Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-27672 | 4.3 (v3.1) | Missing Authorization check in Material Master Application |
SAP_SE |
Material Master Application |
2026-04-14T00:06:27.780Z | 2026-04-14T13:14:19.176Z |
| cve-2026-24318 | 4.2 (v3.1) | Insecure Session Management vulnerability in SAP Busin… |
SAP_SE |
SAP BusinessObjects Business Intelligence Platform |
2026-04-14T00:06:18.337Z | 2026-04-14T13:14:19.302Z |
| cve-2026-0512 | 6.1 (v3.1) | Cross-Site Scripting (XSS) vulnerability in SAP Suppli… |
SAP_SE |
SAP Supplier Relationship Management (SICF Handler in SRM Catalog) |
2026-04-14T00:06:08.757Z | 2026-04-14T13:14:19.450Z |
| cve-2026-39417 | MaxKB: RCE via MCP stdio command injection in workflow… |
1Panel-dev |
MaxKB |
2026-04-14T00:03:16.020Z | 2026-04-14T13:34:07.454Z | |
| cve-2026-38533 | N/A | An improper authorization vulnerability in the /a… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-16T12:06:16.556Z |
| cve-2026-38532 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:27:56.674Z | |
| cve-2026-38530 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:28:56.838Z | |
| cve-2026-38529 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:31:13.560Z | |
| cve-2026-38528 | Krayin CRM v2.2.x was discovered to contain a SQL… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:34:54.115Z | |
| cve-2026-38527 | A Server-Side Request Forgery (SSRF) in the /sett… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:36:59.813Z | |
| cve-2026-38526 | An authenticated arbitrary file upload vulnerabil… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:50:54.198Z | |
| cve-2026-37602 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:24:23.662Z |
| cve-2026-37601 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:25:09.200Z |
| cve-2026-37600 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:25:24.236Z |
| cve-2026-37598 | N/A | SourceCodester Patient Appointment Scheduler Syst… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:26:27.302Z |
| cve-2026-37597 | N/A | SourceCodester Online Employees Work From Home At… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:27:12.818Z |
| cve-2026-37596 | N/A | SourceCodester Online Employees Work From Home At… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:28:25.909Z |
| cve-2026-37595 | N/A | SourceCodester Online Employees Work From Home At… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:28:38.905Z |
| cve-2026-37594 | N/A | SourceCodester Online Employees Work From Home At… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:28:50.725Z |
| cve-2026-37593 | N/A | SourceCodester Online Employees Work From Home At… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:29:02.156Z |
| cve-2026-37592 | N/A | Sourcecodester Storage Unit Rental Management Sys… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:29:15.190Z |
| cve-2026-37591 | N/A | Sourcecodester Storage Unit Rental Management Sys… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:29:26.653Z |
| cve-2026-37590 | N/A | SourceCodester Storage Unit Rental Management Sys… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:29:38.686Z |
| cve-2026-37589 | N/A | SourceCodester Storage Unit Rental Management Sys… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T15:33:11.824Z |
| cve-2026-31049 | N/A | An issue in Hostbill v.2025-11-24 and 2025-12-01 … |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-16T12:06:52.366Z |
| cve-2026-30480 | N/A | A Local File Inclusion (LFI) vulnerability in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-16T12:06:38.149Z |
| cve-2025-70023 | N/A | An issue pertaining to CWE-843: Access of Resourc… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-16T12:06:09.148Z |
| cve-2025-69993 | Leaflet versions up to and including 1.9.4 are vu… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-21T17:36:25.753Z | |
| cve-2025-69893 | N/A | A side-channel vulnerability exists in the implem… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-16T12:06:31.722Z |
| cve-2025-65136 | N/A | In manikandan580 School-management-system 1.0, a … |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T18:04:46.651Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000151 | YoruFukurou (NightOwl) vulnerable to denial-of-service (DoS) | 2016-08-24T14:14+09:00 | 2016-10-27T09:43+09:00 |
| jvndb-2016-000152 | simple chat vulnerable to cross-site scripting | 2016-08-23T13:37+09:00 | 2016-09-05T17:45+09:00 |
| jvndb-2016-000149 | Cybozu Garoon fails to restrict access permissions | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000148 | Cybozu Garoon vulnerable to authentication bypass | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000147 | Cybozu Garoon vulnerable to SQL injection | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000146 | "Check available times" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000145 | "New appointment" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000144 | "User details" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000143 | "Response request" function in Cybozu Garoon vulnerable to cross-site scripting | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000142 | Cybozu Garoon vulnerable to open redirect | 2016-08-22T15:16+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000150 | Geeklog IVYWE edition contains a cross-site scripting vulnerability | 2016-08-19T14:13+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000141 | OSSEC Web UI vulnerable to cross-site scripting | 2016-08-18T14:24+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000140 | ClipBucket vulnerable to cross-site scripting | 2016-08-18T14:09+09:00 | 2016-09-05T17:41+09:00 |
| jvndb-2016-000139 | Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries | 2016-08-17T16:12+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000138 | Cybozu Mailwise contains issue in preventing clickjacking attacks | 2016-08-16T14:14+09:00 | 2017-05-23T12:01+09:00 |
| jvndb-2016-000137 | Cybozu Mailwise vulnerable to information disclosure | 2016-08-16T14:14+09:00 | 2017-05-23T12:02+09:00 |
| jvndb-2016-000136 | Cybozu Mailwise vulnerable to information disclosure | 2016-08-16T14:14+09:00 | 2017-05-23T12:02+09:00 |
| jvndb-2016-000135 | Cybozu Mailwise vulnerable to mail header injection | 2016-08-16T14:10+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-000134 | Multiple I-O DATA Recording Hard disk products vulnerable to cross-site request forgery | 2016-08-08T12:28+09:00 | 2016-10-24T18:27+09:00 |
| jvndb-2016-000127 | Android stock browser vulnerable to denial-of-service (DoS) | 2016-08-05T13:41+09:00 | 2016-08-05T13:41+09:00 |
| jvndb-2016-000133 | Coordinate Plus App fails to verify SSL server certificates | 2016-08-04T13:41+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-003527 | Information Disclosure Vulnerability in Hitachi Command Suite | 2016-08-02T13:50+09:00 | 2016-09-14T18:18+09:00 |
| jvndb-2016-000130 | EC-CUBE plugin "Coupon Plugin" vulnerable to SQL injection | 2016-07-25T11:15+09:00 | 2016-08-04T17:55+09:00 |
| jvndb-2016-000129 | Android OS issue where it is affected by the CRIME attack | 2016-07-25T11:15+09:00 | 2025-04-18T16:36+09:00 |
| jvndb-2016-000128 | Android OS Contacts app fails to restrict access permissions | 2016-07-25T11:14+09:00 | 2016-07-25T11:14+09:00 |
| jvndb-2016-000126 | Vtiger CRM does not properly restrict access to application data | 2016-07-20T14:56+09:00 | 2016-08-04T18:02+09:00 |
| jvndb-2016-000125 | WordPress plugin "Nofollow Links" vulnerable to cross-site scripting | 2016-07-20T14:56+09:00 | 2016-08-05T17:40+09:00 |
| jvndb-2016-000123 | LINE for Windows may insecurely load Dynamic Link Libraries | 2016-07-08T14:29+09:00 | 2016-08-19T17:44+09:00 |
| jvndb-2016-000121 | Apache Commons FileUpload vulnerable to denial-of-service (DoS) | 2016-06-30T13:53+09:00 | 2018-01-29T10:30+09:00 |
| jvndb-2016-000122 | Sushiro App fails to verify SSL server certificates | 2016-06-29T14:27+09:00 | 2017-05-23T14:28+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0999 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0998 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0997 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0996 | Multiples vulnérabilités dans GLPI | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0995 | Multiples vulnérabilités dans les produits Nextcloud | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0994 | Vulnérabilité dans Microsoft Azure | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0993 | Vulnérabilité dans les caméras Synology | 2024-11-18T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0992 | Multiples vulnérabilités dans les produits IBM | 2024-11-15T00:00:00.000000 | 2024-11-15T00:00:00.000000 |
| certfr-2024-avi-0991 | Vulnérabilité dans Spring | 2024-11-15T00:00:00.000000 | 2024-11-15T00:00:00.000000 |
| certfr-2024-avi-0990 | Vulnérabilité dans les produits Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-avi-0989 | Vulnérabilité dans MongoDB | 2024-11-15T00:00:00.000000 | 2024-11-15T00:00:00.000000 |
| certfr-2024-avi-0988 | Multiples vulnérabilités dans Microsoft Edge | 2024-11-15T00:00:00.000000 | 2024-11-15T00:00:00.000000 |
| certfr-2024-avi-0987 | Multiples vulnérabilités dans PostgreSQL | 2024-11-15T00:00:00.000000 | 2024-11-15T00:00:00.000000 |
| certfr-2024-avi-0986 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-11-14T00:00:00.000000 | 2024-11-14T00:00:00.000000 |
| certfr-2024-avi-0985 | Multiples vulnérabilités dans Stormshield Network Security | 2024-11-14T00:00:00.000000 | 2024-11-14T00:00:00.000000 |
| certfr-2024-avi-0984 | Vulnérabilité dans les produits Symfony | 2024-11-14T00:00:00.000000 | 2024-11-14T00:00:00.000000 |
| certfr-2024-avi-0983 | Vulnérabilité dans les produits Mozilla | 2024-11-14T00:00:00.000000 | 2024-11-14T00:00:00.000000 |
| certfr-2024-avi-0982 | Vulnérabilité dans CPython | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0981 | Multiples vulnérabilités dans GitLab | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0980 | Multiples vulnérabilités dans les produits Intel | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0979 | Multiples vulnérabilités dans les produits Fortinet | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0978 | Multiples vulnérabilités dans les produits Microsoft | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0977 | Multiples vulnérabilités dans Microsoft Azure | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0976 | Multiples vulnérabilités dans Microsoft .Net | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0975 | Multiples vulnérabilités dans Microsoft Windows | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0974 | Multiples vulnérabilités dans Microsoft Office | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0973 | Vulnérabilité dans les produits Citrix | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0972 | Vulnérabilité dans les produits Adobe | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0971 | Multiples vulnérabilités dans Grafana | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |
| certfr-2024-avi-0970 | Multiples vulnérabilités dans Google Chrome | 2024-11-13T00:00:00.000000 | 2024-11-13T00:00:00.000000 |