Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-27282 | 7.5 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-04-14T21:53:57.872Z | 2026-04-15T17:42:33.468Z |
| cve-2026-27305 | 8.6 (v3.1) | ColdFusion | Improper Limitation of a Pathname to a Re… |
Adobe |
ColdFusion |
2026-04-14T21:53:57.015Z | 2026-04-16T13:09:51.803Z |
| cve-2026-27304 | 9.3 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-04-14T21:53:55.828Z | 2026-04-15T09:13:11.147Z |
| cve-2026-27306 | 8.4 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-04-14T21:53:54.863Z | 2026-04-15T09:13:11.287Z |
| cve-2026-27307 | 2.4 (v3.1) | ColdFusion | Uncontrolled Resource Consumption (CWE-400) |
Adobe |
ColdFusion |
2026-04-14T21:53:53.899Z | 2026-04-15T17:33:11.891Z |
| cve-2026-33020 | libsixel: Integer Overflow in write_png_to_file() lead… |
saitoha |
libsixel |
2026-04-14T21:53:00.388Z | 2026-04-15T13:30:47.463Z | |
| cve-2026-34213 | Docmost has cross-page attachment overwrite via flawed… |
docmost |
docmost |
2026-04-14T21:49:55.380Z | 2026-04-15T13:31:17.467Z | |
| cve-2026-33019 | libsixel: Integer overflow leads to Out-of-bounds Read… |
saitoha |
libsixel |
2026-04-14T21:49:25.204Z | 2026-04-15T20:02:46.628Z | |
| cve-2026-33018 | libsixel: Use-After-Free in load_gif() |
saitoha |
libsixel |
2026-04-14T21:45:42.261Z | 2026-04-16T13:53:25.060Z | |
| cve-2026-34212 | Docmost page content has stored XSS via unsanitized at… |
docmost |
docmost |
2026-04-14T21:42:44.202Z | 2026-04-15T20:02:55.239Z | |
| cve-2026-33193 | Docmost vulnerable to stored XSS via MIME type spoofing |
docmost |
docmost |
2026-04-14T21:39:45.500Z | 2026-04-16T13:51:42.724Z | |
| cve-2026-40291 | Chamilo LMS has Privilege Escalation via API User Role… |
chamilo |
chamilo-lms |
2026-04-14T21:37:55.490Z | 2026-04-15T14:24:29.902Z | |
| cve-2026-33146 | Docmost's Public Share Search Exposes Metadata of Rest… |
docmost |
docmost |
2026-04-14T21:36:53.562Z | 2026-04-15T14:28:08.044Z | |
| cve-2026-35196 | Chamilo LMS has OS Command Injection via export_all_ce… |
chamilo |
chamilo-lms |
2026-04-14T21:33:13.518Z | 2026-04-15T14:27:29.401Z | |
| cve-2026-34602 | Chamilo LMS: IDOR in /api/course_rel_users Allows Unau… |
chamilo |
chamilo-lms |
2026-04-14T21:29:06.585Z | 2026-04-15T13:32:34.878Z | |
| cve-2025-15565 | Nexi XPay <= 8.3.0 - Missing Authorization to Unauthen… |
cartasi |
Nexi XPay |
2026-04-14T21:26:40.111Z | 2026-04-15T13:33:09.315Z | |
| cve-2026-34370 | Chamilo LMS: IDOR in the Notebook Module allows an att… |
chamilo |
chamilo-lms |
2026-04-14T21:25:28.960Z | 2026-04-15T20:03:07.959Z | |
| cve-2026-39907 | 7 (v4.0) | Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage … |
Unisys |
WebPerfect Image Suite |
2026-04-14T21:21:43.564Z | 2026-04-15T17:34:53.027Z |
| cve-2026-39906 | 7 (v4.0) | Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage … |
Unisys |
WebPerfect Image Suite |
2026-04-14T21:21:21.739Z | 2026-04-16T13:50:58.130Z |
| cve-2026-34631 | 7.8 (v3.1) | InCopy | Out-of-bounds Write (CWE-787) |
Adobe |
InCopy |
2026-04-14T21:14:03.822Z | 2026-04-15T17:37:21.917Z |
| cve-2026-34161 | Chamilo LMS: Stored XSS via Malicious File Upload in S… |
chamilo |
chamilo-lms |
2026-04-14T21:12:48.128Z | 2026-04-16T13:49:26.172Z | |
| cve-2026-34160 | Chamilo LMS: Unauthenticated SSRF via PENS Plugin allo… |
chamilo |
chamilo-lms |
2026-04-14T21:09:36.832Z | 2026-04-15T14:26:33.592Z | |
| cve-2026-33715 | Chamilo LMS has Unauthenticated SSRF and Open Email Re… |
chamilo |
chamilo-lms |
2026-04-14T21:05:35.043Z | 2026-04-15T13:37:16.615Z | |
| cve-2026-33714 | Chamilo LMS has Authenticated SQL Injection in statist… |
chamilo |
chamilo-lms |
2026-04-14T21:00:19.259Z | 2026-04-15T20:03:16.195Z | |
| cve-2026-27287 | 7.8 (v3.1) | InCopy | Out-of-bounds Read (CWE-125) |
Adobe |
InCopy |
2026-04-14T20:54:02.232Z | 2026-04-15T09:13:11.484Z |
| cve-2026-25133 | October CMS has Stored XSS via SVG Filter Bypass |
octobercms |
october |
2026-04-14T20:47:49.474Z | 2026-04-16T13:47:42.800Z | |
| cve-2026-25125 | October CMS: Environment Variable Exfiltration via INI… |
octobercms |
