Vulnerability Database & Alerts

Platform	Affected Version(s)	Vulnerability	Severity	Full Post	Reporter	Date
IBM i Netserver	7.2, 7.3, 7.4, 7.5, 7.6	Authentication Bypass	critical	View or Download	UNDERCODE	2025-07-03
IBM i	7.2-7.5	Privilege escalation	critical	View or Download	UNDERCODE	2025-06-24
LibreOffice	24.8 - 24.8.5, 25.2 - 25.2.1	Signature spoofing	critical	View or Download	UNDERCODE	2025-07-03
IBM i	7.2-7.6	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
IBM i	7.3, 7.4, 7.5	Host Header Injection	critical	View or Download	UNDERCODE	2025-07-03
Microsoft Partner Center	Pre-July 2025	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
eKuiper	<1.6.1	Path Traversal	critical	View or Download	UNDERCODE	2023-03-15
Windows Kernel	Windows 10/11, Server 2019/2022	Null Pointer Dereference	critical	View or Download	UNDERCODE	2025-07-03
Windows RDS	Windows Server 2019/2022	Memory Lock Bypass	critical	View or Download	UNDERCODE	2025-03-11
Microsoft Dataverse	Pre-9.2.2307.1	Deserialization RCE	critical	View or Download	UNDERCODE	2025-07-03
Below Service	< v0.9.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Samsung rLottie	0.2	Buffer Overread	medium	View or Download	UNDERCODE	2025-06-29
HashiCorp Vagrant	≤ 2.4.6	Guest-to-host code injection	moderate	View or Download	UNDERCODE	2025-07-02
Microsoft Dataverse	Unpatched releases (pre-July 2025)	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Ethereum	<0.18.0	Malleability bypass	moderate	View or Download	UNDERCODE	2025-07-03
Visual Studio Code	Pre-1.90.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Microweber CMS	< 1.2.11	Local File Inclusion	moderate	View or Download	UNDERCODE	2025-07-03
Azure Playwright	Pre-2.8.1	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Google Chrome	<138.0.7204.96	Type Confusion	high	View or Download	UNDERCODE	2025-06-30
Windows	exFAT driver	Heap overflow	critical	View or Download	UNDERCODE	2025-07-03
n8n	<1.99.0	DoS	critical	View or Download	UNDERCODE	2024-03-15
Microsoft Office Access	2016, 2019, 365	Use-After-Free RCE	critical	View or Download	UNDERCODE	2025-07-03
eKuiper	1.14.1, 1.14.3	Path Traversal → RCE	critical	View or Download	UNDERCODE	2024-03-15
Windows	Microsoft Streaming Service	Heap-based buffer overflow	critical	View or Download	UNDERCODE	2025-07-03
Windows	10, 11	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Windows	10/11, Server 2016+	Security Bypass	critical	View or Download	UNDERCODE	2025-07-03
Windows	10/11, Server 2019/2022	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Windows	10/11, Server 2022	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-03
Windows Telephony Service	Windows 10/11, Server 2019/2022	Heap buffer overflow	critical	View or Download	UNDERCODE	2025-07-03
Windows Hello	Windows 10/11 (pre-2025 patches)	Authentication Bypass	critical	View or Download	UNDERCODE	2025-07-03
Windows Remote Desktop Services	Pre-July 2025 patches	Memory corruption (RCE)	critical	View or Download	UNDERCODE	2025-07-03
Windows File Explorer	Windows 10/11, Server 2019/2022	Spoofing via SMB	critical	View or Download	UNDERCODE	2025-07-03
Windows BitLocker	Up to 10.0.22000	Pre-boot auth bypass	critical	View or Download	UNDERCODE	2025-07-03
Wow-Company Modal Window	≤ 6.1.4	CSRF	medium	View or Download	UNDERCODE	2025-07-02
Audiobookshelf	2.17.0-2.19.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-02-12
XunRuiCMS	≤ 4.6.4	Deserialization RCE	critical	View or Download	UNDERCODE	2025-07-02
Veeam Backup	Microsoft Azure	SSRF	critical	View or Download	UNDERCODE	2025-07-02
Arm GPU Kernel Drivers	r53p0 to r53pX	Use-After-Free	critical	View or Download	UNDERCODE	2025-06-02
Arm GPU Drivers	r18p0–r54p0	Memory buffer overflow	critical	View or Download	UNDERCODE	2025-07-02
Linux Kernel	5.14-6.3	Use-After-Free	critical	View or Download	UNDERCODE	2023-05-18
PHP	8.1.-8.4. (pre-patch)	HTTP Redirect Truncation	medium	View or Download	UNDERCODE	2025-07-02
MultiVendorX	4.2.22 and prior	Sensitive Data Exposure	critical	View or Download	UNDERCODE	2025-07-02
g5theme Essential Real Estate	≤ 5.2.1	PHP LFI/RFI	critical	View or Download	UNDERCODE	2025-07-02
PHP	8.1.0-8.4.4	Header Parsing Flaw	medium	View or Download	UNDERCODE	2025-07-03
PHP	8.1.0-8.1.31, 8.2.0-8.2.27, 8.3.0-8.3.18, 8.4.0-8.4.4	Header Injection	medium	View or Download	UNDERCODE	2025-07-02
WordPress (Elementor)	≤ 3.6.1	Stored XSS	critical	View or Download	UNDERCODE	2025-06-06
WordPress	≤5.3.58	CSRF	medium	View or Download	UNDERCODE	2025-06-06
HPE StoreOnce	Not specified	Authentication Bypass	critical	View or Download	UNDERCODE	2025-07-01
HPE StoreOnce	Vulnerable versions prior to patch	Command Injection (RCE)	critical	View or Download	UNDERCODE	2025-07-02
HPE StoreOnce	Vulnerable versions prior to patch	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-02
ARTEC EMA Mail	v6.92	Stored XSS	medium	View or Download	UNDERCODE	2025-07-02
Linksys RE Series	1.0.013.001 - 1.2.07.001	OS Command Injection	critical	View or Download	UNDERCODE	2025-07-01
ShopXO	6.5.0	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-07-01
OpenEMR	<7.0.3.4	Logging bypass	medium	View or Download	UNDERCODE	2025-07-02
OpenEMR	< 7.0.3.4	Stored XSS	critical	View or Download	UNDERCODE	2025-05-23
G-Net Dashcam BB GONX	All vulnerable versions	Domain hijacking	critical	View or Download	UNDERCODE	2025-07-02
G-Net Dashcam	BB GONX	Unauthorized video access	critical	View or Download	UNDERCODE	2025-07-02
vLLM	<0.8.0	RCE	critical	View or Download	UNDERCODE	2025-03-19
vLLM	0.8.0-0.8.x	Input Validation	critical	View or Download	UNDERCODE	2025-05-30
PublicCMS	4.0.202406	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-07-01
G-Net Dashcam BB GONX	All < v4.7.2	Unauthenticated API access	critical	View or Download	UNDERCODE	2025-07-01
REDAXO CMS	< 5.18.3	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-07-01
G-Net Dashcam BB GONX	All firmware	Default credentials	critical	View or Download	UNDERCODE	2025-07-02
REDAXO CMS	5.0.0 - 5.18.2	Reflected XSS	medium	View or Download	UNDERCODE	2025-07-01
G-Net Dashcam	BB GONX	Auth Bypass	critical	View or Download	UNDERCODE	2025-07-01
Akka	<2.10.6	Insecure Deserialization	moderate	View or Download	UNDERCODE	2025-07-02
Apache Seata	2.0.0-2.2.x	RCE via deserialization	critical	View or Download	UNDERCODE	2025-07-02
Electron	30.0.0-alpha.1 - 30.0.4, 31.0.0-alpha.1 - 31.0.0-beta.1	ASAR Integrity Bypass	critical	View or Download	UNDERCODE	2025-07-02
Filebrowser	2.32.0	Command Injection	medium	View or Download	UNDERCODE	2025-06-26
Orkes Conductor	< 3.21.13	OS Command Injection	critical	View or Download	UNDERCODE	2025-07-02
Babylon	Pre-v1.2.0	Chain halt	high	View or Download	UNDERCODE	2025-07-02
File Browser	2.32.0	Insecure direct download	critical	View or Download	UNDERCODE	2025-06-29
Filebrowser	2.32.0	Scope Bypass	critical	View or Download	UNDERCODE	2025-06-25
Electron	<28.3.2, 29.x<29.3.3, 30.x<30.0.3	Heap Buffer Overflow	critical	View or Download	UNDERCODE	2025-07-02
Mattermost	9.11.0-10.8.0	Incorrect Authorization	moderate	View or Download	UNDERCODE	2025-07-02
Pillow (Python Imaging Library)	11.2.0+	Heap Buffer Overflow	critical	View or Download	UNDERCODE	2024-03-15
@modelcontextprotocol/server-filesystem	<= 0.6.2, >= 2025.1.14 < 2025.7.1	Path bypass	high	View or Download	UNDERCODE	2025-07-02
Filebrowser	2.32.0	JWT URL leak	critical	View or Download	UNDERCODE	2025-06-26
Janssen & Gluu Flex	<1.8.0 / <5.8.0	Information Disclosure	critical	View or Download	UNDERCODE	2025-07-02
tiny-secp256k1	<2.x	Key extraction	critical	View or Download	UNDERCODE	2021-01-19
Node.js/npm	tiny-secp256k1 (<2.0)	Buffer spoofing	critical	View or Download	UNDERCODE	2023-05-15
ModelContextProtocol/Server-Filesystem	<= 0.6.2, >= 2025.1.14 < 2025.7.1	Path validation bypass	high	View or Download	UNDERCODE	2025-07-02
Graylog	<6.2.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-07-02
File Browser	2.32.0	Weak auth	critical	View or Download	UNDERCODE	2025-06-26
SQLite		Race Condition	critical	View or Download	UNDERCODE	2023-06-15
Infinispan CLI	<= 16.0.0.Dev01	Information Disclosure	moderate	View or Download	UNDERCODE	2025-06-27
Ruby WEBrick	<1.8.0	HTTP Smuggling	moderate	View or Download	UNDERCODE	2025-06-26
Vault Community	1.14.8-1.19.9	DoS	low	View or Download	UNDERCODE	2025-06-27
Apache Airflow	<6.4.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-27
MobSF	<affected_versions>	SSRF via redirects	high	View or Download	UNDERCODE	2025-06-27
TabberNeue	3.0.0-3.1.0	Stored XSS	high	View or Download	UNDERCODE	2025-06-27
RaspAP raspap-webgui	3.3.1	Directory Traversal	high	View or Download	UNDERCODE	2025-06-27
OpenBao/HashiCorp Vault	Latest (pre-patch)	Information disclosure	medium	View or Download	UNDERCODE	2025-06-27
Llama Factory	<=0.9.3	Remote Code Execution	critical	View or Download	UNDERCODE	2025-06-27
Java	< 2.15.0	Stack overflow	medium	View or Download	UNDERCODE	2025-06-27
File Browser	2.32.0	Command Injection	critical	View or Download	UNDERCODE	2025-03-26
File Browser	2.32.0	Stored XSS	critical	View or Download	UNDERCODE	2025-06-26
OpenBao/HashiCorp Vault	< v2.2.2	Unauthenticated rekey cancellation	medium	View or Download	UNDERCODE	2025-06-26
OpenBao / HashiCorp Vault	< 2.3.0 / ≤ 1.19.5	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-26
Incus	v6.12, v6.13	ACL Bypass	critical	View or Download	UNDERCODE	2025-06-26
Incus	v6.12-v6.13	ACL Bypass	critical	View or Download	UNDERCODE	2025-06-26
Octo-STS	< v0.5.3	SSRF via OIDC tokens	critical	View or Download	UNDERCODE	2025-06-26
Gogs	0.14.0+dev	Stored XSS	critical	View or Download	UNDERCODE	2024-05-23
Podman	<5.5.2	TLS bypass	critical	View or Download	UNDERCODE	2025-06-25
Solidity	<2.1.1, <2.2.0	Validation bypass	medium	View or Download	UNDERCODE	2025-06-25
School Fees Payment System	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-06-25
JetBrains TeamCity	< 2025.03.3	DOM-based XSS	critical	View or Download	UNDERCODE	2025-06-25
Simple Pizza Ordering System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-25
Anchor CMS	0.12.7	Stored XSS	medium	View or Download	UNDERCODE	2025-06-25
Simple Pizza Ordering	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-25
JetBrains TeamCity	< 2025.03.3	Reflected XSS	medium	View or Download	UNDERCODE	2025-06-25
JetBrains TeamCity	< 2025.03.3	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-25
TOTOLINK A3002R	1.1.1-B20200824	OS Command Injection	critical	View or Download	UNDERCODE	2025-06-25
TOTOLINK A3002R	1.1.1-B20200824.0128	Stack overflow	critical	View or Download	UNDERCODE	2025-06-25
WinRAR	Pre-7.0	Directory Traversal → RCE	critical	View or Download	UNDERCODE	2025-06-25
Agri-Trading System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-25
SourceCodester	1.0	XSS	medium	View or Download	UNDERCODE	2025-06-25
Macro-video V380E6_C1	1020302	UART code execution	critical	View or Download	UNDERCODE	2025-06-25
Android	2.1.44, 2.1.64	Information Disclosure	critical	View or Download	UNDERCODE	2025-06-25
Macro-video V380E6_C1	1020302	Arbitrary code execution	critical	View or Download	UNDERCODE	2025-06-25
Linksys RE Series	1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001	OS Command Injection	critical	View or Download	UNDERCODE	2025-06-25
Linksys RE Series	1.0.013.001-1.2.07.001	OS Command Injection	critical	View or Download	UNDERCODE	2025-06-25
Paragon Software	15 - 17.9.1	Kernel Memory Write	critical	View or Download	UNDERCODE	2025-03-27
Apache Solr	≤ 9.7	ConfigSet hijacking	critical	View or Download	UNDERCODE	2025-06-25
AstrBot	3.4.4 - 3.5.12	Path Traversal	critical	View or Download	UNDERCODE	2025-06-25
Paragon Software	15-17.39	Kernel access flaw	critical	View or Download	UNDERCODE	2025-03-03
vBulletin	5.0.0–6.0.3	API Bypass	critical	View or Download	UNDERCODE	2025-06-25
Paragon Software	15 - 17.9.1	Null Dereference	critical	View or Download	UNDERCODE	2025-03-03
Paragon Software	15 - 17.9.1	Kernel Memory Mapping	critical	View or Download	UNDERCODE	2025-03-27
Froxlor	< 2.2.6	HTML Injection	medium	View or Download	UNDERCODE	2025-06-25
Transsnet Store		MITM Code Injection	critical	View or Download	UNDERCODE	2025-06-25
Samsung Exynos	Multiple	Heap OOB Write	critical	View or Download	UNDERCODE	2025-06-25
Telerik UI for AJAX	2011.2.712 - 2025.1.218	Unsafe Reflection	critical	View or Download	UNDERCODE	2025-06-25
Drupal	<1.3.0	CSRF bypass	medium	View or Download	UNDERCODE	2025-06-25
Devolutions Server	2025.1.3.0-2025.1.7.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-25
vBulletin	5.6.4 - 5.7.2	RCE	critical	View or Download	UNDERCODE	2025-06-25
TYPO3	≤13.0.0	Stored XSS	medium	View or Download	UNDERCODE	2025-06-25
Free5GC	4.0.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-25
Samsung Exynos	Multiple	OOB Write	critical	View or Download	UNDERCODE	2025-05-19
Drupal Piwik PRO	<1.3.2	XSS	medium	View or Download	UNDERCODE	2025-06-25
Apache Tomcat	9.0.0.M1-9.0.104	Constraint bypass	critical	View or Download	UNDERCODE	2025-06-25
Drupal	<3.1.11, <4.0.2	Resource exhaustion	critical	View or Download	UNDERCODE	2025-06-25
Allure 2	xunit-xml-plugin	XXE	critical	View or Download	UNDERCODE	2025-06-25
PHPGurukul Pre-School Enrollment	1.0	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-25
PHPGurukul Enrollment	1.0	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-25
Campcodes Teacher Management	1.0	SQL Injection	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-06-21
Apache Tomcat	9.0.0.M1-9.0.105	Resource exhaustion	critical	View or Download	UNDERCODE	2025-06-16
WordPress Plugin	≤ 2.3.1	LFI → RCE	critical	View or Download	UNDERCODE	2025-06-24
Restaurant Order System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-24
Campcodes HMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-24
Campcodes OHMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-21
Campcodes Online Hospital	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-24
Node.js	<18.16.1, <20.3.1	HTTP Request Smuggling	critical	View or Download	UNDERCODE	2023-06-22
Netwrix Directory Manager	<=11.0.0.0, 11.1.25134.03	Auth Bypass	critical	View or Download	UNDERCODE	2025-06-24
PHPGurukul Art Gallery	1.1	SQL Injection	critical	View or Download	UNDERCODE	2025-06-24
Dell ThinOS	2502 and prior	Cleartext Storage	high	View or Download	UNDERCODE	2025-06-24
vLLM	0.7.0-0.9.0	Hash collision	medium	View or Download	UNDERCODE	2025-06-24
Node.js	<16.4.1, <14.17.2, <12.22.2	Prototype Pollution	high	View or Download	UNDERCODE	2021-06-15
Fastify	5.0.0-5.3.0, 4.9.0	Validation Bypass	medium	View or Download	UNDERCODE	2025-04-18
vLLM	0.8.0 - 0.9.0	DoS	critical	View or Download	UNDERCODE	2025-06-24
FlowiseAI Flowise	v2.2.6	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-06-23
Jenkins	≤ 2.499 / LTS ≤ 2.492.1	Sensitive Data Exposure	critical	View or Download	UNDERCODE	2025-06-23
Jenkins	≤ 2.499 / ≤ 2.492.1 (LTS)	Sensitive Data Exposure	critical	View or Download	UNDERCODE	2025-06-23
Jenkins	≤2.499 / ≤2.492.1 (LTS)	CSRF	low	View or Download	UNDERCODE	2025-06-23
Jenkins	≤2.499, ≤2.492.1 (LTS)	Open Redirect	medium	View or Download	UNDERCODE	2025-06-23
Kubernetes	1.32.0-1.32.5, 1.33.0-1.33.1	Authorization bypass	low	View or Download	UNDERCODE	2025-06-23
Node.js	0.12-2.x	PBKDF2 Uint8Array mishandling	critical	View or Download	UNDERCODE	2017-09-26
pbkdf2-browserify	< 3.1.2	Predictable key output	critical	View or Download	UNDERCODE	2023-10-11
MLFlow	< 3.1.0	SSRF	moderate	View or Download	UNDERCODE	2025-06-23
ChangeDetection.io	<0.50.4	Stored XSS	high	View or Download	UNDERCODE	2025-06-21
spytrap-adb	<0.3.5	UI omission	low	View or Download	UNDERCODE	2025-06-23
letmein	<= 10.2.0	DoS	critical	View or Download	UNDERCODE	2025-06-23
Zyxel AMG1302-T10B	2.00(AAJC.16)C0	Path Traversal	critical	View or Download	UNDERCODE	2025-06-23
SANCHAYA	3.0.4	Payment Manipulation	critical	View or Download	UNDERCODE	2025-06-23
Tianti CMS	2.3	Stored XSS	critical	View or Download	UNDERCODE	2025-06-23
Adobe Commerce	2.4.7-p4, earlier	Access Bypass	critical	View or Download	UNDERCODE	2025-06-23
Crawl4AI	<=0.4.247	SSRF	critical	View or Download	UNDERCODE	2025-06-23
Archer Platform	6 - 6.14.00202.10024	Immutable field manipulation	critical	View or Download	UNDERCODE	2025-06-23
TOTOLINK A702R	4.0.0-B20230721.1521	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
VisiCut	2.1	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-06-23
UnifiedTransform	2.0	Stored XSS	medium	View or Download	UNDERCODE	2025-06-23
DaiCuo	1.3.13	Stored XSS	medium	View or Download	UNDERCODE	2025-06-23
UnifiedTransform	2.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-23
TOTOLINK EX1200T	4.1.2cu.5232_B20210713	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
TOTOLINK X15	1.0.0-B20230714.1105	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
Apache OFBiz	18.12.17-18.12.18	SSTI	critical	View or Download	UNDERCODE	2025-06-23
Apache Camel	3.10.0-3.22.3, 4.8.0-4.8.4, 4.10.0-4.10.1	Header Injection	critical	View or Download	UNDERCODE	2025-03-09
TOTOLINK A3002R	4.0.0-B20230531.1404	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
vvveb CMS	1.0.6	RCE	critical	View or Download	UNDERCODE	2025-06-23
TOTOLINK A3002RU	3.0.0-B20230809.1615	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
Artifex Ghostscript	< 10.05.0	UTF-8 mishandling	critical	View or Download	UNDERCODE	2025-06-23
GeSHi	≤1.0.9.1	Stored XSS	medium	View or Download	UNDERCODE	2025-03-09
Vert.x	4.5.12	Context data leak	critical	View or Download	UNDERCODE	2025-06-23
PyTorch	2.6.0+cu124	Improper Initialization	problematic	View or Download	UNDERCODE	2025-06-23
Rollback Rx Professional	12.8.0.0	Null Pointer Dereference	medium	View or Download	UNDERCODE	2025-06-23
PyTorch	2.6.0+cu124	Memory corruption	critical	View or Download	UNDERCODE	2025-06-23
Oracle Database Server	19.3-23.6	Java VM flaw	medium	View or Download	UNDERCODE	2025-06-23
MySQL Server	8.4.0, 9.0.0	DDL DoS	medium	View or Download	UNDERCODE	2025-06-23
Oracle Hyperion	11.2.19.0.000	Access Control Bypass	medium	View or Download	UNDERCODE	2025-06-23
Rebuild CMS	v3.9.0 - v3.9.3	SQL Injection	critical	View or Download	UNDERCODE	2025-06-23
Oracle Java SE	21.0.6, 24	Compiler flaw	medium	View or Download	UNDERCODE	2025-06-23
Oracle JD Edwards	<9.2.9.2	Access Control Bypass	critical	View or Download	UNDERCODE	2025-06-23
MySQL Server	8.0.0-9.2.0	UDF DoS	medium	View or Download	UNDERCODE	2025-06-23
Oracle APEX	23.2, 24.1	CSRF	medium	View or Download	UNDERCODE	2025-06-23
TCPWave DDI	11.34P1C2	RCE via File Upload	critical	View or Download	UNDERCODE	2025-06-23
Oracle Hyperion	11.2.19.0.000	Privilege Escalation	high	View or Download	UNDERCODE	2025-06-23
MySQL Enterprise	≤8.0.40, ≤8.4.3, ≤9.1.0	Firewall DoS	medium	View or Download	UNDERCODE	2025-06-23
Codemers KLIMS	1.6.DEV	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-23
Oracle WebLogic	12.2.1.4.0, 14.1.1.0.0	RCE	critical	View or Download	UNDERCODE	2025-06-23
Oracle Financial Services	8.0.8.1, 8.1.2.7, 8.1.2.8	CSRF	medium	View or Download	UNDERCODE	2025-06-23
Oracle E-Business Suite	12.2.3-12.2.10	Region Mapping	medium	View or Download	UNDERCODE	2025-06-23
Oracle E-Business Suite	12.2.3-12.2.13	Broken Access Control	highcvss81	View or Download	UNDERCODE	2025-06-23
Oracle VM VirtualBox	<7.0.24, <7.1.6	Privilege Escalation	medium	View or Download	UNDERCODE	2025-06-23
Oracle WebLogic	14.1.1.0.0	HTTP/2 DoS	high	View or Download	UNDERCODE	2025-06-23
Oracle Hospitality OPERA 5	5.6.19.20, 5.6.25.8, 5.6.26.6, 5.6.27.1	RCE/DoS	critical	View or Download	UNDERCODE	2025-06-23
Oracle E-Business Suite	12.2.5-12.2.13	Unauthorized Data Access	critical	View or Download	UNDERCODE	2025-06-23
Linux	Multiple	Unauthorized write access	medium	View or Download	UNDERCODE	2025-06-23
WordPress	0.0.1	LFI	critical	View or Download	UNDERCODE	2025-06-23
Netgear EX6120	1.0.0.68	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
Cisco IOS XE	Wireless LAN Controllers	Arbitrary file upload	critical	View or Download	UNDERCODE	2025-06-23
Meteor	≤ 3.2.1	ReDoS	medium	View or Download	UNDERCODE	2025-06-23
Go middleware	<1.2.0	CSRF bypass	medium	View or Download	UNDERCODE	2025-06-23
Open5GS	≤ 2.7.2	AMF DoS	medium	View or Download	UNDERCODE	2025-06-23
Netgear WG302v2	≤ 5.2.9	Command Injection	critical	View or Download	UNDERCODE	2025-06-23
DCMTK	3.6.9	Memory corruption	critical	View or Download	UNDERCODE	2025-06-23
Microsoft SharePoint	Unspecified (pre-patch)	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-23
Absolute Secure Access Server	9.0 - 13.54	Memory corruption	critical	View or Download	UNDERCODE	2025-06-23
TP-LINK IPC	1.0.9	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-23
Vigybag	v1.0 and prior	Stored XSS	medium	View or Download	UNDERCODE	2025-06-23
Solon	3.1.2	Directory Traversal → XSS	critical	View or Download	UNDERCODE	2025-06-23
Yi IOT XY-3820	6.0.24.10	Remote Command Execution	critical	View or Download	UNDERCODE	2025-06-23
Yi IOT XY-3820	v6.0.24.10	Directory Traversal → RCE	critical	View or Download	UNDERCODE	2025-06-23
React-Native	0.7.11	Info Disclosure	critical	View or Download	UNDERCODE	2025-06-23
Windows Media	Windows 10/11, Server 2019/2022	Stack overflow	critical	View or Download	UNDERCODE	2025-06-23
OpenC3 COSMOS	v6.0.0	RCE via file upload	critical	View or Download	UNDERCODE	2025-06-23
Wix-Incubator Jam	<= e87a6fd85cf8	SSTI	medium	View or Download	UNDERCODE	2025-06-23
HPE Performance Cluster Manager	Prior to 3.2.1	Authentication Bypass	critical	View or Download	UNDERCODE	2025-06-23
mojoPortal	<=2.9.0.1	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-23
Apple OS ecosystem	iOS/iPadOS/macOS (see )	Logic flaw	critical	View or Download	UNDERCODE	2025-06-16
RISC0-ZKVM	2.0.0–2.0.2	Circuit Constraint Bypass	critical	View or Download	UNDERCODE	2025-06-20
Mattermost	10.5.5, 9.11.15, 10.8.0, 10.7.2, 10.6.5	Improper Access Control	moderate	View or Download	UNDERCODE	2025-06-20
rfc3161-client	≤1.0.2	Signature bypass	critical	View or Download	UNDERCODE	2025-06-20
Mattermost	10.5.0-10.5.5, 9.11.0-9.11.15, 10.8.0, 10.7.0-10.7.2, 10.6.0-10.6.5	Authorization Bypass	moderate	View or Download	UNDERCODE	2025-06-20
Pingora-proxy	<0.1.0	Request Smuggling	critical	View or Download	UNDERCODE	2023-10-09
goTenna v1	App 5.5.3, Firmware 0.25.5	Message Injection	critical	View or Download	UNDERCODE	2025-06-20
goTenna Mesh	5.5.3 (app), 1.1.12 (firmware)	Hardcoded Credentials	critical	View or Download	UNDERCODE	2025-05-01
goTenna v1	5.5.3 (app), 0.25.5 (firmware)	Frequency hopping bypass	critical	View or Download	UNDERCODE	2025-06-20
newbee-mall	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-06-20
powsybl-core	<6.7.2	XXE & SSRF	critical	View or Download	UNDERCODE	2023-06-15
Velociraptor	< 0.74.3	Privilege Escalation	moderate	View or Download	UNDERCODE	2025-06-20
Powsybl	<6.7.2	Deserialization flaw	critical	View or Download	UNDERCODE	2024-03-15
Webkul QloApps	1.6.1	Stored XSS	medium	View or Download	UNDERCODE	2025-06-20
DotVVM	<4.2.10, <4.3.8, <5.0.0-preview03	Path Traversal	critical	View or Download	UNDERCODE	2025-06-20
Oracle Communications	7.4.0-7.5.0	Unauthorized Data Access	medium	View or Download	UNDERCODE	2025-06-20
Oracle Communications	7.4.0-7.5.0	UI Redressing	medium	View or Download	UNDERCODE	2025-06-20
goTenna v1	5.5.3 (app), 0.25.5 (firmware)	Information Disclosure	critical	View or Download	UNDERCODE	2025-06-20
DNN.PLATFORM	<10.0.1	IP Filter Bypass	high	View or Download	UNDERCODE	2025-06-20
OSV-SCALIBR	0.1.3-0.2.0	Path Traversal	moderate	View or Download	UNDERCODE	2025-06-20
goTenna v1	5.5.3 (app), 0.25.5 (firmware)	Hardcoded token	critical	View or Download	UNDERCODE	2025-06-20
Mattermost	<=10.5.5, <=9.11.15	Path Traversal	critical	View or Download	UNDERCODE	2025-06-20
IBM Security Guardium	11.4, 12.1	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-20
go-chi	v5.2.1	Host header injection	medium	View or Download	UNDERCODE	2023-05-15
goTenna v1	App 5.5.3, Firmware 0.25.5	Encryption malleability	critical	View or Download	UNDERCODE	2025-06-20
goTenna	v1 (app 5.5.3, firmware 0.25.5)	Information Disclosure	critical	View or Download	UNDERCODE	2025-06-20
Oracle Communications	7.4.0-7.5.0	Improper Access Control	medium	View or Download	UNDERCODE	2025-06-20
Android	<8.14.0	Data exposure	critical	View or Download	UNDERCODE	2024-03-15
goTenna Mesh	5.5.3 (app), 1.1.12 (firmware)	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-20
CrafterCMS	4.0.0-4.2.2	Groovy Sandbox Bypass	high	View or Download	UNDERCODE	2025-06-20
DNN.PLATFORM	<10.0.1	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-20
PowSyBl	<6.7.2	ReDoS	medium	View or Download	UNDERCODE	2025-06-20
DNN.PLATFORM	<10.0.1	Reflected XSS	moderate	View or Download	UNDERCODE	2025-06-20
urllib3	<2.0.0	Improper Redirect Handling	critical	View or Download	UNDERCODE	2023-10-11
urllib3 (Pyodide)	<2.0.0	Open Redirect	medium	View or Download	UNDERCODE	2023-09-28
microlight.js	0.0.7	Null pointer dereference	high	View or Download	UNDERCODE	2025-06-17
JavaScript library	0.0.7	DoS	high	View or Download	UNDERCODE	2025-06-17
Python-a2a	≤ 0.5.5	Path Traversal	moderate	View or Download	UNDERCODE	2025-06-17
Phoenix Framework	<2.10.0	Session fixation	critical	View or Download	UNDERCODE	2023-05-15
Adobe InDesign	ID20.2, ID19.5.3 (and earlier)	Use After Free	critical	View or Download	UNDERCODE	2025-06-16
CodiMD	≤ 2.2.0	XSS bypass	critical	View or Download	UNDERCODE	2025-06-16
Adobe InDesign	ID20.2, ID19.5.3 (earlier)	Heap Overflow	critical	View or Download	UNDERCODE	2025-06-10
Adobe InDesign	ID20.2, ID19.5.3	Out-of-bounds Write	critical	View or Download	UNDERCODE	2025-06-10
Adobe InDesign	ID20.2, ID19.5.3	Out-of-Bounds Read	medium	View or Download	UNDERCODE	2025-06-16
Adobe InDesign	ID20.2, ID19.5.3	Use-After-Free	critical	View or Download	UNDERCODE	2025-06-16
Adobe InDesign	ID20.2, ID19.5.3 (earlier)	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-06-16
Adobe InDesign	ID20.2, ID19.5.3 (and earlier)	Out-of-Bounds Read	medium	View or Download	UNDERCODE	2025-06-16
DBSyncer	2.0.6	Stored XSS	medium	View or Download	UNDERCODE	2025-06-16
iTranswarp	v2.19	Authentication Bypass	critical	View or Download	UNDERCODE	2025-06-16
Mezzanine CMS	6.0.0	Stored XSS	medium	View or Download	UNDERCODE	2025-06-16
xmall	1.1	Auth Bypass	critical	View or Download	UNDERCODE	2025-06-16
DBSyncer	2.0.6	Incorrect Access Control	critical	View or Download	UNDERCODE	2025-06-16
GNU PSPP	≤ 2.0.1	Out-of-Bounds Read	medium	View or Download	UNDERCODE	2025-06-16
FlatPress	1.3.1	Stored XSS	medium	View or Download	UNDERCODE	2025-06-16
FLIR AX8	≤1.46.16	XSS	medium	View or Download	UNDERCODE	2025-06-16
phpList	< 3.6.15	XSS	medium	View or Download	UNDERCODE	2025-06-16
phpList	< 3.6.15	Reflected XSS	medium	View or Download	UNDERCODE	2025-06-17
Koillection	1.6.10	Stored XSS	medium	View or Download	UNDERCODE	2025-06-16
kkFileView	4.4.0	Unrestricted Upload	critical	View or Download	UNDERCODE	2025-06-16
Emlog Pro	2.5.7	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-06-16
OpenNextJS/Cloudflare	<1.3.0	SSRF	critical	View or Download	UNDERCODE	2025-06-17
FLIR AX8	≤1.46.16	Command Injection	critical	View or Download	UNDERCODE	2025-06-16
TOTOLINK A3002R	v4.0.0-B20230531.1404	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-16
Juzaweb CMS	≤ 3.4.2	Improper Access Control	critical	View or Download	UNDERCODE	2025-06-16
D-Link DIR-632	FW103B08	Stack overflow	critical	View or Download	UNDERCODE	2025-06-10
Apache Tomcat	9.0.0-9.0.105	DoS via multipart	high	View or Download	UNDERCODE	2025-06-16
PHPGurukul VRMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-16
Tmall Demo	≤ 20250505	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-06-16
Firefox	< 139.0.4	Integer Overflow	critical	View or Download	UNDERCODE	2025-06-11
Liferay Portal	7.0.0–7.4.3.4	Path Traversal	high	View or Download	UNDERCODE	2025-06-16
Teleport	13.0.0 - 17.5.1	Auth Bypass	critical	View or Download	UNDERCODE	2025-06-16
Apache Tomcat	9.0.0-105	Constraint Bypass	moderate	View or Download	UNDERCODE	2025-06-16
TOTOLINK EX1200T	≤ 4.1.2cu.5232_B20210713	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-16
Drupal Commerce	<1.0.3	Incorrect Authorization	medium	View or Download	UNDERCODE	2025-06-16
Joomla	1.11.6 - 1.14.4	Stored XSS	critical	View or Download	UNDERCODE	2025-06-16
Liferay Portal	< 38.0.0	Session Parameter Handling	high	View or Download	UNDERCODE	2025-06-16
TOTOLINK EX1200T	≤4.1.2cu.5232_B20210713	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-09
Drupal Commerce Eurobank	0.0.0 - 2.1.0	Incorrect Authorization	critical	View or Download	UNDERCODE	2025-06-11
Liferay Portal	7.4.0-7.4.3.97	GraphQL DoS	high	View or Download	UNDERCODE	2025-06-16
Firefox	< 139.0.4	Memory corruption	critical	View or Download	UNDERCODE	2025-06-16
Apache Commons	<1.6.0, <2.0.0-M4	DoS via headers	high	View or Download	UNDERCODE	2025-06-16
TOTOLINK EX1200T	≤4.1.2cu.5232	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-16
Adobe Experience Manager	≤ 6.5.22	DOM-based XSS	critical	View or Download	UNDERCODE	2025-06-16
ManageEngine ADAudit Plus	< 8511	SQL Injection	critical	View or Download	UNDERCODE	2025-06-16
AssamLook CMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-16
Ubuntu	authd (pre-619ce8e)	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-16
School Fees Payment System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-16
protobuf-python	<4.25.8, 5.26.0rc1-5.29.5, 6.30.0rc1-6.31.1	DoS via recursion	high	View or Download	UNDERCODE	2025-06-16
ManageEngine ADAudit Plus	≤ 8510	SQL Injection	critical	View or Download	UNDERCODE	2025-06-16
pycares	<4.9.0	Use-after-free	critical	View or Download	UNDERCODE	2023-08-10
TOTOLINK N600R	v4.3.0cu.7866_B2022506	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-16
Adobe Experience Manager	≤6.5.22	Stored XSS	medium	View or Download	UNDERCODE	2025-06-10
Tenda AC9	15.03.02.13	CSRF	medium	View or Download	UNDERCODE	2025-06-16
Weblate	<5.12	2FA brute-force	moderate	View or Download	UNDERCODE	2025-06-16
Adobe Experience Manager	≤6.5.22	Stored XSS	critical	View or Download	UNDERCODE	2025-06-16
Weblate	<5.12	IP exposure	low	View or Download	UNDERCODE	2025-06-16
TOTOLINK T10	4.1.8cu.5207	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-16
Ivanti EPMM	≤ 12.5.0.0	RCE	critical	View or Download	UNDERCODE	2025-05-13
Samsung MagicINFO 9 Server	< 21.1052	Path Traversal	critical	View or Download	UNDERCODE	2025-05-13
Node.js	< 12.22.1, < 14.16.1, < 15.14.0	Prototype Pollution	high	View or Download	UNDERCODE	2021-03-30
Ivanti EPMM	≤ 12.5.0.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-05-13
OpenC3 COSMOS	6.0.0	Directory Traversal	high	View or Download	UNDERCODE	2025-06-16
Laundry System	1.0	Missing Authentication	critical	View or Download	UNDERCODE	2025-06-09
Firefox for iOS	< 139	URL spoofing	medium	View or Download	UNDERCODE	2025-06-13
Mozilla Thunderbird	< 138.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-29
osTicket	<=1.17.5	SQL Injection	critical	View or Download	UNDERCODE	2025-06-13
Open5GS	≤ 2.7.3	Reachable assertion	medium	View or Download	UNDERCODE	2025-06-03
phpwcms	≤1.9.45/1.10.8	Remote Deserialization	critical	View or Download	UNDERCODE	2025-06-03
Thunderbird	<137.0.2, <128.9.2	UI Misleading Hover	medium	View or Download	UNDERCODE	2025-04-15
Adobe Experience Manager	6.5.22 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-06-10
Salt	>= 3006.0rc1, < 3006.12 | >= 3007.0rc1, < 3007.4	File overwrite via unvalidated input	moderate	View or Download	UNDERCODE	2025-06-14
SaltStack	3006.0rc1-3006.11, 3007.0rc1-3007.3	Path Traversal	moderate	View or Download	UNDERCODE	2025-06-14
MCP Inspector	< 0.14.1	Auth Bypass → RCE	critical	View or Download	UNDERCODE	2025-06-13
SaltStack	3006.0rc1-3006.12, 3007.0rc1-3007.4	DoS via file read	moderate	View or Download	UNDERCODE	2025-06-13
SaltStack	3006.0rc1-3006.11	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-13
SaltStack	>=3006.0rc1, <3006.12 | >=3007.0rc1, <3007.4	Authentication Bypass	moderate	View or Download	UNDERCODE	2025-06-13
SaltStack	>= 3007.0, < 3007.4	Authorization bypass	high	View or Download	UNDERCODE	2025-06-13
SaltStack	3006.0rc1-3006.12, 3007.0rc1-3007.4	Arbitrary event injection	high	View or Download	UNDERCODE	2025-06-13
GitHub	<1.4.3	Gadget Chain RCE	low	View or Download	UNDERCODE	2025-06-13
SaltStack	>=3006.0rc1, <3006.12 | >=3007.0rc1, <3007.4	Command Injection	moderate	View or Download	UNDERCODE	2025-06-13
SaltStack	3006.0rc1-3006.11, 3007.0rc1-3007.3	Directory Traversal	moderate	View or Download	UNDERCODE	2025-06-13
XWiki	7.2-milestone-2 to 16.4.6, 16.5.0-rc-1 to 16.10.2, 17.0.0-rc-1	Remote Code Execution	critical	View or Download	UNDERCODE	2025-06-13
XWiki	15.9-rc-1 to 16.10.1	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
XWiki	<15.10.16, 16.0.0-16.4.6, 16.5.0-16.10.1	Code Execution	critical	View or Download	UNDERCODE	2025-06-13
XWiki	10.9-16.4.6	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-13
XWiki	15.9-rc-1 - 16.4.6	Incomplete macro rights	critical	View or Download	UNDERCODE	2025-06-13
XWiki	11.10.11-12.0, 12.6.3-12.7, 12.8-rc-1-16.4.7, 16.5.0-rc-1-16.10.3, 17.0.0-rc-1	RCE via macro defaults	critical	View or Download	UNDERCODE	2025-06-13
XWiki	<15.10.16, 16.0.0-16.4.6, 16.5.0-16.10.1	Missing security warning	moderate	View or Download	UNDERCODE	2025-06-13
XWiki	8.2 to 16.4.6	Access Control Bypass	critical	View or Download	UNDERCODE	2025-06-13
Ibexa DXP	4.6.0-beta1 to 4.6.20	Persistent XSS	critical	View or Download	UNDERCODE	2025-06-13
Ibexa DXP	4.6.0-alpha1 to 4.6.20	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
Ibexa DXP	4.6.0-beta1 to 4.6.20	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
Ibexa eZ Platform	5.3.0-beta1 to 5.3.4	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
Znuny	<7.1.4	Improper Access Control	critical	View or Download	UNDERCODE	2025-06-13
StarCitizenTools/Citizen-Skin	>=2.31.0, <3.3.1	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
GitHub	2.13.0-3.3.0	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
MediaWiki (Citizen Skin)	>= 3.3.0, < 3.3.1	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
EngineerCMS	1.02-2.0.5	SQL Injection	critical	View or Download	UNDERCODE	2025-06-13
MediaWiki	>=2.4.2, <3.3.1	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-13
Adobe Experience Manager	≤ 6.5.22	Improper Authorization	critical	View or Download	UNDERCODE	2025-06-13
Wavlink WL-WN530H4	20220801	Command Injection	critical	View or Download	UNDERCODE	2025-06-13
FreeFloat FTP Server	1.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-12
vantage6	<4.11.0	Brute-force bypass	critical	View or Download	UNDERCODE	2025-06-12
Vantage6 Server	<3.9.0	Insecure JWT Secret	critical	View or Download	UNDERCODE	2025-06-12
Zorlan SkyCaiji	2.9	SSRF	critical	View or Download	UNDERCODE	2025-06-12
XWiki	1.0 to 15.10.15, 16.0.0-rc-1 to 16.4.6, 16.5.0-rc-1 to 16.10.1	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
yshopmall	<=1.9.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
Zorlan SkyCaiji	2.9	Unrestricted Upload	critical	View or Download	UNDERCODE	2025-06-12
