Vulnerability Database & Alerts

Platform	Affected Version(s)	Vulnerability	Severity	Full Post	Reporter	Date
Firefox for iOS	< 136	URL spoofing via redirect	medium	View or Download	UNDERCODE	2025-03-28
Nethermind Juno	< 0.12.5	Integer Overflow	high	View or Download	UNDERCODE	2025-03-29
DataEase	<2.10.6	Arbitrary File Read/Deserialization	critical	View or Download	UNDERCODE	2025-03-28
Wangmarket	v4.10-v5.0	CSRF	critical	View or Download	UNDERCODE	2025-03-28
Wangmarket	v4.10-v5.0	CSRF	medium	View or Download	UNDERCODE	2025-03-28
TUF (tough)	< 0.20.0	Incorrect delegation handling	critical	View or Download	UNDERCODE	2025-03-29
Vyper	<0.4.1	Iterator side-effects	critical	View or Download	UNDERCODE	2025-03-28
TUF Client	<0.20.0	Metadata Rollback	critical	View or Download	UNDERCODE	2025-03-29
PHPGurukul	3.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤2.2.16	Unauthorized user deletion	critical	View or Download	UNDERCODE	2025-03-28
Node.js	<18.16.1, <20.3.1	HTTP Smuggling	critical	View or Download	UNDERCODE	2023-06-22
Firefox, Thunderbird	< 136	Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤0.9	CSRF	medium	View or Download	UNDERCODE	2025-03-28
Vyper	<0.4.1	DynArray Bypass	critical	View or Download	UNDERCODE	2025-03-28
PHPGurukul	3.3	HTML Injection	medium	View or Download	UNDERCODE	2025-03-28
Vyper	<0.4.1	Precision Error	medium	View or Download	UNDERCODE	2025-03-28
Code-projects Online Scheduling	V1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-03-28
TUF Repository	< 0.20.0	Cyclical Delegation	critical	View or Download	UNDERCODE	2025-03-29
WordPress	≤ 2.2.16	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
Firefox/Firefox ESR/Thunderbird	122–136 / <128.8	Out-of-bounds access	critical	View or Download	UNDERCODE	2025-03-28
Node.js	<1.16.4, 2.0.0-2.1.1, 3.0.0-3.0.6	Path Traversal	high	View or Download	UNDERCODE	2025-03-27
Stencil	<2.3.0	Zip Slip	medium	View or Download	UNDERCODE	2023-01-15
PHPGurukul Land Record	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
SeaCMS	v13.3	RCE	critical	View or Download	UNDERCODE	2025-03-28
Seacms	<=13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
SeaCMS	<=13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
SeaCMS	v13.3	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-28
Seacms	<13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
Devolutions Server	<=2024.3.12	Auth bypass	critical	View or Download	UNDERCODE	2025-03-28
Nginx	1.25.0-1.25.3	HTTP Smuggling	critical	View or Download	UNDERCODE	2023-12-14
Devolutions Server	≤ 2024.3.13	SSH password exposure	medium	View or Download	UNDERCODE	2025-03-28
Node.js	12.x, 14.x, 16.x	HTTP/2 RCE	critical	View or Download	UNDERCODE	2021-09-29
Publify		Stored XSS	medium	View or Download	UNDERCODE	2023-01-15
WordPress	≤ 2.6.2	Arbitrary File Download	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 0.8.2	Reflected XSS	medium	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 3.1.8	Reflected XSS	medium	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 3.1.8	LFI	critical	View or Download	UNDERCODE	2025-03-28
TUF (tough)	< 0.20.0	Metadata Rollback	medium	View or Download	UNDERCODE	2025-03-28
TUF	<0.20.0	Metadata Rollback	critical	View or Download	UNDERCODE	2025-03-28
AimHub	3.25.0	DoS via API	medium	View or Download	UNDERCODE	2025-03-28
Lunary-AI	≤1.6.7	Stored XSS	critical	View or Download	UNDERCODE	2025-03-28
GitHub.com	<1.0.1	Path Traversal	moderate	View or Download	UNDERCODE	2025-03-28
Apache HTTP Server	2.4.49	Path Traversal/RCE	critical	View or Download	UNDERCODE	2021-10-05
Cisco ISE	3.2, 3.1	API auth bypass	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-03-28
Cisco ISE	3.2, 3.1	Stored XSS	critical	View or Download	UNDERCODE	2025-03-28
Ollama	≤0.3.14	Null Dereference	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 2.1.7	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-28
Dell Avamar	19.4+	Token Reuse	critical	View or Download	UNDERCODE	2025-03-28
Cisco ISE	3.1, 3.2	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 2.1.7	PHP Object Injection	critical	View or Download	UNDERCODE	2025-03-28
Node.js	12.x - 16.x	HTTP/2 RCE	critical	View or Download	UNDERCODE	2021-09-29
Synapse	≤1.127.0	DoS via malformed events	critical	View or Download	UNDERCODE	2025-03-27
Pitchfork	< 0.11.0	HTTP Response Splitting	critical	View or Download	UNDERCODE	2025-03-27
Apache Kylin	5.0.0 - 5.0.1	SSRF	low	View or Download	UNDERCODE	2025-03-27
Mesop	<=0.14.0	Class Pollution	critical	View or Download	UNDERCODE	2023-11-15
Vega/Vega-lite	<5.32.0	Prototype Pollution → XSS	critical	View or Download	UNDERCODE	2025-03-27
Apache Kylin	4.0.0 - 5.0.1	Code Injection	low	View or Download	UNDERCODE	2025-03-27
Node.js	12.x, 14.x, 16.x	RCE via HTTP/2	critical	View or Download	UNDERCODE	2021-09-29
MLflow	<2.19.0	Missing Password Enforcement	critical	View or Download	UNDERCODE	2025-03-27
Dell Chassis Management Controller	< 2.40.200.202101130302 (FX2), < 3.41.200.202209300499 (VRTX)	Stack-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8	MFA Bypass	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	10.4.x <= 10.4.2	Command Injection	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	<=10.4.2, <=10.3.3, <=9.11.8	Improper Access Control	medium	View or Download	UNDERCODE	2025-03-27
Mattermost	9.11.x <= 9.11.8	Privilege Escalation	medium	View or Download	UNDERCODE	2025-03-27
OpenSlides	<4.2.5	Timing attack	medium	View or Download	UNDERCODE	2025-03-27
xmedcon	0.25.0	Integer Underflow	medium	View or Download	UNDERCODE	2025-03-27
OpenSlides	<4.2.5	Stored XSS	critical	View or Download	UNDERCODE	2025-03-27
Vega	≤5.30.0	Arbitrary JS Execution	critical	View or Download	UNDERCODE	2025-03-27
OpenSlides	<4.2.5	Directory Traversal	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	<=10.4.2, <=10.3.3	MFA Bypass	critical	View or Download	UNDERCODE	2025-03-27
WordPress	≤ 3.2.1	Unauthenticated feature disable	medium	View or Download	UNDERCODE	2025-03-26
Westboy CicadasCMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-26
WordPress	≤5.9.4.5	PHP Object Injection	medium	View or Download	UNDERCODE	2025-03-26
WordPress	≤5.9.4.7	SQL Injection	critical	View or Download	UNDERCODE	2025-03-26
WordPress	≤ 5.9.4.4	Missing Authorization	medium	View or Download	UNDERCODE	2025-03-26
Django	<5.3.3	XSS	low	View or Download	UNDERCODE	2025-03-26
xmas-elf	<1.2.0	OOB Read	moderate	View or Download	UNDERCODE	2025-03-26
Directus	<= 10.11.3	Information Disclosure	critical	View or Download	UNDERCODE	2024-06-15
OpenDaylight SFC	Sodium-SR4 and below	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-26
WordPress	≤ 2.8.3	Stored XSS	medium	View or Download	UNDERCODE	2025-03-26
Tenda W18E	v16.01.0.11	Stack Overflow	critical	View or Download	UNDERCODE	2025-03-26
Snail-Job	1.4.0	RCE via Deserialization	critical	View or Download	UNDERCODE	2025-03-26
D-Link DAP-1620	1.03	Stack overflow	critical	View or Download	UNDERCODE	2025-03-26
Westboy CicadasCMS	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-03-26
Ollama	<=0.3.14	Resource Allocation	high	View or Download	UNDERCODE	2025-03-24
Aimhubio	3.25.0	Denial of Service	high	View or Download	UNDERCODE	2025-03-22
Aim (aimhubio/aim)	3.25.0	Uncontrolled Resource Consumption	high	View or Download	UNDERCODE	2025-03-22
MLflow	2.17.0 - 2.20.1	CSRF in Signup	moderate	View or Download	UNDERCODE	2025-03-21
MLflow	2.18	Weak Password Requirements	low	View or Download	UNDERCODE	2025-03-21
Mattermost	<= 10.4.2, <= 10.3.3, <= 9.11.8	Improper Access Control	moderate	View or Download	UNDERCODE	2025-03-21
go-httpbin	All versions prior to patch	Cross-Site Scripting (XSS)	critical	View or Download	UNDERCODE	2025-03-21
PipeCD	v0.49	Privilege Escalation	high	View or Download	UNDERCODE	2025-03-21
Go (Golang)	Pre-patch versions	DoS via memory exhaustion	critical	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8	Command Execution in Archived Channels	moderate	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.0 - 10.4.2, 10.3.0 - 10.3.3, 9.11.0 - 9.11.8, 10.5.0	MFA Bypass	high	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.0 - 10.4.2, 10.3.0 - 10.3.3, 9.11.0 - 9.11.8	MFA Bypass	moderate	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.0 - 10.4.2, 10.3.0 - 10.3.3, 9.11.0 - 9.11.8, 10.5.0	Improper Access Control	moderate	View or Download	UNDERCODE	2025-03-21
Linux Kernel	nilfs2 file system	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-27
Linux Kernel	Up to 6.13.0-rc3	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-27
Parse Server	<4.10.0	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-21
AWS CDK CLI	>=2.172.0, <2.178.2	Credential Exposure	critical	View or Download	UNDERCODE	2025-03-21
Kubernetes	1.3.0 to 1.32.3	Race Condition	low	View or Download	UNDERCODE	2025-03-21
Liferay Portal/DXP	7.4.0 - 7.4.3.126, 2024.Q3.0 - 2024.Q2.12, 2024.Q1.1 - 2024.Q1.12, 2023.Q4.0 - 2023.Q4.10, 2023.Q3.1 - 2023.Q3.10	Data Exposure	moderate	View or Download	UNDERCODE	2025-03-21
DataEase	< 2.10.6	Arbitrary File Read/Deserialization	critical	View or Download	UNDERCODE	2025-03-13
DataEase	< 2.10.6	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-13
Linux Kernel	Pre-commit 68f83057b913	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	Up to 6.12.0-rc6	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	Up to 5.15.x	Use-After-Free (UAF)	critical	View or Download	UNDERCODE	2025-02-26
WordPress	1.1.9 and earlier	Unauthorized Access	critical	View or Download	UNDERCODE	2025-03-14
WordPress	1.6.11 and below	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-14
Envoy Proxy	<1.30.10, 1.31.0-1.31.5, 1.32.0-1.32.3, 1.33.0	Denial of Service	critical	View or Download	UNDERCODE	2025-03-21
Redlib	< v0.36.0	Decompression Bomb	critical	View or Download	UNDERCODE	2025-03-21
InvokeAI	5.3.1 - 5.4.2	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-21
Libcontainer	Pre-fix versions	Capabilities Elevation	moderate	View or Download	UNDERCODE	2025-03-21
Next.js	11.1.4 - 13.5.6, 14.0 - 14.2.24, 15.0 - 15.2.2	Authorization Bypass	critical	View or Download	UNDERCODE	2025-03-21
WordPress	1.7.6 and earlier	SQL Injection	critical	View or Download	UNDERCODE	2025-03-14
Rembg	2.0.57 and earlier	CORS Misconfiguration	critical	View or Download	UNDERCODE	2025-03-03
Kedro	0.19.8	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-21
LocalAI	v2.21.1	Cross-Site Scripting (XSS)	moderate	View or Download	UNDERCODE	2025-03-21
ZenML	0.66.0	Unauthenticated DoS	high	View or Download	UNDERCODE	2025-03-21
vLLM	0.6.0	Deserialization RCE	critical	View or Download	UNDERCODE	2025-03-21
Composio	v0.4.4	SSRF	moderate	View or Download	UNDERCODE	2025-03-21
vLLM	0.6.0	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-21
Quivr	v0.0.298	Unauthenticated DoS	high	View or Download	UNDERCODE	2025-03-21
MLflow	2.15.1	Path Traversal	high	View or Download	UNDERCODE	2025-03-21
Composio	v0.4.2	SSRF	moderate	View or Download	UNDERCODE	2025-03-21
LiteLLM	v1.52.1	API Key Leakage	high	View or Download	UNDERCODE	2025-03-20
Aim	Commit bb76afe	Path Traversal	critical	View or Download	UNDERCODE	2025-03-20
LiteLLM	main-latest	Improper Authorization	high	View or Download	UNDERCODE	2025-03-20
AgentScope	Prior to fix	Path Traversal	critical	View or Download	UNDERCODE	2025-03-20
AgentScope	v.0.0.4	Path Traversal	high	View or Download	UNDERCODE	2025-03-20
AgentScope	Latest commit 21161fe	Stored XSS	moderate	View or Download	UNDERCODE	2025-03-20
AgentScope	v0.0.4	Improper CORS Configuration	high	View or Download	UNDERCODE	2025-03-20
LiteLLM	<1.44.12	API Key Leakage	high	View or Download	UNDERCODE	2025-03-20
LiteLLM	v1.44.5	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
AgentScope	0.0.4	Directory Traversal	high	View or Download	UNDERCODE	2025-03-20
Gradio	git commit 98cbcae	ReDoS via crafted HTTP request	high	View or Download	UNDERCODE	2025-03-20
Gradio	git 98cbcae	Path Traversal	high	View or Download	UNDERCODE	2025-03-20
Prefect	< 3.0.3	CORS Misconfiguration	high	View or Download	UNDERCODE	2025-03-20
Gradio	git 98cbcae	Zip Bomb DoS	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
LiteLLM	1.40.12	Remote Code Execution (RCE)	critical	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.2	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.1	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0	Arbitrary File Overwrite	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0	Arbitrary File Encryption	moderate	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.1	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.1	DoS, File Write	high	View or Download	UNDERCODE	2025-03-20
Aim	3.23.0	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.4	Deserialization RCE	critical	View or Download	UNDERCODE	2025-03-20
Horovod	<= v0.28.1	Command Injection	critical	View or Download	UNDERCODE	2025-03-20
Dask	<=2024.8.2	Command Injection	critical	View or Download	UNDERCODE	2025-03-20
LiteLLM	Commit 26c03c9	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
kcp	<0.26.3, <0.27.0	Unauthorized Object Manipulation	critical	View or Download	UNDERCODE	2025-03-20
Coraza WAF	v3	Rule Bypass	critical	View or Download	UNDERCODE	2025-03-20
Redis	go-redis (pre-patch versions)	Connection Timeout	critical	View or Download	UNDERCODE	2025-03-20
Apache Seata	2.0.0 - 2.2.0	Data Amplification	low	View or Download	UNDERCODE	2025-03-20
Spring Security	5.7.0 - 6.4.3	Password Length Bypass	high	View or Download	UNDERCODE	2025-03-20
Apache Seata	2.0.0 to 2.2.0	Deserialization of Untrusted Data	low	View or Download	UNDERCODE	2025-03-20
Liferay Portal/DXP	7.4.3.82-7.4.3.128, 2024.Q3.0, 2024.Q2.0-2024.Q2.13, 2024.Q1.1-2024.Q1.12, 2023.Q4.0-2023.Q4.10, 2023.Q3.1-2023.Q3.10	XSS	moderate	View or Download	UNDERCODE	2025-03-20
OpenShift Console	Pre-4.12.0	Path Traversal	moderate	View or Download	UNDERCODE	2025-03-20
WordPress	2.1.13 and earlier	Unauthorized Data Access	critical	View or Download	UNDERCODE	2025-03-12
OpenShift Hive	v1.0.0	Uncontrolled Resource Consumption	moderate	View or Download	UNDERCODE	2025-03-20
Jenkins	< 1.0.31.v4a	Information Disclosure	moderate	View or Download	UNDERCODE	2025-03-20
WordPress	1.0.7 and earlier	Reflected XSS	critical	View or Download	UNDERCODE	2025-03-03
WordPress	Up to 2.1.8	Stored XSS	critical	View or Download	UNDERCODE	2025-02-17
WordPress	1.3.8 and prior	DOM-based XSS	critical	View or Download	UNDERCODE	2025-01-09
Jenkins	AnchorChain Plugin 1.0	Stored XSS	high	View or Download	UNDERCODE	2025-03-19
Mattermost	9.11.x <= 9.11.8	Authorization Bypass	moderate	View or Download	UNDERCODE	2025-03-19
WordPress	<= 1.3.6.5	Local File Inclusion	critical	View or Download	UNDERCODE	2025-03-11
WordPress	<= 4.2.2	CSRF	critical	View or Download	UNDERCODE	2025-03-06
WOLF	1.0.8.5	Path Traversal	critical	View or Download	UNDERCODE	2025-02-03
WordPress	<= 4.1.25	Stored XSS	critical	View or Download	UNDERCODE	2025-01-18
GitHub Actions	tj-actions/changed-files < 46	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-15
FortiOS, FortiProxy	7.0.0 - 7.0.16, 7.2.0 - 7.2.12	Authentication Bypass	critical	View or Download	UNDERCODE	2025-02-11
RealMag777 BEAR	1.1.4.4 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-02-17
WordPress	<= 1.27.6	Path Traversal	critical	View or Download	UNDERCODE	2025-02-06
WikiManager REST API	5.4-rc-1 to 16.10.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-19
XWiki	>= 1.9M1, < 15.10.14	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-19
XWiki	6.1-rc-1 to 15.10.13, 16.0.0-rc-1 to 16.4.5, 16.5.0-rc-1 to 16.10.0-rc-1	Authorization Bypass	critical	View or Download	UNDERCODE	2025-03-19
Nuxt.js	All versions	Cache Poisoning	critical	View or Download	UNDERCODE	2025-03-19
WordPress	1.27.4 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-15
CodeBard Help Desk	1.1.2 and earlier	Reflected XSS	critical	View or Download	UNDERCODE	2025-01-15
OpenAPI	3.0.0	Zip Bomb Exploit	critical	View or Download	UNDERCODE	2025-03-19
Sylius	<1.6.2, <1.7.2, <2.0.2	Payment Manipulation	critical	View or Download	UNDERCODE	2025-03-19
Picklescan	< 0.0.23	ZIP Archive Manipulation	medium	View or Download	UNDERCODE	2025-03-10
PyTorch	PickleScan < 0.0.23	Arbitrary Code Execution	medium	View or Download	UNDERCODE	2025-03-10
GitHub Actions	reviewdog/action-setup@v1	Secret Exposure	critical	View or Download	UNDERCODE	2025-03-19
vLLM	Pre-vllm-project/vllm14228	Unsafe Deserialization	critical	View or Download	UNDERCODE	2025-03-19
Apache Airflow	Before 6.2.0	SQL Injection	moderate	View or Download	UNDERCODE	2025-03-19
Node.js	fast-jwt (affected versions)	JWT Issuer Claim Validation	critical	View or Download	UNDERCODE	2025-03-19
ZipList Recipe	Up to 3.1	CSRF	medium	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.04	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.07	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-11
CodeVibrant	1.0.5 and earlier	CSRF	critical	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.05	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-11
WordPress	1.0 and earlier	CSRF	medium	View or Download	UNDERCODE	2025-03-11
WordPress	1.2.2 and earlier	CSRF	critical	View or Download	UNDERCODE	2025-03-11
WordPress	0.1.0 and earlier	CSRF to Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
Login Logger	1.2.1 and earlier	CSRF	medium	View or Download	UNDERCODE	2025-03-11
WordPress	Up to 2.1	CSRF to Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.04	Input Validation Bypass	critical	View or Download	UNDERCODE	2025-03-11
Delete Original Image	0.4 and earlier	CSRF	medium	View or Download	UNDERCODE	2025-03-11
Rankchecker.io Integration	1.0.9 and earlier	CSRF with Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
Mojave Inverter	All versions	Sensitive Info Disclosure	critical	View or Download	UNDERCODE	2025-02-13
TYPO3	6.0.0 - 9.2.0	XSS	moderate	View or Download	UNDERCODE	2025-03-19
CosmWasm	Prior to v2.2.0	Capability Bypass	moderate	View or Download	UNDERCODE	2025-03-18
Stesvis Frontpage	1.0.2 and earlier	CSRF	critical	View or Download	UNDERCODE	2025-03-11
Wire	< 5.2.0	Uncontrolled Recursion	moderate	View or Download	UNDERCODE	2025-03-18
jsPDF	<3.0.1	DoS via CPU exhaustion	critical	View or Download	UNDERCODE	2025-03-18
Contao	4.0.0 - 4.13.53, 5.3.0 - 5.3.29, 5.4.0 - 5.5.5	XSS via SVG	critical	View or Download	UNDERCODE	2025-03-18
amoCRM WebForm	1.1 and earlier	DOM-Based XSS	critical	View or Download	UNDERCODE	2025-03-11
Apache HTTP Server	2.4.49	Path Traversal	critical	View or Download	UNDERCODE	2021-10-05
Apache Tomcat	11.0.0-M1 to 11.0.2, 10.1.0-M1 to 10.1.34, 9.0.0.M1 to 9.0.98	Path Equivalence	critical	View or Download	UNDERCODE	2025-03-10
Sylius	<1.6.1, <1.7.1, <2.0.1	Payment Manipulation	critical	View or Download	UNDERCODE	2025-03-17
containerd	< 1.7.0, 1.6.0	Integer Overflow	moderate	View or Download	UNDERCODE	2025-03-17
OpenShift Hive	Multicluster Engine (MCE), Advanced Cluster Management (ACM)	Credential Exposure	high	View or Download	UNDERCODE	2025-03-17
Expr	<1.17.0	Memory Exhaustion	critical	View or Download	UNDERCODE	2025-03-17
BuildKit	< v0.21.3	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-17
Mattermost Desktop App	<=5.10.0	Code Injection	low	View or Download	UNDERCODE	2025-03-17
Kubernetes	Bare Metal Operator (BMO)	Secret Leakage	critical	View or Download	UNDERCODE	2025-03-17
Tenda AC9	v1.0 V15.03.05.14_multi	Stack Overflow	critical	View or Download	UNDERCODE	2025-03-14
Tenda AC6	v15.03.05.16	Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-14
Enituretechnology Small Package Quotes	Up to 2.4.9	Reflected XSS	critical	View or Download	UNDERCODE	2025-03-03
Bee Layer Slider	1.1 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
Ark Theme Core	1.70.0 and earlier	Code Injection	critical	View or Download	UNDERCODE	2025-03-03
Tenda AC8V4	V16.03.34.06	Stack Overflow	critical	View or Download	UNDERCODE	2025-02-20
Node.js	3.0.0	Prototype Pollution	high	View or Download	UNDERCODE	2025-03-16
GitHub Actions	tj-actions/changed-files <= 45.0.7	Information Disclosure	high	View or Download	UNDERCODE	2025-03-15
Qiskit	< 13	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-14
JS Html Sanitizer	< 2.0.3	XSS Bypass	moderate	View or Download	UNDERCODE	2025-03-14
feldman_vss	<1.0.0	Timing Side-Channel	critical	View or Download	UNDERCODE	2025-03-14
Python	feldman_vss.py	Fault Injection	critical	View or Download	UNDERCODE	2025-03-14
Flowise	1.8.2	Path Traversal to RCE	critical	View or Download	UNDERCODE	2025-03-14
Azle	0.27.0, 0.28.0, 0.29.0	Infinite Loop	critical	View or Download	UNDERCODE	2025-03-14
Kubernetes	Versions using in-tree gitRepo volume	Local repository access	moderate	View or Download	UNDERCODE	2025-03-14
xml-crypto	<= 6.0.0	Signature Bypass	critical	View or Download	UNDERCODE	2025-03-14
Flowise	v1.0.0	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-03-13
Linux Kernel	Up to 5.15.90	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	Pre-5.15.90	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Kubernetes	<1.29.13, 1.30.0-1.30.9, 1.31.0-1.31.5, 1.32.0-1.32.1	Command Injection	moderate	View or Download	UNDERCODE	2025-03-13
Windows NTFS	All versions up to patch	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-11
MODX	Prior to 3.1.0	Cross-Site Scripting (XSS)	low	View or Download	UNDERCODE	2025-03-13
Windows	Win32 Kernel Subsystem	Use-after-free	critical	View or Download	UNDERCODE	2025-03-11
Snowflake JDBC	3.0.13 - 3.23.0	Information Disclosure	medium	View or Download	UNDERCODE	2025-03-13
Assimp	5.4.3	Heap-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-10
HDF5	1.14.6	Heap-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-10
UnifiedTransform	2.0	Incorrect Access Control	critical	View or Download	UNDERCODE	2025-03-10
Microsoft Edge	Chromium-based	UI Spoofing	critical	View or Download	UNDERCODE	2025-03-07
Ed25519-Java	0.3.0 and earlier	Signature Malleability	moderate	View or Download	UNDERCODE	2025-03-13