october |
2026-04-14T20:39:59.164Z | 2026-04-15T14:25:12.276Z | |
| cve-2026-24893 | openITCOCKPIT has Authenticated Command Injection Lead… |
openITCOCKPIT |
openITCOCKPIT |
2026-04-14T20:37:00.347Z | 2026-04-15T13:40:30.971Z | |
| cve-2026-40683 | 7.7 (v3.1) | In OpenStack Keystone before 28.0.1, the LDAP ide… |
OpenStack |
Keystone |
2026-04-14T20:05:03.274Z | 2026-04-14T20:14:44.539Z |
| cve-2026-34630 | 7.8 (v3.1) | Bridge | Heap-based Buffer Overflow (CWE-122) |
Adobe |
Bridge |
2026-04-14T19:53:39.505Z | 2026-04-15T09:13:11.712Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-000236 | WordPress plugin "TablePress" vulnerable to improper restriction of XML external entity (XXE) references | 2017-11-14T13:26+09:00 | 2018-03-07T13:36+09:00 |
| jvndb-2017-000235 | CS-Cart Japanese Edition vulnerable to cross-site scripting | 2017-11-13T15:30+09:00 | 2018-03-07T13:36+09:00 |
| jvndb-2017-000234 | Installer of HYPER SBI may insecurely load Dynamic Link Libraries | 2017-11-09T12:29+09:00 | 2018-03-07T14:01+09:00 |
| jvndb-2017-000233 | I-O DATA LAN DISK Connect vulnerable to denial-of-service (DoS) | 2017-11-06T13:48+09:00 | 2018-03-07T14:01+09:00 |
| jvndb-2017-000232 | Wi-Fi STATION L-02F vulnerable to buffer overflow | 2017-11-06T13:48+09:00 | 2018-03-07T14:00+09:00 |
| jvndb-2017-000213 | Installer of "Flets Easy Setup Tool" may insecurely load Dynamic Link Libraries | 2017-11-02T13:57+09:00 | 2018-03-14T13:48+09:00 |
| jvndb-2017-000231 | OpenAM (Open Source Edition) vulnerable to authentication bypass | 2017-11-01T15:36+09:00 | 2018-03-14T14:03+09:00 |
| jvndb-2017-008629 | Memory corruption vulnerability in Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro | 2017-10-25T12:17+09:00 | 2018-03-14T14:01+09:00 |
| jvndb-2017-008411 | XXE Vulnerability in Hitachi Command Suite | 2017-10-18T14:22+09:00 | 2017-11-07T15:06+09:00 |
| jvndb-2017-000229 | Home unit KX-HJB1000 contains multiple vulnerabilities | 2017-10-17T17:22+09:00 | 2018-03-07T14:24+09:00 |
| jvndb-2017-008370 | Information Disclosure Vulnerability in Hitachi Automation Director | 2017-10-17T17:01+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-008369 | Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor | 2017-10-17T16:58+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-008364 | RMI Vulnerability in Hitachi Tuning Manager | 2017-10-17T16:26+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-008363 | Information Disclosure Vulnerability in Hitachi Global Link Manager | 2017-10-17T16:26+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-000228 | Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files | 2017-10-11T16:43+09:00 | 2018-03-07T12:09+09:00 |
| jvndb-2017-000227 | HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries | 2017-10-11T16:43+09:00 | 2018-03-07T12:06+09:00 |
| jvndb-2017-000226 | HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries | 2017-10-11T16:43+09:00 | 2018-03-07T12:12+09:00 |
| jvndb-2017-000225 | Cybozu Office fails to restrict access permissions | 2017-10-11T14:28+09:00 | 2018-03-07T12:21+09:00 |
| jvndb-2017-007767 | Self-Decrypting Confidential Files created by JP1/HIBUN may insecurely load Dynamic Link Libraries | 2017-10-03T11:18+09:00 | 2017-10-06T11:36+09:00 |
| jvndb-2017-000223 | Install program and Installer of i-filter 6.0 may insecurely load Dynamic Link Libraries and invoke executable files | 2017-09-29T13:54+09:00 | 2017-09-29T13:54+09:00 |
| jvndb-2017-000146 | Marp vulnerable to improper access control in JavaScript execution | 2017-09-29T13:54+09:00 | 2018-02-07T11:52+09:00 |
| jvndb-2017-007582 | jwt-scala fails to verify token signatures | 2017-09-26T15:37+09:00 | 2018-03-07T12:23+09:00 |
| jvndb-2017-007422 | InterScan Web Security Virtual Appliance vulnerable to code injection | 2017-09-21T15:58+09:00 | 2018-03-07T14:32+09:00 |
| jvndb-2017-000218 | Wi-Fi STATION L-02F fails to restrict access permissions | 2017-09-12T14:35+09:00 | 2018-02-28T14:09+09:00 |
| jvndb-2017-000217 | Backdoor access issue in Wi-Fi STATION L-02F | 2017-09-12T14:34+09:00 | 2018-02-28T14:11+09:00 |
| jvndb-2017-000222 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2017-09-11T15:19+09:00 | 2018-02-28T14:12+09:00 |
| jvndb-2017-000221 | Installer of FENCE-Explorer may insecurely load Dynamic Link Libraries and invoke executable files | 2017-09-11T14:55+09:00 | 2018-02-28T13:58+09:00 |
| jvndb-2017-000220 | Multiple vulnerabilities in CG-WLR300NM | 2017-09-08T14:14+09:00 | 2018-02-28T12:21+09:00 |
| jvndb-2017-006769 | Denial-of-service (DoS) Vulnerability in JP1 and Hitachi IT Operations Director | 2017-09-04T12:14+09:00 | 2017-09-05T10:46+09:00 |
| jvndb-2017-000219 | Multiple Fuji Xerox products may insecurely load Dynamic Link Libraries | 2017-08-31T16:35+09:00 | 2021-04-12T13:30+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0219 | Multiples vulnérabilités dans GLPI | 2025-03-19T00:00:00.000000 | 2025-03-19T00:00:00.000000 |
| certfr-2025-avi-0218 | Multiples vulnérabilités dans Atlassian Jira | 2025-03-19T00:00:00.000000 | 2025-03-19T00:00:00.000000 |
| certfr-2025-avi-0217 | Multiples vulnérabilités dans Mattermost Server | 2025-03-18T00:00:00.000000 | 2025-04-17T00:00:00.000000 |
| certfr-2025-avi-0216 | Multiples vulnérabilités dans les produits Schneider Electric | 2025-03-17T00:00:00.000000 | 2025-03-17T00:00:00.000000 |
| certfr-2025-avi-0215 | Multiples vulnérabilités dans VMware Tanzu Gemfire | 2025-03-17T00:00:00.000000 | 2025-03-17T00:00:00.000000 |
| certfr-2025-avi-0214 | Multiples vulnérabilités dans les produits IBM | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0213 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0212 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0211 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0210 | Multiples vulnérabilités dans VMware Tanzu | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0209 | Multiples vulnérabilités dans PHP | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0208 | Vulnérabilité dans Microsoft Dataverse | 2025-03-14T00:00:00.000000 | 2025-03-14T00:00:00.000000 |
| certfr-2025-avi-0207 | Multiples vulnérabilités dans Cisco IOS XR | 2025-03-13T00:00:00.000000 | 2025-03-13T00:00:00.000000 |
| certfr-2025-avi-0206 | Vulnérabilité dans Juniper Networks Junos OS | 2025-03-13T00:00:00.000000 | 2025-03-13T00:00:00.000000 |
| certfr-2025-avi-0205 | Multiples vulnérabilités dans GitLab | 2025-03-13T00:00:00.000000 | 2025-03-13T00:00:00.000000 |
| certfr-2025-avi-0204 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-03-13T00:00:00.000000 | 2025-03-13T00:00:00.000000 |
| certfr-2025-avi-0203 | Multiples vulnérabilités dans Microsoft Edge | 2025-03-13T00:00:00.000000 | 2025-03-13T00:00:00.000000 |
| certfr-2025-avi-0202 | Vulnérabilité dans Joomla! | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0201 | Multiples vulnérabilités dans les produits Adobe | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0200 | Vulnérabilité dans Apache Tomcat | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0199 | Vulnérabilité dans les produits Apple | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0198 | Multiples vulnérabilités dans les produits Ivanti | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0197 | Multiples vulnérabilités dans les produits Fortinet | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0196 | Multiples vulnérabilités dans les produits Microsoft | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0195 | Multiples vulnérabilités dans Microsoft Azure | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0194 | Vulnérabilité dans Microsoft .Net | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0193 | Multiples vulnérabilités dans Microsoft Windows | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0192 | Multiples vulnérabilités dans Microsoft Office | 2025-03-12T00:00:00.000000 | 2025-03-12T00:00:00.000000 |
| certfr-2025-avi-0191 | Multiples vulnérabilités dans les produits Siemens | 2025-03-11T00:00:00.000000 | 2025-03-11T00:00:00.000000 |
| certfr-2025-avi-0190 | Multiples vulnérabilités dans les produits SAP | 2025-03-11T00:00:00.000000 | 2025-03-11T00:00:00.000000 |