Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-40385 | 4 (v3.1) | In libexif through 0.6.25, an unsigned 32bit inte… |
libexif project |
libexif |
2026-04-12T18:16:30.420Z | 2026-04-14T16:33:12.567Z |
| cve-2019-25713 | 7.1 (v4.0) 7.1 (v3.1) | MyT-PM 1.5.1 SQL Injection via Charge[group_total] Parameter |
MyT |
Project Management |
2026-04-12T12:28:57.031Z | 2026-04-13T17:28:06.510Z |
| cve-2019-25712 | 6.9 (v4.0) 6.2 (v3.1) | BlueAuditor 1.7.2.0 Buffer Overflow Denial of Service … |
NSauditor |
BlueAuditor |
2026-04-12T12:28:56.276Z | 2026-04-13T18:16:09.521Z |
| cve-2019-25711 | 6.9 (v4.0) 6.2 (v3.1) | SpotFTP Password Recover 2.4.2 Denial of Service via N… |
NSauditor |
SpotFTP Password Recover |
2026-04-12T12:28:55.601Z | 2026-04-13T15:13:03.838Z |
| cve-2019-25710 | 8.8 (v4.0) 8.2 (v3.1) | Dolibarr ERP-CRM 8.0.4 SQL Injection via rowid Parameter |
Dolibarr |
Dolibarr ERP-CRM |
2026-04-12T12:28:54.936Z | 2026-04-13T12:07:35.021Z |
| cve-2019-25709 | 9.3 (v4.0) 9.8 (v3.1) | CF Image Hosting Script 1.6.5 Unauthorized Database Access |
Davidtavarez |
CF Image Hosting Script |
2026-04-12T12:28:54.207Z | 2026-04-15T15:24:31.713Z |
| cve-2019-25708 | 5.3 (v4.0) 4.3 (v3.1) | Heatmiser Wifi Thermostat 1.7 Cross-Site Request Forgery |
Heatmiser |
Heatmiser Wifi Thermostat |
2026-04-12T12:28:53.542Z | 2026-04-13T18:06:18.134Z |
| cve-2019-25707 | 7.1 (v4.0) 7.1 (v3.1) | eBrigade ERP 4.5 SQL Injection via pdf.php |
Ebrigade |
eBrigade ERP |
2026-04-12T12:28:52.833Z | 2026-04-13T17:28:35.299Z |
| cve-2019-25706 | 8.7 (v4.0) 7.5 (v3.1) | Across DR-810 ROM-0 Unauthenticated File Disclosure |
Across |
DR-810 |
2026-04-12T12:28:52.102Z | 2026-04-13T18:16:20.733Z |
| cve-2019-25705 | 8.6 (v4.0) 8.4 (v3.1) | Echo Mirage 3.1 Stack Buffer Overflow via Rules Action Field |
Sourceforge |
Echo Mirage |
2026-04-12T12:28:51.242Z | 2026-04-13T15:30:51.755Z |
| cve-2019-25703 | 7.1 (v4.0) 7.1 (v3.1) | ImpressCMS 1.3.11 SQL Injection via bid Parameter |
Impresscms |
ImpressCMS |
2026-04-12T12:28:50.523Z | 2026-04-13T12:08:59.239Z |
| cve-2019-25701 | 8.6 (v4.0) 8.4 (v3.1) | Easy Video to iPod Converter 1.6.20 Local Buffer Overf… |
Divxtodvd |
Easy Video to iPod Converter |
2026-04-12T12:28:49.786Z | 2026-04-15T15:22:49.255Z |
| cve-2019-25699 | 7.1 (v4.0) 7.1 (v3.1) | Newsbull Haber Script 1.0.0 Authenticated SQL Injectio… |
Newsbull |
Newsbull Haber Script |
2026-04-12T12:28:49.056Z | 2026-04-13T18:06:18.270Z |
| cve-2019-25697 | 8.8 (v4.0) 8.2 (v3.1) | CMSsite 1.0 SQL Injection via category.php |
VictorAlagwu |
CMSsite |
2026-04-12T12:28:48.309Z | 2026-04-13T17:29:00.738Z |
| cve-2019-25695 | 8.6 (v4.0) 8.4 (v3.1) | R 3.4.4 Local Buffer Overflow Windows XP SP3 |
r-project |
R |
2026-04-12T12:28:47.555Z | 2026-04-13T18:16:31.139Z |
| cve-2019-25693 | 7.1 (v4.0) 7.1 (v3.1) | ResourceSpace 8.6 SQL Injection via collection_edit.php |
Resourcespace |
ResourceSpace |
2026-04-12T12:28:46.757Z | 2026-04-13T15:36:40.688Z |
| cve-2019-25691 | 8.6 (v4.0) 8.4 (v3.1) | Faleemi Desktop Software 1.8 Local Buffer Overflow SEH… |
Faleemi |
Faleemi Desktop Software |