XPixelGroup BasicSR	1.4.2 and prior	Command Injection	moderate	View or Download	UNDERCODE	2025-03-13
Cosmos SDK	Pre-v3.1.8	Chain Halt	critical	View or Download	UNDERCODE	2025-01-01
Apache HTTP Server	2.4.49, 2.4.50	Path Traversal to RCE	critical	View or Download	UNDERCODE	2025-03-13
WordPress	Javo Core <= 3.0.0.080	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-08
WordPress	Up to 16.26.10	Information Exposure	critical	View or Download	UNDERCODE	2025-03-08
IBM Aspera Shares	1.9.9 - 1.10.0 PL7	XXE Injection	critical	View or Download	UNDERCODE	2025-03-07
Deno	All versions	Session Hijacking	critical	View or Download	UNDERCODE	2025-03-12
Golang (golang.org/x/net)	Pre-2025 patches	Proxy Bypass via IPv6 Zone IDs	moderate	View or Download	UNDERCODE	2025-03-12
Apache NiFi	1.13.0 - 2.2.0	Information Disclosure	moderate	View or Download	UNDERCODE	2025-03-12
Apache Felix	< 1.2.2	XSS	moderate	View or Download	UNDERCODE	2025-03-12
Plenti	<= 0.7.16	Code Injection	moderate	View or Download	UNDERCODE	2025-03-12
Ruby SAML	>= 1.13.0, < 1.18.0; < 1.12.4	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-12
SmallRye Fault Tolerance	< 6.9.0	Out-of-Memory (OOM)	high	View or Download	UNDERCODE	2025-03-12
Apache Camel	4.9.0-4.10.2, 4.0.0-4.8.5, 3.10.0-3.22.4	Header Injection	critical	View or Download	UNDERCODE	2025-02-15
Ruby SAML	< 1.12.4, >= 1.13.0, < 1.18.0	Authentication Bypass	high	View or Download	UNDERCODE	2025-03-12
Omniauth-saml	< 1.10.6, 2.0.0-2.1.2, 2.2.0-2.2.2	Signature Wrapping Attack	critical	View or Download	UNDERCODE	2025-03-12
GraphQL-Ruby	1.11.5-2.4.13	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-12
IBC-Go	>= v7	Non-deterministic JSON Unmarshalling	critical	View or Download	UNDERCODE	2025-03-12
Cosmos SDK	<= v0.47.16, <= 0.50.12	Denial of Service	critical	View or Download	UNDERCODE	2025-03-12
WordPress	1.0.9 and earlier	Unauthorized Data Access	critical	View or Download	UNDERCODE	2025-03-07
WordPress	Up to 16.26.10	SQL Injection	critical	View or Download	UNDERCODE	2025-03-08
Laravel	< 3.4.17	File Validation Bypass	moderate	View or Download	UNDERCODE	2025-03-12
Espressif ESP32	All firmware versions	Hidden HCI Command Execution	critical	View or Download	UNDERCODE	2025-03-08
Ruby	2.10.0, 2.10.1	Out-of-bounds Read	critical	View or Download	UNDERCODE	2025-03-12
Joomla	JUX Real Estate 3.4.0	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
WordPress	<= 5.3.1	Stored XSS	critical	View or Download	UNDERCODE	2025-03-08
cheqd-node	< v3.1.7	Non-deterministic JSON Unmarshalling	critical	View or Download	UNDERCODE	2025-03-11
Joomla	JUX Real Estate 3.4.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-09
Rembg	2.0.57 and earlier	SSRF	moderate	View or Download	UNDERCODE	2025-03-11
Pimcore	Pre-11.0.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-11
Rembg	2.0.57 and earlier	CORS Misconfiguration	high	View or Download	UNDERCODE	2025-03-11
Facebookincubator/below	< 0.9.0	Privilege Escalation	high	View or Download	UNDERCODE	2025-03-11
WordPress	<= 1.39.2	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
OpenXE	Up to 1.12	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
FTCMS	2.1	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
FTCMS	2.1	SQL Injection	critical	View or Download	UNDERCODE	2025-03-09
XunRuiCMS	Up to 4.6.3	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
Customer Account Portal	Unspecified	HTML Injection	medium	View or Download	UNDERCODE	2025-03-11
Babel	<7.26.10, <8.0.0-alpha.17	Quadratic Complexity	critical	View or Download	UNDERCODE	2025-03-11
Froxlor	Pre-2.0.10	Account Duplication	medium	View or Download	UNDERCODE	2023-10-15
Keras	< 3.9	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-11
GNU Binutils	2.43	Memory Leak	critical	View or Download	UNDERCODE	2025-02-10
CodeBard Help Desk	1.1.2 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-31
SimpleSAMLphp	v4	Signature Confusion	critical	View or Download	UNDERCODE	2025-03-11
ASP.NET Core	9.0.2, 8.0.13, 2.3.0	Elevation of Privilege	critical	View or Download	UNDERCODE	2025-03-11
OpenHarmony	v5.0.2 and prior	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-03
WordPress	1.1.9 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
WordPress	1.7.2 and earlier	Authentication Bypass	critical	View or Download	UNDERCODE	2025-02-27
WordPress	1.6.3 and earlier	Arbitrary File Deletion	critical	View or Download	UNDERCODE	2025-02-27
WordPress	1.0.1 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
Keras	All versions prior to 3.0.0	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-11
Mockoon	Latest (mockoon-cli)	Path Traversal & LFI	critical	View or Download	UNDERCODE	2025-03-11
WordPress	<= 3.3.5	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
Umbraco CMS	<= 10.8.8, >= 11.0.0-rc1, <= 13.7.0	Unauthorized Content Access/Deletion	moderate	View or Download	UNDERCODE	2025-03-11
Umbraco CMS	14.3.2, 15.0.0-rc1 to 15.2.2	Improper API Access Control	moderate	View or Download	UNDERCODE	2025-03-11
Kubernetes	Ratify (pre-patch)	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-11
Rack	<2.2.6	Directory Traversal	critical	View or Download	UNDERCODE	2025-03-10
Apache Tomcat	11.0.0-M1 to 11.0.2	RCE/Info Disclosure	high	View or Download	UNDERCODE	2025-03-10
Concrete CMS	9.0.0 - 9.3.9	Stored XSS	moderate	View or Download	UNDERCODE	2025-03-10
Nomad	<1.9.7, <1.8.11, <1.7.19	Information Exposure	moderate	View or Download	UNDERCODE	2025-03-10
Vela Server	< 0.25.3, >= 0.26.0, < 0.26.2	Insufficient Webhook Payload Verification	critical	View or Download	UNDERCODE	2025-03-10
Keycloak	>= 26.1.0, < 26.1.3; < 26.0.10	Improper Authorization	moderate	View or Download	UNDERCODE	2025-03-10
Keycloak	>= 26.1.0, < 26.1.3; < 26.0.10	Authentication Bypass	moderate	View or Download	UNDERCODE	2025-03-10
Apache Camel	3.10.0-3.22.3, 4.2.0-4.8.4, 4.9.0-4.10.1	Bypass/Injection	critical	View or Download	UNDERCODE	2025-03-10
Laravel Framework	11.9.0 to 11.35.1	Reflected XSS	moderate	View or Download	UNDERCODE	2025-03-10
PHP	<5.25.2	DoS via `explode()`	low	View or Download	UNDERCODE	2025-03-10
Laravel Framework	11.9.0 - 11.35.1	Reflected XSS	moderate	View or Download	UNDERCODE	2025-03-10
Ekuiper	Pre-1.8.0	Stored XSS	critical	View or Download	UNDERCODE	2025-03-10
WordPress	1.3.52 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-24
WordPress	1.6.10 and earlier	Remote File Inclusion	critical	View or Download	UNDERCODE	2025-01-27
LocalS3	All versions	XXE Injection	critical	View or Download	UNDERCODE	2025-03-10
WordPress	n/a - 2.7.1	Missing Authorization	critical	View or Download	UNDERCODE	2025-01-24
PyTorch	N/A	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-10
TOTOLINK X18	9.1.0cu.2024_B20220329	Stack-based buffer overflow	critical	View or Download	UNDERCODE	2025-02-16
TOTOLINK X18	9.1.0cu.2024_B20220329	OS Command Injection	critical	View or Download	UNDERCODE	2025-02-16
Apache Struts	2.3.5 - 2.3.31, 2.5 - 2.5.10	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-10
Oxidized Web	< 0.15.0	Unauthenticated RCE	critical	View or Download	UNDERCODE	2025-03-02
WeGIA	< 3.2.16	Denial of Service	critical	View or Download	UNDERCODE	2025-03-03
GRUB2	All versions with squash4 module	Heap-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-03
Protobuf Crate	Affected versions	Stack Overflow	moderate	View or Download	UNDERCODE	2025-03-07
Node.js	@intlify/message-resolver 9.1, @intlify/vue-i18n-core 9.2+	Prototype Pollution	critical	View or Download	UNDERCODE	2025-03-07
XWiki Confluence Migrator Pro	<= 1.11.6	Information Exposure	high	View or Download	UNDERCODE	2025-03-07
Ring (Cryptography Library)	Pre-patch versions	Integer Overflow	medium	View or Download	UNDERCODE	2025-03-07
XWiki Confluence Migrator Pro	>= 1.0, < 1.2.0	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-07
WinDbg	Affected versions	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-06
WordPress	<= 2.7.6	Stored XSS	critical	View or Download	UNDERCODE	2025-02-28
OpenTelemetry .NET	1.10.0 to 1.11.1	Denial of Service (DoS)	critical	View or Download	UNDERCODE	2025-03-06
Jenkins	< 2.492.2, >= 2.493, < 2.500	Information Disclosure	moderate	View or Download	UNDERCODE	2025-03-06
Ray	<2.43.0	Sensitive Info Logging	moderate	View or Download	UNDERCODE	2025-03-06
Envoy Gateway	<1.2.7, <1.3.1	Log Injection	critical	View or Download	UNDERCODE	2025-03-06
Jenkins	<= 2.499, <= 2.492.1	CSRF	moderate	View or Download	UNDERCODE	2025-03-06
WordPress	<= 1.6.8.1	Reflected XSS	critical	View or Download	UNDERCODE	2025-02-28
Fleet	< 4.64.2	SAML Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-06
Jenkins	< 2.492.2, >= 2.493, < 2.500	Open Redirect	moderate	View or Download	UNDERCODE	2025-03-06
NocoDB	Pre-2025 patches	Reflected XSS	critical	View or Download	UNDERCODE	2025-03-06
WordPress	1.3.3 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-24
WordPress	1.1.7 and below	Stored XSS	critical	View or Download	UNDERCODE	2025-02-28
Microsoft Edge	Chromium-based	Security Feature Bypass	critical	View or Download	UNDERCODE	2025-02-14
OpenZiti	< 3.7.1	SSRF	critical	View or Download	UNDERCODE	2025-03-03
OpenZiti	< 3.7.1	Unauthenticated File Upload	critical	View or Download	UNDERCODE	2025-03-03
ShishuoCMS	1.1	CSRF	medium	View or Download	UNDERCODE	2025-03-03
Jinja2	Pre-3.1.3	Sandbox Escape	critical	View or Download	UNDERCODE	2024-01-15
ShishuoCMS	1.1	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-03
Eclipse OMR	0.4.0 and earlier	NULL Pointer Dereference	medium	View or Download	UNDERCODE	2025-02-21
DGL	Pre-patch versions	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-05
Eclipse OMR	0.2.0 to 0.4.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-02-21
Laravel	>= 12.0.0, < 12.1.1; < 11.44.1	File Validation Bypass	critical	View or Download	UNDERCODE	2025-03-05
WordPress	<= 4.2.9	Unauthorized Access	critical	View or Download	UNDERCODE	2025-03-04
Redaxo	5.18.2	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-03-05
Adobe Commerce	2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11	Incorrect Authorization	critical	View or Download	UNDERCODE	2025-02-11
Linux Kernel	Up to 6.13.0-rc4	Memory Leak	critical	View or Download	UNDERCODE	2025-02-26
OpenDJ	9.2	Denial-of-Service (DoS)	critical	View or Download	UNDERCODE	2025-03-05
Adobe Commerce	2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11	Improper Authorization	critical	View or Download	UNDERCODE	2025-02-11
Linux Kernel	LoongArch-based systems	Out-of-Bounds (OoB) Access	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	< 6.14.0-rc1	Null Pointer Dereference	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	am65-cpsw Ethernet Driver	Memory Leak	critical	View or Download	UNDERCODE	2025-02-26
Adobe Commerce	2.4.4-p11 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-03-05
FlowiseAI	v2.2.6	Arbitrary File Upload	high	View or Download	UNDERCODE	2025-03-05
VMware ESXi, Workstation	Multiple versions affected	TOCTOU leading to out-of-bounds write	critical	View or Download	UNDERCODE	2025-03-04
VMware ESXi, Workstation, Fusion	Multiple versions affected	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-04
i-Drive i11, i12	Up to 20250227	Improper Access Control	critical	View or Download	UNDERCODE	2025-03-03
PHPGurukul	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-03
NGINX Unit	< 1.34.2	Infinite Loop	medium	View or Download	UNDERCODE	2025-03-03
Ruby	CGI gem < 0.4.2	Denial of Service (DoS)	critical	View or Download	UNDERCODE	2025-03-03
WordPress	1.8.4.1 and earlier	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-03-04
ShishuoCMS	1.1	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-03-03
Matrix-Appservice-IRC	Up to 3.0.3	Arbitrary Command Execution	Critical	View or Download	UNDERCODE	2025-03-04
OpenHarmony	v5.0.2 and prior	Use-After-Free	Critical	View or Download	UNDERCODE	2025-03-04
mySCADA myPRO	Vulnerable versions not specified	CSRF	Medium	View or Download	UNDERCODE	2025-03-04
Dingtian DT-R0 Series	All versions prior to 2.5.1	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-04
mySCADA myPRO	Vulnerable versions	OS Command Injection	Critical	View or Download	UNDERCODE	2025-03-04
mySCADA myPRO Manager	Not specified	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-04
WordPress	1.5.1 and earlier	Stored XSS	Critical	View or Download	UNDERCODE	2025-03-04
CampCodes	1.0	Unrestricted File Upload	Critical	View or Download	UNDERCODE	2025-03-04
Adobe Commerce	2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11	Incorrect Authorization	Critical	View or Download	UNDERCODE	2025-03-04
Pinecone Simulator	Up to commit matrix-org/pinecone@ea4c337	Stored XSS	Moderate	View or Download	UNDERCODE	2025-03-04
ZITADEL	<2.71.0	IDOR	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Code-Signing Bypass	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Code-Signing Bypass	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Sequoia (< 15.3)	Sandbox Escape	Critical	View or Download	UNDERCODE	2025-03-04
GNU Binutils	Up to 2.43	Stack-based Buffer Overflow	Medium	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	File Parsing	Critical	View or Download	UNDERCODE	2025-03-04
Apache Struts	2.3.5 to 2.3.31, 2.5 to 2.5.10	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-03-04
Rack	<2.2.4	Log Injection	Medium	View or Download	UNDERCODE	2025-03-04
GLPI	<10.0.18	Reflected XSS	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	File Parsing	Critical	View or Download	UNDERCODE	2025-03-04
Apple visionOS, Safari, iOS, iPadOS, macOS, watchOS, tvOS	visionOS < 2.3, Safari < 18.3, iOS < 18.3, iPadOS < 18.3, macOS < 15.3, watchOS < 11.3, tvOS < 18.3	Denial-of-Service	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Information Leak	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Memory Corruption	Critical	View or Download	UNDERCODE	2025-03-04
Apple Devices	iPadOS 17.7.4, macOS Ventura 13.7.3, iOS 18.3	Out-of-Bounds Read	Critical	View or Download	UNDERCODE	2025-03-04
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Medium	View or Download	UNDERCODE	2025-03-03
tsup	v8.3.4	DOM Clobbering	Low	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Picklescan	< 0.0.22	RCE Bypass	Moderate	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
WordPress	Up to 4.7.6	Stored XSS	Critical	View or Download	UNDERCODE	2025-03-03
CodeChecker	Up to 6.24.5	Open Redirect	Moderate	View or Download	UNDERCODE	2025-03-03
OPC UA .NET Standard Stack	< 1.5.374.158	Authentication Bypass	Moderate	View or Download	UNDERCODE	2025-03-03
MinIO	Prior to fix in commit 91e1487	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-03
OPC UA .NET Standard Stack	< 1.5.374.158	Authentication Bypass	Moderate	View or Download	UNDERCODE	2025-03-03
Ruby URI Gem	< 0.11.3, 0.12.0-0.12.3, 0.13.0-0.13.1, 1.0.0-1.0.2	Userinfo Leakage	High	View or Download	UNDERCODE	2025-03-03
SeaJS	2.2.3	Cross-site Scripting (XSS)	Low	View or Download	UNDERCODE	2025-03-03
Apache Ranger	< 2.6.0	Improper Neutralization	Low	View or Download	UNDERCODE	2025-03-03
Mavo	0.3.2	DOM Clobbering	Moderate	View or Download	UNDERCODE	2025-03-03
Ruby CGI Gem	<= 0.3.5, 0.3.6, 0.4.0, 0.4.1	Denial of Service (DoS)	High	View or Download	UNDERCODE	2025-03-03
Ruby CGI Gem	<= 0.3.5, 0.3.6, 0.4.0, 0.4.1	Denial of Service (DoS)	High	View or Download	UNDERCODE	2025-03-03
Stage.js	0.8.10 and earlier	DOM Clobbering leading to XSS	Moderate	View or Download	UNDERCODE	2025-03-03
ASCON Cryptographic Library	Pre-patch versions	Incorrect Tag Verification	Critical	View or Download	UNDERCODE	2025-03-03
Oxidized Web	< 0.15.0	Unauthenticated RCE	Critical	View or Download	UNDERCODE	2025-03-03
Apache StreamPipes	< 0.97.0	Improper Privilege Management	Moderate	View or Download	UNDERCODE	2025-03-03
Ruby CGI Gem	<= 0.3.5, 0.3.6, 0.4.0, 0.4.1	Denial of Service (DoS)	High	View or Download	UNDERCODE	2025-03-03
PyTorch	All versions	Arbitrary Code Execution	Critical	View or Download	UNDERCODE	2025-01-01
Python	All versions using pickle	Unsafe Deserialization	Critical	View or Download	UNDERCODE	2025-03-03
Manifest	All versions	Weak password hashing	Critical	View or Download	UNDERCODE	2025-03-03
WSO2	Multiple	Incorrect Authorization	Moderate	View or Download	UNDERCODE	2025-03-03
CampCodes	1.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2025-03-03
WordPress	<= 1.7.1006	CSRF	Critical	View or Download	UNDERCODE	2025-03-03
Code-Projects Chat System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-03-03
GNU Binutils	2.43/2.44	Memory Corruption	Critical	View or Download	UNDERCODE	2025-03-03
SourceCodester Contact Manager	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-03-03
GNU Binutils	2.43	Memory Corruption	Critical	View or Download	UNDERCODE	2025-03-03
SourceCodester Employee Management System	1.0	Default Credentials Exploit	Critical	View or Download	UNDERCODE	2025-03-03
CampCodes School Management Software	1.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2025-03-03
Flask-AppBuilder	<= 4.5.3	User Enumeration	Low	View or Download	UNDERCODE	2025-03-03
Adobe InDesign	ID20.0, ID19.5.1 and earlier	Integer Underflow	Critical	View or Download	UNDERCODE	2025-03-03
Adobe InCopy	20.0, 19.5.1, and earlier	Integer Underflow	Critical	View or Download	UNDERCODE	2025-03-03
Apache HTTP Server	2.4.49	Path Traversal	Critical	View or Download	UNDERCODE	2021-10-05
Adobe InDesign	ID20.0, ID19.5.1	Heap-based Buffer Overflow	Critical	View or Download	UNDERCODE	2025-03-03
Rancher	v2.8.0 - v2.10.2	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-03
Moodle	4.5.0-beta	IDOR		View or Download	UNDERCODE	2025-02-24
Button Block	1.1.5	Missing Authorization	Critical	View or Download	UNDERCODE	2025-02-25
Moodle	4.5.0-beta	Permission Bypass	Moderate	View or Download	UNDERCODE	2025-02-24
tarteaucitronjs	<1.17.0	XSS	Low	View or Download	UNDERCODE	2025-02-24
Mattermost	<10.4.2	Arbitrary File Read	Critical	View or Download	UNDERCODE	2025-02-24
WordPress	2.36	Information Exposure	Medium	View or Download	UNDERCODE	2025-02-24
Real Estate Property Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-24
WordPress	3.4.0	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-24
WordPress	8.3.0	Unauthorized Settings Change	Critical	View or Download	UNDERCODE	2025-02-24
Linux Kernel	Open vSwitch	Infinite Loop	Critical	View or Download	UNDERCODE	2025-02-21
Codezips Gym Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-20
WordPress	2.11.9	XSS	Critical	View or Download	UNDERCODE	2025-02-20
Progress® Telerik® Report Server	Prior to 11.0.25.211	Information Disclosure	Medium	View or Download	UNDERCODE	2025-02-20
XWiki	15.10.11	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-02-20
Namada-apps	1.1.0	Excessive Computation	Critical	View or Download	UNDERCODE	2025-02-20
Namada-apps	1.1.0	Integer overflow	Critical	View or Download	UNDERCODE	2025-02-20
Craft	4, 5	RCE	High	View or Download	UNDERCODE	2025-02-20
Sliver	1.5.42	SSRF	Critical	View or Download	UNDERCODE	2025-02-19
Sante PACS Server	-	Memory Corruption	Critical	View or Download	UNDERCODE	2025-02-19
Mintty	N/A	Heap-based Buffer Overflow	Critical	View or Download	UNDERCODE	2025-02-18
Logsign	Unified SecOps Platform	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-02-18
cie-aspnetcore	N/A	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-02-18
spid-aspnetcore	N/A	SAML Authentication Bypass		View or Download	UNDERCODE	2025-02-18
cie-aspnetcore	N/A	Signature Validation	Critical	View or Download	UNDERCODE	2025-02-18
spid-aspnetcore	N/A	Signature Validation	Critical	View or Download	UNDERCODE	2025-02-18
SonicWall	SSLVPN	Improper Authentication	Critical	View or Download	UNDERCODE	2025-02-18
TP-Link TL-WR841ND V11	V11	Buffer Overflow	Critical	View or Download	UNDERCODE	2025-02-18
Node.js	N/A	ReDoS	Critical	View or Download	UNDERCODE	2025-02-14
npm	@octokit/plugin-paginate-rest	ReDoS		View or Download	UNDERCODE	2025-02-14
npm	@octokit/endpoint	ReDoS	Critical	View or Download	UNDERCODE	2025-02-14
@octokit/request-error	N/A	ReDoS	Critical	View or Download	UNDERCODE	2025-02-14
DOMPurify	<3.2.4	XSS	Moderate	View or Download	UNDERCODE	2025-02-14
Fyrox	0.28.1	Memory exposure	Low	View or Download	UNDERCODE	2025-02-14
GitHub	v2.67.0	Incorrect exit status	Critical	View or Download	UNDERCODE	2025-02-14
Label Studio	<1.16.0	Path Traversal	Critical	View or Download	UNDERCODE	2025-02-14
Label Studio	N/A	XSS	Critical	View or Download	UNDERCODE	2025-02-14
WeGIA	3.2.6	Stored XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	XSS		View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.10	Open Redirect	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection		View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection		View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	Stored XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.7	XSS	Medium	View or Download	UNDERCODE	2025-02-13
Hypercube	Unpatched	Remote Code Execution		View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	N/A	Out-Of-Bounds Read	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	N/A	Heap-based Buffer Overflow	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	-	Out-Of-Bounds Read	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	-	Out-Of-Bounds Read	Critical	View or Download	UNDERCODE	2025-02-12
Trimble Cityworks	<15.8.9, <23.10	Deserialization	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	N/A	Use-After-Free	Critical	View or Download	UNDERCODE	2025-02-12
npm	parse-duration	ReDoS	Critical	View or Download	UNDERCODE	2025-02-12
Elliptic	N/A	Private Key Extraction	Critical	View or Download	UNDERCODE	2025-02-12
Koa	2.15.4	ReDoS	Critical	View or Download	UNDERCODE	2025-02-12
Windows	Storage	Privilege Elevation	Critical	View or Download	UNDERCODE	2025-02-12
Magento	2.4.7-beta1	Improper Authorization	Critical	View or Download	UNDERCODE	2025-02-12
