Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-0810 | 7.1 (v3.1) | Gix-date: gix-date: undefined behavior due to invalid … |
GitoxideLabs |
gitoxide |
2026-01-26T19:36:45.705Z | 2026-04-20T01:39:46.966Z |
| cve-2025-54550 | Apache Airflow: RCE by race condition in example_xcom dag |
Apache Software Foundation |
Apache Airflow |
2026-04-15T00:22:03.305Z | 2026-04-19T23:46:54.404Z | |
| cve-2025-14082 | 2.7 (v3.1) | Keycloak-services: keycloak admin rest api: improper a… |
Red Hat |
Red Hat build of Keycloak 26.4 |
2025-12-10T09:04:51.343Z | 2026-04-19T23:14:08.825Z |
| cve-2025-27363 | 8.1 (v3.1) | An out of bounds write exists in FreeType version… |
FreeType |
FreeType |
2025-03-11T13:28:31.705Z | 2026-04-19T22:08:52.695Z |
| cve-2025-6170 | 2.5 (v3.1) | Libxml2: stack buffer overflow in xmllint interactive … |
|
|
2025-06-16T15:24:05.410Z | 2026-04-19T19:51:28.777Z |
| cve-2025-6021 | 7.5 (v3.1) | Libxml2: integer overflow in xmlbuildqname() leads to … |
|
|
2025-06-12T12:49:16.157Z | 2026-04-19T19:41:56.672Z |
| cve-2025-14512 | 6.5 (v3.1) | Glib: integer overflow in glib gio attribute escaping … |
GNOME |
glib |
2025-12-11T07:11:02.182Z | 2026-04-19T19:38:20.655Z |
| cve-2025-14087 | 5.6 (v3.1) | Glib: glib: buffer underflow in gvariant parser leads … |
GNOME |
glib |
2025-12-10T09:01:34.084Z | 2026-04-19T19:38:15.686Z |
| cve-2025-13601 | 7.7 (v3.1) | Glib: integer overflow in in g_escape_uri_string() |
|
|
2025-11-26T14:44:22.680Z | 2026-04-19T19:38:15.168Z |
| cve-2025-14104 | 6.1 (v3.1) | Util-linux: util-linux: heap buffer overread in setpwn… |
util-linux |
util-linux |
2025-12-05T16:22:09.283Z | 2026-04-19T19:37:37.557Z |
| cve-2025-49796 | 9.1 (v3.1) | Libxml: type confusion leads to denial of service (dos) |
|
|
2025-06-16T15:14:28.251Z | 2026-04-19T19:34:58.936Z |
| cve-2025-49795 | 7.5 (v3.1) | Libxml: null pointer dereference leads to denial of se… |
|
|
2025-06-16T15:19:29.871Z | 2026-04-19T19:34:57.055Z |
| cve-2025-49794 | 9.1 (v3.1) | Libxml: heap use after free (uaf) leads to denial of s… |
|
|
2025-06-16T15:24:31.020Z | 2026-04-19T19:34:51.344Z |
| cve-2025-9566 | 8.1 (v3.1) | Podman: podman kube play command may overwrite host files |
|
|
2025-09-05T19:54:30.503Z | 2026-04-19T19:33:33.159Z |
| cve-2025-0974 | MaxD Lightning Module deserialization |
MaxD |
Lightning Module |
2025-02-03T01:00:13.487Z | 2026-04-19T13:24:22.430Z | |
| cve-2019-25685 | N/A | {'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2026-04-19T12:36:07.579Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.', 'supportingMedia': [{'type': 'text/html', 'base64': False, 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]}], 'x_generator': {'engine': 'Vulnogram 1.0.1'}} | N/A | N/A | 2026-04-05T20:45:33.893Z | 2026-04-19T12:36:07.579Z |
| cve-2025-1686 | Versions of the package io.pebbletemplates:pebble… |
n/a |
io.pebbletemplates:pebble |
2025-02-27T05:00:05.848Z | 2026-04-19T07:54:57.303Z | |
| cve-2024-4024 | 7.3 (v3.1) | Authentication Bypass by Assumed-Immutable Data in GitLab |
GitLab |
GitLab |
2024-04-25T13:30:46.597Z | 2026-04-19T04:09:13.843Z |
| cve-2024-4006 | 4.3 (v3.1) | Incorrect Authorization in GitLab |
GitLab |
GitLab |
2024-04-25T13:30:36.721Z | 2026-04-19T04:09:08.987Z |
| cve-2026-6056 | N/A | {'providerMetadata': {'orgId': 'ceab7361-8a18-47b1-92ba-4d7d25f6715a', 'shortName': 'GitLab', 'dateUpdated': '2026-04-18T22:19:26.698Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]} | N/A | N/A | 2026-04-18T22:19:26.698Z | |
| cve-2026-41113 | 8.1 (v3.1) | sagredo qmail before 2026.04.07 allows tls_quit r… |
sagredo |
qmail |
2026-04-16T22:02:10.225Z | 2026-04-18T20:09:47.901Z |
| cve-2026-33691 | OWASP CRS: Whitespace padding in filenames bypasses fi… |
coreruleset |
coreruleset |
2026-04-02T15:03:52.126Z | 2026-04-18T19:16:54.006Z | |
| cve-2026-0968 | 3.1 (v3.1) | Libssh: libssh: denial of service due to malformed sft… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-26T20:06:29.554Z | 2026-04-18T18:13:54.993Z |
| cve-2026-0967 | 2.2 (v3.0) | Libssh: libssh: denial of service via inefficient regu… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-26T20:06:30.707Z | 2026-04-18T18:13:52.843Z |
| cve-2026-0965 | 3.3 (v3.0) | Libssh: libssh: denial of service via improper configu… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-26T20:06:33.336Z | 2026-04-18T18:13:50.718Z |
