Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-26165 | 7 (v3.1) | Windows Shell Elevation of Privilege Vulnerability |
Microsoft |
Windows 11 version 22H3 |
2026-04-14T16:57:02.764Z | 2026-04-21T19:19:14.123Z |
| cve-2026-26162 | 7.8 (v3.1) | Windows OLE Elevation of Privilege Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-04-14T16:57:02.114Z | 2026-04-21T19:19:13.464Z |
| cve-2026-26161 | 7.8 (v3.1) | Windows Sensor Data Service Elevation of Privilege Vul… |
Microsoft |
Windows 10 Version 1809 |
2026-04-14T16:57:01.363Z | 2026-04-21T19:19:12.838Z |
| cve-2026-26160 | 7.8 (v3.1) | Remote Desktop Licensing Service Elevation of Privileg… |
Microsoft |
Windows 10 Version 1607 |
2026-04-14T16:57:00.415Z | 2026-04-21T19:19:12.286Z |
| cve-2026-26155 | 6.5 (v3.1) | Microsoft Local Security Authority Subsystem Service I… |
Microsoft |
Windows 10 Version 1607 |
2026-04-14T16:56:59.659Z | 2026-04-21T19:19:11.604Z |
| cve-2026-26154 | 7.5 (v3.1) | Windows Server Update Service (WSUS) Tampering Vulnerability |
Microsoft |
Windows Server 2012 |
2026-04-14T16:56:58.935Z | 2026-04-21T19:19:10.963Z |
| cve-2026-26151 | 7.1 (v3.1) | Remote Desktop Spoofing Vulnerability |
Microsoft |
Windows 10 Version 1607 |
2026-04-14T16:56:58.329Z | 2026-04-21T19:19:10.111Z |
| cve-2026-26149 | 9 (v3.1) | Microsoft Power Apps Spoofing Vulnerability |
Microsoft |
Microsoft Power Apps |
2026-04-14T16:56:57.430Z | 2026-04-21T19:19:09.555Z |
| cve-2026-23670 | 5.7 (v3.1) | Windows Virtualization-Based Security (VBS) Security F… |
Microsoft |
Windows 10 Version 1607 |
2026-04-14T16:56:56.192Z | 2026-04-21T19:19:08.425Z |
| cve-2026-20945 | 4.6 (v3.1) | Microsoft SharePoint Server Spoofing Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016 |
2026-04-14T16:56:55.466Z | 2026-04-21T19:19:07.592Z |
| cve-2026-25184 | 7 (v3.1) | Applocker Filter Driver (applockerfltr.sys) Elevation … |
Microsoft |
Windows 11 version 22H3 |
2026-04-14T16:56:54.535Z | 2026-04-21T19:19:06.763Z |
| cve-2026-23653 | 5.7 (v3.1) | GitHub Copilot and Visual Studio Code Information Disc… |
Microsoft |
Microsoft Visual Studio Code CoPilot Chat Extension |
2026-04-14T16:56:53.499Z | 2026-04-21T19:19:05.769Z |
| cve-2026-20930 | 7.8 (v3.1) | Windows Management Services Elevation of Privilege Vul… |
Microsoft |
Windows 10 Version 1809 |
2026-04-14T16:56:51.780Z | 2026-04-21T19:19:04.754Z |
| cve-2026-22692 | October CMS: Twig Sandbox Bypass via Collection Methods |
octobercms |
october |
2026-04-14T16:48:04.730Z | 2026-04-14T19:42:40.460Z | |
| cve-2026-27284 | 7.8 (v3.1) | InDesign Desktop | Out-of-bounds Read (CWE-125) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:55.885Z | 2026-04-15T03:58:30.100Z |
| cve-2026-27285 | 5.5 (v3.1) | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:54.941Z | 2026-04-14T19:41:12.307Z |
| cve-2026-27286 | 5.5 (v3.1) | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:54.103Z | 2026-04-14T19:37:43.093Z |
| cve-2026-27283 | 7.8 (v3.1) | InDesign Desktop | Use After Free (CWE-416) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:52.852Z | 2026-04-15T03:58:28.922Z |
