Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2023-54364 | 5.1 (v4.0) 6.1 (v3.1) | Joomla HikaShop 4.7.4 Reflected XSS via Product Filter |
Hikashop |
Joomla HikaShop |
2026-04-09T20:54:53.568Z | 2026-04-10T18:10:51.242Z |
| cve-2023-54363 | 5.1 (v4.0) 6.1 (v3.1) | Joomla Solidres 2.13.3 Reflected XSS via Multiple Parameters |
Solidres |
Joomla Solidres |
2026-04-09T20:54:52.838Z | 2026-04-10T15:55:28.694Z |
| cve-2023-54362 | 5.1 (v4.0) 6.1 (v3.1) | Joomla VirtueMart Shopping-Cart 4.0.12 Reflected XSS v… |
Virtuemart |
Cart |
2026-04-09T20:54:51.782Z | 2026-04-13T15:00:12.340Z |
| cve-2023-54361 | 5.1 (v4.0) 6.1 (v3.1) | Joomla iProperty Real Estate 4.1.1 Reflected XSS via f… |
Thethinkery |
Joomla iProperty Real Estate |
2026-04-09T20:54:51.052Z | 2026-04-10T14:06:28.536Z |
| cve-2023-54360 | 5.1 (v4.0) 6.1 (v3.1) | Joomla JLex Review 6.0.1 Reflected XSS via review_id P… |
Jlexart |
Joomla JLex Review |
2026-04-09T20:54:50.323Z | 2026-04-13T20:23:08.773Z |
| cve-2023-54359 | 8.8 (v4.0) 8.2 (v3.1) | WordPress adivaha Travel Plugin 2.3 SQL Injection via pid |
Adivaha |
WordPress adivaha Travel Plugin |
2026-04-09T20:54:49.464Z | 2026-04-14T14:49:14.120Z |
| cve-2023-54358 | 5.1 (v4.0) 6.1 (v3.1) | WordPress adivaha Travel Plugin 2.3 Reflected XSS via … |
Adivaha |
WordPress adivaha Travel Plugin |
2026-04-09T20:54:48.665Z | 2026-04-10T18:10:15.754Z |
| cve-2026-5979 | D-Link DIR-605L POST Request formVirtualServ buffer overflow |
D-Link |
DIR-605L |
2026-04-09T20:45:15.856Z | 2026-04-10T18:08:05.848Z | |
| cve-2026-5978 | Totolink A7100RU CGI cstecgi.cgi setWiFiAclRules os co… |
Totolink |
A7100RU |
2026-04-09T20:30:15.179Z | 2026-04-14T16:34:03.036Z | |
| cve-2026-40093 | nimiq-blockchain is missing a wall-clock upper bound o… |
nimiq |
core-rs-albatross |
2026-04-09T20:29:46.026Z | 2026-04-13T15:38:14.634Z | |
| cve-2026-5977 | Totolink A7100RU CGI cstecgi.cgi setWiFiBasicCfg os co… |
Totolink |
A7100RU |
2026-04-09T20:15:14.227Z | 2026-04-14T14:48:40.525Z | |
| cve-2026-5447 | 6.3 (v4.0) | Heap buffer overflow in CertFromX509() via AuthorityKe… |
wolfSSL |
wolfSSL |
2026-04-09T20:13:34.398Z | 2026-04-10T18:07:28.848Z |
| cve-2026-4436 | 8.6 (v3.1) | GPL Odorizers GPL750 Missing Authentication for Critic… |
GPL Odorizers |
GPL750 (XL4) |
2026-04-09T20:04:26.208Z | 2026-04-14T14:04:53.417Z |
| cve-2026-5976 | Totolink A7100RU CGI cstecgi.cgi setStorageCfg os comm… |
Totolink |
A7100RU |
2026-04-09T20:00:21.322Z | 2026-04-13T20:21:31.141Z | |
| cve-2025-13926 | 9.8 (v3.1) 9.3 (v4.0) | Contemporary Controls BASC 20T Reliance on Untrusted I… |
Contemporary Controls |
BASControl20 |
2026-04-09T19:47:17.841Z | 2026-04-10T14:11:21.320Z |
| cve-2026-5187 | 2.3 (v4.0) | Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL |
wolfSSL |
wolfSSL |
2026-04-09T19:45:39.937Z | 2026-04-14T14:04:53.585Z |
| cve-2026-5975 | Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command … |
Totolink |
A7100RU |
2026-04-09T19:45:18.440Z | 2026-04-09T20:10:54.661Z | |
| cve-2026-40088 | Improper Neutralization of Special Elements used in an… |
MervinPraison |
PraisonAI |
2026-04-09T19:45:13.203Z | 2026-04-09T20:14:56.938Z | |
| cve-2026-40089 | Sonicverse has Server-Side Request Forgery via user-co… |
sonicverse-eu |
audiostreaming-stack |
2026-04-09T19:43:09.606Z | 2026-04-13T20:20:37.737Z | |
| cve-2026-35577 | Missing Host Header Validation in Apollo MCP Server fo… |
apollographql |
apollo-mcp-server |
2026-04-09T19:40:25.604Z | 2026-04-13T15:38:20.875Z | |
| cve-2026-34500 | Apache Tomcat: OCSP checks sometimes soft-fail with FF… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:36:52.857Z | 2026-04-10T14:22:31.310Z | |
| cve-2026-34487 | Apache Tomcat: Cloud membership for clustering compone… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:36:12.048Z | 2026-04-10T17:49:44.314Z | |
| cve-2026-34486 | Apache Tomcat: Fix for CVE-2026-29146 allowed bypass o… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:35:35.994Z | 2026-04-10T20:20:56.605Z | |
| cve-2026-40087 | LangChain has incomplete f-string validation in prompt… |
langchain-ai |
langchain |
2026-04-09T19:34:55.198Z | 2026-04-14T14:48:03.160Z | |
