Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-1555 | WebStack <= 1.2024 - Unauthenticated Arbitrary File Upload |
Owen |
WebStack |
2026-04-15T03:37:20.474Z | 2026-04-15T15:53:23.768Z | |
| cve-2026-5694 | Quick Interest Slider <= 3.1.5 - Unauthenticated Store… |
aerin |
Quick Interest Slider |
2026-04-15T07:45:30.201Z | 2026-04-15T15:51:43.593Z | |
| cve-2026-4002 | Petje.af <= 2.1.8 - Cross-Site Request Forgery to Acco… |
petjeaf |
Petje.af |
2026-04-15T08:28:14.102Z | 2026-04-15T15:50:38.937Z | |
| cve-2026-3461 | Visa Acceptance Solutions <= 2.1.0 - Unauthenticated A… |
visaacceptancesolutions |
Visa Acceptance Solutions |
2026-04-15T08:28:15.223Z | 2026-04-15T15:50:14.969Z | |
| cve-2026-33816 | N/A | CVE-2026-33816 in github.com/jackc/pgx |
github.com/jackc/pgx/v5 |
github.com/jackc/pgx/v5/pgproto3 |
2026-04-07T15:19:24.529Z | 2026-04-15T15:49:13.116Z |
| cve-2026-4091 | OPEN-BRAIN <= 0.5.0 - Cross-Site Request Forgery |
faridsaniee |
OPEN-BRAIN |
2026-04-15T08:28:15.602Z | 2026-04-15T15:48:59.579Z | |
| cve-2026-40737 | N/A | WordPress COMPE plugin <= 1.1.4 - Insecure Direct Obje… |
VillaTheme |
COMPE |
2026-04-15T10:21:34.150Z | 2026-04-15T15:48:21.784Z |
| cve-2026-40784 | N/A | WordPress FluentBoards plugin <= 1.91.2 - Insecure Dir… |
Mahmudul Hasan Arif |
FluentBoards |
2026-04-15T10:21:35.828Z | 2026-04-15T15:43:56.980Z |
| cve-2026-3649 | Katalogportal-pdf-sync Widget <= 1.0.0 - Missing Autho… |
colbeinformatik |
Katalogportal-pdf-sync Widget |
2026-04-15T08:28:15.977Z | 2026-04-15T15:42:28.267Z | |
| cve-2026-28741 | 6.8 (v3.1) | CSRF Protection Bypass Allows Updating a User's Authen… |
Mattermost |
Mattermost |
2026-04-15T10:13:33.950Z | 2026-04-15T15:39:52.265Z |
| cve-2026-2763 | N/A | Use-after-free in the JavaScript Engine component |
Mozilla |
Firefox |
2026-02-24T13:33:02.514Z | 2026-04-15T15:39:44.974Z |
| cve-2026-2762 | N/A | Integer overflow in the JavaScript: Standard Library c… |
Mozilla |
Firefox |
2026-02-24T13:33:01.761Z | 2026-04-15T15:39:20.955Z |
| cve-2026-2761 | N/A | Sandbox escape in the Graphics: WebRender component |
Mozilla |
Firefox |
2026-02-24T13:33:01.011Z | 2026-04-15T15:38:48.489Z |
| cve-2026-2760 | N/A | Sandbox escape due to incorrect boundary conditions in… |
Mozilla |
Firefox |
2026-02-24T13:33:00.290Z | 2026-04-15T15:38:19.407Z |
| cve-2026-2759 | N/A | Incorrect boundary conditions in the Graphics: ImageLi… |
Mozilla |
Firefox |
2026-02-24T13:32:59.173Z | 2026-04-15T15:38:00.858Z |
| cve-2026-2758 | N/A | Use-after-free in the JavaScript: GC component |
Mozilla |
Firefox |
2026-02-24T13:32:58.501Z | 2026-04-15T15:37:39.628Z |
| cve-2026-40728 | N/A | WordPress Magazine Blocks plugin <= 1.8.3 - Broken Acc… |
BlockArt |
Magazine Blocks |
2026-04-15T10:21:33.433Z | 2026-04-15T15:36:33.255Z |
| cve-2026-26460 | N/A | A HTML Injection vulnerability exists in the Dash… |
n/a |
n/a |
2026-04-13T00:00:00.000Z | 2026-04-15T15:36:23.365Z |
| cve-2026-31048 | N/A | An issue in the <code>pickle</code> protocol of P… |
n/a |
n/a |
2026-04-13T00:00:00.000Z | 2026-04-15T15:31:38.180Z |
| cve-2026-6134 | Tenda F451 qossetting fromqossetting stack-based overflow |
