Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-4857 | 8.4 (v3.1) | SailPoint IdentityIQ Debug UI Incorrect Authorization |
SailPoint Technologies |
IdentityIQ |
2026-04-15T18:08:45.737Z | 2026-04-16T03:55:39.481Z |
| cve-2026-6290 | 8 (v3.1) | Velociraptor Query() Plugin Misapplies Permissions To Orgs |
Rapid7 |
Velociraptor |
2026-04-15T17:29:04.306Z | 2026-04-16T03:55:38.112Z |
| cve-2026-20186 | Cisco Identity Services Engine Multiple Authenticated … |
Cisco |
Cisco Identity Services Engine Software |
2026-04-15T16:03:35.310Z | 2026-04-16T03:55:36.590Z | |
| cve-2026-20147 | Cisco Identity Services Engine Remote Code Execution V… |
Cisco |
Cisco Identity Services Engine Software |
2026-04-15T16:03:25.648Z | 2026-04-16T03:55:35.113Z | |
| cve-2026-20180 | Cisco Identity Services Engine Multiple Remote Code Ex… |
Cisco |
Cisco Identity Services Engine Software |
2026-04-15T16:03:51.335Z | 2026-04-16T03:55:33.630Z | |
| cve-2026-20136 | Cisco Identity Services Engine Authenticated Privilege… |
Cisco |
Cisco Identity Services Engine Software |
2026-04-15T16:11:29.398Z | 2026-04-16T03:55:30.918Z | |
| cve-2026-20204 | 7.1 (v3.1) | Improper Handling and Insufficient Isolation of Specif… |
Splunk |
Splunk Enterprise |
2026-04-15T15:17:54.019Z | 2026-04-16T03:55:29.794Z |
| cve-2026-20202 | 6.6 (v3.1) | Improper Input Validation during User Account Creation… |
Splunk |
Splunk Enterprise |
2026-04-15T15:17:43.871Z | 2026-04-16T03:55:28.582Z |
| cve-2026-1636 | 5.4 (v4.0) 6.7 (v3.1) | A potential DLL hijacking vulnerability was repor… |
Lenovo |
Service Bridge |
2026-04-15T12:27:54.562Z | 2026-04-16T03:55:27.379Z |
| cve-2026-40688 | 6.7 (v3.1) | An out-of-bounds write vulnerability [CWE-787] vu… |
Fortinet |
FortiWeb |
2026-04-14T22:35:15.438Z | 2026-04-16T03:55:18.342Z |
| cve-2026-33947 | jq: Unbounded Recursion in jv_setpath(), jv_getpath() … |
jqlang |
jq |
2026-04-13T21:50:18.814Z | 2026-04-16T03:03:39.478Z | |
| cve-2026-39922 | 5.3 (v4.0) | GeoNode SSRF via Service Registration |
GeoNode |
GeoNode |
2026-04-10T19:53:05.159Z | 2026-04-16T00:43:12.705Z |
| cve-2026-39921 | 5.3 (v4.0) | GeoNode < 4.4.5, 5.0.2 SSRF via Document Upload |
GeoNode |
GeoNode |
2026-04-10T19:52:49.924Z | 2026-04-16T00:40:03.983Z |
| cve-2026-6264 | Critical Security fix for the Talend JobServer and Tal… |
Talend |
Talend JobServer |
2026-04-14T01:49:08.920Z | 2026-04-16T00:03:18.302Z | |
| cve-2021-3658 | N/A | bluetoothd from bluez incorrectly saves adapters'… |
n/a |
bluez |
2022-03-02T22:11:05.000Z | 2026-04-15T21:11:08.326Z |
| cve-2022-0204 | N/A | A heap overflow vulnerability was found in bluez … |
n/a |
bluez |
2022-03-09T00:00:00.000Z | 2026-04-15T21:09:47.949Z |
| cve-2019-8921 | N/A | An issue was discovered in bluetoothd in BlueZ th… |
n/a |
n/a |
2021-11-29T00:00:00.000Z | 2026-04-15T21:08:51.808Z |
| cve-2020-27153 | N/A | In BlueZ before 5.55, a double free was found in … |
n/a |
n/a |
2020-10-15T02:53:27.000Z | 2026-04-15T21:08:08.760Z |
| cve-2022-39176 | N/A | BlueZ before 5.59 allows physically proximate att… |