Adobe Experience Manager	≤ 6.5.22	Reflected XSS	critical	View or Download	UNDERCODE	2025-06-12
Adobe Experience Manager	≤ 6.5.22	Stored XSS	critical	View or Download	UNDERCODE	2025-06-12
MRCMS	3.1.2	CSRF	medium	View or Download	UNDERCODE	2025-06-12
FoxCMS	v1.2.5	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
FoxCMS	2.0.6	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-12
FoxCMS	1.2.5	Arbitrary File Deletion	critical	View or Download	UNDERCODE	2025-06-12
WordPress	<1.10.0	Path Traversal	critical	View or Download	UNDERCODE	2025-04-01
Znuny	≤7.1.3	Information Disclosure	critical	View or Download	UNDERCODE	2025-06-12
74CMS	≤ 3.33.0	Path Traversal	medium	View or Download	UNDERCODE	2025-06-12
Znuny	≤ 7.1.3	Missing HttpOnly	medium	View or Download	UNDERCODE	2025-06-12
Netgear DGND3700	1.1.00.15_1.00.15NA	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-12
Flatpress CMS	< 1.4	Stored XSS	medium	View or Download	UNDERCODE	2025-06-12
Netgear DGND3700	1.1.00.15_1.00.15NA	Authentication Bypass	critical	View or Download	UNDERCODE	2025-06-12
ChatGPT	Pre-2025-03-30	SVG-based HTML Injection	critical	View or Download	UNDERCODE	2025-06-12
Linux	v20-v24	Symlink privilege escalation	critical	View or Download	UNDERCODE	2025-06-12
Daily College Class Work	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
Tiiwee X1 Alarm	TWX1HAKV2	Replay Attack	critical	View or Download	UNDERCODE	2025-06-12
WordPress	<8.85	Stored XSS	high	View or Download	UNDERCODE	2025-06-12
iop-apl-uw basestation3	<= 3.0.4	Insecure deserialization	medium	View or Download	UNDERCODE	2025-06-12
Victure RX1800	EN_V1.0.0_r12_110933	Command Injection	critical	View or Download	UNDERCODE	2025-06-12
RSI Queue Management	3.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
Jira Core/Service Management	9.12.0–10.5.0	Privilege Escalation	highcvss72	View or Download	UNDERCODE	2025-06-12
Linksys FGW3000	<=1.0.17.000000	Command Injection	critical	View or Download	UNDERCODE	2025-06-12
EnGenius ENH500	FW3.7.22	Auth bypass	critical	View or Download	UNDERCODE	2025-06-12
Linksys FGW3000	≤1.0.17.000000	Command Injection	critical	View or Download	UNDERCODE	2025-06-12
WordPress	<12.4.0	XSS	medium	View or Download	UNDERCODE	2025-06-12
VMware Cloud Foundation	4.5.x, 5.0.x	Missing Authorization	critical	View or Download	UNDERCODE	2025-06-12
Netgear DGND3700	1.1.00.15_1.00.15NA	Information disclosure	medium	View or Download	UNDERCODE	2025-06-12
Microsoft Windows	Server 2008-2012, Win10 1507	WebDAV Path Traversal	critical	View or Download	UNDERCODE	2025-06-10
Jenkins	≤ 374.v194b_d0c8c8	Stored XSS	critical	View or Download	UNDERCODE	2025-06-12
FluxBB	1.5.11	Stored XSS	medium	View or Download	UNDERCODE	2025-06-12
Jenkins DingTalk Plugin	≤ 2.7.3	SSL/TLS bypass	critical	View or Download	UNDERCODE	2025-06-12
Jenkins	≤ 96.vee8ed882ec4d	Token Impersonation	critical	View or Download	UNDERCODE	2025-06-12
Jenkins Plugin	≤4.0.1-286.v9e25a_740b_a_48	CSRF → RCE	critical	View or Download	UNDERCODE	2025-06-12
Jenkins	≤4.0.1-286.v9e25a_740b_a_48	Missing Auth Check	critical	View or Download	UNDERCODE	2025-06-12
Jenkins	≤1.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-06-12
Lila (Lichess)	Pre-ab0beaf	DOM-based XSS	critical	View or Download	UNDERCODE	2025-06-12
LmxCMS	1.41	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
WebERP	4.15.2	SQL Injection	critical	View or Download	UNDERCODE	2025-06-12
Zimbra Collaboration Suite	9.0 - 10.1	CSRF in GraphQL	critical	View or Download	UNDERCODE	2025-06-11
Erlang/OTP	<25.3.2.20, <26.2.5.11, <27.3.3	Unauthenticated RCE	critical	View or Download	UNDERCODE	2025-06-09
Wazuh	4.4.0 to 4.9.0	RCE via deserialization	critical	View or Download	UNDERCODE	2025-06-11
Zimbra Collaboration	9.0.0-10.1.3	SSRF	critical	View or Download	UNDERCODE	2025-06-11
MediaWiki	Citizen Skin	XSS	critical	View or Download	UNDERCODE	2025-06-11
Drupal Lightgallery	< 1.6.0	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-11
Drupal Commerce	< 1.0.3	Incorrect Authorization	high	View or Download	UNDERCODE	2025-06-11
Drupal CMS	<1.0.5	Resource exhaustion	high	View or Download	UNDERCODE	2025-06-11
Drupal	< 2.0.0	Missing Authorization	moderate	View or Download	UNDERCODE	2025-06-11
Drupal Commerce	< 2.1.1	Authorization Bypass	high	View or Download	UNDERCODE	2025-06-11
Hashicorp Nomad	<1.10.2, <1.9.10, <1.8.14	ACL Misassignment	high	View or Download	UNDERCODE	2025-06-11
Linksys E5600	1.1.0.26	Stored XSS	critical	View or Download	UNDERCODE	2025-06-11
Mattermost	10.5.4, 9.11.13	Information Disclosure	low	View or Download	UNDERCODE	2025-06-11
Mattermost	10.7.0-10.7.1	LDAP Injection	moderate	View or Download	UNDERCODE	2025-06-11
Firefox/Thunderbird	<139.0 / <128.11	Memory Corruption	critical	View or Download	UNDERCODE	2025-06-11
.NET	8.0.16, 9.0.5	RCE	critical	View or Download	UNDERCODE	2025-06-11
Hurl	<4.2.0	XSS	critical	View or Download	UNDERCODE	2025-06-11
CosmWasm (wasmd)	0.60.0, 0.51.0-0.55.0	Improper error handling	high	View or Download	UNDERCODE	2025-06-10
PostgreSQL JDBC	42.7.4 - 42.7.6	Auth bypass	critical	View or Download	UNDERCODE	2025-06-11
DedeCMS	5.7.117	Code Injection	critical	View or Download	UNDERCODE	2025-06-10
Campcodes Teacher System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-05
FreeFloat FTP	1.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-10
Vtiger CRM	8.3.0	Stored XSS	critical	View or Download	UNDERCODE	2025-06-10
SourceCodester	1.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-10
Campcodes ORMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-10
OrangeHRM	5.7	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-10
Samsung Exynos	980-2400	Double Free	critical	View or Download	UNDERCODE	2025-06-10
Vtiger CRM	8.3.0	RCE	critical	View or Download	UNDERCODE	2025-06-10
Node.js	≤1.1.11	ReDoS	low	View or Download	UNDERCODE	2025-06-10
Cloudflare CIRCL	<1.6.1	Low-order point injection	critical	View or Download	UNDERCODE	2024-04-15
Apache Kafka	<3.9.1/4.0.0	LDAP Deserialization → RCE	critical	View or Download	UNDERCODE	2023-01-01
Apache Kafka	<3.9.1, 4.0.0	Arbitrary Read/SSRF	critical	View or Download	UNDERCODE	2024-03-15
Nautobot	<1.6.32, <2.4.10	Template Injection	critical	View or Download	UNDERCODE	2024-06-11
GeoServer	1.0.0-2.24.3, 2.25.0-2.25.1	SSRF	critical	View or Download	UNDERCODE	2025-06-10
Erxes	<1.6.1	Auth Bypass	high	View or Download	UNDERCODE	2025-06-10
Erxes	<1.6.2	Path Traversal	high	View or Download	UNDERCODE	2025-06-10
Nautobot	<2.4.10, <1.6.32	Unauthenticated file access	critical	View or Download	UNDERCODE	2025-06-10
Apache Kafka	<3.4.0	RCE/DoS	high	View or Download	UNDERCODE	2025-06-10
Erxes	<1.6.2	Path Traversal	moderate	View or Download	UNDERCODE	2025-06-10
Matrix-SDK-Crypto	0.8.0 - 0.11.0	Sender Spoofing	moderate	View or Download	UNDERCODE	2025-06-10
GeoServer	<= 2.25.0	XXE via GeoTools	critical	View or Download	UNDERCODE	2025-06-11
OctoPrint	≤1.11.1	DoS Loop	critical	View or Download	UNDERCODE	2025-06-10
OctoPrint	<= 1.11.1	Arbitrary File Exfiltration	critical	View or Download	UNDERCODE	2025-06-10
GeoNetwork	<4.4.8, <4.2.13	XXE in WFS API	high	View or Download	UNDERCODE	2025-06-10
GeoServer	<= 2.23.x	Infinite Loop DoS	critical	View or Download	UNDERCODE	2024-06-11
GeoServer	<=2.25.0	Missing Auth Bypass	moderate	View or Download	UNDERCODE	2025-06-10
GeoWebCache	<= 1.20.0	Info Disclosure	medium	View or Download	UNDERCODE	2024-06-10
GeoServer	<2.25.0	XXE/SSRF	critical	View or Download	UNDERCODE	2024-03-15
GeoServer	<= 2.25.0	SSRF via Coverage API	moderate	View or Download	UNDERCODE	2025-06-10
GeoServer	<2.24.4, <2.25.2	Unauthenticated SSRF	high	View or Download	UNDERCODE	2025-06-10
Vue.js CLI	≤5.0.8	ReDoS	moderate	View or Download	UNDERCODE	2025-06-09
GeoTools	<23.x	XXE	critical	View or Download	UNDERCODE	2025-06-09
Taro (CSS-to-React-Native)	<= 4.1.1	ReDoS	moderate	View or Download	UNDERCODE	2025-06-09
Git		OS Command Injection	critical	View or Download	UNDERCODE	2025-06-09
Pion Interceptor	v0.1.36-v0.1.38	RTP panic	critical	View or Download	UNDERCODE	2025-06-09
Python Requests	< 2.32.4	Credential leak	moderate	View or Download	UNDERCODE	2025-06-09
HAX CMS	<1.12.0	Stored XSS	critical	View or Download	UNDERCODE	2023-10-15
HAXCMS	<vX.X.X	LFI	critical	View or Download	UNDERCODE	2025-06-09
Kubernetes (Authorino)	<= v0.10.0	Resource exhaustion via AuthPolicy	moderate	View or Download	UNDERCODE	2025-06-09
Laravel Translation Manager	< 0.6.8	Stored XSS	moderate	View or Download	UNDERCODE	2025-06-09
Listmonk	<5.0.2	Template Injection	critical	View or Download	UNDERCODE	2024-06-09
Skyvern	≤ 0.2.0	Jinja runtime leak	high	View or Download	UNDERCODE	2025-06-09
Apache InLong	1.13.0 to 2.1.0	Deserialization RCE	moderate	View or Download	UNDERCODE	2025-06-09
Jenkins Gatling Plugin	136.vb_9009b_3d33a_e	Stored XSS	high	View or Download	UNDERCODE	2025-06-09
Jackson-core	<2.13.0	Memory leak	medium	View or Download	UNDERCODE	2021-09-30
GitHub	Rust user crate	Privilege escalation	high	View or Download	UNDERCODE	2025-06-06
SpiceDB	<1.44.2	Permission bypass	critical	View or Download	UNDERCODE	2024-06-07
llama_index	v0.12.21	SQL Injection	critical	View or Download	UNDERCODE	2025-06-06
Django	<5.2.2, <5.1.10, <4.2.22	Log injection	moderate	View or Download	UNDERCODE	2025-06-05
Para	v1.50.6	Info Leak	medium	View or Download	UNDERCODE	2025-06-06
Auth0 Symfony SDK	5.0.0 BETA-0 to 5.0.0	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-06-06
Erupt	1.12.19	Unrestricted File Upload	moderate	View or Download	UNDERCODE	2025-06-05
Apache HTTP Server	2.4.49	Path Traversal & RCE	critical	View or Download	UNDERCODE	2021-10-05
Yii 2 (PHP)	<2.0.50	Info Disclosure	mediumh2stylecolorblue	View or Download	UNDERCODE	2025-06-05
RTI Connext Professional	6.0.0-7.5.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-05
Linux Kernel	Up to 6.8.0	NULL Dereference	critical	View or Download	UNDERCODE	2025-06-05
Linux Kernel	Pre-patch (ab15f34d0dd772f6d11327e08a81d46dc9c36276)	Use-After-Free	medium	View or Download	UNDERCODE	2025-06-05
RTI Connext Professional	7.4.0 - 7.5.0	Heap Overflow	critical	View or Download	UNDERCODE	2025-06-05
RTI Connext Professional	7.4.0-7.5.0, 7.0.0-7.3.0.7, 4.5-6.1.2.23	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-05
Linux Kernel	5.15 - 6.8	Race Condition	medium	View or Download	UNDERCODE	2025-06-05
IBM CICS TX	10.1, 11.1	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-06-05
Linux Kernel	<6.8.3	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-05
DataEase	< 2.10.10	JDBC Injection	medium	View or Download	UNDERCODE	2025-06-05
DataEase	< 2.10.10	SQLi Bypass	critical	View or Download	UNDERCODE	2025-06-05
Google Chrome	<137.0.7151.68	Heap corruption	high	View or Download	UNDERCODE	2025-06-05
DataEase	<2.10.10	JWT Forgery	critical	View or Download	UNDERCODE	2025-06-05
Google Chrome	<137.0.7151.68	Use-After-Free	medium	View or Download	UNDERCODE	2025-06-05
WordPress	< 3.2.10	Stored XSS	critical	View or Download	UNDERCODE	2025-06-05
WordPress Plugin	< 3.3.6	Stored XSS	critical	View or Download	UNDERCODE	2025-06-05
WordPress	<8.8.2	Stored XSS	high	View or Download	UNDERCODE	2025-06-05
osTicket	<1.17.6, <1.18.2	Broken Access Control	critical	View or Download	UNDERCODE	2025-06-05
WordPress	≤28.0.3	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
Ruby on Rails (Rack)	<3.0.0, >2.2.0	ReDoS	critical	View or Download	UNDERCODE	2025-06-05
WordPress Plugin	≤ 26.0.6	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤8.9.1	Code Execution	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤1.9	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤ 4.8.1.1	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
WordPress	<= 4.0.26	Arbitrary file read	critical	View or Download	UNDERCODE	2025-06-04
WordPress plugin	≤ 5.3	Reflected XSS	medium	View or Download	UNDERCODE	2025-06-04
WordPress	≤ 6.91	Arbitrary File Read	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤ 4.2.19	Unauthenticated data deletion	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤8.9.1	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
kro (Kube Resource Orchestrator)	0.1.0 to 0.2.0	Confused Deputy	moderate	View or Download	UNDERCODE	2025-06-05
WordPress	≤ 2.7.11	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤6.91	Stored XSS	medium	View or Download	UNDERCODE	2025-06-04
WordPress	≤1.5.2	SQL Injection	critical	View or Download	UNDERCODE	2025-06-04
Hibernate Validator	<6.2.0.CR1, 7.0.0.Alpha1-CR1	EL Injection	moderate	View or Download	UNDERCODE	2025-06-05
Node.js	1.4.4-lts.1 - 2.0.0	DoS Crash	critical	View or Download	UNDERCODE	2025-06-05
WordPress	5.0.0-BETA0 to 5.0.1	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-06-05
Linux	users crate 0.8.0+	Privilege escalation	moderate	View or Download	UNDERCODE	2025-06-05
HAX CMS	PSU Deployment	Information Disclosure	critical	View or Download	UNDERCODE	2025-06-05
Deno	<1.25.2	Import Bypass	critical	View or Download	UNDERCODE	2022-08-18
Grafana	< 0.0.0-20250521183405	Permission bypass	high	View or Download	UNDERCODE	2025-06-05
Rust crate	All	Memory unsafety	low	View or Download	UNDERCODE	2025-06-05
SignXML	<4.0.4	Algorithm Confusion	moderate	View or Download	UNDERCODE	2025-06-05
SignXML	<3.0.0	Timing Attack	moderate	View or Download	UNDERCODE	2025-06-05
AstrBot	< v3.5.13	Path Traversal	critical	View or Download	UNDERCODE	2025-06-05
Umbraco CMS	<15.4.2, <16.0.0	File upload bypass	critical	View or Download	UNDERCODE	2025-06-05
WSO2 Products	6.x, 7.x	Privilege Escalation	moderate	View or Download	UNDERCODE	2025-06-04
Deno	<= 1.40.0	Permission Bypass	critical	View or Download	UNDERCODE	2025-06-04
Deno	<=1.35.0	Permission bypass	medium	View or Download	UNDERCODE	2025-06-04
Auth0 Next.js SDK	4.0.1 - 4.6.0	Cache-Control Bypass	critical	View or Download	UNDERCODE	2024-03-15
Deno	<=1.35.0	Env bypass	critical	View or Download	UNDERCODE	2025-06-04
webpack-dev-server	< 4.15.1	CSWSH	critical	View or Download	UNDERCODE	2024-06-05
Windows	<5.8.1	Insecure Config Loading	medium	View or Download	UNDERCODE	2024-06-05
Webpack-dev-server	<5.0.0	Source Code Theft	critical	View or Download	UNDERCODE	2025-03-15
Deno	Post-commit 0d1beed	Auth-tag bypass	critical	View or Download	UNDERCODE	2025-06-04
Auth0 PHP SDK	8.0.0-BETA3 to 8.3.0	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-06-04
Apache Superset	<4.1.2	SQL Injection	critical	View or Download	UNDERCODE	2025-05-30
WordPress Plugin	≤1.4.0	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
Zitadel	<2.70.12, <2.71.10, <3.2.2	Host header injection	critical	View or Download	UNDERCODE	2025-06-04
WordPress Plugin	≤1.12	Missing Authorization	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤1.5.2	Stored XSS	critical	View or Download	UNDERCODE	2025-06-04
PHPGurukul Dairy Farm	1.3	SQL Injection	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤1.0.31	CSRF	critical	View or Download	UNDERCODE	2025-06-04
WordPress	≤1.6.3	Missing capability check	medium	View or Download	UNDERCODE	2025-06-04
PHPGurukul Dairy	1.3	SQL Injection	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.181	Race Condition	medium	View or Download	UNDERCODE	2025-06-04
Qualcomm Snapdragon	Multiple	Memory corruption	critical	View or Download	UNDERCODE	2025-06-04
TOTOLINK A950RG	4.1.2cu.5204	Command Injection	critical	View or Download	UNDERCODE	2025-05-02
Tenda RX3	V16.03.13.11	Stack Overflow	critical	View or Download	UNDERCODE	2025-06-04
CodeAstro Real Estate	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-04
SCALANCE LPE9403	All	Stack overflow	medium	View or Download	UNDERCODE	2025-06-04
SCALANCE LPE9403	All versions	Auth bypass	critical	View or Download	UNDERCODE	2025-06-04
Fortinet FortiPortal	7.0.0-7.0.9, 7.2.0-7.2.5, 7.4.0	Sensitive Data Exposure	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Activation bypass	medium	View or Download	UNDERCODE	2025-06-04
Fortinet FortiOS	7.2.0–7.2.7, 7.0.0–7.0.14	Integer overflow (DoS)	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Mass assignment	medium	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Mass Assignment	critical	View or Download	UNDERCODE	2025-06-04
FortiClient (Windows)	7.2.0 - 7.2.1	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	IDOR	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Directory Deletion	critical	View or Download	UNDERCODE	2025-06-04
1000 Projects	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Mass-assignment	critical	View or Download	UNDERCODE	2025-06-04
FortiClient Mac	7.0.0-7.4.2	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Path Traversal	critical	View or Download	UNDERCODE	2025-06-04
Fortinet FortiOS	7.4.0-7.4.3	Buffer Over-read	critical	View or Download	UNDERCODE	2025-06-04
Absolute Secure Access	<13.54	Permission Bypass	medium	View or Download	UNDERCODE	2025-06-04
WordPress	≤ 2.0.4	Reflected XSS	critical	View or Download	UNDERCODE	2025-06-04
Drupal AI	0.0.0 - 1.0.3	Missing Authorization	critical	View or Download	UNDERCODE	2025-06-04
Post SMTP	≤ 2.9.11	Missing Authorization	critical	View or Download	UNDERCODE	2025-06-04
SourceCodester Health Center	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-04
Drupal AI Module	1.0.0 - 1.0.2	CSRF	medium	View or Download	UNDERCODE	2025-06-04
IBM Security Guardium	12.0	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-04
WordPress (GiveWP)	≤ 3.19.3	Object Injection	critical	View or Download	UNDERCODE	2025-06-04
Drupal	<2.0.3	Brute Force Bypass	critical	View or Download	UNDERCODE	2025-06-04
Fortinet FortiProxy/FortiOS	7.6.0-7.6.1, 7.4.4-7.4.6	Authentication Bypass	critical	View or Download	UNDERCODE	2025-06-04
FreeScout	<1.8.180	Stored XSS	medium	View or Download	UNDERCODE	2025-06-04
Django-Helpdesk	<1.0.0	Data Exposure	moderate	View or Download	UNDERCODE	2025-06-04
Apache Roller	≤6.1.4	Session fixation	critical	View or Download	UNDERCODE	2025-06-03
Apache Airflow	<6.2.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-03
Apple OS Stack	iOS ≤18.4, macOS ≤15.4, tvOS ≤18.4, visionOS ≤2.4	Memory Corruption	critical	View or Download	UNDERCODE	2025-06-03
Craft CMS	<4.15.3 / <5.7.5	Session File Injection	critical	View or Download	UNDERCODE	2025-06-04
ScreenConnect	≤25.2.3	ViewState RCE	critical	View or Download	UNDERCODE	2025-06-03
FFmpeg	≤ 7.1	Stack overflow	critical	View or Download	UNDERCODE	2025-06-03
FFmpeg	≤ 7.1	Null pointer dereference	medium	View or Download	UNDERCODE	2025-06-03
Linux Kernel	5.14 - 6.6	Use-After-Free	critical	View or Download	UNDERCODE	2024-01-15
Tmall Demo	<= 20250505	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-06-03
npm	<5.9.2	URL validation bypass	medium	View or Download	UNDERCODE	2025-06-03
D-Link DI-7003GV2	24.04.18D1	Info Disclosure	medium	View or Download	UNDERCODE	2025-06-03
H3C SecCenter	SMP-E1114P02 (≤20250513)	Path Traversal	critical	View or Download	UNDERCODE	2025-06-03
D-Link DCS-932L	2.18.01	Stack overflow	critical	View or Download	UNDERCODE	2025-06-03
FoxCMS	1.2.5	SQL Injection	critical	View or Download	UNDERCODE	2025-06-03
D-Link DI-7003GV2	24.04.18D1 R(68125)	Improper Authentication	critical	View or Download	UNDERCODE	2025-06-03
Campcodes S&I	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-06-03
Tenda AC6	V15.03.05.16	Stack Overflow	critical	View or Download	UNDERCODE	2025-06-03
Tmall Demo	≤ 20250505	DOM XSS	medium	View or Download	UNDERCODE	2025-06-03
Tmall Demo	≤ 20250505	Stored XSS	medium	View or Download	UNDERCODE	2025-05-24
H3C SecCenter SMP	E1114P02	Path Traversal	medium	View or Download	UNDERCODE	2025-05-25
D-Link DI-7003GV2	24.04.18D1	DoS	critical	View or Download	UNDERCODE	2025-06-03
Tmall Demo	≤ 20250505	Stored XSS	mediumcvss51	View or Download	UNDERCODE	2025-05-24
H3C GR-5400AX	≤ 100R008	Buffer Overflow	critical	View or Download	UNDERCODE	2025-06-03
D-Link DI-7003GV2	24.04.18D1 R(68125)	Information Disclosure	medium	View or Download	UNDERCODE	2025-06-03
H3C SecCenter	SMP-E1114P02 (≤20250513)	Path Traversal	mediumcvss53	View or Download	UNDERCODE	2025-06-03
Snipe-IT	< 8.1.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-06-03
Apache InLong	1.13.0 - 2.1.0	Deserialization RCE	critical	View or Download	UNDERCODE	2025-06-03
D-Link DI-8100	16.07.26A1	Authentication Bypass	critical	View or Download	UNDERCODE	2025-06-03
Android	25.03.21.0	Cleartext storage	medium	View or Download	UNDERCODE	2025-06-03
Infoblox NETMRI	<7.6.1	Command Injection	critical	View or Download	UNDERCODE	2025-06-03
Blizzard Battle.net	v2.40.0.15267	Privilege Escalation	critical	View or Download	UNDERCODE	2025-06-03
DetailDescriptionFW-WGS-804HPT	v1.305b241111	Stack Overflow	critical	View or Download	UNDERCODE	2025-06-03
DocArray	≤0.40.1	Prototype Pollution	critical	View or Download	UNDERCODE	2025-06-03
Defog-AI Introspect	≤ 0.1.4	Code Injection	critical	View or Download	UNDERCODE	2025-06-03
Infoblox NETMRI	<7.6.1	Authentication Bypass	critical	View or Download	UNDERCODE	2025-06-03
Infoblox NETMRI	<7.6.1	SQL Injection	critical	View or Download	UNDERCODE	2025-06-03
CMS Made Simple	2.2.21	Stored XSS	medium	View or Download	UNDERCODE	2025-06-03
Chanjet CRM	≤20250510	SQL Injection	critical	View or Download	UNDERCODE	2025-05-25
WCMS	≤8.3.11	Auth Bypass	critical	View or Download	UNDERCODE	2025-06-03
Gokapi	1.0.1-1.9.6	Stored XSS	medium	View or Download	UNDERCODE	2025-06-03
Gokapi	1.0.1-1.9.6	Stored XSS	critical	View or Download	UNDERCODE	2025-06-03
Node.js (tar-fs)	<1.16.5, 2.0.0-2.1.2, 3.0.0-3.0.8	Directory Traversal	critical	View or Download	UNDERCODE	2025-06-03
quic-go	v0.50.0	Nil-pointer dereference	critical	View or Download	UNDERCODE	2025-06-03
Drupal	8.0.0-10.3.13	Stored XSS	critical	View or Download	UNDERCODE	2025-06-02
Drupal Matomo Analytics	<1.24.0	CSRF	critical	View or Download	UNDERCODE	2025-06-02
Drupal	<1.8.0, <2.0.8	XSS	critical	View or Download	UNDERCODE	2025-06-02
Drupal	8.0.0–11.1.2	Forceful Browsing	critical	View or Download	UNDERCODE	2025-06-02
Drupal	<1.8.0, <2.0.8	CSRF	medium	View or Download	UNDERCODE	2025-03-31
ALFA AIP-W512	v3.2.2.2.3	Stack Overflow	critical	View or Download	UNDERCODE	2025-06-02
Drupal WEB-T	0.0.0 - 1.1.0	Auth Bypass + DoS	critical	View or Download	UNDERCODE	2025-06-02
Drupal	<2.0.6	Forceful Browsing	critical	View or Download	UNDERCODE	2025-06-02
Arrow2	Unmaintained	OOB Access	high	View or Download	UNDERCODE	2025-05-30
Para Server	v1.50.6	Credential Leak	high	View or Download	UNDERCODE	2025-05-30
Mattermost	10.7.0, 10.5.3, 9.11.12	Access Control Bypass	low	View or Download	UNDERCODE	2025-05-30
Mattermost	10.7.0-rc1 to 10.7.0	Token validation bypass	moderate	View or Download	UNDERCODE	2025-05-30
Mattermost	9.11.0-10.7.0	OAuth credential leak	moderate	View or Download	UNDERCODE	2025-05-30
GitHub CLI (go-gh)	< 2.12.1	Command Injection	critical	View or Download	UNDERCODE	2025-05-30
Apache Superset	< 4.1.2	SQL Injection	high	View or Download	UNDERCODE	2025-05-30
Spring Cloud Gateway	4.0.0-4.2.2	Header Injection	high	View or Download	UNDERCODE	2025-05-30
ProxyMIS Interview	≤ 1.01	SQL Injection	critical	View or Download	UNDERCODE	2025-05-30
WordPress Plugin	≤ 2.0.12	PHP LFI/RFI	critical	View or Download	UNDERCODE	2025-05-30
WordPress	≤2.0.0	DOM-Based XSS	critical	View or Download	UNDERCODE	2025-05-30
WordPress (Elementor)	≤1.0.14	Stored XSS	critical	View or Download	UNDERCODE	2025-05-30
WordPress Plugin	≤2.2.11	Object Injection	critical	View or Download	UNDERCODE	2025-05-30
Wire-Webapp	<2025-05-14-production.0	Persistent local data	medium	View or Download	UNDERCODE	2025-05-22
Group-Office	<6.8.119, <25.0.20	DOM-based XSS	medium	View or Download	UNDERCODE	2025-05-29
IBM Aspera Faspex	5.0.0 - 5.0.12	Improper Access Control	critical	View or Download	UNDERCODE	2025-05-29
Wavlink WL-WN579A3	v1.0	Command Injection	critical	View or Download	UNDERCODE	2025-05-29
Fiber (Go)	2.52.6	DoS via panic	medium	View or Download	UNDERCODE	2025-05-29
Group-Office	<6.8.119, <25.0.20	Persistent XSS	medium	View or Download	UNDERCODE	2025-05-29
Group-Office	<6.8.119, <25.0.20	Stored XSS	medium	View or Download	UNDERCODE	2025-05-29
Navidrome	<0.50.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-05-29
Apache Tomcat	9.0.0-11.0.6	Constraint bypass	low	View or Download	UNDERCODE	2025-05-29
Mattermost	10.7.0-10.7.0	Privilege Escalation	moderate	View or Download	UNDERCODE	2025-05-29
Gradio	<4.13.0	Arbitrary File Copy	critical	View or Download	UNDERCODE	2023-06-15
WordPress (WooCommerce)	≤ 2.2.2	Stored XSS	critical	View or Download	UNDERCODE	2025-05-29
Xylus Themes	≤1.8.5	Stored XSS	critical	View or Download	UNDERCODE	2025-05-29
CiyaShop	≤ 4.18.0	Object Injection	critical	View or Download	UNDERCODE	2025-05-29
Chimpstudio FoodBakery	≤ 3.3	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-05-29
WordPress	≤7.0	Object Injection	critical	View or Download	UNDERCODE	2025-05-29
VideoWhisper Live Streaming	≤6.2.4	CSRF	medium	View or Download	UNDERCODE	2025-05-29
ThemeGoods Altair	≤ 5.2.2	Object Injection	critical	View or Download	UNDERCODE	2025-05-29
WordPress	≤2.4.6	Stored XSS	critical	View or Download	UNDERCODE	2025-05-29
OA System	< v2025.01.01	XSS	critical	View or Download	UNDERCODE	2025-05-29
OA System	< v2025.01.01	Stored XSS	critical	View or Download	UNDERCODE	2025-05-29
Microsoft Scripting Engine	Pre-patch 2025	Type Confusion	critical	View or Download	UNDERCODE	2025-05-29
Math Library	0.2.0	XXE (CWE-611)	critical	View or Download	UNDERCODE	2025-05-29
Navidrome	0.55.0 - 0.55.2	SQL Injection	critical	View or Download	UNDERCODE	2025-05-29
Fabio LB	<1.8.3	Header stripping	critical	View or Download	UNDERCODE	2025-05-30
Next.js	13.0.0 - 13.4	CSWSH	critical	View or Download	UNDERCODE	2025-05-28
Multicast	<2.0.9a3	Dependency Confusion	critical	View or Download	UNDERCODE	2025-05-29
vLLM	Pre-patch	Input validation bypass	critical	View or Download	UNDERCODE	2025-05-28
vLLM	< 0.4.0	Regex DoS	moderate	View or Download	UNDERCODE	2025-05-28
vLLM	<= 0.4.1	ReDoS	critical	View or Download	UNDERCODE	2024-06-10
vLLM	Pre-fix versions	ReDoS	critical	View or Download	UNDERCODE	2025-05-28
vLLM	<0.4.0	Insecure Hashing	medium	View or Download	UNDERCODE	2024-06-10
Apache Commons	<1.11.0, <2.0.0-M2	ClassLoader hijacking	critical	View or Download	UNDERCODE	2019-12-01
Mautic	<4.4.0	Open Redirection	medium	View or Download	UNDERCODE	2025-05-28
Argo CD	< v3.0.4, < v2.14.13, < v2.13.8	XSS via URL	critical	View or Download	UNDERCODE	2025-05-28
Mautic	1.0.0 - 4.4.15, 5.0.0-alpha - 5.2.5, 6.0.0-alpha - 6.0.1	User Enumeration	medium	View or Download	UNDERCODE	2025-05-28
Mautic	<4.4.8	Unauthenticated preview access	medium	View or Download	UNDERCODE	2025-05-28
Mautic	<4.4.0	.env exposure	critical	View or Download	UNDERCODE	2025-05-28
ZITADEL	<3.2.2, <2.71.11, <2.70.12	Host Header Injection	critical	View or Download	UNDERCODE	2025-05-28
Mautic	<4.4.0	IDOR	critical	View or Download	UNDERCODE	2025-05-28
LLama-Index CLI	<0.4.1	OS Command Injection	high	View or Download	UNDERCODE	2025-05-28
Hackney (Erlang/Elixir)	< 1.24.0	Connection Pool Exhaustion	low	View or Download	UNDERCODE	2025-05-28
Amazon Redshift	2.0.872-2.1.6	SSL bypass	critical	View or Download	UNDERCODE	2025-05-28
Chrome PHP	<1.14.0	XSS via `CssSelector`	moderate	View or Download	UNDERCODE	2025-05-28
Edgeless Systems Contrast	<=1.7	Information Disclosure	critical	View or Download	UNDERCODE	2025-05-28
GitHub Actions	Unpatched workflows	Code Injection	critical	View or Download	UNDERCODE	2025-05-28
Apache InLong	1.13.0 - 2.1.0	JDBC Deserialization	high	View or Download	UNDERCODE	2025-05-28
Valtimo Backend Libraries	Pre-patch	Unauthorized Object Access	high	View or Download	UNDERCODE	2025-05-28
Apache InLong	1.13.0 - 2.1.0	JDBC Invisible Character Bypass	moderate	View or Download	UNDERCODE	2025-05-28
Apache InLong	1.13.0 - 2.1.0	JDBC URLEncode bypass	moderate	View or Download	UNDERCODE	2025-05-28
Apple WebKit	< Safari 18.3	Memory corruption	critical	View or Download	UNDERCODE	2025-05-28
Student Project Allocation System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
Apple ecosystem	visionOS<2.3, iOS<18.3	Memory corruption	critical	View or Download	UNDERCODE	2025-05-28
Blood Bank Mgmt	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
Apple OS Suite	visionOS <2.3, iOS/iPadOS <18.3, macOS <15.3, watchOS <11.3, tvOS <18.3	File system permission bypass	critical	View or Download	UNDERCODE	2025-05-28
macOS	Ventura <13.7.3, Sequoia <15.3, Sonoma <14.7.3	Filesystem bypass	critical	View or Download	UNDERCODE	2025-05-28
Firefox/Thunderbird	<138.0.4/<128.10.2	Memory Corruption	critical	View or Download	UNDERCODE	2025-05-22
Mozilla Firefox/Thunderbird	< 138.0.4	OOB Read/Write	critical	View or Download	UNDERCODE	2025-05-28
Assimp	5.4.3	Stack overflow	critical	View or Download	UNDERCODE	2025-05-28
PHPGurukul Directory Management	2.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
Codeastro Bus Booking	v1.0	IDOR Exploit	critical	View or Download	UNDERCODE	2025-05-28
Assimp	5.4.3	OOB Read	medium	View or Download	UNDERCODE	2025-05-28
SourceCodester CDMS	1.0	Directory Listing	critical	View or Download	UNDERCODE	2025-05-28
SourceCodester CDMS	1.0	Unrestricted Upload	critical	View or Download	UNDERCODE	2025-05-28
Campcodes Sales and Inventory System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
SourceCodester Stock Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
LibreNMS	≤25.4.0	Stored XSS	critical	View or Download	UNDERCODE	2025-05-28
PyTorch	≤2.5.1	RCE	critical	View or Download	UNDERCODE	2025-05-28
ITSourceCode Restaurant Mgmt	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
Restaurant Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
itsourcecode S&I System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
Campcodes Shopping Portal	1.0	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-05-27
Campcodes Cybercafe	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
PHPGurukul	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-05-27
PHPGurukul ERMS	1.3	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
SourceCodester CDMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Campcodes Online Shopping	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Campcodes Shopping Portal	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Sourcecodester	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Online Time Table Generator	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Python/PyPI	≤1.1.5	Unsafe Deserialization	moderate	View or Download	UNDERCODE	2025-05-26
ActiveMQ Artemis	<= 0.0.0-20250418141202	Credential Reuse	moderate	View or Download	UNDERCODE	2025-05-28
Apple OS Stack	watchOS <11.5, macOS <14.7.6, iOS <18.5	Integer Overflow	critical	View or Download	UNDERCODE	2025-05-27
Apple OS (iOS/macOS/watchOS)	Multiple (see fixed versions)	Kernel Memory Corruption	critical	View or Download	UNDERCODE	2025-05-27
iOS/iPadOS	<18.5	Deleted call recording leakage	medium	View or Download	UNDERCODE	2025-05-27
Apple Ecosystem	iOS/macOS/watchOS/tvOS/visionOS/Safari	Memory Corruption	critical	View or Download	UNDERCODE	2025-05-27
macOS	Ventura <13.7.6, Sonoma <14.7.6, Sequoia <15.5	Sandbox Escape	critical	View or Download	UNDERCODE	2025-05-12
Apple macOS/iOS	Ventura 13.x, Sonoma 14.x, Sequoia 15.x, iPadOS 17.x	Keychain data leak	medium	View or Download	UNDERCODE	2025-05-27
macOS	<15.5	Data exposure	critical	View or Download	UNDERCODE	2025-05-12
Apple iPadOS/macOS	iPadOS <17.7.7, Ventura <13.7.6	Double-free	critical	View or Download	UNDERCODE	2025-05-27
macOS	Ventura 13.x, Sequoia 15.x, Sonoma 14.x	Privacy bypass	critical	View or Download	UNDERCODE	2025-05-27
Apple macOS/iPadOS	Ventura 13.7.5, Sonoma 14.7.5, Sequoia 15.4, iPadOS 17.7.6	Location data leak	critical	View or Download	UNDERCODE	2025-05-27
macOS	Ventura <13.7.6, Sequoia <15.5, Sonoma <14.7.6	ASLR bypass	critical	View or Download	UNDERCODE	2025-05-27
macOS	<15.5	Info Disclosure	medium	View or Download	UNDERCODE	2025-05-27
Apple OS Stack	watchOS <11.5, macOS <14.7.6/15.5, iOS/iPadOS <18.5	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-27
iOS/iPadOS	<18.5	Residual call history leakage	medium	View or Download	UNDERCODE	2025-05-27
iOS/iPadOS	<17.7.7, <18.5	Lock screen bypass	medium	View or Download	UNDERCODE	2025-05-27
Apple OS (visionOS, iOS, iPadOS, macOS, tvOS)	Pre-visionOS 2.5, iOS/iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5	Kernel Memory Corruption	critical	View or Download	UNDERCODE	2025-05-27
Apple OS Stack	watchOS <11.5, macOS <14.7.6, tvOS <18.5, iOS/iPadOS <17.7.7/18.5	Memory Corruption	critical	View or Download	UNDERCODE	2025-05-27
Apple OS Suite	iOS <18.5, macOS <15.5	Image DoS	critical	View or Download	UNDERCODE	2025-05-27
Apple Devices	iOS 18.5, macOS 15.5, Safari 18.5	WebKit Input Validation	critical	View or Download	UNDERCODE	2025-05-27
macOS	<14.7.6, <15.5	Kernel memory corruption	critical	View or Download	UNDERCODE	2025-05-27
macOS	Ventura 13.7.5, Sequoia 15.4, Sonoma 14.7.5	File system bypass	critical	View or Download	UNDERCODE	2025-05-27
macOS/iOS/tvOS/visionOS	Sonoma 14.7.5 and below	Kernel panic via IOKit	critical	View or Download	UNDERCODE	2025-05-27
macOS	Ventura 13.x, Sequoia 15.x, Sonoma 14.x	Privacy Bypass via Log Leak	critical	View or Download	UNDERCODE	2025-05-27
macOS	<15.5	Sandbox Escape	critical	View or Download	UNDERCODE	2025-05-27
Apple OS Suite	watchOS <11.5, macOS <14.7.6, tvOS <18.5, iOS/iPadOS <17.7.7/18.5	Memory Corruption	critical	View or Download	UNDERCODE	2025-05-27
macOS	Pre-Sequoia 15.5	Information disclosure	medium	View or Download	UNDERCODE	2025-05-27
macOS	Pre-Sequoia 15.5	Sandbox Escape	critical	View or Download	UNDERCODE	2025-05-27
macOS	Pre-15.5	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-12
iOS, iPadOS	<18.5	State management flaw	medium	View or Download	UNDERCODE	2025-05-27
Apple WebKit	Safari <18.5, iOS/iPadOS <18.5, macOS <15.5	Memory corruption	critical	View or Download	UNDERCODE	2025-05-27
PHPGurukul CMS	2.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
macOS	Pre-15.5	Data access bypass	critical	View or Download	UNDERCODE	2025-05-27
macOS	<15.5	Information Disclosure	critical	View or Download	UNDERCODE	2025-05-27
DocArray	≤ 0.40.1	Prototype Pollution	critical	View or Download	UNDERCODE	2025-05-27
Python/pypickle	≤1.1.5	Privilege Escalation	moderate	View or Download	UNDERCODE	2025-05-26
FunAudioLLM InspireMusic	<= bf32364bcb0d1	Unsafe deserialization	critical	View or Download	UNDERCODE	2025-05-27
Laravel Rest API	< 2.13.0	Validation Bypass	moderate	View or Download	UNDERCODE	2025-05-27
PyTorch	2.6.0	Memory corruption	medium	View or Download	UNDERCODE	2025-05-28
SourceCodester AVMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-28
WordPress Plugin	≤5.2.0	PHP Local File Inclusion	critical	View or Download	UNDERCODE	2025-05-28
WordPress	≤6.3.5	Local File Inclusion	critical	View or Download	UNDERCODE	2025-05-28
Rust Crate	0.2.0	Integer Overflow	low	View or Download	UNDERCODE	2025-05-27
Django	<8.4.1	Token Leak	critical	View or Download	UNDERCODE	2025-05-27
Strapi	Latest	SSRF	critical	View or Download	UNDERCODE	2025-05-27
Rust crate	0.2.2	Unsafe drop()	low	View or Download	UNDERCODE	2025-05-27
Rust `memory_pages`	0.1.0	Division by zero	low	View or Download	UNDERCODE	2025-05-27
