Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2026-6497		prasathmani TinyFileManager File Upload filemanager.ph…	prasathmani	TinyFileManager	2026-04-17T15:30:12.319Z	2026-04-17T18:39:49.310Z
cve-2026-4817		MasterStudy LMS <= 3.7.25 - Authenticated (Subscriber+…	stylemix	MasterStudy LMS WordPress Plugin – for Online Courses and Education	2026-04-17T01:24:37.193Z	2026-04-17T18:39:48.201Z
cve-2026-5234		LatePoint <= 5.3.2 - Insecure Direct Object Reference …	latepoint	LatePoint – Calendar Booking Plugin for Appointments and Events	2026-04-17T03:36:44.618Z	2026-04-17T18:38:40.183Z
cve-2026-3464		WP Customer Area <= 8.3.4 - Authenticated (Subscriber+…	aguilatechnologies	WP Customer Area	2026-04-17T16:26:50.576Z	2026-04-17T18:37:36.472Z
cve-2026-6421		Mobatek MobaXterm Home Edition msimg32.dll uncontrolle…	Mobatek	MobaXterm Home Edition	2026-04-17T05:45:11.921Z	2026-04-17T18:37:21.676Z
cve-2026-40518	7.1 (v4.0) 7.1 (v3.1)	ByteDance DeerFlow Path Traversal and Arbitrary File W…	bytedance	deer-flow	2026-04-17T16:43:42.387Z	2026-04-17T18:35:51.128Z
cve-2026-5718		Drag and Drop Multiple File Upload for Contact Form 7 …	glenwpcoder	Drag and Drop Multiple File Upload for Contact Form 7	2026-04-17T17:25:55.466Z	2026-04-17T18:34:48.917Z
cve-2025-11374	6.5 (v3.1)	Consul's KV endpoint is vulnerable to denial of service	HashiCorp	Consul	2025-10-28T20:19:05.292Z	2026-04-17T18:34:14.829Z
cve-2026-33815	N/A	CVE-2026-33815 in github.com/jackc/pgx	github.com/jackc/pgx/v5	github.com/jackc/pgx/v5/pgproto3	2026-04-07T15:19:24.344Z	2026-04-17T18:30:29.157Z
cve-2025-65104		Firebird: Information leak vulnerability in firebird3 …	FirebirdSQL	firebird	2026-04-17T17:47:42.109Z	2026-04-17T18:25:11.941Z
cve-2025-13357	7.4 (v3.1)	Vault Terraform Provider Applied Incorrect Defaults fo…	HashiCorp	Tooling	2025-11-21T15:02:27.081Z	2026-04-17T17:57:56.094Z
cve-2026-0969	8.8 (v3.1)	Arbitrary code execution in React server-side renderin…	HashiCorp	Shared library	2026-02-12T01:35:06.231Z	2026-04-17T17:57:55.801Z
cve-2026-2808	6.8 (v3.1)	Consul vulnerable to arbitrary file reads through the …	HashiCorp	Consul	2026-03-11T23:08:32.414Z	2026-04-17T17:57:55.646Z
cve-2026-4660	7.5 (v3.1)	Go-getter may allow to arbitrary filesystem reads thro…	HashiCorp	Tooling	2026-04-09T13:47:46.953Z	2026-04-17T17:57:55.534Z
