Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2026-35383 | Bentley Systems iTwin Platform exposed access token |
Bentley Systems |
iTwin Platform |
2026-04-02T19:04:09.008Z | 2026-04-14T14:04:32.831Z | |
| cve-2026-36235 | N/A | A SQL injection vulnerability was found in the sc… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T14:04:25.315Z |
| cve-2026-36234 | N/A | itsourcecode Online Student Enrollment System v1.… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T14:02:19.446Z |
| cve-2026-33706 | Chamilo LMS has a REST API Self-Privilege Escalation (… |
chamilo |
chamilo-lms |
2026-04-10T18:51:23.824Z | 2026-04-14T14:02:07.696Z | |
| cve-2025-67246 | N/A | A local information disclosure vulnerability exis… |
n/a |
n/a |
2026-01-15T00:00:00.000Z | 2026-04-14T14:01:51.110Z |
| cve-2026-23782 | N/A | An issue was discovered in BMC Control-M/MFT 9.0.… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T14:00:37.511Z |
| cve-2026-6108 | 1Panel-dev MaxKB Model Context Protocol Node base_mcp_… |
1Panel-dev |
MaxKB |
2026-04-12T01:00:19.735Z | 2026-04-14T14:00:16.365Z | |
| cve-2026-6113 | Totolink A7100RU CGI cstecgi.cgi setTtyServiceCfg os c… |
Totolink |
A7100RU |
2026-04-12T03:00:20.188Z | 2026-04-14T13:58:57.661Z | |
| cve-2026-6118 | AstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_serv… |
AstrBotDevs |
AstrBot |
2026-04-12T04:45:09.857Z | 2026-04-14T13:56:56.956Z | |
| cve-2026-23780 | N/A | An issue was discovered in BMC Control-M/MFT 9.0.… |
n/a |
n/a |
2026-04-10T00:00:00.000Z | 2026-04-14T13:56:44.167Z |
| cve-2026-6192 | uclouvain openjpeg pi.c opj_pi_initialise_encode integ… |
uclouvain |
openjpeg |
2026-04-13T16:45:11.772Z | 2026-04-14T13:56:25.079Z | |
| cve-2026-6187 | SourceCodester Pharmacy Sales and Inventory System aja… |
SourceCodester |
Pharmacy Sales and Inventory System |
2026-04-13T15:30:13.857Z | 2026-04-14T13:54:33.214Z | |
| cve-2026-5894 | N/A | Inappropriate implementation in PDF in Google Chr… |
Google |
Chrome |
2026-04-08T21:20:56.746Z | 2026-04-14T13:54:04.406Z |
| cve-2026-33659 | EspoCRM: SSRF via DNS Rebinding in Attachment fromImag… |
espocrm |
espocrm |
2026-04-13T20:32:07.072Z | 2026-04-14T13:52:31.103Z | |
| cve-2026-5892 | N/A | Insufficient policy enforcement in PWAs in Google… |
Google |
Chrome |
2026-04-08T21:20:54.153Z | 2026-04-14T13:51:34.286Z |
| cve-2026-33901 | ImageMagick has a Heap Buffer Overflow via MVG decoder |
ImageMagick |
ImageMagick |
2026-04-13T20:56:12.307Z | 2026-04-14T13:51:00.488Z | |
| cve-2026-0233 | 2 (v4.0) | Autonomous Digital Experience Manager: Improper valida… |
Palo Alto Networks |
Autonomous Digital Experience Manager |
2026-04-13T07:17:34.585Z | 2026-04-14T13:49:34.873Z |
| cve-2026-4365 | LearnPress <= 4.3.2.8 - Missing Authorization to Unaut… |
thimpress |
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses |
2026-04-14T01:24:59.735Z | 2026-04-14T13:48:54.581Z | |
| cve-2026-34238 | ImageMagick: Integer overflow in despeckle operation c… |
ImageMagick |
ImageMagick |
2026-04-13T21:14:07.180Z | 2026-04-14T13:46:39.542Z | |
| cve-2026-33892 | A vulnerability has been identified in Industrial… |
Siemens |
Industrial Edge Management Pro V1 |
2026-04-14T08:40:46.807Z | 2026-04-14T13:46:34.636Z | |
| cve-2026-25654 | A vulnerability has been identified in SINEC NMS … |
Siemens |
SINEC NMS |
2026-04-14T08:40:41.053Z | 2026-04-14T13:46:23.821Z | |
| cve-2026-6220 | HummerRisk Video File Download URL ServerService.java … |
n/a |
HummerRisk |
2026-04-13T21:00:14.084Z | 2026-04-14T13:45:56.944Z | |
| cve-2026-3017 | Smart Post Show – Post Grid, Post Carousel & Slider, a… |
shapedplugin |
Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts |
2026-04-14T05:30:32.830Z | 2026-04-14T13:44:18.666Z | |
| cve-2026-39979 | jq: Out-of-Bounds Read in jv_parse_sized() Error Forma… |
jqlang |
jq |
2026-04-13T22:18:56.252Z | 2026-04-14T13:43:15.227Z | |
| cve-2025-40745 | A vulnerability has been identified in Siemens So… |
Siemens |
Siemens Software Center |
2026-04-14T08:40:38.637Z | 2026-04-14T13:38:29.751Z | |
