Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-33902 | ImageMagick: Stack Overflow via Recursive FX Expressio… |
ImageMagick |
ImageMagick |
2026-04-13T20:59:47.120Z | 2026-04-14T15:51:26.551Z | |
| cve-2026-33901 | ImageMagick has a Heap Buffer Overflow via MVG decoder |
ImageMagick |
ImageMagick |
2026-04-13T20:56:12.307Z | 2026-04-14T13:51:00.488Z | |
| cve-2026-33900 | ImageMagick has a Heap overflow caused by integer over… |
ImageMagick |
ImageMagick |
2026-04-13T20:50:19.615Z | 2026-04-14T16:28:41.536Z | |
| cve-2026-33899 | ImageMagick: Heap BufferOverflow write of single zero … |
ImageMagick |
ImageMagick |
2026-04-13T20:46:43.781Z | 2026-04-16T13:26:40.513Z | |
| cve-2026-6219 | aandrew-me ytDownloader Compressor Feature compressor.… |
aandrew-me |
ytDownloader |
2026-04-13T20:45:24.103Z | 2026-04-14T19:37:43.233Z | |
| cve-2026-33740 | EspoCRM: Email importEml can import and delete another… |
espocrm |
espocrm |
2026-04-13T20:37:28.831Z | 2026-04-14T15:50:45.744Z | |
| cve-2026-33659 | EspoCRM: SSRF via DNS Rebinding in Attachment fromImag… |
espocrm |
espocrm |
2026-04-13T20:32:07.072Z | 2026-04-14T13:52:31.103Z | |
| cve-2026-6218 | aandrew-me ytDownloader Error Details Panel createText… |
aandrew-me |
ytDownloader |
2026-04-13T20:30:14.394Z | 2026-04-14T13:05:33.179Z | |
| cve-2026-32272 | Craft Commerce: Blind SQL Injection via hasVariant/has… |
craftcms |
commerce |
2026-04-13T20:25:50.420Z | 2026-04-14T16:28:47.197Z | |
| cve-2026-32271 | Craft Commerce: SQL Injection can lead to Remote Code … |
craftcms |
commerce |
2026-04-13T20:19:19.486Z | 2026-04-16T13:26:40.649Z | |
| cve-2026-6216 | DbGate SVG Icon String FontIcon.svelte cross site scripting |
n/a |
DbGate |
2026-04-13T20:15:13.778Z | 2026-04-14T15:41:52.694Z | |
| cve-2026-32270 | Craft Commerce: Unauthenticated information disclosure… |
craftcms |
commerce |
2026-04-13T20:08:05.032Z | 2026-04-14T15:25:04.635Z | |
| cve-2026-33657 | EspoCRM: Stored HTML injection in email notifications … |
espocrm |
espocrm |
2026-04-13T19:41:47.131Z | 2026-04-13T20:48:47.307Z | |
| cve-2026-6215 | DbGate REST/GraphQL openApiDriver.ts apiServerUrl1 ser… |
n/a |
DbGate |
2026-04-13T19:30:12.683Z | 2026-04-14T16:28:52.818Z | |
| cve-2026-33534 | EspoCRM has authenticated SSRF via internal-host valid… |
espocrm |
espocrm |
2026-04-13T19:20:04.414Z | 2026-04-14T16:28:58.299Z | |
| cve-2026-6202 | code-projects Easy Blog Site post.php sql injection |
code-projects |
Easy Blog Site |
2026-04-13T19:15:19.523Z | 2026-04-13T20:49:14.823Z | |
| cve-2026-6201 | CodeAstro Online Job Portal Delete Job Posting job-del… |
CodeAstro |
Online Job Portal |
2026-04-13T19:00:18.544Z | 2026-04-16T13:26:40.778Z | |
| cve-2026-32605 | Nimiq: Remote crash via off-by-one signer bounds check… |
nimiq |
core-rs-albatross |
2026-04-13T18:54:58.542Z | 2026-04-16T13:26:40.930Z | |
| cve-2026-6200 | Tenda F456 webtypelibrary formwebtypelibrary stack-bas… |
Tenda |
F456 |
2026-04-13T18:45:12.958Z | 2026-04-14T13:07:41.730Z | |
| cve-2026-6199 | Tenda F456 qossetting fromqossetting stack-based overflow |
Tenda |
F456 |
2026-04-13T18:30:16.187Z | 2026-04-13T19:15:45.497Z | |
| cve-2026-6198 | Tenda F456 NatStaticSetting fromNatStaticSetting stack… |
Tenda |
F456 |
2026-04-13T18:15:14.119Z | 2026-04-14T16:29:06.183Z | |
| cve-2026-40044 | 9.3 (v4.0) 9.8 (v3.1) | Pachno 1.0.6 FileCache Deserialization Remote Code Execution |
pancho |
Pachno |
2026-04-13T18:11:01.343Z | 2026-04-13T18:57:58.765Z |
| cve-2026-40043 | 7.1 (v4.0) 6.5 (v3.1) | Pachno 1.0.6 Authentication Bypass via runSwitchUser() |
pancho |
Pachno |
2026-04-13T18:11:00.288Z | 2026-04-13T20:49:59.051Z |
| cve-2026-40042 | 9.3 (v4.0) 9.8 (v3.1) | Pachno 1.0.6 Wiki TextParser XML External Entity Injection |
pancho |
Pachno |
2026-04-13T18:10:59.054Z | 2026-04-14T16:29:11.810Z |
| cve-2026-40041 | 5.3 (v4.0) 4.3 (v3.1) | Pachno 1.0.6 Cross-Site Request Forgery via State-Chan… |
