458Z | |
| cve-2024-31119 | 5.9 (v3.1) | WordPress Download Special Box for Content plugin <= 1… |
Vasilis Triantafyllou |
Special Box for Content |
2026-03-20T09:07:26.652Z | 2026-04-28T16:09:28.550Z |
| cve-2026-33081 | PinchTab has Blind SSRF via browser-side redirect bypa… |
pinchtab |
pinchtab |
2026-03-20T09:05:01.753Z | 2026-03-20T21:20:23.968Z | |
| cve-2026-33080 | Filament: Unvalidated Range and Values summarizer valu… |
filamentphp |
filament |
2026-03-20T08:58:45.360Z | 2026-03-25T13:46:27.561Z | |
| cve-2026-32701 | Qwik has array method pollution in FormData processing… |
QwikDev |
qwik |
2026-03-20T08:52:41.149Z | 2026-03-20T12:07:39.151Z | |
| cve-2026-27625 | Stirling-PDF Zip Slip: Arbitrary File Write via Path T… |
Stirling-Tools |
Stirling-PDF |
2026-03-20T08:44:24.942Z | 2026-03-20T15:37:16.038Z | |
| cve-2026-33075 | FastGPT has Arbitrary Code Execution in GitHub Actions… |
labring |
FastGPT |
2026-03-20T08:37:16.169Z | 2026-03-20T13:48:05.632Z | |
| cve-2026-33072 | FileRise: Default Encryption Key Enables Token Forgery… |
error311 |
FileRise |
2026-03-20T08:31:08.452Z | 2026-03-20T18:07:22.683Z | |
| cve-2026-33071 | FileRise: WebDAV upload path bypasses filename validat… |
error311 |
FileRise |
2026-03-20T08:27:37.149Z | 2026-03-20T21:21:06.590Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certa-2013-avi-478 | Multiples vulnérabilités dans PHP | 2013-08-16T00:00:00.000000 | 2013-08-16T00:00:00.000000 |
| certa-2013-avi-477 | Vulnérabilité dans Microsoft Active Directory Federation Services | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-476 | Vulnérabilité dans l'implémentation ICMPv6 de Microsoft Windows | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-475 | Vulnérabilité dans le pilote NAT de Microsoft Windows | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-474 | Multiples vulnérabilités dans le noyau Microsoft Windows | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-473 | Vulnérabilité dans Microsoft Remote Procedure Call | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-472 | Multiples vulnérabilités dans Microsoft Exchange Server | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-471 | Vulnérabilité dans le processeur de scripts Unicode Microsoft | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-470 | Multiples vulnérabilités dans Microsoft Internet Explorer | 2013-08-14T00:00:00.000000 | 2013-08-14T00:00:00.000000 |
| certa-2013-avi-469 | Vulnérabilité dans Samba | 2013-08-12T00:00:00.000000 | 2013-08-12T00:00:00.000000 |
| certa-2013-avi-468 | Multiples vulnérabilités dans Symfony | 2013-08-12T00:00:00.000000 | 2013-08-12T00:00:00.000000 |
| certa-2013-avi-467 | Multiples vulnérabilités dans PuTTY | 2013-08-09T00:00:00.000000 | 2013-08-09T00:00:00.000000 |
| certa-2013-avi-466 | Multiples vulnérabilités dans Adobe Reader et Acrobat | 2013-08-09T00:00:00.000000 | 2013-08-09T00:00:00.000000 |
| certa-2013-avi-465 | Vulnérabilité dans Cisco TelePresence | 2013-08-08T00:00:00.000000 | 2013-08-08T00:00:00.000000 |
| certa-2013-avi-464 | Vulnérabilité dans les systèmes SCADA Schneider | 2013-08-07T00:00:00.000000 | 2013-08-07T00:00:00.000000 |
| certa-2013-avi-463 | Multiples vulnérabilités dans des produits Mozilla | 2013-08-07T00:00:00.000000 | 2013-08-07T00:00:00.000000 |
| certa-2013-avi-462 | Vulnérabilité dans le système SCADA MOXA OnCell Gateway | 2013-08-07T00:00:00.000000 | 2013-08-07T00:00:00.000000 |
| certa-2013-avi-461 | Multiples vulnérabilités dans Symantec Backup Exec | 2013-08-05T00:00:00.000000 | 2013-08-05T00:00:00.000000 |
| certa-2013-avi-460 | Vulnérabilité dans Joomla! | 2013-08-05T00:00:00.000000 | 2013-08-05T00:00:00.000000 |
| certa-2013-avi-459 | Vulnérabilité dans de multiples produits HP LaserJet | 2013-08-02T00:00:00.000000 | 2013-08-02T00:00:00.000000 |
| certa-2013-avi-458 | Vulnérabilité dans Cisco OSPF | 2013-08-02T00:00:00.000000 | 2013-08-02T00:00:00.000000 |
| certa-2013-avi-457 | Multiples vulnérabilités dans le système SCADA Siemens WinCC | 2013-08-01T00:00:00.000000 | 2013-08-01T00:00:00.000000 |
| certa-2013-avi-456 | Multiples vulnérabilités dans le système SCADA Siemens Scalance W-7xx | 2013-08-01T00:00:00.000000 | 2013-08-01T00:00:00.000000 |
| certa-2013-avi-455 | Multiples vulnérabilités dans TYPO3 | 2013-08-01T00:00:00.000000 | 2013-08-01T00:00:00.000000 |
| certa-2013-avi-454 | Multiples vulnérabilités dans VMware ESX et ESXi | 2013-08-01T00:00:00.000000 | 2013-08-01T00:00:00.000000 |
| certa-2013-avi-453 | Vulnérabilité dans Cisco WAAS | 2013-08-01T00:00:00.000000 | 2013-08-01T00:00:00.000000 |
| certa-2013-avi-452 | Vulnérabilité dans de multiples produits Cisco | 2013-08-01T00:00:00.000000 | 2013-08-01T00:00:00.000000 |
| certa-2013-avi-451 | Vulnérabilité dans Adobe Digital Editions | 2013-07-31T00:00:00.000000 | 2013-07-31T00:00:00.000000 |
| certa-2013-avi-450 | Multiples vulnérabilités dans le système SCADA GE Proficy HMI/SCADA | 2013-07-31T00:00:00.000000 | 2013-07-31T00:00:00.000000 |
| certa-2013-avi-449 | Multiples vulnérabilités dans le noyau Linux de Ubuntu | 2013-07-31T00:00:00.000000 | 2013-07-31T00:00:00.000000 |