Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15625 | 9.5 (v4.0) | Unauthenticated execution of arbitrary SQL queries in … |
Sparx Systems Pty Ltd. |
Sparx Pro Cloud Server |
2026-04-17T08:38:59.972Z | 2026-04-17T11:46:37.537Z |
| cve-2026-5131 | 6.9 (v4.0) | Server-Side Request Forgery in GREENmod |
Nomios Poland |
GREENmod |
2026-04-17T10:45:34.021Z | 2026-04-17T11:45:23.719Z |
| cve-2026-3330 | Form Maker by 10Web <= 1.15.40 - Authenticated (Admini… |
10web |
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder |
2026-04-17T03:36:43.818Z | 2026-04-17T11:15:39.808Z | |
| cve-2026-5797 | Quiz and Survey Master (QSM) <= 11.1.0 - Unauthenticat… |
expresstech |
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker |
2026-04-17T05:29:26.679Z | 2026-04-17T11:14:55.597Z | |
| cve-2026-23775 | 7.6 (v3.1) | Dell PowerProtect Data Domain appliances with Dat… |
Dell |
PowerProtect Data Domain appliances |
2026-04-17T08:22:59.899Z | 2026-04-17T11:01:10.107Z |
| cve-2026-6483 | Wavlink WL-WN530H4 internet.cgi snprintf os command in… |
Wavlink |
WL-WN530H4 |
2026-04-17T10:30:17.119Z | 2026-04-17T10:53:26.356Z | |
| cve-2025-54502 | 7.1 (v4.0) | Incorrect use of boot service in the AMD Platform… |
AMD |
AMD EPYC™ 9004 Series Processors |
2026-04-16T18:46:13.377Z | 2026-04-17T03:55:16.268Z |
| cve-2026-5785 | 8.1 (v3.1) | SQL Injection |
Zohocorp |
ManageEngine PAM360 |
2026-04-16T13:46:28.313Z | 2026-04-17T03:55:15.059Z |
| cve-2026-23772 | 7.3 (v3.1) | Dell Storage Manager - Replay Manager for Microso… |
Dell |
Storage Manager |
2026-04-16T08:30:56.774Z | 2026-04-17T03:55:13.852Z |
| cve-2026-34197 | Apache ActiveMQ Broker, Apache ActiveMQ All, Apache Ac… |
Apache Software Foundation |
Apache ActiveMQ Broker |
2026-04-07T07:50:10.958Z | 2026-04-17T03:55:12.349Z | |
| cve-2024-11831 | 5.4 (v3.1) | Npm-serialize-javascript: cross-site scripting (xss) i… |
|
|
2025-02-10T15:27:46.732Z | 2026-04-17T01:39:58.613Z |
| cve-2026-5363 | 5.4 (v4.0) | Use of weak cryptographic key in TP-Link Archer C7 |
TP-Link Systems Inc. |
Archer C7 v5 and v5.8 |
2026-04-15T23:45:54.271Z | 2026-04-16T23:10:46.170Z |
| cve-2025-22870 | N/A | HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net |
Go standard library |
net/http |
2025-03-12T18:27:59.376Z | 2026-04-16T22:39:33.619Z |
| cve-2025-7195 | 6.4 (v3.1) | Operator-sdk: privilege escalation due to incorrect pe… |
operator-framework |
operator-sdk |
2025-08-07T19:05:08.756Z | 2026-04-16T21:54:06.831Z |
| cve-2026-33032 | Nginx UI: Unauthenticated MCP Endpoint Allows Remote N… |
0xJacky |
nginx-ui |
2026-03-30T17:58:42.159Z | 2026-04-16T21:42:59.787Z | |
| cve-2026-33083 | DataEase has SQL Injection in Order By Clause |
dataease |
dataease |
2026-04-16T17:52:37.255Z | 2026-04-16T19:39:25.443Z | |
| cve-2025-43935 | 4.4 (v3.1) | Dell PowerScale OneFS, versions prior to 9.12.0.0… |
Dell |
PowerScale OneFS |
2026-04-16T17:59:04.315Z | 2026-04-16T19:38:28.840Z |
| cve-2026-31843 | 10 (v4.0) 9.8 (v3.1) 10 (v2.0) | The goodoneuz/pay-uz Laravel package (<= 2.2.24) … |
goodoneuz |
pay-uz |
2026-04-16T13:02:55.701Z | 2026-04-16T19:30:21.203Z |
| cve-2023-20585 | 5.6 (v4.0) | Insufficient checks of the RMP on host buffer acc… |
AMD |
AMD EPYC™ 7003 Series Processors |
2026-04-16T18:42:28.281Z | 2026-04-16T19:12:06.991Z |
| cve-2025-54510 | 5.9 (v4.0) | A missing lock verification in AMD Secure Process… |
AMD |
AMD EPYC™ 9004 Series Processors |
2026-04-16T18:44:10.182Z | 2026-04-16T19:10:19.002Z |
| cve-2026-20184 | Cisco Webex Meetings Certificate Validation Vulnerability |
Cisco |
Cisco Webex Meetings |
2026-04-15T16:03:59.646Z | 2026-04-16T19:07:14.461Z | |
| cve-2026-20152 | Cisco Secure Web Appliance Authentication Service Traf… |
Cisco |
Cisco Secure Web Appliance |
2026-04-15T16:03:43.828Z | 2026-04-16T19:05:18.524Z | |
| cve-2024-10106 | 3.7 (v3.1) | Ember ZNet buffer overflow in 'packet handoff' plugin |
silabs.com |
Ember ZNet SDK |
2025-01-09T14:56:47.355Z | 2026-04-16T19:03:01.041Z |