| cve-2026-27238 | 7.8 (v3.1) | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:51.566Z | 2026-04-15T03:58:36.317Z |
| cve-2026-27291 | 7.8 (v3.1) | InDesign Desktop | Out-of-bounds Write (CWE-787) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:50.319Z | 2026-04-15T03:58:31.384Z |
| cve-2026-34622 | 8.6 (v3.1) | Acrobat Reader | Improperly Controlled Modification of… |
Adobe |
Acrobat Reader |
2026-04-14T16:18:05.530Z | 2026-04-15T03:58:27.650Z |
| cve-2026-34626 | 6.3 (v3.1) | Acrobat Reader | Improperly Controlled Modification of… |
Adobe |
Acrobat Reader |
2026-04-14T16:18:04.679Z | 2026-04-14T17:53:05.039Z |
| cve-2025-61624 | 5.4 (v3.1) | An Improper Limitation of a Pathname to a Restric… |
Fortinet |
FortiOS |
2026-04-14T15:39:51.445Z | 2026-04-14T16:46:14.073Z |
| cve-2025-68649 | 5.4 (v3.1) | An improper limitation of a pathname to a restric… |
Fortinet |
FortiManager Cloud |
2026-04-14T15:39:46.446Z | 2026-04-14T16:46:14.224Z |
| cve-2026-21741 | 2.2 (v3.1) | An URL Redirection to Untrusted Site ('Open Redir… |
Fortinet |
FortiNAC-F |
2026-04-14T15:39:45.334Z | 2026-04-14T16:15:52.069Z |
| cve-2026-39813 | 9.1 (v3.1) | A path traversal: '../filedir' vulnerability in F… |
Fortinet |
FortiSandbox |
2026-04-14T15:38:30.311Z | 2026-04-15T03:58:20.016Z |
| cve-2025-61848 | 6.8 (v3.1) | An improper neutralization of special elements us… |
Fortinet |
FortiManager |
2026-04-14T15:38:24.009Z | 2026-04-15T03:58:25.023Z |
| cve-2026-22828 | 7.3 (v3.1) | A heap-based buffer overflow vulnerability in For… |
Fortinet |
FortiAnalyzer Cloud |
2026-04-14T15:38:22.657Z | 2026-04-15T03:58:26.193Z |
| cve-2026-39815 | 7.9 (v3.1) | A improper neutralization of special elements use… |
Fortinet |
FortiDDoS-F |
2026-04-14T15:38:22.588Z | 2026-04-14T17:35:54.853Z |
| cve-2026-22573 | 6.2 (v3.1) | An improper limitation of a pathname to a restric… |
Fortinet |
FortiSOAR on-premise |
2026-04-14T15:38:22.081Z | 2026-04-14T16:46:14.901Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-000021 | Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to cross-site request forgery | 2017-02-09T14:40+09:00 | 2017-06-01T11:30+09:00 |
| jvndb-2017-000020 | Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to authentication bypass | 2017-02-09T14:39+09:00 | 2017-06-01T11:30+09:00 |
| jvndb-2017-000022 | Multiple cross-site scripting vulnerabilities in Webmin | 2017-02-09T14:06+09:00 | 2017-06-02T18:04+09:00 |
| jvndb-2017-000017 | Business LaLa Call App for Android fails to verify SSL server certificates | 2017-02-03T13:58+09:00 | 2017-06-06T11:52+09:00 |
| jvndb-2017-000016 | LaLa Call App for Android fails to verify SSL server certificates | 2017-02-03T13:31+09:00 | 2017-06-06T11:52+09:00 |
| jvndb-2017-000014 | CubeCart vulnerable to directory traversal | 2017-01-27T13:49+09:00 | 2017-06-01T11:30+09:00 |
| jvndb-2017-000011 | Knowledge vulnerable to cross-site request forgery | 2017-01-24T14:12+09:00 | 2017-06-06T14:38+09:00 |
| jvndb-2017-000013 | Nessus vulnerable to cross-site scripting | 2017-01-24T13:38+09:00 | 2017-02-20T17:44+09:00 |
