Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-20128 | Cisco Catalyst SD-WAN Manager Information Disclosure V… |
Cisco |
Cisco Catalyst SD-WAN Manager |
2026-02-25T16:14:12.353Z | 2026-04-21T03:55:31.648Z | |
| cve-2024-27199 | 7.3 (v3.1) | In JetBrains TeamCity before 2023.11.4 path trave… |
JetBrains |
TeamCity |
2024-03-04T17:21:40.081Z | 2026-04-21T03:55:31.232Z |
| cve-2026-28463 | 8.6 (v4.0) 8.4 (v3.1) | OpenClaw < 2026.2.14 - Arbitrary File Read via Shell E… |
OpenClaw |
OpenClaw |
2026-03-05T21:59:39.605Z | 2026-04-21T02:43:28.827Z |
| cve-2025-40931 | N/A | Apache::Session::Generate::MD5 versions through 1.94 f… |
CHORNY |
Apache::Session::Generate::MD5 |
2026-03-05T01:41:09.588Z | 2026-04-21T02:42:43.047Z |
| cve-2025-40926 | N/A | Plack::Middleware::Session::Simple versions before 0.0… |
KAZEBURO |
Plack::Middleware::Session::Simple |
2026-03-05T01:24:34.151Z | 2026-04-21T02:42:17.296Z |
| cve-2025-70995 | N/A | An issue in Aranda Service Desk Web Edition (ASDK… |
n/a |
n/a |
2026-03-05T00:00:00.000Z | 2026-04-21T02:41:54.623Z |
| cve-2025-48645 | N/A | In loadDescription of DeviceAdminInfo.java, there… |
Google |
Android |
2026-03-02T18:42:25.869Z | 2026-04-21T02:41:36.807Z |
| cve-2025-48613 | N/A | In VBMeta, there is a possible way to modify and … |
Google |
Android |
2026-03-02T18:42:15.702Z | 2026-04-21T02:41:16.037Z |
| cve-2026-2791 | N/A | Mitigation bypass in the Networking: Cache component |
Mozilla |
Firefox |
2026-02-24T13:33:22.237Z | 2026-04-21T02:40:55.797Z |
| cve-2026-2788 | N/A | Incorrect boundary conditions in the Audio/Video: GMP … |
Mozilla |
Firefox |
2026-02-24T13:33:20.287Z | 2026-04-21T02:40:29.432Z |
| cve-2026-0924 | 7.3 (v4.0) | BuhoCleaner 1.15.2 - Local Privilege Escalation via PI… |
Dr.Buho |
BuhoCleaner |
2026-02-02T20:18:21.258Z | 2026-04-21T02:40:06.930Z |
| cve-2026-41282 | 4 (v3.1) | ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL… |
ProjectDiscovery |
Nuclei |
2026-04-20T07:10:30.246Z | 2026-04-21T00:59:19.998Z |
| cve-2025-9375 | 6.9 (v4.0) | xmltodict 0.14.2 - XML Injection |
xmltodict |
xmltodict |
2025-09-01T16:43:18.220Z | 2026-04-20T21:45:55.337Z |
| cve-2025-32990 | 6.5 (v3.1) | Gnutls: vulnerability in gnutls certtool template parsing |
|
|
2025-07-10T09:41:46.211Z | 2026-04-20T21:35:30.314Z |
| cve-2025-32989 | 5.3 (v3.1) | Gnutls: vulnerability in gnutls sct extension parsing |
|
|
2025-07-10T08:05:26.307Z | 2026-04-20T21:35:29.773Z |
| cve-2025-32988 | 6.5 (v3.1) | Gnutls: vulnerability in gnutls othername san export |
|
|
2025-07-10T08:04:57.991Z | 2026-04-20T21:35:28.412Z |
| cve-2025-9900 | 8.8 (v3.1) | Libtiff: libtiff write-what-where |
|
|
2025-09-23T16:26:22.846Z | 2026-04-20T21:15:59.323Z |
| cve-2026-4046 | N/A | iconv crash due to assertion failure with untrusted input |
The GNU C Library |
glibc |
2026-03-30T17:16:11.021Z | 2026-04-20T21:02:31.443Z |
| cve-2026-3219 | 4.6 (v4.0) | pip doesn't reject concatenated ZIP and tar archives |
Python Packaging Authority |
pip |
2026-04-20T14:55:38.282Z | 2026-04-20T20:15:23.710Z |
| cve-2026-6550 | 4.7 (v3.1) 5.7 (v4.0) | Key commitment policy bypass via shared key cache in A… |
AWS |
AWS Encryption SDK for Python |
2026-04-20T19:20:23.383Z | 2026-04-20T19:44:11.685Z |
| cve-2026-32285 | N/A | Denial of service in github.com/buger/jsonparser |
github.com/buger/jsonparser |
github.com/buger/jsonparser |
2026-03-26T19:40:51.837Z | 2026-04-20T19:01:23.660Z |
| cve-2025-41118 | Sensitive COS `SecretKey` exposed in plaintext via con… |
Grafana |
Pyroscope |
2026-04-15T19:15:17.689Z | 2026-04-20T19:00:12.783Z | |
| cve-2026-21727 | Grafana Correlations: Cross-Tenant Data Disclosure and… |
Grafana |
Grafana Correlations |
2026-04-15T18:57:25.185Z | 2026-04-20T18:59:38.753Z | |
| cve-2026-21726 | Loki Path Traversal - CVE-2021-36156 Bypass |
Grafana |
Loki |
2026-04-15T19:24:31.268Z | 2026-04-20T18:58:17.749Z | |
| cve-2025-11249 | N/A | {'providerMetadata': {'orgId': '92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5', 'shortName': 'fedora', 'dateUpdated': '2026-04-20T18:52:18.108Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE id was assigned as a duplicate of CVE-2025-66414.'}]} | N/A | N/A | 2026-04-20T18:52:18.108Z | |
