Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-22734 | 8.6 (v3.1) | Cloud Foundry UAA SAML 2.0 Signature Bypass |
Cloud Foundry |
UUA |
2026-04-16T23:33:43.596Z | 2026-04-17T13:21:04.331Z |
| cve-2026-40260 | pypdf: Manipulated XMP metadata entity declarations ca… |
py-pdf |
pypdf |
2026-04-16T23:18:26.687Z | 2026-04-17T18:42:05.059Z | |
| cve-2026-40922 | SiYuan: Incomplete sanitization of bazaar README allow… |
siyuan-note |
siyuan |
2026-04-16T23:14:00.592Z | 2026-04-20T14:59:52.008Z | |
| cve-2026-40322 | SiYuan: Mermaid `javascript:` Link Injection Leads to … |
siyuan-note |
siyuan |
2026-04-16T23:00:07.719Z | 2026-04-17T12:26:06.118Z | |
| cve-2026-40318 | SiYuan: Publish Reader Path Traversal Delete via `remo… |
siyuan-note |
siyuan |
2026-04-16T22:54:47.881Z | 2026-04-18T02:48:57.193Z | |
| cve-2026-40259 | SiYuan: Publish Reader Can Arbitrarily Delete Attribut… |
siyuan-note |
siyuan |
2026-04-16T22:49:36.992Z | 2026-04-20T14:59:59.417Z | |
| cve-2024-58343 | 4.3 (v3.1) | Vision Helpdesk before 5.7.0 (patched in 5.6.10) … |
Vision |
Helpdesk |
2026-04-16T22:27:03.084Z | 2026-04-17T13:31:05.652Z |
| cve-2026-40255 | @adonisjs/http-server has an Open Redirect vulnerability |
adonisjs |
http-server |
2026-04-16T22:25:38.155Z | 2026-04-17T18:43:10.697Z | |
| cve-2026-40253 | openCryptoki: Memory safety vulnerabilities in BER/DER… |
opencryptoki |
opencryptoki |
2026-04-16T22:04:44.005Z | 2026-04-17T12:27:41.682Z | |
| cve-2026-41113 | 8.1 (v3.1) | sagredo qmail before 2026.04.07 allows tls_quit r… |
sagredo |
qmail |
2026-04-16T22:02:10.225Z | 2026-04-18T20:09:47.901Z |
| cve-2026-40249 | free5gc UDR fail-open request handling in PolicyDataSu… |
free5gc |
free5gc |
2026-04-16T21:59:36.282Z | 2026-04-18T02:47:28.094Z | |
| cve-2026-40248 | free5gc UDR improper path validation allows unauthenti… |
free5gc |
free5gc |
2026-04-16T21:57:13.101Z | 2026-04-20T15:00:17.552Z | |
| cve-2026-40247 | free5gc UDR improper path validation allows unauthenti… |
free5gc |
free5gc |
2026-04-16T21:54:04.151Z | 2026-04-17T18:44:09.831Z | |
| cve-2026-40246 | free5gc UDR improper path validation allows unauthenti… |
free5gc |
free5gc |
2026-04-16T21:40:03.598Z | 2026-04-18T02:46:14.355Z | |
| cve-2026-40170 | ngtcp2 has a qlog transport parameter serialization st… |
ngtcp2 |
ngtcp2 |
2026-04-16T21:34:07.610Z | 2026-04-20T15:00:26.193Z | |
| cve-2026-40308 | My Calendar: Unauthenticated Information Disclosure (I… |
joedolson |
my-calendar |
2026-04-16T21:30:52.401Z | 2026-04-17T12:32:26.622Z | |
| cve-2026-39313 | MCP-Framework: Unbounded memory allocation in readRequ… |
QuantGeekDev |
mcp-framework |
2026-04-16T21:24:27.328Z | 2026-04-17T18:46:07.726Z | |
| cve-2026-35469 | SpdyStream: DOS on CRI |
moby |
spdystream |
2026-04-16T21:19:23.516Z | 2026-04-17T12:37:27.329Z | |
| cve-2026-34164 | Valtimo: Sensitive data exposure through inbox message… |
valtimo-platform |
valtimo |
2026-04-16T21:17:35.472Z | 2026-04-18T02:44:44.369Z | |
| cve-2026-33472 | Cryptomator Hub OAuth token exchange HTTP downgrade vi… |
cryptomator |
cryptomator |
2026-04-16T21:12:37.076Z | 2026-04-20T15:00:33.905Z | |