Supabase/auth-js	< 2.69.1	Path Traversal	medium	View or Download	UNDERCODE	2025-05-27
Rust crate	0.1.0	Unsound unlock	low	View or Download	UNDERCODE	2025-05-27
Fess	<13.10	Insecure Temp Files	medium	View or Download	UNDERCODE	2023-01-15
NETSCOUT nGeniusONE	< 6.4.0 b2350	Insecure Permissions	critical	View or Download	UNDERCODE	2025-05-28
NETSCOUT nGeniusONE	< 6.4.0 b2350	Authentication Bypass	critical	View or Download	UNDERCODE	2025-05-27
NETSCOUT nGeniusONE	<6.4.0 b2350	Stored XSS	critical	View or Download	UNDERCODE	2025-05-27
NETSCOUT nGeniusONE	<6.4.0 b2350	Arbitrary File Creation	critical	View or Download	UNDERCODE	2025-05-27
NETSCOUT nGeniusONE	< 6.4.0 b2350	Information Disclosure	medium	View or Download	UNDERCODE	2025-05-27
NETSCOUT nGeniusONE	< 6.4.0 b2350	Broken Authorization	critical	View or Download	UNDERCODE	2025-05-28
NETSCOUT nGeniusONE	<6.4.0 b2350	Hardcoded Credentials	critical	View or Download	UNDERCODE	2025-05-27
Police Station Management System	1.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-27
Tenda FH451	1.0.0.9	Stack Overflow	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Unauthenticated config change	critical	View or Download	UNDERCODE	2025-05-27
Node.js (Marked)	<0.3.17	ReDoS	moderate	View or Download	UNDERCODE	2025-05-23
Tenda RX2 Pro	16.03.30.14	RCE via UDP	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Weak Credentials	critical	View or Download	UNDERCODE	2025-05-27
macOS	Ventura <13.7.6, Sequoia <15.5, Sonoma <14.7.6	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-27
Tenda AC7	15.03.06.44	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-27
iOS/iPadOS	<17.7.7, <18.5	UI Spoofing	medium	View or Download	UNDERCODE	2025-05-27
Radashi	< 1.4.3	Prototype Pollution	moderate	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Command Injection	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Unauthenticated RCE	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Static AES reuse	critical	View or Download	UNDERCODE	2025-05-27
Tenda AC9	V15.03.06.42_multi	Command Injection	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Network Isolation Bypass	critical	View or Download	UNDERCODE	2025-05-27
SourceCodester Student Result Management	1.0	Path Traversal	critical	View or Download	UNDERCODE	2025-05-27
itsourcecode Placement Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
ITsourcecode PMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Campcodes SIS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	IV Reuse	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Cleartext AES Key	critical	View or Download	UNDERCODE	2025-05-27
Tenda RX2 Pro	16.03.30.14	Cleartext credential transmission	critical	View or Download	UNDERCODE	2025-05-27
Campcodes Sales	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-27
WordPress	≤ 1.9.8	Auth Bypass	critical	View or Download	UNDERCODE	2025-03-13
WordPress	≤ 1.9.8	CSRF	medium	View or Download	UNDERCODE	2025-05-25
WordPress Plugin	≤ 4.4.10	Stored XSS	critical	View or Download	UNDERCODE	2025-05-25
SpringBoot-Manager	3.0	XSS	medium	View or Download	UNDERCODE	2025-05-25
zj1983 zz	<= 2024-8	SQL Injection	critical	View or Download	UNDERCODE	2025-05-25
WordPress	≤1.0.4	Stored XSS	high	View or Download	UNDERCODE	2025-05-25
zj1983 zz	≤ 2024-8	SQL Injection	critical	View or Download	UNDERCODE	2025-05-25
WordPress	≤3.4.25	Missing capability check	medium	View or Download	UNDERCODE	2025-05-25
zj1983 zz	≤ 2024-8	SSRF	critical	View or Download	UNDERCODE	2025-05-25
zj1983 zz	<= 2024-8	Auth bypass	critical	View or Download	UNDERCODE	2025-05-25
zj1983 zz	<= 2024-8	SSRF	critical	View or Download	UNDERCODE	2025-05-25
zj1983 zz	≤ 2024-8	XSS	medium	View or Download	UNDERCODE	2025-05-25
zj1983 zz	≤ 2024-8	Unrestricted upload	critical	View or Download	UNDERCODE	2025-05-25
zzERP	≤ 2024-8	SSRF	critical	View or Download	UNDERCODE	2025-05-25
zj1983 zz	Up to 2024-8	SQL Injection	critical	View or Download	UNDERCODE	2025-05-25
zj1983 zz	<=2024-8	SQL Injection	critical	View or Download	UNDERCODE	2025-05-25
OpenVPN	2.6.1–2.6.13	DoS via replay	critical	View or Download	UNDERCODE	2025-05-23
Tenda AC7	15.03.06.44	Stack overflow	critical	View or Download	UNDERCODE	2025-05-16
TOTOLINK N300RH	6.1c.1390_B20191101	Command Injection	critical	View or Download	UNDERCODE	2025-05-18
samlify	<2.10.0	Signature Wrapping	critical	View or Download	UNDERCODE	2025-05-19
Symfony UX Twig	<2.25.1	Attribute Injection	critical	View or Download	UNDERCODE	2025-05-19
Node.js	>=1.4.4-lts.1	DoS via malformed request	critical	View or Download	UNDERCODE	2025-05-19
Node.js (Multer)	<2.0.0	Memory Leak	critical	View or Download	UNDERCODE	2025-05-19
OpenPGP.js	v5.x, v6.x	Signature Spoofing	critical	View or Download	UNDERCODE	2025-05-19
Hugging Face	v4.48.3	ReDoS	moderate	View or Download	UNDERCODE	2025-05-19
Gardener	<1.116.4, 1.117.0-1.117.4, 1.118.0-1.118.1	Metadata injection	critical	View or Download	UNDERCODE	2025-05-19
Gardener	<1.116.4, 1.117.0-1.117.5, 1.118.0-1.118.2	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-19
Gardener External DNS Management	<= v1.60.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-19
PyPI	<78.1.1	Path Traversal	critical	View or Download	UNDERCODE	2025-05-19
QQBot		Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-19
LibreNMS	25.4.0	Stored XSS	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-05-17
SMA100 SSLVPN	Not specified	Path Traversal	critical	View or Download	UNDERCODE	2025-05-19
TOTOLINK A950RG	V4.1.2cu.5204_B20210112	Command Injection	critical	View or Download	UNDERCODE	2025-05-20
SMA100 SSLVPN	Pre-10.2.5	Command Injection	critical	View or Download	UNDERCODE	2025-05-19
SMA100	Pre-10.2.1	Path Traversal	critical	View or Download	UNDERCODE	2025-05-20
Microsoft Excel	2019/2021/365	Out-of-bounds read	critical	View or Download	UNDERCODE	2025-05-19
Microsoft SharePoint	2019/Online	RCE via Deserialization	critical	View or Download	UNDERCODE	2025-05-19
Microsoft Excel	2019/2021/365	Memory Corruption	critical	View or Download	UNDERCODE	2025-05-19
Microsoft Office	2019/2021/365	Use-After-Free	critical	View or Download	UNDERCODE	2025-05-19
Microsoft Excel	2019/365	Heap overflow	critical	View or Download	UNDERCODE	2025-05-19
WordPress	≤2.1	Stored XSS	medium	View or Download	UNDERCODE	2025-05-19
WordPress	≤5.1.16	Option Deletion	critical	View or Download	UNDERCODE	2025-05-19
OpenCTI	6.4.8-6.4.9	Access Control Bypass	critical	View or Download	UNDERCODE	2025-05-19
Laravel-Auth0 SDK	<7.17.0	Brute-forceable auth tags	critical	View or Download	UNDERCODE	2025-05-17
Mattermost	10.5.0–10.5.2	Improper Access Control	low	View or Download	UNDERCODE	2025-05-17
Auth0 WordPress Plugin	<=5.2.1	Session Fixation	critical	View or Download	UNDERCODE	2025-05-17
Ollama Server	0.5.11	DoS via Array Index Abuse	high	View or Download	UNDERCODE	2025-05-17
Auth0 Symfony SDK	<=5.3.1	Authentication Bypass	critical	View or Download	UNDERCODE	2025-05-17
Mattermost	10.6.1, 10.5.2, 10.4.4, 9.11.11	Improper Access Control	moderate	View or Download	UNDERCODE	2025-05-17
Mattermost	10.5.0–10.5.2	Group permission bypass	moderate	View or Download	UNDERCODE	2025-05-15
SeaweedFS	3.68	SQL Injection	moderate	View or Download	UNDERCODE	2025-05-16
npm	<5.9.2	Incorrect Behavior Order	moderate	View or Download	UNDERCODE	2025-05-16
Auth0-PHP SDK	8.0.0-BETA1 - 8.13.0	Session Forgery	critical	View or Download	UNDERCODE	2025-05-16
Meteor	<= 3.2.1	ReDoS	moderate	View or Download	UNDERCODE	2025-05-16
Flask-AppBuilder	< 4.6.2	Open Redirect	moderate	View or Download	UNDERCODE	2025-05-16
Jenkins	≤1.0	Authentication Bypass	high	View or Download	UNDERCODE	2025-05-16
Jenkins Plugin	≤4.0.1-286.v9e25a_740b_a_48	Missing Permissions	moderate	View or Download	UNDERCODE	2025-05-16
Jenkins Plugin	< 4.0.1-286.v9e25a740ba48	CSRF	moderate	View or Download	UNDERCODE	2025-05-16
Jenkins	<= 2.7.3	SSL/TLS Validation Bypass	moderate	View or Download	UNDERCODE	2025-05-16
Jenkins CloudBees Plugin	≤ 374.v194b_d4f0c8c8	Stored XSS	high	View or Download	UNDERCODE	2025-05-16
Jenkins	<111.v29fd614b3617	Token Validation Bypass	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-05-16
Vyper	Pre-fix	Side-effect elision	low	View or Download	UNDERCODE	2025-05-16
Tornado	<6.5.0	DoS via logging	critical	View or Download	UNDERCODE	2025-05-16
Vyper	<0.3.8	Side-effect skip	low	View or Download	UNDERCODE	2025-05-16
Rust	crossbeam-channel < 0.5.5	Double Free	moderate	View or Download	UNDERCODE	2025-05-15
Apache IoTDB	0.10.0 - 1.3.3, 2.0.1-beta - 2.0.2	Info Disclosure via Logs	moderate	View or Download	UNDERCODE	2025-05-15
Apache IoTDB	0.10.0-1.3.3	Information disclosure	moderate	View or Download	UNDERCODE	2025-05-15
WebDriverManager	1.0.0 to 6.0.0	XXE	critical	View or Download	UNDERCODE	2025-05-15
Bullfrog DNS	<1.2.3	Filtering bypass	moderate	View or Download	UNDERCODE	2025-05-15
Apache IoTDB	1.0.0-1.3.3	RCE via UDF	critical	View or Download	UNDERCODE	2025-05-15
Label Studio	<1.8.2	Reflected XSS	medium	View or Download	UNDERCODE	2023-04-15
Rust crate	All (< 0.4.0)	Unsafe mutable statics	high	View or Download	UNDERCODE	2025-05-15
motionEye	<0.43.1b4	RCE	critical	View or Download	UNDERCODE	2025-05-15
Reflex	< 0.7.11	State tampering	critical	View or Download	UNDERCODE	2025-05-15
Yggdrasil	<1.2.3	Privilege Escalation	high	View or Download	UNDERCODE	2025-05-15
Sulu CMS	2.5.21-2.5.24, 2.6.5-2.6.8, 3.0.0-alpha1-3.0.0-alpha2	XXE in SVG upload	critical	View or Download	UNDERCODE	2025-05-15
Bootstrap Multiselect	1.1.2	CSRF → XSS	moderate	View or Download	UNDERCODE	2025-05-15
Next.js	12.x - 14.x	Cache Poisoning via Race Condition	low	View or Download	UNDERCODE	2025-05-15
Node.js (undici)	<5.29.0, 6.0.0–6.21.2, 7.0.0–7.5.0	Memory leak via TLS	critical	View or Download	UNDERCODE	2025-05-15
Babylon Protocol	x/finality module	Signature replay	critical	View or Download	UNDERCODE	2025-05-15
Babylon Blockchain	Pre-patch releases	Integer Overflow	high	View or Download	UNDERCODE	2025-05-15
Kuiper		Stored XSS	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Gym	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Apartment Visitor Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Kortex Lite	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Online Eyewear Shop	1.0	Directory Listing Exposure	medium	View or Download	UNDERCODE	2025-05-14
SourceCodester	1.0	Authorization Bypass	medium	View or Download	UNDERCODE	2025-05-14
SourceCodester	1.0	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Food Menu Manager	1.0	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Pharmacy Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
SourceCodester Telecom Billing	1.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-14
vLLM	0.5.2 - 0.8.4	DoS/Data Exposure	critical	View or Download	UNDERCODE	2025-05-14
WordPress	<12.3.1	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-14
Web-Arena-X	<= 0.2.0	Code Injection	critical	View or Download	UNDERCODE	2025-05-14
CodeAstro Membership	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
School Billing System	1.0	Stack Overflow	critical	View or Download	UNDERCODE	2025-05-14
Placement Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
VMware Aria Operations	8.x, 9.x	Information Disclosure	critical	View or Download	UNDERCODE	2025-05-14
OXID eShop	<7.0.0	Information Disclosure	high	View or Download	UNDERCODE	2025-05-14
VMware Aria Operations	Logs (unspecified)	Stored XSS	critical	View or Download	UNDERCODE	2025-05-14
evmOS / Cosmos EVM	Pre-patch builds	Partial state execution	critical	View or Download	UNDERCODE	2025-05-14
VMware Aria Operations	Logs 8.12.x	Stored XSS	critical	View or Download	UNDERCODE	2025-05-14
VMware Aria Operations	Logs (pre-8.12.2)	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-14
VMware Aria Operations	Logs (pre-8.12.2)	Credential Disclosure	critical	View or Download	UNDERCODE	2025-05-14
Payroll Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-15
Life Insurance Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
SiYuan Note	3.1.18	Arbitrary File Deletion	critical	View or Download	UNDERCODE	2025-05-14
Go middleware	<1.2.0	CSRF bypass	critical	View or Download	UNDERCODE	2025-05-14
Microsoft SharePoint	Unpatched versions prior to May 2025	Deserialization RCE	critical	View or Download	UNDERCODE	2025-05-14
Node.js	12.x, 14.x, 16.x	HTTP/2 Heap Overflow	critical	View or Download	UNDERCODE	2021-09-29
Adobe InDesign	≤ ID19.5.2, ID20.2	NULL Pointer Dereference	medium	View or Download	UNDERCODE	2025-05-14
Adobe Dreamweaver	≤21.4	Type Confusion	critical	View or Download	UNDERCODE	2025-05-14
Adobe InDesign	≤ID19.5.2, ≤ID20.2	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-05-14
Code-Projects Scheduling System	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-05-14
Code-Projects Scheduling System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
Online Class Scheduling System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
OpenPubkey	<0.10.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-05-14
RuoYi	≤4.8.0	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-05-13
ESAFENET CDG	V5	SQL Injection	critical	View or Download	UNDERCODE	2025-05-13
Blood Bank Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-13
Blood Bank Management System	1.0	Directory Listing Exposure	critical	View or Download	UNDERCODE	2025-05-13
OPKSSH	<0.5.0	Auth Bypass	critical	View or Download	UNDERCODE	2025-05-14
ESAFENET CDG	V5	XSS	medium	View or Download	UNDERCODE	2025-05-13
.NET SDK	8.0.xxx/9.0.xxx	Spoofing	critical	View or Download	UNDERCODE	2025-05-14
D-Link routers	DIR-890L/DIR-806A1	Command injection	critical	View or Download	UNDERCODE	2025-05-13
PHPGurukul Student Record System	3.20	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
PHPGurukul Zoo	2.1	SQL Injection	critical	View or Download	UNDERCODE	2025-05-13
SonicWall SMA1000	Workplace Interface	SSRF	critical	View or Download	UNDERCODE	2025-05-13
Flask	3.1.0	Key rotation flaw	medium	View or Download	UNDERCODE	2025-05-13
PHPGurukul SRS	3.20	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
sudo-rs	0.2.2, 0.2.5	Privilege enumeration	medium	View or Download	UNDERCODE	2025-05-13
Netgear JWNR2000v2	1.0.0.11	Command Injection	critical	View or Download	UNDERCODE	2025-05-14
Apache Parquet	≤1.15.1	RCE	critical	View or Download	UNDERCODE	2025-05-13
Umbraco.Forms	<13.4.2, <15.1.2	HTML Injection	low	View or Download	UNDERCODE	2025-05-13
Apache Superset	<= 4.1.1	Ownership takeover	moderate	View or Download	UNDERCODE	2025-05-13
D-Link DIR-880L	<= 104WWb01	Command Injection	critical	View or Download	UNDERCODE	2025-05-06
Netgear JWNR2000v2	1.0.0.11	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-14
D-Link DIR-600L	≤ 2.07B01	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-13
Kirby CMS	<3.9.8.3, <3.10.1.2, <4.7.1	Path Traversal	medium	View or Download	UNDERCODE	2024-04-15
Couchbase Server	<7.6.4, <7.2.7 (Windows)	Unauthorized File Access	critical	View or Download	UNDERCODE	2025-05-13
Kirby CMS	<3.9.8.3, <3.10.1.2, <4.7.1	Path Traversal	critical	View or Download	UNDERCODE	2024-04-10
Netgear EX6200	1.0.3.94	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-14
reNgine	<2.5.0	Command Injection	critical	View or Download	UNDERCODE	2025-02-03
Tailoring Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-14
TCMAN GIM	v11	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-05-13
Gym Management System	1.0	SQL Injection	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-05-09
reNgine	< 2.2.0	Information Disclosure	critical	View or Download	UNDERCODE	2025-05-13
PHPGurukul CMS	1.1	SQL Injection	critical	View or Download	UNDERCODE	2025-05-05
PHPGurukul CMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-05
Gym Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-13
TCMAN GIM	v11	SQL Injection	critical	View or Download	UNDERCODE	2025-05-13
PHPGurukul	1.1	SQL Injection	critical	View or Download	UNDERCODE	2025-05-05
TeleMessage Archiving Backend	Through 2025-05-05	Cleartext Storage	critical	View or Download	UNDERCODE	2025-05-14
D-Link DIR-619L	2.04B04	Buffer Overflow	critical	View or Download	UNDERCODE	2025-05-13
D-Link DIR-619L	2.04B04	Command Injection	critical	View or Download	UNDERCODE	2025-05-13
H5P-Nodejs-library	<9.3.3	XSS	moderate	View or Download	UNDERCODE	2025-05-12
LlamaIndex	0.12.15	Recursion DoS	high	View or Download	UNDERCODE	2025-05-12
GitHub	1.13.2-1.13.5	Code Injection	moderate	View or Download	UNDERCODE	2025-05-12
Rust crate	<=0.2.0	Race condition	low	View or Download	UNDERCODE	2025-05-09
Ring (Rust)	<0.17.8	AES Panic on Overflow	moderate	View or Download	UNDERCODE	2025-05-12
OpenStack Ironic	<24.1.3, 25.0.0-26.1.1, 27.0.0-29.0.1	Path Traversal	low	View or Download	UNDERCODE	2025-05-12
Rust (trailer crate)	≤ 0.1.2	Zero-size allocation mishandling	low	View or Download	UNDERCODE	2025-05-12
code-server	< v4.99.4	SSRF	critical	View or Download	UNDERCODE	2023-11-30
libsql-sqlite3-parser	≤ 0.13.0	DoS crash	low	View or Download	UNDERCODE	2025-05-12
Apache Commons	<= 1.10	Resource exhaustion	low	View or Download	UNDERCODE	2025-05-12
Koillection	1.6.10	Stored XSS	moderate	View or Download	UNDERCODE	2025-05-08
Eclipse Jetty	12.0.0 - 12.0.16	HTTP/2 OoM Exploit	critical	View or Download	UNDERCODE	2025-05-08
Eclipse Jetty	9.4.0-9.4.56	Request Smuggling	critical	View or Download	UNDERCODE	2025-05-08
JRuby-OpenSSL	0.15.3	Hostname verification bypass	moderate	View or Download	UNDERCODE	2025-05-08
Django	4.2-4.2.20, 5.1-5.1.8, 5.2-5.2.0	DoS via `strip_tags()`	moderate	View or Download	UNDERCODE	2025-05-08
Rust	Unmaintained	Bounds bypass	moderate	View or Download	UNDERCODE	2025-05-08
Trix Editor	< 2.1.15	XSS via paste	critical	View or Download	UNDERCODE	2025-05-08
Ruby Rack	< 3.0.9.1	DoS	critical	View or Download	UNDERCODE	2023-03-15
Easy Appointments	1.5.1	DoS via resource exhaustion	moderate	View or Download	UNDERCODE	2025-05-08
Craft CMS	<5.7.5, <4.15.3	Session File Injection	moderate	View or Download	UNDERCODE	2025-05-08
Rack	<2.2.8, 3.x	Session fixation	medium	View or Download	UNDERCODE	2024-03-15
Node.js	≤4.6.3	SAML Signature Wrapping	critical	View or Download	UNDERCODE	2025-05-07
Graylog	<=6.0.13, 6.1.0-6.1.9	Stored XSS	high	View or Download	UNDERCODE	2025-05-07
Graylog	<6.2.0	Stored XSS	high	View or Download	UNDERCODE	2025-05-07
Redox OS	Pre-2025 patches	Heap overflow	low	View or Download	UNDERCODE	2025-05-07
Node.js	<=4.6.3	SAML bypass	high	View or Download	UNDERCODE	2025-05-07
Scanner Public API	Unspecified	Out-of-Bounds Read	low	View or Download	UNDERCODE	2025-05-07
Apache ActiveMQ	<6.1.6, <5.18.7, <5.17.7, <5.16.8	Memory exhaustion	moderate	View or Download	UNDERCODE	2025-05-07
Liferay Portal	7.4.0–7.4.3.131	Reflected XSS	moderate	View or Download	UNDERCODE	2025-05-07
Cardano (Mithril)	<0.12.2 (client), <0.7.44 (aggregator)	Inconsistent Snapshot Verification	critical	View or Download	UNDERCODE	2025-05-07
JBoss EAP	< 3.7.11.Final	Stored XSS	critical	View or Download	UNDERCODE	2025-05-06
Mezzanine CMS	6.0.0	Stored XSS	moderate	View or Download	UNDERCODE	2025-05-06
BRCC	v1.2.0	Incorrect Access Control	critical	View or Download	UNDERCODE	2025-05-06
Linux Kernel	Up to 6.13.0-rc6+	Use-After-Free	critical	View or Download	UNDERCODE	2025-05-06
Linux Kernel	Pre-patch versions with IDPF driver	NULL Pointer Dereference	critical	View or Download	UNDERCODE	2025-05-06
Linux Kernel	Pre-patch versions	Out-of-bounds read	critical	View or Download	UNDERCODE	2025-05-06
Linux Kernel	Pre-6.14	Race Condition	critical	View or Download	UNDERCODE	2025-05-06
Linux Kernel	Pre-6.14.0-rc2	NULL Pointer Dereference	critical	View or Download	UNDERCODE	2025-04-16
Linux Kernel	Up to 6.14.0-rc6+	Use-After-Free	critical	View or Download	UNDERCODE	2025-04-16
Linux Kernel	Up to 5.15.x	NULL Dereference	medium	View or Download	UNDERCODE	2025-05-06
Linux Kernel	Pre-patch versions	Race Condition (Use-after-free)	critical	View or Download	UNDERCODE	2025-04-16
Goshs	0.3.4 - 1.0.4	Command Execution	critical	View or Download	UNDERCODE	2025-05-06
Terraform WinDNS	<=1.0.4	Command Injection	low	View or Download	UNDERCODE	2025-05-06
got.scraping	< vulnerable versions >	SSRF via redirect	critical	View or Download	UNDERCODE	2025-05-06
Tanton_engine	Unmaintained	Unsound API	moderate	View or Download	UNDERCODE	2025-05-06
vLLM	<v0.8.0	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-05-06
ZITADEL	<3.0.0, <2.71.9, <2.70.10	Session Fixation	critical	View or Download	UNDERCODE	2025-05-06
Umbraco CMS	<10.8.10, 11.0.0-13.8.0	User Enumeration	moderate	View or Download	UNDERCODE	2025-05-06
Apache Parquet Java	≤1.15.1	RCE via schema	high	View or Download	UNDERCODE	2025-05-06
WordPress	≤ 2.2.0	Unauthenticated user deletion	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤ 2.3.9	Missing Authorization	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤ 5.1.3	IDOR	critical	View or Download	UNDERCODE	2025-05-01
WordPress	≤0.2.5.1	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-05-01
WordPress	≤5.1.3	IDOR	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤ 2.2.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-01
WordPress	≤4.17.4	Privilege Escalation	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤0.2.5.4	CSRF→RCE	critical	View or Download	UNDERCODE	2025-05-01
WordPress	<=5.1.3	Stored XSS	medium	View or Download	UNDERCODE	2025-05-06
WordPress	≤1.5.8	Stored XSS	medium	View or Download	UNDERCODE	2025-05-06
OpenH264	≤ 2.5.0	Heap overflow	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤1.0.8	Stored XSS	high	View or Download	UNDERCODE	2025-05-06
WordPress	≤5.4	Stored XSS	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤2.2.1	Stored XSS	medium	View or Download	UNDERCODE	2025-05-06
WordPress	≤5.10.29	Stored XSS	highh2stylecolorblue	View or Download	UNDERCODE	2025-05-06
WordPress	≤ 2.6.22	Stored XSS	critical	View or Download	UNDERCODE	2025-05-06
MediaTek Modem	Pre-MOLY01334347	Certificate Validation Bypass	critical	View or Download	UNDERCODE	2025-05-06
SCP	Pre-patch ALPS09625562	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-05-06
Modem Baseband	MOLY01513293	Information Disclosure	critical	View or Download	UNDERCODE	2025-05-06
Modem Firmware	Pre-MOLY00650610	Uncaught Exception	critical	View or Download	UNDERCODE	2025-05-06
WordPress	≤1.1.1	Stored XSS	medium	View or Download	UNDERCODE	2025-05-06
Android	MediaTek chipsets	Information disclosure	medium	View or Download	UNDERCODE	2025-05-06
MediaTek Thermal Driver	Pre-ALPS09698599	Race Condition → OOB Write	critical	View or Download	UNDERCODE	2025-05-06
Linkerd	< edge-25.2.1, 2.16., 2.17., 2.18.	Resource exhaustion	moderate	View or Download	UNDERCODE	2025-05-06
Inspektor Gadget	0.31.0-0.40.0	Policy Bypass	moderate	View or Download	UNDERCODE	2025-05-06
Langroid	<0.53.4	XXE Injection	high	View or Download	UNDERCODE	2025-05-05
league/commonmark	1.5.0 - 2.6.x	XSS bypass	critical	View or Download	UNDERCODE	2025-05-05
macOS/iOS/tvOS/visionOS	Sequoia 15.4, Ventura 13.7.5, Sonoma 14.7.5	Type Confusion	critical	View or Download	UNDERCODE	2025-05-05
Apple OS Family	Pre-Sequoia 15.4, Pre-Sonoma 14.7.5	Integer Overflow	medium	View or Download	UNDERCODE	2025-05-05
Apache Tomcat	9.0.76–11.0.5	Memory leak	high	View or Download	UNDERCODE	2025-05-05
Apple OS Stack	iOS <18.4, macOS <15.4	Null Dereference	medium	View or Download	UNDERCODE	2025-05-05
Apache Tomcat	9.0.0.M1-9.0.102	Rule bypass	critical	View or Download	UNDERCODE	2025-05-05
Snipe-IT	<8.1.0	Incorrect Authorization	moderate	View or Download	UNDERCODE	2025-05-05
OpenVM	Pre-0f94c8a	Integer Overflow	critical	View or Download	UNDERCODE	2025-05-05
WSO2 API Manager	4.2.0 and prior	XXE Injection	critical	View or Download	UNDERCODE	2025-05-05
Craft CMS	4.0.0-RC1 - 5.6.14	SSTI → RCE	critical	View or Download	UNDERCODE	2025-05-05
MobSF	<= v4.3.2	ZIP Bomb	critical	View or Download	UNDERCODE	2025-05-05
Adobe Media Encoder	≤25.1, ≤24.6.4	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-05-05
Adobe Bridge	14.1.5, 15.0.2	Heap overflow	critical	View or Download	UNDERCODE	2025-05-05
Adobe Photoshop	≤25.12.1, ≤26.4.1	Heap Overflow	critical	View or Download	UNDERCODE	2025-05-05
Adobe Premiere Pro	25.1, 24.6.4	Heap Overflow	critical	View or Download	UNDERCODE	2025-05-05
Adobe Media Encoder	25.1, 24.6.4	Heap overflow	critical	View or Download	UNDERCODE	2025-05-05
KeystoneJS	<6.5.0	Filter bypass	medium	View or Download	UNDERCODE	2025-05-05
Browser_use module	Pre-patch	Whitelist bypass	critical	View or Download	UNDERCODE	2025-05-05
Browser Use	≤0.1.45	URL parsing bypass	critical	View or Download	UNDERCODE	2025-05-03
Rust Crate	<0.4.4	Type Confusion	low	View or Download	UNDERCODE	2025-05-05
Misskey	Affects versions < X.X.X	Logic Bypass	medium	View or Download	UNDERCODE	2025-05-05
Adobe ColdFusion	2023.12/2021.18/2025.0	Path Traversal	critical	View or Download	UNDERCODE	2025-05-05
GymXmjpa	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-01-12
liujianview gymxmjpa	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-01-12
Liujianview Gymxmjpa	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-01-12
Fanli2012 native-php-cms	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-05
MobSF	<=4.3.2	Stored XSS	high	View or Download	UNDERCODE	2025-05-05
Joomla	< 3.7.5	SVG sanitization bypass	medium	View or Download	UNDERCODE	2023-02-28
Keycloak	Affects multiple	2FA Bypass	moderate	View or Download	UNDERCODE	2025-04-29
FeMiner wms	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-02
XWiki	1.8.1 to 16.7.0	Missing Authorization	moderate	View or Download	UNDERCODE	2025-04-30
Cloudflare Workers	< 0.0.5	PKCE bypass	moderate	View or Download	UNDERCODE	2025-05-04
Keycloak	Affects v21.0.0 - v22.1.1	Hostname verification bypass	high	View or Download	UNDERCODE	2025-04-29
Cloudflare Workers	Pre-fix commit	Redirect URI Bypass	critical	View or Download	UNDERCODE	2023-03-15
Cloudflare Workers	<0.0.5	PKCE Bypass	critical	View or Download	UNDERCODE	2025-05-04
Open Policy Agent	<1.4.0	Code Injection	critical	View or Download	UNDERCODE	2024-01-01
OpenFGA	1.3.6 - 1.8.10	Auth Bypass	critical	View or Download	UNDERCODE	2025-04-30
XWiki	8.2 - 8.8	XSS via Markdown	critical	View or Download	UNDERCODE	2025-05-04
Cloudflare Workers	MCP Framework	PKCE Bypass	moderate	View or Download	UNDERCODE	2025-05-04
Hashicorp Vault	< 1.19.3	Information Disclosure	moderate	View or Download	UNDERCODE	2025-05-04
ADOdb	<5.22.9	SQL Injection	critical	View or Download	UNDERCODE	2025-05-04
Vercel Flags SDK	≤3.2.0, ≤3.1.1	Information Disclosure	medium	View or Download	UNDERCODE	2025-05-04
Vite	<=6.3.3, <=6.2.6, <=6.1.5, <=5.4.18, <=4.5.13	Directory Traversal	critical	View or Download	UNDERCODE	2025-05-04
FeMiner WMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-05-02
Volcano Scheduler	Pre-patch versions	Unbounded response DoS	high	View or Download	UNDERCODE	2025-04-30
Rust crate	<0.4.0	Bounds bypass	moderate	View or Download	UNDERCODE	2025-04-30
Jenkins/ssh-agent	≤6.11.1	SSH key reuse	critical	View or Download	UNDERCODE	2025-04-10
ShowDoc	< 2.8.7	Unrestricted file upload	critical	View or Download	UNDERCODE	2025-05-04
XWiki	<15.10.9, <16.3.0RC1	Authentication Bypass	medium	View or Download	UNDERCODE	2025-05-04
Hashicorp Vault	1.10.0-1.19.0	Auth Bypass	moderate	View or Download	UNDERCODE	2025-05-04
CryptoCoinJS base-x	<=5.0.0, <=4.0.0, <=3.0.10	Homograph bypass	critical	View or Download	UNDERCODE	2025-05-04
XWiki	<15.10.14, <16.4.6, <16.10.0	Information Disclosure	medium	View or Download	UNDERCODE	2025-04-30
cFS/CryptoLib	≤1.3.3	Memory leak	medium	View or Download	UNDERCODE	2025-04-30
OpenEMR	<7.0.3.1	OOB SSRF	medium	View or Download	UNDERCODE	2025-04-30
XWiki Platform	<15.10.14	Access Bypass	critical	View or Download	UNDERCODE	2025-03-19
XWiki	5.0-16.7.1	Information Disclosure	medium	View or Download	UNDERCODE	2025-04-16
CryptoLib	<=1.3.3	Heap overflow	critical	View or Download	UNDERCODE	2025-03-17
WordPress	≤7.8	Stored XSS	critical	View or Download	UNDERCODE	2025-04-22
XWiki	1.8 - 15.10.15, 16.4.5, 16.10.0	Blind SQL Injection	critical	View or Download	UNDERCODE	2025-04-30
Weblate	< 5.11	Credential Disclosure	critical	View or Download	UNDERCODE	2025-04-15
Tenda AC9	V15.03.05.14_multi	Stack Overflow	critical	View or Download	UNDERCODE	2025-04-23
OpenEMR	<7.0.3	Reflected XSS	medium	View or Download	UNDERCODE	2025-04-30
Tenda AC9 Router	V15.03.05.14_multi	Stack Overflow	critical	View or Download	UNDERCODE	2025-04-23
Dify	<0.6.12	Access Bypass	medium	View or Download	UNDERCODE	2025-04-18
XWiki	1.6-milestone-1 to 16.10.0	Blind SQL Injection	critical	View or Download	UNDERCODE	2025-04-23
Node.js	12.x-16.x	RCE via HTTP/2	critical	View or Download	UNDERCODE	2021-09-29
Adobe Commerce	≤ 2.4.8-beta2	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-30
Dell SCG Appliance	5.26	Information Exposure	high	View or Download	UNDERCODE	2025-04-30
WordPress	≤ 45.10.0	Stored XSS	critical	View or Download	UNDERCODE	2025-04-30
WordPress	≤1.6.3.2	SQL Injection	critical	View or Download	UNDERCODE	2025-04-30
WordPress	≤2.2.2	Stored XSS	critical	View or Download	UNDERCODE	2025-04-30
AngularJS	All versions	SVG sanitization bypass	low	View or Download	UNDERCODE	2025-04-30
Adobe Commerce	<=2.4.8-beta2	CSRF to DoS	medium	View or Download	UNDERCODE	2025-04-30
CodeProjects ORMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-30
Apache OFBiz	< 18.12.19	Stored XSS	critical	View or Download	UNDERCODE	2025-04-29
Fanli2012 native-php-cms	1.0	Default Credentials	critical	View or Download	UNDERCODE	2025-04-29
PCMan FTP Server	2.0.7	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-29
PHPGurukul Rail Pass	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-29
SourceCodester	1.1	SQL Injection	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-30
WuzhiCMS	4.1	Code Injection	critical	View or Download	UNDERCODE	2025-04-29
WordPress	<2.94.9	Stored XSS	mediumh2stylecolorblue	View or Download	UNDERCODE	2025-04-03
1000 Projects CMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-29
Apple OS	macOS Sequoia <15.4, Ventura <13.7.5, Sonoma <14.7.5	Authentication Bypass	critical	View or Download	UNDERCODE	2025-04-29
Apple OS stack	iOS 18.3, macOS 13.7.5	Null pointer dereference	medium	View or Download	UNDERCODE	2025-04-29
Oracle Argus Safety	8.2.3	CSRF	medium	View or Download	UNDERCODE	2025-04-29
Apple OS (macOS/iOS/tvOS/visionOS)	Sequoia 15.4, Ventura 13.7.5, Sonoma 14.7.5, iOS/iPadOS 17.7.6/18.4	Local Network Information Leak	critical	View or Download	UNDERCODE	2025-04-29
macOS/tvOS/iOS/visionOS	Sequoia 15.4, Ventura 13.7.5, Sonoma 14.7.5, iOS/iPadOS 17.7.6/18.4	DoS via network packet	medium	View or Download	UNDERCODE	2025-04-29
Oracle Communications	7.4.0-7.5.0	Access Control Bypass	medium	View or Download	UNDERCODE	2025-04-29
Apple OS	macOS Sequoia 15.4, Ventura 13.7.5, Sonoma 14.7.5	Use-after-free	critical	View or Download	UNDERCODE	2025-04-29
macOS / Apple OS	Sequoia 15.4, Ventura 13.7.5, Sonoma 14.7.5	Unauthenticated AirPlay Execution	critical	View or Download	UNDERCODE	2025-04-29
Oracle Java SE	8u441, 11.0.26, 17.0.14, 21.0.6, 24	TLS/SSL Handshake Bypass	critical	View or Download	UNDERCODE	2025-04-30
Oracle VM VirtualBox	<7.0.24, <7.1.6	Privilege Escalation	high	View or Download	UNDERCODE	2025-04-30
Oracle E-Business Suite	12.2.5-12.2.14	DoS via HTTP	high	View or Download	UNDERCODE	2025-04-29
Oracle Agile PLM	9.3.6	Unauthenticated Data Access	high	View or Download	UNDERCODE	2025-04-29
Oracle Java SE	8u441, 11.0.26, 17.0.14	2D Memory Corruption	medium	View or Download	UNDERCODE	2025-04-30
Linux Kernel	Pre-5.15.137 (patched in later versions)	NULL Pointer Dereference	medium	View or Download	UNDERCODE	2025-04-16
Linux Kernel	< 6.8.3	Race Condition	critical	View or Download	UNDERCODE	2025-04-16
WordPress	≤3.4	Stored XSS	medium	View or Download	UNDERCODE	2025-04-29
Linux Kernel	<6.1.128	NULL Pointer Dereference	critical	View or Download	UNDERCODE	2025-04-16
WordPress	≤ 2.2	Stored XSS	critical	View or Download	UNDERCODE	2025-04-29
Linux Kernel	Pre-6.8.3	Stack Corruption	critical	View or Download	UNDERCODE	2025-04-16
SourceCodester	1.0	OS Command Injection	critical	View or Download	UNDERCODE	2025-04-29
Linux Kernel	Pre-5.15.120	Null Pointer Dereference	critical	View or Download	UNDERCODE	2025-04-29
Linux Kernel	< 6.12.13	Null Pointer Dereference	critical	View or Download	UNDERCODE	2025-04-29
Linux Kernel	Pre-patch versions (specific TBD)	Out-of-Bounds Read	critical	View or Download	UNDERCODE	2025-04-16
Linux Kernel	Pre-5.15.120	NULL Pointer Dereference	medium	View or Download	UNDERCODE	2025-04-16
WordPress	< 3.8.6	Stored XSS	high	View or Download	UNDERCODE	2025-04-30
Linux Kernel	pre-5.15.90	Null Dereference	critical	View or Download	UNDERCODE	2025-04-16
Linux Kernel	5.15 - 6.8	NULL Pointer Dereference	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-18
TOTOLINK X18	v9.1.0cu.2024_B20220329	Command Injection	critical	View or Download	UNDERCODE	2025-04-29
SourceCodester Church Management	1.1	SQL Injection	critical	View or Download	UNDERCODE	2025-04-29
TOTOLINK A810R	V4.1.2cu.5182_B20201026	Pre-auth RCE	critical	View or Download	UNDERCODE	2025-04-15
Linux Kernel	pre-fix versions	OOB Read	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-18
Linux Kernel	Up to 5.12.13	Use-After-Free	critical	View or Download	UNDERCODE	2021-07-20
Trendnet TEW-929DRU	1.0.0.10	Stored XSS	medium	View or Download	UNDERCODE	2025-04-30
WuzhiCMS	4.1.0	XSS	medium	View or Download	UNDERCODE	2025-04-29
TOTOLINK A800R	V4.1.2cu.5137_B20200730	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-30
Linux Kernel	Pre-6.12.0-rc4	Inode Type Validation	critical	View or Download	UNDERCODE	2025-04-18
TOTOLINK EX1200T	4.1.2cu.5232_B20210713	Pre-auth RCE	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-22
TOTOLINK EX1200T	4.1.2cu.5232_B20210713	Pre-auth RCE	critical	View or Download	UNDERCODE	2025-04-29
TOTOLINK routers	A810R V4.1.2cu.5182	RCE	critical	View or Download	UNDERCODE	2025-04-29
SourceCodester BEMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-30
Kubernetes	Kyverno <1.10.2	Policy Bypass	critical	View or Download	UNDERCODE	2025-04-29
vLLM	<= 0.4.1	DoS	critical	View or Download	UNDERCODE	2024-07-15
YesWiki	4.5.3	Reflected XSS	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-29
vLLM	Pre-32b14baf8a1f	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-04-29
YesWiki	<4.5.4	XSS	medium	View or Download	UNDERCODE	2025-04-29
Web Application	Pre-patch	Unauthenticated Backup Access	critical	View or Download	UNDERCODE	2025-04-30
Linux Kernel	Up to 6.14.0-rc7	NULL Pointer Dereference	critical	View or Download	UNDERCODE	2025-04-29
Apache Tomcat	9.0.76-102	Memory leak	moderate	View or Download	UNDERCODE	2025-04-28
CodeZips Gym Management	v1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-29
CryptoLib	≤1.3.3	Heap Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-29
vLLM	Multi-node deployments	ZeroMQ data exposure	high	View or Download	UNDERCODE	2025-04-29
Apache Tomcat	9.0.76-9.0.102	Rewrite bypass	low	View or Download	UNDERCODE	2025-04-29
YesWiki	<4.5.4	Reflected XSS	medium	View or Download	UNDERCODE	2025-04-29
Web Application	v2.5.1	Stored XSS	critical	View or Download	UNDERCODE	2023-10-15
Linux Kernel	Pre-patch versions	NULL ptr dereference	medium	View or Download	UNDERCODE	2025-04-29
Linux Kernel	5.10+	Array bounds violation	mediumh2stylecolorblue	View or Download	UNDERCODE	2025-04-18
YesWiki	Latest	Arbitrary File Write → RCE	critical	View or Download	UNDERCODE	2025-04-29
AWorld OS	<= 8c257626e648	OS Command Injection	critical	View or Download	UNDERCODE	2025-04-29
Open5GS	2.7.2	AMF state machine crash	critical	View or Download	UNDERCODE	2025-04-29
WordPress	≤1.0	CSRF→Stored XSS	medium	View or Download	UNDERCODE	2025-04-29
Ethereum Smart Contract	4.8.0 - 4.28.1	Allowlist Bypass	critical	View or Download	UNDERCODE	2025-04-29
OS4ED openSIS	7.0 - 9.1	SQL Injection	critical	View or Download	UNDERCODE	2025-04-29
Linux Kernel	Pre-patch versions	Out-of-bounds stack access	medium	View or Download	UNDERCODE	2025-04-29
Jenkins	<= 2.503 / <= 2.492.2 (LTS)	Missing permission check	critical	View or Download	UNDERCODE	2025-04-29
XWiki Platform	15.9-16.2	Rights Bypass	critical	View or Download	UNDERCODE	2025-04-29
Node.js	2.1.0-3.5.2	Filename Guessing	lowh2stylecolorblue	View or Download	UNDERCODE	2025-04-29
OS4ED openSIS	7.0 to 9.1	SQL Injection	critical	View or Download	UNDERCODE	2025-04-29
Linux Kernel	< 6.8.3	OOB Read	medium	View or Download	UNDERCODE	2025-04-29
BL-AC2100	<=V1.0.4	RCE	critical	View or Download	UNDERCODE	2025-04-29
BL-AC2100	≤ V1.0.4	RCE	critical	View or Download	UNDERCODE	2025-04-29
Jenkins	≤ 2.503 / ≤ 2.492.2 (LTS)	Missing Permission Check	medium	View or Download	UNDERCODE	2025-04-29
Jenkins	<= 2.5.3	Sandbox bypass	critical	View or Download	UNDERCODE	2025-04-29
XWiki Platform	13.5-rc-1 to 15.10.12	Open Redirect	moderate	View or Download	UNDERCODE	2025-04-29
XWiki	<15.10.13, <16.4.4	Privilege Escalation	medium	View or Download	UNDERCODE	2025-04-29
XWiki	15.10.0-16.7.0	Cache-clearing bypass	low	View or Download	UNDERCODE	2025-04-29
Craft CMS	3.0.0-5.6.16	Remote Code Execution	critical	View or Download	UNDERCODE	2025-04-28
n8n	<1.32.2	MIME confusion	critical	View or Download	UNDERCODE	2023-10-31
Spring Boot	<=2.7.24.2, 3.1.0-3.1.15.2, 3.2.0-3.2.13.2, 3.3.0-3.3.10, 3.4.0-3.4.4	Security Bypass	high	View or Download	UNDERCODE	2025-04-28
Apereo CAS	<= 5.2.6	Code Injection	critical	View or Download	UNDERCODE	2025-04-28
Snowflake Go Driver	1.7.0 - 1.13.2	TOCTOU race condition	medium	View or Download	UNDERCODE	2025-04-28
Snowflake Connector	2.1.2 - 4.4.0	TOCTOU race condition	medium	View or Download	UNDERCODE	2025-04-28
PHPGurukul	Pre-School Enrollment	Directory Traversal	critical	View or Download	UNDERCODE	2025-04-28
Adobe InDesign	ID20.1, ID19.5.2 (earlier)	Heap Overflow	critical	View or Download	UNDERCODE	2025-04-28
Adobe InDesign	ID20.1, ID19.5.2	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-04-28
Substance3D Designer	≤ 14.1	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-04-28
Substance3D Designer	≤ 14.1	Heap Overflow	critical	View or Download	UNDERCODE	2025-04-28
Adobe InDesign	ID20.1, ID19.5.2 (and earlier)	Out-of-bounds write	critical	View or Download	UNDERCODE	2025-04-28
Linux Kernel	Pre-patch versions	Out-of-bounds stack read	medium	View or Download	UNDERCODE	2025-04-18
Linux Kernel	Pre-6.8	Use-After-Free	critical	View or Download	UNDERCODE	2025-04-25
Linux Kernel	Pre-5.15.120	Use-After-Free	critical	View or Download	UNDERCODE	2025-04-25
Linux Kernel	Pre-6.14.0-rc4	Use-After-Free	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-16
Linux Kernel	Pre-5.15.123	Use-After-Free	critical	View or Download	UNDERCODE	2025-04-25
Linux Kernel	Pre-patch ksmbd	Use-After-Free	critical	View or Download	UNDERCODE	2025-04-25
Moodle	<4.1.18, 4.3.0-beta to <4.3.12, 4.4.0-beta to <4.4.8, 4.5.0-beta to <4.5.4	IDOR	moderate	View or Download	UNDERCODE	2025-04-25
Moodle	<4.1.18, 4.3.0-4.3.11, 4.4.0-4.4.7, 4.5.0-4.5.3	Reflected XSS	moderate	View or Download	UNDERCODE	2025-04-25
Moodle LMS	<4.1.18, 4.3.0-4.3.11, 4.4.0-4.4.7, 4.5.0-4.5.3	Remote Code Execution	high	View or Download	UNDERCODE	2025-04-25
Erick xmall	v1.1 and prior	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-25
Twonav	2.1.18-20241105	Information Disclosure	medium	View or Download	UNDERCODE	2025-04-25
Moodle LMS	<4.1.18, 4.3.0-4.3.11, 4.4.0-4.4.7, 4.5.0-4.5.3	CSRF tour duplication	low	View or Download	UNDERCODE	2025-04-25
Moodle	<4.1.18, 4.3.0-4.3.11, 4.4.0-4.4.7, 4.5.0-4.5.3	CSRF token leak	low	View or Download	UNDERCODE	2025-04-25
MyBB	1.8.38	Information Disclosure	medium	View or Download	UNDERCODE	2025-04-25
DragonflyDB	<1.27.0	DoS via Redis command	medium	View or Download	UNDERCODE	2025-04-25
Moodle	<4.1.18, 4.3.0-4.3.11, 4.4.0-4.4.7, 4.5.0-4.5.3	IDOR	moderate	View or Download	UNDERCODE	2025-04-25
JetBrains RubyMine	< 2025.1	Remote Code Execution	critical	View or Download	UNDERCODE	2025-04-25
JEEWMS	3.7	Zip Slip → RCE	critical	View or Download	UNDERCODE	2025-04-25
Moodle LMS	<4.3.0	Unauthenticated data exposure	high	View or Download	UNDERCODE	2025-04-25
GraphQL Armor	<1.7.2	Cost Limit Bypass	critical	View or Download	UNDERCODE	2025-04-25
Rancher	<2.11.1, <2.10.5, <2.9.9	Privilege Escalation	critical	View or Download	UNDERCODE	2023-01-01
Steve	<v0.2.1, v0.3.3, v0.4.4, v0.5.13	TLS bypass	critical	View or Download	UNDERCODE	2025-04-25
Fleet	< v0.10.12	MitM via SSH	critical	View or Download	UNDERCODE	2025-04-25
Craft CMS	3.0.0-RC1 to 5.6.16	Remote Code Execution	critical	View or Download	UNDERCODE	2025-04-25
code-projects	1.0	Stored XSS	critical	View or Download	UNDERCODE	2025-04-24
GNU Mailman (cPanel/WHM)	2.1.39	Directory Traversal	critical	View or Download	UNDERCODE	2025-04-24
cPanel/WHM	GNU Mailman 2.1.39	Command Injection	critical	View or Download	UNDERCODE	2025-04-24
React-Router	7.5.0	SSRF	critical	View or Download	UNDERCODE	2024-03-15
React-Router	7.5.0	Cache Poisoning	critical	View or Download	UNDERCODE	2024-04-25
Mattermost	10.4.x ≤ 10.4.2, 10.5.x ≤ 10.5.0, 9.11.x ≤ 9.11.10	Improper Input Validation	moderate	View or Download	UNDERCODE	2025-04-24
Infodraw MRS	7.1.0.0	Directory Traversal	critical	View or Download	UNDERCODE	2025-04-24
h11	≤ 0.14.0	Request Smuggling	critical	View or Download	UNDERCODE	2025-01-09
SourceCodester Pharmacy System	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-04-24
SourceCodester	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-04-24
Mattermost	10.4.0-10.4.2	Improper Access Control	low	View or Download	UNDERCODE	2025-04-24
Mattermost	10.4.0-10.4.2	DoS via task actions	moderate	View or Download	UNDERCODE	2025-04-24
Python	<0.0.25	DNS Exfiltration	moderate	View or Download	UNDERCODE	2025-04-24
TP-Link M7000	1.0.7	SQL Injection	critical	View or Download	UNDERCODE	2025-04-24
TP-Link M7200	1.0.7	SQL Injection	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-04-24
Seven Bears CMS	2023	SSRF	medium	View or Download	UNDERCODE	2025-04-24
Codezips Gym Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-23
LMDeploy	<= 0.7.1	Deserialization RCE	critical	View or Download	UNDERCODE	2025-04-03
PCMan FTP	2.0.7	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-23
pgAdmin	<= 9.1	Stored XSS	medium	View or Download	UNDERCODE	2025-04-23
TP-Link EAP120	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-24
TP-Link TL-WR840N	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-24
PbootCMS	3.2.5	SSRF	medium	View or Download	UNDERCODE	2025-04-23
NodeBB	≤4.0.4	Stored XSS	critical	View or Download	UNDERCODE	2025-04-23
BaseWeb JSite	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-04-23
SourceCodester	1.0	Unrestricted Upload	critical	View or Download	UNDERCODE	2025-04-23
SourceCodester CMS	1.0	Stored XSS	critical	View or Download	UNDERCODE	2025-04-23
Nagios Log Server	2024R1.3.1	Stored XSS	critical	View or Download	UNDERCODE	2025-04-23
WordPress	≤ 3.1.1	PHP Object Injection	critical	View or Download	UNDERCODE	2025-04-23
SourceCodester CMS	1.0	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-04-23
WordPress	≤ 3.1.1	Arbitrary Shortcode Execution	critical	View or Download	UNDERCODE	2025-04-24
WordPress	≤ 3.1.1	Reflected XSS	medium	View or Download	UNDERCODE	2025-04-23
Adobe ColdFusion	2023.12, 2021.18, 2025.0	Improper Input Validation	critical	View or Download	UNDERCODE	2025-04-23
Shopware	<6.5.8.13	SQL Injection	critical	View or Download	UNDERCODE	2025-04-23
JetBrains Toolbox	< 2.6	Unencrypted SSH transmission	critical	View or Download	UNDERCODE	2025-04-23
JetBrains Toolbox App	< 2.6	Missing SSH host verification	critical	View or Download	UNDERCODE	2025-04-17
LMDeploy	<= 0.7.1	Code Injection	critical	View or Download	UNDERCODE	2025-04-23
Tencent SuperSonic	≤ 0.9.8	Code Injection	critical	View or Download	UNDERCODE	2025-04-23
Online Lawyer Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-23
AdminTwo	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-04-23
ZZCMS	2025	XSS	medium	View or Download	UNDERCODE	2025-04-23
Library Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-23
uTLS	<1.7.0	TLS downgrade bypass	moderate	View or Download	UNDERCODE	2025-04-23
XWiki	<16.10.1, <16.4.6, <15.10.16	HQL Injection	critical	View or Download	UNDERCODE	2025-04-23
Laravel Starter	11.11.0	Stored XSS	moderate	View or Download	UNDERCODE	2025-04-22
CUBA Platform	<7.2.7	Stored XSS	moderate	View or Download	UNDERCODE	2025-04-22
Jmix Framework	1.0.0-1.6.1, 2.0.0-2.3.0	DoS via file upload	moderate	View or Download	UNDERCODE	2025-04-22
Jmix	<1.6.2, <2.4.0	Content-Type Manipulation	medium	View or Download	UNDERCODE	2023-10-15
CUBA Platform	<1.1.1	XSS	moderateh2stylecolorblue	View or Download	UNDERCODE	2025-04-22
Jmix LocalFS	1.0.0 - 1.6.1, 2.0.0 - 2.3.9	Path Traversal	moderate	View or Download	UNDERCODE	2025-04-22
Wazuh	v4.9.0	RCE via deserialization	critical	View or Download	UNDERCODE	2025-04-22
OctoPrint	<=1.10.3	Auth bypass	medium	View or Download	UNDERCODE	2025-04-22
Crawl4AI	<=0.4.247	SSRF	moderate	View or Download	UNDERCODE	2025-04-21
libxml2	<2.13.8, <2.14.2	Heap buffer under-read	low	View or Download	UNDERCODE	2025-03-15
Alkacon OpenCMS	v17.0	Stored XSS	moderate	View or Download	UNDERCODE	2025-04-21
GoBGP	< 3.35.0	FlowSpec parser crash	moderate	View or Download	UNDERCODE	2025-04-21
GoBGP	< 3.35.0	Null pointer dereference	high	View or Download	UNDERCODE	2025-04-21
GoBGP	< 3.35.0	Input length validation	moderate	View or Download	UNDERCODE	2025-04-21
one-api	≤ 0.6.10	Stored XSS	moderate	View or Download	UNDERCODE	2025-04-19
OpenCMS	17.0	Stored XSS	moderate	View or Download	UNDERCODE	2025-04-21
QMarkdown (quasar-ui-qmarkdown)	< 2.0.5	XSS via headers	moderate	View or Download	UNDERCODE	2025-04-21
Cilium	v1.15.0-v1.17.2	Race Condition	critical	View or Download	UNDERCODE	2025-04-21
MCMS	5.4.3	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-04-21
Amazon.IonDotnet	<=1.3.0	Infinite Loop DoS	medium	View or Download	UNDERCODE	2025-04-21
Traefik	<2.10.0	Path Traversal Bypass	critical	View or Download	UNDERCODE	2025-04-21
Traefik	< 1.23.8	HTTP Request Smuggling	critical	View or Download	UNDERCODE	2025-04-18
Windows	MMC 5.0+	Security Bypass	critical	View or Download	UNDERCODE	2025-04-17
libming	0.4.8	Memory Leak	medium	View or Download	UNDERCODE	2025-04-17
libming	0.4.8	Memory leak	medium	View or Download	UNDERCODE	2025-04-17
Windows	10/11, Server 2019/2022	Use-After-Free (UAF)	critical	View or Download	UNDERCODE	2025-04-17
Rasa Pro	3.9.0–3.12.5	Missing Authentication	moderate	View or Download	UNDERCODE	2025-04-17
libming	0.4.8	Memory leak	critical	View or Download	UNDERCODE	2025-02-20
Adobe Commerce	≤2.4.8-beta1	Access Bypass	critical	View or Download	UNDERCODE	2025-04-18
Adobe Commerce	≤ 2.4.8-beta1	Authorization Bypass	medium	View or Download	UNDERCODE	2025-04-18
Adobe Commerce	≤2.4.8-beta1	Path Traversal	critical	View or Download	UNDERCODE	2025-03-17
Jenkins	≤4.0.0-282.v5096a_c2db_275	Plaintext API Key Storage	medium	View or Download	UNDERCODE	2025-04-17
Netis WF-2404	1.1.124EN	Default password	critical	View or Download	UNDERCODE	2025-04-17
Jenkins	≤1.0.6	Plaintext API Key Storage	medium	View or Download	UNDERCODE	2025-04-17
Jenkins	≤ 0.1.1	Sensitive Data Exposure	medium	View or Download	UNDERCODE	2025-04-17
HDF5	≤1.14.6	Null dereference	medium	View or Download	UNDERCODE	2025-04-17
Jenkins	≤1.4.6	CSRF	medium	View or Download	UNDERCODE	2025-04-17
Jenkins	monitor-remote-job Plugin 1.0	Plaintext Password Storage	critical	View or Download	UNDERCODE	2025-04-17
Netis WF-2404	1.1.124EN	UART debug abuse	critical	View or Download	UNDERCODE	2025-04-17
HDF5	≤1.14.6	Heap overflow	medium	View or Download	UNDERCODE	2025-04-17
Assimp	5.4.3	Out-of-bounds read	critical	View or Download	UNDERCODE	2025-04-17
HDF5	≤1.14.6	Double Free	medium	View or Download	UNDERCODE	2025-04-17
go-git	< v5.13	DoS via crafted Git responses	critical	View or Download	UNDERCODE	2025-04-16
Online Book Shop	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-16
Facebook Platform	-	Client-Side Verification Bypass	Medium	View or Download	UNDERCODE	2025-04-17
XWiki Platform	5.0 - 16.7.1	Information Disclosure	moderate	View or Download	UNDERCODE	2025-04-16
Backstage	<0.6.0	Policy info leak	moderate	View or Download	UNDERCODE	2025-04-16
Node.js	<2.0.9, 3.x<3.0.5	Improper Body Parsing	moderate	View or Download	UNDERCODE	2025-04-16
Adobe Commerce	≤ 2.4.8-beta1	Incorrect Authorization	critical	View or Download	UNDERCODE	2025-04-16
Adobe Commerce	≤ 2.4.8-beta1	Improper Access Control	medium	View or Download	UNDERCODE	2025-04-16
Node.js	< 2.0.8, 3.0.0-3.0.3	Double write	moderate	View or Download	UNDERCODE	2025-04-16
Adobe Commerce	≤2.4.8-beta1	TOCTOU bypass	critical	View or Download	UNDERCODE	2025-04-15
Mattermost	<2.1.0 / 10.5.1	Timing Attack	moderate	View or Download	UNDERCODE	2025-04-16
Mattermost	10.5.0-10.5.1	Incorrect Authorization	low	View or Download	UNDERCODE	2025-04-16
Kubernetes (Kyverno)	<1.10.2	SSRF	critical	View or Download	UNDERCODE	2025-04-15
PwnDoc	<1.2.0	Path Traversal→RCE	critical	View or Download	UNDERCODE	2025-04-15
PwnDoc	<1.2.0	Path Traversal → RCE	critical	View or Download	UNDERCODE	2025-04-15
Adobe After Effects	≤25.1, ≤24.6.4	OOB Read	critical	View or Download	UNDERCODE	2025-04-15
Adobe Animate	≤24.0.7, ≤23.0.10	OOB Read	critical	View or Download	UNDERCODE	2025-04-15
Adobe Animate	≤24.0.7, ≤23.0.10	Out-of-Bounds Read	critical	View or Download	UNDERCODE	2025-04-15
Adobe ColdFusion	2023.12/2021.18/2025.0	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-04-15
07FLYCMS	1.3.9	CSRF → RCE	critical	View or Download	UNDERCODE	2025-04-15
WordPress Plugin	≤ 25.1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-15
Adobe ColdFusion	2023.12, 2021.18, 2025.0	RCE via Input Validation	critical	View or Download	UNDERCODE	2025-04-15
TRENDnet routers	1.2.7/1.3.0.106	Null pointer dereference	medium	View or Download	UNDERCODE	2025-04-15
CodeAstro Car Rental	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-03
PyTorch	2.6.0+cu124	DoS	medium	View or Download	UNDERCODE	2025-04-15
MannaAndPoem OpenManus	<= 2025.3.13	Improper Access Control	medium	View or Download	UNDERCODE	2025-04-15
Bluestar Micro Mall	1.0	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-04-15
Linux Kernel	Up to 6.13.0-rc7	Race Condition	medium	View or Download	UNDERCODE	2025-04-15
Linux Kernel	Pre-patch versions with PowerVR DRM driver	Deadlock in fence release	critical	View or Download	UNDERCODE	2025-04-15
Linux Kernel	Pre-patch versions	Use-After-Free (UAF)	critical	View or Download	UNDERCODE	2025-04-15
libheif	1.19.7	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-15
Linux	libbpf 1.5.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-15
Zammad	6.4.x <6.4.2	2FA bypass	critical	View or Download	UNDERCODE	2025-04-15
Zammad	6.4.x (<6.4.2)	Information Exposure	medium	View or Download	UNDERCODE	2025-04-05
Drupal	8.0.0–11.1.2	Stored XSS	critical	View or Download	UNDERCODE	2025-04-15
StudentServlet-JSP	Rolling release	XSS	medium	View or Download	UNDERCODE	2025-04-15
Drupal AI	<1.0.5	Command Injection	critical	View or Download	UNDERCODE	2025-04-15
jQuery-Validation	<1.20.0	XSS via `showLabel()`	moderate	View or Download	UNDERCODE	2025-04-15
macOS	Ventura <13.7.5, Sequoia <15.4, Sonoma <14.7.5	Privacy bypass	critical	View or Download	UNDERCODE	2025-04-15
PbootCMS	3.2.9	Stored XSS	critical	View or Download	UNDERCODE	2025-04-15
BlueCMS	1.6	Arbitrary File Deletion	critical	View or Download	UNDERCODE	2025-04-15
Adobe ColdFusion	2023.12/2021.18/2025.0	Deserialization RCE	critical	View or Download	UNDERCODE	2025-04-15
Weblate	(Affected versions)	Credential Leak via URL	critical	View or Download	UNDERCODE	2025-04-04
Adobe ColdFusion	2023.12, 2021.18, 2025.0	Improper Authentication	critical	View or Download	UNDERCODE	2025-04-15
Projectworlds Online Booking	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-15
Adobe ColdFusion	2023.12, 2021.18, 2025.0	Deserialization RCE	critical	View or Download	UNDERCODE	2025-04-15
ProjectWorlds Online Doctor	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-15
Apache Camel	4.8.0-4.8.5, 4.10.0-4.10.2	Header Injection	critical	View or Download	UNDERCODE	2025-04-15
D-LINK DI-8100	16.07.26A1	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-15
Online Doctor Appointment Booking System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-15
Online Doctor Booking	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-15
jsonschema2pojo	<= 1.2.2	Buffer Overflow	moderate	View or Download	UNDERCODE	2025-04-14
Mattermost	10.5.0-10.5.1, 9.11.0-9.11.9	Auth bypass	moderate	View or Download	UNDERCODE	2025-04-14
Pleezer	<0.16.0	Zombie process leak	medium	View or Download	UNDERCODE	2025-04-14
CefSharp/Chrome	< 134.0.6998.177	Sandbox Escape	high	View or Download	UNDERCODE	2025-04-12
Jupyter Remote Desktop	3.0.0+	Network Exposure	critical	View or Download	UNDERCODE	2025-04-12
Formie	<2.1.44	Stored XSS	medium	View or Download	UNDERCODE	2025-04-11
Mattermost	9.11.0-9.11.8	Improper Access Control	low	View or Download	UNDERCODE	2025-04-11
SurrealDB	<2.0.5, <2.1.5, <2.2.2	SurrealQL Injection	critical	View or Download	UNDERCODE	2024-03-15
SurrealDB	<2.0.5, <2.1.5, <2.2.2	SSRF bypass	medium	View or Download	UNDERCODE	2025-04-11
SurrealDB	<2.0.5, <2.1.5, <2.2.2	DoS via CPU exhaustion	high	View or Download	UNDERCODE	2025-04-11
SurrealDB	<2.0.5, <2.1.5, <2.2.2	Memory exhaustion	high	View or Download	UNDERCODE	2025-04-11
Vite (Node/Bun)	<5.0.0	Directory Traversal	critical	View or Download	UNDERCODE	2023-08-22
SurrealDB	<2.2.2, <2.1.5, <2.0.5	Null Byte DoS	critical	View or Download	UNDERCODE	2025-04-10
SurrealDB	< 2.1.5	Arbitrary File Read	low	View or Download	UNDERCODE	2025-04-10
Linux Kernel	QAIC driver (pre-patch)	Integer Overflow	critical	View or Download	UNDERCODE	2025-04-10
Linux Kernel	Pre-patch versions	Integer Overflow	critical	View or Download	UNDERCODE	2025-04-10
Linux Kernel	Pre-5.15.120	Out-of-Bound Read	medium	View or Download	UNDERCODE	2025-04-10
Linux Kernel	<6.8.3	Memory leak	high	View or Download	UNDERCODE	2025-04-10
Linux Kernel	Pre-5.15.120	Race Condition	critical	View or Download	UNDERCODE	2025-04-10
Linux Kernel	Pre-patch versions	IPv6 memory leak	medium	View or Download	UNDERCODE	2025-04-10
Linux Kernel	Up to 6.13.3	NULL Pointer Dereference	critical	View or Download	UNDERCODE	2025-04-10
Linux Kernel	v5.10-v6.6	Race Condition	critical	View or Download	UNDERCODE	2025-04-10
WeGIA	< 3.2.6	Auth Bypass	critical	View or Download	UNDERCODE	2025-04-10
WordPress	≤2.6.22	Stored XSS	medium	View or Download	UNDERCODE	2025-04-10
WeGIA	<3.2.6	Stored XSS	medium	View or Download	UNDERCODE	2025-04-10
WeGIA	<3.2.8	SQL Injection	critical	View or Download	UNDERCODE	2025-04-10
WeGIA	<3.2.8	Stored XSS	medium	View or Download	UNDERCODE	2025-04-10
HCL DevOps Deploy	Pre-10.1.2	Authentication Bypass	critical	View or Download	UNDERCODE	2025-04-10
Rust	0.5.12-0.5.14	Double-free	moderate	View or Download	UNDERCODE	2025-04-10
WordPress	≤1.5.142	Stored XSS	medium	View or Download	UNDERCODE	2025-04-10
Umbraco CMS	9.x, 10.x	Stored XSS	critical	View or Download	UNDERCODE	2023-05-15
Apache POI	<5.4.0	Improper Input Validation	moderate	View or Download	UNDERCODE	2025-04-10
Helm	<3.17.3	Stack Overflow	critical	View or Download	UNDERCODE	2025-04-10
Helm	<3.17.3	Memory exhaustion	critical	View or Download	UNDERCODE	2024-04-10
Linux Kernel	Pre-5.15.120	Race Condition	medium	View or Download	UNDERCODE	2025-04-10
Linux Kernel	BCM2711 devices	Power domain conflict	medium	View or Download	UNDERCODE	2025-04-10
Apache Pulsar	<3.0.11, <3.3.6, <4.0.4	Info leak via logs	moderate	View or Download	UNDERCODE	2025-04-10
Ibexa CMS	Pre-patch	XXE Injection	critical	View or Download	UNDERCODE	2025-04-10
Tenda AC15	v15.03.05.19	Command Injection	critical	View or Download	UNDERCODE	2025-04-10
MRCMS	3.1.2	XSS	medium	View or Download	UNDERCODE	2025-04-09
MRCMS	3.1.2	Path Traversal	critical	View or Download	UNDERCODE	2025-04-09
MRCMS	3.1.2	Stored XSS	medium	View or Download	UNDERCODE	2025-04-09
WordPress	<= 12.4.05	SQL Injection	critical	View or Download	UNDERCODE	2025-04-09
SourceCodester Online Medicine Ordering System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-09
Tenda AC9	v15.03.05.19	Command Injection	critical	View or Download	UNDERCODE	2025-04-09
RE11S Router	v1.11	Command Injection	critical	View or Download	UNDERCODE	2025-04-10
RE11S	v1.11	Stack Overflow	critical	View or Download	UNDERCODE	2025-04-09
Tenda AC9	v15.03.05.19	Stack Overflow	critical	View or Download	UNDERCODE	2025-04-09
RE11S Router	v1.11	Stack Overflow	critical	View or Download	UNDERCODE	2025-04-09
YzmCMS	7.1	XSS	medium	View or Download	UNDERCODE	2025-04-09
MySQL Server	8.0.39, 8.4.2, 9.0.1 (and prior)	Thread Pooling DoS	high	View or Download	UNDERCODE	2025-04-09
Joomla	1.0.0-1.4.3	SQL Injection	critical	View or Download	UNDERCODE	2025-04-09
Device Authority	Not specified	Permission Bypass	critical	View or Download	UNDERCODE	2025-04-09
MySQL Server	8.0.40, 8.4.3, 9.1.0	Information Disclosure	low	View or Download	UNDERCODE	2025-04-09
RuoYi	4.8.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-09
SourceCodester	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-09
Awesome Surveys	≤2.0.10	Stored XSS	critical	View or Download	UNDERCODE	2025-04-09
Xgrammar	Pre-fix commits	Unbounded cache DoS	critical	View or Download	UNDERCODE	2025-04-09
WordPress	≤ 1.6	Stored XSS	medium	View or Download	UNDERCODE	2025-04-09
Elasticsearch	7.17.0 - 8.15.0	DoS via recursion	moderate	View or Download	UNDERCODE	2025-04-09
WordPress	≤ 2.0	Reflected XSS	medium	View or Download	UNDERCODE	2025-04-09
Joomla Framework	1.0.0-2.2.0, 3.0.0-3.4.0	SQL Injection	moderate	View or Download	UNDERCODE	2025-04-09
wallabag	<2.6.11	CSRF	medium	View or Download	UNDERCODE	2025-04-09
WordPress Plugins	≤1.6	Auth Bypass	critical	View or Download	UNDERCODE	2025-04-09
Skrill Official	≤1.0.65	CSRF	medium	View or Download	UNDERCODE	2025-04-09
Elasticsearch	7.17.0-8.15.0	Stack Overflow	moderate	View or Download	UNDERCODE	2025-04-09
Tendermint-rs	<= v0.40.2	Validator spoofing	critical	View or Download	UNDERCODE	2025-04-09
DotNetNuke.Core	<9.4.0	SSRF Bypass	moderate	View or Download	UNDERCODE	2025-04-09
Koa	<2.16.1, <3.0.0-alpha.5	Open Redirect	critical	View or Download	UNDERCODE	2021-08-09
bep/imagemeta	< v0.11.0	Unbounded memory allocation	medium	View or Download	UNDERCODE	2025-04-09
BentoML	<1.0.8	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-04-09
`bep/imagemeta`	`<0.10.0`	`EXIF DoS`	critical	View or Download	UNDERCODE	2025-04-09
MySQL	8.0.40, 8.4.3, 9.1.0	DoS	medium	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.40, 8.4.3, 9.1.0	InnoDB DoS	medium	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.39, 8.4.2, 9.0.1	DoS via Performance Schema	medium	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.39, 8.4.2, 9.0.1	DDL Locking Issue	medium	View or Download	UNDERCODE	2025-04-08
MySQL	<=8.0.40/8.4.3/9.1.0	Parser DoS	medium	View or Download	UNDERCODE	2025-04-08
Online Lawyer Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.39, 8.4.2, 9.0.1	Optimizer DoS	medium	View or Download	UNDERCODE	2025-04-08
MySQL	<=9.1.0	Privilege Escalation	medium	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.40, 8.4.3, 9.1.0	InnoDB Locking Race	medium	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.40, 8.4.3, 9.1.0	Privilege escalation	low	View or Download	UNDERCODE	2025-04-08
MySQL Server	<= 8.0.40, <= 8.4.3, <= 9.1.0	Packaging flaw	medium	View or Download	UNDERCODE	2025-04-08
MySQL Server	8.0.40, 8.4.3, 9.1.0 (and prior)	InnoDB DoS	medium	View or Download	UNDERCODE	2025-04-08
MySQL	≤9.1.0	Privilege Escalation	medium	View or Download	UNDERCODE	2025-04-08
SeaCMS	v13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
MySQL	≤ 9.1.0	DoS	medium	View or Download	UNDERCODE	2025-04-08
Product Management System	1.0	Stack-based buffer overflow	critical	View or Download	UNDERCODE	2025-04-08
LNbits	Pre-1.12.0	SSRF via LNURL	critical	View or Download	UNDERCODE	2025-04-06
iteaj iboot	1.1.3	Stored XSS	medium	View or Download	UNDERCODE	2025-04-08
Consumer Comanda Mobile	≤14.9.3.2/15.0.0.8	Cleartext Credential Transmission	medium	View or Download	UNDERCODE	2025-04-08
Kentico Xperience	< 13.0.178	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-04-08
iTeaj iBoot IoT Gateway	1.1.3	Stored XSS	medium	View or Download	UNDERCODE	2025-04-08
iBoot IoT Gateway	1.1.3	Improper Access Control	medium	View or Download	UNDERCODE	2025-04-08
Kenj_Frog financial system	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
Blood Bank Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
Patient Record Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
Projectworlds Online Doctor Booking	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
Patient Record Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
Code-Projects HMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
IKUN_Library	1.0	Improper Access Control	medium	View or Download	UNDERCODE	2025-04-08
SourceCodester Online Eyewear Shop	1.0	Improper Access Control	medium	View or Download	UNDERCODE	2025-04-08
WhatsApp (Windows)	<2.2450.6	Spoofing → RCE	critical	View or Download	UNDERCODE	2025-04-08
SourceCodester Online Eyewear Shop	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
SourceCodester Online Eyewear Shop	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-04-08
Shopware	<6.6.10.3, <6.5.8.17	Broken ACL	moderate	View or Download	UNDERCODE	2025-04-08
Linux Kernel	Pre-5.15.123	Race Condition	critical	View or Download	UNDERCODE	2025-04-08
Shopware	<6.6.10.3, <6.5.8.17	Email Enumeration	medium	View or Download	UNDERCODE	2025-04-08
Admin Panel	<v2.5.1	HTML Injection	medium	View or Download	UNDERCODE	2025-04-08
Google Chrome	< 133.0.6943.53	Use-after-free	high	View or Download	UNDERCODE	2025-04-08
Google Chrome	< 133.0.6943.53	Use-After-Free	high	View or Download	UNDERCODE	2025-04-08
WordPress	<3.95.0	Stored XSS	high	View or Download	UNDERCODE	2025-04-08
Online Exam Mastering System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-17
Node.js asn1.js	<1.0.4	Integer encoding flaw	medium	View or Download	UNDERCODE	2022-03-15
WordPress	≤1.1	Stored XSS	critical	View or Download	UNDERCODE	2025-04-07
Langflow	<1.3.0	Code Injection	critical	View or Download	UNDERCODE	2025-04-07
Tokio	1.44.0-1.44.1	Race condition	low	View or Download	UNDERCODE	2025-04-07
TOTOLINK EX1800T	≤9.1.0cu.2112_B20220316	Stack overflow	critical	View or Download	UNDERCODE	2025-04-07
Real Estate Property Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-17
Python	All (with pickle)	RCE via timeit	critical	View or Download	UNDERCODE	2025-04-07
Apollo Router	<1.61.2, <2.1.1	DoS via fragment reuse	high	View or Download	UNDERCODE	2025-04-07
Google Chrome	<133.0.6943.98	Use-After-Free	high	View or Download	UNDERCODE	2025-04-07
Flowise	<1.3.8	SQL Injection	critical	View or Download	UNDERCODE	2025-04-07
Google Chrome	< 133.0.6943.126	Heap Buffer Overflow	high	View or Download	UNDERCODE	2025-04-07
Python (NumPy/pickle)	Affects picklescan < v0.3.0	DNS exfiltration via pickle	critical	View or Download	UNDERCODE	2025-04-07
Apollo Router	<1.61.2, <2.1.1	DoS via fragment expansion	critical	View or Download	UNDERCODE	2025-04-07
Apollo Router	<1.61.2, <2.1.1	Integer Overflow	critical	View or Download	UNDERCODE	2025-04-07
Node.js	<3.3.3	Prototype Pollution	moderate	View or Download	UNDERCODE	2025-04-07
Google Chrome	< 133.0.6943.126	Use-After-Free	medium	View or Download	UNDERCODE	2025-04-07
Apollo Gateway	<2.10.1	DoS via fragments	high	View or Download	UNDERCODE	2025-04-07
Apollo Compiler	<1.27.0	DoS via fragments	high	View or Download	UNDERCODE	2025-04-07
Apollo Gateway	<2.10.1	DoS via query planning	critical	View or Download	UNDERCODE	2025-04-07
Emlog Pro	2.5.3	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-04-07
Google Chrome (Android)	< 133.0.6943.126	Heap buffer overflow	high	View or Download	UNDERCODE	2025-04-07
Node.js	2.2.0	Prototype Pollution	critical	View or Download	UNDERCODE	2023-01-15
Apollo Router	<1.61.2, <2.1.1	DoS	critical	View or Download	UNDERCODE	2025-04-07
Python	pickle module	Unsafe deserialization	high	View or Download	UNDERCODE	2025-04-07
macOS	Ventura <13.7.5, Sequoia <15.4, Sonoma <14.7.5	Arbitrary file access	critical	View or Download	UNDERCODE	2025-04-07
Nimrod	0.8	SQL Injection	critical	View or Download	UNDERCODE	2025-04-07
PHPGurukul e-Diary	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-07
Apple OS stack	Pre-visionOS 2.4	Out-of-bounds read	critical	View or Download	UNDERCODE	2025-04-07
Tenda RX3	16.03.13.11	Stack overflow	critical	View or Download	UNDERCODE	2025-04-07
Online Restaurant Management System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-08
Nimrod	0.8	Unrestricted upload	critical	View or Download	UNDERCODE	2025-04-07
TinyWebServer	≤1.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-07
Tenda AC1206	15.03.06.23	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-07
Apple OS Ecosystem	visionOS <2.4, macOS <Ventura 13.7.5	Memory Corruption	critical	View or Download	UNDERCODE	2025-04-07
Apple OS stack	visionOS <2.4, macOS <Ventura 13.7.5, tvOS <18.4, iOS/iPadOS <17.7.6/18.4	Out-of-bounds read	critical	View or Download	UNDERCODE	2025-04-07
macOS	Ventura/Sequoia/Sonoma	File Permission Bypass	critical	View or Download	UNDERCODE	2025-04-07
TinyWebServer	≤1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-07
Online Restaurant Management	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-07
tarteaucitron.js	<25fcf82	CSS Injection	moderate	View or Download	UNDERCODE	2025-04-07
Jujutsu	≤0.28.0	SHA-1 collision	critical	View or Download	UNDERCODE	2025-03-15
Graylog	6.1.0-6.1.8	Auth bypass	moderate	View or Download	UNDERCODE	2025-04-07
tarteaucitron.js	<2fa1e01	URL scheme injection	moderate	View or Download	UNDERCODE	2025-04-07
Leantime	≤ 3.2.1	Stored XSS	critical	View or Download	UNDERCODE	2025-03-28
ITSourcecode Simple ChatBox	≤ 1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-07
Apple WebKit	Safari <18.4, iOS/iPadOS <17.7.6/18.4, macOS <15.4	Privacy Bypass	critical	View or Download	UNDERCODE	2025-04-07
macOS	Ventura 13.7.5, Sequoia 15.4, Sonoma 14.7.5	Data exposure	medium	View or Download	UNDERCODE	2025-04-07
ShopXO	v6.4.0	SSRF	critical	View or Download	UNDERCODE	2025-04-07
OneNav	1.1.0	SSRF	critical	View or Download	UNDERCODE	2025-04-07
Apple OS Suite	visionOS <2.4, iOS <18.4, iPadOS <18.4, macOS <15.4	Sensitive Data Exposure	critical	View or Download	UNDERCODE	2025-04-07
iOS/iPadOS	<18.4, <17.7.6	Authentication bypass	critical	View or Download	UNDERCODE	2025-04-07
Apple Safari	< 18.4	Use-After-Free	critical	View or Download	UNDERCODE	2025-04-07
HotelDruid	≤3.0.7	Weak Password Policy	medium	View or Download	UNDERCODE	2025-04-07
maccms10	v2025.1000.4047	SSRF	critical	View or Download	UNDERCODE	2025-04-07
Apple OS Suite	visionOS <2.4, tvOS <18.4, iPadOS <17.7.6, iOS <18.4, macOS <15.4	App Enumeration	medium	View or Download	UNDERCODE	2025-04-07
Tenda FH1202	1.2.0.14(408)	Improper access control	critical	View or Download	UNDERCODE	2025-04-07
Apple OS (macOS/iOS/visionOS)	Pre-Ventura 13.7.5, Pre-Sequoia 15.4	Sandbox Escape via Path Handling	critical	View or Download	UNDERCODE	2025-04-07
ShopXO	v6.4.0	SSRF/XSS	critical	View or Download	UNDERCODE	2025-04-07
MacCMS10	v2025.1000.4047	SSRF	critical	View or Download	UNDERCODE	2025-04-07
Tenda FH1202	1.2.0.14(408)	Improper Access Control	critical	View or Download	UNDERCODE	2025-04-07
rust-openssl		Use-After-Free	moderate	View or Download	UNDERCODE	2025-04-05
React Draft Wysiwyg	All versions	XSS via Embedded	low	View or Download	UNDERCODE	2025-04-04
Node.js	0.0.0-0.4.2	Prototype Pollution	moderate	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Privacy Bypass	medium	View or Download	UNDERCODE	2025-04-04
Xcode	< 16.3	Information Disclosure	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Device enumeration	medium	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Library Injection	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	FS modification	critical	View or Download	UNDERCODE	2025-04-04
Apple WebKit	Safari ≤18.4	Memory Corruption	critical	View or Download	UNDERCODE	2025-04-04
Node.js	0.0.0 - 1.1.5	Buffer Overflow	high	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Privacy bypass	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Password bypass	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Data exposure	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Memory corruption	critical	View or Download	UNDERCODE	2025-04-04
macOS	Ventura 13.x, Sequoia 15.x, Sonoma 14.x	Out-of-bounds read	critical	View or Download	UNDERCODE	2025-04-04
macOS	Ventura 13.7.5, Sequoia 15.4, Sonoma 14.7.5	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-04
macOS	Ventura/Sequoia/Sonoma	Buffer Overflow	critical	View or Download	UNDERCODE	2025-04-04
Apple iOS/macOS	< iPadOS 17.7.4	Location bypass	medium	View or Download	UNDERCODE	2025-04-04
Apple Ecosystem	visionOS <2.4, macOS <13.7.5	DoS via input	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Sandbox Escape	critical	View or Download	UNDERCODE	2025-04-04
macOS	Ventura <13.7.5	FS modification bypass	critical	View or Download	UNDERCODE	2025-03-31
macOS	Ventura <13.7.5, Sequoia <15.4, Sonoma <14.7.5	Kernel OOB Write	critical	View or Download	UNDERCODE	2025-04-04
iOS/iPadOS	<18.4	Lock screen bypass	critical	View or Download	UNDERCODE	2025-03-31
macOS	Ventura <13.7.5, Sequoia <15.4, Sonoma <14.7.5	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-04
macOS/iPadOS	Ventura 13.7.5, Sonoma 14.7.5, Sequoia 15.4	File access bypass	critical	View or Download	UNDERCODE	2025-04-04
Apple Safari/iOS/iPadOS/macOS	<18.4	Address bar spoofing	medium	View or Download	UNDERCODE	2025-04-04
Apple OS Stack	Ventura 13.7.5, iOS 18.4, Sequoia 15.4	Sensitive Data Exposure	critical	View or Download	UNDERCODE	2025-04-04
Apple OS stack	Pre-Sonoma 14.7.5, pre-Sequoia 15.4	Data container escape	critical	View or Download	UNDERCODE	2025-03-31
Apple OS stack	visionOS <2.4, iOS <18.4, macOS <Ventura 13.7.5	Path traversal → data leak	critical	View or Download	UNDERCODE	2025-04-04
