Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-3773 | Accessibility Suite by Ability, Inc <= 4.20 - Authenti… |
onlineada |
Accessibility Suite by Ability, Inc |
2026-04-16T05:29:54.754Z | 2026-04-16T13:42:08.243Z | |
| cve-2026-3875 | BetterDocs <= 4.3.8 - Authenticated (Contributor+) Sto… |
wpdevteam |
BetterDocs – Knowledge Base Docs & FAQ Solution for Elementor & Block Editor |
2026-04-16T06:44:51.744Z | 2026-04-16T13:41:59.186Z | |
| cve-2022-27774 | N/A | An insufficiently protected credentials vulnerabi… |
n/a |
https://github.com/curl/curl |
2022-06-01T00:00:00.000Z | 2026-04-16T13:41:41.899Z |
| cve-2026-40261 | Composer has Command Injection via Malicious Perforce … |
composer |
composer |
2026-04-15T20:56:32.182Z | 2026-04-16T13:41:12.977Z | |
| cve-2026-39857 | Information Disclosure via `choices`/`counts` Query Pa… |
apostrophecms |
apostrophe |
2026-04-15T19:38:57.564Z | 2026-04-16T13:40:17.710Z | |
| cve-2016-8624 | curl before version 7.51.0 doesn't parse the auth… |
The Curl Project |
curl |
2018-07-31T21:00:00.000Z | 2026-04-16T13:40:01.012Z | |
| cve-2026-3642 | e-shot <= 1.0.2 - Missing Authorization to Authenticat… |
forfront |
e-shot |
2026-04-15T08:28:14.866Z | 2026-04-16T13:39:34.490Z | |
| cve-2026-4005 | Coachific Shortcode <= 1.0 - Authenticated (Contributo… |
coachific |
Coachific Shortcode |
2026-04-15T08:28:14.507Z | 2026-04-16T13:39:08.598Z | |
| cve-2026-6293 | Inquiry form to posts or pages <= 1.0 - Cross-Site Req… |
udamadu |
Inquiry form to posts or pages |
2026-04-15T06:46:18.890Z | 2026-04-16T13:38:48.144Z | |
| cve-2026-40500 | 6.1 (v4.0) 6.8 (v3.1) | ProcessWire CMS SSRF via Add Module From URL |
processwire |
processwire |
2026-04-15T21:25:53.214Z | 2026-04-16T13:38:15.341Z |
| cve-2026-40192 | Pillow is vulnerable to a FITS GZIP decompression bomb |
python-pillow |
Pillow |
2026-04-15T22:53:56.147Z | 2026-04-16T13:37:19.918Z | |
| cve-2026-6148 | code-projects Vehicle Showroom Management System Month… |
code-projects |
Vehicle Showroom Management System |
2026-04-13T01:30:14.970Z | 2026-04-16T13:36:45.201Z | |
| cve-2026-6153 | code-projects Vehicle Showroom Management System Staff… |
code-projects |
Vehicle Showroom Management System |
2026-04-13T02:45:10.092Z | 2026-04-16T13:36:44.905Z | |
| cve-2026-6158 | Totolink N300RH upgrade.so setUpgradeUboot os command … |
Totolink |
N300RH |
2026-04-13T04:00:19.297Z | 2026-04-16T13:36:44.745Z | |
| cve-2016-8615 | A flaw was found in curl before version 7.51. If … |
The Curl Project |
curl |
2018-08-01T06:00:00.000Z | 2026-04-16T13:35:37.600Z | |
| cve-2017-1000100 | N/A | When doing a TFTP transfer and curl/libcurl is gi… |
n/a |
n/a |
2017-10-04T01:00:00.000Z | 2026-04-16T13:34:51.252Z |
| cve-2016-8621 | The `curl_getdate` function in curl before versio… |
The Curl Project |
curl |
2018-07-31T22:00:00.000Z | 2026-04-16T13:33:28.480Z | |
| cve-2016-8617 | The base64 encode function in curl before version… |
The Curl Project |
curl |
2018-07-31T22:00:00.000Z | 2026-04-16T13:31:37.984Z | |
| cve-2021-22898 | N/A | curl 7.7 through 7.76.1 suffers from an informati… |
n/a |
https://github.com/curl/curl |
2021-06-11T15:49:37.000Z | 2026-04-16T13:30:13.229Z |
| cve-2026-22616 | 6.5 (v3.1) | Eaton Intelligent Power Protector (IPP) software … |
Eaton |
IPP Software |
2026-04-16T04:54:48.148Z | 2026-04-16T13:30:12.024Z |
| cve-2026-6163 | code-projects Lost and Found Thing Management catageor… |
code-projects |
Lost and Found Thing Management |
2026-04-13T05:15:09.634Z | 2026-04-16T13:26:42.034Z | |
| cve-2026-6168 | TOTOLINK A7000R cstecgi.cgi setWiFiEasyGuestCfg stack-… |
TOTOLINK |
A7000R |
2026-04-13T06:30:14.050Z | 2026-04-16T13:26:41.857Z | |
| cve-2026-39940 | ChurchCRM has an Open Redirect via the ‘linkBack’ URL … |
ChurchCRM |
CRM |
2026-04-13T16:34:58.495Z | 2026-04-16T13:26:41.668Z | |
| cve-2026-6196 | Tenda F456 exeCommand fromexeCommand stack-based overflow |
Tenda |
F456 |
2026-04-13T17:45:13.583Z | 2026-04-16T13:26:41.460Z | |