2026-04-12T12:28:45.957Z | 2026-04-13T12:11:35.418Z |
| cve-2019-25689 | 8.6 (v4.0) 8.4 (v3.1) | HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH |
Html5Videoplayer |
HTML5 Video Player |
2026-04-12T12:28:45.236Z | 2026-04-15T15:21:21.456Z |
| cve-2018-25258 | 8.6 (v4.0) 8.4 (v3.1) | RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass |
R-Project |
RGui |
2026-04-12T12:28:44.496Z | 2026-04-13T18:06:18.442Z |
| cve-2018-25257 | 7.1 (v4.0) 7.1 (v3.1) | Adianti Framework 5.5.0 and 5.6.0 SQL Injection via Profile |
adianti |
Adianti Framework |
2026-04-12T12:28:43.786Z | 2026-04-13T17:29:36.448Z |
| cve-2017-20239 | 5.1 (v4.0) 6.1 (v3.1) | MDwiki Cross-Site Scripting via Location Hash Parameter |
Dynalon |
MDwiki |
2026-04-12T12:28:42.926Z | 2026-04-13T18:16:41.208Z |
| cve-2026-6126 | zhayujie chatgpt-on-wechat CowAgent Administrative HTT… |
zhayujie |
chatgpt-on-wechat CowAgent |
2026-04-12T10:30:12.107Z | 2026-04-13T12:24:50.364Z | |
| cve-2026-6125 | Dromara warm-flow Workflow Definition save-json SpelHe… |
Dromara |
warm-flow |
2026-04-12T09:30:22.132Z | 2026-04-13T17:47:46.421Z | |
| cve-2026-6124 | Tenda F451 httpd SafeMacFilter fromSafeMacFilter stack… |
Tenda |
F451 |
2026-04-12T09:00:18.190Z | 2026-04-14T16:33:20.025Z | |
| cve-2026-6123 | Tenda F451 httpd addressNat fromAddressNat stack-based… |
Tenda |
F451 |
2026-04-12T08:15:11.890Z | 2026-04-13T20:51:33.016Z | |
| cve-2026-6122 | Tenda F451 httpd L7Prot frmL7ProtForm stack-based overflow |
Tenda |
F451 |
2026-04-12T07:30:14.700Z | 2026-04-14T19:37:43.798Z | |
| cve-2026-6121 | Tenda F451 httpd WrlclientSet stack-based overflow |
Tenda |
F451 |
2026-04-12T07:15:13.799Z | 2026-04-13T12:13:51.214Z | |
| cve-2026-6120 | Tenda F451 httpd DhcpListClient fromDhcpListClient sta… |
Tenda |
F451 |
2026-04-12T06:00:20.674Z | 2026-04-13T17:51:13.291Z | |
| cve-2026-31413 | N/A | bpf: Fix unsound scalar forking in maybe_fork_scalars(… |
Linux |
Linux |
2026-04-12T05:36:14.632Z | 2026-04-13T06:08:42.344Z |
| cve-2026-6119 | AstrBotDevs AstrBot API Endpoint post_data.get server-… |
AstrBotDevs |
AstrBot |
2026-04-12T05:00:20.093Z | 2026-04-14T16:33:26.198Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000081 | MilkyStep vulnerable to SQL injection | 2015-06-09T14:15+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000080 | MilkyStep vulnerable to OS command injection | 2015-06-09T14:02+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000079 | MilkyStep vulnerable to cross-site request forgery | 2015-06-09T13:45+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000078 | MilkyStep fails to restrict access permissions | 2015-06-09T13:43+09:00 | 2015-06-16T16:52+09:00 |
| jvndb-2015-000085 | Multiple Buffalo wireless LAN routers vulnerable to OS command injection | 2015-06-05T14:16+09:00 | 2015-06-10T17:54+09:00 |
| jvndb-2015-000076 | NetFlow Analyzer vulnerable to cross-site request forgery | 2015-06-05T14:14+09:00 | 2015-06-10T16:14+09:00 |
| jvndb-2015-000075 | NetFlow Analyzer fails to restrict access permissions | 2015-06-05T14:02+09:00 | 2015-06-10T16:10+09:00 |