cve-2026-5807	7.5 (v3.1)	Vault Vulnerable to Denial-of-Service via Unauthentica…	HashiCorp	Vault	2026-04-17T03:22:13.816Z	2026-04-17T17:57:55.504Z
cve-2026-3605	8.1 (v3.1)	Vault KVv2 Metadata and Secret Deletion Policy Bypass …	HashiCorp	Vault	2026-04-17T02:44:42.032Z	2026-04-17T17:57:55.431Z
cve-2026-5052	5.3 (v3.1)	Vault Vulnerable to Server-Side Request Forgery in ACM…	HashiCorp	Vault	2026-04-17T02:55:25.080Z	2026-04-17T17:57:55.377Z
cve-2026-3854	8.7 (v4.0)	Remote code execution via git push option injection in…	GitHub	Enterprise Server	2026-03-10T17:37:34.890Z	2026-04-17T17:57:27.800Z
cve-2026-5710		Drag and Drop Multiple File Upload for Contact Form 7 …	glenwpcoder	Drag and Drop Multiple File Upload for Contact Form 7	2026-04-17T17:25:54.940Z	2026-04-17T17:50:00.362Z
cve-2026-4525	7.5 (v3.1)	Vault Token Leaked to Backends via Authorization: Bear…	HashiCorp	Vault	2026-04-17T03:00:47.561Z	2026-04-17T17:22:41.255Z
cve-2026-21733	N/A	GPU DDK - Incorrect flags validation in RGXDerivePTEPr…	Imagination Technologies	Graphics DDK	2026-04-17T16:08:25.661Z	2026-04-17T17:20:54.424Z
cve-2026-33721		MapServer has heap buffer overflow in SLD `Categorize`…	MapServer	MapServer	2026-03-27T00:15:00.360Z	2026-04-17T17:18:03.353Z
cve-2026-6441		Canto <= 3.1.1 - Missing Authorization to Authenticate…	flightbycanto	Canto	2026-04-17T06:44:50.145Z	2026-04-17T16:39:26.532Z
cve-2026-6489		QueryMine sms Background Management addteacher.php unr…	QueryMine	sms	2026-04-17T13:00:21.493Z	2026-04-17T16:36:28.077Z
cve-2026-6496		prasathmani TinyFileManager POST Parameter filemanager…	prasathmani	TinyFileManager	2026-04-17T14:30:12.997Z	2026-04-17T16:35:16.121Z
cve-2026-40505	4.8 (v4.0) 3.3 (v3.1)	MuPDF < 1.27 mutool ANSI Injection via Metadata	Artifex Software Inc.	MuPDF	2026-04-16T01:20:08.397Z	2026-04-17T16:32:45.810Z
cve-2026-40516	7.8 (v4.0) 8.3 (v3.1)	OpenHarness SSRF via web_fetch and web_search	HKUDS	OpenHarness	2026-04-17T16:02:09.082Z	2026-04-17T16:27:11.780Z
cve-2026-4775	7.8 (v3.1)	Libtiff: libtiff: arbitrary code execution or denial o…	Red Hat	Red Hat Enterprise Linux 10	2026-03-24T14:42:47.529Z	2026-04-17T16:20:28.027Z
cve-2026-21672	N/A	A vulnerability allowing local privilege escalati…	Veeam	Backup and Replication	2026-03-12T16:26:52.213Z	2026-04-17T15:32:11.662Z
cve-2026-21708	N/A	A vulnerability allowing a Backup Viewer to perfo…	Veeam	Backup and Replication	2026-03-12T16:26:52.931Z	2026-04-17T15:32:10.772Z

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Package	Published	Updated

ID	Description	Type

ID	Description	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Updated

ID	Description	Published	Updated
jvndb-2017-000109	Installer of SaAT Netizen may insecurely load Dynamic Link Libraries	2017-06-02T14:00+09:00	2018-01-17T12:29+09:00
jvndb-2017-000093	WordPress plugin "MaxButtons" vulnerable to cross-site scripting	2017-05-16T13:59+09:00	2018-01-17T12:28+09:00
jvndb-2017-000110	Installer of SaAT Personal may insecurely load Dynamic Link Libraries	2017-06-02T14:00+09:00	2018-01-17T12:25+09:00
jvndb-2016-000218	CG-WLR300NX vulnerable to cross-site scripting	2016-11-11T14:49+09:00	2018-01-17T12:18+09:00
jvndb-2016-000217	CG-WLR300NX vulnerable to cross-site request forgery	2016-11-11T14:49+09:00	2018-01-17T12:18+09:00
jvndb-2016-000213	mobiGate App fails to verify SSL server certificates	2016-11-01T13:47+09:00	2018-01-17T12:18+09:00
jvndb-2016-000210	SQL injection vulnerability in WordPress plugin WP-OliveCart	2016-10-20T14:22+09:00	2018-01-17T12:10+09:00
jvndb-2016-000209	Cross-site request forgery vulnerability in WordPress plugin WP-OliveCart	2016-10-20T14:22+09:00	2018-01-17T12:10+09:00
jvndb-2016-000208	Cross-site scripting vulnerability in WordPress plugin WP-OliveCart	2016-10-20T14:22+09:00	2018-01-17T12:10+09:00
jvndb-2016-000220	DERAEMON-CMS vulnerable to cross-site scripting	2016-11-15T13:41+09:00	2018-01-17T12:09+09:00
jvndb-2016-000219	CG-WLR300NX fails to restrict access permissions	2016-11-11T14:50+09:00	2018-01-17T12:09+09:00
jvndb-2016-000221	Multiple I-O DATA network camera products vulnerable to information disclosure	2016-11-11T13:51+09:00	2018-01-17T12:02+09:00
jvndb-2016-000232	Simple keitai chat vulnerable to cross-site scripting	2016-11-25T13:54+09:00	2018-01-17T11:57+09:00
jvndb-2016-000194	Docomo L-04D mobile WiFi router vulnerable to cross-site request forgery	2016-10-03T15:17+09:00	2018-01-17T11:53+09:00
jvndb-2016-000234	Multiple I-O DATA network camera products vulnerable to OS command injection	2016-11-30T15:17+09:00	2018-01-17T11:52+09:00
jvndb-2016-000242	Sleipnir for Mac vulnerable to URL spoofing	2016-12-07T14:44+09:00	2018-01-17T11:48+09:00
jvndb-2016-000235	Multiple I-O DATA network camera products vulnerable to buffer overflow	2016-11-30T15:17+09:00	2018-01-17T11:48+09:00
jvndb-2016-000207	The installer of e-Tax Software may insecurely load Dynamic Link Libraries	2016-10-19T12:29+09:00	2018-01-17T11:48+09:00
jvndb-2017-000092	WordPress plugin "WP Booking System" vulnerable to cross-site scripting	2017-05-16T13:58+09:00	2018-01-17T11:46+09:00
jvndb-2017-010584	AssetView and AssetView PLATINUM contain multiple vulnerabilities	2018-01-12T15:32+09:00	2018-01-12T15:32+09:00
jvndb-2017-010236	Cross-site Scripting Vulnerability in Fujitsu NetCOBOL	2018-01-12T15:07+09:00	2018-01-12T15:07+09:00
jvndb-2017-004687	Cross-site Scripting Vulnerability in Fujitsu Interstage List Works	2018-01-12T14:58+09:00	2018-01-12T14:58+09:00
jvndb-2016-000212	The installer of The Public Certification Service for Individuals "The JPKI user's software" may insecurely load Dynamic Link Libraries	2016-11-01T16:44+09:00	2017-12-25T11:28+09:00
jvndb-2016-000211	Installer of 7-Zip for Windows may insecurely load Dynamic Link Libraries	2016-10-26T15:13+09:00	2017-12-25T10:27+09:00
jvndb-2017-000091	FlashAir do not set credential information in PhotoShare	2017-05-16T15:46+09:00	2017-12-21T19:16+09:00
jvndb-2017-000090	FlashAir fails to restrict access permissions in PhotoShare	2017-05-16T15:34+09:00	2017-12-21T19:13+09:00
jvndb-2017-000069	Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries	2017-04-14T14:09+09:00	2017-12-21T17:50+09:00
jvndb-2017-010275	Cross-site Scripting Vulnerability in JP1/Service Support and JP1/Integrated Management - Service Support	2017-12-11T11:46+09:00	2017-12-20T11:09+09:00
jvndb-2017-010043	Cross-site Scripting Vulnerability in JP1/Operations Analytics	2017-12-01T14:59+09:00	2017-12-20T11:09+09:00
jvndb-2017-010280	Fluentd vulenrable to escape sequence injection	2017-12-11T14:13+09:00	2017-12-11T14:13+09:00

