Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-37342 | N/A | SourceCodester Vehicle Parking Area Management Sy… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:18:42.566Z |
| cve-2026-37341 | N/A | SourceCodester Vehicle Parking Area Management Sy… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:16:24.628Z |
| cve-2026-37340 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:14:04.538Z |
| cve-2026-37339 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-18T02:11:23.662Z |
| cve-2026-5250 | N/A | {'providerMetadata': {'orgId': 'ceab7361-8a18-47b1-92ba-4d7d25f6715a', 'shortName': 'GitLab', 'dateUpdated': '2026-04-17T22:21:51.917Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]} | N/A | N/A | 2026-04-17T22:21:51.917Z | |
| cve-2026-31927 | 4.9 (v3.1) | Anviz CX7 Firmware Relative Path Traversal |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:24:53.893Z | 2026-04-17T20:34:41.679Z |
| cve-2026-33569 | 6.5 (v3.1) | Anviz Products Cleartext Transmission of Sensitive Inf… |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:30:46.066Z | 2026-04-17T20:32:48.104Z |
| cve-2026-35682 | 8.8 (v3.1) | Anviz CX2 Lite Command Injection |
Anviz |
Anviz CX2 Lite Firmware |
2026-04-17T19:46:26.716Z | 2026-04-17T20:30:18.510Z |
| cve-2026-40434 | 8.1 (v3.1) | Anviz CrossChex Standard Improper Verification of Sour… |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:49:28.099Z | 2026-04-17T20:28:02.785Z |
| cve-2026-32650 | 7.5 (v3.1) | Anviz CrossChex Standard Algorithm Downgrade |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:52:45.308Z | 2026-04-17T20:26:17.922Z |
| cve-2026-32324 | 7.7 (v3.1) | Anviz CX7 Firmware Use of Hard-coded Cryptographic Key |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:22:12.097Z | 2026-04-17T20:10:48.189Z |
| cve-2026-32648 | 5.3 (v3.1) | Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:34:21.522Z | 2026-04-17T20:09:05.861Z |
| cve-2026-35061 | 5.3 (v3.1) | Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:19:25.884Z | 2026-04-17T20:07:00.826Z |
| cve-2026-35546 | 9.8 (v3.1) | Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:39:25.110Z | 2026-04-17T20:05:28.411Z |
| cve-2026-40461 | 7.5 (v3.1) | Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:36:29.842Z | 2026-04-17T20:03:18.872Z |
| cve-2026-40066 | 8.8 (v3.1) | Anviz Products Download of Code Without Integrity Check |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:43:20.709Z | 2026-04-17T20:00:36.786Z |
| cve-2026-6437 | 6.5 (v3.1) 6.9 (v4.0) | AWS EFS CSI Driver Mount Option Injection |
Amazon |
AWS EFS CSI Driver |
2026-04-17T18:41:36.075Z | 2026-04-17T19:57:02.728Z |
| cve-2026-33093 | 5.3 (v3.1) | Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:17:15.274Z | 2026-04-17T19:54:36.104Z |
| cve-2026-28224 | Firebird Null Pointer Dereference via CryptCallback ca… |
FirebirdSQL |
firebird |
2026-04-17T18:38:58.138Z | 2026-04-17T19:31:38.952Z | |
| cve-2026-33337 | Firebird has a buffer overflow when parsing corrupted … |
FirebirdSQL |
firebird |
2026-04-17T18:48:47.953Z | 2026-04-17T19:21:17.132Z | |
| cve-2026-27890 | Firebird has Pre-Auth DOS when Processing Out of Order… |
FirebirdSQL |
firebird |
2026-04-17T18:14:29.433Z | 2026-04-17T18:50:22.134Z | |
| cve-2026-5427 | Kubio AI Page Builder <= 2.7.2 - Missing Authorization… |
extendthemes |
Kubio AI Page Builder |
2026-04-17T03:36:44.993Z | 2026-04-17T18:48:57.774Z | |
| cve-2026-5162 | Royal Addons for Elementor <= 1.7.1056 - Authenticated… |
wproyal |
Royal Addons for Elementor – Addons and Templates Kit for Elementor |
2026-04-17T01:24:36.629Z | 2026-04-17T18:48:24.671Z | |
| cve-2026-33122 | DataEase has SQL Injection via Datasource Management |
dataease |
dataease |
2026-04-16T19:24:03.195Z | 2026-04-17T18:47:44.791Z | |
| cve-2026-40901 | DataEase: Quartz Deserialization → Remote Code Execution |
dataease |
dataease |
2026-04-16T20:57:45.978Z | 2026-04-17T18:47:00.448Z | |
| cve-2026-39313 | MCP-Framework: Unbounded memory allocation in readRequ… |
QuantGeekDev |
mcp-framework |
2026-04-16T21:24:27.328Z | 2026-04-17T18:46:07.726Z | |
| cve-2026-40247 | free5gc UDR improper path validation allows unauthenti… |
free5gc |
free5gc |
2026-04-16T21:54:04.151Z | 2026-04-17T18:44:09.831Z | |
| cve-2026-40255 | @adonisjs/http-server has an Open Redirect vulnerability |
adonisjs |
http-server |
2026-04-16T22:25:38.155Z | 2026-04-17T18:43:10.697Z | |
| cve-2026-40260 | pypdf: Manipulated XMP metadata entity declarations ca… |
py-pdf |
pypdf |
2026-04-16T23:18:26.687Z | 2026-04-17T18:42:05.059Z | |
| cve-2026-40265 | Note Mark has Broken Access Control on Asset Download |
enchant97 |
note-mark |
2026-04-16T23:56:02.961Z | 2026-04-17T18:40:45.157Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-000107 | RW-5100 tool to verify execution environment may insecurely load Dynamic Link Libraries | 2017-06-01T16:47+09:00 | 2018-01-24T14:03+09:00 |
| jvndb-2015-000049 | "Restaurant Karaoke SHIDAX" App for Android fails to verify SSL server certificates | 2015-04-03T13:36+09:00 | 2018-01-24T14:03+09:00 |
| jvndb-2017-000186 | NFC Port Software remover may insecurely load Dynamic Link Libraries | 2017-07-27T15:38+09:00 | 2018-01-24T14:02+09:00 |
| jvndb-2017-000187 | Installer of LhaForge may insecurely load Dynamic Link Libraries | 2017-07-27T14:31+09:00 | 2018-01-24T13:59+09:00 |
| jvndb-2017-000104 | RW-4040 driver installer may insecurely load Dynamic Link Libraries | 2017-06-01T16:25+09:00 | 2018-01-24T13:57+09:00 |
| jvndb-2017-000185 | Multiple vulnerabilities in I-O DATA WN-AX1167GR | 2017-07-27T14:26+09:00 | 2018-01-24T13:56+09:00 |
| jvndb-2017-000057 | CS-Cart Japanese Edition vulnerable to cross-site request forgery | 2017-04-10T18:13+09:00 | 2018-01-24T13:49+09:00 |
| jvndb-2017-000180 | Multiple vulnerabilities in multiple Buffalo wireless LAN routers | 2017-07-20T14:13+09:00 | 2018-01-24T12:34+09:00 |
| jvndb-2017-000175 | Multiple vulnerabilities SONY Portable Wireless Server WG-C10 | 2017-07-19T15:07+09:00 | 2018-01-24T12:34+09:00 |
| jvndb-2017-000131 | Cybozu KUNAI for Android vulnerable to cross-site scripting | 2017-06-12T13:36+09:00 | 2018-01-24T12:34+09:00 |
| jvndb-2017-000127 | Cross-site scripting vulnerability in WordPress plugin "WordPress Download Manager" | 2017-06-13T14:11+09:00 | 2018-01-24T12:24+09:00 |
| jvndb-2017-000128 | Open redirect vulnerability in WordPress plugin "WordPress Download Manager" | 2017-06-13T14:11+09:00 | 2018-01-24T12:21+09:00 |
| jvndb-2017-000125 | AppCheck may insecurely invoke an executable file | 2017-06-07T14:54+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000124 | The installer of SemiDynaEXE provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000123 | The installer of TKY2JGD provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000122 | The installer of PatchJGD(Hyoko) provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2017-000121 | The installer of PatchJGD provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries | 2017-06-08T15:31+09:00 | 2018-01-24T12:15+09:00 |
| jvndb-2015-000186 | ManageEngine Firewall Analyzer fails to restrict access permissions | 2015-11-27T13:29+09:00 | 2018-01-24T12:12+09:00 |
| jvndb-2015-000185 | ManageEngine Firewall Analyzer vulnerable to directory traversal | 2015-11-27T13:28+09:00 | 2018-01-24T12:05+09:00 |
| jvndb-2017-000089 | GroupSession fails to restrict access permissions | 2017-05-25T14:14+09:00 | 2018-01-24T11:59+09:00 |
| jvndb-2016-000165 | Splunk Enterprise and Splunk Light vulnerable to cross-site scripting | 2016-09-16T14:17+09:00 | 2018-01-24T11:53+09:00 |
| jvndb-2017-005606 | Multiple vulnerabilities in Deep Discovery Email Inspector | 2018-01-17T16:15+09:00 | 2018-01-17T16:15+09:00 |
| jvndb-2017-002290 | Trend Micro Control Manager vulnerable to SQL injection | 2018-01-17T16:15+09:00 | 2018-01-17T16:15+09:00 |
| jvndb-2016-000246 | Mutiple SONY Videoconference Systems do not properly perform authentication | 2016-12-16T14:11+09:00 | 2018-01-17T14:03+09:00 |
| jvndb-2017-000115 | WordPress plugin "Multi Feed Reader" vulnerable to SQL injection | 2017-06-06T14:54+09:00 | 2018-01-17T13:58+09:00 |
| jvndb-2017-000102 | The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries | 2017-06-06T11:19+09:00 | 2018-01-17T13:58+09:00 |
| jvndb-2017-000100 | Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely load Dynamic Link Libraries | 2017-05-25T14:14+09:00 | 2018-01-17T13:58+09:00 |
| jvndb-2016-000233 | The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries | 2016-12-01T13:40+09:00 | 2018-01-17T13:54+09:00 |
| jvndb-2017-000119 | Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries | 2017-06-05T13:47+09:00 | 2018-01-17T13:49+09:00 |
| jvndb-2016-000231 | kintone mobile for Android fails to verify SSL server certificates | 2016-11-28T13:47+09:00 | 2018-01-17T12:34+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0107 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-02-07T00:00:00.000000 | 2025-02-07T00:00:00.000000 |
| certfr-2025-avi-0106 | Multiples vulnérabilités dans les produits IBM | 2025-02-07T00:00:00.000000 | 2025-02-07T00:00:00.000000 |
| certfr-2025-avi-0105 | Multiples vulnérabilités dans Microsoft Edge | 2025-02-07T00:00:00.000000 | 2025-02-07T00:00:00.000000 |
| certfr-2025-avi-0104 | Multiples vulnérabilités dans les produits Moxa | 2025-02-07T00:00:00.000000 | 2025-02-07T00:00:00.000000 |
| certfr-2025-avi-0103 | Vulnérabilité dans les produits Synology | 2025-02-07T00:00:00.000000 | 2025-02-07T00:00:00.000000 |
| certfr-2025-avi-0101 | Vulnérabilité dans les produits Kaspersky | 2025-02-07T00:00:00.000000 | 2025-02-07T00:00:00.000000 |
| certfr-2025-avi-0100 | Multiples vulnérabilités dans les produits Cisco | 2025-02-06T00:00:00.000000 | 2025-02-06T00:00:00.000000 |
| certfr-2025-avi-0099 | Multiples vulnérabilités dans les produits F5 | 2025-02-06T00:00:00.000000 | 2025-02-06T00:00:00.000000 |
| certfr-2025-avi-0098 | Multiples vulnérabilités dans les produits Curl | 2025-02-05T00:00:00.000000 | 2025-02-05T00:00:00.000000 |
| certfr-2025-avi-0097 | Multiples vulnérabilités dans les produits Mozilla | 2025-02-05T00:00:00.000000 | 2025-02-05T00:00:00.000000 |
| certfr-2025-avi-0096 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-02-05T00:00:00.000000 | 2025-02-05T00:00:00.000000 |
| certfr-2025-avi-0095 | Multiples vulnérabilités dans Google Chrome | 2025-02-05T00:00:00.000000 | 2025-02-05T00:00:00.000000 |
| certfr-2025-avi-0094 | Vulnérabilité dans les produits Veeam | 2025-02-05T00:00:00.000000 | 2025-02-05T00:00:00.000000 |
| certfr-2025-avi-0093 | Vulnérabilité dans Google Pixel | 2025-02-05T00:00:00.000000 | 2025-02-05T00:00:00.000000 |
| certfr-2025-avi-0092 | Multiples vulnérabilités dans ISC BIND | 2025-02-04T00:00:00.000000 | 2025-02-04T00:00:00.000000 |
| certfr-2025-avi-0091 | Multiples vulnérabilités dans Google Android | 2025-02-04T00:00:00.000000 | 2025-02-04T00:00:00.000000 |
| certfr-2025-avi-0090 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2025-02-03T00:00:00.000000 | 2025-02-03T00:00:00.000000 |
| certfr-2025-avi-0089 | Vulnérabilité dans Python | 2025-02-03T00:00:00.000000 | 2025-02-03T00:00:00.000000 |
| certfr-2025-avi-0088 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-01-31T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2025-avi-0087 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-01-31T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2025-avi-0086 | Multiples vulnérabilités dans les produits IBM | 2025-01-31T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2025-avi-0085 | Multiples vulnérabilités dans les produits VMware | 2025-01-31T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2025-avi-0084 | Vulnérabilité dans Microsoft Edge | 2025-01-31T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2025-avi-0083 | Vulnérabilité dans Apple GarageBand | 2025-01-31T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2024-avi-0601 | Multiples vulnérabilités dans les produits Mitel | 2024-07-18T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2025-avi-0082 | Vulnérabilité dans Sonicwall NetExtender | 2025-01-30T00:00:00.000000 | 2025-01-30T00:00:00.000000 |
| certfr-2025-avi-0081 | Multiples vulnérabilités dans ISC BIND | 2025-01-30T00:00:00.000000 | 2025-01-30T00:00:00.000000 |
| certfr-2025-avi-0080 | Vulnérabilité dans les produits Moxa | 2025-01-29T00:00:00.000000 | 2025-01-29T00:00:00.000000 |
| certfr-2025-avi-0079 | Multiples vulnérabilités dans Google Chrome | 2025-01-29T00:00:00.000000 | 2025-01-29T00:00:00.000000 |
| certfr-2025-avi-0078 | Vulnérabilité dans VMware Avi Load Balancer | 2025-01-29T00:00:00.000000 | 2025-01-29T00:00:00.000000 |