| cve-2026-6442 | 8.3 (v3.1) | Improper Command Detection Logic Allows RCE in Cortex … |
Snowflake |
Cortex Code CLI |
2026-04-16T18:43:21.181Z | 2026-04-16T18:54:58.366Z |
| cve-2025-43937 | 6.6 (v3.1) | Dell PowerScale OneFS, versions prior to 9.12.0.0… |
Dell |
PowerScale OneFS |
2026-04-16T18:03:08.750Z | 2026-04-16T18:51:41.562Z |
| cve-2026-40175 | Axios has Unrestricted Cloud Metadata Exfiltration via… |
axios |
axios |
2026-04-10T19:23:52.285Z | 2026-04-16T18:45:12.892Z | |
| cve-2025-62718 | Axios has a NO_PROXY Hostname Normalization Bypass tha… |
axios |
axios |
2026-04-09T14:31:46.067Z | 2026-04-16T18:44:20.705Z | |
| cve-2026-33082 | DataEase: SQL Injection in v2 Dataset Export |
dataease |
dataease |
2026-04-16T17:39:37.894Z | 2026-04-16T18:41:46.111Z | |
| cve-2026-33121 | DataEase has SQL Injection via Datasource Save Flow |
dataease |
dataease |
2026-04-16T18:16:02.485Z | 2026-04-16T18:34:54.187Z | |
| cve-2025-36579 | 5.1 (v3.1) | Dell Client Platform BIOS contains a Weak Passwor… |
Dell |
Dell Pro 14 Essential PV14250 |
2026-04-16T16:05:32.561Z | 2026-04-16T18:32:52.672Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000163 | Splunk Enterprise and Splunk Light vulnerable to open redirect | 2016-09-16T14:08+09:00 | 2017-11-27T16:55+09:00 |
| jvndb-2016-000162 | Splunk Enterprise and Splunk Lite vulnerable to cross-site scripting | 2016-09-16T13:56+09:00 | 2017-11-27T16:55+09:00 |
| jvndb-2016-000249 | SKYSEA Client View vulnerable to arbitrary code execution | 2016-12-22T14:26+09:00 | 2017-11-27T16:53+09:00 |
| jvndb-2016-000248 | H2O use-after-free vulnerability | 2016-12-22T14:26+09:00 | 2017-11-27T16:53+09:00 |
| jvndb-2017-000103 | WordPress plugin "WP Live Chat Support" vulnerable to cross-site scripting | 2017-06-01T14:06+09:00 | 2017-11-27T16:47+09:00 |
| jvndb-2016-000247 | BlueZ userland utilities vulnerable to buffer overflow | 2016-12-22T14:26+09:00 | 2017-11-27T16:47+09:00 |
| jvndb-2016-000156 | ADOdb vulnerable to cross-site scripting | 2016-09-06T13:45+09:00 | 2017-11-27T16:43+09:00 |
| jvndb-2016-000216 | Multiple Corega wireless LAN routers vulnerable to cross-site scripting | 2016-11-11T14:45+09:00 | 2017-11-27T16:42+09:00 |
| jvndb-2016-000215 | Access restriction bypass vulnerability in WFS-SR01 | 2016-11-02T16:21+09:00 | 2017-11-27T16:42+09:00 |
| jvndb-2016-000214 | Command injection vulnerability in WFS-SR01 | 2016-11-02T16:20+09:00 | 2017-11-27T16:42+09:00 |
| jvndb-2016-000183 | baserCMS plugin Uploader vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000182 | baserCMS plugin Mail vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000181 | baserCMS plugin Feed vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000180 | baserCMS plugin Blog vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000179 | baserCMS vulnerable to cross-site scripting | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000178 | baserCMS vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000177 | baserCMS vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000176 | baserCMS plugin Blog vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000175 | baserCMS plugin Blog vulnerable to cross-site scripting | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000174 | baserCMS plugin Mail vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000173 | baserCMS plugin Mail vulnerable to cross-site scripting | 2016-09-29T16:04+09:00 | 2017-11-27T16:37+09:00 |
| jvndb-2016-000172 | baserCMS vulnerable to cross-site request forgery | 2016-09-29T16:04+09:00 | 2017-11-27T16:36+09:00 |
| jvndb-2016-000240 | WNC01WH vulnerable to directory traversal due to an issue in processing commands | 2016-12-02T14:45+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000239 | WNC01WH vulnerable to enabling debug option | 2016-12-02T14:44+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000238 | WNC01WH vulnerable to stored cross-site scripting | 2016-12-02T14:43+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000237 | WNC01WH vulnerable to cross-site request forgery | 2016-12-02T14:43+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2016-000236 | WNC01WH vulnerable to denial-of-service (DoS) | 2016-12-02T14:43+09:00 | 2017-11-27T16:27+09:00 |