| jvndb-2015-000074 | NetFlow Analyzer vulnerable to cross-site scripting | 2015-06-05T13:59+09:00 | 2015-06-10T16:06+09:00 |
| jvndb-2015-000073 | F21 JWT fails to verify token signatures | 2015-06-03T15:01+09:00 | 2015-06-08T12:04+09:00 |
| jvndb-2015-000072 | "Open Explorer Beta" App for Android vulnerable to directory traversal | 2015-06-03T14:59+09:00 | 2015-06-08T12:25+09:00 |
| jvndb-2015-000071 | ZenPhoto20 vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000070 | Zenphoto vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000069 | Apache Sling API and Servlets Post components vulnerable to cross-site scripting | 2015-05-27T14:43+09:00 | 2015-06-04T15:39+09:00 |
| jvndb-2015-000068 | SXF Common Library vulnerable to buffer overflow | 2015-05-22T14:15+09:00 | 2015-05-28T18:14+09:00 |
| jvndb-2015-002706 | Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB | 2015-05-21T16:37+09:00 | 2015-05-21T16:37+09:00 |
| jvndb-2015-002705 | Problem with directory permissions in JP1/Automatic Operation | 2015-05-21T16:36+09:00 | 2015-05-21T16:36+09:00 |
| jvndb-2015-000067 | mt-phpincgi vulnerable to PHP object injection | 2015-05-20T14:34+09:00 | 2015-05-28T18:05+09:00 |
| jvndb-2015-000066 | BGA32.DLL and QBga32.DLL contain multiple vulnerabilities | 2015-05-19T13:40+09:00 | 2015-05-22T14:26+09:00 |
| jvndb-2015-000065 | "Honda Moto LINC" App for Android fails to verify SSL server certificates | 2015-05-15T12:23+09:00 | 2018-02-28T14:36+09:00 |
| jvndb-2015-000064 | Cacti vulnerable to SQL injection | 2015-05-14T13:39+09:00 | 2015-05-25T15:29+09:00 |
| jvndb-2015-000063 | MailDealer vulnerable to cross-site scripting | 2015-05-12T14:07+09:00 | 2015-05-12T14:07+09:00 |
| jvndb-2015-000062 | EasyCTF vulnerable to session management | 2015-05-01T14:00+09:00 | 2015-05-07T16:03+09:00 |
| jvndb-2015-000061 | EasyCTF vulnerable to cross-site scripting | 2015-05-01T13:49+09:00 | 2015-05-07T16:02+09:00 |
| jvndb-2015-000060 | EasyCTF vulnerable to arbitrary file creation | 2015-05-01T13:37+09:00 | 2015-05-07T16:00+09:00 |
| jvndb-2015-000055 | TransmitMail vulnerable to directory traversal | 2015-04-23T14:12+09:00 | 2015-04-27T16:12+09:00 |
| jvndb-2015-000054 | TransmitMail vulnerable to cross-site scripting | 2015-04-23T13:47+09:00 | 2015-04-27T16:13+09:00 |
| jvndb-2015-001959 | JBoss RichFaces vulnerable to remote Java code execution | 2015-04-14T13:24+09:00 | 2015-04-14T13:24+09:00 |
| jvndb-2015-000052 | Seasar S2Struts vulnerable to input validation bypass | 2015-04-10T14:38+09:00 | 2016-08-26T16:39+09:00 |
| jvndb-2015-000051 | Lhaplus vulnerable to remote code execution | 2015-04-09T13:59+09:00 | 2015-04-16T18:00+09:00 |
| jvndb-2015-000050 | Lhaplus vulnerable to directory traversal | 2015-04-09T13:57+09:00 | 2015-04-16T18:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0739 | Multiples vulnérabilités dans les produits Cisco | 2024-09-05T00:00:00.000000 | 2024-09-05T00:00:00.000000 |
| certfr-2024-avi-0738 | Vulnérabilité dans Synacor Zimbra Desktop | 2024-09-04T00:00:00.000000 | 2024-09-04T00:00:00.000000 |
| certfr-2024-avi-0737 | Multiples vulnérabilités dans Moxa OnCell 3120-LTE-1 Series | 2024-09-04T00:00:00.000000 | 2024-09-04T00:00:00.000000 |
| certfr-2024-avi-0736 | Vulnérabilité dans OpenSSL | 2024-09-04T00:00:00.000000 | 2024-09-04T00:00:00.000000 |
| certfr-2024-avi-0735 | Multiples vulnérabilités dans les produits Mozilla | 2024-09-04T00:00:00.000000 | 2024-09-04T00:00:00.000000 |
| certfr-2024-avi-0734 | Vulnérabilité dans CPython | 2024-09-04T00:00:00.000000 | 2024-09-04T00:00:00.000000 |
| certfr-2024-avi-0733 | Multiples vulnérabilités dans les produits Google | 2024-09-04T00:00:00.000000 | 2024-09-05T00:00:00.000000 |
| certfr-2024-avi-0732 | Vulnérabilité dans les produits VMware | 2024-09-03T00:00:00.000000 | 2024-09-03T00:00:00.000000 |
| certfr-2024-avi-0731 | Multiples vulnérabilités dans Google Chrome | 2024-09-03T00:00:00.000000 | 2024-09-03T00:00:00.000000 |
| certfr-2024-avi-0730 | Multiples vulnérabilités dans MISP | 2024-09-02T00:00:00.000000 | 2024-09-02T00:00:00.000000 |
| certfr-2024-avi-0729 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-08-30T00:00:00.000000 | 2024-08-30T00:00:00.000000 |
| certfr-2024-avi-0728 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-08-30T00:00:00.000000 | 2024-08-30T00:00:00.000000 |
| certfr-2024-avi-0727 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-08-30T00:00:00.000000 | 2024-08-30T00:00:00.000000 |
| certfr-2024-avi-0726 | Multiples vulnérabilités dans les produits IBM | 2024-08-30T00:00:00.000000 | 2024-08-30T00:00:00.000000 |
| certfr-2024-avi-0725 | Vulnérabilité dans Wireshark | 2024-08-29T00:00:00.000000 | 2024-08-30T00:00:00.000000 |
| certfr-2024-avi-0724 | Multiples vulnérabilités dans Google Chrome | 2024-08-29T00:00:00.000000 | 2024-08-29T00:00:00.000000 |
| certfr-2024-avi-0723 | Vulnérabilité dans les produits Cisco Nexus | 2024-08-29T00:00:00.000000 | 2024-08-29T00:00:00.000000 |
| certfr-2024-avi-0722 | Vulnérabilité dans MongoDB Server | 2024-08-28T00:00:00.000000 | 2024-08-28T00:00:00.000000 |
| certfr-2024-avi-0721 | Vulnérabilité dans Microsoft Edge | 2024-08-26T00:00:00.000000 | 2024-08-26T00:00:00.000000 |
| certfr-2024-avi-0720 | Multiples vulnérabilités dans IBM QRadar SIEM | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0719 | Multiples vulnérabilités dans le noyau Linux de Debian | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0718 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0717 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0716 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0715 | Vulnérabilité dans Spring Boot | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0714 | Vulnérabilité dans SolarWinds Web Help Desk | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0713 | Multiples vulnérabilités dans les produits VMware | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0712 | Vulnérabilité dans les produits Sonicwall | 2024-08-23T00:00:00.000000 | 2024-09-06T00:00:00.000000 |
| certfr-2024-avi-0711 | Multiples vulnérabilités dans Microsoft Edge | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0710 | Multiples vulnérabilités dans Dovecot | 2024-08-22T00:00:00.000000 | 2024-08-22T00:00:00.000000 |