Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-3497 | 2.7 (v4.0) | Vulnerability in the OpenSSH GSSAPI delta include… |
Ubuntu |
openssh |
2026-03-12T18:27:44.917Z | 2026-04-16T18:24:30.556Z |
| cve-2026-27820 | zlib: Buffer Overflow in Zlib::GzipReader ungetc via l… |
ruby |
zlib |
2026-04-16T17:27:48.944Z | 2026-04-16T18:20:21.451Z | |
| cve-2026-5329 | 8.5 (v3.1) | Rapid7 Velociraptor Improper Input Validation in Clien… |
Rapid7 |
Velociraptor |
2026-04-09T17:52:05.885Z | 2026-04-16T17:55:09.212Z |
| cve-2026-2336 | 8.7 (v4.0) | Weak webstax_auth Cookie Authentication Allows Privile… |
Microchip |
IStaX |
2026-04-16T17:02:06.352Z | 2026-04-16T17:34:39.672Z |
| cve-2026-30656 | N/A | A NULL pointer dereference vulnerability exists i… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T17:33:52.962Z |
| cve-2026-37336 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T17:28:46.565Z |
| cve-2026-37337 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T17:26:11.625Z |
| cve-2025-61594 | URI Credential Leakage Bypass over CVE-2025-27221 |
ruby |
uri |
2025-12-30T21:03:08.990Z | 2026-04-16T17:02:32.149Z | |
| cve-2021-22925 | N/A | curl supports the `-t` command line option, known… |
n/a |
https://github.com/curl/curl |
2021-08-05T00:00:00.000Z | 2026-04-16T16:36:24.090Z |
| cve-2026-25704 | 5.8 (v4.0) | Incomplete privilege drop for com.system76.CosmicGreet… |
pop-os |
cosmic-greeter |
2026-03-30T07:44:39.672Z | 2026-04-16T16:32:11.153Z |
| cve-2026-37338 | N/A | SourceCodester Simple Music Cloud Community Syste… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:49:41.995Z |
| cve-2026-37346 | N/A | SourceCodester Payroll Management and Information… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:44:44.805Z |
| cve-2026-37345 | N/A | SourceCodester Vehicle Parking Area Management Sy… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:42:56.413Z |
| cve-2026-37347 | N/A | SourceCodester Payroll Management and Information… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:38:38.249Z |
| cve-2026-6409 | 7.1 (v4.0) | Denial of Service (DoS) vulnerability exists in the Pr… |
Protocol Buffers |
Protobuf-php (Pecl) |
2026-04-16T14:30:51.568Z | 2026-04-16T15:24:43.164Z |
| cve-2026-3324 | 8.2 (v3.1) | Authentication Bypass |
Zohocorp |
ManageEngine Log360 |
2026-04-16T14:30:55.130Z | 2026-04-16T15:21:19.911Z |
| cve-2026-30459 | N/A | An issue in the Forgot Password feature of Daylig… |
n/a |
n/a |
2026-04-16T00:00:00.000Z | 2026-04-16T15:16:57.348Z |
| cve-2026-33793 | 7.8 (v3.1) 8.5 (v4.0) | Junos OS and Junos OS Evolved: When an unsigned Python… |
Juniper Networks |
Junos OS |
2026-04-09T21:24:50.485Z | 2026-04-16T15:14:18.212Z |
| cve-2025-11252 | 9.8 (v3.1) | SQLi in Signum Technologies' windesk.fm |
Signum Technology Promotion and Training Inc. |
windesk.fm |
2026-02-27T12:32:33.594Z | 2026-04-16T15:10:42.074Z |
| cve-2026-40729 | N/A | WordPress 3D viewer – Embed 3D Models plugin <= 1.8.5 … |
bPlugins |
3D viewer – Embed 3D Models |
2026-04-15T10:21:33.661Z | 2026-04-16T15:09:41.105Z |
| cve-2026-40734 | N/A | WordPress Categories Images plugin <= 3.3.1 - Cross Si… |
Zahlan |
Categories Images |