| cve-2024-3727 | 8.3 (v3.1) | Containers/image: digest type does not guarantee valid type |
|
|
2024-05-09T14:57:21.327Z | 2026-04-18T18:11:40.701Z |
| cve-2026-0966 | 6.5 (v3.0) | Libssh: buffer underflow in ssh_get_hexa() on invalid input |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-26T20:06:28.313Z | 2026-04-18T18:05:53.971Z |
| cve-2026-0964 | 5 (v3.0) | Libssh: improper sanitation of paths received from scp… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-26T20:06:28.871Z | 2026-04-18T18:05:50.867Z |
| cve-2024-1139 | 7.7 (v3.1) | Cluster-monitoring-operator: credentials leak |
|
|
2024-04-25T16:25:01.080Z | 2026-04-18T17:48:29.079Z |
| cve-2024-9355 | 6.5 (v3.1) | Golang-fips: golang fips zeroed buffer |
|
|
2024-10-01T18:17:29.420Z | 2026-04-18T17:47:04.748Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2019-000003 | HOUSE GATE App for iOS vulnerable to directory traversal | 2019-01-24T15:37+09:00 | 2019-01-24T15:37+09:00 |
| jvndb-2018-009328 | Multiple Vulnerabilities in JP1/VERITAS | 2018-11-15T17:16+09:00 | 2018-11-20T18:16+09:00 |
| jvndb-2018-008573 | Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor | 2018-10-23T15:15+09:00 | 2018-11-20T18:15+09:00 |
| jvndb-2018-008547 | Clickjacking Vulnerability in Hitachi Device Manager | 2018-10-23T13:53+09:00 | 2018-11-20T18:14+09:00 |
| jvndb-2018-000116 | Mail app for iOS vulnerable to denial-of-service (DoS) | 2018-11-02T14:42+09:00 | 2018-11-02T14:42+09:00 |
| jvndb-2018-000114 | Confluence Server vulnerable to script injection | 2018-10-29T13:36+09:00 | 2018-10-29T13:36+09:00 |
| jvndb-2018-000045 | Multiple vulnerabilities in WordPress plugin "Ultimate Member" | 2018-05-10T13:44+09:00 | 2018-08-30T18:11+09:00 |
| jvndb-2017-000171 | Installers of Mozilla Firefox and Thunderbird for Windows may insecurely load Dynamic Link Libraries | 2017-07-11T13:48+09:00 | 2018-08-30T18:03+09:00 |
| jvndb-2018-000054 | Multiple cross-site scripting vulnerabilities in Cybozu Mailwise | 2018-05-22T15:26+09:00 | 2018-08-30T17:47+09:00 |
| jvndb-2018-000053 | Multiple vulnerabilities in Cybozu Office | 2018-05-22T14:30+09:00 | 2018-08-30T16:03+09:00 |
| jvndb-2018-000048 | KINEPASS App fails to verify SSL server certificates | 2018-05-11T14:34+09:00 | 2018-08-30T15:01+09:00 |
| jvndb-2018-000041 | The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries | 2018-04-27T15:19+09:00 | 2018-08-30T14:12+09:00 |
| jvndb-2018-000036 | Joruri Gw vulnerable to arbitrary file upload | 2018-04-26T15:19+09:00 | 2018-08-30T14:02+09:00 |
| jvndb-2018-000040 | WordPress plugin "Open Graph for Facebook, Google+ and Twitter Card Tags" vulnerable to cross-site scripting | 2018-04-27T15:01+09:00 | 2018-08-30T13:54+09:00 |
| jvndb-2018-000052 | Nessus vulnerable to cross-site scripting | 2018-05-21T13:39+09:00 | 2018-08-30T13:47+09:00 |
| jvndb-2018-000042 | RT-AC87U vulnerable to cross-site scripting | 2018-05-09T15:37+09:00 | 2018-08-30T12:32+09:00 |
| jvndb-2018-000044 | RT-AC68U vulnerable to cross-site scripting | 2018-05-09T15:38+09:00 | 2018-08-30T12:20+09:00 |
| jvndb-2018-000043 | RT-AC1200HP vulnerable to cross-site scripting | 2018-05-09T15:37+09:00 | 2018-08-30T12:15+09:00 |
| jvndb-2018-000038 | WordPress plugin "WP Google Map Plugin" vulnerable to cross-site scripting | 2018-04-27T14:15+09:00 | 2018-08-30T12:00+09:00 |
| jvndb-2018-000039 | WordPress plugin "PixelYourSite" vulnerable to cross-site scripting | 2018-04-27T14:24+09:00 | 2018-08-30T11:55+09:00 |
| jvndb-2018-000037 | WordPress plugin "Events Manager" vulnerable to cross-site scripting | 2018-04-27T14:00+09:00 | 2018-08-30T11:48+09:00 |
| jvndb-2018-000035 | EC-CUBE vulnerable to session fixation | 2018-04-17T13:39+09:00 | 2018-08-22T17:42+09:00 |
| jvndb-2018-006460 | Path Traversal Vulnerability in Hitachi Automation Director | 2018-08-22T17:11+09:00 | 2018-08-22T17:11+09:00 |
| jvndb-2018-006459 | Path Traversal Vulnerability in JP1/Automatic Operation | 2018-08-22T17:11+09:00 | 2018-08-22T17:11+09:00 |
| jvndb-2018-000050 | Self-Extracting Archive files created by IExpress may insecurely load Dynamic Link Libraries | 2018-05-17T14:57+09:00 | 2018-08-21T16:40+09:00 |
| jvndb-2018-000086 | Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE | 2018-08-09T16:43+09:00 | 2018-08-09T16:43+09:00 |
| jvndb-2018-003553 | Information Disclosure Vulnerability in Hitachi Automation Director | 2018-05-28T12:13+09:00 | 2018-07-31T12:16+09:00 |
| jvndb-2018-003030 | Access Control Vulnerability in Hitachi Infrastructure Analytics Advisor | 2018-05-10T15:30+09:00 | 2018-07-31T12:12+09:00 |
| jvndb-2018-000064 | Chrome Extension "5000 trillion yen converter" vulnerable to cross-site scripting | 2018-06-15T14:36+09:00 | 2018-06-15T14:36+09:00 |
| jvndb-2018-000031 | Multiple vulnerabilities in Cybozu Garoon | 2018-04-09T14:27+09:00 | 2018-06-14T14:33+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0318 | Multiples vulnérabilités dans Oracle Database Server | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0317 | Multiples vulnérabilités dans les produits Mozilla | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0316 | Multiples vulnérabilités dans les produits Atlassian | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0315 | Multiples vulnérabilités dans Google Chrome | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0314 | Vulnérabilité dans les produits Microsoft | 2025-04-16T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0312 | Multiples vulnérabilités dans les produits Mattermost | 2025-04-15T00:00:00.000000 | 2025-04-16T00:00:00.000000 |
| certfr-2025-avi-0313 | Vulnérabilité dans SolarWinds Serv-U | 2025-04-15T00:00:00.000000 | 2025-04-15T00:00:00.000000 |
| certfr-2025-avi-0311 | Vulnérabilité dans Microsoft Visual Studio Code | 2025-04-14T00:00:00.000000 | 2025-04-14T00:00:00.000000 |
| certfr-2025-avi-0310 | Vulnérabilité dans Microsoft Edge | 2025-04-14T00:00:00.000000 | 2025-04-14T00:00:00.000000 |
| certfr-2025-avi-0309 | Multiples vulnérabilités dans les produits IBM | 2025-04-11T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0308 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-04-11T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0307 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-04-11T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0306 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-04-11T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0305 | Multiples vulnérabilités dans Google Pixel | 2025-04-11T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0294 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-04-09T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0265 | Multiples vulnérabilités dans Google Chrome | 2025-04-02T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-avi-0304 | Multiples vulnérabilités dans les produits Juniper Networks | 2025-04-10T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0303 | Multiples vulnérabilités dans les produits Splunk | 2025-04-10T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0302 | Multiples vulnérabilités dans Sonicwall NetExtender | 2025-04-10T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0301 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-04-10T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0300 | Multiples vulnérabilités dans GitLab | 2025-04-10T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0299 | Multiples vulnérabilités dans les produits Bitdefender | 2025-04-10T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0283 | Multiples vulnérabilités dans VMware Tanzu Greenplum | 2025-04-08T00:00:00.000000 | 2025-04-10T00:00:00.000000 |
| certfr-2025-avi-0298 | Multiples vulnérabilités dans les produits Elastic | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |
| certfr-2025-avi-0297 | Vulnérabilité dans Spring Cloud Config | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |
| certfr-2025-avi-0296 | Multiples vulnérabilités dans Joomla! | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |
| certfr-2025-avi-0295 | Multiples vulnérabilités dans Ivanti Endpoint Manager (EPM) | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |
| certfr-2025-avi-0293 | Multiples vulnérabilités dans les produits Fortinet | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |
| certfr-2025-avi-0292 | Multiples vulnérabilités dans les produits Adobe | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |
| certfr-2025-avi-0291 | Multiples vulnérabilités dans les produits Microsoft | 2025-04-09T00:00:00.000000 | 2025-04-09T00:00:00.000000 |