Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-3998 | WM JqMath <= 1.3 - Authenticated (Contributor+) Stored… |
webmindpt |
WM JqMath |
2026-04-15T08:28:16.854Z | 2026-04-15T18:08:29.456Z | |
| cve-2026-1782 | MetForm Pro <= 3.9.7 - Unauthenticated Payment Amount … |
Wpmet |
MetForm Pro |
2026-04-15T08:28:16.406Z | 2026-04-15T18:07:59.020Z | |
| cve-2026-5160 | Versions of the package github.com/yuin/goldmark/… |
n/a |
github.com/yuin/goldmark/renderer/html |
2026-04-15T05:00:01.655Z | 2026-04-15T18:07:10.025Z | |
| cve-2026-30994 | N/A | Incorrect access control in the config.php compon… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:06:38.418Z |
| cve-2026-30996 | N/A | An issue in the file handling logic of the compon… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:05:30.972Z |
| cve-2026-30624 | N/A | Agent Zero 0.9.8 contains a remote code execution… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:02:40.808Z |
| cve-2026-30617 | N/A | LangChain-ChatChat 0.3.1 contains a remote code e… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T18:00:20.495Z |
| cve-2026-30616 | N/A | Jaaz 1.0.30 contains a remote code execution vuln… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:56:48.614Z |
| cve-2026-30615 | N/A | A prompt injection vulnerability in Windsurf 1.95… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:54:48.560Z |
| cve-2026-30364 | N/A | CentSDR commit e40795 was discovered to contain a… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:49:52.557Z |
| cve-2026-35034 | Jellyfin: Potential Application DoS from excessively l… |
jellyfin |
jellyfin |
2026-04-14T22:31:44.796Z | 2026-04-15T17:48:39.733Z | |
| cve-2026-29955 | N/A | The `/registercrd` endpoint in KubePlus 4.14 in t… |
n/a |
n/a |
2026-04-13T00:00:00.000Z | 2026-04-15T17:44:09.045Z |
| cve-2026-34457 | OAuth2 Proxy: Health Check User-Agent Matching Bypasse… |
oauth2-proxy |
oauth2-proxy |
2026-04-14T22:14:38.937Z | 2026-04-15T17:43:30.711Z | |
| cve-2026-34619 | 7.7 (v3.1) | ColdFusion | Improper Limitation of a Pathname to a Re… |
Adobe |
ColdFusion |
2026-04-14T21:53:59.589Z | 2026-04-15T17:42:57.834Z |
| cve-2026-27282 | 7.5 (v3.1) | ColdFusion | Improper Input Validation (CWE-20) |
Adobe |
ColdFusion |
2026-04-14T21:53:57.872Z | 2026-04-15T17:42:33.468Z |
| cve-2025-51414 | N/A | In Phpgurukul Online Course Registration v3.1, an… |
n/a |
n/a |
2026-04-13T00:00:00.000Z | 2026-04-15T17:42:00.712Z |
| cve-2026-20203 | 4.3 (v3.1) | Improper Access Control in Data Model Acceleration in … |
Splunk |
Splunk Enterprise |
2026-04-15T15:17:56.261Z | 2026-04-15T17:40:36.484Z |
| cve-2026-27222 | 5.5 (v3.1) | Bridge | Divide By Zero (CWE-369) |
Adobe |
Bridge |
2026-04-14T19:44:58.971Z | 2026-04-15T17:39:30.343Z |
| cve-2026-20205 | 7.2 (v3.1) | Sensitive Information Disclosure in ''_internal'' inde… |
Splunk |
Splunk MCP Server |
2026-04-15T15:17:58.202Z | 2026-04-15T17:39:19.517Z |
| cve-2026-5387 | 9.3 (v4.0) | AVEVA Pipeline Simulation Missing Authorization |
AVEVA |
Pipeline Simulation 2025 |
2026-04-15T15:24:15.623Z | 2026-04-15T17:38:50.678Z |
| cve-2026-34631 | 7.8 (v3.1) | InCopy | Out-of-bounds Write (CWE-787) |
Adobe |
InCopy |
2026-04-14T21:14:03.822Z | 2026-04-15T17:37:21.917Z |
| cve-2026-39907 | 7 (v4.0) | Unisys WebPerfect Image Suite 3.0 NTLMv2 Hash Leakage … |
Unisys |
WebPerfect Image Suite |
2026-04-14T21:21:43.564Z | 2026-04-15T17:34:53.027Z |
| cve-2026-27307 | 2.4 (v3.1) | ColdFusion | Uncontrolled Resource Consumption (CWE-400) |
Adobe |
ColdFusion |
2026-04-14T21:53:53.899Z | 2026-04-15T17:33:11.891Z |
| cve-2025-15610 | 9.3 (v4.0) | Deserialization of untrusted data vulnerability i… |
OpenText, Inc |
RightFax |
2026-04-15T16:31:53.959Z | 2026-04-15T17:32:31.254Z |
| cve-2026-27308 | 2.4 (v3.1) | ColdFusion | Uncontrolled Resource Consumption (CWE-400) |
Adobe |
ColdFusion |
2026-04-14T21:53:58.735Z | 2026-04-15T17:31:46.019Z |
| cve-2026-27301 | 5.5 (v3.1) | Adobe Framemaker | Heap-based Buffer Overflow (CWE-122) |