n/a |
n/a |
2022-09-02T00:00:00.000Z | 2026-04-15T21:07:28.126Z |
| cve-2022-39177 | N/A | BlueZ before 5.59 allows physically proximate att… |
n/a |
n/a |
2022-09-02T00:00:00.000Z | 2026-04-15T21:07:14.236Z |
| cve-2019-8922 | N/A | A heap-based buffer overflow was discovered in bl… |
n/a |
n/a |
2021-11-29T00:00:00.000Z | 2026-04-15T21:06:09.734Z |
| cve-2020-8177 | N/A | curl 7.20.0 through 7.70.0 is vulnerable to impro… |
n/a |
https://github.com/curl/curl |
2020-12-14T19:42:16.000Z | 2026-04-15T21:05:19.842Z |
| cve-2016-8620 | The 'globbing' feature in curl before version 7.5… |
The Curl Project |
curl |
2018-08-01T06:00:00.000Z | 2026-04-15T21:04:22.525Z | |
| cve-2016-9586 | curl before version 7.52.0 is vulnerable to a buf… |
redhat |
curl |
2018-04-23T18:00:00.000Z | 2026-04-15T21:03:48.245Z | |
| cve-2016-9594 | curl before version 7.52.1 is vulnerable to an un… |
unspecified |
curl |
2018-04-23T19:00:00.000Z | 2026-04-15T21:03:18.894Z | |
| cve-2017-1000257 | N/A | An IMAP FETCH response line indicates the size of… |
n/a |
n/a |
2017-10-31T21:00:00.000Z | 2026-04-15T21:02:38.720Z |
| cve-2017-8816 | N/A | The NTLM authentication feature in curl and libcu… |
n/a |
curl and libcurl before 7.57.0 |
2017-11-29T18:00:00.000Z | 2026-04-15T21:01:32.128Z |
| cve-2017-8817 | N/A | The FTP wildcard function in curl and libcurl bef… |
n/a |
curl and libcurl before 7.57.0 |
2017-11-29T18:00:00.000Z | 2026-04-15T20:59:39.712Z |
| cve-2018-1000301 | N/A | curl version curl 7.20.0 to and including curl 7.… |
n/a |
n/a |
2018-05-24T13:00:00.000Z | 2026-04-15T20:58:35.757Z |
| cve-2018-16839 | Curl versions 7.33.0 through 7.61.1 are vulnerabl… |
The Curl Project |
curl: |
2018-10-31T18:00:00.000Z | 2026-04-15T20:57:05.128Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000179 | applican vulnerable to script injection | 2015-11-17T14:20+09:00 | 2015-11-24T18:03+09:00 |
| jvndb-2015-000178 | applican vulnerable to script injection | 2015-11-17T14:20+09:00 | 2015-11-24T18:03+09:00 |
| jvndb-2015-000184 | Void vulnerable to cross-site scripting | 2015-11-20T13:38+09:00 | 2015-11-24T18:02+09:00 |
| jvndb-2015-005909 | ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting | 2015-11-20T13:31+09:00 | 2015-11-20T13:31+09:00 |
| jvndb-2015-000180 | pWebManager vulnerable to OS command injection | 2015-11-13T14:25+09:00 | 2015-11-17T16:21+09:00 |
| jvndb-2015-000177 | Apple OS X authentication issue when recovering from sleep mode | 2015-11-13T14:25+09:00 | 2015-11-17T16:15+09:00 |
| jvndb-2015-000166 | EC-CUBE vulnerable to cross-site request forgery | 2015-10-26T12:27+09:00 | 2015-11-13T19:36+09:00 |
| jvndb-2015-000159 | Party Track SDK for iOS fails to verify server certificates | 2015-10-14T15:41+09:00 | 2015-11-11T17:32+09:00 |
| jvndb-2015-000175 | ISUCON5 qualifier portal web application (eventapp) vulnerable to OS command injection | 2015-11-02T14:10+09:00 | 2015-11-11T15:33+09:00 |