| cve-2026-39417 | MaxKB: RCE via MCP stdio command injection in workflow… |
1Panel-dev |
MaxKB |
2026-04-14T00:03:16.020Z | 2026-04-14T13:34:07.454Z | |
| cve-2026-39422 | MaxKB has Stored XSS via ChatHeadersMiddleware |
1Panel-dev |
MaxKB |
2026-04-14T00:22:50.958Z | 2026-04-14T13:32:41.804Z | |
| cve-2026-33455 | Livestatus injection in monitoring quicksearch |
Checkmk GmbH |
Checkmk |
2026-04-10T08:30:20.089Z | 2026-04-14T13:30:16.535Z | |
| cve-2026-33456 | Potential livestatus injection in notification test |
Checkmk GmbH |
Checkmk |
2026-04-10T08:31:27.807Z | 2026-04-14T13:29:54.362Z | |
| cve-2025-6020 | 7.8 (v3.1) | Linux-pam: linux-pam directory traversal |
|
|
2025-06-17T12:44:08.646Z | 2026-04-14T13:29:52.760Z |
| ID | Description | Updated |
|---|
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2011-000036 | Microsoft Windows VBScript implementation file name disclosure vulnerability | 2011-06-16T12:11+09:00 | 2011-06-16T12:11+09:00 |
| jvndb-2008-000072 | Movable Type cross-site scripting vulnerability | 2008-10-21T19:25+09:00 | 2011-05-31T10:57+09:00 |
| jvndb-2011-000024 | Multiple Yamaha routers vulnerable to denial-of-service (DoS) | 2011-05-11T08:32+09:00 | 2011-05-31T10:39+09:00 |
| jvndb-2011-000032 | WalRack upload file handilng vulnerability | 2011-05-26T13:37+09:00 | 2011-05-26T13:37+09:00 |
| jvndb-2011-000031 | Movable Type vulnerable to cross-site scripting | 2011-05-25T17:37+09:00 | 2011-05-25T17:37+09:00 |
| jvndb-2011-000030 | iVIEW Suite vulnerable to SQL injection | 2011-05-19T16:49+09:00 | 2011-05-19T16:49+09:00 |
| jvndb-2011-000028 | Virus Buster 2009 key input encryption function vulnerability | 2011-05-17T17:17+09:00 | 2011-05-17T17:17+09:00 |
| jvndb-2011-000026 | Applications that use the Windows Help function may be vulnerable to privilege escalation | 2011-05-13T19:36+09:00 | 2011-05-13T19:36+09:00 |
| jvndb-2011-000027 | La Fonera+ vulnerable to denial-of-service (DoS) | 2011-05-13T19:17+09:00 | 2011-05-13T19:17+09:00 |
| jvndb-2011-000029 | EC-CUBE vulnerable to cross-site request forgery | 2011-05-11T08:44+09:00 | 2011-05-11T08:44+09:00 |
| jvndb-2011-000025 | Multiple Buffalo routers vulnerable to cross-site request forgery | 2011-05-11T08:37+09:00 | 2011-05-11T08:37+09:00 |
| jvndb-2011-000023 | Password Vault Web Access vulnerable to cross-site scripting | 2011-04-08T14:09+09:00 | 2011-04-08T14:09+09:00 |
| jvndb-2011-001156 | Hitachi Tuning Manager Software Cross-Site Scripting Vulnerability | 2011-04-01T15:52+09:00 | 2011-04-01T15:52+09:00 |
| jvndb-2011-000022 | Picasa may insecurely load executable files | 2011-03-28T08:11+09:00 | 2011-03-28T08:11+09:00 |
| jvndb-2011-000021 | e107 vulnerable to cross-site scripting | 2011-03-28T08:06+09:00 | 2011-03-28T08:06+09:00 |
| jvndb-2011-001145 | JP1/NETM/DM Denial of Service (DoS) Vulnerability | 2011-03-08T10:25+09:00 | 2011-03-08T10:25+09:00 |
| jvndb-2011-000019 | OTRS vulnerable to OS command injection | 2011-03-07T18:19+09:00 | 2011-03-07T18:19+09:00 |
| jvndb-2011-000015 | Multiple Things CGI products vulnerable to cross-site scripting | 2011-03-02T17:27+09:00 | 2011-03-02T17:27+09:00 |
| jvndb-2011-000014 | SEIL Series routers vulnerable to buffer overflow | 2011-02-28T17:17+09:00 | 2011-02-28T17:17+09:00 |
| jvndb-2011-000012 | Lunascape may insecurely load executable files | 2011-02-23T15:41+09:00 | 2011-02-23T15:41+09:00 |
| jvndb-2011-000013 | F-Secure Internet Gatekeeper for Linux authentication issue | 2011-02-17T10:27+09:00 | 2011-02-17T10:27+09:00 |
| jvndb-2011-000011 | EC-CUBE vulnerable to cross-site scripting | 2011-02-02T14:54+09:00 | 2011-02-02T14:54+09:00 |
| jvndb-2011-000010 | Opera may insecurely load executable files | 2011-02-02T14:53+09:00 | 2011-02-02T14:53+09:00 |
| jvndb-2010-000054 | Flash Player access restriction bypass vulnerability | 2010-11-09T19:59+09:00 | 2011-02-01T16:22+09:00 |
| jvndb-2011-000009 | MODx Evolution vulnerable to directory traversal | 2011-01-26T15:52+09:00 | 2011-01-26T15:52+09:00 |