ID	Description	Updated

ID	Description

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
certfr-2025-avi-0077	Multiples vulnérabilités dans HPE Aruba Networking Fabric Composer	2025-01-29T00:00:00.000000	2025-01-29T00:00:00.000000
certfr-2025-avi-0076	Vulnérabilité dans NetApp ONTAP	2025-01-28T00:00:00.000000	2025-01-28T00:00:00.000000
certfr-2025-avi-0075	Multiples vulnérabilités dans les produits Apple	2025-01-28T00:00:00.000000	2025-01-28T00:00:00.000000
certfr-2025-avi-0073	Multiples vulnérabilités dans Microsoft Edge	2025-01-27T00:00:00.000000	2025-01-28T00:00:00.000000
certfr-2024-avi-0151	Multiples vulnérabilités dans Joomla!	2024-02-21T00:00:00.000000	2025-01-28T00:00:00.000000
certfr-2025-avi-0072	Multiples vulnérabilités dans Juniper Secure Analytics	2025-01-27T00:00:00.000000	2025-01-27T00:00:00.000000
certfr-2025-avi-0071	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-01-24T00:00:00.000000	2025-01-24T00:00:00.000000
certfr-2025-avi-0070	Multiples vulnérabilités dans le noyau Linux de Red Hat	2025-01-24T00:00:00.000000	2025-01-24T00:00:00.000000
certfr-2025-avi-0069	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-01-24T00:00:00.000000	2025-01-24T00:00:00.000000
certfr-2025-avi-0068	Vulnérabilité dans ClamAV	2025-01-24T00:00:00.000000	2025-01-24T00:00:00.000000
certfr-2025-avi-0067	Multiples vulnérabilités dans Qnap HBS 3 Hybrid Backup Sync	2025-01-24T00:00:00.000000	2025-01-24T00:00:00.000000
certfr-2025-avi-0066	Vulnérabilité dans Sonicwall Secure Mobile Access	2025-01-23T00:00:00.000000	2025-01-23T00:00:00.000000
certfr-2025-avi-0065	Multiples vulnérabilités dans les produits Mitel	2025-01-23T00:00:00.000000	2025-01-23T00:00:00.000000
certfr-2025-avi-0064	Multiples vulnérabilités dans les produits Cisco	2025-01-23T00:00:00.000000	2025-01-23T00:00:00.000000
certfr-2025-avi-0062	Multiples vulnérabilités dans les produits Elastic	2025-01-23T00:00:00.000000	2025-01-23T00:00:00.000000
certfr-2025-avi-0061	Multiples vulnérabilités dans Google Chrome	2025-01-23T00:00:00.000000	2025-01-23T00:00:00.000000
certfr-2025-avi-0060	Multiples vulnérabilités dans Node.js	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0059	Multiples vulnérabilités dans les produits Atlassian	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0058	Multiples vulnérabilités dans Oracle Weblogic	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0057	Multiples vulnérabilités dans Oracle Virtualization	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0056	Vulnérabilité dans Oracle Systems	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0055	Multiples vulnérabilités dans Oracle PeopleSoft	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0054	Multiples vulnérabilités dans Oracle MySQL	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0053	Multiples vulnérabilités dans Oracle Java SE	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0052	Multiples vulnérabilités dans Oracle Database Server	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0051	Multiples vulnérabilités dans phpMyAdmin	2025-01-22T00:00:00.000000	2025-01-22T00:00:00.000000
certfr-2025-avi-0050	Multiples vulnérabilités dans les produits Elastic	2025-01-21T00:00:00.000000	2025-01-21T00:00:00.000000
certfr-2024-avi-0752	Multiples vulnérabilités dans les produits Qnap	2024-09-09T00:00:00.000000	2025-01-21T00:00:00.000000
certfr-2025-avi-0049	Multiples vulnérabilités dans Microsoft Edge	2025-01-20T00:00:00.000000	2025-01-20T00:00:00.000000
certfr-2025-avi-0048	Vulnérabilité dans Microsoft Windows	2025-01-17T00:00:00.000000	2025-01-17T00:00:00.000000

ID	Description	Published	Updated