iOS	18.3.1	Authorization	Critical	View or Download	UNDERCODE	2025-02-12
Mitel SIP Phones	R6.4.0.HF1	Argument Injection	Critical	View or Download	UNDERCODE	2025-02-12
Samsung Android	12.0, 13.0, 14.0	Unspecified	Critical	View or Download	UNDERCODE	2025-02-12
GeoNetwork	4.4.0-4.4.5, <4.2.10	Information Disclosure	Moderate	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Remote Code Execution	High	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Remote Code Execution	Medium	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Remote Code Execution	Medium	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Spoofing	Medium	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Spoofing	Medium	View or Download	UNDERCODE	2025-02-11
pgAgent	<4.2.3	Directory Traversal	Medium	View or Download	UNDERCODE	2025-02-11
WooCommerce	4.7.1	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-11
WooCommerce	3.8.7	Missing Authorization	Critical	View or Download	UNDERCODE	2025-02-11
WordPress	1.8.17.0	XSS	Critical	View or Download	UNDERCODE	2025-02-11
WP Mailster	1.8.15.0	XSS	Critical	View or Download	UNDERCODE	2025-02-11
WordPress	3.3.4	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-11
AshAuthentication	4.4.9	Token Reuse		View or Download	UNDERCODE	2025-02-11
Windows	unknown	Elevation of Privilege		View or Download	UNDERCODE	2025-02-11
Windows	Multiple	Privilege Escalation	High	View or Download	UNDERCODE	2025-02-11
Zyxel VMG4325-B10A	1.00(AAFR.4)C0_20170615	Command Injection		View or Download	UNDERCODE	2025-02-11
Apache CXF	<3.5.10, <3.6.5, <4.0.6	Denial of Service	Medium	View or Download	UNDERCODE	2025-02-11
Linux	Kernel	Race Condition	Critical	View or Download	UNDERCODE	2025-02-11
Linux Kernel	gpio-xilinx driver	Spinlock issue	Critical	View or Download	UNDERCODE	2025-02-11
Photoshop	25.12, 26.1	Uncontrolled Search Path	High	View or Download	UNDERCODE	2025-02-11
grcov	-	Out of Bounds Write	Moderate	View or Download	UNDERCODE	2025-02-10
Netty	N/A	Denial of Service		View or Download	UNDERCODE	2025-02-10
Hickory DNS	N/A	DNSSEC Validation		View or Download	UNDERCODE	2025-02-10
Net-IMAP	<0.4.19, <0.5.6	Memory Exhaustion	Critical	View or Download	UNDERCODE	2025-02-10
esbuild	-	CORS Misconfiguration	Critical	View or Download	UNDERCODE	2025-02-10
SourceCodester	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-10
SourceCodester	1.0	Improper Access Controls	Critical	View or Download	UNDERCODE	2025-02-10
SourceCodester	1.0	XSS	Medium	View or Download	UNDERCODE	2025-02-10
Dell Networking Switches	Enterprise SONiC OS	Information Exposure	High	View or Download	UNDERCODE	2025-02-07
Dell PowerProtect DD	DDOS 8.3.0.0	Cryptographic	Critical	View or Download	UNDERCODE	2025-02-07
xml2rfc	<= 3.26.0	XXE Injection		View or Download	UNDERCODE	2025-02-07
Windows	Secure Kernel Mode	Elevation of Privilege	High	View or Download	UNDERCODE	2025-02-07
Microsoft Edge	Chromium-based	UI Misrepresentation	Medium	View or Download	UNDERCODE	2025-02-07
@rpldy/uploader	1.8.1	Prototype Pollution	High	View or Download	UNDERCODE	2025-02-06
Firefox	< 135	Memory Corruption	Critical	View or Download	UNDERCODE	2025-02-06
Thunderbird	< 128.7	Code Execution	Medium	View or Download	UNDERCODE	2025-02-06
Firefox	< 135	Memory Corruption	Critical	View or Download	UNDERCODE	2025-02-06
Firefox	<135	Certificate Validation	Critical	View or Download	UNDERCODE	2025-02-06
Firefox	<135	Use-After-Free	Critical	View or Download	UNDERCODE	2025-02-06
Firefox	< 135, < 115.20, < 128.7	Use-After-Free	Critical	View or Download	UNDERCODE	2025-02-06
Thunderbird	< 128.7, < 135	Incorrect sender address	Medium	View or Download	UNDERCODE	2025-02-06
WhoDB	N/A	Parameter Injection		View or Download	UNDERCODE	2025-02-06
WhoDB	N/A	Path Traversal	Critical	View or Download	UNDERCODE	2025-02-06
MDC (Nuxt-Modules)	Latest	XSS	Critical	View or Download	UNDERCODE	2025-02-06
rtmpdump	abandoned	multiple	critical	View or Download	UNDERCODE	2025-02-06
7-Zip	N/A	MotW Bypass		View or Download	UNDERCODE	2025-02-06
Microsoft Outlook	Multiple	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-02-06
Plenti	V8GO (V8 11.1.278)	Remote Code Execution	Critical	View or Download	UNDERCODE	2023-01-25
MobSF	< 4.3.1	DoS		View or Download	UNDERCODE	2025-02-05
Contrast	v1.4.1	Seed verification	Critical	View or Download	UNDERCODE	2025-02-05
.NET and Visual Studio	N/A	Remote Code Execution	High	View or Download	UNDERCODE	2025-02-05
MobSF	< 4.3.1	Stored XSS		View or Download	UNDERCODE	2025-02-05
Microsoft Power Automate	-	Remote Code Execution	High	View or Download	UNDERCODE	2025-02-05
CKAN	2.10.7, 2.11.2	Arbitrary File Upload		View or Download	UNDERCODE	2025-02-05
GeoTools	31.1, 30.3, 30.2, 29.2, 28.2, 27.5, 27.4, 26.7, 26.4, 25.2, 24.0	RCE		View or Download	UNDERCODE	2025-02-05
Marblerun	v1.7.0	Impersonation		View or Download	UNDERCODE	2025-02-04
WordPress	2.0.4	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-04
wasmvm	1.5.8, 2.0.6, 2.1.5, 2.2.2	Block production slowdown		View or Download	UNDERCODE	2025-02-04
PRTG Network Monitor	<18.2.40.1683	Local File Inclusion	Critical	View or Download	UNDERCODE	2025-02-04
Linux	Kernel	Null-ptr-deref	Critical	View or Download	UNDERCODE	2025-02-03
Linux Kernel	32-bit	Truncation Error	Critical	View or Download	UNDERCODE	2025-02-03
SecMem	-	Out of Bounds Write	Critical	View or Download	UNDERCODE	2025-02-03
Modem	-	Out-of-bounds write	Critical	View or Download	UNDERCODE	2025-02-03
WLAN AP Driver	N/A	Out-of-Bounds Write	Critical	View or Download	UNDERCODE	2025-02-03
Network Hardware	-	Denial of Service	Critical	View or Download	UNDERCODE	2025-02-03
TShock	Latest	Ban Bypass	Critical	View or Download	UNDERCODE	2025-02-03
CometBFT	v0.38.16, v1.0.0	Blocksync Disruption	Medium	View or Download	UNDERCODE	2025-02-03
WordPress	3.0.1	SQL Injection	Critical	View or Download	UNDERCODE	2025-01-31
WordPress	2.7.2.1	Stored XSS	Critical	View or Download	UNDERCODE	2025-01-31
Wildfly	27.0.1.Final	RBAC bypass		View or Download	UNDERCODE	2025-01-31
iPadOS	17.7.4, 2.3, 18.3, Sequoia 15.3, 11.3	Fingerprinting		View or Download	UNDERCODE	2025-01-31
JetBrains YouTrack	<2024.3.55417	Token Exposure	Critical	View or Download	UNDERCODE	2025-01-30
JetBrains TeamCity	<2024.12.1	Unauthorized decryption	Critical	View or Download	UNDERCODE	2025-01-30
macOS, iOS, iPadOS	15.3, 18.3	Privacy	Medium	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3, Sonoma 14.7.3	File Parsing	Critical	View or Download	UNDERCODE	2025-01-30
iOS	18.3	Symlink Handling	Critical	View or Download	UNDERCODE	2025-01-30
Apple	macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3, iPadOS 18.3	Privilege Escalation	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Race condition	Critical	View or Download	UNDERCODE	2025-01-30
Apple	Multiple	Memory Handling	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3	Data access	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3	Buffer Overflow	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3	Memory Corruption	Critical	View or Download	UNDERCODE	2025-01-30
WordPress	3.7.8	DOM-Based XSS	Critical	View or Download	UNDERCODE	2025-01-30
DevDojo Voyager	1.8.0	Path Traversal	High	View or Download	UNDERCODE	2025-01-30
Kubewarden	1.21.0	PolicyReport Manipulation		View or Download	UNDERCODE	2025-01-30
fast-fault	Unpatched	Segmentation Fault	Moderate	View or Download	UNDERCODE	2025-01-30
Apache Hive	<4.0.0	Timing Discrepancy	Moderate	View or Download	UNDERCODE	2025-01-28
Microsoft	Secure Boot	Bypass	Medium	View or Download	UNDERCODE	2025-01-27
Windows	COM Server	Information Disclosure	Medium	View or Download	UNDERCODE	2025-01-27
Active Directory	Federation Server	Spoofing	Medium	View or Download	UNDERCODE	2025-01-27
Windows	Connected Devices Platform Service	Denial of Service	High	View or Download	UNDERCODE	2025-01-27
Microsoft	Secure Boot	Bypass	Medium	View or Download	UNDERCODE	2025-01-27
Microsoft	Secure Boot	Bypass	Medium	View or Download	UNDERCODE	2025-01-27
Visual Studio	N/A	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-27
Apache Cocoon	All versions	Incorrect PRNG Seed Usage	Low	View or Download	UNDERCODE	2025-01-27
Windows	Telephony Service	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-24
Windows	Telephony Service	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-24
WordPress	1.8.96	PHP Object Injection	Critical	View or Download	UNDERCODE	2025-01-24
Maven	N/A	Credential Leak	Critical	View or Download	UNDERCODE	2025-01-24
HL7/fhir-ig-publisher	1.7.4	XXE	High	View or Download	UNDERCODE	2025-01-24
Directus	Not specified	XSS	Critical	View or Download	UNDERCODE	2025-01-23
asteval	N/A	Code Execution		View or Download	UNDERCODE	2025-01-23
Silverpeas Core		XSS		View or Download	UNDERCODE	2025-01-23
Jenkins	<=1.6	Missing checks	Moderate	View or Download	UNDERCODE	2025-01-22
Jenkins	2.8.0-2.10.2	Cache Confusion	Moderate	View or Download	UNDERCODE	2025-01-22
Keycloak	<= 26.1.0	Authentication Bypass	Moderate	View or Download	UNDERCODE	2025-01-22
Cilium	v1.14-v1.16	DoS	Critical	View or Download	UNDERCODE	2025-01-22
Windows	Digital Media	Elevation of Privilege	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
Microsoft	-	Security Feature Bypass	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Digital Media	Elevation of Privilege	Medium	View or Download	UNDERCODE	2025-01-22
Microsoft	-	Security Feature Bypass	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
Internet Explorer	N/A	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
gix-worktree-state	Affected versions	Permission bypass	Critical	View or Download	UNDERCODE	2025-01-22
MathLive	N/A	XSS	Critical	View or Download	UNDERCODE	2025-01-22
CodeChecker	v6.58	CSRF		View or Download	UNDERCODE	2025-01-22
YesWiki	<= 4.4.5	DOM-Based XSS	Critical	View or Download	UNDERCODE	2025-01-22
YesWiki	<= 4.4.5	Arbitrary File Deletion	Critical	View or Download	UNDERCODE	2025-01-22
YesWiki	4.4.5	Stored XSS	Critical	View or Download	UNDERCODE	2025-01-22
DuckDB	Pre-fix	Unauthorized Access		View or Download	UNDERCODE	2025-01-22
Buildah	1.38.0-1.38.1	Build breakout	High	View or Download	UNDERCODE	2025-01-20
Node.js	4.5.0-5.28.5	Randomness	Moderate	View or Download	UNDERCODE	2025-01-22
compose-go	v2.10-v2.4.0	Resource Consumption		View or Download	UNDERCODE	2025-01-22
Fedify	N/A	Webfinger Mechanism	Critical	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Out-of-bounds write	High	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Heap-based Buffer Overflow	High	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Out-of-bounds write	High	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Heap-based Buffer Overflow	High	View or Download	UNDERCODE	2025-01-21
Zot	-	Authorization		View or Download	UNDERCODE	2025-01-17
AWS CDK	v2.177.0	Bypass TLS Verification		View or Download	UNDERCODE	2025-02-22
Microsoft AutoUpdate	N/A	Elevation of Privilege	High	View or Download	UNDERCODE	2025-01-17
Substance3D Stager	3.0.4	Heap-based Buffer Overflow	High	View or Download	UNDERCODE	2025-01-17
Substance3D Stager	3.0.4	Out-of-bounds write		View or Download	UNDERCODE	2025-01-17
Substance3D Stager	3.0.4	Out-of-bounds write		View or Download	UNDERCODE	2025-01-17
Windows	VBS Enclave	Privilege Escalation	Critical	View or Download	UNDERCODE	2025-01-17
WordPress	2.10.43	Stored XSS	Critical	View or Download	UNDERCODE	2025-01-16
Google Chrome	<132.0.6834.83	Out of bounds read	High	View or Download	UNDERCODE	2025-01-16
matrix-media-repo	<1.3.5	Unauthenticated writes	Moderate	View or Download	UNDERCODE	2025-01-16
HAL Console	< 3.7.7.Final	XSS	Moderate	View or Download	UNDERCODE	2025-01-16
Windows Hyper-V	NT Kernel Integration VSP	Elevation of Privilege	High	View or Download	UNDERCODE	2025-01-15
SP1	v4.0.0	Validation Missing	Critical	View or Download	UNDERCODE	2025-01-15
Zoom	N/A	Leaked Meeting Links	Medium	View or Download	UNDERCODE	2025-01-15
Lodestar	Unstable	Decoding Failure	Critical	View or Download	UNDERCODE	2025-01-14
Lodestar	Unstable	Checksum Verification	Critical	View or Download	UNDERCODE	2025-01-14
.NET	8.0, 9.0	Remote Code Execution		View or Download	UNDERCODE	2025-01-14
Windows Hyper-V	unknown	Elevation of Privilege	High	View or Download	UNDERCODE	2025-01-14
Ivanti	9.1-22.7	Unauthorized Access	Critical	View or Download	UNDERCODE	2025-01-14
Swift ASN.1	GitHub Reviewed	Parsing Crash	Low	View or Download	UNDERCODE	2025-01-14
Vyper	0.3.10, 0.4.0	Precompile Success Flag	Medium	View or Download	UNDERCODE	2025-01-14
XWiki	15.10.9+, 16.2.0+	Script Execution	Critical	View or Download	UNDERCODE	2025-01-14
TYPO3	11.5.42 ELTS	CSRF		View or Download	UNDERCODE	2025-01-14
Jte	<= 3.1.15	XSS	Critical	View or Download	UNDERCODE	2025-01-13
Jte	<= 3.1.15	XSS		View or Download	UNDERCODE	2025-01-13
Keycloak	< 26.0.8	Environment Variable Exposure	Moderate	View or Download	UNDERCODE	2025-01-13
notation-go	N/A	CRL Cache Handling		View or Download	UNDERCODE	2025-01-13
Microweber	2.0.9	XSS	Moderate	View or Download	UNDERCODE	2025-01-13
Privileged Remote Access	3.1	Command Injection		View or Download	UNDERCODE	2025-01-13
Qlik Sense Enterprise	Pre-August 2023 Patch 2	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-01-13
Code-projects	1.0	SQL Injection		View or Download	UNDERCODE	2025-01-10
Travel Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-01-10
Vaultwarden	v1.32.5	Reflected XSS	Low	View or Download	UNDERCODE	2025-01-09
GitHub	v0.5.0-v0.5.21	JWK Set Cache	Critical	View or Download	UNDERCODE	2025-01-09
Ivanti	22.7R2.5	Buffer Overflow	Critical	View or Download	UNDERCODE	2025-01-08
Mitel MiCollab	9.8 SP2	Local File Read		View or Download	UNDERCODE	2025-01-07
Oracle WebLogic Server	10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-01-07
Deno	Latest	Authorization header leak	Critical	View or Download	UNDERCODE	2025-01-06
NiceGUI	-	Authentication Bypass	High	View or Download	UNDERCODE	2025-01-06
go-git	<v5.13	DoS	High	View or Download	UNDERCODE	2025-01-06
go-git	v4 to v5.12	Argument Injection	Low	View or Download	UNDERCODE	2025-01-06
Phpspreadsheet	3.6.0	XSS	Medium	View or Download	UNDERCODE	2025-01-03
Phpspreadsheet	3.6.0	XSS		View or Download	UNDERCODE	2025-01-03
Phpspreadsheet	3.6.0	XSS	Critical	View or Download	UNDERCODE	2024-12-19
Trix editor	versions prior to 2.1.11	XSS	Critical	View or Download	UNDERCODE	2025-01-03
phpMyFAQ		HTML Injection	Critical	View or Download	UNDERCODE	2025-01-02
Narayana				View or Download	UNDERCODE	2025-01-02
Google Chrome	iOS prior to 131.0.6778.69	Insufficient policy enforcement in Navigation		View or Download	UNDERCODE	2024-11-12
Google Chrome	prior to 131.0.6778.69		Medium	View or Download	UNDERCODE	2025-01-02
Letta (formerly MemGPT)	v0.3.17	Incorrect Access Control	High	View or Download	UNDERCODE	2025-01-02
Chrome	Prior to 129.0.6668.100	DetailDescriptionType Confusion	High	View or Download	UNDERCODE	2024-10-08
	Versions before 129.0.6668.100	DetailDescriptionType Confusion		View or Download	UNDERCODE	2024-10-08
Google Chrome	N/A	Insufficient data validation	Medium	View or Download	UNDERCODE	2025-01-02
Google Chrome	Before 126.0.6478.54	Inappropriate implementation in V8	Low	View or Download	UNDERCODE	2025-01-02
GLPI	10.0.8 to before 10.0.13 (when debug mode is enabled)	Reflected XSS (Cross-Site Scripting)	Medium (CVSS score: 5.3)	View or Download	UNDERCODE	2025-01-02
GLPI	All versions before 10.0.13	SQL Injection	Critical	View or Download	UNDERCODE	2025-01-02
GLPI	Before 10.0.13	Arbitrary Object Instantiation	Medium	View or Download	UNDERCODE	2024-03-18
Google Chrome	iOS versions prior to 130.0.6723.58	Use after free		View or Download	UNDERCODE	2025-01-02
Google Chrome	Prior to 130.0.6723.58	Use after free	Medium	View or Download	UNDERCODE	2025-01-02
		Type Confusion (CVE-2024-9859)	High	View or Download	UNDERCODE	2025-01-02
Linux Kernel	All	Improper Handling of Unknown Packet Types	Low (Note: Severity ratings are subjective and may vary depending on the source)	View or Download	UNDERCODE	2024-05-19
SourceCodester FAQ Management System	1.0	Cross-site scripting (XSS)		View or Download	UNDERCODE	2024-12-31
EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress	up to, and including, 3.9.8	Stored Cross-Site Scripting (XSS)		View or Download	UNDERCODE	2024-12-31
DetailDescriptionRecipes	1.5.10	SSRF	Not mentioned	View or Download	UNDERCODE	2024-12-31
Wordpress plugin	up to 3.9.8	Stored Cross-Site Scripting (XSS)		View or Download	UNDERCODE	2024-12-31
		Improper Error Handling		View or Download	UNDERCODE	2024-12-31
WordPress	Up to 4.4.2	SQL Injection	N/A	View or Download	UNDERCODE	2024-02-13
			Medium (CVSS Score: 4.3)	View or Download	UNDERCODE	2024-12-31
WordPress RSS Aggregator by Feedzy Plugin	Up to 4.4.2	Unauthorized modification of data	Critical	View or Download	UNDERCODE	2024-12-31
Apache Superset	N/A	Improper validation of SQL statements	Medium	View or Download	UNDERCODE	2024-02-28
Kirby CMS	Not applicable	Arbitrary JavaScript Code Execution	Medium	View or Download	UNDERCODE	2024-12-31
TemmokuMVC	Up to 2.3	Deserialization	Critical	View or Download	UNDERCODE	2024-12-31
Focus for iOS	< 12.3	Universal Cross-Site Scripting (UXSS)		View or Download	UNDERCODE	2024-02-22
Suite CRM	7.14.2	Local File Inclusion (LFI)		View or Download	UNDERCODE	2024-12-31
Linux Kernel		NULL Pointer Dereference	Medium	View or Download	UNDERCODE	2024-12-30
Linux Kernel	All	Memory Leak	Medium	View or Download	UNDERCODE	2024-12-30
Linux kernel	6.9.0-rc2-custom-00781-gd5ab772d32f7	Use-after-free		View or Download	UNDERCODE	2024-12-30
Linux kernel		Double free		View or Download	UNDERCODE	2024-12-30
Linux Kernel		Null Pointer Dereference	Low	View or Download	UNDERCODE	2024-12-30
Linux Kernel	All versions before the fix	Use-after-Free (UAF) in cifs_stats_proc_write()	High (CVSS score not available)	View or Download	UNDERCODE	2024-12-30
Linux kernel	All versions before the fix	Null pointer dereference	Medium (尚未評估)	View or Download	UNDERCODE	2024-12-30
Linux kernel		Double free		View or Download	UNDERCODE	2024-12-30
Linux Kernel	Not specified	mptcp: prevent BPF accessing lowat from a subflow socket (CVE-2024-35894)	Medium	View or Download	UNDERCODE	2024-12-30
Linux Kernel		Use-After-Free (UAF)	Critical	View or Download	UNDERCODE	2024-12-30
Linux Kernel	All	NULL-pointer dereference	Low	View or Download	UNDERCODE	2024-05-17
		netfilter: validate user input for expected length		View or Download	UNDERCODE	2024-12-30
Rust	Not Specified	Use of Insecure Cryptographic Algorithms	Low	View or Download	UNDERCODE	2024-12-30
LGSL	6.2.1	Reflected XSS	Moderate	View or Download	UNDERCODE	2024-12-30
Password Pusher	All versions	Session Hijacking	Critical	View or Download	UNDERCODE	2024-12-30
Stripe	Not mentioned	Insecure Direct Object Reference (IDOR)	High	View or Download	UNDERCODE	2024-12-30
Linux Kernel		Use After Free (UAF)		View or Download	UNDERCODE	2024-12-30
Linux Kernel		Use-After-Free (UAF)	Low (CVSS: 3.1)	View or Download	UNDERCODE	2024-12-30
Adobe ColdFusion	2023.6, 2021.12 and earlier	Improper Access Control	Critical (CVSS score: 7.5)	View or Download	UNDERCODE	2024-12-30
			Critical (CVSS score: 9.8)	View or Download	UNDERCODE	2024-12-30
Apple Safari, iOS, iPadOS, macOS, and visionOS		Code Execution	Critical (CVSS score: 8.8)	View or Download	UNDERCODE	2024-12-30
Oracle Agile PLM Framework	9.3.6	Unauthenticated Remote File Disclosure	High (CVSS: 7.5)	View or Download	UNDERCODE	2024-12-30
TCPDF	< 6.8.0	Incorrect Comparison	Moderate	View or Download	UNDERCODE	2024-12-27
GStreamer	N/A	Stack-based buffer overflow	Critical	View or Download	UNDERCODE	2024-12-27
TCPDF	< 6.8.0	Missing Certificate Validation		View or Download	UNDERCODE	2024-12-27
SONiC		Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Windows	N/A	Elevation of Privilege	HIGH	View or Download	UNDERCODE	2024-12-27
			Unknown	View or Download	UNDERCODE	2024-12-27
Visual Studio Code		Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Windows	Not Mentioned	Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Quincy		DHCP design flaw (CVE-2024-3661)	Moderate	View or Download	UNDERCODE	2024-12-27
python-sql	(Not specified)	SQL Injection	Moderate	View or Download	UNDERCODE	2024-12-27
Windows Kernel	Not specified	Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Windows Kernel	Not mentioned	Information Disclosure	MEDIUM	View or Download	UNDERCODE	2024-12-27
Skype for Consumer	Not specified	Remote Code Execution		View or Download	UNDERCODE	2024-12-27
Microsoft QUIC	Not Mentioned	Denial of Service		View or Download	UNDERCODE	2024-12-27
Windows 11	-	Tampering	Medium (CVSS score: 6.5)	View or Download	UNDERCODE	2024-12-27
Windows Kernel	(not mentioned in the article)	Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
lgsl	(Specific version if available)	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-12-26
	2.1.4	SQL injection		View or Download	UNDERCODE	2024-12-26
Amazon Redshift JDBC Driver	2.1.0.31	SQL injection		View or Download	UNDERCODE	2024-12-26
Apache HugeGraph-Server	1.0.0 to 1.4.9	Authentication Bypass	Moderate	View or Download	UNDERCODE	2024-12-26
Marp Core	>= 3.0.2, <= 3.9.0, = 4.0.0	Cross-Site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-26
Apache Hive, Spark	1.2.0 (Hive), 2.0.0 (Spark)	CookieSigner Signature Exposure	High	View or Download	UNDERCODE	2024-12-23
	All versions before 0.13.1 or 0.14.0+dev	Unintended Git options ignored for creating tags		View or Download	UNDERCODE	2024-12-23
WildFly	< 3.7.7.Final	Cross-site scripting (XSS)		View or Download	UNDERCODE	2024-12-23
Solana SPL Token Swap	Not specified	Unsound `u8` type casting	Moderate	View or Download	UNDERCODE	2024-12-23
KVM	0.1.0 - 0.19.0	Undefined Behavior	Moderate	View or Download	UNDERCODE	2024-12-23
PHP	>= 1.0.12, < 1.1.13	Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-23
Jinja	(Not specified in the provided article)	Sandbox Breakout	Moderate	View or Download	UNDERCODE	2024-12-23