macOS	Ventura <13.7.5, Sequoia <15.4, Sonoma <14.7.5	Data access bypass	critical	View or Download	UNDERCODE	2025-04-04
Apple OS	<13.7.5/17.7.6/18.4	Sandbox Escape	critical	View or Download	UNDERCODE	2025-03-31
Apple OS Suite	visionOS <2.4, macOS <13.7.5/14.7.5/15.4, iOS/iPadOS <18.4	Symlink privilege bypass	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Code-signing bypass	critical	View or Download	UNDERCODE	2025-04-04
Dreamer CMS	4.1.3	Stored XSS	medium	View or Download	UNDERCODE	2025-04-04
macOS	Ventura <13.7.5, Sequoia <15.4, Sonoma <14.7.5	Race Condition	critical	View or Download	UNDERCODE	2025-04-04
macOS	<15.4	Symlink bypass	critical	View or Download	UNDERCODE	2025-03-31
Apple OS	Ventura 13.7.5, Sequoia 15.4	Privilege escalation	critical	View or Download	UNDERCODE	2025-03-31
macOS	Sequoia <15.4, Sonoma <14.7.5	Sandbox Escape	critical	View or Download	UNDERCODE	2025-03-31
Apple OS Stack	visionOS <2.4, macOS <13.7.5	Memory Corruption	critical	View or Download	UNDERCODE	2025-04-04
BentoML	v1.4.2	RCE via deserialization	critical	View or Download	UNDERCODE	2025-04-04
WordPress	≤ 12.4.05	Missing Authorization	critical	View or Download	UNDERCODE	2025-04-04
XWiki	<8.6.5	XXE Injection	critical	View or Download	UNDERCODE	2020-05-07
MinIO	< 0.0.0-20250403145552	Incomplete signature validation	high	View or Download	UNDERCODE	2025-04-04
Vite	4.0.0-6.2.4	Directory Traversal	critical	View or Download	UNDERCODE	2025-04-04
Concrete CMS	<9.4.0RC2, <8.5.20	XSS/CSRF	moderate	View or Download	UNDERCODE	2025-04-04
pgAdmin 4	<9.2	Remote Code Execution	critical	View or Download	UNDERCODE	2025-04-04
pgAdmin	<= 9.1	XSS	critical	View or Download	UNDERCODE	2025-04-04
API Platform	< 2.7.8	Security Bypass	critical	View or Download	UNDERCODE	2025-04-04
LMDeploy	<= 0.7.1	Unsafe Deserialization	moderate	View or Download	UNDERCODE	2025-04-04
GraphQL (API Platform)	< 60747cc	Security Bypass	critical	View or Download	UNDERCODE	2025-04-04
generator-jhipster-entity-audit		Unsafe Reflection	critical	View or Download	UNDERCODE	2025-04-04
Miniflux	< 2.2.7	XSS	medium	View or Download	UNDERCODE	2024-03-15
Sante PACS Server	Not specified	Path Traversal	critical	View or Download	UNDERCODE	2025-04-03
Sante PACS Server	Not specified	Stack overflow	critical	View or Download	UNDERCODE	2025-04-03
Froxlor	<2.2.6	Email duplication	medium	View or Download	UNDERCODE	2025-04-04
Firefox iOS	< 134	URL Spoofing	medium	View or Download	UNDERCODE	2025-04-03
Firefox for iOS	< 134	URL hostname spoofing	medium	View or Download	UNDERCODE	2025-01-10
FS S3150-8T2F Switch	Firmware 220d_118101	Stored XSS	medium	View or Download	UNDERCODE	2025-04-03
D-Link DIR-823X	240126, 240802	Command Injection	critical	View or Download	UNDERCODE	2025-04-03
Ollama	<=0.3.14	DoS via GGUF	critical	View or Download	UNDERCODE	2025-04-03
Sunshine Photo Cart	≤ 3.4.10	Object Injection	critical	View or Download	UNDERCODE	2025-04-03
MODX CMS	<3.1.0	Stored XSS via SVG	critical	View or Download	UNDERCODE	2025-04-04
Inova Logic CM	3.1.757.1	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-03
Jira Data Center	<4.1.69-dc	Stored XSS	medium	View or Download	UNDERCODE	2025-04-03
Code-Projects Chat System	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-03
Code-Projects Chat	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-04-03
`alizeait/unflatto`	`<=1.0.2`	Prototype Pollution	high	View or Download	UNDERCODE	2025-04-01
Rancher	< v2.8.14, < v2.9.8, < v2.10.4	Privilege Escalation	critical	View or Download	UNDERCODE	2025-04-01
jooby-pac4j	<2.17.0, 3.0.0-3.6.9	RCE via deserialization	critical	View or Download	UNDERCODE	2025-04-01
ShopXO	v6.4.0	SSRF via Image Upload	moderate	View or Download	UNDERCODE	2025-03-29
ShopXO	v6.4.0	SSRF/XSS	moderate	View or Download	UNDERCODE	2025-04-01
AWS CDK	<=2.187.0	Secret leakage	critical	View or Download	UNDERCODE	2025-03-31
gifplayer	< 0.3.7	XSS	moderate	View or Download	UNDERCODE	2025-03-31
AWS SAM CLI	<= v1.133.0	Symlink cache exposure	medium	View or Download	UNDERCODE	2025-03-31
AWS SAM CLI	<= v1.132.0	Symlink escape	critical	View or Download	UNDERCODE	2025-04-01
Netty QUIC	< 0.0.71.Final	Hash DoS	moderate	View or Download	UNDERCODE	2025-03-31
Adobe Illustrator	≤29.2.1, ≤28.7.4	NULL Pointer Dereference	medium	View or Download	UNDERCODE	2025-03-11
Adobe Illustrator	≤29.2.1, ≤28.7.4	Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-11
Adobe Illustrator	≤29.2.1, ≤28.7.4	Untrusted Search Path	critical	View or Download	UNDERCODE	2025-03-11
Apache HTTP Server	2.4.49	Path Traversal → RCE	critical	View or Download	UNDERCODE	2021-10-05
MobSF	Pre-commit ae34f7c	SSRF via DNS Rebinding	critical	View or Download	UNDERCODE	2025-03-31
Vite	4.0.0-6.2.3	FS deny bypass	medium	View or Download	UNDERCODE	2025-03-31
Leantime	≤3.2.1	Stored XSS	moderate	View or Download	UNDERCODE	2025-03-28
Node.js	<=1.0.2	Prototype Pollution	high	View or Download	UNDERCODE	2025-03-31
Solon	≤ 3.1.0	Path Traversal	moderate	View or Download	UNDERCODE	2025-03-31
Redoc	<= 2.0.0	Prototype Pollution	high	View or Download	UNDERCODE	2025-03-31
Infinispan	<= 15.0.5.Final	OOM via REST API	moderate	View or Download	UNDERCODE	2025-03-31
depath/cool-path	v1.0.6/v1.1.2	Prototype Pollution	high	View or Download	UNDERCODE	2025-03-31
Uptime Kuma	<1.23.0	ReDoS	critical	View or Download	UNDERCODE	2024-06-15
ConcreteCMS	<= 9.3.9	Stored XSS	moderateh2stylecolorblue	View or Download	UNDERCODE	2025-03-31
Rust crate	array-init-cursor	Double-free	low	View or Download	UNDERCODE	2025-03-31
Beego	<2.0.3	XSS	highh2stylecolorblue	View or Download	UNDERCODE	2023-03-15
Firefox for iOS	< 136	URL spoofing via redirect	medium	View or Download	UNDERCODE	2025-03-28
Nethermind Juno	< 0.12.5	Integer Overflow	high	View or Download	UNDERCODE	2025-03-29
DataEase	<2.10.6	Arbitrary File Read/Deserialization	critical	View or Download	UNDERCODE	2025-03-28
Wangmarket	v4.10-v5.0	CSRF	critical	View or Download	UNDERCODE	2025-03-28
Wangmarket	v4.10-v5.0	CSRF	medium	View or Download	UNDERCODE	2025-03-28
TUF (tough)	< 0.20.0	Incorrect delegation handling	critical	View or Download	UNDERCODE	2025-03-29
Vyper	<0.4.1	Iterator side-effects	critical	View or Download	UNDERCODE	2025-03-28
TUF Client	<0.20.0	Metadata Rollback	critical	View or Download	UNDERCODE	2025-03-29
PHPGurukul	3.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤2.2.16	Unauthorized user deletion	critical	View or Download	UNDERCODE	2025-03-28
Node.js	<18.16.1, <20.3.1	HTTP Smuggling	critical	View or Download	UNDERCODE	2023-06-22
Firefox, Thunderbird	< 136	Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤0.9	CSRF	medium	View or Download	UNDERCODE	2025-03-28
Vyper	<0.4.1	DynArray Bypass	critical	View or Download	UNDERCODE	2025-03-28
PHPGurukul	3.3	HTML Injection	medium	View or Download	UNDERCODE	2025-03-28
Vyper	<0.4.1	Precision Error	medium	View or Download	UNDERCODE	2025-03-28
Code-projects Online Scheduling	V1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-03-28
TUF Repository	< 0.20.0	Cyclical Delegation	critical	View or Download	UNDERCODE	2025-03-29
WordPress	≤ 2.2.16	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
Firefox/Firefox ESR/Thunderbird	122–136 / <128.8	Out-of-bounds access	critical	View or Download	UNDERCODE	2025-03-28
Node.js	<1.16.4, 2.0.0-2.1.1, 3.0.0-3.0.6	Path Traversal	high	View or Download	UNDERCODE	2025-03-27
Stencil	<2.3.0	Zip Slip	medium	View or Download	UNDERCODE	2023-01-15
PHPGurukul Land Record	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
SeaCMS	v13.3	RCE	critical	View or Download	UNDERCODE	2025-03-28
Seacms	<=13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
SeaCMS	<=13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
SeaCMS	v13.3	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-28
Seacms	<13.3	SQL Injection	critical	View or Download	UNDERCODE	2025-03-28
Devolutions Server	<=2024.3.12	Auth bypass	critical	View or Download	UNDERCODE	2025-03-28
Nginx	1.25.0-1.25.3	HTTP Smuggling	critical	View or Download	UNDERCODE	2023-12-14
Devolutions Server	≤ 2024.3.13	SSH password exposure	medium	View or Download	UNDERCODE	2025-03-28
Node.js	12.x, 14.x, 16.x	HTTP/2 RCE	critical	View or Download	UNDERCODE	2021-09-29
Publify		Stored XSS	medium	View or Download	UNDERCODE	2023-01-15
WordPress	≤ 2.6.2	Arbitrary File Download	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 0.8.2	Reflected XSS	medium	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 3.1.8	Reflected XSS	medium	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 3.1.8	LFI	critical	View or Download	UNDERCODE	2025-03-28
TUF (tough)	< 0.20.0	Metadata Rollback	medium	View or Download	UNDERCODE	2025-03-28
TUF	<0.20.0	Metadata Rollback	critical	View or Download	UNDERCODE	2025-03-28
AimHub	3.25.0	DoS via API	medium	View or Download	UNDERCODE	2025-03-28
Lunary-AI	≤1.6.7	Stored XSS	critical	View or Download	UNDERCODE	2025-03-28
GitHub.com	<1.0.1	Path Traversal	moderate	View or Download	UNDERCODE	2025-03-28
Apache HTTP Server	2.4.49	Path Traversal/RCE	critical	View or Download	UNDERCODE	2021-10-05
Cisco ISE	3.2, 3.1	API auth bypass	criticalh2stylecolorblue	View or Download	UNDERCODE	2025-03-28
Cisco ISE	3.2, 3.1	Stored XSS	critical	View or Download	UNDERCODE	2025-03-28
Ollama	≤0.3.14	Null Dereference	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 2.1.7	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-28
Dell Avamar	19.4+	Token Reuse	critical	View or Download	UNDERCODE	2025-03-28
Cisco ISE	3.1, 3.2	Insecure Deserialization	critical	View or Download	UNDERCODE	2025-03-28
WordPress	≤ 2.1.7	PHP Object Injection	critical	View or Download	UNDERCODE	2025-03-28
Node.js	12.x - 16.x	HTTP/2 RCE	critical	View or Download	UNDERCODE	2021-09-29
Synapse	≤1.127.0	DoS via malformed events	critical	View or Download	UNDERCODE	2025-03-27
Pitchfork	< 0.11.0	HTTP Response Splitting	critical	View or Download	UNDERCODE	2025-03-27
Apache Kylin	5.0.0 - 5.0.1	SSRF	low	View or Download	UNDERCODE	2025-03-27
Mesop	<=0.14.0	Class Pollution	critical	View or Download	UNDERCODE	2023-11-15
Vega/Vega-lite	<5.32.0	Prototype Pollution → XSS	critical	View or Download	UNDERCODE	2025-03-27
Apache Kylin	4.0.0 - 5.0.1	Code Injection	low	View or Download	UNDERCODE	2025-03-27
Node.js	12.x, 14.x, 16.x	RCE via HTTP/2	critical	View or Download	UNDERCODE	2021-09-29
MLflow	<2.19.0	Missing Password Enforcement	critical	View or Download	UNDERCODE	2025-03-27
Dell Chassis Management Controller	< 2.40.200.202101130302 (FX2), < 3.41.200.202209300499 (VRTX)	Stack-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8	MFA Bypass	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	10.4.x <= 10.4.2	Command Injection	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	<=10.4.2, <=10.3.3, <=9.11.8	Improper Access Control	medium	View or Download	UNDERCODE	2025-03-27
Mattermost	9.11.x <= 9.11.8	Privilege Escalation	medium	View or Download	UNDERCODE	2025-03-27
OpenSlides	<4.2.5	Timing attack	medium	View or Download	UNDERCODE	2025-03-27
xmedcon	0.25.0	Integer Underflow	medium	View or Download	UNDERCODE	2025-03-27
OpenSlides	<4.2.5	Stored XSS	critical	View or Download	UNDERCODE	2025-03-27
Vega	≤5.30.0	Arbitrary JS Execution	critical	View or Download	UNDERCODE	2025-03-27
OpenSlides	<4.2.5	Directory Traversal	critical	View or Download	UNDERCODE	2025-03-27
Mattermost	<=10.4.2, <=10.3.3	MFA Bypass	critical	View or Download	UNDERCODE	2025-03-27
WordPress	≤ 3.2.1	Unauthenticated feature disable	medium	View or Download	UNDERCODE	2025-03-26
Westboy CicadasCMS	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-26
WordPress	≤5.9.4.5	PHP Object Injection	medium	View or Download	UNDERCODE	2025-03-26
WordPress	≤5.9.4.7	SQL Injection	critical	View or Download	UNDERCODE	2025-03-26
WordPress	≤ 5.9.4.4	Missing Authorization	medium	View or Download	UNDERCODE	2025-03-26
Django	<5.3.3	XSS	low	View or Download	UNDERCODE	2025-03-26
xmas-elf	<1.2.0	OOB Read	moderate	View or Download	UNDERCODE	2025-03-26
Directus	<= 10.11.3	Information Disclosure	critical	View or Download	UNDERCODE	2024-06-15
OpenDaylight SFC	Sodium-SR4 and below	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-26
WordPress	≤ 2.8.3	Stored XSS	medium	View or Download	UNDERCODE	2025-03-26
Tenda W18E	v16.01.0.11	Stack Overflow	critical	View or Download	UNDERCODE	2025-03-26
Snail-Job	1.4.0	RCE via Deserialization	critical	View or Download	UNDERCODE	2025-03-26
D-Link DAP-1620	1.03	Stack overflow	critical	View or Download	UNDERCODE	2025-03-26
Westboy CicadasCMS	1.0	Stored XSS	medium	View or Download	UNDERCODE	2025-03-26
Ollama	<=0.3.14	Resource Allocation	high	View or Download	UNDERCODE	2025-03-24
Aimhubio	3.25.0	Denial of Service	high	View or Download	UNDERCODE	2025-03-22
Aim (aimhubio/aim)	3.25.0	Uncontrolled Resource Consumption	high	View or Download	UNDERCODE	2025-03-22
MLflow	2.17.0 - 2.20.1	CSRF in Signup	moderate	View or Download	UNDERCODE	2025-03-21
MLflow	2.18	Weak Password Requirements	low	View or Download	UNDERCODE	2025-03-21
Mattermost	<= 10.4.2, <= 10.3.3, <= 9.11.8	Improper Access Control	moderate	View or Download	UNDERCODE	2025-03-21
go-httpbin	All versions prior to patch	Cross-Site Scripting (XSS)	critical	View or Download	UNDERCODE	2025-03-21
PipeCD	v0.49	Privilege Escalation	high	View or Download	UNDERCODE	2025-03-21
Go (Golang)	Pre-patch versions	DoS via memory exhaustion	critical	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.x <= 10.4.2, 10.3.x <= 10.3.3, 9.11.x <= 9.11.8	Command Execution in Archived Channels	moderate	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.0 - 10.4.2, 10.3.0 - 10.3.3, 9.11.0 - 9.11.8, 10.5.0	MFA Bypass	high	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.0 - 10.4.2, 10.3.0 - 10.3.3, 9.11.0 - 9.11.8	MFA Bypass	moderate	View or Download	UNDERCODE	2025-03-21
Mattermost	10.4.0 - 10.4.2, 10.3.0 - 10.3.3, 9.11.0 - 9.11.8, 10.5.0	Improper Access Control	moderate	View or Download	UNDERCODE	2025-03-21
Linux Kernel	nilfs2 file system	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-27
Linux Kernel	Up to 6.13.0-rc3	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-27
Parse Server	<4.10.0	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-21
AWS CDK CLI	>=2.172.0, <2.178.2	Credential Exposure	critical	View or Download	UNDERCODE	2025-03-21
Kubernetes	1.3.0 to 1.32.3	Race Condition	low	View or Download	UNDERCODE	2025-03-21
Liferay Portal/DXP	7.4.0 - 7.4.3.126, 2024.Q3.0 - 2024.Q2.12, 2024.Q1.1 - 2024.Q1.12, 2023.Q4.0 - 2023.Q4.10, 2023.Q3.1 - 2023.Q3.10	Data Exposure	moderate	View or Download	UNDERCODE	2025-03-21
DataEase	< 2.10.6	Arbitrary File Read/Deserialization	critical	View or Download	UNDERCODE	2025-03-13
DataEase	< 2.10.6	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-13
Linux Kernel	Pre-commit 68f83057b913	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	Up to 6.12.0-rc6	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	Up to 5.15.x	Use-After-Free (UAF)	critical	View or Download	UNDERCODE	2025-02-26
WordPress	1.1.9 and earlier	Unauthorized Access	critical	View or Download	UNDERCODE	2025-03-14
WordPress	1.6.11 and below	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-14
Envoy Proxy	<1.30.10, 1.31.0-1.31.5, 1.32.0-1.32.3, 1.33.0	Denial of Service	critical	View or Download	UNDERCODE	2025-03-21
Redlib	< v0.36.0	Decompression Bomb	critical	View or Download	UNDERCODE	2025-03-21
InvokeAI	5.3.1 - 5.4.2	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-21
Libcontainer	Pre-fix versions	Capabilities Elevation	moderate	View or Download	UNDERCODE	2025-03-21
Next.js	11.1.4 - 13.5.6, 14.0 - 14.2.24, 15.0 - 15.2.2	Authorization Bypass	critical	View or Download	UNDERCODE	2025-03-21
WordPress	1.7.6 and earlier	SQL Injection	critical	View or Download	UNDERCODE	2025-03-14
Rembg	2.0.57 and earlier	CORS Misconfiguration	critical	View or Download	UNDERCODE	2025-03-03
Kedro	0.19.8	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-21
LocalAI	v2.21.1	Cross-Site Scripting (XSS)	moderate	View or Download	UNDERCODE	2025-03-21
ZenML	0.66.0	Unauthenticated DoS	high	View or Download	UNDERCODE	2025-03-21
vLLM	0.6.0	Deserialization RCE	critical	View or Download	UNDERCODE	2025-03-21
Composio	v0.4.4	SSRF	moderate	View or Download	UNDERCODE	2025-03-21
vLLM	0.6.0	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-21
Quivr	v0.0.298	Unauthenticated DoS	high	View or Download	UNDERCODE	2025-03-21
MLflow	2.15.1	Path Traversal	high	View or Download	UNDERCODE	2025-03-21
Composio	v0.4.2	SSRF	moderate	View or Download	UNDERCODE	2025-03-21
LiteLLM	v1.52.1	API Key Leakage	high	View or Download	UNDERCODE	2025-03-20
Aim	Commit bb76afe	Path Traversal	critical	View or Download	UNDERCODE	2025-03-20
LiteLLM	main-latest	Improper Authorization	high	View or Download	UNDERCODE	2025-03-20
AgentScope	Prior to fix	Path Traversal	critical	View or Download	UNDERCODE	2025-03-20
AgentScope	v.0.0.4	Path Traversal	high	View or Download	UNDERCODE	2025-03-20
AgentScope	Latest commit 21161fe	Stored XSS	moderate	View or Download	UNDERCODE	2025-03-20
AgentScope	v0.0.4	Improper CORS Configuration	high	View or Download	UNDERCODE	2025-03-20
LiteLLM	<1.44.12	API Key Leakage	high	View or Download	UNDERCODE	2025-03-20
LiteLLM	v1.44.5	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
AgentScope	0.0.4	Directory Traversal	high	View or Download	UNDERCODE	2025-03-20
Gradio	git commit 98cbcae	ReDoS via crafted HTTP request	high	View or Download	UNDERCODE	2025-03-20
Gradio	git 98cbcae	Path Traversal	high	View or Download	UNDERCODE	2025-03-20
Prefect	< 3.0.3	CORS Misconfiguration	high	View or Download	UNDERCODE	2025-03-20
Gradio	git 98cbcae	Zip Bomb DoS	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
LiteLLM	1.40.12	Remote Code Execution (RCE)	critical	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.2	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.1	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0	Arbitrary File Overwrite	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0	Arbitrary File Encryption	moderate	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.1	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.1	DoS, File Write	high	View or Download	UNDERCODE	2025-03-20
Aim	3.23.0	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
H2O	3.46.0.4	Deserialization RCE	critical	View or Download	UNDERCODE	2025-03-20
Horovod	<= v0.28.1	Command Injection	critical	View or Download	UNDERCODE	2025-03-20
Dask	<=2024.8.2	Command Injection	critical	View or Download	UNDERCODE	2025-03-20
LiteLLM	Commit 26c03c9	Denial of Service (DoS)	high	View or Download	UNDERCODE	2025-03-20
kcp	<0.26.3, <0.27.0	Unauthorized Object Manipulation	critical	View or Download	UNDERCODE	2025-03-20
Coraza WAF	v3	Rule Bypass	critical	View or Download	UNDERCODE	2025-03-20
Redis	go-redis (pre-patch versions)	Connection Timeout	critical	View or Download	UNDERCODE	2025-03-20
Apache Seata	2.0.0 - 2.2.0	Data Amplification	low	View or Download	UNDERCODE	2025-03-20
Spring Security	5.7.0 - 6.4.3	Password Length Bypass	high	View or Download	UNDERCODE	2025-03-20
Apache Seata	2.0.0 to 2.2.0	Deserialization of Untrusted Data	low	View or Download	UNDERCODE	2025-03-20
Liferay Portal/DXP	7.4.3.82-7.4.3.128, 2024.Q3.0, 2024.Q2.0-2024.Q2.13, 2024.Q1.1-2024.Q1.12, 2023.Q4.0-2023.Q4.10, 2023.Q3.1-2023.Q3.10	XSS	moderate	View or Download	UNDERCODE	2025-03-20
OpenShift Console	Pre-4.12.0	Path Traversal	moderate	View or Download	UNDERCODE	2025-03-20
WordPress	2.1.13 and earlier	Unauthorized Data Access	critical	View or Download	UNDERCODE	2025-03-12
OpenShift Hive	v1.0.0	Uncontrolled Resource Consumption	moderate	View or Download	UNDERCODE	2025-03-20
Jenkins	< 1.0.31.v4a	Information Disclosure	moderate	View or Download	UNDERCODE	2025-03-20
WordPress	1.0.7 and earlier	Reflected XSS	critical	View or Download	UNDERCODE	2025-03-03
WordPress	Up to 2.1.8	Stored XSS	critical	View or Download	UNDERCODE	2025-02-17
WordPress	1.3.8 and prior	DOM-based XSS	critical	View or Download	UNDERCODE	2025-01-09
Jenkins	AnchorChain Plugin 1.0	Stored XSS	high	View or Download	UNDERCODE	2025-03-19
Mattermost	9.11.x <= 9.11.8	Authorization Bypass	moderate	View or Download	UNDERCODE	2025-03-19
WordPress	<= 1.3.6.5	Local File Inclusion	critical	View or Download	UNDERCODE	2025-03-11
WordPress	<= 4.2.2	CSRF	critical	View or Download	UNDERCODE	2025-03-06
WOLF	1.0.8.5	Path Traversal	critical	View or Download	UNDERCODE	2025-02-03
WordPress	<= 4.1.25	Stored XSS	critical	View or Download	UNDERCODE	2025-01-18
GitHub Actions	tj-actions/changed-files < 46	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-15
FortiOS, FortiProxy	7.0.0 - 7.0.16, 7.2.0 - 7.2.12	Authentication Bypass	critical	View or Download	UNDERCODE	2025-02-11
RealMag777 BEAR	1.1.4.4 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-02-17
WordPress	<= 1.27.6	Path Traversal	critical	View or Download	UNDERCODE	2025-02-06
WikiManager REST API	5.4-rc-1 to 16.10.0	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-19
XWiki	>= 1.9M1, < 15.10.14	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-19
XWiki	6.1-rc-1 to 15.10.13, 16.0.0-rc-1 to 16.4.5, 16.5.0-rc-1 to 16.10.0-rc-1	Authorization Bypass	critical	View or Download	UNDERCODE	2025-03-19
Nuxt.js	All versions	Cache Poisoning	critical	View or Download	UNDERCODE	2025-03-19
WordPress	1.27.4 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-15
CodeBard Help Desk	1.1.2 and earlier	Reflected XSS	critical	View or Download	UNDERCODE	2025-01-15
OpenAPI	3.0.0	Zip Bomb Exploit	critical	View or Download	UNDERCODE	2025-03-19
Sylius	<1.6.2, <1.7.2, <2.0.2	Payment Manipulation	critical	View or Download	UNDERCODE	2025-03-19
Picklescan	< 0.0.23	ZIP Archive Manipulation	medium	View or Download	UNDERCODE	2025-03-10
PyTorch	PickleScan < 0.0.23	Arbitrary Code Execution	medium	View or Download	UNDERCODE	2025-03-10
GitHub Actions	reviewdog/action-setup@v1	Secret Exposure	critical	View or Download	UNDERCODE	2025-03-19
vLLM	Pre-vllm-project/vllm14228	Unsafe Deserialization	critical	View or Download	UNDERCODE	2025-03-19
Apache Airflow	Before 6.2.0	SQL Injection	moderate	View or Download	UNDERCODE	2025-03-19
Node.js	fast-jwt (affected versions)	JWT Issuer Claim Validation	critical	View or Download	UNDERCODE	2025-03-19
ZipList Recipe	Up to 3.1	CSRF	medium	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.04	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.07	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-11
CodeVibrant	1.0.5 and earlier	CSRF	critical	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.05	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-11
WordPress	1.0 and earlier	CSRF	medium	View or Download	UNDERCODE	2025-03-11
WordPress	1.2.2 and earlier	CSRF	critical	View or Download	UNDERCODE	2025-03-11
WordPress	0.1.0 and earlier	CSRF to Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
Login Logger	1.2.1 and earlier	CSRF	medium	View or Download	UNDERCODE	2025-03-11
WordPress	Up to 2.1	CSRF to Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
ZTE GoldenDB	6.1.03 - 6.1.03.04	Input Validation Bypass	critical	View or Download	UNDERCODE	2025-03-11
Delete Original Image	0.4 and earlier	CSRF	medium	View or Download	UNDERCODE	2025-03-11
Rankchecker.io Integration	1.0.9 and earlier	CSRF with Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
Mojave Inverter	All versions	Sensitive Info Disclosure	critical	View or Download	UNDERCODE	2025-02-13
TYPO3	6.0.0 - 9.2.0	XSS	moderate	View or Download	UNDERCODE	2025-03-19
CosmWasm	Prior to v2.2.0	Capability Bypass	moderate	View or Download	UNDERCODE	2025-03-18
Stesvis Frontpage	1.0.2 and earlier	CSRF	critical	View or Download	UNDERCODE	2025-03-11
Wire	< 5.2.0	Uncontrolled Recursion	moderate	View or Download	UNDERCODE	2025-03-18
jsPDF	<3.0.1	DoS via CPU exhaustion	critical	View or Download	UNDERCODE	2025-03-18
Contao	4.0.0 - 4.13.53, 5.3.0 - 5.3.29, 5.4.0 - 5.5.5	XSS via SVG	critical	View or Download	UNDERCODE	2025-03-18
amoCRM WebForm	1.1 and earlier	DOM-Based XSS	critical	View or Download	UNDERCODE	2025-03-11
Apache HTTP Server	2.4.49	Path Traversal	critical	View or Download	UNDERCODE	2021-10-05
Apache Tomcat	11.0.0-M1 to 11.0.2, 10.1.0-M1 to 10.1.34, 9.0.0.M1 to 9.0.98	Path Equivalence	critical	View or Download	UNDERCODE	2025-03-10
Sylius	<1.6.1, <1.7.1, <2.0.1	Payment Manipulation	critical	View or Download	UNDERCODE	2025-03-17
containerd	< 1.7.0, 1.6.0	Integer Overflow	moderate	View or Download	UNDERCODE	2025-03-17
OpenShift Hive	Multicluster Engine (MCE), Advanced Cluster Management (ACM)	Credential Exposure	high	View or Download	UNDERCODE	2025-03-17
Expr	<1.17.0	Memory Exhaustion	critical	View or Download	UNDERCODE	2025-03-17
BuildKit	< v0.21.3	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-17
Mattermost Desktop App	<=5.10.0	Code Injection	low	View or Download	UNDERCODE	2025-03-17
Kubernetes	Bare Metal Operator (BMO)	Secret Leakage	critical	View or Download	UNDERCODE	2025-03-17
Tenda AC9	v1.0 V15.03.05.14_multi	Stack Overflow	critical	View or Download	UNDERCODE	2025-03-14
Tenda AC6	v15.03.05.16	Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-14
Enituretechnology Small Package Quotes	Up to 2.4.9	Reflected XSS	critical	View or Download	UNDERCODE	2025-03-03
Bee Layer Slider	1.1 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-03-11
Ark Theme Core	1.70.0 and earlier	Code Injection	critical	View or Download	UNDERCODE	2025-03-03
Tenda AC8V4	V16.03.34.06	Stack Overflow	critical	View or Download	UNDERCODE	2025-02-20
Node.js	3.0.0	Prototype Pollution	high	View or Download	UNDERCODE	2025-03-16
GitHub Actions	tj-actions/changed-files <= 45.0.7	Information Disclosure	high	View or Download	UNDERCODE	2025-03-15
Qiskit	< 13	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-14
JS Html Sanitizer	< 2.0.3	XSS Bypass	moderate	View or Download	UNDERCODE	2025-03-14
feldman_vss	<1.0.0	Timing Side-Channel	critical	View or Download	UNDERCODE	2025-03-14
Python	feldman_vss.py	Fault Injection	critical	View or Download	UNDERCODE	2025-03-14
Flowise	1.8.2	Path Traversal to RCE	critical	View or Download	UNDERCODE	2025-03-14
Azle	0.27.0, 0.28.0, 0.29.0	Infinite Loop	critical	View or Download	UNDERCODE	2025-03-14
Kubernetes	Versions using in-tree gitRepo volume	Local repository access	moderate	View or Download	UNDERCODE	2025-03-14
xml-crypto	<= 6.0.0	Signature Bypass	critical	View or Download	UNDERCODE	2025-03-14
Flowise	v1.0.0	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-03-13
Linux Kernel	Up to 5.15.90	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	Pre-5.15.90	Use-After-Free	critical	View or Download	UNDERCODE	2025-02-26
Kubernetes	<1.29.13, 1.30.0-1.30.9, 1.31.0-1.31.5, 1.32.0-1.32.1	Command Injection	moderate	View or Download	UNDERCODE	2025-03-13
Windows NTFS	All versions up to patch	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-11
MODX	Prior to 3.1.0	Cross-Site Scripting (XSS)	low	View or Download	UNDERCODE	2025-03-13
Windows	Win32 Kernel Subsystem	Use-after-free	critical	View or Download	UNDERCODE	2025-03-11
Snowflake JDBC	3.0.13 - 3.23.0	Information Disclosure	medium	View or Download	UNDERCODE	2025-03-13
Assimp	5.4.3	Heap-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-10
HDF5	1.14.6	Heap-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-10
UnifiedTransform	2.0	Incorrect Access Control	critical	View or Download	UNDERCODE	2025-03-10
Microsoft Edge	Chromium-based	UI Spoofing	critical	View or Download	UNDERCODE	2025-03-07
Ed25519-Java	0.3.0 and earlier	Signature Malleability	moderate	View or Download	UNDERCODE	2025-03-13
XPixelGroup BasicSR	1.4.2 and prior	Command Injection	moderate	View or Download	UNDERCODE	2025-03-13
Cosmos SDK	Pre-v3.1.8	Chain Halt	critical	View or Download	UNDERCODE	2025-01-01
Apache HTTP Server	2.4.49, 2.4.50	Path Traversal to RCE	critical	View or Download	UNDERCODE	2025-03-13
WordPress	Javo Core <= 3.0.0.080	Privilege Escalation	critical	View or Download	UNDERCODE	2025-03-08
WordPress	Up to 16.26.10	Information Exposure	critical	View or Download	UNDERCODE	2025-03-08
IBM Aspera Shares	1.9.9 - 1.10.0 PL7	XXE Injection	critical	View or Download	UNDERCODE	2025-03-07
Deno	All versions	Session Hijacking	critical	View or Download	UNDERCODE	2025-03-12
Golang (golang.org/x/net)	Pre-2025 patches	Proxy Bypass via IPv6 Zone IDs	moderate	View or Download	UNDERCODE	2025-03-12
Apache NiFi	1.13.0 - 2.2.0	Information Disclosure	moderate	View or Download	UNDERCODE	2025-03-12
Apache Felix	< 1.2.2	XSS	moderate	View or Download	UNDERCODE	2025-03-12
Plenti	<= 0.7.16	Code Injection	moderate	View or Download	UNDERCODE	2025-03-12
Ruby SAML	>= 1.13.0, < 1.18.0; < 1.12.4	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-12
SmallRye Fault Tolerance	< 6.9.0	Out-of-Memory (OOM)	high	View or Download	UNDERCODE	2025-03-12
Apache Camel	4.9.0-4.10.2, 4.0.0-4.8.5, 3.10.0-3.22.4	Header Injection	critical	View or Download	UNDERCODE	2025-02-15
Ruby SAML	< 1.12.4, >= 1.13.0, < 1.18.0	Authentication Bypass	high	View or Download	UNDERCODE	2025-03-12
Omniauth-saml	< 1.10.6, 2.0.0-2.1.2, 2.2.0-2.2.2	Signature Wrapping Attack	critical	View or Download	UNDERCODE	2025-03-12
GraphQL-Ruby	1.11.5-2.4.13	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-12
IBC-Go	>= v7	Non-deterministic JSON Unmarshalling	critical	View or Download	UNDERCODE	2025-03-12
Cosmos SDK	<= v0.47.16, <= 0.50.12	Denial of Service	critical	View or Download	UNDERCODE	2025-03-12
WordPress	1.0.9 and earlier	Unauthorized Data Access	critical	View or Download	UNDERCODE	2025-03-07
WordPress	Up to 16.26.10	SQL Injection	critical	View or Download	UNDERCODE	2025-03-08
Laravel	< 3.4.17	File Validation Bypass	moderate	View or Download	UNDERCODE	2025-03-12
Espressif ESP32	All firmware versions	Hidden HCI Command Execution	critical	View or Download	UNDERCODE	2025-03-08
Ruby	2.10.0, 2.10.1	Out-of-bounds Read	critical	View or Download	UNDERCODE	2025-03-12
Joomla	JUX Real Estate 3.4.0	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
WordPress	<= 5.3.1	Stored XSS	critical	View or Download	UNDERCODE	2025-03-08
cheqd-node	< v3.1.7	Non-deterministic JSON Unmarshalling	critical	View or Download	UNDERCODE	2025-03-11
Joomla	JUX Real Estate 3.4.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-09
Rembg	2.0.57 and earlier	SSRF	moderate	View or Download	UNDERCODE	2025-03-11
Pimcore	Pre-11.0.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-11
Rembg	2.0.57 and earlier	CORS Misconfiguration	high	View or Download	UNDERCODE	2025-03-11
Facebookincubator/below	< 0.9.0	Privilege Escalation	high	View or Download	UNDERCODE	2025-03-11
WordPress	<= 1.39.2	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
OpenXE	Up to 1.12	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
FTCMS	2.1	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
FTCMS	2.1	SQL Injection	critical	View or Download	UNDERCODE	2025-03-09
XunRuiCMS	Up to 4.6.3	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-09
Customer Account Portal	Unspecified	HTML Injection	medium	View or Download	UNDERCODE	2025-03-11
Babel	<7.26.10, <8.0.0-alpha.17	Quadratic Complexity	critical	View or Download	UNDERCODE	2025-03-11
Froxlor	Pre-2.0.10	Account Duplication	medium	View or Download	UNDERCODE	2023-10-15
Keras	< 3.9	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-11
GNU Binutils	2.43	Memory Leak	critical	View or Download	UNDERCODE	2025-02-10
CodeBard Help Desk	1.1.2 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-31
SimpleSAMLphp	v4	Signature Confusion	critical	View or Download	UNDERCODE	2025-03-11
ASP.NET Core	9.0.2, 8.0.13, 2.3.0	Elevation of Privilege	critical	View or Download	UNDERCODE	2025-03-11
OpenHarmony	v5.0.2 and prior	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-03
WordPress	1.1.9 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
WordPress	1.7.2 and earlier	Authentication Bypass	critical	View or Download	UNDERCODE	2025-02-27
WordPress	1.6.3 and earlier	Arbitrary File Deletion	critical	View or Download	UNDERCODE	2025-02-27
WordPress	1.0.1 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
Keras	All versions prior to 3.0.0	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-11
Mockoon	Latest (mockoon-cli)	Path Traversal & LFI	critical	View or Download	UNDERCODE	2025-03-11
WordPress	<= 3.3.5	Stored XSS	critical	View or Download	UNDERCODE	2025-02-27
Umbraco CMS	<= 10.8.8, >= 11.0.0-rc1, <= 13.7.0	Unauthorized Content Access/Deletion	moderate	View or Download	UNDERCODE	2025-03-11
Umbraco CMS	14.3.2, 15.0.0-rc1 to 15.2.2	Improper API Access Control	moderate	View or Download	UNDERCODE	2025-03-11
Kubernetes	Ratify (pre-patch)	Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-11
Rack	<2.2.6	Directory Traversal	critical	View or Download	UNDERCODE	2025-03-10
Apache Tomcat	11.0.0-M1 to 11.0.2	RCE/Info Disclosure	high	View or Download	UNDERCODE	2025-03-10
Concrete CMS	9.0.0 - 9.3.9	Stored XSS	moderate	View or Download	UNDERCODE	2025-03-10
Nomad	<1.9.7, <1.8.11, <1.7.19	Information Exposure	moderate	View or Download	UNDERCODE	2025-03-10
Vela Server	< 0.25.3, >= 0.26.0, < 0.26.2	Insufficient Webhook Payload Verification	critical	View or Download	UNDERCODE	2025-03-10
Keycloak	>= 26.1.0, < 26.1.3; < 26.0.10	Improper Authorization	moderate	View or Download	UNDERCODE	2025-03-10
Keycloak	>= 26.1.0, < 26.1.3; < 26.0.10	Authentication Bypass	moderate	View or Download	UNDERCODE	2025-03-10
Apache Camel	3.10.0-3.22.3, 4.2.0-4.8.4, 4.9.0-4.10.1	Bypass/Injection	critical	View or Download	UNDERCODE	2025-03-10
Laravel Framework	11.9.0 to 11.35.1	Reflected XSS	moderate	View or Download	UNDERCODE	2025-03-10
PHP	<5.25.2	DoS via `explode()`	low	View or Download	UNDERCODE	2025-03-10
Laravel Framework	11.9.0 - 11.35.1	Reflected XSS	moderate	View or Download	UNDERCODE	2025-03-10
Ekuiper	Pre-1.8.0	Stored XSS	critical	View or Download	UNDERCODE	2025-03-10
WordPress	1.3.52 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-24
WordPress	1.6.10 and earlier	Remote File Inclusion	critical	View or Download	UNDERCODE	2025-01-27
LocalS3	All versions	XXE Injection	critical	View or Download	UNDERCODE	2025-03-10
WordPress	n/a - 2.7.1	Missing Authorization	critical	View or Download	UNDERCODE	2025-01-24
PyTorch	N/A	Arbitrary Code Execution	critical	View or Download	UNDERCODE	2025-03-10
TOTOLINK X18	9.1.0cu.2024_B20220329	Stack-based buffer overflow	critical	View or Download	UNDERCODE	2025-02-16
TOTOLINK X18	9.1.0cu.2024_B20220329	OS Command Injection	critical	View or Download	UNDERCODE	2025-02-16
Apache Struts	2.3.5 - 2.3.31, 2.5 - 2.5.10	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-10
Oxidized Web	< 0.15.0	Unauthenticated RCE	critical	View or Download	UNDERCODE	2025-03-02
WeGIA	< 3.2.16	Denial of Service	critical	View or Download	UNDERCODE	2025-03-03
GRUB2	All versions with squash4 module	Heap-based Buffer Overflow	critical	View or Download	UNDERCODE	2025-03-03
Protobuf Crate	Affected versions	Stack Overflow	moderate	View or Download	UNDERCODE	2025-03-07
Node.js	@intlify/message-resolver 9.1, @intlify/vue-i18n-core 9.2+	Prototype Pollution	critical	View or Download	UNDERCODE	2025-03-07