2026-04-15T10:21:33.995Z | 2026-04-16T15:06:08.721Z |
| cve-2026-40740 | N/A | WordPress Tutor LMS plugin <= 3.9.7 - Broken Access Co… |
Themeum |
Tutor LMS |
2026-04-15T10:21:34.311Z | 2026-04-16T14:52:07.805Z |
| cve-2026-40744 | N/A | WordPress Beaver Builder plugin <= 2.10.1.2 - SQL Inje… |
Beaver Builder |
Beaver Builder |
2026-04-15T10:21:34.729Z | 2026-04-16T14:47:03.967Z |
| cve-2026-2840 | Email Encoder – Protect Email Addresses and Phone Numb… |
onlineoptimisation |
Email Encoder – Protect Email Addresses and Phone Numbers |
2026-04-16T14:10:29.114Z | 2026-04-16T14:42:53.905Z | |
| cve-2026-33804 | 7.4 (v3.1) | @fastify/middie vulnerable to middleware bypass via de… |
@fastify/middie |
@fastify/middie |
2026-04-16T13:56:56.176Z | 2026-04-16T14:41:48.659Z |
| cve-2026-40763 | N/A | WordPress Royal Elementor Addons plugin <= 1.7.1056 - … |
WP Royal |
Royal Elementor Addons |
2026-04-15T10:21:35.155Z | 2026-04-16T14:41:45.860Z |
| cve-2024-35512 | N/A | hmq v1.5.5 is vulnerable to Denial of Service (Do… |
n/a |
n/a |
2024-05-29T16:55:34.086Z | 2026-04-16T14:39:03.891Z |
| cve-2026-40778 | N/A | WordPress Majestic Support plugin <= 1.1.2 - Broken Ac… |
Majestic Support |
Majestic Support |
2026-04-15T10:21:35.665Z | 2026-04-16T14:35:34.783Z |
| cve-2026-2784 | N/A | Mitigation bypass in the DOM: Security component |
Mozilla |
Firefox |
2026-02-24T13:33:17.554Z | 2026-04-16T14:32:57.551Z |
| cve-2026-2779 | N/A | Incorrect boundary conditions in the Networking: JAR c… |
Mozilla |
Firefox |
2026-02-24T13:33:14.195Z | 2026-04-16T14:32:33.729Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2017-008364 | RMI Vulnerability in Hitachi Tuning Manager | 2017-10-17T16:26+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-008363 | Information Disclosure Vulnerability in Hitachi Global Link Manager | 2017-10-17T16:26+09:00 | 2017-10-18T12:31+09:00 |
| jvndb-2017-007767 | Self-Decrypting Confidential Files created by JP1/HIBUN may insecurely load Dynamic Link Libraries | 2017-10-03T11:18+09:00 | 2017-10-06T11:36+09:00 |
| jvndb-2015-000125 | Apache Struts vulnerable to cross-site scripting | 2015-09-04T15:12+09:00 | 2017-10-02T12:08+09:00 |
| jvndb-2017-000223 | Install program and Installer of i-filter 6.0 may insecurely load Dynamic Link Libraries and invoke executable files | 2017-09-29T13:54+09:00 | 2017-09-29T13:54+09:00 |
| jvndb-2017-006769 | Denial-of-service (DoS) Vulnerability in JP1 and Hitachi IT Operations Director | 2017-09-04T12:14+09:00 | 2017-09-05T10:46+09:00 |
| jvndb-2017-006466 | Denial-of-service (DoS) Vulnerability in HiRDB | 2017-08-28T13:46+09:00 | 2017-09-05T10:46+09:00 |
| jvndb-2017-000211 | Installer of "Remote Support Tool (Enkaku Support Tool)" may insecurely load Dynamic Link Libraries | 2017-08-30T15:10+09:00 | 2017-08-30T15:10+09:00 |
| jvndb-2017-000183 | Multiple cross-site scripting vulnerabilities in ScreenOS | 2017-07-24T13:52+09:00 | 2017-08-09T11:23+09:00 |
| jvndb-2017-000179 | Multiple Buffalo wireless LAN access point devices do not properly perform authentication | 2017-07-20T14:12+09:00 | 2017-07-20T14:12+09:00 |
| jvndb-2017-005137 | Multiple Vulnerabilities in Hitachi Automation Director and Hitachi Infrastructure Analytics Advisor | 2017-07-19T15:44+09:00 | 2017-07-19T15:44+09:00 |
