Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-32892 | OS Command Injection in Chamilo LMS 1.11.36 |
chamilo |
chamilo-lms |
2026-04-10T17:56:57.695Z | 2026-04-14T14:07:14.704Z | |
| cve-2026-1502 | 5.7 (v4.0) | HTTP client proxy tunnel headers not validated for CR/LF |
Python Software Foundation |
CPython |
2026-04-10T17:54:44.121Z | 2026-04-21T20:18:44.794Z |
| cve-2026-32932 | Chamilo LMS has an Open Redirect via Unvalidated 'page… |
chamilo |
chamilo-lms |
2026-04-10T17:51:58.480Z | 2026-04-13T15:36:22.092Z | |
| cve-2026-32931 | Chamilo LMS has Arbitrary File Upload via MIME-Only Va… |
chamilo |
chamilo-lms |
2026-04-10T17:50:40.176Z | 2026-04-15T14:56:10.732Z | |
| cve-2026-32930 | Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour… |
chamilo |
chamilo-lms |
2026-04-10T17:48:51.774Z | 2026-04-10T18:32:13.726Z | |
| cve-2026-32894 | Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour… |
chamilo |
chamilo-lms |
2026-04-10T17:44:24.994Z | 2026-04-13T15:36:28.238Z | |
| cve-2026-32893 | Chamilo LMS has Reflected XSS via Unsanitized http_bui… |
chamilo |
chamilo-lms |
2026-04-10T17:42:24.220Z | 2026-04-15T14:51:41.852Z | |
| cve-2026-31941 | Server-Side Request Forgery (SSRF) in Chamilo LMS |
chamilo |
chamilo-lms |
2026-04-10T17:37:50.948Z | 2026-04-10T18:33:22.920Z | |
| cve-2026-31940 | Session Fixation in Chamilo LMS |
chamilo |
chamilo-lms |
2026-04-10T17:35:10.661Z | 2026-04-14T14:12:28.550Z | |
| cve-2026-5483 | 8.5 (v3.1) | Odh-dashboard: odh dashboard kubernetes service accoun… |
Red Hat |
Red Hat OpenShift AI 2.16 |
2026-04-10T17:33:25.055Z | 2026-04-21T20:06:28.669Z |
| cve-2026-31939 | Path Traversal (Arbitrary File Delete) in Chamilo LMS |
chamilo |
chamilo-lms |
2026-04-10T17:32:29.252Z | 2026-04-13T15:36:34.681Z | |
| cve-2025-66447 | Chamilo LMS has validation-less redirect on login page |
chamilo |
chamilo-lms |
2026-04-10T17:22:32.443Z | 2026-04-14T14:12:56.349Z | |
| cve-2026-40163 | Saltcorn has an Unauthenticated Path Traversal in sync… |
saltcorn |
saltcorn |
2026-04-10T17:07:49.067Z | 2026-04-15T14:50:01.616Z | |
| cve-2026-40162 | Bugsink affected by authenticated arbitrary file write… |
bugsink |
bugsink |
2026-04-10T17:02:58.985Z | 2026-04-10T18:30:44.339Z | |
| cve-2026-22560 | N/A | An open redirect vulnerability in Rocket.Chat ver… |
Rocket.Chat |
Rocket.Chat |
2026-04-10T17:00:11.746Z | 2026-04-14T19:04:32.571Z |
| cve-2026-40160 | PraisonAIAgents has SSRF via unvalidated URL in `web_c… |
MervinPraison |
PraisonAIAgents |
2026-04-10T16:59:09.542Z | 2026-04-13T15:36:41.165Z | |
| cve-2026-40159 | PraisonAI Exposes Sensitive Environment Variable via U… |
MervinPraison |
PraisonAI |
2026-04-10T16:57:11.623Z | 2026-04-15T14:48:42.389Z | |
| cve-2026-40158 | PraisonAI has Improper Control of Generation of Code (… |
MervinPraison |
PraisonAI |
2026-04-10T16:49:24.753Z | 2026-04-10T18:31:12.440Z | |
| cve-2026-40157 | PraisonAI affected by arbitrary file write via path tr… |
MervinPraison |
PraisonAI |
2026-04-10T16:47:16.109Z | 2026-04-14T14:13:29.632Z | |
| cve-2026-40156 | PraisonAI Affected by Implicit Execution of Arbitrary … |
MervinPraison |
PraisonAI |
2026-04-10T16:46:15.807Z | 2026-04-13T15:36:51.249Z | |
| cve-2026-40100 | FastGPT has Unauthenticated SSRF in /api/core/app/mcpT… |
labring |
FastGPT |
2026-04-10T16:39:25.856Z | 2026-04-15T14:47:23.092Z | |
| cve-2026-40097 | Step CA affected by an index out of bounds panic in TP… |
smallstep |
certificates |
2026-04-10T16:34:53.330Z | 2026-04-10T18:30:15.176Z | |
| cve-2026-40074 | SvelteKit's invalidated redirect in handle hook causes… |
sveltejs |
kit |
2026-04-10T16:26:07.068Z | 2026-04-14T14:17:29.422Z | |
| cve-2026-40073 | SvelteKit has a BODY_SIZE_LIMIT bypass in @sveltejs/ad… |
sveltejs |
kit |
2026-04-10T16:24:39.987Z | 2026-04-13T15:36:57.412Z | |
| cve-2026-40086 | Rembg has a Path Traversal via Custom Model Loading |
danielgatis |
rembg |
2026-04-10T16:16:28.850Z | 2026-04-10T18:29:27.832Z | |