Tenda |
F451 |
2026-04-12T23:00:38.601Z | 2026-04-15T15:26:53.883Z | |
| cve-2026-40742 | N/A | WordPress Nelio AB Testing plugin <= 8.2.8 - Sensitive… |
Nelio Software |
Nelio AB Testing |
2026-04-15T10:21:34.560Z | 2026-04-15T15:26:01.906Z |
| cve-2026-6129 | zhayujie chatgpt-on-wechat CowAgent Agent Mode Service… |
zhayujie |
chatgpt-on-wechat CowAgent |
2026-04-12T19:45:12.190Z | 2026-04-15T15:25:46.572Z | |
| cve-2019-25709 | 9.3 (v4.0) 9.8 (v3.1) | CF Image Hosting Script 1.6.5 Unauthorized Database Access |
Davidtavarez |
CF Image Hosting Script |
2026-04-12T12:28:54.207Z | 2026-04-15T15:24:31.713Z |
| cve-2026-40745 | N/A | WordPress Element Pack Elementor Addons plugin <= 8.4.… |
bdthemes |
Element Pack Elementor Addons |
2026-04-15T10:21:34.904Z | 2026-04-15T15:24:28.512Z |
| cve-2019-25701 | 8.6 (v4.0) 8.4 (v3.1) | Easy Video to iPod Converter 1.6.20 Local Buffer Overf… |
Divxtodvd |
Easy Video to iPod Converter |
2026-04-12T12:28:49.786Z | 2026-04-15T15:22:49.255Z |
| cve-2019-25689 | 8.6 (v4.0) 8.4 (v3.1) | HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH |
Html5Videoplayer |
HTML5 Video Player |
2026-04-12T12:28:45.236Z | 2026-04-15T15:21:21.456Z |
| cve-2026-40764 | N/A | WordPress Contact Form by WPForms plugin <= 1.10.0.2 -… |
Syed Balkhi |
Contact Form by WPForms |
2026-04-15T10:21:35.430Z | 2026-04-15T15:19:00.260Z |
| cve-2026-6117 | AstrBotDevs AstrBot install-upload Endpoint plugin.py … |
AstrBotDevs |
AstrBot |
2026-04-12T04:30:12.395Z | 2026-04-15T15:18:45.908Z | |
| cve-2026-6112 | Totolink A7100RU CGI cstecgi.cgi setRadvdCfg os comman… |
Totolink |
A7100RU |
2026-04-12T02:45:13.694Z | 2026-04-15T15:17:02.716Z | |
| cve-2026-6107 | 1Panel-dev MaxKB ChatHeadersMiddleware chat_headers_mi… |
1Panel-dev |
MaxKB |
2026-04-12T00:45:18.908Z | 2026-04-15T15:16:00.722Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2015-000033 | Vulnerability in the jBCrypt key stretching process | 2015-02-27T14:03+09:00 | 2015-03-03T15:58+09:00 |
| jvndb-2015-000032 | checkpw vulnerable to denial-of-service (DoS) | 2015-02-27T12:30+09:00 | 2015-03-03T15:57+09:00 |
| jvndb-2015-000026 | SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution | 2015-02-25T15:00+09:00 | 2015-03-02T14:23+09:00 |
| jvndb-2015-000027 | Zen Cart Japanese version vulnerable to cross-site scripting | 2015-02-25T15:09+09:00 | 2015-03-02T14:19+09:00 |
| jvndb-2015-001558 | Cross-site Scripting Vulnerability in Hitachi IT Operations Analyzer | 2015-02-27T15:57+09:00 | 2015-02-27T15:57+09:00 |
| jvndb-2015-001557 | Cross-site Scripting Vulnerability in JP1/IT Desktop Management - Manager and Hitachi IT Operations Director | 2015-02-27T15:56+09:00 | 2015-02-27T15:56+09:00 |
| jvndb-2015-001556 | Multiple Cross-site Scripting Vulnerabilities in Hitachi Compute Systems Manager | 2015-02-27T15:55+09:00 | 2015-02-27T15:55+09:00 |
| jvndb-2015-000023 | Speed Software Root Explorer and Explorer vulnerable to directory traversal | 2015-02-24T14:35+09:00 | 2015-02-26T17:18+09:00 |
| jvndb-2015-000020 | AL-Mail32 vulnerable to directory traversal | 2015-02-20T14:37+09:00 | 2015-02-24T16:38+09:00 |