		Symlink Editing Vulnerability		View or Download	UNDERCODE	2024-12-23
Gogs	< 0.13.1	Arbitrary File Write	Critical	View or Download	UNDERCODE	2024-12-23
Acclaim USAHERDS	7.4.0.1 and below	Hardcoded Credentials	Critical	View or Download	UNDERCODE	2024-12-23
Piranha CMS	11.1	Cross-site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-12-20
Piranha CMS	11.1	Stored Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-20
Oqtane Framework	6.0.0	Incorrect Access Control	High	View or Download	UNDERCODE	2024-12-20
Uptime Kuma	(unknown)	Improper URL Handling (LFI)	Critical	View or Download	UNDERCODE	2024-12-20
SocialStream	Affected versions prior to v6.2	Account Takeover	High	View or Download	UNDERCODE	2024-12-20
Spring Framework	Affected versions are not yet specified.	Path Traversal	High	View or Download	UNDERCODE	2024-12-19
QOS.CH logback-core	Up to and including 1.5.12	Expression Language Injection	Moderate	View or Download	UNDERCODE	2024-12-19
QOS.ch logback-core	1.5.12 (and earlier)	Server-Side Request Forgery (SSRF)	Low	View or Download	UNDERCODE	2024-12-19
OpenShift Dedicated	All versions before 0.0.0-20240604173837-d1557bc283dd (patched)	Improper Input Validation (Snyk-GOLANG-GITHUBCOMOPENSHIFTMUSTGATHEROPERATORCONTROLLERSMUSTGATHER-7278175)	High	View or Download	UNDERCODE	2024-12-19
WhoDB	All versions up to v0.43.0	Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2024-12-19
Astro		Source Map Disclosure	Low	View or Download	UNDERCODE	2024-12-19
openCart	4.0.2.3	Server-Side Template Injection (SSTI)	Moderate	View or Download	UNDERCODE	2024-12-18
golang.org/x/net/html	Unaffected versions not yet disclosed	Non-linear parsing of case-insensitive content	Critical	View or Download	UNDERCODE	2024-12-18
Craft CMS	< 5.5.2 and < 4.13.2	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-18
Apache Kafka	0.10.2.0 - 3.9.0 (excluding fixed versions)	Incorrect Implementation of Authentication Algorithm	Low (Exploitable only in plaintext scenarios)	View or Download	UNDERCODE	2024-12-18
TShock	Affected versions prior to 5.2.1	Security Escalation	High	View or Download	UNDERCODE	2024-12-18
Age	Affected versions	Arbitrary Code Execution	Moderate	View or Download	UNDERCODE	2024-12-18
Rage	0.6.0, 0.7.0-0.7.1, 0.8.0-0.8.1, 0.9.0-0.9.2, 0.10.0, 0.11.0	Arbitrary Code Execution	Moderate	View or Download	UNDERCODE	2024-12-18
Bun	< 1.1.30	Prototype Pollution	Moderate	View or Download	UNDERCODE	2024-12-18
Laravel Filemanager	< 2.9.1	Remote Code Execution (RCE)	High	View or Download	UNDERCODE	2024-12-18
hd-wallet crate	v0.4.x (vulnerable), v0.6.0 (patched)	Infinite loop in Slip10-like derivation for curves other than secp256k1 and secp256r1	Low	View or Download	UNDERCODE	2024-12-18
Spatie Browsershot	< 5.0.2	Directory Traversal	High	View or Download	UNDERCODE	2024-12-18
jsii		Prototype Pollution		View or Download	UNDERCODE	2024-12-18
		Cleartext Transmission of Sensitive Information	Moderate	View or Download	UNDERCODE	2024-12-18
Reolink devices (RLC-410W, C1 Pro, C2 Pro, RLC-422W, RLC-511W)	Up to 1.0.227	Command Injection	Critical	View or Download	UNDERCODE	2024-12-18
Reolink RLC-410W	v3.0.0.136_20121102	Command Injection	CRITICAL	View or Download	UNDERCODE	2021-12-22
NUUO NVRmini2	Up to 3.11	Unauthenticated Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-18
Astro	Not specified (versions before 6031962ab5f56457de986eb82bd24807e926ba1b)	CSRF Protection Bypass	Low	View or Download	UNDERCODE	2024-12-18
Apache Tomcat	11.0.0-M1 through 11.0.1, 10.1.0-M1 through 10.1.33, 9.0.0.M1 through 9.0.97	Uncontrolled Resource Consumption	Moderate	View or Download	UNDERCODE	2024-12-17
Traefik	Affected versions are not explicitly specified.	Improper handling of HTTP/3 connections	Moderate	View or Download	UNDERCODE	2024-12-17
Cleo Harmony, VLTrader, LexiCom	Before 5.8.0.24	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2023-11-14
Next.js	All versions before 14.2.15 (vulnerable)	Authorization Bypass	High	View or Download	UNDERCODE	2024-12-17
TOTOLINK X5000R	V.9.1.0u.6369_B20230113	Denial of Service (DoS)	Critical (CVSS 3.x not available)	View or Download	UNDERCODE	2024-12-16
TOTOLINK X6000R	V9.4.0cu.1041_B20240224	Unrestricted File Upload (Uci_Set Str function without strict parameter filtering)		View or Download	UNDERCODE	2024-12-16
TOTOLink Router	X5000R V9.1.0u.6118-B20201102, A7000R V9.1.0u.6115-B20201022	Buffer Overflow	Critical	View or Download	UNDERCODE	2024-12-16
Totolink X6000R	9.4.0cu.852_20230719	OS Command Injection (CVE-2024-2353)	Critical	View or Download	UNDERCODE	2024-12-16
NetApp SnapCenter	4.8 and earlier	Improper Authorization (CVE-2024-21987)	Not yet analyzed (awaiting analysis)	View or Download	UNDERCODE	2024-12-16
Oracle Java SE, GraalVM Enterprise Edition	8u411, 8u411-perf, 11.0.23 (Java SE), 20.3.14, 21.3.10 (GraalVM)	Partial DoS	Low (CVSS score: 3.7)	View or Download	UNDERCODE	2024-12-16
OpenHarmony	Up to v3.2.4 (inclusive)	Insecure Storage of Sensitive Information	Medium (CVSS v3.1 score: 4.3)	View or Download	UNDERCODE	2024-12-16
Android	Android 12.0, 12.1, 13.0, 14.0 (potentially others)	Privilege Escalation (Carrier Restriction Bypass)	Critical (CVSS score not provided)	View or Download	UNDERCODE	2024-12-16
Android	12.0, 12.1, 13.0, 14.0 (potentially other versions as well)	Heap Buffer Overflow (CVE-2024-0051)	Critical	View or Download	UNDERCODE	2024-12-16
Android	12, 12L, 13, 14	Heap Buffer Overflow (CVE-2024-0049)	High	View or Download	UNDERCODE	2024-12-16
Android	12, 12L, 13, 14	Privilege Escalation (CVE-2024-0048)	High	View or Download	UNDERCODE	2024-12-16
Apache HugeGraph-Server	1.0.0 to 1.2.1 (Java 8 or Java 11)	Remote Code Execution (RCE)		View or Download	UNDERCODE	2024-12-16
Concrete CMS	Prior to 9.2.8 and 8.5.16	Stored XSS in the Search Field	Low (CVSS v3 score: 3.1)	View or Download	UNDERCODE	2024-12-16
Concrete CMS	9.0.0 - 9.3.2 (Versions below 9 are not affected)	Stored XSS	Medium (CVSS v3 score: 3.1, CVSS v4 score: 1.8)	View or Download	UNDERCODE	2024-12-16
Concrete CMS	Below 9.2.8 and 8.5.16	Stored XSS	Medium (CVSS v3.1 score: 3.1)	View or Download	UNDERCODE	2024-12-16
Mattermost	10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12	Data Amplification (DoS)	Moderate	View or Download	UNDERCODE	2024-12-16
Cosmos SDK	Not Applicable (multiple versions affected)	Stack Overflow (ASA-2024-0012), Resource Exhaustion (ASA-2024-0013)	High	View or Download	UNDERCODE	2024-12-16
ColdFusion	2023.6, 2021.12 and earlier	Improper Access Control	HIGH (CVSS: 7.4)	View or Download	UNDERCODE	2024-12-16
Windows	All versions (affected versions not specified)	Elevation of Privilege in Kernel-Mode Drivers	Critical (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-16
D-Tale	< 3.16.1	Remote Code Execution	Moderate	View or Download	UNDERCODE	2024-12-13
FHIR/Ucum-java	1.0.8 and below	XXE	Critical	View or Download	UNDERCODE	2024-12-13
Browsershot	< 5.0.1	Local File Inclusion	High	View or Download	UNDERCODE	2024-12-13
phpMyFAQ	All versions before 3.2.10	Unrestricted File Download	Critical	View or Download	UNDERCODE	2024-12-13
Cleo Harmony, VLTrader, LexiCom	Before 5.8.0.21	Unrestricted File Upload/Download	Critical	View or Download	UNDERCODE	2024-12-13
Adobe Framemaker	2020.7, 2022.5 and earlier	Stack-based Buffer Overflow (CVE-2024-53959)	Critical (CVSS: 7.8)	View or Download	UNDERCODE	2024-12-13
Adobe Substance 3D Modeler	1.14.1 and earlier	Out-of-Bounds Write (CWE-787)	Critical (CVSS 3.1 base score: 7.8)	View or Download	UNDERCODE	2024-12-12
F5 BIG-IP (Advanced WAF/ASM)	All versions before 17.1.1 (17.x) are vulnerable. No fix available for 15.x and 16.x versions.	Request Body Handling vulnerability (CVE-2024-23308)	High (CVSS score: 7.5)	View or Download	UNDERCODE	2024-12-12
Cache Systems	N/A	MD5 Collision Vulnerability	Critical	View or Download	UNDERCODE	2024-12-12
python-libarchive	Up to 4.2.1	Directory Traversal	High	View or Download	UNDERCODE	2024-12-12
XWiki	All versions between 2.3 and 15.10.8 (excluding 15.10.9) and between 16.0.0-rc-1 and 16.2.9 (excluding 16.3.0)	Remote Code Execution (RCE) via XWiki.ConfigurableClass object	Critical	View or Download	UNDERCODE	2024-12-12
XWiki	All versions between 9.7-rc-1 and 16.5.0 (excluding patched versions)	Remote Code Execution (RCE) through Macro Descriptions (CVE-ID not yet assigned)	Critical	View or Download	UNDERCODE	2024-12-12
XWiki	XWiki versions 1.2-milestone-2 to 15.10.8 and 16.0.0-rc-1 to 16.2.9 are affected.	Unauthorized execution of scheduled operations	Moderate	View or Download	UNDERCODE	2024-12-12
Apache Superset	Before 4.1.0	SQL Injection	High	View or Download	UNDERCODE	2024-12-12
ryanbekhen/nanoproxy	Not specified	Outdated golang.org/x/crypto dependency	High	View or Download	UNDERCODE	2024-12-12
		Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0	SQL Injection (CVE-2024-12487)	Critical	View or Download	UNDERCODE	2024-12-12
Apache Fineract	< 1.8.5	SQL Injection	CRITICAL	View or Download	UNDERCODE	2024-12-12
Tenda AC10U Router	15.03.06.48	Stack-Based Buffer Overflow (CVE-2024-2764)	Critical	View or Download	UNDERCODE	2024-12-12
Codezips Technical Discussion Forum	1.0	SQL Injection (CVE-2024-12484)	Critical	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0 (specifically vulnerable)	SQL Injection (CWE-74, CWE-89)	Critical (CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)	View or Download	UNDERCODE	2024-12-12
macOS Sonoma	All versions before 14.7.1	File System Modification (CVE-2024-44301)	Critical	View or Download	UNDERCODE	2024-12-12
WordPress	Gutenberg Blocks by Kadence Blocks plugin up to 3.2.23	Stored XSS (Cross-Site Scripting)	Critical	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0	SQL Injection	Critical (CVSS v3: MEDIUM)	View or Download	UNDERCODE	2024-12-12
GitLab CE/EE	12.5 before 16.9.6, 16.10 before 16.10.4, 16.11 before 16.11.1	Unauthenticated ReDoS in FileFinder with crafted wildcard filters	High (CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0	SQL Injection		View or Download	UNDERCODE	2024-12-12
Apache Fineract	< 1.8.5	SQL Injection (CVE-2024-23539)	HIGH	View or Download	UNDERCODE	2024-12-12
Qualcomm Windows WLAN Host	Not specified	Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-43053)	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-12-12
Apple iOS	Not specified (all versions before 17.7 and 18)	Unexpected App Termination	Critical (An attacker can exploit the vulnerability to crash applications)	View or Download	UNDERCODE	2024-12-12
macOS	Not specified (all versions before 14.7 and 15 are potentially vulnerable)	Out-of-bounds write	Critical (CVSS details not available yet)	View or Download	UNDERCODE	2024-12-12
macOS, iOS, iPadOS	All versions before macOS Ventura 13.7, iOS 17.7/iPadOS 17.7, visionOS 2, iOS 18/iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15 (inclusive)	Race condition in archive unpacking (CVE-2024-27876)	Critical (CVSS v3 score likely high)	View or Download	UNDERCODE	2024-12-12
Linux	Not specified	Out-of-bounds memory access	CVSS information is not yet available in the public record.	View or Download	UNDERCODE	2024-12-12
Linux Kernel	Not specified	Integer Overflow in pagemap_scan_get_args()	Moderate (CVSS score: 5.5)	View or Download	UNDERCODE	2024-12-12
rahman SelectCours 1.0 (Template Handler component)	Not specified	Template Injection (CVE-2024-2064)	Critical	View or Download	UNDERCODE	2024-12-12
Synack Target	All	SQLi Blind Time-Based	Medium	View or Download + Steps to reproduce	DailyCve.com	12-12-2024
golangorg/x/crypto/ssh	before v0.31.0, partially mitigated in v0.31.0	Authorization Bypass via Misused ServerConfig.PublicKeyCallback	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified (all versions before the fix)	Memory Leak (due to missing kfree_skb())	Low (addressed in kernel updates)	View or Download	UNDERCODE	2024-12-11
GitLab CE/EE	All versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1	Uncontrolled Resource Consumption (DoS)	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not listed (all potentially affected)	A memory leak vulnerability exists in the Linux	Medium (CVSS v3 base score not available yet)	View or Download	UNDERCODE	2024-12-11
macOS Sonoma	All versions before 14.6	Buffer Overflow (CVSS: High)	Critical	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not listed (all versions before the fix are assumed vulnerable)	Memory Leak (vsock sk_error_queue)	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-11
kcp	Affected versions are prior to 0.26.1.	Impersonation vulnerability	Critical	View or Download	UNDERCODE	2023-11-28
SiYuan	<= 0.0.0-20241210012039-5129ad926a21	Server-Side Template Injection (SSTI)	Moderate	View or Download	UNDERCODE	2024-12-11
SiYuan	<= 0.0.0-20241210012039-5129ad926a21	Arbitrary File Read	High	View or Download	UNDERCODE	2024-12-11
SiYuan	<= 0.0.0-20241210012039-5129ad926a21	Arbitrary File Write	High	View or Download	UNDERCODE	2024-12-11
Apple iOS, iPadOS, tvOS, and visionOS	Unaffected versions not listed (Update to the latest version is recommended)	Kernel Memory Corruption (CVE-2024-44277)	Critical	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified (all versions potentially affected)	Bluetooth handle release issue	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-11
		Downgrade		View or Download	UNDERCODE	2024-12-11
Apple Products (iOS, iPadOS, macOS, watchOS, visionOS)	Unaffected versions not listed (all prior versions potentially vulnerable)	Information Disclosure (CVE-2024-44278)	Critical	View or Download	UNDERCODE	2024-12-11
JFinalCMS	1.0	Server-Side Template Injection		View or Download	UNDERCODE	2024-12-11
Liferay Digital Experience Platform	Up to 7.4.3.15	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-11
Kashipara E-learning Management System	v1.0		Critical	View or Download	UNDERCODE	2024-12-11
Liferay Portal, Liferay DXP	7.2.0 through 7.4.3.12 (Portal), all versions before update 9 (DXP 7.4), all versions before service pack 3 (DXP 7.3), all versions before fix pack 19 (DXP 7.2), and older unsupported versions.	Open Redirect (CVE-2024-25609)	Critical (CVSS: 6.1)	View or Download	UNDERCODE	2024-12-11
macOS	Not specified (potentially all versions before Ventura 13.7.1 and Sonoma 14.7.1)	PackageKit flaw allowing modification of protected file system areas (CVE-2024-44275)	Unknown (awaiting analysis)	View or Download	UNDERCODE	2024-12-11
Kashipara E-learning Management System	v1.0	SQL Injection	Critical (CVSS score unavailable)	View or Download	UNDERCODE	2024-12-11
JFinalCMS	1.0	Cross-Site Request Forgery (CSRF)	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Undefined Behavior due to stack usage	Low (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Bluetooth handle overflow (CVE-2024-42132)	Low (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-11
Linux Kernel (ARM)	Not specified	Cache Flushing Issue	Critical (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
OpenHarmony	Prior to 4.0.1	Out-of-Bounds Read		View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not mentioned	Use-after-free (UAF) in the sctp_v6_available() function	Critical (DoS)	View or Download	UNDERCODE	2024-12-11
Hewlett Packard Enterprise Insight Remote Support	( not specified )	Directory Traversal	CRITICAL (CVSS Score: 9.8)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Unbalanced pm_runtime_enable! (CVE-2024-53134)	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Deadlock when accessing tmpfs over NFS	Medium (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
Huawei (exact platform unspecified)	(not specified)	Insufficient verification in system sharing pop-up module (CVE-2024-32989)	High (availability impact)	View or Download	UNDERCODE	2024-12-11
HarmonyOS	All versions before a patch is applied (specifically mentioned for 4.0.0 and 4.2.0)	Permission verification vulnerability in the system sharing pop-up module	MEDIUM (CVSS score: 6.1)	View or Download	UNDERCODE	2024-12-11
Apache Airflow	2.8.0 - 2.8.2 (inclusive)	Incorrect Privilege Assignment	Moderate	View or Download	UNDERCODE	2024-12-11
HarmonyOS (all versions mentioned in the references are vulnerable)	Not specified	Out-of-bounds memory access		View or Download	UNDERCODE	2024-12-11
Apache Airflow	Before 2.9.2	Use of Web Browser Cache Containing Sensitive Information	Medium	View or Download	UNDERCODE	2024-12-11
HarmonyOS	Not specified	Insufficient verification vulnerability in the baseband module	High	View or Download	UNDERCODE	2024-12-11
			MEDIUM (CVSS 3.1 score: 6.2)	View or Download	UNDERCODE	2024-12-11
wpa_supplicant module (platform not specified)	Not specified	Permission verification vulnerability (CVE-2024-32991)	Critical (CVSS score not explicitly mentioned but the description indicates critical impact)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not specified (all before the patch)	Privilege Escalation	Low	View or Download	UNDERCODE	2024-12-11
		Missing outer runtime PM protection in drm/xe driver	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-11
		Local Privilege Escalation (SBAMSvc Link Following)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified (all versions using nilfs2 file system are potentially affected)	Null Pointer Dereference	Low (CVSS score might be available elsewhere)	View or Download	UNDERCODE	2024-12-11
		Local Privilege Escalation	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-11
		Heap-based Buffer Overflow (CVE-2024-8025)	Critical	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Malicious File Upload (CVE-2024-25019)	Critical	View or Download	UNDERCODE	2024-12-11
Visteon Infotainment System	N/A	Local Privilege Escalation (LPE)	Critical	View or Download	UNDERCODE	2024-12-11
Visteon Infotainment App SoC (System-on-Chip)	Not specified	Missing Immutable Root of Trust (Hardware Local Privilege Escalation)		View or Download	UNDERCODE	2024-12-11
Visteon Infotainment Systems	(not specified)	Command Injection (CVE-2024-8359)	High (CVSS score: 6.8)	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Exposure of Sensitive Information	Not available (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Unrestricted File Upload	Critical (CVSS 3.1 score not provided)	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	File Upload Vulnerability (CVE-2024-45676)	Critical	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Weak Cryptographic Algorithms	Critical (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
Checkmk Exchange Plugin for MikroTik	2.0.0 - 2.5.5 & 0.4a_mk - 2.0a	Improper Certificate Validation (CVE-2024-38861)	MEDIUM (CVSS v4.0: 4.9)	View or Download	UNDERCODE	2024-12-11
Multiple Apple products (iOS, iPadOS, macOS, watchOS, tvOS)	All versions before iOS/iPadOS 17.7, macOS 13.7, etc. (see NVD for specifics)	CVE-2024-44169 (Kernel Logic Issue)	Not specified (likely medium or high)	View or Download	UNDERCODE	2024-12-11
macOS	All versions before macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15 (patched)	Buffer overflow in Intel Graphics Driver (CVE-2024-44160)	Critical	View or Download	UNDERCODE	2024-12-11
Checkmk	Before 2.3.0p16 and 2.2.0p34	Cross-Site Scripting (XSS)	MEDIUM (CVSS v3: 5.1)	View or Download	UNDERCODE	2024-12-11
Apple iOS	All versions before iOS 18 and iPadOS 18 (Vulnerable)	Authentication Bypass (CVE-2024-44202)	Critical	View or Download	UNDERCODE	2024-12-11
Wazifa System	1.0	Cross-site Scripting (XSS)	Medium (CVSS score: 5.3)	View or Download	UNDERCODE	2024-12-11
1000 Projects Library Management System	1.0	SQL Injection (CVE-2024-12188)	Critical	View or Download	UNDERCODE	2024-12-11
PHPGurukul Complaint Management System	1.0	SQL Injection (CVE-2024-12230)	Critical	View or Download	UNDERCODE	2024-12-11
WeiYe-Jing datax-web	2.1.1	OS Command Injection (CVE-2024-12358)	Critical	View or Download	UNDERCODE	2024-12-11
TP-Link VN020 F3v(T)	TT_V6.2.1021	Buffer Overflow	Critical	View or Download	UNDERCODE	2024-12-11
Online Class and Exam Scheduling System	1.0	SQL Injection (CWE-74, CWE-89)	Critical (CVSS v2: 6.5, CVSS v3: 6.3, CVSS v4: 5.3)	View or Download	UNDERCODE	2024-12-11
TOTOLINK EX1800T	9.1.0cu.2112_B20220316	Stack Overflow (CVE-2024-12352)	Medium	View or Download	UNDERCODE	2024-12-11
code-projects Online Notice Board	Up to 1.0	Unrestricted File Upload	Critical (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)	View or Download	UNDERCODE	2024-12-11
SourceCodester Phone Contact Manager System	1.0	Improper Input Validation	Medium (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)	View or Download	UNDERCODE	2024-12-11
PHPGurukul Complaint Management System	1.0	SQL Injection (CVE-2024-12228)	Critical	View or Download	UNDERCODE	2024-12-11
SourceCodester Petrol Pump Management Software	1.0	Unrestricted File Upload	Critical (CVSS score not provided)	View or Download	UNDERCODE	2024-12-11
SourceCodester Best House Rental Management System	1.0	File Inclusion	Medium (CVSS v3: 4.3, CVSS v2: 5.0, CVSS v4: 6.9)	View or Download	UNDERCODE	2024-12-11
SourceCodester Phone Contact Manager System	1.0	Improper Input Validation	Medium (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)	View or Download	UNDERCODE	2024-12-11
Tenda Routers (FH451, FH1201, FH1202, FH1206)	Up to 20241129	Null Pointer Dereference (in websReadEvent function of /goform/GetIPTV)	MEDIUM (CVSS score: 5.3)	View or Download	UNDERCODE	2024-12-11
		Override leakage to global cache	Critical	View or Download	UNDERCODE	2024-12-10
Ruby on Rails		Cross-Site Scripting (XSS)	Low	View or Download	UNDERCODE	2024-12-10
peerigon/angular-expressions	Unaffected versions: >= 1.4.3	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-10
wasmvm, cosmwasm-vm		(details not yet available)	Medium (Moderate + Likely)	View or Download	UNDERCODE	2024-12-10