| jvndb-2015-000176 | SonicWall TotalSecure TZ 100 Series vulnerable to denial-of-service (DoS) | 2015-11-06T12:30+09:00 | 2015-11-09T10:47+09:00 |
| jvndb-2015-000174 | Multiple TYPE-MOON games vulnerable to OS command injection | 2015-11-05T14:11+09:00 | 2015-11-09T10:39+09:00 |
| jvndb-2015-000170 | Enisys Gw fails to restrict access permissions | 2015-10-29T13:46+09:00 | 2015-11-02T18:05+09:00 |
| jvndb-2015-000169 | Enisys Gw vulnerable to cross-site scripting | 2015-10-29T13:46+09:00 | 2015-11-02T18:05+09:00 |
| jvndb-2015-000168 | Enisys Gw vulnerable to arbitrary file creation | 2015-10-29T13:37+09:00 | 2015-11-02T18:05+09:00 |
| jvndb-2015-000167 | Enisys Gw vulnerable to SQL injection | 2015-10-29T13:37+09:00 | 2015-11-02T18:05+09:00 |
| jvndb-2015-000171 | HTML::Scrubber vulnerable to cross-site scripting | 2015-10-30T15:16+09:00 | 2015-10-30T15:16+09:00 |
| jvndb-2013-004446 | Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU) | 2013-10-30T16:32+09:00 | 2015-10-28T10:05+09:00 |
| jvndb-2013-001665 | Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS) | 2013-10-30T16:08+09:00 | 2015-10-28T10:05+09:00 |
| jvndb-2015-000162 | AirDroid for Android vulnerable in handling of implicit intents | 2015-10-16T14:00+09:00 | 2015-10-20T17:56+09:00 |
| jvndb-2015-000160 | Avast vulnerable to directory traversal | 2015-10-16T14:00+09:00 | 2015-10-20T17:56+09:00 |
| jvndb-2015-000126 | eXtplorer vulnerable to cross-site request forgery | 2015-10-15T12:24+09:00 | 2015-10-19T15:55+09:00 |
| jvndb-2015-000158 | Pref Shimane CMS vulnerable to SQL injection | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| jvndb-2015-000154 | phpRechnung vulnerable to SQL injection | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| jvndb-2015-000153 | Dojo Toolkit vulnerable to cross-site scripting | 2015-10-09T14:12+09:00 | 2015-10-14T17:26+09:00 |
| jvndb-2015-000130 | applican vulnerable to URL whitelist bypass | 2015-09-16T16:58+09:00 | 2015-10-14T16:30+09:00 |
| jvndb-2015-000149 | gollum vulnerable to file exposure | 2015-10-02T13:36+09:00 | 2015-10-08T15:26+09:00 |
| jvndb-2015-000146 | MATCHA SNS access restriction bypass vulnerability | 2015-09-30T15:05+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000145 | MATCHA SNS vulnerable to code injection | 2015-09-30T15:05+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000144 | MATCHA INVOICE vulnerable to code injection | 2015-09-30T15:04+09:00 | 2015-10-08T15:25+09:00 |
| jvndb-2015-000143 | MATCHA INVOICE vulnerable to SQL injection | 2015-09-30T15:04+09:00 | 2015-10-08T15:25+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0807 | Multiples vulnérabilités dans Nessus Network Monitor | 2024-09-25T00:00:00.000000 | 2024-09-25T00:00:00.000000 |
| certfr-2024-avi-0806 | Multiples vulnérabilités dans Google Chrome | 2024-09-25T00:00:00.000000 | 2024-09-25T00:00:00.000000 |
| certfr-2024-avi-0805 | Vulnérabilité dans Nagios XI | 2024-09-25T00:00:00.000000 | 2024-09-25T00:00:00.000000 |
| certfr-2024-avi-0804 | Multiples vulnérabilités dans Stormshield Network Security | 2024-09-25T00:00:00.000000 | 2024-09-25T00:00:00.000000 |