| jvndb-2015-000021 | AL-Mail32 vulnerable to denial-of-service (DoS) | 2015-02-20T14:54+09:00 | 2015-02-24T16:37+09:00 |
| jvndb-2015-000022 | AL-Mail32 vulnerable to buffer overflow | 2015-02-20T14:55+09:00 | 2015-02-24T16:36+09:00 |
| jvndb-2015-000010 | Fumy News Clipper vulnerable to cross-site scripting | 2015-01-30T13:52+09:00 | 2015-02-16T15:55+09:00 |
| jvndb-2015-000007 | Arbitrary files may be overwritten in multiple VMware products | 2015-01-29T13:52+09:00 | 2015-02-16T15:34+09:00 |
| jvndb-2015-000006 | SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal | 2015-01-19T13:54+09:00 | 2015-02-13T15:09+09:00 |
| jvndb-2015-000014 | PerlTreeBBS vulnerable to cross-site scripting | 2015-02-13T13:58+09:00 | 2015-02-13T13:58+09:00 |
| jvndb-2015-000013 | shiromuku(u1)GUESTBOOK vulnerable to cross-site scripting | 2015-02-13T13:58+09:00 | 2015-02-13T13:58+09:00 |
| jvndb-2015-000008 | shiromuku(bu2)BBS vulnerable to arbitrary file creation | 2015-01-23T14:22+09:00 | 2015-02-13T09:51+09:00 |
| jvndb-2015-000001 | Cybozu Remote Service Manager vulnerable to denial-of-service (DoS) | 2015-01-30T14:19+09:00 | 2015-01-30T14:19+09:00 |
| jvndb-2014-000132 | Multiple Allied Telesis products vulnerable to buffer overflow | 2014-12-18T14:47+09:00 | 2015-01-28T17:38+09:00 |
| jvndb-2014-000056 | TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation | 2014-06-17T15:01+09:00 | 2015-01-22T15:50+09:00 |
| jvndb-2014-000095 | Shutter vulnerable to SQL injection | 2014-08-15T13:24+09:00 | 2015-01-15T17:47+09:00 |
| jvndb-2014-000124 | TSUTAYA App for Android vulnerable to arbitrary Java method execution | 2014-12-18T13:41+09:00 | 2014-12-22T17:52+09:00 |
| jvndb-2014-000152 | WBS Gantt-Chart for JIRA vulnerable to cross-site scripting | 2014-12-18T14:49+09:00 | 2014-12-22T17:33+09:00 |
| jvndb-2014-000151 | WBS Gantt-Chart for JIRA vulnerable to cross-site scripting | 2014-12-18T14:48+09:00 | 2014-12-22T17:30+09:00 |
| jvndb-2014-000143 | "File Upload BBS" of i-HTTPD vulnerable to remote command execution | 2014-12-09T14:40+09:00 | 2014-12-16T17:10+09:00 |
| jvndb-2014-000144 | i-HTTPD vulnerable to cross-site scripting | 2014-12-09T14:41+09:00 | 2014-12-16T17:09+09:00 |
| jvndb-2014-000134 | BSD Operating Systems vulnerable to denial-of-service (DoS) | 2014-11-21T14:10+09:00 | 2014-12-16T17:08+09:00 |
| jvndb-2014-000150 | LinPHA vulnerable to cross-site scripting | 2014-12-12T13:48+09:00 | 2014-12-16T17:07+09:00 |
| jvndb-2014-000145 | "Omake BBS" of i-HTTPD vulnerable to cross-site scripting | 2014-12-09T14:44+09:00 | 2014-12-15T19:16+09:00 |
| jvndb-2014-000149 | Chyrp vulnerable to cross-site scripting | 2014-12-10T14:18+09:00 | 2014-12-15T18:06+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0654 | Vulnérabilité dans Kibana | 2024-08-06T00:00:00.000000 | 2024-08-06T00:00:00.000000 |
| certfr-2024-avi-0653 | Vulnérabilité dans LibreOffice | 2024-08-06T00:00:00.000000 | 2024-08-06T00:00:00.000000 |
| certfr-2024-avi-0652 | Vulnérabilité dans les produits Cisco | 2024-08-05T00:00:00.000000 | 2024-08-05T00:00:00.000000 |
| certfr-2024-avi-0651 | Vulnérabilité dans les produits Trend Micro | 2024-08-05T00:00:00.000000 | 2024-08-05T00:00:00.000000 |
| certfr-2024-avi-0650 | Multiples vulnérabilités dans Stormshield Management Center | 2024-08-05T00:00:00.000000 | 2024-08-05T00:00:00.000000 |
| certfr-2024-avi-0649 | Vulnérabilité dans les produits Citrix | 2024-08-05T00:00:00.000000 | 2024-08-05T00:00:00.000000 |
| certfr-2024-avi-0648 | Multiples vulnérabilités dans les produits SonicWall | 2024-08-05T00:00:00.000000 | 2024-08-05T00:00:00.000000 |
| certfr-2024-avi-0647 | Multiples vulnérabilités dans Roundcube | 2024-08-05T00:00:00.000000 | 2024-08-05T00:00:00.000000 |
| certfr-2024-avi-0646 | Multiples vulnérabilités dans les produits IBM | 2024-08-02T00:00:00.000000 | 2024-08-02T00:00:00.000000 |
| certfr-2024-avi-0645 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-08-02T00:00:00.000000 | 2024-08-02T00:00:00.000000 |
| certfr-2024-avi-0644 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-08-02T00:00:00.000000 | 2024-08-02T00:00:00.000000 |
| certfr-2024-avi-0643 | Vulnérabilité dans les produits Moxa | 2024-08-02T00:00:00.000000 | 2024-08-02T00:00:00.000000 |
| certfr-2024-avi-0642 | Multiples vulnérabilités dans Microsoft Edge | 2024-08-02T00:00:00.000000 | 2024-08-02T00:00:00.000000 |
| certfr-2024-avi-0641 | Multiples vulnérabilités dans les produits NetApp | 2024-08-01T00:00:00.000000 | 2024-08-01T00:00:00.000000 |
| certfr-2024-avi-0640 | Vulnérabilité dans Elastic Elasticsearch | 2024-08-01T00:00:00.000000 | 2024-08-01T00:00:00.000000 |
| certfr-2024-avi-0639 | Vulnérabilité dans les produits Microsoft | 2024-08-01T00:00:00.000000 | 2024-08-01T00:00:00.000000 |
| certfr-2024-avi-0638 | Vulnérabilité dans Elastic Kibana | 2024-07-31T00:00:00.000000 | 2024-07-31T00:00:00.000000 |
| certfr-2024-avi-0637 | Multiples vulnérabilités dans HPE Aruba Networking ClearPass Policy Manager | 2024-07-31T00:00:00.000000 | 2024-07-31T00:00:00.000000 |
| certfr-2024-avi-0636 | Multiples vulnérabilités dans Google Chrome | 2024-07-31T00:00:00.000000 | 2024-07-31T00:00:00.000000 |
| certfr-2024-avi-0635 | Multiples vulnérabilités dans StormShield Management Center | 2024-07-30T00:00:00.000000 | 2024-07-30T00:00:00.000000 |
| certfr-2024-avi-0634 | Multiples vulnérabilités dans les produits Apple | 2024-07-30T00:00:00.000000 | 2024-07-30T00:00:00.000000 |
| certfr-2024-avi-0633 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0632 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0631 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0630 | Multiples vulnérabilités dans IBM QRadar | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0629 | Vulnérabilité dans SPIP | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0628 | Multiples vulnérabilités dans Microsoft Edge | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0627 | Multiples vulnérabilités dans les produits VMware | 2024-07-26T00:00:00.000000 | 2024-07-26T00:00:00.000000 |
| certfr-2024-avi-0626 | Multiples vulnérabilités dans les produits Mitel | 2024-07-25T00:00:00.000000 | 2024-07-25T00:00:00.000000 |
| certfr-2024-avi-0625 | Multiples vulnérabilités dans GitLab | 2024-07-25T00:00:00.000000 | 2024-07-25T00:00:00.000000 |