Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-29145 | Apache Tomcat, Apache Tomcat Native: OCSP checks somet… |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:20:24.601Z | 2026-04-10T18:11:31.014Z | |
| cve-2026-29129 | Apache Tomcat: TLS cipher order is not preserved |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:19:40.645Z | 2026-04-10T18:06:45.771Z | |
| cve-2026-5973 | FoundationAgents MetaGPT common.py get_mime_type os co… |
FoundationAgents |
MetaGPT |
2026-04-09T19:15:13.464Z | 2026-04-14T16:34:08.668Z | |
| cve-2026-25854 | Apache Tomcat: Occasionally open redirect |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:13:13.529Z | 2026-04-10T18:22:34.359Z | |
| cve-2026-24880 | Apache Tomcat: Request smuggling via invalid chunk extension |
Apache Software Foundation |
Apache Tomcat |
2026-04-09T19:12:10.730Z | 2026-04-10T18:33:49.308Z | |
| cve-2026-39977 | flatpak-builder has a path traversal leading to arbitr… |
flatpak |
flatpak-builder |
2026-04-09T19:05:23.616Z | 2026-04-09T20:19:28.323Z | |
| cve-2026-34734 | HDF5: H5T__conv_struct Use After Free |
HDFGroup |
hdf5 |
2026-04-09T19:01:21.794Z | 2026-04-13T20:47:37.724Z | |
| cve-2026-5972 | FoundationAgents MetaGPT terminal.py Terminal.run_comm… |
FoundationAgents |
MetaGPT |
2026-04-09T19:00:20.513Z | 2026-04-10T14:13:32.555Z | |
| cve-2026-35063 | 8.7 (v4.0) | Missing Authorization in OpenPLC_V3 |
OpenPLC_V3 |
OpenPLC_V3 |
2026-04-09T19:00:09.980Z | 2026-04-10T18:04:45.721Z |
| cve-2026-35556 | 9.2 (v4.0) | Plaintext storage of a password in OpenPLC_V3 |
OpenPLC_V3 |
OpenPLC_V3 |
2026-04-09T18:57:26.857Z | 2026-04-10T18:03:50.288Z |
| cve-2026-35195 | Wasmtime has an out-of-bounds write or crash when tran… |
bytecodealliance |
wasmtime |
2026-04-09T18:55:56.467Z | 2026-04-13T15:38:27.294Z | |
| cve-2026-28205 | 9.2 (v4.0) | Initialization of a resource with an insecure default … |
OpenPLC_V3 |
OpenPLC_V3 |
2026-04-09T18:54:58.694Z | 2026-04-10T18:02:22.971Z |
| cve-2026-35186 | Wasmtime has an improperly masked return value from `t… |
bytecodealliance |
wasmtime |
2026-04-09T18:54:48.760Z | 2026-04-13T20:18:21.954Z | |
| cve-2026-34988 | Wasmtime leaks data between pooling allocator instances |
bytecodealliance |
wasmtime |
2026-04-09T18:52:26.131Z | 2026-04-09T19:31:07.544Z | |
| cve-2026-34987 | Wasmtime with Winch compiler backend on aarch64 may al… |
bytecodealliance |
wasmtime |
2026-04-09T18:48:33.552Z | 2026-04-10T14:12:55.374Z | |
| cve-2026-34983 | Wasmtime has a use-after-free bug after cloning `wasmt… |
bytecodealliance |
wasmtime |
2026-04-09T18:47:26.575Z | 2026-04-13T15:38:33.779Z | |
| cve-2026-34971 | Wasmtime miscompiled guest heap access enables sandbox… |
bytecodealliance |
wasmtime |
2026-04-09T18:45:44.819Z | 2026-04-13T20:17:15.215Z | |
| cve-2026-34946 | Wasmtime's host panics when Winch compiler executes `t… |
bytecodealliance |
wasmtime |
2026-04-09T18:43:39.137Z | 2026-04-09T19:33:33.709Z | |
| cve-2026-34945 | Wasmtime leaks host data with 64-bit tables and Winch |
bytecodealliance |
wasmtime |
2026-04-09T18:40:48.446Z | 2026-04-10T14:12:18.460Z | |
| cve-2026-34944 | Wasmtime segfault or unused out-of-sandbox load with `… |
bytecodealliance |
wasmtime |
2026-04-09T18:38:16.182Z | 2026-04-13T15:38:40.634Z | |
| cve-2026-34943 | Wasmtime panics when lifting `flags` component value |
bytecodealliance |
wasmtime |
2026-04-09T18:36:51.370Z | 2026-04-13T20:15:23.994Z | |
| cve-2026-39912 | 9.1 (v4.0) 9.1 (v3.1) | v2board / Xboard Authentication Token Exposure via log… |
v2board |
v2board |
2026-04-09T18:35:35.569Z | 2026-04-13T15:38:46.529Z |
| cve-2026-34942 | Wasmtime panics when transcoding misaligned utf-16 strings |
bytecodealliance |
wasmtime |
2026-04-09T18:32:56.456Z | 2026-04-09T19:36:13.614Z | |
| cve-2026-34941 | Wasmtime has a Heap OOB read in component model UTF-16… |
bytecodealliance |
wasmtime |
2026-04-09T18:29:30.730Z | 2026-04-10T14:11:52.558Z | |
| cve-2026-1584 | 7.5 (v3.1) | Gnutls: gnutls: remote denial of service via crafted c… |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-04-09T18:00:21.184Z | 2026-04-10T14:09:52.720Z |
| cve-2026-5971 | FoundationAgents MetaGPT XML action_node.py ActionNode… |
FoundationAgents |
MetaGPT |
2026-04-09T18:00:19.828Z | 2026-04-13T20:14:17.735Z | |
| cve-2026-39911 | 8.7 (v4.0) 8.8 (v3.1) | Hashgraph Guardian 3.5.0 Unsandboxed JavaScript Execut… |
hashgraph |
guardian |
2026-04-09T17:57:20.440Z | 2026-04-09T18:20:09.279Z |
| cve-2026-39315 | Unhead has a hasDangerousProtocol() bypass via leading… |
unjs |
unhead |
2026-04-09T17:54:07.488Z | 2026-04-13T15:38:52.507Z | |
| cve-2026-5329 | 8.5 (v3.1) | Rapid7 Velociraptor Improper Input Validation in Clien… |
Rapid7 |
Velociraptor |
2026-04-09T17:52:05.885Z | 2026-04-16T17:55:09.212Z |
| cve-2026-35207 | deepinid plugin in dde-control-center is configured to… |
linuxdeepin |
dde-control-center |
2026-04-09T17:48:07.637Z | 2026-04-13T20:13:07.926Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2012-000009 | Multiple web browsers vulnerable in processing Tranfer-Encoding header | 2012-07-30T14:53+09:00 | 2012-07-30T14:53+09:00 |
| jvndb-2012-000071 | Sleipnir Mobile for Android vulnerable in the WebView class | 2012-07-24T14:05+09:00 | 2012-07-24T14:05+09:00 |
| jvndb-2012-003244 | Privilege escalation vulnerability in Hitachi JP1/NETM/DM | 2012-07-23T17:13+09:00 | 2012-07-23T17:13+09:00 |
| jvndb-2012-000070 | Yahoo! Browser vulnerable in the WebView class | 2012-07-13T15:00+09:00 | 2012-07-20T12:12+09:00 |
| jvndb-2012-000069 | Movable Type plugin MT4i vulnerable to cross-site scripting | 2012-07-06T17:24+09:00 | 2012-07-06T17:24+09:00 |
| jvndb-2012-000068 | YY-BOARD vulnerable to cross-site scripting | 2012-07-06T17:19+09:00 | 2012-07-06T17:19+09:00 |
| jvndb-2012-000067 | Movable Type plugin MT4i vulnerable to cross-site scripting | 2012-07-06T17:14+09:00 | 2012-07-06T17:14+09:00 |
| jvndb-2012-000066 | Ruby hash table implementation vulnerable to denial-of-service | 2012-07-06T17:11+09:00 | 2012-07-06T17:11+09:00 |
| jvndb-2012-000064 | Yome Collection for Android issue in management of IMEI | 2012-07-03T14:57+09:00 | 2012-07-03T14:57+09:00 |
| jvndb-2012-000065 | Zenphoto vulnerable to cross-site scripting | 2012-07-03T14:49+09:00 | 2012-07-03T14:49+09:00 |
| jvndb-2012-000063 | Python SimpleHTTPServer vulnerable to cross-site scripting | 2012-06-19T14:38+09:00 | 2012-12-26T18:01+09:00 |
| jvndb-2012-000061 | WEB PATIO vulnerable to cross-site scripting | 2012-06-19T14:31+09:00 | 2012-06-19T14:31+09:00 |
| jvndb-2012-000060 | SmallPICT vulnerable to cross-site scripting | 2012-06-19T14:00+09:00 | 2012-06-19T14:00+09:00 |
| jvndb-2012-000062 | WEB PATIO vulnerable to cross-site scripting | 2012-06-19T12:35+09:00 | 2012-06-19T12:35+09:00 |
| jvndb-2012-000057 | Dolphin Browser vulnerable in the WebView class | 2012-06-14T14:20+09:00 | 2012-06-14T14:20+09:00 |
| jvndb-2012-000046 | Flash Player issue in implementations of the Same Origin Policy | 2012-06-11T15:05+09:00 | 2012-06-13T16:39+09:00 |
| jvndb-2012-000056 | FeedDemon vulnerable to arbitrary script execution | 2012-06-07T15:39+09:00 | 2012-06-07T15:39+09:00 |
| jvndb-2012-000059 | SEIL series fail to restrict access permissions | 2012-06-06T12:39+09:00 | 2012-06-06T12:39+09:00 |
| jvndb-2012-000058 | WordPress plugin WassUp vulnerable to cross-site scripting | 2012-06-06T12:29+09:00 | 2012-06-06T12:29+09:00 |
| jvndb-2012-000055 | @WEB ShoppingCart vulnerable to cross-site scripting | 2012-06-05T14:04+09:00 | 2012-06-05T14:04+09:00 |
| jvndb-2012-000054 | Puella Magi Madoka Magica iP for Android vulnerable to information disclosure | 2012-06-01T14:09+09:00 | 2012-06-01T14:09+09:00 |
| jvndb-2012-000053 | Segue vulnerable to SQL injection | 2012-06-01T14:06+09:00 | 2012-06-01T14:06+09:00 |
| jvndb-2012-000052 | Segue vulnerable to cross-site scripting | 2012-06-01T14:03+09:00 | 2012-06-01T14:03+09:00 |
| jvndb-2012-000051 | Logitec LAN-W300N/R series fails to restrict access permissions | 2012-05-25T15:50+09:00 | 2012-05-25T15:50+09:00 |