| cve-2026-40039 | 7.1 (v4.0) 6.5 (v3.1) | Pachno 1.0.6 Open Redirection via return_to Parameter |
pancho |
Pachno |
2026-04-13T18:10:55.592Z | 2026-04-16T13:26:41.264Z |
| cve-2026-32605 | Nimiq: Remote crash via off-by-one signer bounds check… |
nimiq |
core-rs-albatross |
2026-04-13T18:54:58.542Z | 2026-04-16T13:26:40.930Z | |
| cve-2026-6201 | CodeAstro Online Job Portal Delete Job Posting job-del… |
CodeAstro |
Online Job Portal |
2026-04-13T19:00:18.544Z | 2026-04-16T13:26:40.778Z | |
| cve-2026-32271 | Craft Commerce: SQL Injection can lead to Remote Code … |
craftcms |
commerce |
2026-04-13T20:19:19.486Z | 2026-04-16T13:26:40.649Z | |
| cve-2026-33899 | ImageMagick: Heap BufferOverflow write of single zero … |
ImageMagick |
ImageMagick |
2026-04-13T20:46:43.781Z | 2026-04-16T13:26:40.513Z | |
| cve-2026-33905 | ImageMagick has an Out-of-Bounds read via -sample operation |
ImageMagick |
ImageMagick |
2026-04-13T21:02:58.121Z | 2026-04-16T13:26:40.363Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2016-000115 | WordPress plugin "Welcart e-Commerce" vulnerable to PHP object injection | 2016-06-24T13:43+09:00 | 2016-06-29T16:04+09:00 |
| jvndb-2016-000109 | CG-WLR300GNV Series does not limit authentication attempts | 2016-06-22T14:57+09:00 | 2016-06-29T16:04+09:00 |
| jvndb-2016-000108 | CG-WLBARAGM vulnerable to denial-of-service (DoS) | 2016-06-22T14:57+09:00 | 2016-06-29T16:04+09:00 |
| jvndb-2016-000107 | CG-WLBARGL vulnerable to command injection | 2016-06-22T14:56+09:00 | 2016-06-29T16:03+09:00 |
| jvndb-2016-000118 | WordPress plugin "Welcart e-Commerce" vulnerable to session management | 2016-06-24T14:12+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000117 | WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting | 2016-06-24T14:12+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000094 | Cybozu Garoon function "MultiReport" vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000093 | Cybozu Garoon function "Portlets" vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000079 | Cybozu Garoon vulnerable to information disclosure | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000077 | Cybozu Garoon mail function vulnerable to access restriction bypass | 2016-05-30T16:18+09:00 | 2016-06-28T17:01+09:00 |
| jvndb-2016-000087 | Multiple Buffalo wireless LAN routers vulnerable to information disclosure | 2016-05-27T13:53+09:00 | 2016-06-27T14:59+09:00 |
| jvndb-2016-000086 | Multiple Buffalo wireless LAN routers vulnerable to directory traversal | 2016-05-27T13:53+09:00 | 2016-06-27T14:58+09:00 |
| jvndb-2016-000099 | DX Library vulnerable to remote code execution | 2016-06-08T14:30+09:00 | 2016-06-27T11:32+09:00 |
| jvndb-2016-000098 | TERASOLUNA Server Framework for Java(WEB) access restriction bypass vulnerability in the file extention filter | 2016-06-07T16:26+09:00 | 2016-06-27T11:32+09:00 |
| jvndb-2016-000095 | Cybozu Garoon logging function vulnerable to directory traversal | 2016-05-30T16:18+09:00 | 2016-06-23T17:49+09:00 |
| jvndb-2016-000085 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:43+09:00 |
| jvndb-2016-000078 | Cybozu Garoon function "Files" vulnerable to directory traversal | 2016-05-30T16:18+09:00 | 2016-06-23T17:40+09:00 |
| jvndb-2016-000076 | Japan Connected-free Wi-Fi vulnerable to API execution | 2016-05-27T13:51+09:00 | 2016-06-23T17:38+09:00 |
| jvndb-2016-000082 | Cybozu Garoon fails to restrict access permissions | 2016-05-30T16:18+09:00 | 2016-06-23T17:35+09:00 |
| jvndb-2016-000091 | H2O use-after-free vulnerability | 2016-05-27T13:46+09:00 | 2016-06-23T17:23+09:00 |
| jvndb-2016-000100 | ETX-R vulnerable to cross-site request forgery | 2016-06-14T13:55+09:00 | 2016-06-23T17:12+09:00 |
| jvndb-2016-000084 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:09+09:00 |
| jvndb-2016-000081 | Cybozu Garoon vulnerable to open redirect | 2016-05-30T16:18+09:00 | 2016-06-23T17:06+09:00 |
| jvndb-2016-000083 | Cybozu Garoon vulnerable to cross-site scripting | 2016-05-30T16:18+09:00 | 2016-06-23T17:05+09:00 |