CosmWasm VM	Multiple (see Affected Versions)	Unspecified (details pending)	Medium	View or Download	UNDERCODE	2024-12-10
Linux Kernel	Not specified (versions up to 6.11.3 are vulnerable)	Integer overflow in AMD display driver (CVE-2024-50177)	Medium	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	SQL Injection	Critical (CVSS v3 Base Score: 5.3 - MEDIUM)	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	Cross-Site Request Forgery (CSRF)	MEDIUM (CVSS score: 6.9)	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	SQL Injection		View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	Cross-Site Request Forgery (CSRF)	MEDIUM	View or Download	UNDERCODE	2024-12-10
Linux Kernel	All versions with MPTCP enabled (potentially from 5.7 to later)	mptcp: handle consistently DSS corruption	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	SQL Injection	Critical (CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)	View or Download	UNDERCODE	2024-12-10
Hugo	>= 0.123.0, < 0.139.4	Unescaped Attributes in Internal Templates	Moderate	View or Download	UNDERCODE	2024-12-09
Apache Superset	2.0.0 to 4.1.0 (excluding 4.1.0)	Improper Authorization	High	View or Download	UNDERCODE	2024-12-09
Winter CMS	Affected versions	Twig Sandbox Bypass	Critical	View or Download	UNDERCODE	2024-12-09
idna	<= 0.5.0	Punycode Spoofing (CVE- not mentioned)	Critical	View or Download	UNDERCODE	2024-12-09
League/CommonMark	Affected versions prior to 2.6.0	Denial of Service (DoS)	Critical	View or Download	UNDERCODE	2023-11-28
HarmonyOS	Not specified (all versions before May 2024 patch are likely vulnerable)	Null Pointer Access (CVE-2024-32998)	Medium	View or Download	UNDERCODE	2024-12-09
HarmonyOS	Not specified (all versions before 17.5 are likely vulnerable)	Race condition in binder driver module (CVE-2024-32997)	High	View or Download	UNDERCODE	2024-12-09
(Multiple - see below)	(All versions before 17.5/10.5/14.5)	Logic Issue (CVE-2024-27816)	Critical	View or Download	UNDERCODE	2024-12-09
Huawei	EMUI 14, EMUI 13, HarmonyOS 4.2, HarmonyOS 4.0, HarmonyOS 3.1, HarmonyOS 3.0 (based on Huawei security bulletin)	PIN enhancement failures in the screen lock module	High	View or Download	UNDERCODE	2024-12-09
		Cracking vulnerability in the OS security module		View or Download	UNDERCODE	2024-12-09
EMUI (Huawei)	Not specified	Improper Permission Control in Window Management	Medium	View or Download	UNDERCODE	2024-12-09
HarmonyOS	All versions before a fix is applied (specific versions not mentioned)	Cracking vulnerability in the OS security module	Medium (CVSS score: 6.4)	View or Download	UNDERCODE	2024-12-09
HarmonyOS	All versions (not specified)	Privilege Escalation due to permission control issue in the App Multiplier module	High	View or Download	UNDERCODE	2024-12-09
Apple Vision Pro	Not specified (versions before 1.1 are vulnerable)	Permissions Issue	Critical	View or Download	UNDERCODE	2024-12-09
macOS Sonoma	Not specified	Code Execution	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-09
Apple Platforms (tvOS, iOS, iPadOS, macOS, watchOS)	Unaffected versions are tvOS 17.4, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, and watchOS 10.4 or later.	CVE-2024-23293 - Spotlight vulnerability allowing access to sensitive user data through Siri with physical access.	Critical	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation Software	Not specified	Heap-based memory buffer overflow	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation software	Not specified	Memory buffer overflow	Critical (CVSS v3 score: 7.8, CVSS v4 score: 8.4)	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation	All Versions (not specified)	Memory Buffer Overflow	Medium (CVSS v3 score: 4.4)	View or Download	UNDERCODE	2024-12-09
Palo Alto Networks PAN-OS (with Captive Portal enabled)	Not specified	Reflected Cross-Site Scripting (XSS) - CVE-2024-0011	MEDIUM (CVSS v3 score: 4.3)	View or Download	UNDERCODE	2024-12-09
Palo Alto Networks PAN-OS		Reflected Cross-Site Scripting (XSS) - CVE-2024-0010	MEDIUM (CVSS score: 4.3)	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation	All versions (not specified)	Arbitrary Code Execution	Critical (CVSS v3: 7.8, CVSS v4: 8.4)	View or Download	UNDERCODE	2024-12-09
	Not specified (all versions before iOS 17.4, iPadOS 17.4, macOS Monterey 12.7.4, etc. are vulnerable)	Validation Issue	High	View or Download	UNDERCODE	2024-12-09
macOS Sonoma	All versions before 14.4	Improper handling of temporary files (CVE-2024-23287)	Critical	View or Download	UNDERCODE	2024-12-09
Apple GarageBand	All versions before 10.4.11 (Vulnerable)	Use-after-free	Critical (CVSS score not provided)	View or Download	UNDERCODE	2024-12-09
macOS, iOS, iPadOS	(Unaffected versions not specified)	Incomplete data redaction in log entries	Critical (An app may be able to access user-sensitive data)	View or Download	UNDERCODE	2024-12-09
macOS (various versions)	Not specified	Memory Corruption	Critical	View or Download	UNDERCODE	2024-12-09
Apple (iOS, iPadOS, macOS, watchOS)	All versions before iOS 16.7.6, iPadOS 16.7.6, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4	Lock Screen Bypass via Siri	Critical	View or Download	UNDERCODE	2024-12-09
Apple iOS	All versions before 16.7.6 and 17.4	System Notification Spoofing	Critical (CVSS score unavailable)	View or Download	UNDERCODE	2024-12-09
		Remote Code Execution (RCE)	Critical (unauthenticated attacker can execute arbitrary code)	View or Download	UNDERCODE	2024-12-09
WhatsUp Gold	Before 2023.1.2	Server-Side Request Forgery (SSRF)	MEDIUM	View or Download	UNDERCODE	2024-12-09
WhatsUp Gold	Before 2023.1.2	SSRF	Medium (CVSS v3 score: 4.2)	View or Download	UNDERCODE	2024-12-09
WhatsUp Gold	Before 24.0.1	SQL Injection (CVE-2024-46906)	Critical (CVSS score: 8.8)	View or Download	UNDERCODE	2024-12-09
Drupal Core	Vulnerable versions	Improper Error Handling	Moderate	View or Download	UNDERCODE	2024-12-07
Android	Affected versions are prior to 2.3.4.	Deserialization vulnerability	Low	View or Download	UNDERCODE	2024-12-07
			Moderate	View or Download	UNDERCODE	2024-12-07
`path-to-regexp`	0.1.x	ReDoS	Moderate	View or Download	UNDERCODE	2024-12-07
	(not specified in the article)	HTML Injection (CVE-2024-54128)	Critical	View or Download	UNDERCODE	2024-12-07
PyO3	0.23.0 to 0.23.2	Build corruption	Moderate	View or Download	UNDERCODE	2024-12-07
pprof	(Unaffected versions not specified)	Unsound memory access due to type mismatch and misalignment	Low	View or Download	UNDERCODE	2024-12-07
linkme	Affected versions	Type Mismatch	Low	View or Download	UNDERCODE	2024-12-07
Drupal Core	>= 10.1.0, = 10.2.0, < 10.2.2	Denial of Service	High	View or Download	UNDERCODE	2024-12-07
Solana Web3.js	1.95.6 and 1.95.7	Supply chain attack leading to private key theft	Critical	View or Download	UNDERCODE	2024-12-07
anstream (Rust)	< 0.6.8	Unsoundness	Moderate	View or Download	UNDERCODE	2024-12-07
GitHub CLI	Not specified (versions before 2.63.1)	Path Traversal	Moderate	View or Download	UNDERCODE	2024-12-07
PAN-OS		Privilege Escalation	MEDIUM	View or Download	UNDERCODE	2024-12-07
Metabase	Affected versions include 0.40.4 and earlier, and 1.40.4 and earlier.	Local File Inclusion (LFI)	Critical (CVSS Score: 10.0)	View or Download	UNDERCODE	2024-12-07
Windows	Multiple Windows versions are affected.	Elevation of Privilege	HIGH	View or Download	UNDERCODE	2024-12-07
Atlassian Jira Server and Data Center	Before 8.5.14, 8.6.0-8.13.6, 8.14.0-8.16.1	Path Traversal	Critical	View or Download	UNDERCODE	2021-03-16
Safari, iOS, iPadOS, macOS, visionOS	Affected versions are older than Safari 18.1.1, iOS 17.7.2, iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1, iPadOS 18.1.1, visionOS 2.1.1.	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-12-07
Kemp LoadMaster	All versions before 7.2.48.10, 7.2.54.8, 7.2.59.2	Unauthenticated Command Injection	Critical (CVSS v3 score: 10.0)	View or Download	UNDERCODE	2024-12-07
vCenter Server	Affected versions are not explicitly mentioned.	Heap-overflow vulnerability in the DCERPC protocol implementation.	Critical (CVSS Score: 9.8)	View or Download	UNDERCODE	2024-12-07
Palo Alto Networks Expedition	(Not specified)	SQL Injection (CVE-2024-9465)	Critical (CVSS score: 9.2)	View or Download	UNDERCODE	2024-12-07
Zyxel ATP Series, USG FLEX Series, USG FLEX 50(W) Series, and USG20(W)-VPN Series	V5.00 through V5.38	Directory Traversal	HIGH	View or Download	UNDERCODE	2024-12-07
Oracle Agile PLM Framework	9.3.6	Information Disclosure	High	View or Download	UNDERCODE	2024-12-07
ProjectSend	Prior to r1720	Improper Authentication	Critical (CVSS Score: 9.8)	View or Download	UNDERCODE	2024-12-07
Not specified (WebKit is used across various Apple products)	Versions prior to those mentioned above (specific versions not provided)	Sandbox Escape (Critical)	Critical	View or Download	UNDERCODE	2024-12-06
Apple iOS, iPadOS, macOS	Versions before iOS 17.4, iPadOS 17.4, and macOS Sonoma 14.4	Authentication Bypass in Hidden Photos Album	Critical (CVSS details not shown in excerpt)	View or Download	UNDERCODE	2024-12-06
Apple (mentioned in source)	Not specified (all versions before the fixed ones are vulnerable)	Race Condition (mentioned in description)	High (implied by potential access to user-sensitive data)	View or Download	UNDERCODE	2024-12-06
Zyxel USG FLEX H Series	uOS versions up to (excluding) 1.30	Insufficiently protected credentials	Critical (CVSS v3 score details not provided)	View or Download	UNDERCODE	2024-12-06
iOS, iPadOS, tvOS, watchOS, macOS (all versions before the mentioned fixes)	Not applicable (all versions before the fixes)	Unrestricted Microphone Access		View or Download	UNDERCODE	2024-12-06
macOS Sonoma	Not specified (all versions before 14.4 are vulnerable)	Improper memory handling	Medium (allows denial-of-service or potential information disclosure)	View or Download	UNDERCODE	2024-12-06
macOS Sonoma	(Not specified in the provided text)	Memory Access Issue	Critical (CVE-2024-23249)	View or Download	UNDERCODE	2024-12-06
Apple iOS	Versions before 17.4	Shake-to-Undo information disclosure (CVE-2024-23240)	Critical	View or Download	UNDERCODE	2024-12-06
macOS	Sonoma 14.4, Monterey 12.7.4 (Unaffected versions not listed)	Privilege Escalation	Critical	View or Download	UNDERCODE	2024-12-06
macOS Sonoma	Before 14.4	Permissions Issue (CVE-2024-23253)	Low	View or Download	UNDERCODE	2024-12-06
macOS	Not specified (all versions vulnerable before macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5)	Out-of-bounds write in Kerberos v5 PAM module	Critical (CVSS v3.1: CISA-ADP AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)	View or Download	UNDERCODE	2024-12-06
(see below)	(see below)	Information Leakage		View or Download	UNDERCODE	2024-12-06
macOS	Sonoma 14.4, Monterey 12.7.4, Ventura 13.6.5 (all prior versions are vulnerable)	Improper Memory Handling (Code Execution)	Critical	View or Download	UNDERCODE	2024-12-06
Directus	Not specified (update to latest version)	Client-Side HTML Injection (CVE-2024-54128)	Critical	View or Download	UNDERCODE	2024-12-05
sigstore-java			Low (for non-monitors/witnesses)	View or Download	UNDERCODE	2024-12-05
Drupal Core	N/A	Improper Error Handling	Moderate	View or Download	UNDERCODE	2024-12-05
Drupal Core	10.1.0 - 10.1.7, 10.2.0 - 10.2.1	Denial of Service	High	View or Download	UNDERCODE	2024-12-05
Apache Hive	4.0.0-alpha-1	Deserialization of untrusted data	High	View or Download	UNDERCODE	2024-12-05
Perl (App::cpanminus package)	Up to 1.7047	Insecure HTTP Download	Critical (CVSS 3.0: 9.8/10)	View or Download	UNDERCODE	2024-12-05
			Low	View or Download	UNDERCODE	2024-12-05
PyO3	0.23.0 - 0.23.2	Build Corruption	Moderate	View or Download	UNDERCODE	2024-12-05
Microsoft Brokering File System (Platform details not specified)	(Version information not provided)	Elevation of Privilege	HIGH (CVSS v3 Base Score: 7.8)	View or Download	UNDERCODE	2024-12-05
Dell Secure Connect Gateway (SCG) Policy Manager	All	Stored Cross-Site Scripting (XSS)	HIGH	View or Download	UNDERCODE	2024-12-05
Rpgp	All versions prior to 0.14.1	Multiple vulnerabilities leading to denial-of-service	Critical	View or Download	UNDERCODE	2024-12-05
Spring LDAP	All versions before 2.4.0, 2.4.0 through 2.4.3, 3.0.0 through 3.0.9, 3.1.0 through 3.1.7, 3.2.0 through 3.2.7	Information Exposure	Moderate (CVE-2024-38829)	View or Download	UNDERCODE	2024-12-04
Anstream (platform unspecified)	Not specified	Unhandled Character Encoding		View or Download	UNDERCODE	2024-12-04
Apache HTTP Server	Affected versions include 2.4.49 and earlier.	A remote code execution vulnerability that can be exploited to execute arbitrary code on the server.	Critical	View or Download	UNDERCODE	2024-12-04
Linkme	Affected versions	Type Mismatch	Low	View or Download	UNDERCODE	2024-12-04
Checkmk	Up to 2.0.0, specific 2.1.0 and 2.2.0 versions	Multiple vulnerabilities (CVE-2023-43277, CVE-2023-43278, CVE-2023-43279)	High (CVE-2023-43277), Medium (CVE-2023-43278, CVE-2023-43279)	View or Download	UNDERCODE	2024-12-04
PDF-XChange Editor	(not specified)	Out-of-Bounds Read Information Disclosure		View or Download	UNDERCODE	2024-12-04
Adobe Animate	24.0 and earlier (including 23.0.3)	Out-of-Bounds Read (CVE-2024-20762)	MEDIUM (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-04
Zabbix Server	Not specified (all versions before 6.4.16rc1 and 7.0.0 are vulnerable)	Code Injection (CWE-94)	Critical (CVSS score: 9.9)	View or Download	UNDERCODE	2024-12-04
Adobe Animate	23.0.4 and earlier	Out-of-bounds read (CVE-2024-20797)	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-12-04
Adobe Animate	23.0.4 and earlier	Out-of-bounds read (CVE-2024-20796)	Medium (CVSS 3.1 base score: 5.5)	View or Download	UNDERCODE	2024-12-04
GitHub CLI	Prior to 2.63.1	Path Traversal	Critical	View or Download	UNDERCODE	2024-12-04
CyberPanel	Before 1c0c6cb (through 2.3.6 and unpatched 2.3.7)	Command Injection	Critical (CVSS score: 10.0)	View or Download	UNDERCODE	2024-12-04
Adobe Experience Manager	Versions 6.5.19 and earlier (not specified)	Stored Cross-Site Scripting (XSS)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.x Base Score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS v3 base score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.1 base score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
ChargePoint Home Flex	(Not specified in the article)	Denial-of-Service (DoS)	MEDIUM (CVSS score: 4.3)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Trimble SketchUp	All versions (unaffected versions not specified yet)	Stack-based buffer overflow remote code execution	Critical	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
PDF-XChange Editor	All versions before a patch is released (information not yet available)	Out-of-bounds read leading to remote code execution (RCE)	High (CVSS v3 score to be determined)	View or Download	UNDERCODE	2024-12-03
IBM QRadar Suite, IBM Cloud Pak for Security	1.10.12.0 through 1.10.17.0 (QRadar Suite), 1.10.0.0 through 1.1.11.0 (Cloud Pak for Security)	Information Exposure	Critical (CVSS score details unavailable)	View or Download	UNDERCODE	2024-12-03
Linux Kernel	Not specified (all versions using the iwlwifi driver are potentially vulnerable)	Memory Error (improper response handling)	Critical (CVE-2024-53059)	View or Download	UNDERCODE	2024-12-03
Linux Kernel	Not specified (all versions potentially affected)	Null pointer dereference	Critical	View or Download	UNDERCODE	2024-12-03
			High	View or Download	UNDERCODE	2024-12-03
code-projects Farmacia	Up to 1.0	SQL Injection	Critical (CVSS score: 5.3 MEDIUM)	View or Download	UNDERCODE	2024-12-03
Checkmk	Below 2.3.0p22, 2.2.0p37, and 2.1.0p50	Information Disclosure	Medium (CVSS v3: 6.5, CVSS v4: 5.7)	View or Download	UNDERCODE	2024-12-03
element-hq/synapse	Before 1.106	Unauthenticated Writes to Media Repository	Moderate	View or Download	UNDERCODE	2024-12-03
element-hq/synapse	Before 1.120.1	Malformed Invite Disrupts /sync Functionality	High	View or Download	UNDERCODE	2024-12-03
Synapse	Below 1.120.1	Unsupported content type handling (multipart/form-data)	High	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
		Stack-based Buffer Overflow (Remote Code Execution)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Reflected Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Reflected Cross-Site Scripting (XSS) (CWE-79)	Important (CVSS Score: 5.4 - Medium)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Cross-Site Scripting (XSS)	Medium (CVSS v3 score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS) - CVE-2024-26038	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS 3.1 score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Zyxel ATP Series, USG FLEX Series, USG FLEX 50(W) Series, and USG20(W)-VPN Series	V5.00 through V5.38	Directory Traversal	HIGH	View or Download	UNDERCODE	2024-12-03
ProjectSend	Prior to r1720	Improper Authentication	Critical (CVSS score: 9.8)	View or Download	UNDERCODE	2024-12-03
Adobe InDesign Desktop	19.0, 20.0 and earlier	Out-of-bounds read (CVE-2024-49529)	MEDIUM (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Dreamweaver Desktop	21.3 and earlier	OS Command Injection (CVE-2024-30314)	Critical	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	DOM-based Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.x Base Score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Substance 3D Stager	3.0.2 and earlier	Out-of-bounds read (CVE-2024-52998)	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS) - CVE-2024-26043	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	DOM-based XSS (Cross-Site Scripting)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored XSS	MEDIUM	View or Download	UNDERCODE	2024-12-03
Adobe Premiere Pro	23.6.5, 24.4.1 and earlier	Untrusted Search Path	Critical	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager (AEM)	6.5.20 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS v3 score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.20 and earlier	DOM-based XSS (CVE-2024-49524)	Medium	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager (AEM)	6.5.19 and earlier (all versions before 6.5.20 are potentially vulnerable)	DOM-based Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Substance 3D Painter	9.1.2 and earlier	Out-of-bounds read	Important (CVSS Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	Versions 6.5.19 and earlier (information incomplete due to reanalysis)	Stored Cross-Site Scripting (XSS)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe InDesign Desktop	ID18.5.2, ID19.3 and earlier	NULL Pointer Dereference	Important (CVSS Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier (all prior versions are vulnerable)	Stored Cross-Site Scripting (XSS) (CVE-2024-26056)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.x score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-12-03
Adobe Substance 3D Painter	9.1.2 and earlier	Out-of-bounds read (CVE-2024-30308)	Important (CVSS Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe InDesign	ID18.5.2, ID19.3 and earlier	Heap-based Buffer Overflow (CVE-2024-39392)	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Rails	Rails >= 7.1.0 and Nokogiri < 1.15.7, or 1.16.x < 1.16.8 (Rails::HTML::Sanitizer 1.6.0 is vulnerable)	XSS	Critical	View or Download	UNDERCODE	2024-12-03
Rails	Rails >= 7.1.0 & Rails::HTML::Sanitizer 1.6.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-12-03
		Potential XSS (Cross-Site Scripting)		View or Download	UNDERCODE	2024-12-03
Rails	Rails >= 7.1.0 with Rails::HTML::Sanitizer 1.6.0	XSS	Critical	View or Download	UNDERCODE	2024-12-03
Mongoose	< 8.8.3	Search Injection	High	View or Download	UNDERCODE	2024-12-03
Rails::HTML::Sanitizer	1.6.0	XSS (Cross-Site Scripting)	Medium	View or Download	UNDERCODE	2024-12-03
Adobe FrameMaker	2020.5, 2022.3 and earlier (all versions before 2020.6 or 2022.4)	Out-of-bounds read (CVE-2024-30287)	Important (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-02
Adobe FrameMaker	2020.5, 2022.3 and earlier	Heap-Based Buffer Overflow (CVE-2024-30288)	Critical (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe FrameMaker	2020.5 and earlier (including 2022.3)	Out-of-bounds read (CVE-2024-30286)	Medium (CVSS score: 5.5)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574 and earlier	Use After Free (CVE-2024-30284)	Critical (CVSS: 3.1 High - 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	Versions 20.005.30574, 24.002.20736 and earlier (fill in "all" if all versions are affected)	Use After Free	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	All versions before 20.005.30635 and 24.002.20759	Improper Access Control (CVE-2024-34099)	HIGH (CVSS: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	Versions before 20.005.30574 and 24.002.20736	Out-of-bounds write vulnerability	HIGH (CVSS 3.1 base score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574, 24.002.20736 and earlier	Out-of-Bounds Read	HIGH (CVSS 3.x Base Score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	Versions before 20.005.30635 and 24.002.20759 (inclusive)	Use After Free (CVE-2024-34095)	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader DC	20.005.30539, 23.008.20470 and earlier	Use After Free (CVE-2024-30301)	Critical (CVSS 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574, 24.002.20736 and earlier	Use After Free (CVE-2024-34100)	Critical (CVSS: 3.1/7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574, 24.002.20736 and earlier	Out-of-bounds read (CVE-2024-30311)	Medium	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574 and earlier	Out-of-bounds read (CVE-2024-30312)	Critical	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	All versions before 20.005.30574 and 24.002.20736	Out-of-bounds read (CVE-2024-34101)	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-02