XWiki Confluence Migrator Pro	<= 1.11.6	Information Exposure	high	View or Download	UNDERCODE	2025-03-07
Ring (Cryptography Library)	Pre-patch versions	Integer Overflow	medium	View or Download	UNDERCODE	2025-03-07
XWiki Confluence Migrator Pro	>= 1.0, < 1.2.0	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-07
WinDbg	Affected versions	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-06
WordPress	<= 2.7.6	Stored XSS	critical	View or Download	UNDERCODE	2025-02-28
OpenTelemetry .NET	1.10.0 to 1.11.1	Denial of Service (DoS)	critical	View or Download	UNDERCODE	2025-03-06
Jenkins	< 2.492.2, >= 2.493, < 2.500	Information Disclosure	moderate	View or Download	UNDERCODE	2025-03-06
Ray	<2.43.0	Sensitive Info Logging	moderate	View or Download	UNDERCODE	2025-03-06
Envoy Gateway	<1.2.7, <1.3.1	Log Injection	critical	View or Download	UNDERCODE	2025-03-06
Jenkins	<= 2.499, <= 2.492.1	CSRF	moderate	View or Download	UNDERCODE	2025-03-06
WordPress	<= 1.6.8.1	Reflected XSS	critical	View or Download	UNDERCODE	2025-02-28
Fleet	< 4.64.2	SAML Authentication Bypass	critical	View or Download	UNDERCODE	2025-03-06
Jenkins	< 2.492.2, >= 2.493, < 2.500	Open Redirect	moderate	View or Download	UNDERCODE	2025-03-06
NocoDB	Pre-2025 patches	Reflected XSS	critical	View or Download	UNDERCODE	2025-03-06
WordPress	1.3.3 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-01-24
WordPress	1.1.7 and below	Stored XSS	critical	View or Download	UNDERCODE	2025-02-28
Microsoft Edge	Chromium-based	Security Feature Bypass	critical	View or Download	UNDERCODE	2025-02-14
OpenZiti	< 3.7.1	SSRF	critical	View or Download	UNDERCODE	2025-03-03
OpenZiti	< 3.7.1	Unauthenticated File Upload	critical	View or Download	UNDERCODE	2025-03-03
ShishuoCMS	1.1	CSRF	medium	View or Download	UNDERCODE	2025-03-03
Jinja2	Pre-3.1.3	Sandbox Escape	critical	View or Download	UNDERCODE	2024-01-15
ShishuoCMS	1.1	Cross-Site Scripting (XSS)	medium	View or Download	UNDERCODE	2025-03-03
Eclipse OMR	0.4.0 and earlier	NULL Pointer Dereference	medium	View or Download	UNDERCODE	2025-02-21
DGL	Pre-patch versions	Remote Code Execution	critical	View or Download	UNDERCODE	2025-03-05
Eclipse OMR	0.2.0 to 0.4.0	Buffer Overflow	critical	View or Download	UNDERCODE	2025-02-21
Laravel	>= 12.0.0, < 12.1.1; < 11.44.1	File Validation Bypass	critical	View or Download	UNDERCODE	2025-03-05
WordPress	<= 4.2.9	Unauthorized Access	critical	View or Download	UNDERCODE	2025-03-04
Redaxo	5.18.2	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-03-05
Adobe Commerce	2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11	Incorrect Authorization	critical	View or Download	UNDERCODE	2025-02-11
Linux Kernel	Up to 6.13.0-rc4	Memory Leak	critical	View or Download	UNDERCODE	2025-02-26
OpenDJ	9.2	Denial-of-Service (DoS)	critical	View or Download	UNDERCODE	2025-03-05
Adobe Commerce	2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11	Improper Authorization	critical	View or Download	UNDERCODE	2025-02-11
Linux Kernel	LoongArch-based systems	Out-of-Bounds (OoB) Access	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	< 6.14.0-rc1	Null Pointer Dereference	critical	View or Download	UNDERCODE	2025-02-26
Linux Kernel	am65-cpsw Ethernet Driver	Memory Leak	critical	View or Download	UNDERCODE	2025-02-26
Adobe Commerce	2.4.4-p11 and earlier	Stored XSS	critical	View or Download	UNDERCODE	2025-03-05
FlowiseAI	v2.2.6	Arbitrary File Upload	high	View or Download	UNDERCODE	2025-03-05
VMware ESXi, Workstation	Multiple versions affected	TOCTOU leading to out-of-bounds write	critical	View or Download	UNDERCODE	2025-03-04
VMware ESXi, Workstation, Fusion	Multiple versions affected	Information Disclosure	critical	View or Download	UNDERCODE	2025-03-04
i-Drive i11, i12	Up to 20250227	Improper Access Control	critical	View or Download	UNDERCODE	2025-03-03
PHPGurukul	1.0	SQL Injection	critical	View or Download	UNDERCODE	2025-03-03
NGINX Unit	< 1.34.2	Infinite Loop	medium	View or Download	UNDERCODE	2025-03-03
Ruby	CGI gem < 0.4.2	Denial of Service (DoS)	critical	View or Download	UNDERCODE	2025-03-03
WordPress	1.8.4.1 and earlier	Arbitrary File Upload	critical	View or Download	UNDERCODE	2025-03-04
ShishuoCMS	1.1	Unrestricted File Upload	critical	View or Download	UNDERCODE	2025-03-03
Matrix-Appservice-IRC	Up to 3.0.3	Arbitrary Command Execution	Critical	View or Download	UNDERCODE	2025-03-04
OpenHarmony	v5.0.2 and prior	Use-After-Free	Critical	View or Download	UNDERCODE	2025-03-04
mySCADA myPRO	Vulnerable versions not specified	CSRF	Medium	View or Download	UNDERCODE	2025-03-04
Dingtian DT-R0 Series	All versions prior to 2.5.1	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-04
mySCADA myPRO	Vulnerable versions	OS Command Injection	Critical	View or Download	UNDERCODE	2025-03-04
mySCADA myPRO Manager	Not specified	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-04
WordPress	1.5.1 and earlier	Stored XSS	Critical	View or Download	UNDERCODE	2025-03-04
CampCodes	1.0	Unrestricted File Upload	Critical	View or Download	UNDERCODE	2025-03-04
Adobe Commerce	2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11	Incorrect Authorization	Critical	View or Download	UNDERCODE	2025-03-04
Pinecone Simulator	Up to commit matrix-org/pinecone@ea4c337	Stored XSS	Moderate	View or Download	UNDERCODE	2025-03-04
ZITADEL	<2.71.0	IDOR	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Code-Signing Bypass	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Code-Signing Bypass	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Sequoia (< 15.3)	Sandbox Escape	Critical	View or Download	UNDERCODE	2025-03-04
GNU Binutils	Up to 2.43	Stack-based Buffer Overflow	Medium	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	File Parsing	Critical	View or Download	UNDERCODE	2025-03-04
Apache Struts	2.3.5 to 2.3.31, 2.5 to 2.5.10	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-03-04
Rack	<2.2.4	Log Injection	Medium	View or Download	UNDERCODE	2025-03-04
GLPI	<10.0.18	Reflected XSS	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	File Parsing	Critical	View or Download	UNDERCODE	2025-03-04
Apple visionOS, Safari, iOS, iPadOS, macOS, watchOS, tvOS	visionOS < 2.3, Safari < 18.3, iOS < 18.3, iPadOS < 18.3, macOS < 15.3, watchOS < 11.3, tvOS < 18.3	Denial-of-Service	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Information Leak	Critical	View or Download	UNDERCODE	2025-03-04
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Memory Corruption	Critical	View or Download	UNDERCODE	2025-03-04
Apple Devices	iPadOS 17.7.4, macOS Ventura 13.7.3, iOS 18.3	Out-of-Bounds Read	Critical	View or Download	UNDERCODE	2025-03-04
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Medium	View or Download	UNDERCODE	2025-03-03
tsup	v8.3.4	DOM Clobbering	Low	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
Picklescan	< 0.0.22	RCE Bypass	Moderate	View or Download	UNDERCODE	2025-03-03
Q-Free MaxTime	<= 2.11.0	Missing Authorization	Critical	View or Download	UNDERCODE	2025-03-03
WordPress	Up to 4.7.6	Stored XSS	Critical	View or Download	UNDERCODE	2025-03-03
CodeChecker	Up to 6.24.5	Open Redirect	Moderate	View or Download	UNDERCODE	2025-03-03
OPC UA .NET Standard Stack	< 1.5.374.158	Authentication Bypass	Moderate	View or Download	UNDERCODE	2025-03-03
MinIO	Prior to fix in commit 91e1487	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-03
OPC UA .NET Standard Stack	< 1.5.374.158	Authentication Bypass	Moderate	View or Download	UNDERCODE	2025-03-03
Ruby URI Gem	< 0.11.3, 0.12.0-0.12.3, 0.13.0-0.13.1, 1.0.0-1.0.2	Userinfo Leakage	High	View or Download	UNDERCODE	2025-03-03
SeaJS	2.2.3	Cross-site Scripting (XSS)	Low	View or Download	UNDERCODE	2025-03-03
Apache Ranger	< 2.6.0	Improper Neutralization	Low	View or Download	UNDERCODE	2025-03-03
Mavo	0.3.2	DOM Clobbering	Moderate	View or Download	UNDERCODE	2025-03-03
Ruby CGI Gem	<= 0.3.5, 0.3.6, 0.4.0, 0.4.1	Denial of Service (DoS)	High	View or Download	UNDERCODE	2025-03-03
Ruby CGI Gem	<= 0.3.5, 0.3.6, 0.4.0, 0.4.1	Denial of Service (DoS)	High	View or Download	UNDERCODE	2025-03-03
Stage.js	0.8.10 and earlier	DOM Clobbering leading to XSS	Moderate	View or Download	UNDERCODE	2025-03-03
ASCON Cryptographic Library	Pre-patch versions	Incorrect Tag Verification	Critical	View or Download	UNDERCODE	2025-03-03
Oxidized Web	< 0.15.0	Unauthenticated RCE	Critical	View or Download	UNDERCODE	2025-03-03
Apache StreamPipes	< 0.97.0	Improper Privilege Management	Moderate	View or Download	UNDERCODE	2025-03-03
Ruby CGI Gem	<= 0.3.5, 0.3.6, 0.4.0, 0.4.1	Denial of Service (DoS)	High	View or Download	UNDERCODE	2025-03-03
PyTorch	All versions	Arbitrary Code Execution	Critical	View or Download	UNDERCODE	2025-01-01
Python	All versions using pickle	Unsafe Deserialization	Critical	View or Download	UNDERCODE	2025-03-03
Manifest	All versions	Weak password hashing	Critical	View or Download	UNDERCODE	2025-03-03
WSO2	Multiple	Incorrect Authorization	Moderate	View or Download	UNDERCODE	2025-03-03
CampCodes	1.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2025-03-03
WordPress	<= 1.7.1006	CSRF	Critical	View or Download	UNDERCODE	2025-03-03
Code-Projects Chat System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-03-03
GNU Binutils	2.43/2.44	Memory Corruption	Critical	View or Download	UNDERCODE	2025-03-03
SourceCodester Contact Manager	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-03-03
GNU Binutils	2.43	Memory Corruption	Critical	View or Download	UNDERCODE	2025-03-03
SourceCodester Employee Management System	1.0	Default Credentials Exploit	Critical	View or Download	UNDERCODE	2025-03-03
CampCodes School Management Software	1.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2025-03-03
Flask-AppBuilder	<= 4.5.3	User Enumeration	Low	View or Download	UNDERCODE	2025-03-03
Adobe InDesign	ID20.0, ID19.5.1 and earlier	Integer Underflow	Critical	View or Download	UNDERCODE	2025-03-03
Adobe InCopy	20.0, 19.5.1, and earlier	Integer Underflow	Critical	View or Download	UNDERCODE	2025-03-03
Apache HTTP Server	2.4.49	Path Traversal	Critical	View or Download	UNDERCODE	2021-10-05
Adobe InDesign	ID20.0, ID19.5.1	Heap-based Buffer Overflow	Critical	View or Download	UNDERCODE	2025-03-03
Rancher	v2.8.0 - v2.10.2	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-03-03
Moodle	4.5.0-beta	IDOR		View or Download	UNDERCODE	2025-02-24
Button Block	1.1.5	Missing Authorization	Critical	View or Download	UNDERCODE	2025-02-25
Moodle	4.5.0-beta	Permission Bypass	Moderate	View or Download	UNDERCODE	2025-02-24
tarteaucitronjs	<1.17.0	XSS	Low	View or Download	UNDERCODE	2025-02-24
Mattermost	<10.4.2	Arbitrary File Read	Critical	View or Download	UNDERCODE	2025-02-24
WordPress	2.36	Information Exposure	Medium	View or Download	UNDERCODE	2025-02-24
Real Estate Property Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-24
WordPress	3.4.0	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-24
WordPress	8.3.0	Unauthorized Settings Change	Critical	View or Download	UNDERCODE	2025-02-24
Linux Kernel	Open vSwitch	Infinite Loop	Critical	View or Download	UNDERCODE	2025-02-21
Codezips Gym Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-20
WordPress	2.11.9	XSS	Critical	View or Download	UNDERCODE	2025-02-20
Progress® Telerik® Report Server	Prior to 11.0.25.211	Information Disclosure	Medium	View or Download	UNDERCODE	2025-02-20
XWiki	15.10.11	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-02-20
Namada-apps	1.1.0	Excessive Computation	Critical	View or Download	UNDERCODE	2025-02-20
Namada-apps	1.1.0	Integer overflow	Critical	View or Download	UNDERCODE	2025-02-20
Craft	4, 5	RCE	High	View or Download	UNDERCODE	2025-02-20
Sliver	1.5.42	SSRF	Critical	View or Download	UNDERCODE	2025-02-19
Sante PACS Server	-	Memory Corruption	Critical	View or Download	UNDERCODE	2025-02-19
Mintty	N/A	Heap-based Buffer Overflow	Critical	View or Download	UNDERCODE	2025-02-18
Logsign	Unified SecOps Platform	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-02-18
cie-aspnetcore	N/A	Authentication Bypass	Critical	View or Download	UNDERCODE	2025-02-18
spid-aspnetcore	N/A	SAML Authentication Bypass		View or Download	UNDERCODE	2025-02-18
cie-aspnetcore	N/A	Signature Validation	Critical	View or Download	UNDERCODE	2025-02-18
spid-aspnetcore	N/A	Signature Validation	Critical	View or Download	UNDERCODE	2025-02-18
SonicWall	SSLVPN	Improper Authentication	Critical	View or Download	UNDERCODE	2025-02-18
TP-Link TL-WR841ND V11	V11	Buffer Overflow	Critical	View or Download	UNDERCODE	2025-02-18
Node.js	N/A	ReDoS	Critical	View or Download	UNDERCODE	2025-02-14
npm	@octokit/plugin-paginate-rest	ReDoS		View or Download	UNDERCODE	2025-02-14
npm	@octokit/endpoint	ReDoS	Critical	View or Download	UNDERCODE	2025-02-14
@octokit/request-error	N/A	ReDoS	Critical	View or Download	UNDERCODE	2025-02-14
DOMPurify	<3.2.4	XSS	Moderate	View or Download	UNDERCODE	2025-02-14
Fyrox	0.28.1	Memory exposure	Low	View or Download	UNDERCODE	2025-02-14
GitHub	v2.67.0	Incorrect exit status	Critical	View or Download	UNDERCODE	2025-02-14
Label Studio	<1.16.0	Path Traversal	Critical	View or Download	UNDERCODE	2025-02-14
Label Studio	N/A	XSS	Critical	View or Download	UNDERCODE	2025-02-14
WeGIA	3.2.6	Stored XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	XSS		View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.10	Open Redirect	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection		View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.12	SQL Injection		View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.6	Stored XSS	Medium	View or Download	UNDERCODE	2025-02-13
WeGIA	3.2.7	XSS	Medium	View or Download	UNDERCODE	2025-02-13
Hypercube	Unpatched	Remote Code Execution		View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	N/A	Out-Of-Bounds Read	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	N/A	Heap-based Buffer Overflow	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	-	Out-Of-Bounds Read	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	-	Out-Of-Bounds Read	Critical	View or Download	UNDERCODE	2025-02-12
Trimble Cityworks	<15.8.9, <23.10	Deserialization	Critical	View or Download	UNDERCODE	2025-02-12
PDF-XChange Editor	N/A	Use-After-Free	Critical	View or Download	UNDERCODE	2025-02-12
npm	parse-duration	ReDoS	Critical	View or Download	UNDERCODE	2025-02-12
Elliptic	N/A	Private Key Extraction	Critical	View or Download	UNDERCODE	2025-02-12
Koa	2.15.4	ReDoS	Critical	View or Download	UNDERCODE	2025-02-12
Windows	Storage	Privilege Elevation	Critical	View or Download	UNDERCODE	2025-02-12
Magento	2.4.7-beta1	Improper Authorization	Critical	View or Download	UNDERCODE	2025-02-12
iOS	18.3.1	Authorization	Critical	View or Download	UNDERCODE	2025-02-12
Mitel SIP Phones	R6.4.0.HF1	Argument Injection	Critical	View or Download	UNDERCODE	2025-02-12
Samsung Android	12.0, 13.0, 14.0	Unspecified	Critical	View or Download	UNDERCODE	2025-02-12
GeoNetwork	4.4.0-4.4.5, <4.2.10	Information Disclosure	Moderate	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Remote Code Execution	High	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Remote Code Execution	Medium	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Remote Code Execution	Medium	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Spoofing	Medium	View or Download	UNDERCODE	2025-02-11
Microsoft Edge	Chromium-based	Spoofing	Medium	View or Download	UNDERCODE	2025-02-11
pgAgent	<4.2.3	Directory Traversal	Medium	View or Download	UNDERCODE	2025-02-11
WooCommerce	4.7.1	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-11
WooCommerce	3.8.7	Missing Authorization	Critical	View or Download	UNDERCODE	2025-02-11
WordPress	1.8.17.0	XSS	Critical	View or Download	UNDERCODE	2025-02-11
WP Mailster	1.8.15.0	XSS	Critical	View or Download	UNDERCODE	2025-02-11
WordPress	3.3.4	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-11
AshAuthentication	4.4.9	Token Reuse		View or Download	UNDERCODE	2025-02-11
Windows	unknown	Elevation of Privilege		View or Download	UNDERCODE	2025-02-11
Windows	Multiple	Privilege Escalation	High	View or Download	UNDERCODE	2025-02-11
Zyxel VMG4325-B10A	1.00(AAFR.4)C0_20170615	Command Injection		View or Download	UNDERCODE	2025-02-11
Apache CXF	<3.5.10, <3.6.5, <4.0.6	Denial of Service	Medium	View or Download	UNDERCODE	2025-02-11
Linux	Kernel	Race Condition	Critical	View or Download	UNDERCODE	2025-02-11
Linux Kernel	gpio-xilinx driver	Spinlock issue	Critical	View or Download	UNDERCODE	2025-02-11
Photoshop	25.12, 26.1	Uncontrolled Search Path	High	View or Download	UNDERCODE	2025-02-11
grcov	-	Out of Bounds Write	Moderate	View or Download	UNDERCODE	2025-02-10
Netty	N/A	Denial of Service		View or Download	UNDERCODE	2025-02-10
Hickory DNS	N/A	DNSSEC Validation		View or Download	UNDERCODE	2025-02-10
Net-IMAP	<0.4.19, <0.5.6	Memory Exhaustion	Critical	View or Download	UNDERCODE	2025-02-10
esbuild	-	CORS Misconfiguration	Critical	View or Download	UNDERCODE	2025-02-10
SourceCodester	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-02-10
SourceCodester	1.0	Improper Access Controls	Critical	View or Download	UNDERCODE	2025-02-10
SourceCodester	1.0	XSS	Medium	View or Download	UNDERCODE	2025-02-10
Dell Networking Switches	Enterprise SONiC OS	Information Exposure	High	View or Download	UNDERCODE	2025-02-07
Dell PowerProtect DD	DDOS 8.3.0.0	Cryptographic	Critical	View or Download	UNDERCODE	2025-02-07
xml2rfc	<= 3.26.0	XXE Injection		View or Download	UNDERCODE	2025-02-07
Windows	Secure Kernel Mode	Elevation of Privilege	High	View or Download	UNDERCODE	2025-02-07
Microsoft Edge	Chromium-based	UI Misrepresentation	Medium	View or Download	UNDERCODE	2025-02-07
@rpldy/uploader	1.8.1	Prototype Pollution	High	View or Download	UNDERCODE	2025-02-06
Firefox	< 135	Memory Corruption	Critical	View or Download	UNDERCODE	2025-02-06
Thunderbird	< 128.7	Code Execution	Medium	View or Download	UNDERCODE	2025-02-06
Firefox	< 135	Memory Corruption	Critical	View or Download	UNDERCODE	2025-02-06
Firefox	<135	Certificate Validation	Critical	View or Download	UNDERCODE	2025-02-06
Firefox	<135	Use-After-Free	Critical	View or Download	UNDERCODE	2025-02-06
Firefox	< 135, < 115.20, < 128.7	Use-After-Free	Critical	View or Download	UNDERCODE	2025-02-06
Thunderbird	< 128.7, < 135	Incorrect sender address	Medium	View or Download	UNDERCODE	2025-02-06
WhoDB	N/A	Parameter Injection		View or Download	UNDERCODE	2025-02-06
WhoDB	N/A	Path Traversal	Critical	View or Download	UNDERCODE	2025-02-06
MDC (Nuxt-Modules)	Latest	XSS	Critical	View or Download	UNDERCODE	2025-02-06
rtmpdump	abandoned	multiple	critical	View or Download	UNDERCODE	2025-02-06
7-Zip	N/A	MotW Bypass		View or Download	UNDERCODE	2025-02-06
Microsoft Outlook	Multiple	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-02-06
Plenti	V8GO (V8 11.1.278)	Remote Code Execution	Critical	View or Download	UNDERCODE	2023-01-25
MobSF	< 4.3.1	DoS		View or Download	UNDERCODE	2025-02-05
Contrast	v1.4.1	Seed verification	Critical	View or Download	UNDERCODE	2025-02-05
.NET and Visual Studio	N/A	Remote Code Execution	High	View or Download	UNDERCODE	2025-02-05
MobSF	< 4.3.1	Stored XSS		View or Download	UNDERCODE	2025-02-05
Microsoft Power Automate	-	Remote Code Execution	High	View or Download	UNDERCODE	2025-02-05
CKAN	2.10.7, 2.11.2	Arbitrary File Upload		View or Download	UNDERCODE	2025-02-05
GeoTools	31.1, 30.3, 30.2, 29.2, 28.2, 27.5, 27.4, 26.7, 26.4, 25.2, 24.0	RCE		View or Download	UNDERCODE	2025-02-05
Marblerun	v1.7.0	Impersonation		View or Download	UNDERCODE	2025-02-04
WordPress	2.0.4	Stored XSS	Critical	View or Download	UNDERCODE	2025-02-04
wasmvm	1.5.8, 2.0.6, 2.1.5, 2.2.2	Block production slowdown		View or Download	UNDERCODE	2025-02-04
PRTG Network Monitor	<18.2.40.1683	Local File Inclusion	Critical	View or Download	UNDERCODE	2025-02-04
Linux	Kernel	Null-ptr-deref	Critical	View or Download	UNDERCODE	2025-02-03
Linux Kernel	32-bit	Truncation Error	Critical	View or Download	UNDERCODE	2025-02-03
SecMem	-	Out of Bounds Write	Critical	View or Download	UNDERCODE	2025-02-03
Modem	-	Out-of-bounds write	Critical	View or Download	UNDERCODE	2025-02-03
WLAN AP Driver	N/A	Out-of-Bounds Write	Critical	View or Download	UNDERCODE	2025-02-03
Network Hardware	-	Denial of Service	Critical	View or Download	UNDERCODE	2025-02-03
TShock	Latest	Ban Bypass	Critical	View or Download	UNDERCODE	2025-02-03
CometBFT	v0.38.16, v1.0.0	Blocksync Disruption	Medium	View or Download	UNDERCODE	2025-02-03
WordPress	3.0.1	SQL Injection	Critical	View or Download	UNDERCODE	2025-01-31
WordPress	2.7.2.1	Stored XSS	Critical	View or Download	UNDERCODE	2025-01-31
Wildfly	27.0.1.Final	RBAC bypass		View or Download	UNDERCODE	2025-01-31
iPadOS	17.7.4, 2.3, 18.3, Sequoia 15.3, 11.3	Fingerprinting		View or Download	UNDERCODE	2025-01-31
JetBrains YouTrack	<2024.3.55417	Token Exposure	Critical	View or Download	UNDERCODE	2025-01-30
JetBrains TeamCity	<2024.12.1	Unauthorized decryption	Critical	View or Download	UNDERCODE	2025-01-30
macOS, iOS, iPadOS	15.3, 18.3	Privacy	Medium	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3, Sonoma 14.7.3	File Parsing	Critical	View or Download	UNDERCODE	2025-01-30
iOS	18.3	Symlink Handling	Critical	View or Download	UNDERCODE	2025-01-30
Apple	macOS Sequoia 15.3, tvOS 18.3, watchOS 11.3, iOS 18.3, iPadOS 18.3	Privilege Escalation	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Ventura 13.7.3, Sequoia 15.3, Sonoma 14.7.3	Race condition	Critical	View or Download	UNDERCODE	2025-01-30
Apple	Multiple	Memory Handling	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3	Data access	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3	Buffer Overflow	Critical	View or Download	UNDERCODE	2025-01-30
macOS	Sequoia 15.3	Memory Corruption	Critical	View or Download	UNDERCODE	2025-01-30
WordPress	3.7.8	DOM-Based XSS	Critical	View or Download	UNDERCODE	2025-01-30
DevDojo Voyager	1.8.0	Path Traversal	High	View or Download	UNDERCODE	2025-01-30
Kubewarden	1.21.0	PolicyReport Manipulation		View or Download	UNDERCODE	2025-01-30
fast-fault	Unpatched	Segmentation Fault	Moderate	View or Download	UNDERCODE	2025-01-30
Apache Hive	<4.0.0	Timing Discrepancy	Moderate	View or Download	UNDERCODE	2025-01-28
Microsoft	Secure Boot	Bypass	Medium	View or Download	UNDERCODE	2025-01-27
Windows	COM Server	Information Disclosure	Medium	View or Download	UNDERCODE	2025-01-27
Active Directory	Federation Server	Spoofing	Medium	View or Download	UNDERCODE	2025-01-27
Windows	Connected Devices Platform Service	Denial of Service	High	View or Download	UNDERCODE	2025-01-27
Microsoft	Secure Boot	Bypass	Medium	View or Download	UNDERCODE	2025-01-27
Microsoft	Secure Boot	Bypass	Medium	View or Download	UNDERCODE	2025-01-27
Visual Studio	N/A	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-27
Apache Cocoon	All versions	Incorrect PRNG Seed Usage	Low	View or Download	UNDERCODE	2025-01-27
Windows	Telephony Service	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-24
Windows	Telephony Service	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-24
WordPress	1.8.96	PHP Object Injection	Critical	View or Download	UNDERCODE	2025-01-24
Maven	N/A	Credential Leak	Critical	View or Download	UNDERCODE	2025-01-24
HL7/fhir-ig-publisher	1.7.4	XXE	High	View or Download	UNDERCODE	2025-01-24
Directus	Not specified	XSS	Critical	View or Download	UNDERCODE	2025-01-23
asteval	N/A	Code Execution		View or Download	UNDERCODE	2025-01-23
Silverpeas Core		XSS		View or Download	UNDERCODE	2025-01-23
Jenkins	<=1.6	Missing checks	Moderate	View or Download	UNDERCODE	2025-01-22
Jenkins	2.8.0-2.10.2	Cache Confusion	Moderate	View or Download	UNDERCODE	2025-01-22
Keycloak	<= 26.1.0	Authentication Bypass	Moderate	View or Download	UNDERCODE	2025-01-22
Cilium	v1.14-v1.16	DoS	Critical	View or Download	UNDERCODE	2025-01-22
Windows	Digital Media	Elevation of Privilege	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
Microsoft	-	Security Feature Bypass	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Digital Media	Elevation of Privilege	Medium	View or Download	UNDERCODE	2025-01-22
Microsoft	-	Security Feature Bypass	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
Internet Explorer	N/A	Remote Code Execution	High	View or Download	UNDERCODE	2025-01-22
Windows	Kernel	Memory Disclosure	Medium	View or Download	UNDERCODE	2025-01-22
gix-worktree-state	Affected versions	Permission bypass	Critical	View or Download	UNDERCODE	2025-01-22
MathLive	N/A	XSS	Critical	View or Download	UNDERCODE	2025-01-22
CodeChecker	v6.58	CSRF		View or Download	UNDERCODE	2025-01-22
YesWiki	<= 4.4.5	DOM-Based XSS	Critical	View or Download	UNDERCODE	2025-01-22
YesWiki	<= 4.4.5	Arbitrary File Deletion	Critical	View or Download	UNDERCODE	2025-01-22
YesWiki	4.4.5	Stored XSS	Critical	View or Download	UNDERCODE	2025-01-22
DuckDB	Pre-fix	Unauthorized Access		View or Download	UNDERCODE	2025-01-22
Buildah	1.38.0-1.38.1	Build breakout	High	View or Download	UNDERCODE	2025-01-20
Node.js	4.5.0-5.28.5	Randomness	Moderate	View or Download	UNDERCODE	2025-01-22
compose-go	v2.10-v2.4.0	Resource Consumption		View or Download	UNDERCODE	2025-01-22
Fedify	N/A	Webfinger Mechanism	Critical	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Out-of-bounds write	High	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Heap-based Buffer Overflow	High	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Out-of-bounds write	High	View or Download	UNDERCODE	2025-01-21
Substance3D Designer	14.0	Heap-based Buffer Overflow	High	View or Download	UNDERCODE	2025-01-21
Zot	-	Authorization		View or Download	UNDERCODE	2025-01-17
AWS CDK	v2.177.0	Bypass TLS Verification		View or Download	UNDERCODE	2025-02-22
Microsoft AutoUpdate	N/A	Elevation of Privilege	High	View or Download	UNDERCODE	2025-01-17
Substance3D Stager	3.0.4	Heap-based Buffer Overflow	High	View or Download	UNDERCODE	2025-01-17
Substance3D Stager	3.0.4	Out-of-bounds write		View or Download	UNDERCODE	2025-01-17
Substance3D Stager	3.0.4	Out-of-bounds write		View or Download	UNDERCODE	2025-01-17
Windows	VBS Enclave	Privilege Escalation	Critical	View or Download	UNDERCODE	2025-01-17
WordPress	2.10.43	Stored XSS	Critical	View or Download	UNDERCODE	2025-01-16
Google Chrome	<132.0.6834.83	Out of bounds read	High	View or Download	UNDERCODE	2025-01-16
matrix-media-repo	<1.3.5	Unauthenticated writes	Moderate	View or Download	UNDERCODE	2025-01-16
HAL Console	< 3.7.7.Final	XSS	Moderate	View or Download	UNDERCODE	2025-01-16
Windows Hyper-V	NT Kernel Integration VSP	Elevation of Privilege	High	View or Download	UNDERCODE	2025-01-15
SP1	v4.0.0	Validation Missing	Critical	View or Download	UNDERCODE	2025-01-15
Zoom	N/A	Leaked Meeting Links	Medium	View or Download	UNDERCODE	2025-01-15
Lodestar	Unstable	Decoding Failure	Critical	View or Download	UNDERCODE	2025-01-14
Lodestar	Unstable	Checksum Verification	Critical	View or Download	UNDERCODE	2025-01-14
.NET	8.0, 9.0	Remote Code Execution		View or Download	UNDERCODE	2025-01-14
Windows Hyper-V	unknown	Elevation of Privilege	High	View or Download	UNDERCODE	2025-01-14
Ivanti	9.1-22.7	Unauthorized Access	Critical	View or Download	UNDERCODE	2025-01-14
Swift ASN.1	GitHub Reviewed	Parsing Crash	Low	View or Download	UNDERCODE	2025-01-14
Vyper	0.3.10, 0.4.0	Precompile Success Flag	Medium	View or Download	UNDERCODE	2025-01-14
XWiki	15.10.9+, 16.2.0+	Script Execution	Critical	View or Download	UNDERCODE	2025-01-14
TYPO3	11.5.42 ELTS	CSRF		View or Download	UNDERCODE	2025-01-14
Jte	<= 3.1.15	XSS	Critical	View or Download	UNDERCODE	2025-01-13
Jte	<= 3.1.15	XSS		View or Download	UNDERCODE	2025-01-13
Keycloak	< 26.0.8	Environment Variable Exposure	Moderate	View or Download	UNDERCODE	2025-01-13
notation-go	N/A	CRL Cache Handling		View or Download	UNDERCODE	2025-01-13
Microweber	2.0.9	XSS	Moderate	View or Download	UNDERCODE	2025-01-13
Privileged Remote Access	3.1	Command Injection		View or Download	UNDERCODE	2025-01-13
Qlik Sense Enterprise	Pre-August 2023 Patch 2	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-01-13
Code-projects	1.0	SQL Injection		View or Download	UNDERCODE	2025-01-10
Travel Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2025-01-10
Vaultwarden	v1.32.5	Reflected XSS	Low	View or Download	UNDERCODE	2025-01-09
GitHub	v0.5.0-v0.5.21	JWK Set Cache	Critical	View or Download	UNDERCODE	2025-01-09
Ivanti	22.7R2.5	Buffer Overflow	Critical	View or Download	UNDERCODE	2025-01-08
Mitel MiCollab	9.8 SP2	Local File Read		View or Download	UNDERCODE	2025-01-07
Oracle WebLogic Server	10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0	Remote Code Execution	Critical	View or Download	UNDERCODE	2025-01-07
Deno	Latest	Authorization header leak	Critical	View or Download	UNDERCODE	2025-01-06
NiceGUI	-	Authentication Bypass	High	View or Download	UNDERCODE	2025-01-06
go-git	<v5.13	DoS	High	View or Download	UNDERCODE	2025-01-06
go-git	v4 to v5.12	Argument Injection	Low	View or Download	UNDERCODE	2025-01-06
Phpspreadsheet	3.6.0	XSS	Medium	View or Download	UNDERCODE	2025-01-03
Phpspreadsheet	3.6.0	XSS		View or Download	UNDERCODE	2025-01-03
Phpspreadsheet	3.6.0	XSS	Critical	View or Download	UNDERCODE	2024-12-19
Trix editor	versions prior to 2.1.11	XSS	Critical	View or Download	UNDERCODE	2025-01-03
phpMyFAQ		HTML Injection	Critical	View or Download	UNDERCODE	2025-01-02
Narayana				View or Download	UNDERCODE	2025-01-02
Google Chrome	iOS prior to 131.0.6778.69	Insufficient policy enforcement in Navigation		View or Download	UNDERCODE	2024-11-12
Google Chrome	prior to 131.0.6778.69		Medium	View or Download	UNDERCODE	2025-01-02
Letta (formerly MemGPT)	v0.3.17	Incorrect Access Control	High	View or Download	UNDERCODE	2025-01-02
Chrome	Prior to 129.0.6668.100	DetailDescriptionType Confusion	High	View or Download	UNDERCODE	2024-10-08
	Versions before 129.0.6668.100	DetailDescriptionType Confusion		View or Download	UNDERCODE	2024-10-08
Google Chrome	N/A	Insufficient data validation	Medium	View or Download	UNDERCODE	2025-01-02
Google Chrome	Before 126.0.6478.54	Inappropriate implementation in V8	Low	View or Download	UNDERCODE	2025-01-02
GLPI	10.0.8 to before 10.0.13 (when debug mode is enabled)	Reflected XSS (Cross-Site Scripting)	Medium (CVSS score: 5.3)	View or Download	UNDERCODE	2025-01-02
GLPI	All versions before 10.0.13	SQL Injection	Critical	View or Download	UNDERCODE	2025-01-02
GLPI	Before 10.0.13	Arbitrary Object Instantiation	Medium	View or Download	UNDERCODE	2024-03-18
Google Chrome	iOS versions prior to 130.0.6723.58	Use after free		View or Download	UNDERCODE	2025-01-02
Google Chrome	Prior to 130.0.6723.58	Use after free	Medium	View or Download	UNDERCODE	2025-01-02
		Type Confusion (CVE-2024-9859)	High	View or Download	UNDERCODE	2025-01-02
Linux Kernel	All	Improper Handling of Unknown Packet Types	Low (Note: Severity ratings are subjective and may vary depending on the source)	View or Download	UNDERCODE	2024-05-19
SourceCodester FAQ Management System	1.0	Cross-site scripting (XSS)		View or Download	UNDERCODE	2024-12-31
EmbedPress – Embed PDF, YouTube, Google Docs, Vimeo, Wistia Videos, Audios, Maps & Any Documents in Gutenberg & Elementor plugin for WordPress	up to, and including, 3.9.8	Stored Cross-Site Scripting (XSS)		View or Download	UNDERCODE	2024-12-31
DetailDescriptionRecipes	1.5.10	SSRF	Not mentioned	View or Download	UNDERCODE	2024-12-31
Wordpress plugin	up to 3.9.8	Stored Cross-Site Scripting (XSS)		View or Download	UNDERCODE	2024-12-31
		Improper Error Handling		View or Download	UNDERCODE	2024-12-31
WordPress	Up to 4.4.2	SQL Injection	N/A	View or Download	UNDERCODE	2024-02-13
			Medium (CVSS Score: 4.3)	View or Download	UNDERCODE	2024-12-31
WordPress RSS Aggregator by Feedzy Plugin	Up to 4.4.2	Unauthorized modification of data	Critical	View or Download	UNDERCODE	2024-12-31
Apache Superset	N/A	Improper validation of SQL statements	Medium	View or Download	UNDERCODE	2024-02-28
Kirby CMS	Not applicable	Arbitrary JavaScript Code Execution	Medium	View or Download	UNDERCODE	2024-12-31
TemmokuMVC	Up to 2.3	Deserialization	Critical	View or Download	UNDERCODE	2024-12-31
Focus for iOS	< 12.3	Universal Cross-Site Scripting (UXSS)		View or Download	UNDERCODE	2024-02-22
Suite CRM	7.14.2	Local File Inclusion (LFI)		View or Download	UNDERCODE	2024-12-31
Linux Kernel		NULL Pointer Dereference	Medium	View or Download	UNDERCODE	2024-12-30
Linux Kernel	All	Memory Leak	Medium	View or Download	UNDERCODE	2024-12-30
Linux kernel	6.9.0-rc2-custom-00781-gd5ab772d32f7	Use-after-free		View or Download	UNDERCODE	2024-12-30
Linux kernel		Double free		View or Download	UNDERCODE	2024-12-30
Linux Kernel		Null Pointer Dereference	Low	View or Download	UNDERCODE	2024-12-30
Linux Kernel	All versions before the fix	Use-after-Free (UAF) in cifs_stats_proc_write()	High (CVSS score not available)	View or Download	UNDERCODE	2024-12-30
Linux kernel	All versions before the fix	Null pointer dereference	Medium (尚未評估)	View or Download	UNDERCODE	2024-12-30
Linux kernel		Double free		View or Download	UNDERCODE	2024-12-30
Linux Kernel	Not specified	mptcp: prevent BPF accessing lowat from a subflow socket (CVE-2024-35894)	Medium	View or Download	UNDERCODE	2024-12-30
Linux Kernel		Use-After-Free (UAF)	Critical	View or Download	UNDERCODE	2024-12-30
Linux Kernel	All	NULL-pointer dereference	Low	View or Download	UNDERCODE	2024-05-17
		netfilter: validate user input for expected length		View or Download	UNDERCODE	2024-12-30
Rust	Not Specified	Use of Insecure Cryptographic Algorithms	Low	View or Download	UNDERCODE	2024-12-30
LGSL	6.2.1	Reflected XSS	Moderate	View or Download	UNDERCODE	2024-12-30
Password Pusher	All versions	Session Hijacking	Critical	View or Download	UNDERCODE	2024-12-30
Stripe	Not mentioned	Insecure Direct Object Reference (IDOR)	High	View or Download	UNDERCODE	2024-12-30
Linux Kernel		Use After Free (UAF)		View or Download	UNDERCODE	2024-12-30
Linux Kernel		Use-After-Free (UAF)	Low (CVSS: 3.1)	View or Download	UNDERCODE	2024-12-30
Adobe ColdFusion	2023.6, 2021.12 and earlier	Improper Access Control	Critical (CVSS score: 7.5)	View or Download	UNDERCODE	2024-12-30
			Critical (CVSS score: 9.8)	View or Download	UNDERCODE	2024-12-30
Apple Safari, iOS, iPadOS, macOS, and visionOS		Code Execution	Critical (CVSS score: 8.8)	View or Download	UNDERCODE	2024-12-30
Oracle Agile PLM Framework	9.3.6	Unauthenticated Remote File Disclosure	High (CVSS: 7.5)	View or Download	UNDERCODE	2024-12-30
TCPDF	< 6.8.0	Incorrect Comparison	Moderate	View or Download	UNDERCODE	2024-12-27
GStreamer	N/A	Stack-based buffer overflow	Critical	View or Download	UNDERCODE	2024-12-27
TCPDF	< 6.8.0	Missing Certificate Validation		View or Download	UNDERCODE	2024-12-27
SONiC		Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Windows	N/A	Elevation of Privilege	HIGH	View or Download	UNDERCODE	2024-12-27
			Unknown	View or Download	UNDERCODE	2024-12-27
Visual Studio Code		Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Windows	Not Mentioned	Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Quincy		DHCP design flaw (CVE-2024-3661)	Moderate	View or Download	UNDERCODE	2024-12-27
python-sql	(Not specified)	SQL Injection	Moderate	View or Download	UNDERCODE	2024-12-27
Windows Kernel	Not specified	Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
Windows Kernel	Not mentioned	Information Disclosure	MEDIUM	View or Download	UNDERCODE	2024-12-27
Skype for Consumer	Not specified	Remote Code Execution		View or Download	UNDERCODE	2024-12-27
Microsoft QUIC	Not Mentioned	Denial of Service		View or Download	UNDERCODE	2024-12-27
Windows 11	-	Tampering	Medium (CVSS score: 6.5)	View or Download	UNDERCODE	2024-12-27
Windows Kernel	(not mentioned in the article)	Elevation of Privilege		View or Download	UNDERCODE	2024-12-27
lgsl	(Specific version if available)	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-12-26
	2.1.4	SQL injection		View or Download	UNDERCODE	2024-12-26
Amazon Redshift JDBC Driver	2.1.0.31	SQL injection		View or Download	UNDERCODE	2024-12-26
Apache HugeGraph-Server	1.0.0 to 1.4.9	Authentication Bypass	Moderate	View or Download	UNDERCODE	2024-12-26
Marp Core	>= 3.0.2, <= 3.9.0, = 4.0.0	Cross-Site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-26
Apache Hive, Spark	1.2.0 (Hive), 2.0.0 (Spark)	CookieSigner Signature Exposure	High	View or Download	UNDERCODE	2024-12-23
	All versions before 0.13.1 or 0.14.0+dev	Unintended Git options ignored for creating tags		View or Download	UNDERCODE	2024-12-23
WildFly	< 3.7.7.Final	Cross-site scripting (XSS)		View or Download	UNDERCODE	2024-12-23
Solana SPL Token Swap	Not specified	Unsound `u8` type casting	Moderate	View or Download	UNDERCODE	2024-12-23
KVM	0.1.0 - 0.19.0	Undefined Behavior	Moderate	View or Download	UNDERCODE	2024-12-23
PHP	>= 1.0.12, < 1.1.13	Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-23
Jinja	(Not specified in the provided article)	Sandbox Breakout	Moderate	View or Download	UNDERCODE	2024-12-23
		Symlink Editing Vulnerability		View or Download	UNDERCODE	2024-12-23
Gogs	< 0.13.1	Arbitrary File Write	Critical	View or Download	UNDERCODE	2024-12-23
Acclaim USAHERDS	7.4.0.1 and below	Hardcoded Credentials	Critical	View or Download	UNDERCODE	2024-12-23
Piranha CMS	11.1	Cross-site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-12-20
Piranha CMS	11.1	Stored Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-20
Oqtane Framework	6.0.0	Incorrect Access Control	High	View or Download	UNDERCODE	2024-12-20
Uptime Kuma	(unknown)	Improper URL Handling (LFI)	Critical	View or Download	UNDERCODE	2024-12-20
SocialStream	Affected versions prior to v6.2	Account Takeover	High	View or Download	UNDERCODE	2024-12-20
Spring Framework	Affected versions are not yet specified.	Path Traversal	High	View or Download	UNDERCODE	2024-12-19
QOS.CH logback-core	Up to and including 1.5.12	Expression Language Injection	Moderate	View or Download	UNDERCODE	2024-12-19
QOS.ch logback-core	1.5.12 (and earlier)	Server-Side Request Forgery (SSRF)	Low	View or Download	UNDERCODE	2024-12-19
OpenShift Dedicated	All versions before 0.0.0-20240604173837-d1557bc283dd (patched)	Improper Input Validation (Snyk-GOLANG-GITHUBCOMOPENSHIFTMUSTGATHEROPERATORCONTROLLERSMUSTGATHER-7278175)	High	View or Download	UNDERCODE	2024-12-19
WhoDB	All versions up to v0.43.0	Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2024-12-19
Astro		Source Map Disclosure	Low	View or Download	UNDERCODE	2024-12-19
openCart	4.0.2.3	Server-Side Template Injection (SSTI)	Moderate	View or Download	UNDERCODE	2024-12-18
golang.org/x/net/html	Unaffected versions not yet disclosed	Non-linear parsing of case-insensitive content	Critical	View or Download	UNDERCODE	2024-12-18
Craft CMS	< 5.5.2 and < 4.13.2	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-18
Apache Kafka	0.10.2.0 - 3.9.0 (excluding fixed versions)	Incorrect Implementation of Authentication Algorithm	Low (Exploitable only in plaintext scenarios)	View or Download	UNDERCODE	2024-12-18
TShock	Affected versions prior to 5.2.1	Security Escalation	High	View or Download	UNDERCODE	2024-12-18
Age	Affected versions	Arbitrary Code Execution	Moderate	View or Download	UNDERCODE	2024-12-18
Rage	0.6.0, 0.7.0-0.7.1, 0.8.0-0.8.1, 0.9.0-0.9.2, 0.10.0, 0.11.0	Arbitrary Code Execution	Moderate	View or Download	UNDERCODE	2024-12-18
Bun	< 1.1.30	Prototype Pollution	Moderate	View or Download	UNDERCODE	2024-12-18
Laravel Filemanager	< 2.9.1	Remote Code Execution (RCE)	High	View or Download	UNDERCODE	2024-12-18
hd-wallet crate	v0.4.x (vulnerable), v0.6.0 (patched)	Infinite loop in Slip10-like derivation for curves other than secp256k1 and secp256r1	Low	View or Download	UNDERCODE	2024-12-18
Spatie Browsershot	< 5.0.2	Directory Traversal	High	View or Download	UNDERCODE	2024-12-18
jsii		Prototype Pollution		View or Download	UNDERCODE	2024-12-18
		Cleartext Transmission of Sensitive Information	Moderate	View or Download	UNDERCODE	2024-12-18
Reolink devices (RLC-410W, C1 Pro, C2 Pro, RLC-422W, RLC-511W)	Up to 1.0.227	Command Injection	Critical	View or Download	UNDERCODE	2024-12-18
Reolink RLC-410W	v3.0.0.136_20121102	Command Injection	CRITICAL	View or Download	UNDERCODE	2021-12-22
NUUO NVRmini2	Up to 3.11	Unauthenticated Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-18
Astro	Not specified (versions before 6031962ab5f56457de986eb82bd24807e926ba1b)	CSRF Protection Bypass	Low	View or Download	UNDERCODE	2024-12-18
Apache Tomcat	11.0.0-M1 through 11.0.1, 10.1.0-M1 through 10.1.33, 9.0.0.M1 through 9.0.97	Uncontrolled Resource Consumption	Moderate	View or Download	UNDERCODE	2024-12-17
Traefik	Affected versions are not explicitly specified.	Improper handling of HTTP/3 connections	Moderate	View or Download	UNDERCODE	2024-12-17
Cleo Harmony, VLTrader, LexiCom	Before 5.8.0.24	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2023-11-14
Next.js	All versions before 14.2.15 (vulnerable)	Authorization Bypass	High	View or Download	UNDERCODE	2024-12-17
TOTOLINK X5000R	V.9.1.0u.6369_B20230113	Denial of Service (DoS)	Critical (CVSS 3.x not available)	View or Download	UNDERCODE	2024-12-16
TOTOLINK X6000R	V9.4.0cu.1041_B20240224	Unrestricted File Upload (Uci_Set Str function without strict parameter filtering)		View or Download	UNDERCODE	2024-12-16
TOTOLink Router	X5000R V9.1.0u.6118-B20201102, A7000R V9.1.0u.6115-B20201022	Buffer Overflow	Critical	View or Download	UNDERCODE	2024-12-16
Totolink X6000R	9.4.0cu.852_20230719	OS Command Injection (CVE-2024-2353)	Critical	View or Download	UNDERCODE	2024-12-16
NetApp SnapCenter	4.8 and earlier	Improper Authorization (CVE-2024-21987)	Not yet analyzed (awaiting analysis)	View or Download	UNDERCODE	2024-12-16
Oracle Java SE, GraalVM Enterprise Edition	8u411, 8u411-perf, 11.0.23 (Java SE), 20.3.14, 21.3.10 (GraalVM)	Partial DoS	Low (CVSS score: 3.7)	View or Download	UNDERCODE	2024-12-16
OpenHarmony	Up to v3.2.4 (inclusive)	Insecure Storage of Sensitive Information	Medium (CVSS v3.1 score: 4.3)	View or Download	UNDERCODE	2024-12-16
Android	Android 12.0, 12.1, 13.0, 14.0 (potentially others)	Privilege Escalation (Carrier Restriction Bypass)	Critical (CVSS score not provided)	View or Download	UNDERCODE	2024-12-16
Android	12.0, 12.1, 13.0, 14.0 (potentially other versions as well)	Heap Buffer Overflow (CVE-2024-0051)	Critical	View or Download	UNDERCODE	2024-12-16
Android	12, 12L, 13, 14	Heap Buffer Overflow (CVE-2024-0049)	High	View or Download	UNDERCODE	2024-12-16
Android	12, 12L, 13, 14	Privilege Escalation (CVE-2024-0048)	High	View or Download	UNDERCODE	2024-12-16
Apache HugeGraph-Server	1.0.0 to 1.2.1 (Java 8 or Java 11)	Remote Code Execution (RCE)		View or Download	UNDERCODE	2024-12-16
Concrete CMS	Prior to 9.2.8 and 8.5.16	Stored XSS in the Search Field	Low (CVSS v3 score: 3.1)	View or Download	UNDERCODE	2024-12-16
Concrete CMS	9.0.0 - 9.3.2 (Versions below 9 are not affected)	Stored XSS	Medium (CVSS v3 score: 3.1, CVSS v4 score: 1.8)	View or Download	UNDERCODE	2024-12-16
Concrete CMS	Below 9.2.8 and 8.5.16	Stored XSS	Medium (CVSS v3.1 score: 3.1)	View or Download	UNDERCODE	2024-12-16
Mattermost	10.1.x <= 10.1.2, 10.0.x <= 10.0.2, 9.11.x <= 9.11.4, 9.5.x <= 9.5.12	Data Amplification (DoS)	Moderate	View or Download	UNDERCODE	2024-12-16
Cosmos SDK	Not Applicable (multiple versions affected)	Stack Overflow (ASA-2024-0012), Resource Exhaustion (ASA-2024-0013)	High	View or Download	UNDERCODE	2024-12-16
ColdFusion	2023.6, 2021.12 and earlier	Improper Access Control	HIGH (CVSS: 7.4)	View or Download	UNDERCODE	2024-12-16
Windows	All versions (affected versions not specified)	Elevation of Privilege in Kernel-Mode Drivers	Critical (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-16
D-Tale	< 3.16.1	Remote Code Execution	Moderate	View or Download	UNDERCODE	2024-12-13
FHIR/Ucum-java	1.0.8 and below	XXE	Critical	View or Download	UNDERCODE	2024-12-13
Browsershot	< 5.0.1	Local File Inclusion	High	View or Download	UNDERCODE	2024-12-13
phpMyFAQ	All versions before 3.2.10	Unrestricted File Download	Critical	View or Download	UNDERCODE	2024-12-13
Cleo Harmony, VLTrader, LexiCom	Before 5.8.0.21	Unrestricted File Upload/Download	Critical	View or Download	UNDERCODE	2024-12-13
Adobe Framemaker	2020.7, 2022.5 and earlier	Stack-based Buffer Overflow (CVE-2024-53959)	Critical (CVSS: 7.8)	View or Download	UNDERCODE	2024-12-13
Adobe Substance 3D Modeler	1.14.1 and earlier	Out-of-Bounds Write (CWE-787)	Critical (CVSS 3.1 base score: 7.8)	View or Download	UNDERCODE	2024-12-12
F5 BIG-IP (Advanced WAF/ASM)	All versions before 17.1.1 (17.x) are vulnerable. No fix available for 15.x and 16.x versions.	Request Body Handling vulnerability (CVE-2024-23308)	High (CVSS score: 7.5)	View or Download	UNDERCODE	2024-12-12
Cache Systems	N/A	MD5 Collision Vulnerability	Critical	View or Download	UNDERCODE	2024-12-12
python-libarchive	Up to 4.2.1	Directory Traversal	High	View or Download	UNDERCODE	2024-12-12
XWiki	All versions between 2.3 and 15.10.8 (excluding 15.10.9) and between 16.0.0-rc-1 and 16.2.9 (excluding 16.3.0)	Remote Code Execution (RCE) via XWiki.ConfigurableClass object	Critical	View or Download	UNDERCODE	2024-12-12
XWiki	All versions between 9.7-rc-1 and 16.5.0 (excluding patched versions)	Remote Code Execution (RCE) through Macro Descriptions (CVE-ID not yet assigned)	Critical	View or Download	UNDERCODE	2024-12-12
XWiki	XWiki versions 1.2-milestone-2 to 15.10.8 and 16.0.0-rc-1 to 16.2.9 are affected.	Unauthorized execution of scheduled operations	Moderate	View or Download	UNDERCODE	2024-12-12
Apache Superset	Before 4.1.0	SQL Injection	High	View or Download	UNDERCODE	2024-12-12
ryanbekhen/nanoproxy	Not specified	Outdated golang.org/x/crypto dependency	High	View or Download	UNDERCODE	2024-12-12
		Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0	SQL Injection (CVE-2024-12487)	Critical	View or Download	UNDERCODE	2024-12-12
Apache Fineract	< 1.8.5	SQL Injection	CRITICAL	View or Download	UNDERCODE	2024-12-12
Tenda AC10U Router	15.03.06.48	Stack-Based Buffer Overflow (CVE-2024-2764)	Critical	View or Download	UNDERCODE	2024-12-12
Codezips Technical Discussion Forum	1.0	SQL Injection (CVE-2024-12484)	Critical	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0 (specifically vulnerable)	SQL Injection (CWE-74, CWE-89)	Critical (CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)	View or Download	UNDERCODE	2024-12-12
macOS Sonoma	All versions before 14.7.1	File System Modification (CVE-2024-44301)	Critical	View or Download	UNDERCODE	2024-12-12
WordPress	Gutenberg Blocks by Kadence Blocks plugin up to 3.2.23	Stored XSS (Cross-Site Scripting)	Critical	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0	SQL Injection	Critical (CVSS v3: MEDIUM)	View or Download	UNDERCODE	2024-12-12
GitLab CE/EE	12.5 before 16.9.6, 16.10 before 16.10.4, 16.11 before 16.11.1	Unauthenticated ReDoS in FileFinder with crafted wildcard filters	High (CVSS: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)	View or Download	UNDERCODE	2024-12-12
Online Class and Exam Scheduling System	1.0	SQL Injection		View or Download	UNDERCODE	2024-12-12
Apache Fineract	< 1.8.5	SQL Injection (CVE-2024-23539)	HIGH	View or Download	UNDERCODE	2024-12-12
Qualcomm Windows WLAN Host	Not specified	Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2024-43053)	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-12-12
Apple iOS	Not specified (all versions before 17.7 and 18)	Unexpected App Termination	Critical (An attacker can exploit the vulnerability to crash applications)	View or Download	UNDERCODE	2024-12-12
macOS	Not specified (all versions before 14.7 and 15 are potentially vulnerable)	Out-of-bounds write	Critical (CVSS details not available yet)	View or Download	UNDERCODE	2024-12-12
macOS, iOS, iPadOS	All versions before macOS Ventura 13.7, iOS 17.7/iPadOS 17.7, visionOS 2, iOS 18/iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15 (inclusive)	Race condition in archive unpacking (CVE-2024-27876)	Critical (CVSS v3 score likely high)	View or Download	UNDERCODE	2024-12-12
Linux	Not specified	Out-of-bounds memory access	CVSS information is not yet available in the public record.	View or Download	UNDERCODE	2024-12-12
Linux Kernel	Not specified	Integer Overflow in pagemap_scan_get_args()	Moderate (CVSS score: 5.5)	View or Download	UNDERCODE	2024-12-12
rahman SelectCours 1.0 (Template Handler component)	Not specified	Template Injection (CVE-2024-2064)	Critical	View or Download	UNDERCODE	2024-12-12
Synack Target	All	SQLi Blind Time-Based	Medium	View or Download + Steps to reproduce	DailyCve.com	12-12-2024
golangorg/x/crypto/ssh	before v0.31.0, partially mitigated in v0.31.0	Authorization Bypass via Misused ServerConfig.PublicKeyCallback	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified (all versions before the fix)	Memory Leak (due to missing kfree_skb())	Low (addressed in kernel updates)	View or Download	UNDERCODE	2024-12-11
GitLab CE/EE	All versions before 16.8.5, all versions starting from 16.9 before 16.9.3, all versions starting from 16.10 before 16.10.1	Uncontrolled Resource Consumption (DoS)	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not listed (all potentially affected)	A memory leak vulnerability exists in the Linux	Medium (CVSS v3 base score not available yet)	View or Download	UNDERCODE	2024-12-11
macOS Sonoma	All versions before 14.6	Buffer Overflow (CVSS: High)	Critical	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not listed (all versions before the fix are assumed vulnerable)	Memory Leak (vsock sk_error_queue)	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-11
kcp	Affected versions are prior to 0.26.1.	Impersonation vulnerability	Critical	View or Download	UNDERCODE	2023-11-28
SiYuan	<= 0.0.0-20241210012039-5129ad926a21	Server-Side Template Injection (SSTI)	Moderate	View or Download	UNDERCODE	2024-12-11
SiYuan	<= 0.0.0-20241210012039-5129ad926a21	Arbitrary File Read	High	View or Download	UNDERCODE	2024-12-11
SiYuan	<= 0.0.0-20241210012039-5129ad926a21	Arbitrary File Write	High	View or Download	UNDERCODE	2024-12-11
Apple iOS, iPadOS, tvOS, and visionOS	Unaffected versions not listed (Update to the latest version is recommended)	Kernel Memory Corruption (CVE-2024-44277)	Critical	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified (all versions potentially affected)	Bluetooth handle release issue	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-11
		Downgrade		View or Download	UNDERCODE	2024-12-11
Apple Products (iOS, iPadOS, macOS, watchOS, visionOS)	Unaffected versions not listed (all prior versions potentially vulnerable)	Information Disclosure (CVE-2024-44278)	Critical	View or Download	UNDERCODE	2024-12-11
JFinalCMS	1.0	Server-Side Template Injection		View or Download	UNDERCODE	2024-12-11
Liferay Digital Experience Platform	Up to 7.4.3.15	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-11
Kashipara E-learning Management System	v1.0		Critical	View or Download	UNDERCODE	2024-12-11
Liferay Portal, Liferay DXP	7.2.0 through 7.4.3.12 (Portal), all versions before update 9 (DXP 7.4), all versions before service pack 3 (DXP 7.3), all versions before fix pack 19 (DXP 7.2), and older unsupported versions.	Open Redirect (CVE-2024-25609)	Critical (CVSS: 6.1)	View or Download	UNDERCODE	2024-12-11
macOS	Not specified (potentially all versions before Ventura 13.7.1 and Sonoma 14.7.1)	PackageKit flaw allowing modification of protected file system areas (CVE-2024-44275)	Unknown (awaiting analysis)	View or Download	UNDERCODE	2024-12-11
Kashipara E-learning Management System	v1.0	SQL Injection	Critical (CVSS score unavailable)	View or Download	UNDERCODE	2024-12-11
JFinalCMS	1.0	Cross-Site Request Forgery (CSRF)	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Undefined Behavior due to stack usage	Low (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Bluetooth handle overflow (CVE-2024-42132)	Low (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-11
Linux Kernel (ARM)	Not specified	Cache Flushing Issue	Critical (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
OpenHarmony	Prior to 4.0.1	Out-of-Bounds Read		View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not mentioned	Use-after-free (UAF) in the sctp_v6_available() function	Critical (DoS)	View or Download	UNDERCODE	2024-12-11
Hewlett Packard Enterprise Insight Remote Support	( not specified )	Directory Traversal	CRITICAL (CVSS Score: 9.8)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Unbalanced pm_runtime_enable! (CVE-2024-53134)	Medium	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified	Deadlock when accessing tmpfs over NFS	Medium (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
Huawei (exact platform unspecified)	(not specified)	Insufficient verification in system sharing pop-up module (CVE-2024-32989)	High (availability impact)	View or Download	UNDERCODE	2024-12-11
HarmonyOS	All versions before a patch is applied (specifically mentioned for 4.0.0 and 4.2.0)	Permission verification vulnerability in the system sharing pop-up module	MEDIUM (CVSS score: 6.1)	View or Download	UNDERCODE	2024-12-11
Apache Airflow	2.8.0 - 2.8.2 (inclusive)	Incorrect Privilege Assignment	Moderate	View or Download	UNDERCODE	2024-12-11
HarmonyOS (all versions mentioned in the references are vulnerable)	Not specified	Out-of-bounds memory access		View or Download	UNDERCODE	2024-12-11
Apache Airflow	Before 2.9.2	Use of Web Browser Cache Containing Sensitive Information	Medium	View or Download	UNDERCODE	2024-12-11
HarmonyOS	Not specified	Insufficient verification vulnerability in the baseband module	High	View or Download	UNDERCODE	2024-12-11
			MEDIUM (CVSS 3.1 score: 6.2)	View or Download	UNDERCODE	2024-12-11
wpa_supplicant module (platform not specified)	Not specified	Permission verification vulnerability (CVE-2024-32991)	Critical (CVSS score not explicitly mentioned but the description indicates critical impact)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Unaffected versions not specified (all before the patch)	Privilege Escalation	Low	View or Download	UNDERCODE	2024-12-11
		Missing outer runtime PM protection in drm/xe driver	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-11
		Local Privilege Escalation (SBAMSvc Link Following)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-11
Linux Kernel	Not specified (all versions using nilfs2 file system are potentially affected)	Null Pointer Dereference	Low (CVSS score might be available elsewhere)	View or Download	UNDERCODE	2024-12-11
		Local Privilege Escalation	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-11
		Heap-based Buffer Overflow (CVE-2024-8025)	Critical	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Malicious File Upload (CVE-2024-25019)	Critical	View or Download	UNDERCODE	2024-12-11
Visteon Infotainment System	N/A	Local Privilege Escalation (LPE)	Critical	View or Download	UNDERCODE	2024-12-11
Visteon Infotainment App SoC (System-on-Chip)	Not specified	Missing Immutable Root of Trust (Hardware Local Privilege Escalation)		View or Download	UNDERCODE	2024-12-11
Visteon Infotainment Systems	(not specified)	Command Injection (CVE-2024-8359)	High (CVSS score: 6.8)	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Exposure of Sensitive Information	Not available (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Unrestricted File Upload	Critical (CVSS 3.1 score not provided)	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	File Upload Vulnerability (CVE-2024-45676)	Critical	View or Download	UNDERCODE	2024-12-11
IBM Cognos Controller	11.0.0, 11.0.1	Weak Cryptographic Algorithms	Critical (CVSS details not provided)	View or Download	UNDERCODE	2024-12-11
Checkmk Exchange Plugin for MikroTik	2.0.0 - 2.5.5 & 0.4a_mk - 2.0a	Improper Certificate Validation (CVE-2024-38861)	MEDIUM (CVSS v4.0: 4.9)	View or Download	UNDERCODE	2024-12-11
Multiple Apple products (iOS, iPadOS, macOS, watchOS, tvOS)	All versions before iOS/iPadOS 17.7, macOS 13.7, etc. (see NVD for specifics)	CVE-2024-44169 (Kernel Logic Issue)	Not specified (likely medium or high)	View or Download	UNDERCODE	2024-12-11
macOS	All versions before macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15 (patched)	Buffer overflow in Intel Graphics Driver (CVE-2024-44160)	Critical	View or Download	UNDERCODE	2024-12-11
Checkmk	Before 2.3.0p16 and 2.2.0p34	Cross-Site Scripting (XSS)	MEDIUM (CVSS v3: 5.1)	View or Download	UNDERCODE	2024-12-11
Apple iOS	All versions before iOS 18 and iPadOS 18 (Vulnerable)	Authentication Bypass (CVE-2024-44202)	Critical	View or Download	UNDERCODE	2024-12-11
Wazifa System	1.0	Cross-site Scripting (XSS)	Medium (CVSS score: 5.3)	View or Download	UNDERCODE	2024-12-11
1000 Projects Library Management System	1.0	SQL Injection (CVE-2024-12188)	Critical	View or Download	UNDERCODE	2024-12-11
PHPGurukul Complaint Management System	1.0	SQL Injection (CVE-2024-12230)	Critical	View or Download	UNDERCODE	2024-12-11
WeiYe-Jing datax-web	2.1.1	OS Command Injection (CVE-2024-12358)	Critical	View or Download	UNDERCODE	2024-12-11
TP-Link VN020 F3v(T)	TT_V6.2.1021	Buffer Overflow	Critical	View or Download	UNDERCODE	2024-12-11
Online Class and Exam Scheduling System	1.0	SQL Injection (CWE-74, CWE-89)	Critical (CVSS v2: 6.5, CVSS v3: 6.3, CVSS v4: 5.3)	View or Download	UNDERCODE	2024-12-11
TOTOLINK EX1800T	9.1.0cu.2112_B20220316	Stack Overflow (CVE-2024-12352)	Medium	View or Download	UNDERCODE	2024-12-11
code-projects Online Notice Board	Up to 1.0	Unrestricted File Upload	Critical (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)	View or Download	UNDERCODE	2024-12-11
SourceCodester Phone Contact Manager System	1.0	Improper Input Validation	Medium (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)	View or Download	UNDERCODE	2024-12-11
PHPGurukul Complaint Management System	1.0	SQL Injection (CVE-2024-12228)	Critical	View or Download	UNDERCODE	2024-12-11
SourceCodester Petrol Pump Management Software	1.0	Unrestricted File Upload	Critical (CVSS score not provided)	View or Download	UNDERCODE	2024-12-11
SourceCodester Best House Rental Management System	1.0	File Inclusion	Medium (CVSS v3: 4.3, CVSS v2: 5.0, CVSS v4: 6.9)	View or Download	UNDERCODE	2024-12-11
SourceCodester Phone Contact Manager System	1.0	Improper Input Validation	Medium (CVSS v3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)	View or Download	UNDERCODE	2024-12-11
Tenda Routers (FH451, FH1201, FH1202, FH1206)	Up to 20241129	Null Pointer Dereference (in websReadEvent function of /goform/GetIPTV)	MEDIUM (CVSS score: 5.3)	View or Download	UNDERCODE	2024-12-11
		Override leakage to global cache	Critical	View or Download	UNDERCODE	2024-12-10
Ruby on Rails		Cross-Site Scripting (XSS)	Low	View or Download	UNDERCODE	2024-12-10
peerigon/angular-expressions	Unaffected versions: >= 1.4.3	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-12-10
wasmvm, cosmwasm-vm		(details not yet available)	Medium (Moderate + Likely)	View or Download	UNDERCODE	2024-12-10
CosmWasm VM	Multiple (see Affected Versions)	Unspecified (details pending)	Medium	View or Download	UNDERCODE	2024-12-10
Linux Kernel	Not specified (versions up to 6.11.3 are vulnerable)	Integer overflow in AMD display driver (CVE-2024-50177)	Medium	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	SQL Injection	Critical (CVSS v3 Base Score: 5.3 - MEDIUM)	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	Cross-Site Request Forgery (CSRF)	MEDIUM (CVSS score: 6.9)	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	SQL Injection		View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	Cross-Site Request Forgery (CSRF)	MEDIUM	View or Download	UNDERCODE	2024-12-10
Linux Kernel	All versions with MPTCP enabled (potentially from 5.7 to later)	mptcp: handle consistently DSS corruption	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-10
SourceCodester Simple Online Bidding System	1.0	SQL Injection	Critical (CVSS v3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)	View or Download	UNDERCODE	2024-12-10
Hugo	>= 0.123.0, < 0.139.4	Unescaped Attributes in Internal Templates	Moderate	View or Download	UNDERCODE	2024-12-09
Apache Superset	2.0.0 to 4.1.0 (excluding 4.1.0)	Improper Authorization	High	View or Download	UNDERCODE	2024-12-09
Winter CMS	Affected versions	Twig Sandbox Bypass	Critical	View or Download	UNDERCODE	2024-12-09
idna	<= 0.5.0	Punycode Spoofing (CVE- not mentioned)	Critical	View or Download	UNDERCODE	2024-12-09
League/CommonMark	Affected versions prior to 2.6.0	Denial of Service (DoS)	Critical	View or Download	UNDERCODE	2023-11-28
HarmonyOS	Not specified (all versions before May 2024 patch are likely vulnerable)	Null Pointer Access (CVE-2024-32998)	Medium	View or Download	UNDERCODE	2024-12-09
HarmonyOS	Not specified (all versions before 17.5 are likely vulnerable)	Race condition in binder driver module (CVE-2024-32997)	High	View or Download	UNDERCODE	2024-12-09
(Multiple - see below)	(All versions before 17.5/10.5/14.5)	Logic Issue (CVE-2024-27816)	Critical	View or Download	UNDERCODE	2024-12-09
Huawei	EMUI 14, EMUI 13, HarmonyOS 4.2, HarmonyOS 4.0, HarmonyOS 3.1, HarmonyOS 3.0 (based on Huawei security bulletin)	PIN enhancement failures in the screen lock module	High	View or Download	UNDERCODE	2024-12-09
		Cracking vulnerability in the OS security module		View or Download	UNDERCODE	2024-12-09
EMUI (Huawei)	Not specified	Improper Permission Control in Window Management	Medium	View or Download	UNDERCODE	2024-12-09
HarmonyOS	All versions before a fix is applied (specific versions not mentioned)	Cracking vulnerability in the OS security module	Medium (CVSS score: 6.4)	View or Download	UNDERCODE	2024-12-09
HarmonyOS	All versions (not specified)	Privilege Escalation due to permission control issue in the App Multiplier module	High	View or Download	UNDERCODE	2024-12-09
Apple Vision Pro	Not specified (versions before 1.1 are vulnerable)	Permissions Issue	Critical	View or Download	UNDERCODE	2024-12-09
macOS Sonoma	Not specified	Code Execution	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-09
Apple Platforms (tvOS, iOS, iPadOS, macOS, watchOS)	Unaffected versions are tvOS 17.4, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, and watchOS 10.4 or later.	CVE-2024-23293 - Spotlight vulnerability allowing access to sensitive user data through Siri with physical access.	Critical	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation Software	Not specified	Heap-based memory buffer overflow	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation software	Not specified	Memory buffer overflow	Critical (CVSS v3 score: 7.8, CVSS v4 score: 8.4)	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation	All Versions (not specified)	Memory Buffer Overflow	Medium (CVSS v3 score: 4.4)	View or Download	UNDERCODE	2024-12-09
Palo Alto Networks PAN-OS (with Captive Portal enabled)	Not specified	Reflected Cross-Site Scripting (XSS) - CVE-2024-0011	MEDIUM (CVSS v3 score: 4.3)	View or Download	UNDERCODE	2024-12-09
Palo Alto Networks PAN-OS		Reflected Cross-Site Scripting (XSS) - CVE-2024-0010	MEDIUM (CVSS score: 4.3)	View or Download	UNDERCODE	2024-12-09
Rockwell Automation Arena Simulation	All versions (not specified)	Arbitrary Code Execution	Critical (CVSS v3: 7.8, CVSS v4: 8.4)	View or Download	UNDERCODE	2024-12-09
	Not specified (all versions before iOS 17.4, iPadOS 17.4, macOS Monterey 12.7.4, etc. are vulnerable)	Validation Issue	High	View or Download	UNDERCODE	2024-12-09
macOS Sonoma	All versions before 14.4	Improper handling of temporary files (CVE-2024-23287)	Critical	View or Download	UNDERCODE	2024-12-09
Apple GarageBand	All versions before 10.4.11 (Vulnerable)	Use-after-free	Critical (CVSS score not provided)	View or Download	UNDERCODE	2024-12-09
macOS, iOS, iPadOS	(Unaffected versions not specified)	Incomplete data redaction in log entries	Critical (An app may be able to access user-sensitive data)	View or Download	UNDERCODE	2024-12-09
macOS (various versions)	Not specified	Memory Corruption	Critical	View or Download	UNDERCODE	2024-12-09
Apple (iOS, iPadOS, macOS, watchOS)	All versions before iOS 16.7.6, iPadOS 16.7.6, iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4	Lock Screen Bypass via Siri	Critical	View or Download	UNDERCODE	2024-12-09
Apple iOS	All versions before 16.7.6 and 17.4	System Notification Spoofing	Critical (CVSS score unavailable)	View or Download	UNDERCODE	2024-12-09
		Remote Code Execution (RCE)	Critical (unauthenticated attacker can execute arbitrary code)	View or Download	UNDERCODE	2024-12-09
WhatsUp Gold	Before 2023.1.2	Server-Side Request Forgery (SSRF)	MEDIUM	View or Download	UNDERCODE	2024-12-09
WhatsUp Gold	Before 2023.1.2	SSRF	Medium (CVSS v3 score: 4.2)	View or Download	UNDERCODE	2024-12-09
WhatsUp Gold	Before 24.0.1	SQL Injection (CVE-2024-46906)	Critical (CVSS score: 8.8)	View or Download	UNDERCODE	2024-12-09
Drupal Core	Vulnerable versions	Improper Error Handling	Moderate	View or Download	UNDERCODE	2024-12-07
Android	Affected versions are prior to 2.3.4.	Deserialization vulnerability	Low	View or Download	UNDERCODE	2024-12-07
			Moderate	View or Download	UNDERCODE	2024-12-07
`path-to-regexp`	0.1.x	ReDoS	Moderate	View or Download	UNDERCODE	2024-12-07
	(not specified in the article)	HTML Injection (CVE-2024-54128)	Critical	View or Download	UNDERCODE	2024-12-07
PyO3	0.23.0 to 0.23.2	Build corruption	Moderate	View or Download	UNDERCODE	2024-12-07
pprof	(Unaffected versions not specified)	Unsound memory access due to type mismatch and misalignment	Low	View or Download	UNDERCODE	2024-12-07
linkme	Affected versions	Type Mismatch	Low	View or Download	UNDERCODE	2024-12-07
Drupal Core	>= 10.1.0, = 10.2.0, < 10.2.2	Denial of Service	High	View or Download	UNDERCODE	2024-12-07
Solana Web3.js	1.95.6 and 1.95.7	Supply chain attack leading to private key theft	Critical	View or Download	UNDERCODE	2024-12-07
anstream (Rust)	< 0.6.8	Unsoundness	Moderate	View or Download	UNDERCODE	2024-12-07
GitHub CLI	Not specified (versions before 2.63.1)	Path Traversal	Moderate	View or Download	UNDERCODE	2024-12-07
PAN-OS		Privilege Escalation	MEDIUM	View or Download	UNDERCODE	2024-12-07
Metabase	Affected versions include 0.40.4 and earlier, and 1.40.4 and earlier.	Local File Inclusion (LFI)	Critical (CVSS Score: 10.0)	View or Download	UNDERCODE	2024-12-07
Windows	Multiple Windows versions are affected.	Elevation of Privilege	HIGH	View or Download	UNDERCODE	2024-12-07
Atlassian Jira Server and Data Center	Before 8.5.14, 8.6.0-8.13.6, 8.14.0-8.16.1	Path Traversal	Critical	View or Download	UNDERCODE	2021-03-16
Safari, iOS, iPadOS, macOS, visionOS	Affected versions are older than Safari 18.1.1, iOS 17.7.2, iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1, iPadOS 18.1.1, visionOS 2.1.1.	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-12-07
Kemp LoadMaster	All versions before 7.2.48.10, 7.2.54.8, 7.2.59.2	Unauthenticated Command Injection	Critical (CVSS v3 score: 10.0)	View or Download	UNDERCODE	2024-12-07
vCenter Server	Affected versions are not explicitly mentioned.	Heap-overflow vulnerability in the DCERPC protocol implementation.	Critical (CVSS Score: 9.8)	View or Download	UNDERCODE	2024-12-07
Palo Alto Networks Expedition	(Not specified)	SQL Injection (CVE-2024-9465)	Critical (CVSS score: 9.2)	View or Download	UNDERCODE	2024-12-07
Zyxel ATP Series, USG FLEX Series, USG FLEX 50(W) Series, and USG20(W)-VPN Series	V5.00 through V5.38	Directory Traversal	HIGH	View or Download	UNDERCODE	2024-12-07
Oracle Agile PLM Framework	9.3.6	Information Disclosure	High	View or Download	UNDERCODE	2024-12-07
ProjectSend	Prior to r1720	Improper Authentication	Critical (CVSS Score: 9.8)	View or Download	UNDERCODE	2024-12-07
Not specified (WebKit is used across various Apple products)	Versions prior to those mentioned above (specific versions not provided)	Sandbox Escape (Critical)	Critical	View or Download	UNDERCODE	2024-12-06
Apple iOS, iPadOS, macOS	Versions before iOS 17.4, iPadOS 17.4, and macOS Sonoma 14.4	Authentication Bypass in Hidden Photos Album	Critical (CVSS details not shown in excerpt)	View or Download	UNDERCODE	2024-12-06
Apple (mentioned in source)	Not specified (all versions before the fixed ones are vulnerable)	Race Condition (mentioned in description)	High (implied by potential access to user-sensitive data)	View or Download	UNDERCODE	2024-12-06
Zyxel USG FLEX H Series	uOS versions up to (excluding) 1.30	Insufficiently protected credentials	Critical (CVSS v3 score details not provided)	View or Download	UNDERCODE	2024-12-06
iOS, iPadOS, tvOS, watchOS, macOS (all versions before the mentioned fixes)	Not applicable (all versions before the fixes)	Unrestricted Microphone Access		View or Download	UNDERCODE	2024-12-06
macOS Sonoma	Not specified (all versions before 14.4 are vulnerable)	Improper memory handling	Medium (allows denial-of-service or potential information disclosure)	View or Download	UNDERCODE	2024-12-06
macOS Sonoma	(Not specified in the provided text)	Memory Access Issue	Critical (CVE-2024-23249)	View or Download	UNDERCODE	2024-12-06
Apple iOS	Versions before 17.4	Shake-to-Undo information disclosure (CVE-2024-23240)	Critical	View or Download	UNDERCODE	2024-12-06
macOS	Sonoma 14.4, Monterey 12.7.4 (Unaffected versions not listed)	Privilege Escalation	Critical	View or Download	UNDERCODE	2024-12-06
macOS Sonoma	Before 14.4	Permissions Issue (CVE-2024-23253)	Low	View or Download	UNDERCODE	2024-12-06
macOS	Not specified (all versions vulnerable before macOS Sonoma 14.4, macOS Monterey 12.7.4, macOS Ventura 13.6.5)	Out-of-bounds write in Kerberos v5 PAM module	Critical (CVSS v3.1: CISA-ADP AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)	View or Download	UNDERCODE	2024-12-06
(see below)	(see below)	Information Leakage		View or Download	UNDERCODE	2024-12-06
macOS	Sonoma 14.4, Monterey 12.7.4, Ventura 13.6.5 (all prior versions are vulnerable)	Improper Memory Handling (Code Execution)	Critical	View or Download	UNDERCODE	2024-12-06
Directus	Not specified (update to latest version)	Client-Side HTML Injection (CVE-2024-54128)	Critical	View or Download	UNDERCODE	2024-12-05
sigstore-java			Low (for non-monitors/witnesses)	View or Download	UNDERCODE	2024-12-05
Drupal Core	N/A	Improper Error Handling	Moderate	View or Download	UNDERCODE	2024-12-05
Drupal Core	10.1.0 - 10.1.7, 10.2.0 - 10.2.1	Denial of Service	High	View or Download	UNDERCODE	2024-12-05