Adobe |
Adobe Framemaker |
2026-04-14T22:58:13.588Z | 2026-04-15T17:30:38.862Z |
| cve-2026-27300 | 5.5 (v3.1) | Adobe Framemaker | Access of Uninitialized Pointer (CWE-824) |
Adobe |
Adobe Framemaker |
2026-04-14T22:58:18.661Z | 2026-04-15T17:29:10.177Z |
| cve-2024-53412 | N/A | Command injection in the connect function in Niet… |
n/a |
n/a |
2026-04-15T00:00:00.000Z | 2026-04-15T17:27:22.513Z |
| cve-2025-15470 | Eleganzo <= 1.2 - Authenticated (Subscriber+) Arbitrar… |
DesigningMedia |
Eleganzo |
2026-04-14T23:26:06.733Z | 2026-04-15T17:26:49.516Z | |
| cve-2025-53444 | 4.3 (v3.1) | WordPress Userpro plugin < 5.1.11 - Cross Site Request… |
DeluxeThemes |
Userpro |
2026-04-15T15:43:21.294Z | 2026-04-15T17:26:16.160Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000087 | BloBee vulnerable to arbitrary file creation | 2015-06-12T14:12+09:00 | 2015-06-16T16:51+09:00 |
| jvndb-2015-000083 | MilkyStep fails to restrict access permissions | 2015-06-09T14:16+09:00 | 2015-06-16T16:51+09:00 |
| jvndb-2015-000086 | LoadLibrary function in Microsoft Windows fails to validate input properly | 2015-06-12T14:11+09:00 | 2015-06-12T14:11+09:00 |
| jvndb-2015-000085 | Multiple Buffalo wireless LAN routers vulnerable to OS command injection | 2015-06-05T14:16+09:00 | 2015-06-10T17:54+09:00 |
| jvndb-2015-000076 | NetFlow Analyzer vulnerable to cross-site request forgery | 2015-06-05T14:14+09:00 | 2015-06-10T16:14+09:00 |
| jvndb-2015-000075 | NetFlow Analyzer fails to restrict access permissions | 2015-06-05T14:02+09:00 | 2015-06-10T16:10+09:00 |
| jvndb-2015-000074 | NetFlow Analyzer vulnerable to cross-site scripting | 2015-06-05T13:59+09:00 | 2015-06-10T16:06+09:00 |
| jvndb-2015-000072 | "Open Explorer Beta" App for Android vulnerable to directory traversal | 2015-06-03T14:59+09:00 | 2015-06-08T12:25+09:00 |
| jvndb-2015-000073 | F21 JWT fails to verify token signatures | 2015-06-03T15:01+09:00 | 2015-06-08T12:04+09:00 |
| jvndb-2015-000069 | Apache Sling API and Servlets Post components vulnerable to cross-site scripting | 2015-05-27T14:43+09:00 | 2015-06-04T15:39+09:00 |
| jvndb-2015-000071 | ZenPhoto20 vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000070 | Zenphoto vulnerable to cross-site scripting | 2015-05-28T13:42+09:00 | 2015-06-03T18:06+09:00 |
| jvndb-2015-000068 | SXF Common Library vulnerable to buffer overflow | 2015-05-22T14:15+09:00 | 2015-05-28T18:14+09:00 |
| jvndb-2015-000067 | mt-phpincgi vulnerable to PHP object injection | 2015-05-20T14:34+09:00 | 2015-05-28T18:05+09:00 |
| jvndb-2015-000064 | Cacti vulnerable to SQL injection | 2015-05-14T13:39+09:00 | 2015-05-25T15:29+09:00 |
| jvndb-2015-000066 | BGA32.DLL and QBga32.DLL contain multiple vulnerabilities | 2015-05-19T13:40+09:00 | 2015-05-22T14:26+09:00 |
| jvndb-2014-000113 | FileMaker Pro vulnerable to cross-site scripting | 2014-09-18T20:36+09:00 | 2015-05-22T11:37+09:00 |
| jvndb-2013-000049 | FileMaker Pro vulnerable to cross-site scripting | 2013-05-31T15:43+09:00 | 2015-05-22T11:34+09:00 |
| jvndb-2015-002706 | Information Disclosure Vulnerability in JP1/Integrated Management - Universal CMDB | 2015-05-21T16:37+09:00 | 2015-05-21T16:37+09:00 |
| jvndb-2015-002705 | Problem with directory permissions in JP1/Automatic Operation | 2015-05-21T16:36+09:00 | 2015-05-21T16:36+09:00 |
| jvndb-2015-000016 | Smartphone Passbook for Android information management vulnerability | 2015-02-13T14:33+09:00 | 2015-05-21T10:05+09:00 |
| jvndb-2015-000063 | MailDealer vulnerable to cross-site scripting | 2015-05-12T14:07+09:00 | 2015-05-12T14:07+09:00 |
| jvndb-2014-000045 | Apache Struts vulnerable to ClassLoader manipulation | 2014-04-25T15:37+09:00 | 2015-05-08T18:01+09:00 |
| jvndb-2015-000062 | EasyCTF vulnerable to session management | 2015-05-01T14:00+09:00 | 2015-05-07T16:03+09:00 |
| jvndb-2015-000061 | EasyCTF vulnerable to cross-site scripting | 2015-05-01T13:49+09:00 | 2015-05-07T16:02+09:00 |
| jvndb-2015-000060 | EasyCTF vulnerable to arbitrary file creation | 2015-05-01T13:37+09:00 | 2015-05-07T16:00+09:00 |
| jvndb-2015-000054 | TransmitMail vulnerable to cross-site scripting | 2015-04-23T13:47+09:00 | 2015-04-27T16:13+09:00 |
| jvndb-2015-000055 | TransmitMail vulnerable to directory traversal | 2015-04-23T14:12+09:00 | 2015-04-27T16:12+09:00 |
| jvndb-2015-000051 | Lhaplus vulnerable to remote code execution | 2015-04-09T13:59+09:00 | 2015-04-16T18:00+09:00 |
| jvndb-2015-000050 | Lhaplus vulnerable to directory traversal | 2015-04-09T13:57+09:00 | 2015-04-16T18:00+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0715 | Vulnérabilité dans Spring Boot | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0714 | Vulnérabilité dans SolarWinds Web Help Desk | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0713 | Multiples vulnérabilités dans les produits VMware | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0711 | Multiples vulnérabilités dans Microsoft Edge | 2024-08-23T00:00:00.000000 | 2024-08-23T00:00:00.000000 |
| certfr-2024-avi-0710 | Multiples vulnérabilités dans Dovecot | 2024-08-22T00:00:00.000000 | 2024-08-22T00:00:00.000000 |
| certfr-2024-avi-0709 | Multiples vulnérabilités dans GitLab | 2024-08-22T00:00:00.000000 | 2024-08-22T00:00:00.000000 |
| certfr-2024-avi-0708 | Vulnérabilité dans les produits Cisco | 2024-08-22T00:00:00.000000 | 2024-08-22T00:00:00.000000 |
| certfr-2024-avi-0707 | Vulnérabilité dans Mitel MiContact Center Business | 2024-08-22T00:00:00.000000 | 2024-08-22T00:00:00.000000 |
| certfr-2024-avi-0706 | Multiples vulnérabilités dans Google Chrome | 2024-08-22T00:00:00.000000 | 2024-08-22T00:00:00.000000 |
| certfr-2024-avi-0705 | Vulnérabilité dans MongoDB | 2024-08-21T00:00:00.000000 | 2024-08-21T00:00:00.000000 |
| certfr-2024-avi-0704 | Vulnérabilité dans Microsoft Azure | 2024-08-21T00:00:00.000000 | 2024-08-21T00:00:00.000000 |
| certfr-2024-avi-0703 | Multiples vulnérabilités dans les produits Atlassian | 2024-08-21T00:00:00.000000 | 2024-08-21T00:00:00.000000 |
| certfr-2024-avi-0701 | Multiples vulnérabilités dans Joomla! | 2024-08-21T00:00:00.000000 | 2024-08-21T00:00:00.000000 |
| certfr-2024-avi-0586 | Multiples vulnérabilités dans les produits Stormshield | 2024-07-16T00:00:00.000000 | 2024-08-21T00:00:00.000000 |
| certfr-2024-avi-0700 | Vulnérabilité dans Spring Security | 2024-08-20T00:00:00.000000 | 2024-08-20T00:00:00.000000 |
| certfr-2024-avi-0699 | Multiples vulnérabilités dans les produits F5 et Nginx | 2024-08-19T00:00:00.000000 | 2024-08-19T00:00:00.000000 |
| certfr-2024-avi-0698 | Vulnérabilité dans Microsoft Office | 2024-08-19T00:00:00.000000 | 2024-08-19T00:00:00.000000 |
| certfr-2024-avi-0697 | Vulnérabilité dans Microsoft Edge | 2024-08-19T00:00:00.000000 | 2024-08-19T00:00:00.000000 |
| certfr-2024-avi-0696 | Multiples vulnérabilités dans Moodle | 2024-08-19T00:00:00.000000 | 2024-08-19T00:00:00.000000 |
| certfr-2024-avi-0695 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0694 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0693 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0692 | Multiples vulnérabilités dans les produits IBM | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0691 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0690 | Vulnérabilité dans Elastic APM Server | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0689 | Multiples vulnérabilités dans Spring Framework | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0688 | Vulnérabilité dans Grafana | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0687 | Multiples vulnérabilités dans Mitel Unify OpenScape Business Application | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0686 | Multiples vulnérabilités dans Xen | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |
| certfr-2024-avi-0685 | Vulnérabilité dans SolarWinds Web Help Desk | 2024-08-16T00:00:00.000000 | 2024-08-16T00:00:00.000000 |