Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-6139 | Totolink A7100RU CGI cstecgi.cgi UploadOpenVpnCert os … |
Totolink |
A7100RU |
2026-04-13T00:15:12.109Z | 2026-04-14T19:37:43.658Z | |
| cve-2026-6186 | UTT HiPER 1200GW formNatStaticMap strcpy buffer overflow |
UTT |
HiPER 1200GW |
2026-04-13T15:15:11.716Z | 2026-04-14T19:37:43.525Z | |
| cve-2026-6191 | itsourcecode Construction Management System equipments… |
itsourcecode |
Construction Management System |
2026-04-13T16:30:24.440Z | 2026-04-14T19:37:43.372Z | |
| cve-2026-6219 | aandrew-me ytDownloader Compressor Feature compressor.… |
aandrew-me |
ytDownloader |
2026-04-13T20:45:24.103Z | 2026-04-14T19:37:43.233Z | |
| cve-2026-27286 | 5.5 (v3.1) | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
Adobe |
InDesign Desktop |
2026-04-14T16:45:54.103Z | 2026-04-14T19:37:43.093Z |
| cve-2026-24907 | October CMS has Stored XSS via Event Log Mail Preview |
octobercms |
october |
2026-04-14T17:34:22.688Z | 2026-04-14T19:29:45.761Z | |
| cve-2026-40183 | ImageMagick: Heap buffer overflow when encoding JXL im… |
ImageMagick |
ImageMagick |
2026-04-13T21:28:20.797Z | 2026-04-14T19:27:39.187Z | |
| cve-2026-40312 | ImageMagick: Off-by-One in MSL decoder could result in crash |
ImageMagick |
ImageMagick |
2026-04-13T21:43:28.416Z | 2026-04-14T19:27:39.053Z | |
| cve-2026-40164 | jq: Algorithmic complexity DoS via hardcoded MurmurHas… |
jqlang |
jq |
2026-04-13T23:40:12.693Z | 2026-04-14T19:27:38.916Z | |
| cve-2026-27258 | 5.5 (v3.1) | DNG SDK | Out-of-bounds Write (CWE-787) |
Adobe |
DNG SDK |
2026-04-14T17:03:26.563Z | 2026-04-14T19:27:37.471Z |
| cve-2026-27245 | 9.3 (v3.1) | Adobe Connect | Cross-site Scripting (Reflected XSS) (… |
Adobe |
Adobe Connect |
2026-04-14T17:33:46.104Z | 2026-04-14T19:27:37.316Z |
| cve-2026-27288 | 5.4 (v3.1) | Adobe Experience Manager | Cross-site Scripting (DOM-b… |
Adobe |
Adobe Experience Manager |
2026-04-14T18:00:54.222Z | 2026-04-14T19:27:37.186Z |
| cve-2026-34629 | 7.8 (v3.1) | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
Adobe |
InDesign Desktop |
2026-04-14T17:05:09.573Z | 2026-04-14T19:18:37.354Z |
| cve-2026-34614 | 6.1 (v3.1) | Adobe Connect | Cross-site Scripting (Reflected XSS) (… |
Adobe |
Adobe Connect |
2026-04-14T17:33:46.943Z | 2026-04-14T19:18:31.682Z |
| cve-2026-27243 | 9.3 (v3.1) | Adobe Connect | Cross-site Scripting (Reflected XSS) (… |
Adobe |
Adobe Connect |
2026-04-14T17:33:43.289Z | 2026-04-14T19:10:50.684Z |
| cve-2026-34617 | 8.7 (v3.1) | Adobe Connect | Cross-site Scripting (XSS) (CWE-79) |
Adobe |
Adobe Connect |
2026-04-14T17:33:49.511Z | 2026-04-14T19:10:24.817Z |
| cve-2026-22560 | N/A | An open redirect vulnerability in Rocket.Chat ver… |
Rocket.Chat |
Rocket.Chat |
2026-04-10T17:00:11.746Z | 2026-04-14T19:04:32.571Z |
| cve-2026-34623 | 5.4 (v3.1) | Adobe Experience Manager | Cross-site Scripting (DOM-b… |
Adobe |
Adobe Experience Manager |
2026-04-14T18:26:00.180Z | 2026-04-14T18:59:02.939Z |
| cve-2026-34624 | 5.4 (v3.1) | Adobe Experience Manager | Cross-site Scripting (DOM-b… |
Adobe |
Adobe Experience Manager |
2026-04-14T18:25:58.883Z | 2026-04-14T18:53:03.853Z |