| jvndb-2017-000010 | smalruby-editor vulnerable to OS command injection | 2017-01-24T13:34+09:00 | 2017-06-06T15:40+09:00 |
| jvndb-2017-001054 | Arbitrary file upload vulnerability in GigaCC OFFICE | 2017-01-23T17:57+09:00 | 2018-02-28T11:25+09:00 |
| jvndb-2017-001053 | Mis-configuration of Apache Velocity template engine used to send emails in GigaCC OFFICE | 2017-01-23T17:57+09:00 | 2018-02-28T11:35+09:00 |
| jvndb-2017-000012 | Java (OGNL) code execution in Apache Struts 2 when devMode is enabled | 2017-01-20T14:01+09:00 | 2017-01-20T14:01+09:00 |
| jvndb-2017-000009 | MaruUo Factory's multiple AttacheCase products vulnerable to directory traversal | 2017-01-16T14:41+09:00 | 2017-06-06T16:13+09:00 |
| jvndb-2017-000008 | AttacheCase vulnerable to directory traversal | 2017-01-16T14:35+09:00 | 2017-06-06T16:13+09:00 |
| jvndb-2017-000007 | Cybozu Remote Service Manager fails to verify client certificates | 2017-01-11T13:46+09:00 | 2017-06-06T15:52+09:00 |
| jvndb-2017-000003 | Olive Diary DX vulnerable to cross-site scripting | 2017-01-06T14:02+09:00 | 2017-06-01T15:58+09:00 |
| jvndb-2017-000002 | WEB SCHEDULE vulnerable to cross-site scripting | 2017-01-06T14:01+09:00 | 2017-06-01T15:58+09:00 |
| jvndb-2017-000001 | Olive Blog vulnerable to cross-site scripting | 2017-01-06T13:56+09:00 | 2017-06-01T15:58+09:00 |
| jvndb-2016-000251 | WinSparkle issue where registry value is not validated | 2016-12-26T14:45+09:00 | 2018-02-16T16:00+09:00 |
| jvndb-2016-000250 | Wireshark for Windows issue where an arbitrary file may be deleted | 2016-12-26T14:45+09:00 | 2018-02-16T16:00+09:00 |
| jvndb-2016-000249 | SKYSEA Client View vulnerable to arbitrary code execution | 2016-12-22T14:26+09:00 | 2017-11-27T16:53+09:00 |
| jvndb-2016-000248 | H2O use-after-free vulnerability | 2016-12-22T14:26+09:00 | 2017-11-27T16:53+09:00 |
| jvndb-2016-000247 | BlueZ userland utilities vulnerable to buffer overflow | 2016-12-22T14:26+09:00 | 2017-11-27T16:47+09:00 |
| jvndb-2016-000226 | Cybozu Garoon fails to restrict access permission in To-Dos of Space function | 2016-12-19T14:38+09:00 | 2017-11-27T16:58+09:00 |
| jvndb-2016-000225 | Cybozu Garoon fails to restrict access permission in MultiReport filters | 2016-12-19T14:32+09:00 | 2017-11-27T16:58+09:00 |
| jvndb-2016-000224 | Cybozu Garoon fails to restrict access permission in the RSS settings | 2016-12-19T14:29+09:00 | 2017-11-27T16:58+09:00 |
| jvndb-2016-000229 | Cybozu Garoon vulnerable to SQL injection | 2016-12-19T14:19+09:00 | 2017-11-27T17:11+09:00 |
| jvndb-2016-000228 | Cybozu Garoon vulnerable to directory traversal | 2016-12-19T13:44+09:00 | 2017-11-27T17:11+09:00 |
| jvndb-2016-000227 | Cybozu Garoon vulnerable to cross-site request forgery | 2016-12-19T13:36+09:00 | 2017-11-27T16:58+09:00 |
| jvndb-2016-000223 | Cybozu Garoon vulnerable to information disclosure | 2016-12-19T12:29+09:00 | 2017-11-27T16:58+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0009 | Multiples vulnérabilités dans les produits Mozilla | 2025-01-08T00:00:00.000000 | 2025-01-15T00:00:00.000000 |