| certfr-2024-avi-0803 | Vulnérabilité dans TheGreenBow VPN Client | 2024-09-24T00:00:00.000000 | 2024-09-24T00:00:00.000000 |
| certfr-2024-avi-0802 | Multiples vulnérabilités dans les produits Moxa | 2024-09-23T00:00:00.000000 | 2024-09-23T00:00:00.000000 |
| certfr-2024-avi-0801 | Multiples vulnérabilités dans les produits ESET | 2024-09-23T00:00:00.000000 | 2024-09-23T00:00:00.000000 |
| certfr-2024-avi-0800 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0799 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0798 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0797 | Multiples vulnérabilités dans les produits IBM | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0796 | Vulnérabilité dans Ivanti Cloud Services Appliance | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0795 | Vulnérabilité dans les produits Microsoft | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0794 | Vulnérabilité dans Microsoft Office | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0793 | Multiples vulnérabilités dans Microsoft Edge | 2024-09-20T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0784 | Vulnérabilité dans Ivanti Cloud Service Appliance | 2024-09-17T00:00:00.000000 | 2024-09-20T00:00:00.000000 |
| certfr-2024-avi-0791 | Vulnérabilité dans GitLab | 2024-09-18T00:00:00.000000 | 2024-09-18T00:00:00.000000 |
| certfr-2024-avi-0790 | Multiples vulnérabilités dans Google Chrome | 2024-09-18T00:00:00.000000 | 2024-09-18T00:00:00.000000 |
| certfr-2024-avi-0789 | Vulnérabilité dans Mozilla Firefox pour Android | 2024-09-18T00:00:00.000000 | 2024-09-18T00:00:00.000000 |
| certfr-2024-avi-0788 | Multiples vulnérabilités dans les produits Atlassian | 2024-09-18T00:00:00.000000 | 2024-09-18T00:00:00.000000 |
| certfr-2024-avi-0787 | Vulnérabilité dans LibreOffice | 2024-09-18T00:00:00.000000 | 2024-09-18T00:00:00.000000 |
| certfr-2024-avi-0786 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2024-09-18T00:00:00.000000 | 2024-09-18T00:00:00.000000 |
| certfr-2024-avi-0785 | Multiples vulnérabilités dans les produits Apple | 2024-09-17T00:00:00.000000 | 2024-09-17T00:00:00.000000 |
| certfr-2024-avi-0783 | Vulnérabilité dans MISP | 2024-09-16T00:00:00.000000 | 2024-09-16T00:00:00.000000 |
| certfr-2024-avi-0782 | Vulnérabilité dans SolarWinds Access Rights Manager | 2024-09-16T00:00:00.000000 | 2024-09-16T00:00:00.000000 |
| certfr-2024-avi-0702 | Vulnérabilité dans SPIP | 2024-08-21T00:00:00.000000 | 2024-09-16T00:00:00.000000 |
| certfr-2024-avi-0780 | Multiples vulnérabilités dans les produits IBM | 2024-09-13T00:00:00.000000 | 2024-09-13T00:00:00.000000 |
| certfr-2024-avi-0779 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-09-13T00:00:00.000000 | 2024-09-13T00:00:00.000000 |
| certfr-2024-avi-0778 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-09-13T00:00:00.000000 | 2024-09-13T00:00:00.000000 |
| certfr-2024-avi-0777 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-09-13T00:00:00.000000 | 2024-09-13T00:00:00.000000 |