| cve-2026-40901 | DataEase: Quartz Deserialization → Remote Code Execution |
dataease |
dataease |
2026-04-16T20:57:45.978Z | 2026-04-17T18:47:00.448Z | |
| cve-2026-40900 | DataEase has SQL Injection via Stacked Queries |
dataease |
dataease |
2026-04-16T20:53:27.788Z | 2026-04-17T12:38:32.676Z | |
| cve-2026-40899 | DataEase has an Arbitrary File Read Vulnerability |
dataease |
dataease |
2026-04-16T19:48:44.201Z | 2026-04-18T02:43:14.720Z | |
| cve-2026-33207 | DataEase SQL Injection Vulnerability |
dataease |
dataease |
2026-04-16T19:37:36.197Z | 2026-04-20T15:00:41.415Z | |
| cve-2026-33122 | DataEase has SQL Injection via Datasource Management |
dataease |
dataease |
2026-04-16T19:24:03.195Z | 2026-04-17T18:47:44.791Z | |
| cve-2025-54502 | 7.1 (v4.0) | Incorrect use of boot service in the AMD Platform… |
AMD |
AMD EPYC™ 9004 Series Processors |
2026-04-16T18:46:13.377Z | 2026-04-17T03:55:16.268Z |
| cve-2025-54510 | 5.9 (v4.0) | A missing lock verification in AMD Secure Process… |
AMD |
AMD EPYC™ 9004 Series Processors |
2026-04-16T18:44:10.182Z | 2026-04-16T19:10:19.002Z |
| cve-2026-6442 | 8.3 (v3.1) | Improper Command Detection Logic Allows RCE in Cortex … |
Snowflake |
Cortex Code CLI |
2026-04-16T18:43:21.181Z | 2026-04-16T18:54:58.366Z |
| cve-2023-20585 | 5.6 (v4.0) | Insufficient checks of the RMP on host buffer acc… |
AMD |
AMD EPYC™ 7003 Series Processors |
2026-04-16T18:42:28.281Z | 2026-04-16T19:12:06.991Z |
| cve-2026-33121 | DataEase has SQL Injection via Datasource Save Flow |
dataease |
dataease |
2026-04-16T18:16:02.485Z | 2026-04-16T18:34:54.187Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2020-000055 | Apache Struts 2 vulnerable to denial-of-service (DoS) | 2020-08-25T13:59+09:00 | 2022-08-09T13:57+09:00 |
| jvndb-2020-000054 | Multiple cross-site scripting vulnerabilities in Exment | 2020-08-21T14:34+09:00 | 2020-08-21T14:34+09:00 |
| jvndb-2020-000053 | Multiple vulnerabilities in CyberMail | 2020-08-11T14:20+09:00 | 2020-08-11T14:20+09:00 |
| jvndb-2020-007128 | DoS Vulnerability in HiRDB | 2020-08-03T16:37+09:00 | 2020-08-03T16:37+09:00 |
| jvndb-2020-007127 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2020-08-03T16:36+09:00 | 2020-08-03T16:36+09:00 |
| jvndb-2020-000052 | SKYSEA Client View vulnerable to privilege escalation | 2020-08-03T14:59+09:00 | 2020-08-03T14:59+09:00 |
| jvndb-2020-000051 | Multiple vulnerabilities in multiple PHP Factory products | 2020-07-31T16:29+09:00 | 2020-07-31T16:29+09:00 |
| jvndb-2020-000050 | FANUC i Series CNC vulnerable to denial-of-service (DoS) | 2020-07-31T14:29+09:00 | 2020-07-31T14:29+09:00 |
| jvndb-2020-000049 | TOYOTA MOTOR's Global TechStream vulnerable to buffer overflow | 2020-07-29T14:48+09:00 | 2020-10-08T18:08+09:00 |
| jvndb-2020-000047 | JavaFX WebEngine does not properly restrict Java method execution | 2020-07-28T15:47+09:00 | 2020-07-28T15:47+09:00 |
| jvndb-2020-000048 | Multiple vulnerabilities in KonaWiki2 and KonaWiki3 | 2020-07-28T15:38+09:00 | 2020-07-28T15:38+09:00 |
| jvndb-2020-000046 | WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery | 2020-07-22T14:24+09:00 | 2020-07-22T14:24+09:00 |