Adobe FrameMaker	2020.5, 2022.3 and earlier (all versions before 2020.6 or 2022.4)	Out-of-Bounds Read (CVE-2024-30283)	Medium (CVSS score: 5.5)	View or Download	UNDERCODE	2024-12-02
`ruzstd`	Affected versions	Uninitialized and Out-of-Bounds Memory Reads	Moderate	View or Download	UNDERCODE	2024-12-02
Python-multipart	Affected versions	Denial of Service (DoS)	High	View or Download	UNDERCODE	2024-12-02
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS v3 score: 5.4)	View or Download	UNDERCODE	2024-12-02
Google Chrome	Before 122.0.6261.57	Inappropriate implementation in Navigation	Critical (Chromium security severity: Medium)	View or Download	UNDERCODE	2024-12-02
Symfony	!ERROR! B1103 -> Formula Error: Unexpected ,	Deserialization	High	View or Download	UNDERCODE	2024-12-02
Ant-Media-Server	2.8.2	Improper Output Neutralization for Logs	High	View or Download	UNDERCODE	2024-12-02
Symfony	Affected versions are not explicitly mentioned. It is recommended to upgrade to the latest version to mitigate the risk.	Authentication Bypass	Moderate	View or Download	UNDERCODE	2024-12-02
SimpleSAMLphp	All versions before 2.3.4, 2.2.4, 2.1.7, and 2.0.15	XXE (XML External Entity)	Critical	View or Download	UNDERCODE	2024-12-02
N/A (Lettuce is a Java library)	Affected versions < 6.5.1.RELEASE	Netty vulnerability (CVE-TBD)	Moderate	View or Download	UNDERCODE	2024-12-02
Ibexa Admin UI	Affected versions are not explicitly mentioned.	Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-02
SFTPGo	2.3.0 to 2.6.3	Brute Force Takeover of OpenID Connect Session Cookies	Moderate	View or Download	UNDERCODE	2024-12-02
SimpleSAMLphp SAML2	(Unaffected versions not specified)	XXE	Moderate	View or Download	UNDERCODE	2024-12-02
Node.js	10.0.4	Prototype Pollution	Critical	View or Download	UNDERCODE	2024-12-02
Not specified	Not specified	Cache Confusion	Moderate	View or Download	UNDERCODE	2024-12-02
	Versions before 10.0.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-12-02
veraPDF CLI	Affected versions are not explicitly specified.	XXE (XML External Entity Injection)	Low	View or Download	UNDERCODE	2024-12-02
SimpleSAMLphp	Not specified	XXE	High	View or Download	UNDERCODE	2024-12-02
(Not specified in the provided text)	libarchive versions before 3.7.5	Out-of-bounds memory access in execute_filter_audio function	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-02
AMTT Hotel Broadband Operation System	Up to 3.0.3.151204	SQL Injection (CVE-2024-11051)	Critical	View or Download	UNDERCODE	2024-12-02
Concert Ticket Ordering System	1.0	SQL Injection		View or Download	UNDERCODE	2024-12-02
Team Plugins360 All-in-One Video Gallery	All versions up to 3.5.2	Missing Authorization	HIGH	View or Download	UNDERCODE	2024-12-02
Veritas Enterprise Vault	Before 15.2	Remote Code Execution	Critical (CVSS score: 9.8)	View or Download	UNDERCODE	2024-11-29
Veritas Enterprise Vault	Before 15.2	Remote Code Execution (RCE)	Critical (CVSS 3.x score: 9.8)	View or Download	UNDERCODE	2024-11-29
Microsoft Windows	Not specified (all versions potentially affected)	Elevation of Privilege	HIGH (CVSS 3.1 base score: 7.0)	View or Download	UNDERCODE	2024-11-29
Open Management Infrastructure (OMI)	Not specified (all versions likely affected)	Remote Code Execution (RCE)	Critical (CVSS: 9.8)	View or Download	UNDERCODE	2024-11-29
.NET	7.0 (<= 7.0.16), 8.0 (<= 8.0.2)	Denial of Service (DoS)	HIGH (CVSS score: 7.5)	View or Download	UNDERCODE	2024-11-29
		Kerberos Security Feature Bypass	HIGH (CVSS 3.1 base score: 7.5)	View or Download	UNDERCODE	2024-11-29
WordPress	ProfileGrid plugin versions up to 5.9.3.6	Unauthorized data modification	Medium (CVSS: 6.5)	View or Download	UNDERCODE	2024-11-29
			HIGH (CVSS: 7.0)	View or Download	UNDERCODE	2024-11-29
Microsoft Dynamics 365 (on-premises)	Not specified	Cross-site Scripting (XSS)	HIGH (CVSS v3 score: 7.6)	View or Download	UNDERCODE	2024-11-29
WordPress	Ashe theme versions up to 2.243	Reflected Cross-Site Scripting (XSS)	MEDIUM (CVSS: 6.1)	View or Download	UNDERCODE	2024-11-29
WordPress Plugin - MailChimp Forms by MailMunch	All versions up to 3.2.3 (inclusive)	Reflected Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-29
Veritas Enterprise Vault	Before 15.2	Remote Code Execution (RCE)	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-29
		Out-of-Bounds Read Remote Code Execution (RCE)	Critical (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-29
PDF-XChange Editor	(not specified in available information)	Out-of-Bounds Write Remote Code Execution	HIGH (CVSS score: 7.8) based on Zero Day Initiative (ZDI)	View or Download	UNDERCODE	2024-11-29
			Medium	View or Download	UNDERCODE	2024-11-29
PDF-XChange Editor	All versions before a patch is released	Information Disclosure		View or Download	UNDERCODE	2024-11-22
PDF-XChange Editor	Not specified (all versions before a patch is released are vulnerable)	Out-of-Bounds Read Remote Code Execution	HIGH	View or Download	UNDERCODE	2024-11-29
PDF-XChange Editor	(information not available)	Out-of-bounds read remote code execution (RCE)	Critical (CVSS v3.0 base score likely high)	View or Download	UNDERCODE	2024-11-29
		EMF File Parsing Out-Of-Bounds Read	LOW (CVSS: 3.3)	View or Download	UNDERCODE	2024-11-29
		Out-of-Bounds Read Remote Code Execution (RCE) in XPS parsing	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	All versions (unspecified)	Out-of-Bounds Read Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	Not specified in this source	Annotation Use-After-Free	Critical	View or Download	UNDERCODE	2024-11-29
		Local Privilege Escalation	Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader (all versions)	Not specified	Incorrect Permission Assignment in Update Service (Local Privilege Escalation)	Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	All versions (not specified)	Out-of-Bounds Read Information Disclosure	Critical	View or Download	UNDERCODE	2024-11-29
		Annotation Use-After-Free Remote Code Execution	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-29
		Annotation Out-of-Bounds Read	Critical	View or Download	UNDERCODE	2024-11-29
		Out-of-Bounds Write Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-29
SolarWinds Web Help Desk (WHD)	Not specified in the provided information.	Hardcoded Credentials	Critical (CVSS score: 9.1)	View or Download	UNDERCODE	2024-11-29
SolarWinds Serv-U	All versions up to 15.4.2 Hotfix 1	Directory Traversal	Critical	View or Download	UNDERCODE	2024-11-29
D-Link NAS devices (DNS-320L, DNS-325, DNS-327L, DNS-340L)	All versions up to April 3rd, 2024 (EOL)	Command Injection (CVE-2024-3273)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-29
Windows (10 and above), Windows Server (2016 and later)	Not specified	Heap-based buffer overflow in DWM Core Library	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-29
Android	All versions (initially reported on Pixel devices but affects all)	Privilege Escalation (CVE-2024-32896)	Critical	View or Download	UNDERCODE	2024-11-29
IrfanView	All versions	Heap-based buffer overflow due to SVG file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-29
IrfanView	All versions (unaffected version not specified)	Out-of-Bounds Read Remote Code Execution (RCE)		View or Download	UNDERCODE	2024-11-29
IrfanView	All versions	DXF File Parsing Type Confusion Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-29
			Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	All versions up to (including) 13.1.3 (Windows) & 13.1.2 (Mac)	Use-After-Free Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-11-29
Microsoft Windows Kernel	Not specified	Time-Of-Check Time-Of-Use (TOCTOU) race condition	Critical (CVSS score: 7.0)	View or Download	UNDERCODE	2024-11-29
Windows MSHTML Platform	(Not specified in the provided information)	Security Feature Bypass	Critical (CVSS v3 score: 8.8)	View or Download	UNDERCODE	2024-11-29
Oracle CRM Technical Foundation (Oracle E-Business Suite)	12.2.3 - 12.2.13	Partial Denial of Service (DoS)	Medium (CVSS 3.1 Base Score: 4.3)	View or Download	UNDERCODE	2024-11-29
JD Edwards EnterpriseOne Tools	Prior to 9.2.8.1	Information Disclosure	Critical	View or Download	UNDERCODE	2024-11-29
Oracle MySQL Server	8.0.35 and prior, 8.2.0 and prior	Privilege Escalation (CVE-2024-20964)	Critical (CVSS 3.1 Base Score: 5.3)	View or Download	UNDERCODE	2024-11-29
Hugging Face Transformers	Not specified	Deserialization of Untrusted Data (Remote Code Execution)	Critical	View or Download	UNDERCODE	2024-11-28
Hugging Face Transformers (MaskFormer model)	Not specified	Deserialization of Untrusted Data (Remote Code Execution)	Important	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified	Improper lock handling (CVE-2024-53086)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (potentially all versions with the vulnerable remoteproc driver)	Error Handling Vulnerability (CWE-755)	Low (CVSS v3 details not provided)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified	Use-After-Free (UAF)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions potentially affected)	Exec Queue Leak	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (versions 6.5 to 6.12 likely affected)	Uninitialized variables (hdr_len and txbuf_len)	Medium (CVSS 3.1 base score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions potentially affected)	Race Condition	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions potentially affected)	Access to uninitialized variable in tick_ctx_cleanup() function	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Hugging Face Transformers (Library)	(Unaffected versions not specified yet)	Remote Code Execution (RCE)	Critical (CVSS score unavailable, but details suggest high severity)	View or Download	UNDERCODE	2024-11-28
Linux kernel	Not specified (likely impacts specific kernel versions)	Improper use of use_count in media:qcom:camss:stop_streaming function	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (potential impact on all versions with Loongson 3 CPU support)	Improper Resource Handling (use of incorrect function)	Low	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions affected by commit de8548813824)	Race condition during group handle conversion	Medium (CVSS 3.x Base Score: 4.7)	View or Download	UNDERCODE	2024-11-28
Cilium	v1.16.0 - v1.16.3 (inclusive)	Layer 7 policy enforcement bypass with port ranges	Medium	View or Download	UNDERCODE	2024-11-28
MLflow	N/A	Privilege Escalation	High	View or Download	UNDERCODE	2024-11-28
deno_doc	(not specified)	Self-XSS	Low	View or Download	UNDERCODE	2024-11-28
Querydsl (with JPA)	Not specified (but vulnerable in versions up to 6.8.0)	HQL Injection (Blind)	Critical	View or Download	UNDERCODE	2024-11-28
SPEmailHandler-PHP	< 1.0.0	Arbitrary Email Sending	High	View or Download	UNDERCODE	2024-11-28
Python	0.1.13	Credential Harvesting	High	View or Download	UNDERCODE	2024-11-28
sigstore-java	v1.0.0	Improper verification of log entry in bundle verification (CVE-2024-53267)	Critical	View or Download	UNDERCODE	2024-11-28
libre-chat	0.0.6	Path Traversal	Moderate	View or Download	UNDERCODE	2024-11-28
lakeFS	Affected versions are not explicitly specified.	Privilege Escalation	Moderate	View or Download	UNDERCODE	2024-11-28
Jenkins	< 0.0.15	Path Traversal	Moderate	View or Download	UNDERCODE	2024-11-28
Keycloak	26 and earlier	Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2023-11-21
Keycloak	!ERROR! B1187 -> Formula Error: Unexpected ,	Sensitive Data Exposure		View or Download	UNDERCODE	2024-11-28
Jenkins	1.4.4 and earlier	Stored Cross-Site Scripting (XSS)	High	View or Download	UNDERCODE	2024-11-28
GitHub CLI	Prior to 2.63.0	Token Leak	Critical	View or Download	UNDERCODE	2024-11-28
Devolutions.XTS.NET	All versions	Timing Attack	Moderate	View or Download	UNDERCODE	2024-11-28
Android (uses Apache ExternalStorageProvider)	Unaffected versions not specified (potential for widespread impact)	File Path Filter Bypass	Critical	View or Download	UNDERCODE	2024-11-28
Safari, iOS, iPadOS, macOS, visionOS	Affected versions prior to Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1	Arbitrary Code Execution	Critical	View or Download	UNDERCODE	2024-11-28
vCenter Server	Affected versions	Privilege Escalation	HIGH	View or Download	UNDERCODE	2024-11-28
Oracle Agile PLM Framework	9.3.6	Information Disclosure	HIGH	View or Download	UNDERCODE	2024-11-28
		SQL Injection (CVE-2024-9465)	Critical (CVSS score: 9.2)	View or Download	UNDERCODE	2024-11-28
CyberPanel (aka Cyber Panel)	Before 5b08cd6d53f4dbc2107ad9f555122ce8b0996515 (versions through 2.3.6 and unpatched 2.3.7)	Remote Code Execution (RCE)	Critical (CVSS 10.0)	View or Download	UNDERCODE	2024-11-28
Progress Kemp LoadMaster	All versions after 7.2.48.1 (including LoadMaster Multi-Tenant VFNs)	Unauthenticated Command Injection	CRITICAL	View or Download	UNDERCODE	2024-11-28
		Missing Authentication	Critical (CVSS score: 9.3)	View or Download	UNDERCODE	2024-11-28
		NTLMv2 Hash Disclosure Spoofing		View or Download	UNDERCODE	2024-11-28
Cisco Adaptive Security Appliance (ASA)	Not specified	Cross-site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-28
Palo Alto Networks PAN-OS				View or Download	UNDERCODE	2024-11-28
Windows	Multiple versions affected	Elevation of Privilege	High	View or Download	UNDERCODE	2024-11-28
Apple Products (Safari, iOS, iPadOS, macOS, visionOS)	Affected versions include Safari 18.1, iOS 17.7, iPadOS 17.7, macOS Sonoma 15.1, iOS 18.1, iPadOS 18.1, and visionOS 2.1.	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-28
Hugging Face Transformers MaskFormer Model	All versions before a fix is applied	Deserialization of Untrusted Data Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (the vulnerability was identified in a pre-release version)	Suspicious RCU usage in ip_tunnel_find() function	Medium	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions potentially affected)	Memory Corruption in drm/vc4 driver	Moderate (CVSS v3 score to be determined)	View or Download	UNDERCODE	2024-11-27
go-gh	Prior to 2.11.1	Improper Token Handling	Moderate	View or Download	UNDERCODE	2024-11-27
GitHub CLI	Prior to 2.63.0	Token Leak	Critical	View or Download	UNDERCODE	2024-11-27
SPEmailHandler-PHP	< 1.0.0	Arbitrary Email Sending	High	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not specified yet (Needs Evaluation for most Ubuntu versions)	Use-after-free (accessing uninitialized variable)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (potentially all versions with qcom:camss driver)	Incorrect usage of reference counter in qcom:camss driver (CVE-2024-50175)	Moderate	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (versions 6.10 to 6.12 likely affected)	Race condition (CVE-2024-50174)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-27
ServiceNow Vancouver	Multiple	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions before the fix are potentially vulnerable)	Exec Queue Leak	Medium (CVSS score details not yet available)	View or Download	UNDERCODE	2024-11-27
Google Chrome	Prior to 124.0.6367.207	Out-of-bounds write in V8 JavaScript engine	Critical (High in Chromium)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Resource Leak due to Object Reference Loop	Medium	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Race condition in TPM suspension (CVE-2024-53085)	Moderate (CVSS score details not provided)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions using the vulnerable cpufreq driver)	cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() (CVE-2024-50178)	Critical	View or Download	UNDERCODE	2024-11-27
Apple Safari, iOS, iPadOS, macOS Sequoia	All versions before Safari 18.1.1, iOS 17.7.2, iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1, iPadOS 18.1.1, and visionOS 2.1.1	Code Execution (CVE-2024-44308)	Critical	View or Download	UNDERCODE	2024-11-27
Google Chrome	Prior to 124.0.6367.201	Use After Free in Visuals	High	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Improper Error Handling (remoteproc driver)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Uninitialized variable (hdr_len, txbuf_len)	Medium	View or Download	UNDERCODE	2024-11-27
ServiceNow Now Platform	All versions before Xanadu General Availability (vague)	Sandbox Escape (allows remote code execution)	Critical (CVSS score: 9.3)	View or Download	UNDERCODE	2024-11-27
Jenkins	< 0.0.15	Path Traversal	Moderate	View or Download	UNDERCODE	2024-11-27
Querydsl	Not specified (vulnerable since initial versions)	HQL Injection	Critical	View or Download	UNDERCODE	2024-11-27
Devolutions.XTS.NET	All versions before 2024.11.26	Timing Attack (CVE-2024-11862)	Moderate	View or Download	UNDERCODE	2024-11-27
Google Chrome	Before 125.0.6422.112	Type Confusion in V8 JavaScript Engine		View or Download	UNDERCODE	2024-11-27
Google Chrome	Prior to 128.0.6613.84 (Unaffected versions not specified)	Type Confusion (CVE-2024-7971)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Bounds checking error in snd_soc_dapm_widget_list	Medium	View or Download	UNDERCODE	2024-11-27
Oracle WebCenter Portal (Oracle Fusion Middleware)	12.2.1.4.0 (affected version)	Unauthorized access (update, insert, delete, read) to some of Oracle WebCenter Portal data	Medium (CVSS v3 score: 4.4)	View or Download	UNDERCODE	2024-11-27
Oracle Agile Product Lifecycle Management for Process	Prior to 6.2.4.2	Unauthenticated remote code execution	Critical (CVSS 3.1 Base Score: 7.3)	View or Download	UNDERCODE	2024-11-27
MySQL Server	8.0.35 and prior, 8.2.0 and prior	Server : Security : Firewall	Medium	View or Download	UNDERCODE	2024-11-27
Oracle BI Publisher	6.4.0.0.0, 7.0.0.0.0	Unauthorized access (update, insert, delete, read)	Critical (CVSS score: 5.4)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not specified (likely all before a patched version is released)	Integer underflow in PLL value checks for Samsung Arbiter 0521 sensor	Critical	View or Download	UNDERCODE	2024-11-27
Oracle Hospitality Simphony (component: Simphony Enterprise Server)	19.1.0 - 19.5.4	Easily exploitable via HTTP	Critical (CVSS 3.1 Base Score: 9.9)	View or Download	UNDERCODE	2024-11-27
Oracle MySQL Server	8.0.36 and prior, 8.3.0 and prior	Information Schema flaw	Critical (CVSS score: 5.3)	View or Download	UNDERCODE	2024-11-27
Oracle WebLogic Server (Core component)	12.2.1.4.0, 14.1.1.0.0	Security Feature Bypass	Critical (CVSS 3.1 Base Score: 6.1)	View or Download	UNDERCODE	2024-11-27
Oracle E-Business Suite	12.2.3 - 12.2.13	Unauthorized data access	Medium (CVSS 3.1 Base Score: 5.3)	View or Download	UNDERCODE	2024-11-27
Oracle Solaris	11	Zone component vulnerability	Critical (CVSS score: 8.2)	View or Download	UNDERCODE	2024-11-27
Oracle MySQL Server	8.0.35 and prior, 8.2.0 and prior (all versions before these are vulnerable)	Improper handling within the Optimizer component	Critical (CVSS 3.1 Base Score: 4.9)	View or Download	UNDERCODE	2024-11-27
Oracle E-Business Suite	12.2.3 - 12.2.13	CVE-2024-20958	Medium (CVSS 3.1 Base Score: 5.4)	View or Download	UNDERCODE	2024-11-27
Oracle Database Sharding	19.3-19.22 & 21.3-21.13	An attacker with DBA privileges and network access can cause a partial denial-of-service (DoS).	Low (CVSS v3 base score: 2.4)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Buffer overflow in video capture when using more than 32 buffers.	Medium (CVSS v3.1: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not specified (all before 6.11.8 likely vulnerable)	Missing buffer index check in dvb_vb2_expbuf() function	Low (CVSS v3 score not yet available)	View or Download	UNDERCODE	2024-11-27
Linux Kernel (Xilinx axienet)	Not specified (affects specific platforms)	Race condition in network transmission	Moderate (CVSS: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not listed (all potentially vulnerable)	Btrfs reference list handling error in `insert_delayed_ref()`	Low	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions potentially affected)	Infinite Loop in filemap_read()	Medium (CVSS v3: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions vulnerable before a fix is applied)	Crash due to invalid pointer access	Medium (CVSS score not yet assigned)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Integer overflow in damon_feed_loop_next_input function	Moderate (CVSS score details might be available elsewhere)	View or Download	UNDERCODE	2024-11-26
Linux Kernel	(Unaffected versions not specified)	Improper IO Mapping Handling	High	View or Download	UNDERCODE	2024-11-26
CRI-O	!ERROR! B1251 -> Formula Error: Unexpected ,	Malicious checkpoint file can lead to arbitrary node access	Moderate	View or Download	UNDERCODE	2024-11-26
TCPDF	6.7.5	Local File Inclusion (LFI)	Moderate	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	All versions (not specified)	Out-of-Bounds Read Remote Code Execution (RCE) in JP2 file parsing	Critical	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	All versions (not specified)	JPG File Parsing Out-Of-Bounds Read	Information Disclosure (allows attackers to see sensitive information)	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	All	JP2 File Parsing Out-Of-Bounds Read Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	Not specified	Out-of-Bounds Read Information Disclosure	Not officially rated (CVSS information not yet available)	View or Download	UNDERCODE	2024-11-26
WordPress	Sirv plugin up to 7.3.0	Unauthorized modification of data leading to Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2024-11-26
WordPress Restaurant Menu – Food Ordering System Plugin	Up to and including 2.4.2	Reflected Cross-Site Scripting (XSS)	Medium (CVSS v3: 6.1)	View or Download	UNDERCODE	2024-11-26
WordPress	Contact Form 7 Email Add On plugin <= 1.9	Local File Inclusion	HIGH	View or Download	UNDERCODE	2024-11-26
WordPress	WooCommerce Product Table Lite plugin versions up to 3.8.6	Arbitrary Shortcode Execution & Reflected Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-26