pancho |
Pachno |
2026-04-13T18:10:57.978Z | 2026-04-13T19:07:47.973Z |
| cve-2026-40040 | 8.7 (v4.0) 8.8 (v3.1) | Pachno 1.0.6 Unrestricted File Upload Remote Code Execution |
pancho |
Pachno |
2026-04-13T18:10:56.828Z | 2026-04-14T13:08:29.690Z |
| cve-2026-40039 | 7.1 (v4.0) 6.5 (v3.1) | Pachno 1.0.6 Open Redirection via return_to Parameter |
pancho |
Pachno |
2026-04-13T18:10:55.592Z | 2026-04-16T13:26:41.264Z |
| cve-2026-40038 | 5.1 (v4.0) 7.2 (v3.1) | Pachno 1.0.6 Stored Cross-Site Scripting via Multiple … |
pancho |
Pachno |
2026-04-13T18:10:54.284Z | 2026-04-13T18:58:35.894Z |
| cve-2026-6197 | Tenda F456 AdvSetWrlsafeset formWrlsafeset stack-based… |
Tenda |
F456 |
2026-04-13T18:00:19.007Z | 2026-04-13T20:50:51.484Z | |
| cve-2026-32316 | jq: Integer overflow in jvp_string_append() allows Hea… |
jqlang |
jq |
2026-04-13T17:49:34.095Z | 2026-04-13T18:56:54.199Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000093 | Cybozu Garoon function "Portlets" vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000085 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:43+09:00 |
| jvndb-2016-000084 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:09+09:00 |
| jvndb-2016-000083 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:05+09:00 |
| jvndb-2016-000082 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:35+09:00 |
| jvndb-2016-000081 | Cybozu Garoon vulnerable to open redirect | 2016-05-30T16:18+09:00 | 2016-06-23T17:06+09:00 |
| jvndb-2016-000080 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2016-05-30T16:18+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-000079 | Cybozu Garoon vulnerable to information disclosure | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000078 | Cybozu Garoon function "Files" vulnerable to directory traversal | 2016-05-30T16:18+09:00 | 2016-06-23T17:40+09:00 |
| jvndb-2016-000077 | Cybozu Garoon mail function vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000092 | DMM.com Securities FX Apps for Android fail to verify SSL server certificates | 2016-05-30T14:21+09:00 | 2017-05-23T14:28+09:00 |
| jvndb-2016-000090 | Source code of Old_GSI_Maps prior to January, 2015 vulnerable to directory traversal | 2016-05-30T14:07+09:00 | 2016-06-23T15:13+09:00 |
| jvndb-2016-000072 | WebARENA formmail vulnerable to cross-site scripting | 2016-05-27T13:54+09:00 | 2016-06-08T17:47+09:00 |
| jvndb-2016-000087 | Multiple Buffalo wireless LAN routers vulnerable to information disclosure | 2016-05-27T13:53+09:00 | 2016-06-27T14:59+09:00 |
| jvndb-2016-000086 | Multiple Buffalo wireless LAN routers vulnerable to directory traversal | 2016-05-27T13:53+09:00 | 2016-06-27T14:58+09:00 |
| jvndb-2016-000076 | Japan Connected-free Wi-Fi vulnerable to API execution | 2016-05-27T13:51+09:00 | 2016-06-23T17:38+09:00 |
| jvndb-2016-000091 | H2O use-after-free vulnerability | 2016-05-27T13:46+09:00 | 2016-06-23T17:23+09:00 |
| jvndb-2016-000075 | NetCommons vulnerable to privilege escalation | 2016-05-26T14:30+09:00 | 2016-06-23T15:13+09:00 |
| jvndb-2016-000071 | WordPress plugin "Markdown on Save Improved" vulnerable to cross-site scripting | 2016-05-25T14:37+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-002716 | Cross-site Scripting Vulnerability in Hitachi Tuning Manager | 2016-05-24T16:43+09:00 | 2016-08-03T16:09+09:00 |
| jvndb-2016-002715 | Information Disclosure Vulnerability in Hitachi Command Suite | 2016-05-24T16:43+09:00 | 2016-08-03T16:09+09:00 |
| jvndb-2016-000067 | Jetstar App for iOS fails to verify SSL server certificates | 2016-05-24T13:36+09:00 | 2017-05-29T11:45+09:00 |