| jvndb-2016-000090 | Source code of Old_GSI_Maps prior to January, 2015 vulnerable to directory traversal | 2016-05-30T14:07+09:00 | 2016-06-23T15:13+09:00 |
| jvndb-2016-000075 | NetCommons vulnerable to privilege escalation | 2016-05-26T14:30+09:00 | 2016-06-23T15:13+09:00 |
| jvndb-2014-000054 | Spring Framework vulnerable to directory traversal | 2014-06-13T12:40+09:00 | 2016-06-23T13:45+09:00 |
| jvndb-2016-000101 | ETX-R vulnerable to denial-of-service (DoS) | 2016-06-14T14:00+09:00 | 2016-06-23T12:20+09:00 |
| jvndb-2016-000073 | Trend Micro Internet Security access restriction flaw | 2016-06-02T16:18+09:00 | 2016-06-22T18:12+09:00 |
| jvndb-2016-000088 | Trend Micro Internet Security vulnerable to arbitrary script execution | 2016-06-02T16:18+09:00 | 2016-06-22T18:08+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0923 | Multiples vulnérabilités dans les produits IBM | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0922 | Multiples vulnérabilités dans Microsoft Edge | 2024-10-25T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-avi-0921 | Vulnérabilité dans les produits Microsoft | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0920 | Vulnérabilité dans Microsoft Azure | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0919 | Multiples vulnérabilités dans les produits Cisco | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0918 | Multiples vulnérabilités dans GitLab | 2024-10-24T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0917 | Vulnérabilité dans Fortinet FortiManager | 2024-10-23T00:00:00.000000 | 2024-10-24T00:00:00.000000 |
| certfr-2024-avi-0916 | Multiples vulnérabilités dans le greffon pour Office 365 de Splunk | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0915 | Multiples vulnérabilités dans les produits Centreon | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0914 | Vulnérabilité dans les produits Spring | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0913 | Multiples vulnérabilités dans Google Chrome | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0912 | Multiples vulnérabilités dans Liferay | 2024-10-23T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-avi-0911 | Vulnérabilité dans les produits Moxa | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0910 | Vulnérabilité dans MongoDB | 2024-10-22T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0909 | Multiples vulnérabilités dans les produits Synology | 2024-10-21T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0792 | Multiples vulnérabilités dans VMware vCenter Server | 2024-09-18T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0426 | Multiples vulnérabilités dans Roundcube | 2024-05-21T00:00:00.000000 | 2024-10-22T00:00:00.000000 |
| certfr-2024-avi-0908 | Vulnérabilité dans Microsoft Edge | 2024-10-21T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| certfr-2024-avi-0899 | Vulnérabilité dans Grafana | 2024-10-18T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| certfr-2024-avi-0893 | Multiples vulnérabilités dans les produits F5 | 2024-10-17T00:00:00.000000 | 2024-10-21T00:00:00.000000 |
| certfr-2024-avi-0907 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0906 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0905 | Multiples vulnérabilités dans les produits Moxa | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0904 | Multiples vulnérabilités dans Foxit PDF Editor | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0903 | Multiples vulnérabilités dans les produits IBM | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0902 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0901 | Multiples vulnérabilités dans Microsoft Edge | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0900 | Multiples vulnérabilités dans Spring Framework | 2024-10-18T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0895 | Vulnérabilité dans OpenSSL | 2024-10-17T00:00:00.000000 | 2024-10-18T00:00:00.000000 |
| certfr-2024-avi-0898 | Multiples vulnérabilités dans Google Pixel | 2024-10-17T00:00:00.000000 | 2024-10-17T00:00:00.000000 |