| cve-2026-40103 | Vikunja's Scoped API tokens with projects.background p… |
go-vikunja |
vikunja |
2026-04-10T16:12:27.603Z | 2026-04-15T14:45:18.303Z | |
| cve-2026-35602 | Vikunja has a File Size Limit Bypass via Vikunja Import |
go-vikunja |
vikunja |
2026-04-10T16:10:39.630Z | 2026-04-14T14:19:30.140Z | |
| cve-2026-35601 | Vikunja has an iCalendar Property Injection via CRLF i… |
go-vikunja |
vikunja |
2026-04-10T16:08:50.519Z | 2026-04-13T15:37:03.974Z | |
| cve-2026-35600 | Vikunja has HTML Injection via Task Titles in Overdue … |
go-vikunja |
vikunja |
2026-04-10T16:07:07.846Z | 2026-04-14T15:01:18.724Z | |
| cve-2026-35599 | Vikunja has an Algorithmic Complexity DoS in Repeating… |
go-vikunja |
vikunja |
2026-04-10T16:05:57.581Z | 2026-04-10T18:28:29.310Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000107 | SLFileManager for Android vulnerable to directory traversal | 2014-09-25T14:52+09:00 | 2015-07-31T16:30+09:00 |
| jvndb-2014-000111 | Yuko Yuko App for Android fails to verify SSL server certificates | 2014-09-22T13:50+09:00 | 2014-09-22T13:50+09:00 |
| jvndb-2014-000110 | Dotclear vulnerable to cross-site scripting | 2014-09-19T13:42+09:00 | 2014-09-25T17:52+09:00 |
| jvndb-2014-000109 | Bump for Android vulnerable in handling of implicit intents | 2014-09-19T13:41+09:00 | 2014-09-25T17:44+09:00 |
| jvndb-2014-000114 | FileMaker Pro fails to verify SSL server certificates | 2014-09-18T20:36+09:00 | 2014-09-24T18:47+09:00 |
| jvndb-2014-000113 | FileMaker Pro vulnerable to cross-site scripting | 2014-09-18T20:36+09:00 | 2015-05-22T11:37+09:00 |
| jvndb-2014-000106 | 365 Links series vulnerable to cross-site scripting | 2014-09-17T15:23+09:00 | 2014-09-19T13:33+09:00 |
| jvndb-2014-000105 | Help Page in multiple Adobe products vulnerable to cross-site scripting | 2014-09-12T14:00+09:00 | 2014-09-29T11:42+09:00 |
| jvndb-2014-000104 | Movable Type vulnerable to cross-site scripting | 2014-09-09T15:02+09:00 | 2014-09-11T16:56+09:00 |
| jvndb-2014-000084 | WisePoint vulnerable to session fixation | 2014-09-04T16:46+09:00 | 2014-09-09T15:02+09:00 |
| jvndb-2014-000103 | EmFTP may insecurely load executable files | 2014-09-04T16:36+09:00 | 2014-09-09T15:15+09:00 |
| jvndb-2014-000102 | Kindle App for Android fails to verify SSL server certificates | 2014-08-29T13:38+09:00 | 2014-09-03T18:25+09:00 |
| jvndb-2014-000101 | MailPoet Newsletters vulnerable to cross-site request forgery | 2014-08-26T13:33+09:00 | 2014-08-28T18:13+09:00 |
| jvndb-2014-000099 | Advance-Flow vulnerable to SQL injection | 2014-08-19T12:35+09:00 | 2014-08-20T16:26+09:00 |
| jvndb-2014-000100 | Cakifo vulnerable to cross-site scripting | 2014-08-18T13:32+09:00 | 2014-08-20T16:30+09:00 |
| jvndb-2014-000096 | Shutter vulnerable to cross-site scripting | 2014-08-15T13:27+09:00 | 2014-08-19T16:27+09:00 |
| jvndb-2014-000095 | Shutter vulnerable to SQL injection | 2014-08-15T13:24+09:00 | 2015-01-15T17:47+09:00 |
| jvndb-2014-000098 | Ameba for Android contains an issue where it fails to verify SSL server certificates | 2014-08-14T12:32+09:00 | 2014-08-18T12:22+09:00 |
| jvndb-2014-000097 | Dominion KX2-101 vulnerable to denial-of-service (DoS) | 2014-08-12T14:03+09:00 | 2014-08-18T09:44+09:00 |
| jvndb-2014-000094 | Piwigo vulnerable to SQL injection | 2014-08-08T13:57+09:00 | 2014-08-08T13:57+09:00 |
| jvndb-2014-000093 | Piwigo vulnerable to cross-site scripting | 2014-08-08T13:52+09:00 | 2014-08-19T16:48+09:00 |
| jvndb-2014-000092 | Piwigo vulnerable to cross-site scripting | 2014-08-08T13:49+09:00 | 2014-08-15T13:35+09:00 |
| jvndb-2014-000085 | GOM Player vulnerable to denial-of-service (DoS) | 2014-08-06T15:22+09:00 | 2014-08-13T18:29+09:00 |
| jvndb-2014-000091 | ServerView Operations Manager vulnerable to cross-site scripting | 2014-08-01T15:42+09:00 | 2014-08-18T10:05+09:00 |
| jvndb-2014-000086 | Outlook.com for Android contains an issue where it fails to verify SSL server certificates | 2014-07-30T15:11+09:00 | 2014-08-18T10:09+09:00 |