| jvndb-2016-000070 | php-contact-form vulnerable to cross-site scripting | 2016-05-24T12:27+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000068 | HumHub vulnerable to cross-site scripting | 2016-05-24T12:24+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000069 | MP Form Mail CGI Professional Edition vulnerable to directory traversal | 2016-05-20T14:22+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000066 | Web Mailing List vulnerable to cross-site scripting | 2016-05-19T13:37+09:00 | 2016-06-08T17:23+09:00 |
| jvndb-2016-000065 | 105 BANK App fails to verify SSL server certificates | 2016-05-18T15:26+09:00 | 2017-05-29T11:45+09:00 |
| jvndb-2016-000060 | Cybozu KUNAI App fails to verify SSL server certificates | 2016-05-16T16:14+09:00 | 2017-05-23T16:23+09:00 |
| jvndb-2016-000047 | a-blog cms vulnerable to session management | 2016-05-16T14:48+09:00 | 2017-05-23T13:44+09:00 |
| jvndb-2016-000046 | a-blog cms vulnerable to cross-site scripting | 2016-05-16T14:48+09:00 | 2017-05-23T13:44+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0939 | Multiples vulnérabilités dans les produits IBM | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0938 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0937 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0936 | Multiples vulnérabilités dans les produits Splunk | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0935 | Vulnérabilité dans Tenable Sensor Proxy | 2024-10-31T00:00:00.000000 | 2024-10-31T00:00:00.000000 |
| certfr-2024-avi-0934 | Multiples vulnérabilités dans les produits Mozilla | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0933 | Multiples vulnérabilités dans les produits Qnap | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0932 | Multiples vulnérabilités dans les produits Apple | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0931 | Multiples vulnérabilités dans Google Chrome | 2024-10-30T00:00:00.000000 | 2024-10-30T00:00:00.000000 |
| certfr-2024-avi-0930 | Vulnérabilité dans MongoDB | 2024-10-29T00:00:00.000000 | 2024-10-29T00:00:00.000000 |
| certfr-2024-avi-0929 | Multiples vulnérabilités dans les produits Apple | 2024-10-29T00:00:00.000000 | 2024-10-29T00:00:00.000000 |
| certfr-2024-avi-0928 | Vulnérabilité dans Squid | 2024-10-28T00:00:00.000000 | 2024-10-28T00:00:00.000000 |
| certfr-2024-avi-0927 | Multiples vulnérabilités dans les produits Synology | 2024-10-28T00:00:00.000000 | 2024-10-28T00:00:00.000000 |
| certfr-2024-avi-0926 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0925 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0924 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0923 | Multiples vulnérabilités dans les produits IBM | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0922 | Multiples vulnérabilités dans Microsoft Edge | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0921 | Vulnérabilité dans les produits Microsoft | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0920 | Vulnérabilité dans Microsoft Azure | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0919 | Multiples vulnérabilités dans les produits Cisco | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0918 | Multiples vulnérabilités dans GitLab | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0917 | Vulnérabilité dans Fortinet FortiManager | 2024-10-23T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0916 | Multiples vulnérabilités dans le greffon pour Office 365 de Splunk | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0915 | Multiples vulnérabilités dans les produits Centreon | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0914 | Vulnérabilité dans les produits Spring | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0913 | Multiples vulnérabilités dans Google Chrome | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0912 | Multiples vulnérabilités dans Liferay | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0911 | Vulnérabilité dans les produits Moxa | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0910 | Vulnérabilité dans MongoDB | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |