Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-49534 | 5.4 (v3.1) | Adobe Experience Manager | Cross-site Scripting (Store… |
Adobe |
Adobe Experience Manager |
2025-07-08T21:40:35.588Z | 2026-04-14T18:08:45.505Z |
| cve-2026-39570 | N/A | WordPress 12 Step Meeting List plugin <= 3.19.9 - Sens… |
AA Web Servant |
12 Step Meeting List |
2026-04-08T08:30:20.143Z | 2026-04-14T18:06:58.246Z |
| cve-2025-49547 | 5.4 (v3.1) | Adobe Experience Manager | Cross-site Scripting (Store… |
Adobe |
Adobe Experience Manager |
2025-07-08T21:40:36.387Z | 2026-04-14T18:06:52.343Z |
| cve-2025-65136 | N/A | In manikandan580 School-management-system 1.0, a … |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T18:04:46.651Z |
| cve-2025-65134 | N/A | In manikandan580 School-management-system 1.0, a … |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T18:03:39.903Z |
| cve-2025-65132 | N/A | alandsilva26 hotel-management-php 1.0 is vulnerab… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T18:02:48.116Z |
| cve-2026-39572 | N/A | WordPress Bus Ticket Booking with Seat Reservation plu… |
magepeopleteam |
Bus Ticket Booking with Seat Reservation |
2026-04-08T08:30:20.629Z | 2026-04-14T18:01:05.830Z |
| cve-2026-27246 | 9.3 (v3.1) | Adobe Connect | Cross-site Scripting (DOM-based XSS) (… |
Adobe |
Adobe Connect |
2026-04-14T17:33:47.834Z | 2026-04-14T17:55:44.469Z |
| cve-2025-63939 | Improper input handling in /Grocery/search_produc… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:53:49.359Z | |
| cve-2026-34626 | 6.3 (v3.1) | Acrobat Reader | Improperly Controlled Modification of… |
Adobe |
Acrobat Reader |
2026-04-14T16:18:04.679Z | 2026-04-14T17:53:05.039Z |
| cve-2026-38526 | An authenticated arbitrary file upload vulnerabil… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:50:54.198Z | |
| cve-2025-65135 | In manikandan580 School-management-system 1.0, a … |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:49:30.241Z | |
| cve-2026-39810 | 5.2 (v3.1) | A use of hard-coded cryptographic key vulnerabili… |
Fortinet |
FortiClientEMS |
2026-04-14T15:38:21.194Z | 2026-04-14T17:41:54.082Z |
| cve-2026-38527 | A Server-Side Request Forgery (SSRF) in the /sett… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:36:59.813Z | |
| cve-2026-39815 | 7.9 (v3.1) | A improper neutralization of special elements use… |
Fortinet |
FortiDDoS-F |
2026-04-14T15:38:22.588Z | 2026-04-14T17:35:54.853Z |
| cve-2026-38528 | Krayin CRM v2.2.x was discovered to contain a SQL… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:34:54.115Z | |
| cve-2026-38529 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:31:13.560Z | |
| cve-2026-38530 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:28:56.838Z | |
| cve-2026-38532 | A Broken Object-Level Authorization (BOLA) in the… |
n/a |
n/a |
2026-04-14T00:00:00.000Z | 2026-04-14T17:27:56.674Z | |
| cve-2026-4914 | 5.4 (v3.1) | Stored XSS in Ivanti N-ITSM before version 2025.4… |
Ivanti |
Neurons for ITSM (On-Premise) |
2026-04-14T14:15:48.101Z | 2026-04-14T17:20:09.361Z |
| cve-2026-27316 | 2.5 (v3.1) | A insufficiently protected credentials vulnerabil… |