| cve-2026-34483 | Apache Tomcat: Incomplete escaping of JSON access logs |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:30:28.874Z | 2026-04-10T20:17:38.858Z | |
| cve-2026-5194 | 9.3 (v4.0) | wolfSSL ECDSA Certificate Verification |
wolfSSL |
wolfSSL |
2026-04-09T19:30:24.095Z | 2026-04-22T03:55:45.778Z |
| cve-2026-5974 | FoundationAgents MetaGPT terminal.py Bash.run os comma… |
FoundationAgents |
MetaGPT |
2026-04-09T19:30:15.216Z | 2026-04-09T20:17:26.123Z | |
| cve-2026-40077 | Beszel has an IDOR in hub API endpoints that read syst… |
henrygd |
beszel |
2026-04-09T19:27:39.364Z | 2026-04-13T20:19:45.967Z | |
| cve-2026-32990 | Apache Tomcat: Fix for CVE-2025-66614 is incomplete |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:23:49.618Z | 2026-04-10T18:39:25.498Z | |
| cve-2026-29146 | Apache Tomcat: EncryptInterceptor vulnerable to paddin… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:21:57.289Z | 2026-04-10T18:17:59.908Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2012-000100 | Pebble vulnerable to open redirect | 2012-11-02T14:23+09:00 | 2012-11-02T14:23+09:00 |
| jvndb-2012-000099 | Pebble vulnerable to HTTP header injection | 2012-11-02T14:21+09:00 | 2012-11-02T14:21+09:00 |
| jvndb-2012-000098 | Pebble vulnerability where entries may become unviewable | 2012-11-02T14:20+09:00 | 2012-11-02T14:20+09:00 |
| jvndb-2012-000097 | MosP kintai kanri vulnerable to authentication bypass | 2012-11-02T14:18+09:00 | 2012-11-02T14:18+09:00 |
| jvndb-2012-000096 | MosP kintai kanri fails to restrict access permissions | 2012-11-02T14:16+09:00 | 2012-11-02T14:16+09:00 |
| jvndb-2012-000095 | Mac OS X OpenSSH vulnerable to denial-of-service (DoS) | 2012-10-31T15:01+09:00 | 2012-10-31T15:01+09:00 |
| jvndb-2012-000093 | Tokyo BBS vulnerable to cross-site scripting | 2012-10-26T14:00+09:00 | 2012-10-26T14:00+09:00 |
| jvndb-2012-000088 | Safari vulnerable to local file content disclosure | 2012-10-23T14:57+09:00 | 2012-10-23T14:57+09:00 |
| jvndb-2012-000094 | Smarty vulnerable to cross-site scripting | 2012-10-10T14:45+09:00 | 2012-10-10T14:45+09:00 |
| jvndb-2012-000092 | MyWebSearch vulnerable to cross-site scripting | 2012-10-05T16:49+09:00 | 2012-10-05T16:49+09:00 |
| jvndb-2012-000091 | jigbrowser+ for Android vulnerable in the WebView class | 2012-09-28T12:20+09:00 | 2012-09-28T12:20+09:00 |
| jvndb-2012-000090 | Trend Micro Control Manager vulnerable to SQL injection | 2012-09-27T12:43+09:00 | 2012-09-27T12:43+09:00 |
| jvndb-2012-000089 | ATOK for Android issue in the access permissions for the learning information file | 2012-09-25T13:40+09:00 | 2012-09-25T13:40+09:00 |
| jvndb-2012-000087 | myLittleAdmin for SQL Server 2000 vulnerable to arbitrary script execution | 2012-09-20T12:33+09:00 | 2012-09-20T12:33+09:00 |
| jvndb-2012-000086 | Email Anti-virus (formerly WebShield SMTP) vulnerable to denial-of-service | 2012-09-20T12:31+09:00 | 2012-09-20T12:31+09:00 |
| jvndb-2012-000085 | KUNAI Browser for Remote Service beta vulnerable in the WebView class | 2012-09-13T13:51+09:00 | 2012-09-13T13:51+09:00 |
| jvndb-2012-000084 | Cybozu KUNAI for Android vulnerable in the WebView class | 2012-09-07T16:40+09:00 | 2012-09-07T16:40+09:00 |
| jvndb-2012-000083 | Cybozu KUNAI for Android vulnerable to arbitrary Java method execution | 2012-09-07T16:39+09:00 | 2012-09-07T16:39+09:00 |
| jvndb-2012-000082 | Cybozu Live for Android vulnerable in the WebView class | 2012-09-03T10:41+09:00 | 2012-09-03T10:41+09:00 |
| jvndb-2012-000081 | Cybozu Live for Android vulnerable to arbitrary Java method execution | 2012-09-03T10:34+09:00 | 2012-09-03T10:34+09:00 |
| jvndb-2012-000080 | Opera address bar spoofing vulnerability | 2012-08-30T14:00+09:00 | 2013-06-26T13:48+09:00 |
| jvndb-2012-000079 | Adobe Reader fails to properly handle signatures | 2012-08-30T13:57+09:00 | 2014-05-23T18:34+09:00 |
| jvndb-2012-000078 | mixi for Android information management vulnerability | 2012-08-17T15:58+09:00 | 2012-08-17T15:58+09:00 |
| jvndb-2012-000077 | Multiple GREE Android applications vulnerable in the WebView class | 2012-08-17T15:52+09:00 | 2012-08-17T15:52+09:00 |
| jvndb-2012-003525 | Cross-site Scripting Vulnerability in JP1/Integrated Management - Service Support | 2012-08-10T15:05+09:00 | 2012-08-10T15:05+09:00 |
| jvndb-2012-000076 | Sleipnir Mobile for Android vulnerable to arbitrary script execution | 2012-08-08T14:43+09:00 | 2012-08-08T14:43+09:00 |
| jvndb-2012-000075 | Sleipnir Mobile for Android vulnerable to arbitrary Java method execution | 2012-08-08T14:39+09:00 | 2012-08-08T14:39+09:00 |
| jvndb-2012-000074 | LINE for Android vulnerable in handling of implicit intents | 2012-08-07T13:33+09:00 | 2012-08-07T13:33+09:00 |
| jvndb-2012-000073 | GoodReader vulnerable to cross-site scripting | 2012-08-02T14:46+09:00 | 2012-08-02T14:46+09:00 |
| jvndb-2012-000072 | Yahoo! Toolbar (for Chrome, Safari) vulnerable to toolbar alteration | 2012-07-30T14:56+09:00 | 2012-08-02T16:33+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0348 | Vulnérabilité dans les produits MongoDB | 2024-04-25T00:00:00.000000 | 2024-04-25T00:00:00.000000 |
| certfr-2024-avi-0347 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-04-25T00:00:00.000000 |
| certfr-2024-avi-0346 | Multiples vulnérabilités dans GitLab | 2024-04-25T00:00:00.000000 | 2024-04-25T00:00:00.000000 |
| certfr-2024-avi-0345 | Vulnérabilité dans les produits Palo Alto Networks | 2024-04-25T00:00:00.000000 | 2024-04-25T00:00:00.000000 |
| certfr-2024-avi-0344 | Multiples vulnérabilités dans les produits Mitel | 2024-04-25T00:00:00.000000 | 2024-04-25T00:00:00.000000 |
| certfr-2024-avi-0343 | Multiples vulnérabilités dans Google Chrome | 2024-04-24T00:00:00.000000 | 2024-04-24T00:00:00.000000 |
| certfr-2024-avi-0342 | Multiples vulnérabilités dans NagiosXI | 2024-04-24T00:00:00.000000 | 2024-04-24T00:00:00.000000 |
| certfr-2024-avi-0341 | Multiples vulnérabilités dans Synacor Zimbra Collaboration | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0340 | Multiples vulnérabilités dans les produits Moxa | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0339 | Vulnérabilité dans Microsoft Edge | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0338 | Vulnérabilité dans Siemens RUGGEDCOM APE1808 | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0337 | Multiples vulnérabilités dans Mozilla Thunderbird | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0336 | Multiples vulnérabilités dans les produits OwnCloud | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0335 | Vulnérabilité dans SolarWinds Platform | 2024-04-22T00:00:00.000000 | 2024-04-22T00:00:00.000000 |
| certfr-2024-avi-0334 | Multiples vulnérabilités dans le noyau Linux de Debian | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0333 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0332 | Multiples vulnérabilités dans les produits Red Hat | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0331 | Multiples vulnérabilités dans SolarWinds Platform | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0330 | Multiples vulnérabilités dans les produits IBM | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0329 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0328 | Vulnérabilité dans Citrix uberAgent | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0327 | Multiples vulnérabilités dans Microsoft Edge | 2024-04-19T00:00:00.000000 | 2024-04-19T00:00:00.000000 |
| certfr-2024-avi-0326 | Multiples vulnérabilités dans Oracle MySQL | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0325 | Multiples vulnérabilités dans Oracle PeopleSoft | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0324 | Multiples vulnérabilités dans Oracle Systems | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0323 | Multiples vulnérabilités dans Oracle Weblogic | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0322 | Multiples vulnérabilités dans Oracle Database Server | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0321 | Multiples vulnérabilités dans Oracle Java SE | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0320 | Multiples vulnérabilités dans Oracle VirtualBox | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0319 | Multiples vulnérabilités dans les produits Cisco | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |