Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-62231 | 7.3 (v3.1) | Xorg: xmayland: value overflow in xkbsetcompatmap() |
X.Org |
Xwayland |
2025-10-30T05:08:32.155Z | 2026-04-20T13:50:20.474Z |
| cve-2025-62230 | 7.3 (v3.1) | Xorg: xwayland: use-after-free in xkb client resource … |
X.Org |
Xwayland |
2025-10-30T05:19:40.445Z | 2026-04-20T13:50:16.428Z |
| cve-2025-62229 | 7.3 (v3.1) | Xorg: xmayland: use-after-free in xpresentnotify struc… |
X.Org |
Xwayland |
2025-10-30T05:28:48.131Z | 2026-04-20T13:50:16.096Z |
| cve-2026-0894 | Content Blocks (Custom Post Widget) <= 3.3.9 - Authent… |
vanderwijk |
Content Blocks (Custom Post Widget) |
2026-04-18T09:26:52.078Z | 2026-04-20T13:48:40.598Z | |
| cve-2026-40319 | Giskard has a Regular Expression Denial of Service (Re… |
Giskard-AI |
giskard-oss |
2026-04-17T17:16:37.676Z | 2026-04-20T13:46:09.167Z | |
| cve-2026-40320 | Giskard has an Unsandboxed Jinja2 Template Rendering i… |
Giskard-AI |
giskard-oss |
2026-04-17T17:25:50.449Z | 2026-04-20T13:46:09.036Z | |
| cve-2026-28212 | Firebird has potential server crash via null pointer d… |
FirebirdSQL |
firebird |
2026-04-17T18:05:25.854Z | 2026-04-20T13:46:08.904Z | |
| cve-2026-28214 | Firebird server hangs when using specific clumplet on … |
FirebirdSQL |
firebird |
2026-04-17T18:35:46.974Z | 2026-04-20T13:46:08.635Z | |
| cve-2026-34232 | Firebird: DoS via `op_response` packet from client |
FirebirdSQL |
firebird |
2026-04-17T18:52:11.693Z | 2026-04-20T13:46:08.507Z | |
| cve-2026-1559 | Youzify <= 1.3.6 - Authenticated (Subscriber+) Stored … |
youzify |
Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress |
2026-04-18T01:26:05.210Z | 2026-04-20T13:46:08.353Z | |
| cve-2026-6518 | CMP – Coming Soon & Maintenance Plugin by NiteoThemes … |
niteo |
CMP – Coming Soon & Maintenance Plugin by NiteoThemes |
2026-04-18T03:37:04.707Z | 2026-04-20T13:46:08.222Z | |
| cve-2026-6048 | Flipbox Addon for Elementor <= 2.1.1 - Authenticated (… |
dragwyb |
Flipbox Addon for Elementor |
2026-04-18T03:37:05.751Z | 2026-04-20T13:46:08.081Z | |
| cve-2026-2505 | Categories Images <= 3.3.1 - Authenticated (Contributo… |
elzahlan |
Categories Images |
2026-04-18T09:26:52.654Z | 2026-04-20T13:46:07.918Z | |
| cve-2026-6643 | 8.6 (v4.0) | A stack-based buffer overflow vulnerability in the VPN… |
ASUSTOR Inc. |
ADM |
2026-04-20T06:34:27.511Z | 2026-04-20T13:46:07.764Z |
| cve-2026-5963 | 9.3 (v4.0) 9.8 (v3.1) | Digiwin|EasyFlow .NET - SQL Injection |
Digiwin |
EasyFlow .NET |
2026-04-20T07:32:20.443Z | 2026-04-20T13:42:03.062Z |
| cve-2026-5964 | 9.3 (v4.0) 9.8 (v3.1) | Digiwin|EasyFlow .NET - SQL Injection |
Digiwin |
EasyFlow .NET |
2026-04-20T07:36:58.476Z | 2026-04-20T13:38:08.600Z |
| cve-2026-40196 | HomeBox has Unauthorized API Access via Retained defau… |
sysadminsmedia |
homebox |
2026-04-17T21:01:18.530Z | 2026-04-20T13:36:06.776Z | |
| cve-2026-40305 | DNN has Force Friend Request Acceptance |
dnnsoftware |
Dnn.Platform |
2026-04-17T21:06:09.237Z | 2026-04-20T13:36:06.644Z | |
| cve-2026-40352 | FastGPT: NoSQL Injection in updatePasswordByOld Leads … |
labring |
FastGPT |
2026-04-17T21:09:32.913Z | 2026-04-20T13:36:06.464Z | |
| cve-2026-2434 | Pz-LinkCard <= 2.5.8.1 - Authenticated (Contributor+) … |
poporon |
Pz-LinkCard |
2026-04-17T22:27:13.525Z | 2026-04-20T13:36:06.124Z | |
| cve-2026-40481 | monetr: Unauthenticated Stripe webhook reads attacker-… |
monetr |
monetr |
2026-04-17T22:54:57.545Z | 2026-04-20T13:36:05.862Z | |
| cve-2026-40334 | libgphoto2 missing null termination in ptp_unpack_Cano… |
gphoto |
libgphoto2 |
2026-04-17T23:16:38.751Z | 2026-04-20T13:36:05.703Z | |
| cve-2026-40335 | libgphoto2 has OOB read in ptp_unpack_DPV() UINT128/IN… |
gphoto |
libgphoto2 |
2026-04-17T23:19:16.935Z | 2026-04-20T13:36:05.542Z | |
| cve-2026-40485 | ChurchCRM: Username Enumeration via Differential Respo… |
ChurchCRM |
CRM |
2026-04-17T23:29:35.884Z | 2026-04-20T13:36:05.319Z | |
| cve-2026-40340 | libgphoto2 has OOB read in ptp_unpack_OI() in ptp-pack… |
gphoto |
libgphoto2 |
2026-04-17T23:45:17.467Z | 2026-04-20T13:36:05.149Z | |
| cve-2026-32957 | 5.3 (v3.1) 6.9 (v4.0) | SD-330AC and AMC Manager provided by silex techno… |
silex technology, Inc. |
SD-330AC |
2026-04-20T03:19:35.581Z | 2026-04-20T13:36:04.975Z |
| cve-2026-32955 | 8.8 (v3.1) 8.7 (v4.0) | SD-330AC and AMC Manager provided by silex techno… |
silex technology, Inc. |
SD-330AC |
2026-04-20T03:19:47.937Z | 2026-04-20T13:36:04.747Z |
| cve-2026-32956 | 9.8 (v3.1) 9.3 (v4.0) | SD-330AC and AMC Manager provided by silex techno… |
silex technology, Inc. |
SD-330AC |
2026-04-20T03:20:01.225Z | 2026-04-20T13:36:04.476Z |
| cve-2026-5966 | 7.2 (v4.0) 8.1 (v3.1) | TeamT5|ThreatSonar Anti-Ransomware - Arbitrary File Deletion |
TeamT5 |
ThreatSonar Anti-Ransomware |
2026-04-20T07:40:33.323Z | 2026-04-20T13:30:25.604Z |
| cve-2026-5967 | 8.7 (v4.0) 8.8 (v3.1) | TeamT5|ThreatSonar Anti-Ransomware - Privilege Escalation |
TeamT5 |
ThreatSonar Anti-Ransomware |
2026-04-20T07:44:19.754Z | 2026-04-20T13:29:59.132Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2018-000101 | The installer of Baidu Browser may insecurely load Dynamic Link Libraries | 2018-10-03T15:02+09:00 | 2019-08-27T10:39+09:00 |
| jvndb-2018-000111 | BlueStacks App Player fails to restrict access permissions | 2018-10-24T16:13+09:00 | 2019-08-27T10:35+09:00 |
| jvndb-2018-000109 | Multiple vulnerabilities in YukiWiki | 2018-10-19T14:31+09:00 | 2019-08-27T10:32+09:00 |
| jvndb-2019-000051 | EC-CUBE plugin "Amazon Pay Plugin 2.12,2.13" vulnerable to cross-site scripting | 2019-08-07T13:58+09:00 | 2019-08-07T13:58+09:00 |
| jvndb-2018-000112 | SecureCore Standard Edition vulnerable to authentication bypass | 2018-10-24T16:07+09:00 | 2019-08-06T17:34+09:00 |
| jvndb-2018-000105 | Metabase vulnerable to cross-site scripting | 2018-10-11T15:54+09:00 | 2019-07-26T17:49+09:00 |
| jvndb-2018-000104 | Multiple vulnerabilities in FileZen | 2018-10-15T15:26+09:00 | 2019-07-26T17:00+09:00 |
| jvndb-2018-000103 | Music Center for PC improperly verifies software update files | 2018-10-09T16:22+09:00 | 2019-07-26T15:57+09:00 |
| jvndb-2018-000099 | Cybozu Garoon vulnerable to directory traversal | 2018-09-10T14:01+09:00 | 2019-07-26T15:28+09:00 |
| jvndb-2018-000080 | Movable Type plugin MTAppjQuery vulnerable to PHP code execution | 2018-07-18T15:35+09:00 | 2019-07-26T15:23+09:00 |
| jvndb-2018-000113 | Multiple vulnerabilities in OpenDolphin | 2018-10-26T16:16+09:00 | 2019-07-26T14:35+09:00 |
| jvndb-2018-000110 | Web Isolation vulnerable to cross-site scripting | 2018-10-19T14:45+09:00 | 2019-07-26T14:06+09:00 |
| jvndb-2018-000095 | AttacheCase vulnerable to arbitrary script execution | 2018-08-31T15:59+09:00 | 2019-07-26T12:19+09:00 |
| jvndb-2018-000083 | The installers of multiple Canon IT Solutions Inc. software programs may insecurely load Dynamic Link Libraries | 2018-07-24T14:43+09:00 | 2019-07-26T12:05+09:00 |
| jvndb-2018-000084 | LINE MUSIC for Android fails to verify SSL server certificates | 2018-07-26T14:58+09:00 | 2019-07-25T17:28+09:00 |
| jvndb-2018-000091 | NoMachine App for Android vulnerable to environment variables alteration | 2018-08-17T13:49+09:00 | 2019-07-25T17:17+09:00 |
| jvndb-2018-000078 | WordPress plugin "FV Flowplayer Video Player" vulnerable to cross-site scripting | 2018-07-17T12:27+09:00 | 2019-07-25T17:12+09:00 |
| jvndb-2018-000081 | Multiple vulnerabilities in ORCA(Online Receipt Computer Advantage) | 2018-07-18T15:35+09:00 | 2019-07-25T16:59+09:00 |
| jvndb-2018-000073 | Installer of ChatWork Desktop App for Windows may insecurely load Dynamic Link Libraries | 2018-07-23T14:28+09:00 | 2019-07-25T16:50+09:00 |
| jvndb-2018-000079 | Explzh vulnerable to directory traversal | 2018-07-13T14:47+09:00 | 2019-07-25T16:26+09:00 |
| jvndb-2018-000087 | The installer of Digital Paper App may insecurely load Dynamic Link Libraries | 2018-08-21T15:59+09:00 | 2019-07-25T16:17+09:00 |
| jvndb-2018-000096 | QNAP Photo Station vulnerable to cross-site scripting | 2018-08-31T15:48+09:00 | 2019-07-25T16:09+09:00 |
| jvndb-2018-000089 | Multiple vulnerabilities in multiple I-O DATA network camera products | 2018-08-07T14:33+09:00 | 2019-07-25T16:00+09:00 |
| jvndb-2018-000074 | DLL planting vulnerability in multiple Yayoi 17 Series products | 2018-07-20T15:41+09:00 | 2019-07-25T15:04+09:00 |
| jvndb-2018-000082 | WL-330NUL vulnerable to cross-site request forgery | 2018-07-20T15:41+09:00 | 2019-07-25T14:38+09:00 |
| jvndb-2018-000090 | Multiple directory traversal vulnerabilities in AttacheCase | 2018-08-06T14:10+09:00 | 2019-07-25T14:32+09:00 |
| jvndb-2018-000094 | Movable Type vulnerable to cross-site scripting | 2018-08-30T17:34+09:00 | 2019-07-25T14:25+09:00 |
| jvndb-2016-008607 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2017-06-30T15:55+09:00 | 2019-07-25T14:14+09:00 |
| jvndb-2018-006236 | Information Disclosure Vulnerability in Hitachi Command Suite | 2018-08-14T10:04+09:00 | 2019-07-24T17:02+09:00 |
| jvndb-2018-000067 | Mailman vulnerable to cross-site scripting | 2018-06-28T12:30+09:00 | 2019-07-24T15:21+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0375 | Vulnérabilité dans Liferay Portal et Liferay DXP | 2025-05-07T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2025-avi-0374 | Multiples vulnérabilités dans Tenable Security Center | 2025-05-07T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2025-avi-0373 | Multiples vulnérabilités dans MariaDB | 2025-05-07T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2025-avi-0372 | Multiples vulnérabilités dans Google Pixel | 2025-05-07T00:00:00.000000 | 2025-05-07T00:00:00.000000 |