| certfr-2025-avi-0008 | Multiples vulnérabilités dans Joomla! | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0007 | Multiples vulnérabilités dans HPE Aruba Networking 501 Wireless Client Bridge | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0006 | Multiples vulnérabilités dans LibreOffice | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0005 | Vulnérabilité dans Google Pixel | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0004 | Multiples vulnérabilités dans Google Android | 2025-01-07T00:00:00.000000 | 2025-01-03T00:00:00.000000 |
| certfr-2025-avi-0003 | Multiples vulnérabilités dans les produits IBM | 2025-01-03T00:00:00.000000 | 2025-01-03T00:00:00.000000 |
| certfr-2025-avi-0002 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-01-03T00:00:00.000000 | 2025-01-06T00:00:00.000000 |
| certfr-2025-avi-0001 | Multiples vulnérabilités dans les produits Moxa | 2025-01-03T00:00:00.000000 | 2025-01-03T00:00:00.000000 |
| certfr-2024-avi-1110 | Multiples vulnérabilités dans le greffon Security QRadar Log Management AQL de IBM | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1109 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1108 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1107 | Vulnérabilité dans les produits Palo Alto Networks | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1106 | Vulnérabilité dans Adobe ColdFusion | 2024-12-24T00:00:00.000000 | 2024-12-24T00:00:00.000000 |
| certfr-2024-avi-1105 | Multiples vulnérabilités dans Tenable Security Center | 2024-12-23T00:00:00.000000 | 2024-12-23T00:00:00.000000 |
| certfr-2024-avi-1104 | Vulnérabilité dans les produits NetApp | 2024-12-23T00:00:00.000000 | 2024-12-23T00:00:00.000000 |
| certfr-2024-avi-1103 | Multiples vulnérabilités dans les produits IBM | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1102 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1101 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1100 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1099 | Multiples vulnérabilités dans Sophos Firewall | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1098 | Multiples vulnérabilités dans Microsoft Edge | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1097 | Vulnérabilité dans Trend Micro Deep Security Agent | 2024-12-19T00:00:00.000000 | 2024-12-19T00:00:00.000000 |
| certfr-2024-avi-1096 | Multiples vulnérabilités dans les produits Fortinet | 2024-12-19T00:00:00.000000 | 2024-12-19T00:00:00.000000 |
| certfr-2024-avi-1095 | Multiples vulnérabilités dans Google Chrome | 2024-12-19T00:00:00.000000 | 2024-12-19T00:00:00.000000 |
| certfr-2024-avi-1094 | Vulnérabilité dans les produits Elastic | 2024-12-18T00:00:00.000000 | 2024-12-18T00:00:00.000000 |
| certfr-2024-avi-1093 | Multiples vulnérabilités dans Xen | 2024-12-18T00:00:00.000000 | 2024-12-18T00:00:00.000000 |
| certfr-2024-avi-1092 | Vulnérabilité dans Traefik | 2024-12-18T00:00:00.000000 | 2024-12-18T00:00:00.000000 |
| certfr-2024-avi-1091 | Multiples vulnérabilités dans Apache Tomcat | 2024-12-18T00:00:00.000000 | 2024-12-24T00:00:00.000000 |
| certfr-2024-avi-1090 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2024-12-18T00:00:00.000000 | 2025-12-04T00:00:00.000000 |