| jvndb-2020-006617 | Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2020-07-14T10:40+09:00 | 2020-07-14T10:40+09:00 |
| jvndb-2020-006586 | Server Side Request Forgery Vulnerability in Hitachi Ops Center Analyzer viewpoint | 2020-07-13T14:25+09:00 | 2020-07-13T14:25+09:00 |
| jvndb-2020-006469 | Multiple vulnerabilities in TCP/IP function on Mitsubishi Electric GOT2000 series | 2020-07-09T15:46+09:00 | 2020-07-09T15:46+09:00 |
| jvndb-2020-000045 | SHIRASAGI vulnerable to open redirect | 2020-07-09T15:08+09:00 | 2020-07-09T15:08+09:00 |
| jvndb-2020-000043 | Android App "Mercari" (Japan version) vulnerable to arbitrary method execution of the Java object | 2020-07-08T16:04+09:00 | 2020-07-08T16:04+09:00 |
| jvndb-2020-000042 | Multiple vulnerabilities in Cybozu Garoon | 2020-06-29T16:17+09:00 | 2020-06-29T16:17+09:00 |
| jvndb-2020-006031 | DoS Vulnerability in Hitachi Device Manager | 2020-06-29T12:25+09:00 | 2020-06-29T12:25+09:00 |
| jvndb-2020-000040 | Chrome Extension for e-Tax Reception System vulnerable to arbitrary command execution | 2020-06-24T14:25+09:00 | 2020-06-24T14:25+09:00 |
| jvndb-2020-005854 | Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series vulnerable to cleartext transmission of sensitive information | 2020-06-24T10:32+09:00 | 2020-06-24T10:32+09:00 |
| jvndb-2020-005743 | Vulnerability in Cosminexus HTTP Server | 2020-06-22T15:40+09:00 | 2020-06-22T15:40+09:00 |
| jvndb-2020-000039 | EC-CUBE vulnerable to directory traversal | 2020-06-18T13:48+09:00 | 2020-06-18T13:48+09:00 |
| jvndb-2020-005443 | Path Traversal Vulnerability in Hitachi Automation Director and Hitachi Ops Center Automator | 2020-06-15T16:29+09:00 | 2020-06-15T16:29+09:00 |
| jvndb-2020-000038 | Multiple vulnerabilities in Zenphoto | 2020-06-11T17:17+09:00 | 2020-06-11T17:17+09:00 |
| jvndb-2020-000037 | Multiple SONY Wireless Headphones allow improper Bluetooth pairing | 2020-06-09T15:49+09:00 | 2020-06-09T15:49+09:00 |
| jvndb-2020-000036 | XACK DNS vulnerable to denial-of-service (DoS) | 2020-06-05T15:16+09:00 | 2020-06-05T15:16+09:00 |
| jvndb-2020-000035 | Multiples security updates for multiple Cybozu products | 2020-05-29T15:40+09:00 | 2020-05-29T15:40+09:00 |
| jvndb-2020-004667 | Privilege escalation vulnerability in Hitachi Ops Center Common Services | 2020-05-25T16:17+09:00 | 2020-05-25T16:17+09:00 |
| jvndb-2020-000034 | Cybozu Desktop for Windows vulenerable to arbitrary code execution | 2020-05-25T15:09+09:00 | 2020-05-25T15:09+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0572 | Multiples vulnérabilités dans Suricata | 2025-07-09T00:00:00.000000 | 2025-07-09T00:00:00.000000 |
| certfr-2025-avi-0571 | Multiples vulnérabilités dans Xen | 2025-07-09T00:00:00.000000 | 2025-07-09T00:00:00.000000 |
| certfr-2025-avi-0570 | Multiples vulnérabilités dans MongoDB | 2025-07-09T00:00:00.000000 | 2025-07-09T00:00:00.000000 |
| certfr-2025-avi-0569 | Multiples vulnérabilités dans Adobe ColdFusion | 2025-07-09T00:00:00.000000 | 2025-07-09T00:00:00.000000 |
| certfr-2025-avi-0568 | Multiples vulnérabilités dans les produits Citrix | 2025-07-09T00:00:00.000000 | 2025-07-09T00:00:00.000000 |