Fortinet |
FortiSandbox |
2026-04-14T15:38:02.149Z | 2026-04-14T16:46:17.486Z |
| cve-2026-22576 | 4.1 (v3.1) | A storing passwords in a recoverable format vulne… |
Fortinet |
FortiSOAR PaaS |
2026-04-14T15:38:05.576Z | 2026-04-14T16:46:17.327Z |
| cve-2025-53847 | 6.2 (v3.1) | A missing authentication for critical function vu… |
Fortinet |
FortiOS |
2026-04-14T15:38:06.336Z | 2026-04-14T16:46:17.175Z |
| cve-2026-22154 | 4.4 (v3.1) | An improper neutralization of input during web pa… |
Fortinet |
FortiSOAR PaaS |
2026-04-14T15:38:07.043Z | 2026-04-14T16:46:17.029Z |
| cve-2026-22574 | 4.1 (v3.1) | A storing passwords in a recoverable format vulne… |
Fortinet |
FortiSOAR PaaS |
2026-04-14T15:38:08.130Z | 2026-04-14T16:46:16.794Z |
| cve-2026-21742 | 5.4 (v3.1) | A cleartext transmission of sensitive information… |
Fortinet |
FortiSOAR PaaS |
2026-04-14T15:38:13.389Z | 2026-04-14T16:46:16.652Z |
| cve-2026-22155 | 6.2 (v3.1) | A cleartext transmission of sensitive information… |
Fortinet |
FortiSOAR on-premise |
2026-04-14T15:38:13.806Z | 2026-04-14T16:46:16.501Z |
| cve-2025-59809 | 4.1 (v3.1) | A server-side request forgery (ssrf) vulnerabilit… |
Fortinet |
FortiSOAR on-premise |
2026-04-14T15:38:15.104Z | 2026-04-14T16:46:16.247Z |
| cve-2026-25691 | 6.2 (v3.1) | A improper limitation of a pathname to a restrict… |
Fortinet |
FortiSandbox PaaS |
2026-04-14T15:38:16.406Z | 2026-04-14T16:46:16.085Z |
| cve-2026-39812 | 4.3 (v3.1) | A improper neutralization of input during web pag… |
Fortinet |
FortiSandbox |
2026-04-14T15:38:18.366Z | 2026-04-14T16:46:15.629Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2013-000112 | TOWN (modified version) vulnerable to directory traversal | 2013-11-29T14:23+09:00 | 2013-12-06T10:38+09:00 |
| jvndb-2013-000110 | D-Link DES-3800 Series vulnerable to denial-of-service (DoS) | 2013-11-22T14:51+09:00 | 2013-11-26T16:15+09:00 |
| jvndb-2013-000109 | D-Link DES-3800 Series vulnerable to denial-of-service (DoS) | 2013-11-22T14:50+09:00 | 2013-11-26T16:09+09:00 |
| jvndb-2013-000108 | KDrive Personal for Windows contains an issue where it fails to verify SSL server certificates | 2013-11-22T17:39+09:00 | 2013-11-26T16:02+09:00 |
| jvndb-2013-000104 | EC-CUBE vulnerable to information disclosure | 2013-11-20T15:19+09:00 | 2013-11-22T14:42+09:00 |
| jvndb-2013-000105 | EC-CUBE vulnerable to cross-site scripting | 2013-11-20T15:34+09:00 | 2013-11-22T14:40+09:00 |
| jvndb-2013-000097 | EC-CUBE vulnerable to cross-site request forgery | 2013-11-20T15:40+09:00 | 2013-11-22T14:37+09:00 |
| jvndb-2013-000098 | EC-CUBE information disclosure vulnerability | 2013-11-20T15:48+09:00 | 2013-11-22T14:35+09:00 |
| jvndb-2013-000106 | EC-CUBE information disclosure vulnerability | 2013-11-20T16:14+09:00 | 2013-11-22T14:18+09:00 |
| jvndb-2013-000107 | EC-CUBE vulnerable to cross-site scripting | 2013-11-20T15:56+09:00 | 2013-11-22T13:57+09:00 |
| jvndb-2011-003557 | ASP.NET vulnerable to open redirect | 2013-11-15T15:54+09:00 | 2013-11-15T15:54+09:00 |
| jvndb-2013-000103 | Ichitaro series vulnerable to arbitrary code execution | 2013-11-12T14:33+09:00 | 2013-11-15T10:22+09:00 |