| cve-2025-1634 | 7.5 (v3.1) | Io.quarkus:quarkus-resteasy: memory leak in quarkus re… |
|
|
2025-02-26T16:56:23.869Z | 2026-04-20T18:50:51.922Z |
| cve-2026-6060 | 4.5 (v3.1) | Possible DoS via SQL Box |
OTRS AG |
OTRS |
2026-04-20T18:20:01.664Z | 2026-04-20T18:48:48.185Z |
| cve-2026-39110 | N/A | SQL Injection vulnerability in Apartment Visitors… |
n/a |
n/a |
2026-04-20T00:00:00.000Z | 2026-04-20T18:34:55.729Z |
| cve-2026-39109 | N/A | SQL Injection vulnerability in Apartment Visitors… |
n/a |
n/a |
2026-04-20T00:00:00.000Z | 2026-04-20T18:31:04.461Z |
| cve-2025-5914 | 7.8 (v3.1) | Libarchive: double free at archive_read_format_rar_see… |
|
|
2025-06-09T19:53:48.923Z | 2026-04-20T18:25:59.703Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2021-001017 | Trend Micro HouseCall for Home Networks (Windows Edition) may insecurely load Dynamic Link Libraries | 2021-02-04T15:42+09:00 | 2021-02-04T15:42+09:00 |
| jvndb-2021-000011 | Panasonic Video Insight VMS vulnerable to arbitrary code execution | 2021-02-04T15:39+09:00 | 2021-02-04T15:39+09:00 |
| jvndb-2021-000006 | Multiple vulnerabilities in Aterm WF800HP, Aterm WG2600HP, and Aterm WG2600HP2 | 2021-01-22T17:55+09:00 | 2021-02-03T12:05+09:00 |
| jvndb-2021-001014 | Vulnerability in JP1/VERITAS | 2021-02-01T16:49+09:00 | 2021-02-01T16:49+09:00 |
| jvndb-2021-000009 | Android App "ELECOM File Manager" vulnerable to directory traversal | 2021-01-27T17:38+09:00 | 2021-01-27T17:38+09:00 |
| jvndb-2021-000008 | Multiple vulnerabilities in multiple ELECOM products | 2021-01-26T16:33+09:00 | 2021-01-26T16:33+09:00 |
| jvndb-2021-000010 | Multiple vulnerabilities in multiple LOGITEC products | 2021-01-26T16:26+09:00 | 2021-01-26T16:26+09:00 |
| jvndb-2021-001010 | TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection | 2021-01-25T16:21+09:00 | 2021-01-25T16:21+09:00 |
| jvndb-2021-000005 | GROWI vulnerable to cross-site scripting | 2021-01-19T14:05+09:00 | 2021-01-19T14:05+09:00 |
| jvndb-2021-000004 | Multiple vulnerabilities in acmailer | 2021-01-14T16:22+09:00 | 2021-01-14T16:22+09:00 |
| jvndb-2021-000003 | The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries | 2021-01-12T15:53+09:00 | 2021-01-12T15:53+09:00 |
| jvndb-2021-000002 | Multiple NEC Products vulnerable to authentication bypass | 2021-01-04T17:24+09:00 | 2021-01-08T12:22+09:00 |
| jvndb-2021-000001 | Multiple vulnerabilities in UNIVERGE SV9500/SV8500 series | 2021-01-04T14:37+09:00 | 2021-01-04T14:37+09:00 |
| jvndb-2020-009965 | Cleartext Transmission of Sensitive Information Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-12-21T17:48+09:00 | 2020-12-21T17:48+09:00 |
| jvndb-2020-009964 | Improper certificate validation vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-12-21T17:48+09:00 | 2020-12-21T17:48+09:00 |
| jvndb-2020-010072 | Cross-site Scripting Vulnerability in Hitachi Command Suite | 2020-12-21T14:20+09:00 | 2020-12-21T14:20+09:00 |
| jvndb-2020-000086 | Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries | 2020-12-18T16:47+09:00 | 2020-12-18T16:47+09:00 |
| jvndb-2020-000083 | Multiple vulnerabilities in Aterm SA3500G | 2020-12-11T16:59+09:00 | 2020-12-11T16:59+09:00 |
| jvndb-2020-000082 | FileZen vulnerable to directory traversal | 2020-12-10T15:21+09:00 | 2020-12-10T15:21+09:00 |
| jvndb-2020-009771 | ServerProtect for Linux vulnerable to heap-based buffer overflow | 2020-12-08T12:34+09:00 | 2020-12-08T12:34+09:00 |
| jvndb-2020-000081 | Apache Cordova Plugin camera vulnerable to information exposure | 2020-12-07T16:34+09:00 | 2020-12-07T16:34+09:00 |
| jvndb-2020-000080 | Multiple vulnerabilities in EC-CUBE | 2020-12-03T18:15+09:00 | 2020-12-03T18:15+09:00 |
| jvndb-2020-000077 | Multiple vulnerabilities in GROWI | 2020-11-25T14:54+09:00 | 2020-11-25T14:54+09:00 |
| jvndb-2020-000076 | NETGEAR GS108Ev3 vulnerable to cross-site request forgery | 2020-11-24T14:32+09:00 | 2020-11-24T14:32+09:00 |
| jvndb-2020-000075 | The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries | 2020-11-20T15:39+09:00 | 2020-11-20T15:39+09:00 |
| jvndb-2020-009590 | Trend Micro Security 2020 (Consumer) is vulnerable to arbitrary file deletion | 2020-11-19T18:03+09:00 | 2020-11-19T18:03+09:00 |
| jvndb-2020-000074 | Hibernate ORM vulnerable to SQL injection | 2020-11-19T14:33+09:00 | 2020-11-19T14:33+09:00 |
| jvndb-2020-009584 | Multiple vulnerabilities in KonaWiki3 | 2020-11-18T18:13+09:00 | 2020-11-18T18:13+09:00 |
| jvndb-2020-000073 | Movable Type Premium vulnerable to cross-site scripting | 2020-11-18T18:01+09:00 | 2020-11-18T18:01+09:00 |
| jvndb-2020-000072 | MELSEC iQ-R Series CPU Modules vulnerable to uncontrolled resource consumption | 2020-11-12T14:58+09:00 | 2020-11-13T12:06+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0612 | Multiples vulnérabilités dans Sophos Firewall | 2025-07-22T00:00:00.000000 | 2025-07-22T00:00:00.000000 |
| certfr-2025-avi-0611 | Multiples vulnérabilités dans les produits Microsoft | 2025-07-21T00:00:00.000000 | 2025-07-22T00:00:00.000000 |
| certfr-2025-avi-0598 | Multiples vulnérabilités dans Sophos Intercept X | 2025-07-18T00:00:00.000000 | 2025-07-22T00:00:00.000000 |
| certfr-2025-avi-0610 | Multiples vulnérabilités dans Microsoft Azure | 2025-07-21T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-avi-0608 | Multiples vulnérabilités dans les produits IBM | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0607 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0606 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0605 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0604 | Multiples vulnérabilités dans Oracle Weblogic | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0603 | Multiples vulnérabilités dans Oracle Virtualization | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0602 | Multiples vulnérabilités dans Oracle PeopleSoft | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0601 | Multiples vulnérabilités dans Oracle MySQL | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0600 | Multiples vulnérabilités dans Oracle Java SE | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0599 | Multiples vulnérabilités dans Oracle Database Server | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0597 | Multiples vulnérabilités dans Grafana | 2025-07-18T00:00:00.000000 | 2025-07-18T00:00:00.000000 |
| certfr-2025-avi-0596 | Multiples vulnérabilités dans ISC BIND | 2025-07-17T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-avi-0595 | Vulnérabilité dans Cisco Unified Intelligence Center | 2025-07-17T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-avi-0594 | Multiples vulnérabilités dans Microsoft Edge | 2025-07-17T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-avi-0577 | Multiples vulnérabilités dans Microsoft Windows | 2025-07-09T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-avi-0593 | Multiples vulnérabilités dans les produits Atlassian | 2025-07-16T00:00:00.000000 | 2025-07-16T00:00:00.000000 |
| certfr-2025-avi-0592 | Multiples vulnérabilités dans les produits VMware | 2025-07-16T00:00:00.000000 | 2025-07-16T00:00:00.000000 |
| certfr-2025-avi-0591 | Multiples vulnérabilités dans Google Chrome | 2025-07-16T00:00:00.000000 | 2025-07-16T00:00:00.000000 |
| certfr-2025-avi-0590 | Multiples vulnérabilités dans les produits IBM | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0589 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0588 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0587 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0586 | Multiples vulnérabilités dans Apache HTTP Server | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0585 | Multiples vulnérabilités dans VMware Tanzu | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0584 | Multiples vulnérabilités dans Apache Tomcat | 2025-07-11T00:00:00.000000 | 2025-07-11T00:00:00.000000 |
| certfr-2025-avi-0583 | Multiples vulnérabilités dans les produits Juniper Networks | 2025-07-10T00:00:00.000000 | 2025-07-10T00:00:00.000000 |