| certfr-2025-avi-0371 | Multiples vulnérabilités dans Google Android | 2025-05-06T00:00:00.000000 | 2025-05-06T00:00:00.000000 |
| certfr-2025-avi-0370 | Multiples vulnérabilités dans les produits IBM | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0369 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0368 | Multiples vulnérabilités dans le noyau Linux de Debian | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0367 | Vulnérabilité dans le noyau Linux de Red Hat | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0366 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0365 | Vulnérabilité dans les produits Microsoft | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0364 | Multiples vulnérabilités dans Microsoft Azure | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0363 | Multiples vulnérabilités dans Microsoft Edge | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0362 | Vulnérabilité dans Sonicwall Secure Mobile Access | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0361 | Multiples vulnérabilités dans les produits Mozilla | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0360 | Multiples vulnérabilités dans les produits Tenable | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0359 | Multiples vulnérabilités dans les produits Elastic | 2025-05-02T00:00:00.000000 | 2025-05-02T00:00:00.000000 |
| certfr-2025-avi-0358 | Multiples vulnérabilités dans les produits Mozilla | 2025-04-30T00:00:00.000000 | 2025-04-30T00:00:00.000000 |
| certfr-2025-avi-0357 | Vulnérabilité dans les produits Symantec | 2025-04-30T00:00:00.000000 | 2025-04-30T00:00:00.000000 |
| certfr-2025-avi-0356 | Multiples vulnérabilités dans Splunk User Behavior Analytics (UBA) | 2025-04-30T00:00:00.000000 | 2025-04-30T00:00:00.000000 |
| certfr-2025-avi-0354 | Multiples vulnérabilités dans Google Chrome | 2025-04-30T00:00:00.000000 | 2025-04-30T00:00:00.000000 |
| certfr-2025-avi-0258 | Multiples vulnérabilités dans les produits Apple | 2025-04-01T00:00:00.000000 | 2025-04-30T00:00:00.000000 |
| certfr-2025-avi-0353 | Multiples vulnérabilités dans les produits VMware | 2025-04-29T00:00:00.000000 | 2025-04-29T00:00:00.000000 |
| certfr-2025-avi-0352 | Multiples vulnérabilités dans Apache Tomcat | 2025-04-29T00:00:00.000000 | 2025-04-29T00:00:00.000000 |
| certfr-2025-avi-0351 | Vulnérabilité dans LibreOffice | 2025-04-28T00:00:00.000000 | 2025-04-28T00:00:00.000000 |
| certfr-2025-avi-0074 | Vulnérabilité dans Synacor Zimbra Collaboration | 2025-01-28T00:00:00.000000 | 2025-04-28T00:00:00.000000 |
| certfr-2025-avi-0349 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-04-25T00:00:00.000000 | 2025-04-25T00:00:00.000000 |
| certfr-2025-avi-0348 | Vulnérabilité dans Spring Boot | 2025-04-25T00:00:00.000000 | 2025-04-25T00:00:00.000000 |
| certfr-2025-avi-0347 | Vulnérabilité dans Sophos Taegis Endpoint Agent | 2025-04-25T00:00:00.000000 | 2025-04-25T00:00:00.000000 |
| certfr-2025-avi-0285 | Multiples vulnérabilités dans les produits SAP | 2025-04-08T00:00:00.000000 | 2025-04-25T00:00:00.000000 |