| jvndb-2013-000101 | TOWN (modified version) vulnerable to cross-site scripting | 2013-11-07T13:59+09:00 | 2013-11-11T16:34+09:00 |
| jvndb-2013-000100 | Tiki Wiki CMS Groupware vulnerable to SQL injection | 2013-11-05T15:11+09:00 | 2013-11-07T17:57+09:00 |
| jvndb-2013-000099 | Tiki Wiki CMS Groupware vulnerable to cross-site scripting | 2013-11-05T15:05+09:00 | 2013-11-07T17:55+09:00 |
| jvndb-2013-000102 | Page Scroller vulnerable to cross-site scripting | 2013-11-07T14:03+09:00 | 2013-11-07T14:03+09:00 |
| jvndb-2013-000095 | HDL-A and HDL2-A Series vulnerable in session management | 2013-10-18T14:30+09:00 | 2013-10-22T17:56+09:00 |
| jvndb-2013-000093 | Internet Explorer vulnerable to arbitrary code execution | 2013-09-19T14:39+09:00 | 2013-10-10T18:12+09:00 |
| jvndb-2013-000091 | SEIL Series routers vulnerable in RADIUS authentication | 2013-09-20T14:52+09:00 | 2013-10-08T15:36+09:00 |
| jvndb-2013-000094 | Accela BizSearch vulnerable to cross-site scripting | 2013-10-04T12:36+09:00 | 2013-10-08T14:56+09:00 |
| jvndb-2013-004410 | Arbitrary Commands Execution Vulnerability in JP1/Base | 2013-10-03T19:26+09:00 | 2013-10-03T19:26+09:00 |
| jvndb-2013-004409 | Arbitrary Commands Execution Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 | 2013-10-03T19:24+09:00 | 2013-10-03T19:24+09:00 |
| jvndb-2013-000092 | SEIL Series routers vulnerable to buffer overflow | 2013-09-20T14:57+09:00 | 2013-09-30T16:46+09:00 |
| jvndb-2013-000090 | D-Link DES-3810 Series vulnerable to denial-of-service (DoS) | 2013-09-20T15:12+09:00 | 2013-09-30T15:52+09:00 |
| jvndb-2013-000089 | D-Link DWL-2100AP vulnerable to denial-of-service (DoS) | 2013-09-20T15:07+09:00 | 2013-09-30T15:47+09:00 |
| jvndb-2013-004319 | Multiple vulnerabilities in Java bundled with Hitachi JP1/Cm2/Network Node Manager i | 2013-09-27T14:51+09:00 | 2013-09-27T14:51+09:00 |
| jvndb-2013-004318 | Multiple vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i | 2013-09-27T14:49+09:00 | 2013-09-27T14:49+09:00 |
| jvndb-2013-000088 | ChamaCargo vulnerable to cross-site scripting | 2013-09-13T12:21+09:00 | 2013-09-18T16:12+09:00 |
| jvndb-2013-000086 | Opera vulnerable to cross-site scripting | 2013-09-12T14:13+09:00 | 2013-09-17T14:20+09:00 |
| jvndb-2013-000085 | VMware ESX and ESXi vulnerable to buffer overflow | 2013-09-06T14:03+09:00 | 2013-09-11T14:06+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0470 | Multiples vulnérabilités dans les produits IBM | 2024-06-07T00:00:00.000000 | 2024-06-07T00:00:00.000000 |
| certfr-2024-avi-0469 | Vulnérabilité dans les produits Elastic | 2024-06-07T00:00:00.000000 | 2024-06-07T00:00:00.000000 |
| certfr-2024-avi-0468 | Multiples vulnérabilités dans PHP | 2024-06-07T00:00:00.000000 | 2024-06-07T00:00:00.000000 |
| certfr-2024-avi-0467 | Vulnérabilité dans SolarWinds Serv-U | 2024-06-07T00:00:00.000000 | 2024-06-07T00:00:00.000000 |
| certfr-2024-avi-0466 | Multiples vulnérabilités dans les produits Elastic | 2024-06-06T00:00:00.000000 | 2024-06-06T00:00:00.000000 |
| certfr-2024-avi-0465 | Vulnérabilité dans MongoDB PyMongo | 2024-06-06T00:00:00.000000 | 2024-06-06T00:00:00.000000 |
| certfr-2024-avi-0464 | Multiples vulnérabilités dans SolarWinds Platform | 2024-06-05T00:00:00.000000 | 2024-06-05T00:00:00.000000 |
| certfr-2024-avi-0463 | Multiples vulnérabilités dans Ruby on Rails | 2024-06-05T00:00:00.000000 | 2024-06-05T00:00:00.000000 |
| certfr-2024-avi-0462 | Vulnérabilité dans SolarWinds Platform | 2024-06-04T00:00:00.000000 | 2024-06-04T00:00:00.000000 |
| certfr-2024-avi-0461 | Multiples vulnérabilités dans Microsoft Edge | 2024-06-04T00:00:00.000000 | 2024-06-04T00:00:00.000000 |
| certfr-2024-avi-0460 | Vulnérabilité dans les caméras Synology | 2024-06-03T00:00:00.000000 | 2024-06-03T00:00:00.000000 |
| certfr-2024-avi-0459 | Multiples vulnérabilités dans les produits IBM | 2024-05-31T00:00:00.000000 | 2024-05-31T00:00:00.000000 |
| certfr-2024-avi-0458 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-05-31T00:00:00.000000 | 2024-05-31T00:00:00.000000 |
| certfr-2024-avi-0457 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2024-05-31T00:00:00.000000 | 2024-05-31T00:00:00.000000 |
| certfr-2024-avi-0456 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-05-31T00:00:00.000000 | 2024-05-31T00:00:00.000000 |
| certfr-2024-avi-0455 | Multiples vulnérabilités dans les produits Trend Micro | 2024-05-31T00:00:00.000000 | 2024-05-31T00:00:00.000000 |
| certfr-2024-avi-0454 | Multiples vulnérabilités dans Google Chrome | 2024-05-31T00:00:00.000000 | 2024-05-31T00:00:00.000000 |
| certfr-2024-avi-0453 | Vulnérabilité dans Ivanti Endpoint Manager | 2024-05-30T00:00:00.000000 | 2024-05-30T00:00:00.000000 |
| certfr-2024-avi-0452 | Multiples vulnérabilités dans StormShield SSL VPN Client | 2024-05-30T00:00:00.000000 | 2024-05-30T00:00:00.000000 |
| certfr-2024-avi-0451 | Vulnérabilité dans Mitel MiVoice MX-ONE | 2024-05-30T00:00:00.000000 | 2024-05-30T00:00:00.000000 |
| certfr-2024-avi-0450 | Multiples vulnérabilités dans Nginx | 2024-05-30T00:00:00.000000 | 2024-05-30T00:00:00.000000 |
| certfr-2024-avi-0449 | Vulnérabilité dans les produits Check Point | 2024-05-29T00:00:00.000000 | 2024-05-29T00:00:00.000000 |
| certfr-2024-avi-0448 | Multiples vulnérabilités dans Nagios XI | 2024-05-29T00:00:00.000000 | 2024-05-29T00:00:00.000000 |
| certfr-2024-avi-0447 | Vulnérabilité dans SPIP | 2024-05-29T00:00:00.000000 | 2024-05-29T00:00:00.000000 |
| certfr-2024-avi-0446 | Vulnérabilité dans OpenSSL | 2024-05-29T00:00:00.000000 | 2024-05-29T00:00:00.000000 |
| certfr-2024-avi-0445 | Vulnérabilité dans Spring Cloud Skipper | 2024-05-29T00:00:00.000000 | 2024-05-29T00:00:00.000000 |
| certfr-2024-avi-0444 | Vulnérabilité dans Citrix Workspace app pour Mac | 2024-05-29T00:00:00.000000 | 2024-05-29T00:00:00.000000 |
| certfr-2024-avi-0443 | Multiples vulnérabilités dans Microsoft Edge | 2024-05-27T00:00:00.000000 | 2024-05-27T00:00:00.000000 |
| certfr-2024-avi-0442 | Multiples vulnérabilités dans les produits IBM | 2024-05-24T00:00:00.000000 | 2024-05-24T00:00:00.000000 |
| certfr-2024-avi-0441 | Vulnérabilité dans les produits WithSecure | 2024-05-24T00:00:00.000000 | 2024-05-24T00:00:00.000000 |