| jvndb-2012-000050 | Roundcube Webmail vulnerable to cross-site scripting | 2012-05-25T15:43+09:00 | 2012-05-25T15:43+09:00 |
| jvndb-2012-000049 | Opera fails to verify SSL server certificates | 2012-05-25T15:40+09:00 | 2012-07-26T17:31+09:00 |
| jvndb-2012-000048 | RSSOwl vulnerable to arbitrary script execution | 2012-05-25T15:37+09:00 | 2012-05-25T15:37+09:00 |
| jvndb-2012-000047 | Sybase EAServer vulnerable to cross-site scripting | 2012-05-25T15:34+09:00 | 2012-05-25T15:34+09:00 |
| jvndb-2012-000044 | iLunascape for Android vulnerable in the WebView class | 2012-05-21T13:56+09:00 | 2012-05-21T13:56+09:00 |
| jvndb-2012-000045 | Drupal Form API fails to validate the redirect URL | 2012-05-17T13:55+09:00 | 2012-05-17T13:55+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0318 | Multiples vulnérabilités dans les produits Mitel | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0317 | Vulnérabilité dans Cisco ClamAV | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0316 | Vulnérabilité dans les produits Xen | 2024-04-18T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0315 | Vulnérabilité dans SolarWinds Serv-U | 2024-04-17T00:00:00.000000 | 2024-04-17T00:00:00.000000 |
| certfr-2024-avi-0314 | Multiples vulnérabilités dans Ivanti Avalanche | 2024-04-17T00:00:00.000000 | 2024-04-17T00:00:00.000000 |
| certfr-2024-avi-0313 | Multiples vulnérabilités dans Google Chrome | 2024-04-17T00:00:00.000000 | 2024-04-17T00:00:00.000000 |
| certfr-2024-avi-0312 | Multiples vulnérabilités dans les produits Atlassian | 2024-04-17T00:00:00.000000 | 2024-04-18T00:00:00.000000 |
| certfr-2024-avi-0311 | Multiples vulnérabilités dans les produits Mozilla | 2024-04-17T00:00:00.000000 | 2024-04-17T00:00:00.000000 |
| certfr-2024-avi-0310 | Vulnérabilité dans les produits Juniper | 2024-04-16T00:00:00.000000 | 2024-04-16T00:00:00.000000 |
| certfr-2024-avi-0309 | Vulnérabilité dans Stormshield Network Security | 2024-04-16T00:00:00.000000 | 2024-04-16T00:00:00.000000 |
| certfr-2024-avi-0308 | Vulnérabilité dans Stormshield Network Security | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-avi-0307 | Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-avi-0306 | Multiples vulnérabilités dans Microsoft Edge | 2024-04-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-avi-0305 | Multiples vulnérabilités dans les produits IBM | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0304 | Multiples vulnérabilités dans Debian LTS buster | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0303 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0302 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0301 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0300 | Multiples vulnérabilités dans PHP | 2024-04-12T00:00:00.000000 | 2024-04-12T00:00:00.000000 |
| certfr-2024-avi-0299 | Multiples vulnérabilités dans les produits Citrix | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0298 | Vulnérabilité dans Spring Framework | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0297 | Multiples vulnérabilités dans Juniper | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0296 | Multiples vulnérabilités dans GitLab | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0295 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0294 | Multiples vulnérabilités dans Google Chrome | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0293 | Multiples vulnérabilités dans Mitel MiCollab | 2024-04-11T00:00:00.000000 | 2024-04-11T00:00:00.000000 |
| certfr-2024-avi-0292 | Multiples vulnérabilités dans les produits Microsoft | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0291 | Multiples vulnérabilités dans Microsoft Azure | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0290 | Vulnérabilité dans Microsoft .Net | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |
| certfr-2024-avi-0289 | Multiples vulnérabilités dans Microsoft Windows | 2024-04-10T00:00:00.000000 | 2024-04-10T00:00:00.000000 |