| cve-2026-21331 | 6.1 (v3.1) | Adobe Connect | Cross-site Scripting (Reflected XSS) (… |
Adobe |
Adobe Connect |
2026-04-14T17:33:48.648Z | 2026-04-14T18:33:21.646Z |
| cve-2026-39542 | N/A | WordPress Doofinder for WooCommerce plugin <= 2.10.13 … |
Doofinder |
Doofinder for WooCommerce |
2026-04-08T08:30:17.588Z | 2026-04-14T18:27:54.277Z |
| cve-2026-27664 | A vulnerability has been identified in CPCI85 Cen… |
Siemens |
CPCI85 Central Processing/Communication |
2026-03-26T14:03:21.993Z | 2026-04-14T18:24:39.273Z | |
| cve-2026-27663 | A vulnerability has been identified in CPCI85 Cen… |
Siemens |
CPCI85 Central Processing/Communication |
2026-03-26T14:03:20.787Z | 2026-04-14T18:24:38.079Z | |
| cve-2026-24069 | N/A | Improper Enforcement of Disabled Accounts in WebUI SSO… |
Kiuwan |
SAST |
2026-04-14T11:26:55.274Z | 2026-04-14T18:24:36.801Z |
| cve-2026-39544 | N/A | WordPress LabtechCO theme <= 8.3 - Local File Inclusio… |
themeStek |
LabtechCO |
2026-04-08T08:30:17.993Z | 2026-04-14T18:22:23.625Z |
| cve-2026-34628 | 7.8 (v3.1) | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
Adobe |
InDesign Desktop |
2026-04-14T17:05:10.542Z | 2026-04-14T18:22:03.150Z |
| cve-2026-39564 | N/A | WordPress Sunshine Photo Cart plugin < 3.6.2 - Sensiti… |
sunshinephotocart |
Sunshine Photo Cart |
2026-04-08T08:30:18.874Z | 2026-04-14T18:17:59.697Z |
| cve-2026-31923 | Apache APISIX: Openid-connect `tls_verify` field is di… |
Apache Software Foundation |
Apache APISIX |
2026-04-14T08:38:59.039Z | 2026-04-14T18:16:34.559Z | |
| cve-2026-4832 | 6.9 (v4.0) | CWE-798 Use of Hard-coded Credentials vulnerabili… |
Schneider Electric |
Easergy MiCOM P14x |
2026-04-14T15:05:00.845Z | 2026-04-14T18:16:06.726Z |
| cve-2026-39566 | N/A | WordPress DirectoryPress plugin <= 3.6.26 - Sensitive … |
Designinvento |
DirectoryPress |
2026-04-08T08:30:19.228Z | 2026-04-14T18:10:54.894Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2014-000020 | AutoCAD may insecurely load dynamic libraries | 2014-02-21T14:19+09:00 | 2014-02-25T16:38+09:00 |
| jvndb-2013-000070 | Oracle Outside In vulnerable to buffer overflow | 2013-07-17T13:45+09:00 | 2014-02-24T16:38+09:00 |
| jvndb-2014-000015 | phpMyFAQ vulnerable to cross-site scripting | 2014-02-07T12:25+09:00 | 2014-02-20T14:00+09:00 |
| jvndb-2014-000016 | phpMyFAQ vulnerable to cross-site request forgery | 2014-02-07T12:26+09:00 | 2014-02-20T13:58+09:00 |
| jvndb-2014-000014 | Opera browser for Android issue in handling intent scheme URL's | 2014-02-06T12:20+09:00 | 2014-02-10T19:09+09:00 |
| jvndb-2014-000013 | Joyful Note vulnerable to cross-site scripting | 2014-01-31T13:41+09:00 | 2014-02-04T17:38+09:00 |
| jvndb-2014-000011 | Sanshiro Series vulnerable to arbitrary code execution | 2014-01-28T14:48+09:00 | 2014-01-30T14:24+09:00 |
| jvndb-2014-000010 | Multiple SQL injection vulnerabilities in Cybozu Garoon | 2014-01-28T14:40+09:00 | 2014-01-30T14:22+09:00 |
| jvndb-2014-000008 | SimZip (Simple Zip Viewer) vulnerable to directory traversal | 2014-01-24T12:34+09:00 | 2014-01-28T18:03+09:00 |
| jvndb-2014-000009 | OpenPNE vulnerable to PHP Object Injection | 2014-01-24T12:36+09:00 | 2014-01-28T18:02+09:00 |