| jvndb-2011-000008 | MODx Evolution vulnerable to SQL injection | 2011-01-26T15:46+09:00 | 2011-01-26T15:46+09:00 |
| jvndb-2011-000004 | Lunascape may insecurely load dynamic libraries | 2011-01-21T18:30+09:00 | 2011-01-21T18:30+09:00 |
| jvndb-2011-000007 | Cisco Linksys WRT54GC vulnerable to buffer overflow | 2011-01-21T18:22+09:00 | 2011-01-21T18:22+09:00 |
| jvndb-2011-000006 | Cross-site scripting vulnerability in multiple Rocomotion products | 2011-01-18T17:51+09:00 | 2011-01-18T17:51+09:00 |
| jvndb-2011-000005 | Ruby Version Manager escape sequence injection vulnerability | 2011-01-18T17:49+09:00 | 2011-01-18T17:49+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2024-avi-0143 | Multiples vulnérabilités dans le noyau Linux Ubuntu | 2024-02-16T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2024-avi-0142 | Vulnérabilité dans NetApp SnapCenter | 2024-02-16T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2024-avi-0141 | Vulnérabilité dans Liferay | 2024-02-16T00:00:00.000000 | 2024-02-16T00:00:00.000000 |
| certfr-2024-avi-0140 | Multiples vulnérabilités dans Liferay | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0138 | Vulnérabilité dans Stormshield Network Security | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0137 | Multiples vulnérabilités dans les produits F5 | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0136 | Vulnérabilité dans les produits ESET | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0135 | Vulnérabilité dans Squid | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0134 | Multiples vulnérabilités dans les produits Tenable | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0133 | Multiples vulnérabilités dans Nginx | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0132 | Vulnérabilité dans Grafana | 2024-02-15T00:00:00.000000 | 2024-02-15T00:00:00.000000 |
| certfr-2024-avi-0131 | Multiples vulnérabilités dans les produits Microsoft | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0130 | Multiples vulnérabilités dans Microsoft Azure | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0129 | Multiples vulnérabilités dans Microsoft .Net | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0128 | Multiples vulnérabilités dans Microsoft Windows | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0127 | Multiples vulnérabilités dans Microsoft Office | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0126 | Vulnérabilité dans Google Chrome | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0125 | Multiples vulnérabilités dans SAP | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0124 | Multiples vulnérabilités dans les produits Intel | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0123 | Multiples vulnérabilités dans les produits Adobe | 2024-02-14T00:00:00.000000 | 2024-02-14T00:00:00.000000 |
| certfr-2024-avi-0122 | Multiples vulnérabilités dans Bind | 2024-02-13T00:00:00.000000 | 2024-02-13T00:00:00.000000 |
| certfr-2024-avi-0121 | Multiples vulnérabilités dans Typo3 | 2024-02-13T00:00:00.000000 | 2024-02-13T00:00:00.000000 |
| certfr-2024-avi-0120 | Multiples vulnérabilités dans les produits Schneider | 2024-02-13T00:00:00.000000 | 2024-02-13T00:00:00.000000 |
| certfr-2024-avi-0119 | Multiples vulnérabilités dans les produits Siemens | 2024-02-13T00:00:00.000000 | 2024-02-13T00:00:00.000000 |
| certfr-2024-avi-0118 | Multiples vulnérabilités dans les produits Qnap | 2024-02-13T00:00:00.000000 | 2024-02-13T00:00:00.000000 |
| certfr-2024-avi-0117 | Multiples vulnérabilités dans SolarWinds Platform | 2024-02-12T00:00:00.000000 | 2024-02-12T00:00:00.000000 |
| certfr-2024-avi-0116 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0115 | Multiples vulnérabilités dans le noyau Linux de RedHat | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0114 | Multiples vulnérabilités dans le noyau Linux Ubuntu | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |
| certfr-2024-avi-0113 | Multiples vulnérabilités dans les produits IBM | 2024-02-09T00:00:00.000000 | 2024-02-09T00:00:00.000000 |