| certfr-2025-avi-0567 | Multiples vulnérabilités dans HPE Aruba Networking Instant On | 2025-07-09T00:00:00.000000 | 2025-07-09T00:00:00.000000 |
| certfr-2025-avi-0566 | Multiples vulnérabilités dans les produits Siemens | 2025-07-08T00:00:00.000000 | 2025-07-08T00:00:00.000000 |
| certfr-2025-avi-0565 | Multiples vulnérabilités dans les produits Schneider Electric | 2025-07-08T00:00:00.000000 | 2025-07-08T00:00:00.000000 |
| certfr-2025-avi-0564 | Multiples vulnérabilités dans les produits SAP | 2025-07-08T00:00:00.000000 | 2025-07-08T00:00:00.000000 |
| certfr-2025-avi-0563 | Multiples vulnérabilités dans les produits Splunk | 2025-07-08T00:00:00.000000 | 2025-07-08T00:00:00.000000 |
| certfr-2025-avi-0562 | Multiples vulnérabilités dans les produits IBM | 2025-07-04T00:00:00.000000 | 2025-07-04T00:00:00.000000 |
| certfr-2025-avi-0561 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-07-04T00:00:00.000000 | 2025-07-04T00:00:00.000000 |
| certfr-2025-avi-0560 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-07-04T00:00:00.000000 | 2025-07-04T00:00:00.000000 |
| certfr-2025-avi-0559 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-07-04T00:00:00.000000 | 2025-07-04T00:00:00.000000 |
| certfr-2025-avi-0558 | Multiples vulnérabilités dans PHP | 2025-07-04T00:00:00.000000 | 2025-07-04T00:00:00.000000 |
| certfr-2025-avi-0557 | Vulnérabilité dans Microsoft Edge | 2025-07-03T00:00:00.000000 | 2025-07-03T00:00:00.000000 |
| certfr-2025-avi-0556 | Vulnérabilité dans Citrix XenServer | 2025-07-03T00:00:00.000000 | 2025-07-03T00:00:00.000000 |
| certfr-2025-avi-0555 | Multiples vulnérabilités dans Mozilla Thunderbird | 2025-07-03T00:00:00.000000 | 2025-07-03T00:00:00.000000 |
| certfr-2025-avi-0554 | Multiples vulnérabilités dans Grafana | 2025-07-03T00:00:00.000000 | 2025-07-03T00:00:00.000000 |
| certfr-2025-avi-0553 | Vulnérabilité dans les produits Cisco | 2025-07-03T00:00:00.000000 | 2025-07-03T00:00:00.000000 |
| certfr-2025-avi-0552 | Multiples vulnérabilités dans Microsoft Edge | 2025-07-02T00:00:00.000000 | 2025-07-02T00:00:00.000000 |
| certfr-2025-avi-0551 | Vulnérabilité dans Xen | 2025-07-02T00:00:00.000000 | 2025-07-02T00:00:00.000000 |
| certfr-2025-avi-0550 | Multiples vulnérabilités dans les produits Tenable | 2025-07-01T00:00:00.000000 | 2025-07-01T00:00:00.000000 |
| certfr-2025-avi-0549 | Vulnérabilité dans Google Chrome | 2025-07-01T00:00:00.000000 | 2025-07-01T00:00:00.000000 |
| certfr-2025-avi-0548 | Multiples vulnérabilités dans MongoDB Server | 2025-06-30T00:00:00.000000 | 2025-06-30T00:00:00.000000 |
| certfr-2025-avi-0547 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-06-27T00:00:00.000000 | 2025-06-27T00:00:00.000000 |
| certfr-2025-avi-0546 | Multiples vulnérabilités dans les produits IBM | 2025-06-27T00:00:00.000000 | 2025-06-27T00:00:00.000000 |
| certfr-2025-avi-0545 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-06-27T00:00:00.000000 | 2025-06-27T00:00:00.000000 |
| certfr-2025-avi-0544 | Multiples vulnérabilités dans les produits Trend Micro | 2025-06-27T00:00:00.000000 | 2025-06-27T00:00:00.000000 |
| certfr-2025-avi-0543 | Vulnérabilité dans VMware Tanzu | 2025-06-27T00:00:00.000000 | 2025-06-27T00:00:00.000000 |