FastStone Image Viewer	All versions before 7.8 are affected (unspecified in report)	Out-of-Bounds Write in GIF Parsing	Critical (Allows remote code execution)	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	(not specified)	Out-of-Bounds Read in PDF Parsing	Information Disclosure (Exploitation likely requires additional vulnerabilities)	View or Download	UNDERCODE	2024-11-26
PDF-XChange Editor (all versions)	Not applicable	Out-of-bounds write during PDF parsing	Critical	View or Download	UNDERCODE	2024-11-26
Perl (Imager package)	Before 1.0.25	Heap-based buffer overflow	Critical (CVSS details not provided)	View or Download	UNDERCODE	2024-11-26
Ivanti Cloud Services Appliance (CSA)	4.6 (before Patch 518)	OS Command Injection (CVE-2024-8190)	Critical	View or Download	UNDERCODE	2024-11-26
		Use-After-Free leading to Remote Code Execution	Critical (allows attackers to take full control of the system)	View or Download	UNDERCODE	2024-11-26
WordPress	WPGYM <= 67.1.0	Unauthenticated Arbitrary File Upload	Critical	View or Download	UNDERCODE	2024-11-26
WordPress	WPGYM plugin up to 67.1.0	Privilege Escalation	Moderate (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-26
AMD EPYC Processors (see below for affected models)	Firmware versions up to (excluding) milanpi_1.0.0.d or genoapi_1.0.0.c (depending on the model)	Details not specified in the excerpt, but likely exploitable by attackers.	Critical (highest severity level)	View or Download	UNDERCODE	2024-11-26
Dell PowerProtect DD	Prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50	Access Control	Critical	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (to be confirmed)	Out-of-Bounds Read Remote Code Execution (RCE) in SID file parsing	Critical	View or Download	UNDERCODE	2024-11-26
IBM Watson Query on Cloud Pak for Data, IBM Db2 Big SQL on Cloud Pak for Data	1.8, 2.0, 2.1, 2.2 (Watson Query), 7.3, 7.4, 7.5, 7.6 (Db2 Big SQL)	Insufficient session expiration	Critical	View or Download	UNDERCODE	2024-11-26
PHP	8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14	HTTP Request Smuggling (CVE-2024-11234)	Critical	View or Download	UNDERCODE	2024-11-26
Pandora FMS	700 through <= 777.4	Command Injection (LDAP Authentication)	MEDIUM	View or Download	UNDERCODE	2024-11-26
WordPress	My Contador lesr plugin <= 2.0	Unauthenticated Stored Cross-Site Scripting (XSS)	Medium (CVSS: 3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)	View or Download	UNDERCODE	2024-11-26
WordPress	Dino Game - Embed Google Chrome Dinosaur Game plugin versions up to 1.1.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-26
WordPress	Pure CSS Circle Progress Bar plugin <= 1.2	Stored Cross-Site Scripting (XSS)	Critical (Unauthenticated attackers can inject malicious scripts)	View or Download	UNDERCODE	2024-11-26
WordPress	Up to and including 1.1.6	Reflected Cross-Site Scripting (XSS)	Medium (CVSS: 6.1)	View or Download	UNDERCODE	2024-11-26
WordPress	Theater for WordPress <= 0.18.6.2	Reflected Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-26
Android	(Not specified)	Local Privilege Escalation through Screen Capture	Critical	View or Download	UNDERCODE	2024-11-26
Zoho ManageEngine Exchange Reporter Plus	5714 and below	Authenticated SQL injection	Critical	View or Download	UNDERCODE	2024-11-26
Jewel Theme Master Addons for Elementor	All versions up to 2.0.5.4.1 (uncertain about earlier versions)	Missing Authorization	Critical	View or Download	UNDERCODE	2024-11-26
HarmonyOS (based on source)	Not specified	Missing permission check in applyCustomDescription of SaveUi.java	High (Local Information Disclosure)	View or Download	UNDERCODE	2024-11-26
KiviCare	Up to 3.6.2	Authorization Bypass Through User-Controlled Key	Critical	View or Download	UNDERCODE	2024-11-26
Keycloak Connector Server	< 2.5.5	Reflected XSS	Moderate	View or Download	UNDERCODE	2024-11-26
sigstore-java	v1.0.0 (patched in v1.1.0)	Incomplete verification in KeylessVerifier.verify()	Critical	View or Download	UNDERCODE	2024-11-26
Android	Not specified (All versions potentially affected)	Confused Deputy in PrintManagerService.java	Medium	View or Download	UNDERCODE	2024-11-26
Qualcomm Snapdragon Firmware	All	CWE-835 (Loop or Recursion Vulnerability)		View or Download	UNDERCODE	2024-11-26
Qualcomm Multi-mode Call Processor	Not Applicable (Affects All Versions)	Denial-of-Service (DoS)	Medium	View or Download	UNDERCODE	2024-11-26
		Unknown (reference to CWE-787 suggests Out-of-bounds Write)	Unknown (severity cannot be determined from this blog post)	View or Download	UNDERCODE	2024-11-26
UkrSolution Barcode Scanner with Inventory & Order Manager			Critical	View or Download	UNDERCODE	2024-11-26
Lobe Chat	Before 1.19.13	Unauthorized SSRF	Critical (CVSS: 9.0)	View or Download	UNDERCODE	2024-11-26
Android	Not specified (all versions potentially affected)	Out-of-bounds write due to missing bounds check	Critical (allows remote code execution)	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (unaffected versions not specified)	DXF file parsing out-of-bounds read leading to RCE	Critical	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (unaffected versions not yet identified)	Out-of-bounds read in DXF file parsing leading to RCE	Critical	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (unaffected version not specified yet)	Out-of-Bounds Read Remote Code Execution (DXF File Parsing)	Critical	View or Download	UNDERCODE	2024-11-26
Centreon	All versions before 22.04.24, 22.10.22, 23.04.18, 23.10.12, and 24.04.0 (not mentioned in the article)	SQL Injection in the updateServiceHost function	Critical (allows remote code execution)	View or Download	UNDERCODE	2024-11-26
Centreon Web	All versions before the fixes mentioned below	SQL Injection leading to Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-26
Dell PowerProtect DD	Before 7.7.5.50	Exposure of Sensitive Information to Unauthorized Actor	Low (CVSS: 3.1)	View or Download	UNDERCODE	2024-11-26
Dell PowerProtect Data Domain	Prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50	Escalation of Privilege (EoP)	Critical (CVSS score details not provided)	View or Download	UNDERCODE	2024-11-26
Project Worlds Free Download Online Shopping System	All versions up to 192.168.1.88 (unclear if specific to this IP or a version range)	SQL injection	Critical (CVSS score: 5.3 MEDIUM)	View or Download	UNDERCODE	2024-11-26
ManageEngine ADAudit Plus	Below 8121	SQL Injection (CVE-2024-5608)	Critical (CVSS score: 8.3)	View or Download	UNDERCODE	2024-11-26
emqx Neuron	Up to 2.10.0	Buffer Overflow	Critical (CVSS v4.0: MEDIUM)	View or Download	UNDERCODE	2024-11-26
E-Health Care System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-26
GitLab CE/EE	16.0 to 17.3.6, 17.4 to 17.4.3, 17.5 to 17.5.1 (Fixed in 17.3.7, 17.4.4, 17.5.2)	Unauthorized access to Kubernetes agent (CVE-2024-9693)	High (CVSS score: 8.5)	View or Download	UNDERCODE	2024-11-26
Python	0.1.13	Credential Harvesting	High	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified	Out-of-memory access in dvbdev	High (CVSS score not provided)	View or Download	UNDERCODE	2024-11-25
MLflow	Affected versions are not explicitly specified.	Excessive directory permissions	High	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	Heap-based buffer overflow in JPM file parsing	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	DJVU File Parsing Use-After-Free Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All	Heap-based Buffer Overflow Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
		PDF File Parsing Out-Of-Bounds Read Information Disclosure	LOW	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not yet disclosed)	Out-of-Bounds Read Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	Out-of-Bounds Write in JPM File Parsing	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	DXF file parsing memory corruption leading to remote code execution	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	Out-of-bounds read during DWG file parsing leading to Remote Code Execution (RCE)	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (not specified)	Out-of-bounds write during ARW file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not specified)	Out-of-bounds write during JPM file parsing (CVE-2024-11517)	Critical (RCE)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not specified yet)	DWG File Parsing Memory Corruption RCE	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not yet identified)	DXF File Parsing Use-After-Free Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
WordPress	ImagePress – Image Gallery plugin versions up to 1.2.2 (inclusive)	Cross-Site Request Forgery (CSRF)	Medium (CVSS v3 score not provided)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	DXF File Parsing Memory Corruption Remote Code Execution	Critical (CVSS: 7.8)	View or Download	UNDERCODE	2024-11-25
Keycloak	26 and earlier	Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B1324 -> Formula Error: Unexpected ,	Denial-of-Service (DoS)	Moderate	View or Download	UNDERCODE	2024-11-25
deno_doc	All versions before a fix is released	Cross-site Scripting (XSS)	Low	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B1326 -> Formula Error: Unexpected ,	Sensitive data exposure	High	View or Download	UNDERCODE	2024-11-25
Dell SmartFabric OS10 Software	10.5.3.x, 10.5.4.x, 10.5.5.x, 10.5.6.x	Improper Neutralization of Special Elements (Command Injection)	HIGH	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B1328 -> Formula Error: Unexpected ,	Sensitive data exposure during build process	Moderate	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B1329 -> Formula Error: Unexpected ,	Path Traversal	Low	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B1330 -> Formula Error: Unexpected ,	Inefficient Regular Expression Complexity		View or Download	UNDERCODE	2024-11-25
Xiaomi Router AX9000	Not specified	Post-authorization Command Injection	MEDIUM (CVSS 3.1 base score: 6.4)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unspecified)	Out-of-Bounds Write during SID File Parsing (Remote Code Execution)	Critical	View or Download	UNDERCODE	2024-11-25
1000 Projects Beauty Parlour Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-25
Tungsten Automation Power PDF	Not specified	JPF File Parsing Out-Of-Bounds Write Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not specified)	WSQ File Parsing Out-Of-Bounds Write Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
Tungsten Automation Power PDF	Not specified	PSD File Parsing Out-Of-Bounds Write Remote Code Execution	Critical (CVSS score not provided, but the description indicates remote attackers can execute arbitrary code)	View or Download	UNDERCODE	2024-11-25
Tungsten Automation Power PDF	Not specified	Stack-based buffer overflow in TIF file parsing	Critical	View or Download	UNDERCODE	2024-11-25
WordPress	HUSKY - Products Filter Professional for WooCommerce plugin versions up to 1.3.6.3	Reflected Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-25
W3speedster	Up to 7.25	Cross-Site Request Forgery (CSRF)	Critical	View or Download	UNDERCODE	2024-11-25
Vivwebs Dynamic Widgets	Up to 1.6.4	Cross-Site Request Forgery (CSRF)	Medium (based on CVSS v3.1 score)	View or Download	UNDERCODE	2024-11-25
		XSS in error messages	Low (user-controlled input needed in error message)	View or Download	UNDERCODE	2024-11-25
Taurus Multi-Party Signature Library	Not specified		Critical (both vulnerabilities)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified (all versions potentially affected)	Race condition in i40e driver	Moderate (CVSS score not provided)	View or Download	UNDERCODE	2024-11-25
lxml (HTML cleaning functionality)	Before 0.4.0	Improper context handling for special HTML tags (SVG, Math, Noscript)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-25
Android	Not specified	Improper Input Validation in CompanionDeviceManagerService.java (CVE-2024-0022)	High	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified	Improper reference count handling for CPU device nodes (RISC-V)	Medium (CVSS v3 base score: 5.5)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified (likely impacts multiple versions)	Improper resource handling in iwlwifi driver during AP stop/start	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified (requires kernel update)	Incorrect NULL vs IS_ERR() check in drm/tegra driver	Low (CVSS v3 Base Score: 5.5)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Unaffected versions not listed (potentially all before the fix)	Out-of-bounds memory access in virtio_net driver	HIGH (CVSS 3.1 base score: 7.1)	View or Download	UNDERCODE	2024-11-25
emqx neuron	Up to 2.10.0	Information Disclosure (CVE-2024-10965)	MEDIUM	View or Download	UNDERCODE	2024-11-23
AMTT Hotel Broadband Operation System	Up to 3.0.3.151204	Cross-site scripting (XSS)	Medium (CVSS score: 5.3)	View or Download	UNDERCODE	2024-11-23
code-projects Task Manager	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-23
Job Recruitment	1.0	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-23
WordPress Plugin - CTT Expresso para WooCommerce	Up to 3.2.12 (inclusive)	Sensitive Information Exposure	Medium	View or Download	UNDERCODE	2024-11-23
Code4Berry Decoration Management System	1.0	Improper Access Control	Critical	View or Download	UNDERCODE	2024-11-23
Dropbox Desktop	All	Mark-of-the-Web Bypass	Critical	View or Download	UNDERCODE	2024-11-23
WordPress	FundEngine plugin versions up to and including 1.7.0	Privilege Escalation	Critical	View or Download	UNDERCODE	2024-11-23
Code4Berry Decoration Management System	1.0	Permission Issues (User Handler - /decoration/admin/userregister.php)	Critical	View or Download	UNDERCODE	2024-11-23
Linux Kernel	Not specified (potentially all versions before the fix)	mctp i2c NULL header address handling	Medium (CVSS score not provided)	View or Download	UNDERCODE	2024-11-22
	All versions before the fix	Memory Leak	Medium (CVSS score to be determined)	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified	Null pointer dereference in firmware:qcom:scm	Medium (CVSS score not provided)	View or Download	UNDERCODE	2024-11-22
MBed OS	6.16.0	Buffer Overflow (CVE-2024-48982)	Critical	View or Download	UNDERCODE	2024-11-22
Code4Berry Decoration Management System	1.0	User Permission Handling Vulnerability (CVE-2024-11486)	Medium	View or Download	UNDERCODE	2024-11-22
Mbed OS	6.16.0	Buffer Overflow (CVE-2024-48986)	Critical	View or Download	UNDERCODE	2024-11-22
Tailoring Management System	1.0 (Unaffected versions not specified)	SQL Injection through /expcatedit.php argument manipulation (id)	Medium (CVSS v4.0 Base Score: 5.3)	View or Download	UNDERCODE	2024-11-22
Code4Berry Decoration Management System	1.0	SQL Injection (CVE-2024-11487)	Critical	View or Download	UNDERCODE	2024-11-22
1000 Projects Bookstore Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-22
AVL-DiTEST-DiagDev libdoip	1.0.0	Null Pointer Dereference in DoIPConnection::reactOnReceivedTcpMessage	Medium	View or Download	UNDERCODE	2024-11-22
idcCMS	1.60	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions with vulnerable bnxt_re driver)	Out-of-bounds memory access	Moderate (CVSS v3 base score: 5.5)	View or Download	UNDERCODE	2024-11-22
smol-toml	<1.3.1	Stack Overflow	Low	View or Download	UNDERCODE	2023-11-13
Tornado	Prior to 6.4.2	HTTP Cookie Parsing DoS	High	View or Download	UNDERCODE	2024-11-22
Sentry	All versions before next release	Potential Client ID and Secret exposure in error message	Low	View or Download	UNDERCODE	2024-11-22
UAMQP C library	Unaffected versions not specified	Remote Code Execution (RCE)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-22
WordPress	Up to and including 1.7.2	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-22
java_shop	1.0	File Upload Vulnerability	Not yet rated by NIST	View or Download	UNDERCODE	2024-11-22
Android	Not specified (all versions before August 2024 patch)	Logic error in OwnersData.java	High	View or Download	UNDERCODE	2024-11-22
LibreNMS	Not specified	Reflected XSS (CVE-2024-51496)	Medium	View or Download	UNDERCODE	2024-11-22
ManageEngine ADAudit Plus	Below 8110	Authenticated SQL Injection (CVE-2024-36518)	High	View or Download	UNDERCODE	2024-11-22
Zyxel P-6101C ADSL modem	P-6101CSA6AP_20140331	Improper Authentication	HIGH	View or Download	UNDERCODE	2024-11-22
LibreNMS	All versions before 24.10.0	Reflected XSS	Critical	View or Download	UNDERCODE	2024-11-22
WordPress	Breakdance versions up to 1.7.2 (inclusive)	Unauthorized Access of Data	Medium	View or Download	UNDERCODE	2024-11-22
java_shop	1.0	Incorrect Access Control	Critical (CVSS details not yet available)	View or Download	UNDERCODE	2024-11-22
SourceCodester Student Record Management System	1.0	Memory Corruption	Critical	View or Download	UNDERCODE	2024-11-22
Querydsl	5.1.0	SQL/HQL Injection	High	View or Download	UNDERCODE	2024-11-22
	Not specified (versions 3.2.0 through 4.1.3 are vulnerable)	Server-Side Request Forgery (SSRF)	High (CVSS score: 7.5)	View or Download	UNDERCODE	2024-11-22
SFTPGo	All versions	Arbitrary Command Execution	Critical	View or Download	UNDERCODE	2023-10-24
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
Luxion KeyShot	Not specified	Remote Code Execution (RCE) through jt file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
Luxion KeyShot	Not specified	Stack overflow due to improper validation in 3DS file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution (RCE)	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
Adobe InDesign	(not specified)	Information Disclosure	Low	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-18
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified	Division by zero error in v4l2-tpg	Medium	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions potentially affected)	Slab-use-after-free in ksmbd_smb2_session_create	High (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-22
Linux kernel	Not specified	Slab-use-after-free in smb3_preauth_hash_rsp function	HIGH (CVSS v3 score not provided)	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions vulnerable before a fix)	SCTP Chunk Size Validation Error (CVE-2024-50299)	Not officially rated by NIST (NVD) yet	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified	Buffer overflow in amdgpu_debugfs_gprwave_read() function	Medium (CVSS v2: 4.6, CVSS v3: 7.8)	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions potentially affected)	Uninitialized use of regulator_config in rtq2208 driver	High (CVSS score not yet available from NVD)	View or Download	UNDERCODE	2024-11-22
SourceCodester Student Record Management System	1.0	Stack-based buffer overflow	Critical	View or Download	UNDERCODE	2024-11-22
Android	Not specified (all versions before March 2024 security patch)	Local Information Disclosure (exercise route data)	High	View or Download	UNDERCODE	2024-11-22
Android	Not specified	Incorrect tag used during device policy serialization (CVE-2024-0047)	High (Potential for DoS)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution (RCE)	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-21
IrfanView	4.69 and earlier	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
Linux Kernel	(Not specified in the provided information)	Improper access control in raw_copy_{to,from}_user() functions	Critical (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-21
Linux Kernel	Not specified (all versions potentially affected)	Use-after-free in USB serial io_edgeport code	Medium (CVSS v2 score: 4.6, CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-21
Linux Kernel	All versions before the fix for CVE-2024-50265 are vulnerable.	Null pointer dereference in ocfs2_xa_remove() function	Critical	View or Download	UNDERCODE	2024-11-21
Linux Kernel	(Not specified in the provided information)	Flaw in sch_cake's flow accounting logic	Medium	View or Download	UNDERCODE	2024-11-21
Linux Kernel	Unaffected versions not specified	Use-After-Free in vsock/virtio (CVE-2024-50264)	Critical (CVSS v3 score details not provided)	View or Download	UNDERCODE	2024-11-21
Linux Kernel	Not specified (all versions vulnerable before fix)	Double free of TX skb	Critical	View or Download	UNDERCODE	2024-11-21
Oracle Agile PLM Framework	9.3.6	Information Disclosure	HIGH (CVSS Score: 7.5)	View or Download	UNDERCODE	2024-11-21
Opencast	13 and 14	Infinite loop with Elasticsearch queries	Critical	View or Download	UNDERCODE	2024-11-20
Litestar	All versions	Denial of Service (DoS)	Critical	View or Download	UNDERCODE	2024-11-20
Microsoft SharePoint Server	Not specified	Remote Code Execution (RCE)	Critical (CVSS score: 7.2)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (potential impact on all versions)	Information Disclosure	Low	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (likely affects multiple versions)	Firmware crash due to invalid peer nss value in association request	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-20
Qualcomm Multiple Products	Various	Multiple Vulnerabilities	Varies	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (all versions potentially affected)	io_uring overflow handling flaw	Low	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified	Memory access issue in drm/amd/display code	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-20
cert-manager	All versions since v0.1.0	Denial-of-service (DoS)	Medium	View or Download	UNDERCODE	2024-11-20
7-Zip	Affected versions prior to 24.07	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-20
N/A	N/A	N/A	N/A	View or Download	UNDERCODE	2024-11-20
		Undercoding (mentioned in the article but not a security vulnerability)	N/A (Undercoding is not a security vulnerability)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (all versions potentially affected)	Race condition in ntfs3 driver	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-20