| jvndb-2016-005802 | Microsoft IME may insecurely load Dynamic Link Libraries | 2017-07-07T15:47+09:00 | 2017-07-07T15:47+09:00 |
| jvndb-2017-002225 | Cross-site Scripting Vulnerability in multiple Hitachi products | 2017-06-30T15:56+09:00 | 2017-06-30T15:56+09:00 |
| jvndb-2017-003108 | Multiple Vulnerabilities in Hitachi IT Operations Director and JP1/IT Desktop Management | 2017-06-30T15:55+09:00 | 2017-06-30T15:55+09:00 |
| jvndb-2017-000120 | [Simeji for Windows] installer may insecurely load Dynamic Link Libraries | 2017-06-21T18:15+09:00 | 2017-06-21T18:15+09:00 |
| jvndb-2017-000139 | WordPress plugin "WP Job Manager" fails to restrict access permissions | 2017-06-15T14:32+09:00 | 2017-06-15T14:32+09:00 |
| jvndb-2017-000009 | MaruUo Factory's multiple AttacheCase products vulnerable to directory traversal | 2017-01-16T14:41+09:00 | 2017-06-06T16:13+09:00 |
| jvndb-2017-000008 | AttacheCase vulnerable to directory traversal | 2017-01-16T14:35+09:00 | 2017-06-06T16:13+09:00 |
| jvndb-2017-000040 | Multiple I-O DATA network camera products vulnerable to OS command injection | 2017-03-02T14:36+09:00 | 2017-06-06T15:52+09:00 |
| jvndb-2017-000039 | Multiple I-O DATA network camera products vulnerable to HTTP header injection | 2017-03-02T14:36+09:00 | 2017-06-06T15:52+09:00 |
| jvndb-2017-000007 | Cybozu Remote Service Manager fails to verify client certificates | 2017-01-11T13:46+09:00 | 2017-06-06T15:52+09:00 |
| jvndb-2017-000010 | smalruby-editor vulnerable to OS command injection | 2017-01-24T13:34+09:00 | 2017-06-06T15:40+09:00 |
| jvndb-2017-000077 | Installer of Vivaldi for Windows may insecurely load executable files | 2017-04-25T13:36+09:00 | 2017-06-06T15:04+09:00 |
| jvndb-2017-000071 | SEIL Series routers vulnerable to denial-of-service (DoS) | 2017-04-19T14:43+09:00 | 2017-06-06T14:50+09:00 |
| jvndb-2017-000011 | Knowledge vulnerable to cross-site request forgery | 2017-01-24T14:12+09:00 | 2017-06-06T14:38+09:00 |
| jvndb-2017-000061 | CS-Cart Japanese Edition fails to restrict access permissions | 2017-04-10T13:47+09:00 | 2017-06-06T11:52+09:00 |
| jvndb-2017-000023 | TVer App for Android fails to verify SSL server certificates | 2017-02-10T15:14+09:00 | 2017-06-06T11:52+09:00 |
| jvndb-2017-000017 | Business LaLa Call App for Android fails to verify SSL server certificates | 2017-02-03T13:58+09:00 | 2017-06-06T11:52+09:00 |
| jvndb-2017-000016 | LaLa Call App for Android fails to verify SSL server certificates | 2017-02-03T13:31+09:00 | 2017-06-06T11:52+09:00 |
| jvndb-2017-000024 | Self-Extracting Archives created by 7-ZIP32.DLL may insecurely load Dynamic Link Libraries | 2017-02-17T15:13+09:00 | 2017-06-05T11:55+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-1096 | Multiples vulnérabilités dans les produits Fortinet | 2024-12-19T00:00:00.000000 | 2024-12-19T00:00:00.000000 |
| certfr-2024-avi-1095 | Multiples vulnérabilités dans Google Chrome | 2024-12-19T00:00:00.000000 | 2024-12-19T00:00:00.000000 |
| certfr-2024-avi-1094 | Vulnérabilité dans les produits Elastic | 2024-12-18T00:00:00.000000 | 2024-12-18T00:00:00.000000 |
| certfr-2024-avi-1093 | Multiples vulnérabilités dans Xen | 2024-12-18T00:00:00.000000 | 2024-12-18T00:00:00.000000 |
| certfr-2024-avi-1092 | Vulnérabilité dans Traefik | 2024-12-18T00:00:00.000000 | 2024-12-18T00:00:00.000000 |
| certfr-2024-avi-1089 | Vulnérabilité dans les produits StormShield Management Center | 2024-12-17T00:00:00.000000 | 2024-12-17T00:00:00.000000 |
| certfr-2024-avi-1088 | Multiples vulnérabilités dans les produits Foxit | 2024-12-17T00:00:00.000000 | 2024-12-17T00:00:00.000000 |
| certfr-2024-avi-1087 | Vulnérabilité dans les produits Siemens | 2024-12-17T00:00:00.000000 | 2024-12-17T00:00:00.000000 |
| certfr-2024-avi-1086 | Multiples vulnérabilités dans Trend Micro Apex One | 2024-12-17T00:00:00.000000 | 2024-12-17T00:00:00.000000 |
| certfr-2024-avi-1085 | Multiples vulnérabilités dans Moodle | 2024-12-17T00:00:00.000000 | 2024-12-17T00:00:00.000000 |
| certfr-2024-avi-1084 | Vulnérabilité dans SolarWinds Web Help Desk | 2024-12-16T00:00:00.000000 | 2024-12-16T00:00:00.000000 |
| certfr-2024-avi-1083 | Multiples vulnérabilités dans Mozilla Thunderbird | 2024-12-16T00:00:00.000000 | 2024-12-16T00:00:00.000000 |
| certfr-2024-avi-1082 | Multiples vulnérabilités dans les produits Synology | 2024-12-16T00:00:00.000000 | 2024-12-16T00:00:00.000000 |
| certfr-2024-avi-1081 | Multiples vulnérabilités dans les produits IBM | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1080 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1079 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1078 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1077 | Multiples vulnérabilités dans Microsoft Edge | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1076 | Multiples vulnérabilités dans Suricata | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1075 | Multiples vulnérabilités dans Nagios XI | 2024-12-13T00:00:00.000000 | 2024-12-13T00:00:00.000000 |
| certfr-2024-avi-1074 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-12-12T00:00:00.000000 | 2024-12-12T00:00:00.000000 |
| certfr-2024-avi-1073 | Vulnérabilité dans les produits Mozilla | 2024-12-12T00:00:00.000000 | 2024-12-12T00:00:00.000000 |
| certfr-2024-avi-1072 | Multiples vulnérabilités dans les produits Apple | 2024-12-12T00:00:00.000000 | 2024-12-12T00:00:00.000000 |
| certfr-2024-avi-1071 | Multiples vulnérabilités dans les produits Tenable | 2024-12-12T00:00:00.000000 | 2024-12-12T00:00:00.000000 |
| certfr-2024-avi-1070 | Multiples vulnérabilités dans les produits Microsoft | 2024-12-11T00:00:00.000000 | 2024-12-11T00:00:00.000000 |
| certfr-2024-avi-1069 | Multiples vulnérabilités dans Microsoft Windows | 2024-12-11T00:00:00.000000 | 2024-12-11T00:00:00.000000 |
| certfr-2024-avi-1068 | Multiples vulnérabilités dans Microsoft Office | 2024-12-11T00:00:00.000000 | 2024-12-11T00:00:00.000000 |
| certfr-2024-avi-1067 | Multiples vulnérabilités dans les produits Atlassian | 2024-12-11T00:00:00.000000 | 2024-12-11T00:00:00.000000 |
| certfr-2024-avi-1066 | Vulnérabilité dans Apache Struts | 2024-12-11T00:00:00.000000 | 2024-12-11T00:00:00.000000 |
| certfr-2024-avi-1065 | Multiples vulnérabilités dans GitLab | 2024-12-11T00:00:00.000000 | 2024-12-11T00:00:00.000000 |