| jvndb-2017-008411 | XXE Vulnerability in Hitachi Command Suite | 2017-10-18T14:22+09:00 | 2017-11-07T15:06+09:00 |
| jvndb-2017-008370 | Information Disclosure Vulnerability in Hitachi Automation Director | 2017-10-17T17:01+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-008369 | Multiple Vulnerabilities in Hitachi Infrastructure Analytics Advisor | 2017-10-17T16:58+09:00 | 2017-10-18T12:31+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-avi-0016 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2025-01-09T00:00:00.000000 | 2025-01-09T00:00:00.000000 |
| certfr-2025-avi-0015 | Multiples vulnérabilités dans GitLab | 2025-01-09T00:00:00.000000 | 2025-01-09T00:00:00.000000 |
| certfr-2025-avi-0014 | Multiples vulnérabilités dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-01-09T00:00:00.000000 |
| certfr-2025-avi-0013 | Multiples vulnérabilités dans les produits SonicWall | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0012 | Vulnérabilité dans Google Chrome | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0011 | Vulnérabilité dans VMware Aria automation et Cloud Fondation | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0010 | Multiples vulnérabilités dans les produits Splunk | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0008 | Multiples vulnérabilités dans Joomla! | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0007 | Multiples vulnérabilités dans HPE Aruba Networking 501 Wireless Client Bridge | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0006 | Multiples vulnérabilités dans LibreOffice | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0005 | Vulnérabilité dans Google Pixel | 2025-01-08T00:00:00.000000 | 2025-01-08T00:00:00.000000 |
| certfr-2025-avi-0004 | Multiples vulnérabilités dans Google Android | 2025-01-07T00:00:00.000000 | 2025-01-03T00:00:00.000000 |
| certfr-2025-avi-0002 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-01-03T00:00:00.000000 | 2025-01-06T00:00:00.000000 |
| certfr-2025-avi-0003 | Multiples vulnérabilités dans les produits IBM | 2025-01-03T00:00:00.000000 | 2025-01-03T00:00:00.000000 |
| certfr-2025-avi-0001 | Multiples vulnérabilités dans les produits Moxa | 2025-01-03T00:00:00.000000 | 2025-01-03T00:00:00.000000 |
| certfr-2024-avi-1110 | Multiples vulnérabilités dans le greffon Security QRadar Log Management AQL de IBM | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1109 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1108 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1107 | Vulnérabilité dans les produits Palo Alto Networks | 2024-12-27T00:00:00.000000 | 2024-12-27T00:00:00.000000 |
| certfr-2024-avi-1106 | Vulnérabilité dans Adobe ColdFusion | 2024-12-24T00:00:00.000000 | 2024-12-24T00:00:00.000000 |
| certfr-2024-avi-1091 | Multiples vulnérabilités dans Apache Tomcat | 2024-12-18T00:00:00.000000 | 2024-12-24T00:00:00.000000 |
| certfr-2024-avi-1105 | Multiples vulnérabilités dans Tenable Security Center | 2024-12-23T00:00:00.000000 | 2024-12-23T00:00:00.000000 |
| certfr-2024-avi-1104 | Vulnérabilité dans les produits NetApp | 2024-12-23T00:00:00.000000 | 2024-12-23T00:00:00.000000 |
| certfr-2024-avi-1103 | Multiples vulnérabilités dans les produits IBM | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1102 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1101 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1100 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1099 | Multiples vulnérabilités dans Sophos Firewall | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1098 | Multiples vulnérabilités dans Microsoft Edge | 2024-12-20T00:00:00.000000 | 2024-12-20T00:00:00.000000 |
| certfr-2024-avi-1097 | Vulnérabilité dans Trend Micro Deep Security Agent | 2024-12-19T00:00:00.000000 | 2024-12-19T00:00:00.000000 |