Qualcomm devices	(not specified)	(not specified)	(not specified)	View or Download	UNDERCODE	2024-11-20
Qualcomm	(see article for specific versions)	Potential Remote Compromise	Critical	View or Download	UNDERCODE	2024-11-20
D-Link DI-8033	16.07.26A1	Buffer Overflow (CVE-2024-52759)	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-20
Monoprice Select Mini V2	V37.115.32	Improper input validation in printing files	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-11-20
WordPress Testimonials Widget Plugin	Up to and including 4.0.4	Stored Cross-Site Scripting (XSS)	Unlisted (CVSS score not provided)	View or Download	UNDERCODE	2024-11-20
Tenda AC6	v2.0 v15.03.06.50	Buffer overflow in function "fromSetSysTime" (CVE-2024-52714)	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified	Integer overflow in drm/amd/display code	Moderate	View or Download	UNDERCODE	2024-11-20
Cosmos SDK	cosmossdk.io/math versions <= math/v1.3.0	Mismatched bit-length validation in sdk.Int and sdk.Dec	High	View or Download	UNDERCODE	2024-11-20
Moodle		Insecure Direct Object Reference (IDOR)	Moderate	View or Download	UNDERCODE	2024-11-20
django CMS	Before 4.0	Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (likely affects multiple versions)	Improper synchronization when accessing superblock buffer	Moderate (CVSS v3 base score: 5.5)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (potentially all versions with aforementioned configurations enabled)	Out-of-bounds read (based on CVE description)	Medium (according to CVE details, no exploit exists)	View or Download	UNDERCODE	2024-11-20
N/A	N/A	N/A	N/A	View or Download	UNDERCODE	2024-11-20
		Buffer overflow in `amdgpu_dm` initialization	Unknown (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publishing)	Cross-site Scripting (XSS)	Medium (CVSS score: 6.1)	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publication)	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publication)	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-20
Cisco ISE	All versions (at the time of publishing)	XXE (CVE-2024-20531)	MEDIUM (CVSS score: 5.5)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	All versions before 6.11.7	Null Pointer Dereference (CVE-2024-53050)	Medium	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publication)	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-20
Linux kernel	Not specified	Null pointer dereference in `intel_hdcp_get_capability`	Medium (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-20
Anton Hoelstad WP Quick Setup	<= 2.0	Unrestricted Upload of File with Dangerous Type	Critical	View or Download	UNDERCODE	2024-11-20
Mindstien Technologies My Geo Posts Free	All versions up to 1.2 (inclusive)	Deserialization of Untrusted Data	Critical	View or Download	UNDERCODE	2024-11-20
WordPress Video Robot - The Ultimate Video Importer	All versions up to 1.20.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-20
Lis Video Gallery	Up to 0.2.1	Deserialization of Untrusted Data	Critical	View or Download	UNDERCODE	2024-11-20
Post SMTP	All versions up to 2.9.9	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-20
GLPI	All versions before 10.0.17	Reflected XSS	Medium	View or Download	UNDERCODE	2024-11-20
GLPI	All versions before 10.0.17	SQL Injection	High (CVSS score: 8.1)	View or Download	UNDERCODE	2024-11-20
code-projects Job Recruitment	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-20
Saso Nikolov Event Tickets with Ticket Scanner	n/a - 2.3.11	Improper Neutralization of Special Elements Used in a Template Engine	Critical	View or Download	UNDERCODE	2024-11-20
	3.1	Heap-Overflow Vulnerability in DCERPC Protocol	CRITICAL	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
Moodle	All versions before 4.5.0-rc2 (unconfirmed)	Improper Authorization	Medium (CVSS v2 score: 5.0, CVSS v3 score: 6.5)	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored XSS	Medium	View or Download	UNDERCODE	2024-11-20
LibreNMS	Unaffected versions not listed (all versions before 24.10.0 likely vulnerable)	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
Moodle	Versions before 4.5.0-rc2 are affected (unclear which specific versions)	Improper Authorization	Medium (CVSS v2 score: 6.4, CVSS v3 score: 4.3)	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-20
Urchenko Drozd – Addons for Elementor	Up to 1.1.1	Stored XSS (Cross-site Scripting) (CVE-2024-52425)	Medium (CVSS details not specified)	View or Download	UNDERCODE	2024-11-20
Moodle	All versions before 4.1.14, 4.2.11, 4.3.8, 4.4.4 (not exhaustive)	Information Disclosure	Medium	View or Download	UNDERCODE	2024-11-20
WordPress	Linear plugin <= 2.7.11	Cross-site Scripting (XSS)	Medium (CVSS details not specified)	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
LibreNMS	Unaffected versions not listed (all versions before 24.10.0 likely vulnerable)	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
SourceCodester Online Eyewear Shop	1.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-20
Windows	SecureID Software Token for Microsoft Windows	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-19
eDrawings Viewer	All versions from SOLIDWORKS 2024 through 2025 (unspecified)	Heap-based buffer overflow and uninitialized variable vulnerabilities in X_B and SAT file parsing	Critical (CVSS: 7.8)	View or Download	UNDERCODE	2024-11-19
1000 Projects Beauty Parlour Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-19
WordPress	WP Activity Log plugin versions up to 5.2.1	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-19
GLPI	All versions before 10.0.17 (vulnerable)	Access Control Bypass (CVE-2024-45611)	Medium	View or Download	UNDERCODE	2024-11-19
WordPress	Tripetto plugin versions up to 8.0.3	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-19
1000 Projects Beauty Parlour Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-19
1000 Projects Portfolio Management System MCA	1.0	SQL injection	Critical	View or Download	UNDERCODE	2024-11-19
Farmacia	1.0 (all versions likely affected)	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
Adobe Audition	23.6.9, 24.4.6 and earlier	Out-of-bounds read vulnerability	Medium (CVSS: 5.5)	View or Download	UNDERCODE	2024-11-19
Microsoft VHDX	(Not specified)	Denial-of-Service (DoS)	Medium (CVSS score: 5.9)	View or Download	UNDERCODE	2024-11-19
GLPI	All versions before 10.0.17	Reflected XSS (CVE-2024-45609)	Medium (CVSS v3.1 score: 6.5) - Though some sources list it as High (CVSS v2 score: 7.8)	View or Download	UNDERCODE	2024-11-19
WordPress	Up to and including 2.5.7	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
Windows	Not specified	Elevation of Privilege in USB Video Class System Driver	MEDIUM (CVSS score: 6.8)	View or Download	UNDERCODE	2024-11-19
Windows SMBv3 Server	(not specified in this article)	Remote Code Execution (RCE)	High (CVSS score: 8.1)	View or Download	UNDERCODE	2024-11-19
GLPI	All versions before 10.0.17	Reflected Cross-Site Scripting (XSS)	Pending analysis by NIST	View or Download	UNDERCODE	2024-11-19
WordPress Plugin (The Music Player for Elementor)	All versions up to 2.4.1	Unauthorized modification of data (CVE-2024-10582)	Critical	View or Download	UNDERCODE	2024-11-19
		Remote Code Execution	High (CVSS score: 8.8)	View or Download	UNDERCODE	2024-11-19
Ceph RGW (civetweb)	Not specified	Multiple connection establishment to exhaust file descriptors	Denial-of-Service (DoS)	View or Download	UNDERCODE	2024-11-19
Intel Server Board M10JNP2SB Family (exact versions not specified)	Not specified	Improper input validation in UEFI firmware	High (CVSS score: 7.5 - 8.7 depending on the version of CVSS used)	View or Download	UNDERCODE	2024-11-19
		Windows Registry Elevation of Privilege Vulnerability	HIGH (CVSS score: 7.5)	View or Download	UNDERCODE	2024-11-19
ImageMagick, GraphicsMagick	Before 1.3.24 (both platforms)	Arbitrary Code Execution	Not specified (CVSS score likely available elsewhere)	View or Download	UNDERCODE	2024-11-19
ImageMagick	Not specified (versions before the fix are vulnerable)	Out-of-bounds write via PDB file	Medium (CVSS v3 score: 6.5)	View or Download	UNDERCODE	2024-11-19
LittleCMS (lcms or liblcms)	Before 1.18beta2	Multiple integer overflows	High (CVSS v2 score: 9.3)	View or Download	UNDERCODE	2024-11-19
.NET Core	9.0	Denial of Service (DoS)	High (CVSS v3 base score: 7.5)	View or Download	UNDERCODE	2024-11-19
tsMuxer	nightly-2024-05-12-02-01-18 (specific version only)	Heap-based buffer under-read	Not specified (CVSS score not provided)	View or Download	UNDERCODE	2024-11-19
		Improper Access Control in UEFI firmware	Not yet analyzed by NVD	View or Download	UNDERCODE	2024-11-19
GentleSource Appointmind	All versions before 4.0.0	Cross-Site Request Forgery (CSRF) leading to Stored XSS	High (based on CVE details)	View or Download	UNDERCODE	2024-11-19
rclone	v1.68.1	Insecure Handling of Symlinks	High	View or Download	UNDERCODE	2024-11-19
Siemens Tecnomatix Plant Simulation	All versions before V2302.0018 and V2404.0007	Out-of-bounds read vulnerability in WRL file parsing	High (CVSS v3.1 score: 7.8)	View or Download	UNDERCODE	2024-11-19
Siemens Tecnomatix Plant Simulation	(not specified)	Remote Code Execution (RCE) through WRL file parsing	High (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
Siemens Tecnomatix Plant Simulation	Not specified	Remote Code Execution (RCE) through WRL file parsing		View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Improper Neutralization of Delimiters	Medium (CVSS 3.1 score: 4.0)	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	v7.14	Out-of-range Pointer Offset	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	High (CVSS Score: 8.5)	View or Download	UNDERCODE	2024-11-19
EyouCMS	1.51	Path Traversal	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Integer Overflow or Wraparound	High (CVSS v2 score: 7.8, CVSS v3 score: 7.5)	View or Download	UNDERCODE	2024-11-19
Craft CMS	Prior to 4.12.2 and 5.4.3	Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)	High	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Improper Neutralization of Delimiters	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	Medium (CVSS score: 4.3)	View or Download	UNDERCODE	2024-11-19
Craft CMS	All versions before 5.4.9 and 4.12.8	Information Disclosure	High	View or Download	UNDERCODE	2024-11-19
Apache Kafka	2.3.0 - 3.5.2, 3.6.2, 3.7.0	Improper Privilege Management	High	View or Download	UNDERCODE	2023-10-17
Linux kernel	Not specified (likely affects multiple versions)	Unbalanced locking in pc_clock_settime()	Moderate (CVSS v3: 5.5, CVSS v4: 6.8)	View or Download	UNDERCODE	2024-11-19
ImageMagick	Not specified	Denial-of-Service (DoS) via crafted PSD file	Medium (CVSS score: 6.5)	View or Download	UNDERCODE	2024-11-19
Security Center application (vendor not specified)	All versions (not specified)	HTML Injection	Medium (CVSS 3.x Base Score: 5.9)	View or Download	UNDERCODE	2024-11-19
Linux Kernel	Not specified	Namespace copy issue (rbtree removal)	Not provided (CVSS details likely missing from provided text)	View or Download	UNDERCODE	2024-11-19
Linux Kernel	Not specified	Memory Corruption in RDMA/bnxt_re driver	Not specified (CVSS score not provided)	View or Download	UNDERCODE	2024-11-19
Linux kernel	Not specified	Improper locking during sub buffer order change (CVE-2024-50207)	Medium (CVSS score not explicitly mentioned)	View or Download	UNDERCODE	2024-11-19
WordPress	Royal Elementor Addons and Templates plugin versions up to 1.7.1001	Stored Cross-Site Scripting (XSS)	Medium (CVSS 3.1 Base Score: 6.4)	View or Download	UNDERCODE	2024-11-19
OpenEMR	7.0.1	Stored XSS	High (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-19
VK All in One Expansion Unit	Prior to 9.100.1.0	Cross-site scripting (XSS)	Medium (CVSS v3 score: 4.8)	View or Download	UNDERCODE	2024-11-19
Linux Kernel	Not specified (potentially all versions using nilfs2)	Improper Error Handling in nilfs2	Not yet assigned a CVSS score (as of November 19, 2024)	View or Download	UNDERCODE	2024-11-19
WordPress	AFI plugin up to and including 1.92.0	Reflected Cross-Site Scripting (XSS)	Medium (CVSS not yet analyzed)	View or Download	UNDERCODE	2024-11-19
WordPress	Royal Elementor Addons and Templates plugin versions up to 1.7.1001	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
calibre-web	Not specified	Cross-site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
WordPress	Up to 2.9.5	Local File Inclusion (LFI)	Critical (CVSS 3.x Base Score: 9.8)	View or Download	UNDERCODE	2024-11-19
WordPress	MultiManager WP – Manage All Your WordPress Sites Easily plugin (up to 1.0.5)	Authentication Bypass	Critical	View or Download	UNDERCODE	2024-11-19
WordPress	Royal Elementor Addons and Templates plugin versions up to 1.7.1001	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
Thunderbird	< 128.4.3 and < 132.0.1	Disclosure of plaintext in OpenPGP encrypted messages	Not specified (CVSS score likely available elsewhere)	View or Download	UNDERCODE	2024-11-19
Dolibarr	Versions before 'develop' branch	Improper Authorization	Medium	View or Download	UNDERCODE	2024-11-19
Harbor	Unaffected versions not specified (all versions before 2.5.2 likely vulnerable)	Improper Authorization	Not available in provided resources	View or Download	UNDERCODE	2024-11-19
calibre-web	Unknown	Improper Access Control	Low	View or Download	UNDERCODE	2024-11-19
Harbor	Not specified	Improper Authorization	High (CVSS: 7.4)	View or Download	UNDERCODE	2024-11-19
SourceCodester Best Employee Management System	1.0	SQL Injection	Medium	View or Download	UNDERCODE	2024-11-19
Harbor	1.0 through 1.10.12, 2.0 through 2.4.2 and 2.5 through 2.5.1 (all versions before the fix)	Improper Authorization	High	View or Download	UNDERCODE	2024-11-19
Harbor	(Unaffected versions not specified)	Insecure Direct Object Reference (IDOR) - CVE-2022-31667	High (CVSS details not yet available)	View or Download	UNDERCODE	2024-11-19
PHPGurukul User Registration & Login and User Management System	3.2	Reflected Cross-Site Scripting (XSS)	Not officially rated, but likely medium based on similar vulnerabilities.	View or Download	UNDERCODE	2024-11-19
Harbor	All versions before 2.5.2	Insecure Direct Object Reference (IDOR)	High	View or Download	UNDERCODE	2024-11-19
SourceCodester Best Employee Management System	1.0 (all versions likely affected)	SQL Injection	Medium (CVSS v3: 5.1)	View or Download	UNDERCODE	2024-11-19
VIWIS LMS	9.11	Missing Authorization in Print Handler	Critical	View or Download	UNDERCODE	2024-11-19
phpipam	All versions before 1.4.7	Cross-Site Scripting (XSS)	Low	View or Download	UNDERCODE	2024-11-19
WordPress (Hoo Addons for Elementor plugin)	Up to 1.0.6	Cross-Site Scripting (XSS)	Not yet determined (CVSS information is undergoing analysis)	View or Download	UNDERCODE	2024-11-18
Kashipara E-learning Management System Project	1.0	SQL Injection	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-18
Windows	Multiple versions	Elevation of Privilege	High	View or Download	UNDERCODE	2024-11-18
		NTLM Hash Disclosure Spoofing Vulnerability (CVE-2024-43451)	Medium (CVSS score: 6.5)	View or Download	UNDERCODE	2024-11-18
Palo Alto Networks Expedition	Not specified	SQL Injection (CVE-2024-9465)	Critical (CVSS score: 9.2)	View or Download	UNDERCODE	2024-11-18
Nostromo nhttpd	<= 1.9.6	Directory Traversal	Critical (Remote Code Execution)	View or Download	UNDERCODE	2024-11-18
PTZOptics PT30X-SDI/NDI-xx	Before 6.3.40	Insufficient Authentication (CVE-2024-8956)	Critical (CVSS Score: 9.1)	View or Download	UNDERCODE	2024-11-18
Palo Alto Networks Expedition	All versions before 1.2.96 (including 1.2.0)	OS Command Injection	CRITICAL (CVSS score: 9.9)	View or Download	UNDERCODE	2024-11-18
Roundcube Webmail	Before 1.5.7 and 1.6.x before 1.6.7	XSS via SVG animate attributes	Medium (CVSS score: 6.1)	View or Download	UNDERCODE	2024-11-18
PTZOptics PT30X-SDI/NDI-xx	Before 6.3.40	OS Command Injection (CVE-2024-8957)	HIGH (CVSS: 7.2)	View or Download	UNDERCODE	2024-11-18
				View or Download	UNDERCODE	2024-11-18
	9.0.0.M30	Deserialization of untrusted data vulnerability	CRITICAL	View or Download	UNDERCODE	2024-11-18
Metabase	< 0.40.5 and < 1.40.5	Local File Inclusion (LFI)	CRITICAL	View or Download	UNDERCODE	2023-11-28
Windows Kernel	All	Elevation of Privilege	HIGH	View or Download	UNDERCODE	2024-11-18
Palo Alto Networks Expedition	All versions before 1.2.92	Missing Authentication	CRITICAL (CVSS Score: 9.3)	View or Download	UNDERCODE	2024-11-18
ScienceLogic SL1 (formerly EM7)	All versions before 12.1.3, 12.2.3, and 12.3+	Remote Code Execution (RCE) due to unspecified third-party component vulnerability (CVE-2024-9537)	CRITICAL (CVSS v2: 9.8, CVSS v3: 9.3)	View or Download	UNDERCODE	2024-11-18
Ravpn	Multiple versions affected	Remote Access VPN (RAVPN) Service Denial of Service (DoS) Vulnerability	MEDIUM	View or Download	UNDERCODE	2024-11-18
Jira			Critical	View or Download	UNDERCODE	2024-11-18
Spring MVC	Vulnerable versions	DoS	Moderate	View or Download	UNDERCODE	2024-11-19
Apache Tomcat	11.0.0-M23 through 11.0.0-M26, 10.1.27 through 10.1.30, 9.0.92 through 9.0.95	Request and/or response mix-up	Moderate	View or Download	UNDERCODE	2024-11-19
Rust crate `sharks`	Affected versions	Shamir Secret Sharing bias	Medium	View or Download	UNDERCODE	2024-11-19
django CMS	3.11.7, 3.11.8, 4.1.2, 4.1.3	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-19
aiohttp	(Affected versions)	Memory Leak	Moderate	View or Download	UNDERCODE	2024-11-19
PhpSpreadsheet	All versions before 1.9.4, 2.1.3, 2.3.2, and 3.4.0	XXE (XML External Entity)	High	View or Download	UNDERCODE	2024-11-19
Moodle	!ERROR! B1616 -> Formula Error: Unexpected ,	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Debezium database connector	[Specific version affected]	Script injection	Moderate	View or Download	UNDERCODE	2024-11-19
	< v2.10.2	Multiple Command Injection Vulnerabilities	Medium	View or Download	UNDERCODE	2024-11-19
Moodle		IDOR	Moderate	View or Download	UNDERCODE	2024-11-19
Cobbler	3.0.0 - 3.2.2 / 3.3.6 (all prior to 3.2.3 and 3.3.7)	Improper Authentication	Critical	View or Download	UNDERCODE	2024-11-19
Moodle		Unauthorized deletion of report audiences	Moderate	View or Download	UNDERCODE	2024-11-19
Undertow		Incorrect Cookie Parsing	High	View or Download	UNDERCODE	2024-11-19
Graylog	6.1.0, 6.1.1	Concurrent PDF report rendering information leakage	High	View or Download	UNDERCODE	2024-11-19
PhpSpreadsheet	= 2.0.0 = 2.2.0 = 3.3.0 < 3.4.0	XXE (XML External Entity)	High	View or Download	UNDERCODE	2024-11-19
LibreNMS	(Unaffected versions to be filled by official source)	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-19
aiohttp	Vulnerable versions	Request Smuggling	Moderate	View or Download	UNDERCODE	2024-11-19
		Regular Expression Denial of Service (ReDoS)	Low	View or Download	UNDERCODE	2024-11-19
OpenStack	[Specific Version Affected]	Improper Deletion of Access Rules	Moderate	View or Download	UNDERCODE	2024-11-19
		Elevation of Privilege in Secure Kernel Mode	Medium (CVSS v3.1 base score: 6.7)	View or Download	UNDERCODE	2024-11-19
		Elevation of Privilege	Medium (CVSS score: 6.8)	View or Download	UNDERCODE	2024-11-19
		Elevation of Privilege in DWM Core Library	HIGH (CVSS 3.1 base score: 7.8)	View or Download	UNDERCODE	2024-11-19
Windows	Not specified (all Windows versions with Kerberos are likely vulnerable)	Remote Code Execution (RCE)	Critical (CVSS 3.x score: 9.8)	View or Download	UNDERCODE	2024-11-19
Windows (affected versions not specified)	Not specified	Elevation of Privilege in USB Video Class System Driver	Medium (CVSS v3 score: 6.8)	View or Download	UNDERCODE	2024-11-19
Windows	(not specified)	Windows Registry Elevation of Privilege	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
TorchGeo (exact platform unspecified)	Unknown	Remote Code Execution (RCE)	HIGH (CVSS score: 8.1)	View or Download	UNDERCODE	2024-11-19
		Client-Side Caching Elevation of Privilege	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
		Win32k Elevation of Privilege Vulnerability	HIGH (CVSS v3.1 base score: 7.8)	View or Download	UNDERCODE	2024-11-19
Windows Kernel	Not specified	Elevation of Privilege	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
		Secure Kernel Mode Elevation of Privilege	Medium (CVSS v3 score: 6.7)	View or Download	UNDERCODE	2024-11-19
Microsoft PC Manager	(not specified in available information)	Elevation of Privilege	High (CVSS 3.1: 7.8)	View or Download	UNDERCODE	2024-11-19
Windows Telephony Service	(Not specified)	Remote Code Execution (RCE)	High (CVSS 3.x Base Score: 8.8)	View or Download	UNDERCODE	2024-11-19
Microsoft Hyper-V	(not specified in available information)	Denial of Service (DoS)	Medium (CVSS 3.1 base score: 6.5)	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Apple Products (tvOS, visionOS, Safari, watchOS, iOS, iPadOS, macOS)	Not applicable (fixed in specific versions)	URL protocol handling issue allowing potential web content restriction bypass	Medium (CVSS v2: 5.5, CVSS v3 details not provided)	View or Download	UNDERCODE	2024-11-19
Hugging Face Transformers	Affected versions	Remote Code Execution	Critical (CVSS 8.8)	View or Download	UNDERCODE	2024-11-19
Android	Not specified	Out-of-bounds write in PMRWritePMPageList function (pmr.c)	High (Local Privilege Escalation)	View or Download	UNDERCODE	2024-11-19
Gogs	<= 0.12.7	Remote Command Execution	Medium	View or Download	UNDERCODE	2024-11-19
usememos/memos	0.9.1 (Vulnerable)	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-19
Wallabag	2.5.2	CSRF	Not specified in the provided information	View or Download	UNDERCODE	2024-11-19
<br>	1.0<br>	Test<br>	Low<br>	https://dailycve.com/test/	UNDERCODE	2023-01-01

🦑 WANT MORE ?