| jvndb-2014-000087 | Multiple I-O DATA IP Cameras vulnerable to authentication bypass | 2014-07-29T14:24+09:00 | 2014-08-01T18:30+09:00 |
| jvndb-2014-000088 | PerlMailer vulnerable to cross-site scripting | 2014-07-29T14:20+09:00 | 2014-08-01T18:28+09:00 |
| jvndb-2014-000089 | acmailer contains a cross-site request forgery vulnerability | 2014-07-29T14:15+09:00 | 2014-08-01T18:29+09:00 |
| jvndb-2013-002240 | Arbitrary program execution vulnerability in TrendLink ActiveX control | 2014-07-25T14:44+09:00 | 2014-07-25T14:44+09:00 |
| jvndb-2014-000082 | FuelPHP vulnerable to remote code execution | 2014-07-18T13:50+09:00 | 2014-07-23T11:03+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0619 | Multiples vulnérabilités dans les produits VMware | 2024-07-24T00:00:00.000000 | 2024-07-24T00:00:00.000000 |
| certfr-2024-avi-0618 | Multiples vulnérabilités dans ISC BIND | 2024-07-24T00:00:00.000000 | 2024-07-24T00:00:00.000000 |
| certfr-2024-avi-0617 | Multiples vulnérabilités dans les produits Siemens | 2024-07-23T00:00:00.000000 | 2024-07-23T00:00:00.000000 |
| certfr-2024-avi-0616 | Vulnérabilité dans les produits Atlassian | 2024-07-22T00:00:00.000000 | 2024-07-22T00:00:00.000000 |
| certfr-2024-avi-0615 | Vulnérabilité dans les produits NetApp | 2024-07-22T00:00:00.000000 | 2024-07-22T00:00:00.000000 |
| certfr-2024-avi-0614 | Vulnérabilité dans IBM MaaS360 | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0613 | Multiples vulnérabilités dans le noyau Linux de Debian | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0612 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0611 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0610 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0609 | Multiples vulnérabilités dans SolarWinds Access Rights Manager | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0608 | Vulnérabilité dans VMware Tanzu | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0607 | Multiples vulnérabilités dans Microsoft Edge | 2024-07-19T00:00:00.000000 | 2024-07-19T00:00:00.000000 |
| certfr-2024-avi-0606 | Multiples vulnérabilités dans les produits Ivanti | 2024-07-18T00:00:00.000000 | 2024-07-18T00:00:00.000000 |
| certfr-2024-avi-0605 | Vulnérabilité dans les produits Sonicwall | 2024-07-18T00:00:00.000000 | 2024-07-18T00:00:00.000000 |
| certfr-2024-avi-0604 | Vulnérabilité dans Microsoft Edge | 2024-07-18T00:00:00.000000 | 2024-07-18T00:00:00.000000 |
| certfr-2024-avi-0603 | Multiples vulnérabilités dans Apache HTTP Server | 2024-07-18T00:00:00.000000 | 2024-07-18T00:00:00.000000 |
| certfr-2024-avi-0602 | Multiples vulnérabilités dans les produits Cisco | 2024-07-18T00:00:00.000000 | 2024-07-18T00:00:00.000000 |
| certfr-2024-avi-0601 | Multiples vulnérabilités dans les produits Mitel | 2024-07-18T00:00:00.000000 | 2025-01-31T00:00:00.000000 |
| certfr-2024-avi-0600 | Vulnérabilité dans Sonicwall NetExtender | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0599 | Multiples vulnérabilités dans Oracle Weblogic | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0598 | Multiples vulnérabilités dans Oracle Virtualization | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0597 | Multiples vulnérabilités dans Oracle Systems | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0596 | Multiples vulnérabilités dans Oracle PeopleSoft | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0595 | Multiples vulnérabilités dans Oracle MySQL | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0594 | Multiples vulnérabilités dans Oracle Java SE | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0593 | Multiples vulnérabilités dans Oracle Database Server | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0592 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0591 | Multiples vulnérabilités dans Google Chrome | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |
| certfr-2024-avi-0590 | Multiples vulnérabilités dans les produits Atlassian | 2024-07-17T00:00:00.000000 | 2024-07-17T00:00:00.000000 |