| jvndb-2014-000005 | EC-CUBE vulnerable to information alteration | 2014-01-22T15:27+09:00 | 2014-01-27T09:51+09:00 |
| jvndb-2014-000007 | Information disclosure vulnerability in Sleipnir Mobile for Android | 2014-01-22T15:29+09:00 | 2014-01-27T09:47+09:00 |
| jvndb-2014-000004 | NeoFiler vulnerable to directory traversal | 2014-01-10T14:44+09:00 | 2014-01-15T12:32+09:00 |
| jvndb-2014-000003 | Security File Manager vulnerable to directory traversal | 2014-01-10T14:42+09:00 | 2014-01-10T14:42+09:00 |
| jvndb-2014-000002 | tetra filer vulnerable to directory traversal | 2014-01-10T14:41+09:00 | 2014-01-10T14:41+09:00 |
| jvndb-2014-000001 | ZIP with Pass vulnerable to directory traversal | 2014-01-10T14:34+09:00 | 2014-01-10T14:34+09:00 |
| jvndb-2013-000120 | IrfanView vulnerable to buffer overflow | 2013-12-24T15:02+09:00 | 2014-01-07T19:25+09:00 |
| jvndb-2013-000124 | Cybozu Garoon vulnerable to SQL injection | 2013-12-25T12:21+09:00 | 2014-01-07T19:22+09:00 |
| jvndb-2013-000125 | Cybozu Garoon Keitai vulnerable to authentication bypass | 2013-12-25T12:22+09:00 | 2014-01-07T16:12+09:00 |
| jvndb-2013-000126 | HP Autonomy Ultraseek vulnerable to cross-site scripting | 2013-12-26T12:32+09:00 | 2013-12-26T12:32+09:00 |
| jvndb-2013-005669 | Xml eXternal Entity Vulnerability in Hitachi Cosminexus | 2013-12-25T19:13+09:00 | 2013-12-25T19:13+09:00 |
| jvndb-2013-000123 | VMware ESX and ESXi may allow access to arbitrary files | 2013-12-24T15:02+09:00 | 2013-12-25T14:01+09:00 |
| jvndb-2013-005262 | Buffer Overflow Vulnerability in the log function of Interstage HTTP Server | 2013-11-28T16:38+09:00 | 2013-12-18T16:16+09:00 |
| jvndb-2013-000119 | Juniper ScreenOS vulnerable to denial-of-service (DoS) | 2013-12-13T12:23+09:00 | 2013-12-18T15:23+09:00 |
| jvndb-2013-000118 | Cybozu Dezie vulnerable to cross-site scripting | 2013-12-10T14:13+09:00 | 2013-12-18T14:51+09:00 |
| jvndb-2013-000117 | Cybozu Garoon vulnerable to session fixation | 2013-12-03T13:51+09:00 | 2013-12-06T10:52+09:00 |
| jvndb-2013-000116 | Cybozu Garoon vulnerable to mail header injection | 2013-12-03T13:49+09:00 | 2013-12-06T10:50+09:00 |
| jvndb-2013-000115 | Cybozu Garoon vulnerable to denial-of-service (DoS) | 2013-12-03T13:46+09:00 | 2013-12-06T10:48+09:00 |
| jvndb-2013-000114 | Cybozu Garoon vulnerable to SQL injection | 2013-12-03T13:45+09:00 | 2013-12-06T10:47+09:00 |
| jvndb-2013-000113 | Multiple cross-site scripting vulnerabilities in Cybozu Garoon | 2013-12-03T13:37+09:00 | 2013-12-06T10:42+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0502 | Multiples vulnérabilités dans les produits VMware | 2024-06-18T00:00:00.000000 | 2024-06-18T00:00:00.000000 |
| certfr-2024-avi-0501 | Multiples vulnérabilités dans les produits Nextcloud | 2024-06-17T00:00:00.000000 | 2024-06-17T00:00:00.000000 |
| certfr-2024-avi-0500 | Multiples vulnérabilités dans Elastic Kibana | 2024-06-17T00:00:00.000000 | 2024-06-17T00:00:00.000000 |
| certfr-2024-avi-0499 | Vulnérabilité dans NetApp StorageGRID | 2024-06-17T00:00:00.000000 | 2024-06-17T00:00:00.000000 |
| certfr-2024-avi-0498 | Multiples vulnérabilités dans les produits IBM | 2024-06-14T00:00:00.000000 | 2024-06-14T00:00:00.000000 |
| certfr-2024-avi-0497 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-06-14T00:00:00.000000 | 2024-06-14T00:00:00.000000 |
| certfr-2024-avi-0496 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-06-14T00:00:00.000000 | 2024-06-14T00:00:00.000000 |
| certfr-2024-avi-0495 | Multiples vulnérabilités dans Microsoft Edge | 2024-06-14T00:00:00.000000 | 2024-06-14T00:00:00.000000 |
| certfr-2024-avi-0476 | Multiples vulnérabilités dans les produits Schneider Electric | 2024-06-11T00:00:00.000000 | 2024-06-14T00:00:00.000000 |
| certfr-2024-avi-0492 | Multiples vulnérabilités dans Google Android et Pixel | 2024-06-13T00:00:00.000000 | 2024-06-13T00:00:00.000000 |
| certfr-2024-avi-0491 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-06-13T00:00:00.000000 | 2024-06-13T00:00:00.000000 |
| certfr-2024-avi-0490 | Multiples vulnérabilités dans GitLab | 2024-06-13T00:00:00.000000 | 2024-06-13T00:00:00.000000 |
| certfr-2024-avi-0489 | Multiples vulnérabilités dans les produits Microsoft | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0488 | Multiples vulnérabilités dans Microsoft Azure | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0487 | Multiples vulnérabilités dans Microsoft .Net | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0486 | Multiples vulnérabilités dans Microsoft Windows | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0485 | Multiples vulnérabilités dans Microsoft Office | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0484 | Multiples vulnérabilités dans les produits Fortinet | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0483 | Multiples vulnérabilités dans les produits Adobe | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0482 | Multiples vulnérabilités dans Mozilla Firefox | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0481 | Multiples vulnérabilités dans Google Chrome | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0480 | Vulnérabilité dans les produits Citrix | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0479 | Multiples vulnérabilités dans HPE Aruba Networking AirWave Management Platform | 2024-06-12T00:00:00.000000 | 2024-06-12T00:00:00.000000 |
| certfr-2024-avi-0478 | Multiples vulnérabilités dans les produits Siemens | 2024-06-11T00:00:00.000000 | 2024-06-11T00:00:00.000000 |
| certfr-2024-avi-0477 | Multiples vulnérabilités dans les produits SAP | 2024-06-11T00:00:00.000000 | 2024-06-11T00:00:00.000000 |
| certfr-2024-avi-0475 | Multiples vulnérabilités dans Tenable Security Center | 2024-06-11T00:00:00.000000 | 2024-06-11T00:00:00.000000 |
| certfr-2024-avi-0474 | Vulnérabilité dans Veeam Recovery Orchestrator | 2024-06-11T00:00:00.000000 | 2024-06-11T00:00:00.000000 |
| certfr-2024-avi-0473 | Vulnérabilité dans VMware Tanzu | 2024-06-10T00:00:00.000000 | 2024-06-10T00:00:00.000000 |
| certfr-2024-avi-0472 | Multiples vulnérabilités dans le noyau Linux de Debian | 2024-06-07T00:00:00.000000 | 2024-06-07T00:00:00.000000 |
| certfr-2024-avi-0471 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-06-07T00:00:00.000000 | 2024-06-07T00:00:00.000000 |