Apache Hive	4.0.0-alpha-1	Deserialization of untrusted data	High	View or Download	UNDERCODE	2024-12-05
Perl (App::cpanminus package)	Up to 1.7047	Insecure HTTP Download	Critical (CVSS 3.0: 9.8/10)	View or Download	UNDERCODE	2024-12-05
			Low	View or Download	UNDERCODE	2024-12-05
PyO3	0.23.0 - 0.23.2	Build Corruption	Moderate	View or Download	UNDERCODE	2024-12-05
Microsoft Brokering File System (Platform details not specified)	(Version information not provided)	Elevation of Privilege	HIGH (CVSS v3 Base Score: 7.8)	View or Download	UNDERCODE	2024-12-05
Dell Secure Connect Gateway (SCG) Policy Manager	All	Stored Cross-Site Scripting (XSS)	HIGH	View or Download	UNDERCODE	2024-12-05
Rpgp	All versions prior to 0.14.1	Multiple vulnerabilities leading to denial-of-service	Critical	View or Download	UNDERCODE	2024-12-05
Spring LDAP	All versions before 2.4.0, 2.4.0 through 2.4.3, 3.0.0 through 3.0.9, 3.1.0 through 3.1.7, 3.2.0 through 3.2.7	Information Exposure	Moderate (CVE-2024-38829)	View or Download	UNDERCODE	2024-12-04
Anstream (platform unspecified)	Not specified	Unhandled Character Encoding		View or Download	UNDERCODE	2024-12-04
Apache HTTP Server	Affected versions include 2.4.49 and earlier.	A remote code execution vulnerability that can be exploited to execute arbitrary code on the server.	Critical	View or Download	UNDERCODE	2024-12-04
Linkme	Affected versions	Type Mismatch	Low	View or Download	UNDERCODE	2024-12-04
Checkmk	Up to 2.0.0, specific 2.1.0 and 2.2.0 versions	Multiple vulnerabilities (CVE-2023-43277, CVE-2023-43278, CVE-2023-43279)	High (CVE-2023-43277), Medium (CVE-2023-43278, CVE-2023-43279)	View or Download	UNDERCODE	2024-12-04
PDF-XChange Editor	(not specified)	Out-of-Bounds Read Information Disclosure		View or Download	UNDERCODE	2024-12-04
Adobe Animate	24.0 and earlier (including 23.0.3)	Out-of-Bounds Read (CVE-2024-20762)	MEDIUM (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-04
Zabbix Server	Not specified (all versions before 6.4.16rc1 and 7.0.0 are vulnerable)	Code Injection (CWE-94)	Critical (CVSS score: 9.9)	View or Download	UNDERCODE	2024-12-04
Adobe Animate	23.0.4 and earlier	Out-of-bounds read (CVE-2024-20797)	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-12-04
Adobe Animate	23.0.4 and earlier	Out-of-bounds read (CVE-2024-20796)	Medium (CVSS 3.1 base score: 5.5)	View or Download	UNDERCODE	2024-12-04
GitHub CLI	Prior to 2.63.1	Path Traversal	Critical	View or Download	UNDERCODE	2024-12-04
CyberPanel	Before 1c0c6cb (through 2.3.6 and unpatched 2.3.7)	Command Injection	Critical (CVSS score: 10.0)	View or Download	UNDERCODE	2024-12-04
Adobe Experience Manager	Versions 6.5.19 and earlier (not specified)	Stored Cross-Site Scripting (XSS)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.x Base Score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS v3 base score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.1 base score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
ChargePoint Home Flex	(Not specified in the article)	Denial-of-Service (DoS)	MEDIUM (CVSS score: 4.3)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Trimble SketchUp	All versions (unaffected versions not specified yet)	Stack-based buffer overflow remote code execution	Critical	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
PDF-XChange Editor	All versions before a patch is released (information not yet available)	Out-of-bounds read leading to remote code execution (RCE)	High (CVSS v3 score to be determined)	View or Download	UNDERCODE	2024-12-03
IBM QRadar Suite, IBM Cloud Pak for Security	1.10.12.0 through 1.10.17.0 (QRadar Suite), 1.10.0.0 through 1.1.11.0 (Cloud Pak for Security)	Information Exposure	Critical (CVSS score details unavailable)	View or Download	UNDERCODE	2024-12-03
Linux Kernel	Not specified (all versions using the iwlwifi driver are potentially vulnerable)	Memory Error (improper response handling)	Critical (CVE-2024-53059)	View or Download	UNDERCODE	2024-12-03
Linux Kernel	Not specified (all versions potentially affected)	Null pointer dereference	Critical	View or Download	UNDERCODE	2024-12-03
			High	View or Download	UNDERCODE	2024-12-03
code-projects Farmacia	Up to 1.0	SQL Injection	Critical (CVSS score: 5.3 MEDIUM)	View or Download	UNDERCODE	2024-12-03
Checkmk	Below 2.3.0p22, 2.2.0p37, and 2.1.0p50	Information Disclosure	Medium (CVSS v3: 6.5, CVSS v4: 5.7)	View or Download	UNDERCODE	2024-12-03
element-hq/synapse	Before 1.106	Unauthenticated Writes to Media Repository	Moderate	View or Download	UNDERCODE	2024-12-03
element-hq/synapse	Before 1.120.1	Malformed Invite Disrupts /sync Functionality	High	View or Download	UNDERCODE	2024-12-03
Synapse	Below 1.120.1	Unsupported content type handling (multipart/form-data)	High	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
		Stack-based Buffer Overflow (Remote Code Execution)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Reflected Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Reflected Cross-Site Scripting (XSS) (CWE-79)	Important (CVSS Score: 5.4 - Medium)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Cross-Site Scripting (XSS)	Medium (CVSS v3 score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS) - CVE-2024-26038	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS 3.1 score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Zyxel ATP Series, USG FLEX Series, USG FLEX 50(W) Series, and USG20(W)-VPN Series	V5.00 through V5.38	Directory Traversal	HIGH	View or Download	UNDERCODE	2024-12-03
ProjectSend	Prior to r1720	Improper Authentication	Critical (CVSS score: 9.8)	View or Download	UNDERCODE	2024-12-03
Adobe InDesign Desktop	19.0, 20.0 and earlier	Out-of-bounds read (CVE-2024-49529)	MEDIUM (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Dreamweaver Desktop	21.3 and earlier	OS Command Injection (CVE-2024-30314)	Critical	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	DOM-based Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.x Base Score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Substance 3D Stager	3.0.2 and earlier	Out-of-bounds read (CVE-2024-52998)	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS) - CVE-2024-26043	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	DOM-based XSS (Cross-Site Scripting)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored XSS	MEDIUM	View or Download	UNDERCODE	2024-12-03
Adobe Premiere Pro	23.6.5, 24.4.1 and earlier	Untrusted Search Path	Critical	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager (AEM)	6.5.20 and earlier	Stored Cross-Site Scripting (XSS)	Medium (CVSS v3 score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.20 and earlier	DOM-based XSS (CVE-2024-49524)	Medium	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager (AEM)	6.5.19 and earlier (all versions before 6.5.20 are potentially vulnerable)	DOM-based Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Substance 3D Painter	9.1.2 and earlier	Out-of-bounds read	Important (CVSS Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	Versions 6.5.19 and earlier (information incomplete due to reanalysis)	Stored Cross-Site Scripting (XSS)	Medium (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe InDesign Desktop	ID18.5.2, ID19.3 and earlier	NULL Pointer Dereference	Important (CVSS Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier (all prior versions are vulnerable)	Stored Cross-Site Scripting (XSS) (CVE-2024-26056)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS 3.x score: 5.4)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-12-03
Adobe Substance 3D Painter	9.1.2 and earlier	Out-of-bounds read (CVE-2024-30308)	Important (CVSS Score: 5.5)	View or Download	UNDERCODE	2024-12-03
Adobe InDesign	ID18.5.2, ID19.3 and earlier	Heap-based Buffer Overflow (CVE-2024-39392)	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-12-03
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS score: 5.4)	View or Download	UNDERCODE	2024-12-03
Rails	Rails >= 7.1.0 and Nokogiri < 1.15.7, or 1.16.x < 1.16.8 (Rails::HTML::Sanitizer 1.6.0 is vulnerable)	XSS	Critical	View or Download	UNDERCODE	2024-12-03
Rails	Rails >= 7.1.0 & Rails::HTML::Sanitizer 1.6.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-12-03
		Potential XSS (Cross-Site Scripting)		View or Download	UNDERCODE	2024-12-03
Rails	Rails >= 7.1.0 with Rails::HTML::Sanitizer 1.6.0	XSS	Critical	View or Download	UNDERCODE	2024-12-03
Mongoose	< 8.8.3	Search Injection	High	View or Download	UNDERCODE	2024-12-03
Rails::HTML::Sanitizer	1.6.0	XSS (Cross-Site Scripting)	Medium	View or Download	UNDERCODE	2024-12-03
Adobe FrameMaker	2020.5, 2022.3 and earlier (all versions before 2020.6 or 2022.4)	Out-of-bounds read (CVE-2024-30287)	Important (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-02
Adobe FrameMaker	2020.5, 2022.3 and earlier	Heap-Based Buffer Overflow (CVE-2024-30288)	Critical (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe FrameMaker	2020.5 and earlier (including 2022.3)	Out-of-bounds read (CVE-2024-30286)	Medium (CVSS score: 5.5)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574 and earlier	Use After Free (CVE-2024-30284)	Critical (CVSS: 3.1 High - 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	Versions 20.005.30574, 24.002.20736 and earlier (fill in "all" if all versions are affected)	Use After Free	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	All versions before 20.005.30635 and 24.002.20759	Improper Access Control (CVE-2024-34099)	HIGH (CVSS: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	Versions before 20.005.30574 and 24.002.20736	Out-of-bounds write vulnerability	HIGH (CVSS 3.1 base score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574, 24.002.20736 and earlier	Out-of-Bounds Read	HIGH (CVSS 3.x Base Score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	Versions before 20.005.30635 and 24.002.20759 (inclusive)	Use After Free (CVE-2024-34095)	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader DC	20.005.30539, 23.008.20470 and earlier	Use After Free (CVE-2024-30301)	Critical (CVSS 7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574, 24.002.20736 and earlier	Use After Free (CVE-2024-34100)	Critical (CVSS: 3.1/7.8)	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574, 24.002.20736 and earlier	Out-of-bounds read (CVE-2024-30311)	Medium	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	20.005.30574 and earlier	Out-of-bounds read (CVE-2024-30312)	Critical	View or Download	UNDERCODE	2024-12-02
Adobe Acrobat Reader	All versions before 20.005.30574 and 24.002.20736	Out-of-bounds read (CVE-2024-34101)	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-12-02
Adobe FrameMaker	2020.5, 2022.3 and earlier (all versions before 2020.6 or 2022.4)	Out-of-Bounds Read (CVE-2024-30283)	Medium (CVSS score: 5.5)	View or Download	UNDERCODE	2024-12-02
`ruzstd`	Affected versions	Uninitialized and Out-of-Bounds Memory Reads	Moderate	View or Download	UNDERCODE	2024-12-02
Python-multipart	Affected versions	Denial of Service (DoS)	High	View or Download	UNDERCODE	2024-12-02
Adobe Experience Manager	6.5.19 and earlier	Stored Cross-Site Scripting (XSS)	MEDIUM (CVSS v3 score: 5.4)	View or Download	UNDERCODE	2024-12-02
Google Chrome	Before 122.0.6261.57	Inappropriate implementation in Navigation	Critical (Chromium security severity: Medium)	View or Download	UNDERCODE	2024-12-02
Symfony	!ERROR! B2746 -> Formula Error: Unexpected ,	Deserialization	High	View or Download	UNDERCODE	2024-12-02
Ant-Media-Server	2.8.2	Improper Output Neutralization for Logs	High	View or Download	UNDERCODE	2024-12-02
Symfony	Affected versions are not explicitly mentioned. It is recommended to upgrade to the latest version to mitigate the risk.	Authentication Bypass	Moderate	View or Download	UNDERCODE	2024-12-02
SimpleSAMLphp	All versions before 2.3.4, 2.2.4, 2.1.7, and 2.0.15	XXE (XML External Entity)	Critical	View or Download	UNDERCODE	2024-12-02
N/A (Lettuce is a Java library)	Affected versions < 6.5.1.RELEASE	Netty vulnerability (CVE-TBD)	Moderate	View or Download	UNDERCODE	2024-12-02
Ibexa Admin UI	Affected versions are not explicitly mentioned.	Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-12-02
SFTPGo	2.3.0 to 2.6.3	Brute Force Takeover of OpenID Connect Session Cookies	Moderate	View or Download	UNDERCODE	2024-12-02
SimpleSAMLphp SAML2	(Unaffected versions not specified)	XXE	Moderate	View or Download	UNDERCODE	2024-12-02
Node.js	10.0.4	Prototype Pollution	Critical	View or Download	UNDERCODE	2024-12-02
Not specified	Not specified	Cache Confusion	Moderate	View or Download	UNDERCODE	2024-12-02
	Versions before 10.0.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-12-02
veraPDF CLI	Affected versions are not explicitly specified.	XXE (XML External Entity Injection)	Low	View or Download	UNDERCODE	2024-12-02
SimpleSAMLphp	Not specified	XXE	High	View or Download	UNDERCODE	2024-12-02
(Not specified in the provided text)	libarchive versions before 3.7.5	Out-of-bounds memory access in execute_filter_audio function	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-12-02
AMTT Hotel Broadband Operation System	Up to 3.0.3.151204	SQL Injection (CVE-2024-11051)	Critical	View or Download	UNDERCODE	2024-12-02
Concert Ticket Ordering System	1.0	SQL Injection		View or Download	UNDERCODE	2024-12-02
Team Plugins360 All-in-One Video Gallery	All versions up to 3.5.2	Missing Authorization	HIGH	View or Download	UNDERCODE	2024-12-02
Veritas Enterprise Vault	Before 15.2	Remote Code Execution	Critical (CVSS score: 9.8)	View or Download	UNDERCODE	2024-11-29
Veritas Enterprise Vault	Before 15.2	Remote Code Execution (RCE)	Critical (CVSS 3.x score: 9.8)	View or Download	UNDERCODE	2024-11-29
Microsoft Windows	Not specified (all versions potentially affected)	Elevation of Privilege	HIGH (CVSS 3.1 base score: 7.0)	View or Download	UNDERCODE	2024-11-29
Open Management Infrastructure (OMI)	Not specified (all versions likely affected)	Remote Code Execution (RCE)	Critical (CVSS: 9.8)	View or Download	UNDERCODE	2024-11-29
.NET	7.0 (<= 7.0.16), 8.0 (<= 8.0.2)	Denial of Service (DoS)	HIGH (CVSS score: 7.5)	View or Download	UNDERCODE	2024-11-29
		Kerberos Security Feature Bypass	HIGH (CVSS 3.1 base score: 7.5)	View or Download	UNDERCODE	2024-11-29
WordPress	ProfileGrid plugin versions up to 5.9.3.6	Unauthorized data modification	Medium (CVSS: 6.5)	View or Download	UNDERCODE	2024-11-29
			HIGH (CVSS: 7.0)	View or Download	UNDERCODE	2024-11-29
Microsoft Dynamics 365 (on-premises)	Not specified	Cross-site Scripting (XSS)	HIGH (CVSS v3 score: 7.6)	View or Download	UNDERCODE	2024-11-29
WordPress	Ashe theme versions up to 2.243	Reflected Cross-Site Scripting (XSS)	MEDIUM (CVSS: 6.1)	View or Download	UNDERCODE	2024-11-29
WordPress Plugin - MailChimp Forms by MailMunch	All versions up to 3.2.3 (inclusive)	Reflected Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-29
Veritas Enterprise Vault	Before 15.2	Remote Code Execution (RCE)	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-29
		Out-of-Bounds Read Remote Code Execution (RCE)	Critical (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-29
PDF-XChange Editor	(not specified in available information)	Out-of-Bounds Write Remote Code Execution	HIGH (CVSS score: 7.8) based on Zero Day Initiative (ZDI)	View or Download	UNDERCODE	2024-11-29
			Medium	View or Download	UNDERCODE	2024-11-29
PDF-XChange Editor	All versions before a patch is released	Information Disclosure		View or Download	UNDERCODE	2024-11-22
PDF-XChange Editor	Not specified (all versions before a patch is released are vulnerable)	Out-of-Bounds Read Remote Code Execution	HIGH	View or Download	UNDERCODE	2024-11-29
PDF-XChange Editor	(information not available)	Out-of-bounds read remote code execution (RCE)	Critical (CVSS v3.0 base score likely high)	View or Download	UNDERCODE	2024-11-29
		EMF File Parsing Out-Of-Bounds Read	LOW (CVSS: 3.3)	View or Download	UNDERCODE	2024-11-29
		Out-of-Bounds Read Remote Code Execution (RCE) in XPS parsing	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	All versions (unspecified)	Out-of-Bounds Read Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	Not specified in this source	Annotation Use-After-Free	Critical	View or Download	UNDERCODE	2024-11-29
		Local Privilege Escalation	Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader (all versions)	Not specified	Incorrect Permission Assignment in Update Service (Local Privilege Escalation)	Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	All versions (not specified)	Out-of-Bounds Read Information Disclosure	Critical	View or Download	UNDERCODE	2024-11-29
		Annotation Use-After-Free Remote Code Execution	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-29
		Annotation Out-of-Bounds Read	Critical	View or Download	UNDERCODE	2024-11-29
		Out-of-Bounds Write Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-29
SolarWinds Web Help Desk (WHD)	Not specified in the provided information.	Hardcoded Credentials	Critical (CVSS score: 9.1)	View or Download	UNDERCODE	2024-11-29
SolarWinds Serv-U	All versions up to 15.4.2 Hotfix 1	Directory Traversal	Critical	View or Download	UNDERCODE	2024-11-29
D-Link NAS devices (DNS-320L, DNS-325, DNS-327L, DNS-340L)	All versions up to April 3rd, 2024 (EOL)	Command Injection (CVE-2024-3273)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-29
Windows (10 and above), Windows Server (2016 and later)	Not specified	Heap-based buffer overflow in DWM Core Library	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-29
Android	All versions (initially reported on Pixel devices but affects all)	Privilege Escalation (CVE-2024-32896)	Critical	View or Download	UNDERCODE	2024-11-29
IrfanView	All versions	Heap-based buffer overflow due to SVG file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-29
IrfanView	All versions (unaffected version not specified)	Out-of-Bounds Read Remote Code Execution (RCE)		View or Download	UNDERCODE	2024-11-29
IrfanView	All versions	DXF File Parsing Type Confusion Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-29
			Critical	View or Download	UNDERCODE	2024-11-29
Foxit PDF Reader	All versions up to (including) 13.1.3 (Windows) & 13.1.2 (Mac)	Use-After-Free Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-11-29
Microsoft Windows Kernel	Not specified	Time-Of-Check Time-Of-Use (TOCTOU) race condition	Critical (CVSS score: 7.0)	View or Download	UNDERCODE	2024-11-29
Windows MSHTML Platform	(Not specified in the provided information)	Security Feature Bypass	Critical (CVSS v3 score: 8.8)	View or Download	UNDERCODE	2024-11-29
Oracle CRM Technical Foundation (Oracle E-Business Suite)	12.2.3 - 12.2.13	Partial Denial of Service (DoS)	Medium (CVSS 3.1 Base Score: 4.3)	View or Download	UNDERCODE	2024-11-29
JD Edwards EnterpriseOne Tools	Prior to 9.2.8.1	Information Disclosure	Critical	View or Download	UNDERCODE	2024-11-29
Oracle MySQL Server	8.0.35 and prior, 8.2.0 and prior	Privilege Escalation (CVE-2024-20964)	Critical (CVSS 3.1 Base Score: 5.3)	View or Download	UNDERCODE	2024-11-29
Hugging Face Transformers	Not specified	Deserialization of Untrusted Data (Remote Code Execution)	Critical	View or Download	UNDERCODE	2024-11-28
Hugging Face Transformers (MaskFormer model)	Not specified	Deserialization of Untrusted Data (Remote Code Execution)	Important	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified	Improper lock handling (CVE-2024-53086)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (potentially all versions with the vulnerable remoteproc driver)	Error Handling Vulnerability (CWE-755)	Low (CVSS v3 details not provided)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified	Use-After-Free (UAF)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions potentially affected)	Exec Queue Leak	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (versions 6.5 to 6.12 likely affected)	Uninitialized variables (hdr_len and txbuf_len)	Medium (CVSS 3.1 base score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions potentially affected)	Race Condition	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions potentially affected)	Access to uninitialized variable in tick_ctx_cleanup() function	Medium (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-28
Hugging Face Transformers (Library)	(Unaffected versions not specified yet)	Remote Code Execution (RCE)	Critical (CVSS score unavailable, but details suggest high severity)	View or Download	UNDERCODE	2024-11-28
Linux kernel	Not specified (likely impacts specific kernel versions)	Improper use of use_count in media:qcom:camss:stop_streaming function	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (potential impact on all versions with Loongson 3 CPU support)	Improper Resource Handling (use of incorrect function)	Low	View or Download	UNDERCODE	2024-11-28
Linux Kernel	Not specified (all versions affected by commit de8548813824)	Race condition during group handle conversion	Medium (CVSS 3.x Base Score: 4.7)	View or Download	UNDERCODE	2024-11-28
Cilium	v1.16.0 - v1.16.3 (inclusive)	Layer 7 policy enforcement bypass with port ranges	Medium	View or Download	UNDERCODE	2024-11-28
MLflow	N/A	Privilege Escalation	High	View or Download	UNDERCODE	2024-11-28
deno_doc	(not specified)	Self-XSS	Low	View or Download	UNDERCODE	2024-11-28
Querydsl (with JPA)	Not specified (but vulnerable in versions up to 6.8.0)	HQL Injection (Blind)	Critical	View or Download	UNDERCODE	2024-11-28
SPEmailHandler-PHP	< 1.0.0	Arbitrary Email Sending	High	View or Download	UNDERCODE	2024-11-28
Python	0.1.13	Credential Harvesting	High	View or Download	UNDERCODE	2024-11-28
sigstore-java	v1.0.0	Improper verification of log entry in bundle verification (CVE-2024-53267)	Critical	View or Download	UNDERCODE	2024-11-28
libre-chat	0.0.6	Path Traversal	Moderate	View or Download	UNDERCODE	2024-11-28
lakeFS	Affected versions are not explicitly specified.	Privilege Escalation	Moderate	View or Download	UNDERCODE	2024-11-28
Jenkins	< 0.0.15	Path Traversal	Moderate	View or Download	UNDERCODE	2024-11-28
Keycloak	26 and earlier	Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2023-11-21
Keycloak	!ERROR! B2830 -> Formula Error: Unexpected ,	Sensitive Data Exposure		View or Download	UNDERCODE	2024-11-28
Jenkins	1.4.4 and earlier	Stored Cross-Site Scripting (XSS)	High	View or Download	UNDERCODE	2024-11-28
GitHub CLI	Prior to 2.63.0	Token Leak	Critical	View or Download	UNDERCODE	2024-11-28
Devolutions.XTS.NET	All versions	Timing Attack	Moderate	View or Download	UNDERCODE	2024-11-28
Android (uses Apache ExternalStorageProvider)	Unaffected versions not specified (potential for widespread impact)	File Path Filter Bypass	Critical	View or Download	UNDERCODE	2024-11-28
Safari, iOS, iPadOS, macOS, visionOS	Affected versions prior to Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1 and iPadOS 18.1.1, visionOS 2.1.1	Arbitrary Code Execution	Critical	View or Download	UNDERCODE	2024-11-28
vCenter Server	Affected versions	Privilege Escalation	HIGH	View or Download	UNDERCODE	2024-11-28
Oracle Agile PLM Framework	9.3.6	Information Disclosure	HIGH	View or Download	UNDERCODE	2024-11-28
		SQL Injection (CVE-2024-9465)	Critical (CVSS score: 9.2)	View or Download	UNDERCODE	2024-11-28
CyberPanel (aka Cyber Panel)	Before 5b08cd6d53f4dbc2107ad9f555122ce8b0996515 (versions through 2.3.6 and unpatched 2.3.7)	Remote Code Execution (RCE)	Critical (CVSS 10.0)	View or Download	UNDERCODE	2024-11-28
Progress Kemp LoadMaster	All versions after 7.2.48.1 (including LoadMaster Multi-Tenant VFNs)	Unauthenticated Command Injection	CRITICAL	View or Download	UNDERCODE	2024-11-28
		Missing Authentication	Critical (CVSS score: 9.3)	View or Download	UNDERCODE	2024-11-28
		NTLMv2 Hash Disclosure Spoofing		View or Download	UNDERCODE	2024-11-28
Cisco Adaptive Security Appliance (ASA)	Not specified	Cross-site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-28
Palo Alto Networks PAN-OS				View or Download	UNDERCODE	2024-11-28
Windows	Multiple versions affected	Elevation of Privilege	High	View or Download	UNDERCODE	2024-11-28
Apple Products (Safari, iOS, iPadOS, macOS, visionOS)	Affected versions include Safari 18.1, iOS 17.7, iPadOS 17.7, macOS Sonoma 15.1, iOS 18.1, iPadOS 18.1, and visionOS 2.1.	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-28
Hugging Face Transformers MaskFormer Model	All versions before a fix is applied	Deserialization of Untrusted Data Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (the vulnerability was identified in a pre-release version)	Suspicious RCU usage in ip_tunnel_find() function	Medium	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions potentially affected)	Memory Corruption in drm/vc4 driver	Moderate (CVSS v3 score to be determined)	View or Download	UNDERCODE	2024-11-27
go-gh	Prior to 2.11.1	Improper Token Handling	Moderate	View or Download	UNDERCODE	2024-11-27
GitHub CLI	Prior to 2.63.0	Token Leak	Critical	View or Download	UNDERCODE	2024-11-27
SPEmailHandler-PHP	< 1.0.0	Arbitrary Email Sending	High	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not specified yet (Needs Evaluation for most Ubuntu versions)	Use-after-free (accessing uninitialized variable)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (potentially all versions with qcom:camss driver)	Incorrect usage of reference counter in qcom:camss driver (CVE-2024-50175)	Moderate	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (versions 6.10 to 6.12 likely affected)	Race condition (CVE-2024-50174)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-27
ServiceNow Vancouver	Multiple	Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions before the fix are potentially vulnerable)	Exec Queue Leak	Medium (CVSS score details not yet available)	View or Download	UNDERCODE	2024-11-27
Google Chrome	Prior to 124.0.6367.207	Out-of-bounds write in V8 JavaScript engine	Critical (High in Chromium)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Resource Leak due to Object Reference Loop	Medium	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Race condition in TPM suspension (CVE-2024-53085)	Moderate (CVSS score details not provided)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions using the vulnerable cpufreq driver)	cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request() (CVE-2024-50178)	Critical	View or Download	UNDERCODE	2024-11-27
Apple Safari, iOS, iPadOS, macOS Sequoia	All versions before Safari 18.1.1, iOS 17.7.2, iPadOS 17.7.2, macOS Sequoia 15.1.1, iOS 18.1.1, iPadOS 18.1.1, and visionOS 2.1.1	Code Execution (CVE-2024-44308)	Critical	View or Download	UNDERCODE	2024-11-27
Google Chrome	Prior to 124.0.6367.201	Use After Free in Visuals	High	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Improper Error Handling (remoteproc driver)	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Uninitialized variable (hdr_len, txbuf_len)	Medium	View or Download	UNDERCODE	2024-11-27
ServiceNow Now Platform	All versions before Xanadu General Availability (vague)	Sandbox Escape (allows remote code execution)	Critical (CVSS score: 9.3)	View or Download	UNDERCODE	2024-11-27
Jenkins	< 0.0.15	Path Traversal	Moderate	View or Download	UNDERCODE	2024-11-27
Querydsl	Not specified (vulnerable since initial versions)	HQL Injection	Critical	View or Download	UNDERCODE	2024-11-27
Devolutions.XTS.NET	All versions before 2024.11.26	Timing Attack (CVE-2024-11862)	Moderate	View or Download	UNDERCODE	2024-11-27
Google Chrome	Before 125.0.6422.112	Type Confusion in V8 JavaScript Engine		View or Download	UNDERCODE	2024-11-27
Google Chrome	Prior to 128.0.6613.84 (Unaffected versions not specified)	Type Confusion (CVE-2024-7971)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Bounds checking error in snd_soc_dapm_widget_list	Medium	View or Download	UNDERCODE	2024-11-27
Oracle WebCenter Portal (Oracle Fusion Middleware)	12.2.1.4.0 (affected version)	Unauthorized access (update, insert, delete, read) to some of Oracle WebCenter Portal data	Medium (CVSS v3 score: 4.4)	View or Download	UNDERCODE	2024-11-27
Oracle Agile Product Lifecycle Management for Process	Prior to 6.2.4.2	Unauthenticated remote code execution	Critical (CVSS 3.1 Base Score: 7.3)	View or Download	UNDERCODE	2024-11-27
MySQL Server	8.0.35 and prior, 8.2.0 and prior	Server : Security : Firewall	Medium	View or Download	UNDERCODE	2024-11-27
Oracle BI Publisher	6.4.0.0.0, 7.0.0.0.0	Unauthorized access (update, insert, delete, read)	Critical (CVSS score: 5.4)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not specified (likely all before a patched version is released)	Integer underflow in PLL value checks for Samsung Arbiter 0521 sensor	Critical	View or Download	UNDERCODE	2024-11-27
Oracle Hospitality Simphony (component: Simphony Enterprise Server)	19.1.0 - 19.5.4	Easily exploitable via HTTP	Critical (CVSS 3.1 Base Score: 9.9)	View or Download	UNDERCODE	2024-11-27
Oracle MySQL Server	8.0.36 and prior, 8.3.0 and prior	Information Schema flaw	Critical (CVSS score: 5.3)	View or Download	UNDERCODE	2024-11-27
Oracle WebLogic Server (Core component)	12.2.1.4.0, 14.1.1.0.0	Security Feature Bypass	Critical (CVSS 3.1 Base Score: 6.1)	View or Download	UNDERCODE	2024-11-27
Oracle E-Business Suite	12.2.3 - 12.2.13	Unauthorized data access	Medium (CVSS 3.1 Base Score: 5.3)	View or Download	UNDERCODE	2024-11-27
Oracle Solaris	11	Zone component vulnerability	Critical (CVSS score: 8.2)	View or Download	UNDERCODE	2024-11-27
Oracle MySQL Server	8.0.35 and prior, 8.2.0 and prior (all versions before these are vulnerable)	Improper handling within the Optimizer component	Critical (CVSS 3.1 Base Score: 4.9)	View or Download	UNDERCODE	2024-11-27
Oracle E-Business Suite	12.2.3 - 12.2.13	CVE-2024-20958	Medium (CVSS 3.1 Base Score: 5.4)	View or Download	UNDERCODE	2024-11-27
Oracle Database Sharding	19.3-19.22 & 21.3-21.13	An attacker with DBA privileges and network access can cause a partial denial-of-service (DoS).	Low (CVSS v3 base score: 2.4)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Buffer overflow in video capture when using more than 32 buffers.	Medium (CVSS v3.1: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not specified (all before 6.11.8 likely vulnerable)	Missing buffer index check in dvb_vb2_expbuf() function	Low (CVSS v3 score not yet available)	View or Download	UNDERCODE	2024-11-27
Linux Kernel (Xilinx axienet)	Not specified (affects specific platforms)	Race condition in network transmission	Moderate (CVSS: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Unaffected versions not listed (all potentially vulnerable)	Btrfs reference list handling error in `insert_delayed_ref()`	Low	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions potentially affected)	Infinite Loop in filemap_read()	Medium (CVSS v3: 5.5)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified (all versions vulnerable before a fix is applied)	Crash due to invalid pointer access	Medium (CVSS score not yet assigned)	View or Download	UNDERCODE	2024-11-27
Linux Kernel	Not specified	Integer overflow in damon_feed_loop_next_input function	Moderate (CVSS score details might be available elsewhere)	View or Download	UNDERCODE	2024-11-26
Linux Kernel	(Unaffected versions not specified)	Improper IO Mapping Handling	High	View or Download	UNDERCODE	2024-11-26
CRI-O	!ERROR! B2894 -> Formula Error: Unexpected ,	Malicious checkpoint file can lead to arbitrary node access	Moderate	View or Download	UNDERCODE	2024-11-26
TCPDF	6.7.5	Local File Inclusion (LFI)	Moderate	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	All versions (not specified)	Out-of-Bounds Read Remote Code Execution (RCE) in JP2 file parsing	Critical	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	All versions (not specified)	JPG File Parsing Out-Of-Bounds Read	Information Disclosure (allows attackers to see sensitive information)	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	All	JP2 File Parsing Out-Of-Bounds Read Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	Not specified	Out-of-Bounds Read Information Disclosure	Not officially rated (CVSS information not yet available)	View or Download	UNDERCODE	2024-11-26
WordPress	Sirv plugin up to 7.3.0	Unauthorized modification of data leading to Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2024-11-26
WordPress Restaurant Menu – Food Ordering System Plugin	Up to and including 2.4.2	Reflected Cross-Site Scripting (XSS)	Medium (CVSS v3: 6.1)	View or Download	UNDERCODE	2024-11-26
WordPress	Contact Form 7 Email Add On plugin <= 1.9	Local File Inclusion	HIGH	View or Download	UNDERCODE	2024-11-26
WordPress	WooCommerce Product Table Lite plugin versions up to 3.8.6	Arbitrary Shortcode Execution & Reflected Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-26
FastStone Image Viewer	All versions before 7.8 are affected (unspecified in report)	Out-of-Bounds Write in GIF Parsing	Critical (Allows remote code execution)	View or Download	UNDERCODE	2024-11-26
Tungsten Automation Power PDF	(not specified)	Out-of-Bounds Read in PDF Parsing	Information Disclosure (Exploitation likely requires additional vulnerabilities)	View or Download	UNDERCODE	2024-11-26
PDF-XChange Editor (all versions)	Not applicable	Out-of-bounds write during PDF parsing	Critical	View or Download	UNDERCODE	2024-11-26
Perl (Imager package)	Before 1.0.25	Heap-based buffer overflow	Critical (CVSS details not provided)	View or Download	UNDERCODE	2024-11-26
Ivanti Cloud Services Appliance (CSA)	4.6 (before Patch 518)	OS Command Injection (CVE-2024-8190)	Critical	View or Download	UNDERCODE	2024-11-26
		Use-After-Free leading to Remote Code Execution	Critical (allows attackers to take full control of the system)	View or Download	UNDERCODE	2024-11-26
WordPress	WPGYM <= 67.1.0	Unauthenticated Arbitrary File Upload	Critical	View or Download	UNDERCODE	2024-11-26
WordPress	WPGYM plugin up to 67.1.0	Privilege Escalation	Moderate (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-26
AMD EPYC Processors (see below for affected models)	Firmware versions up to (excluding) milanpi_1.0.0.d or genoapi_1.0.0.c (depending on the model)	Details not specified in the excerpt, but likely exploitable by attackers.	Critical (highest severity level)	View or Download	UNDERCODE	2024-11-26
Dell PowerProtect DD	Prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50	Access Control	Critical	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (to be confirmed)	Out-of-Bounds Read Remote Code Execution (RCE) in SID file parsing	Critical	View or Download	UNDERCODE	2024-11-26
IBM Watson Query on Cloud Pak for Data, IBM Db2 Big SQL on Cloud Pak for Data	1.8, 2.0, 2.1, 2.2 (Watson Query), 7.3, 7.4, 7.5, 7.6 (Db2 Big SQL)	Insufficient session expiration	Critical	View or Download	UNDERCODE	2024-11-26
PHP	8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14	HTTP Request Smuggling (CVE-2024-11234)	Critical	View or Download	UNDERCODE	2024-11-26
Pandora FMS	700 through <= 777.4	Command Injection (LDAP Authentication)	MEDIUM	View or Download	UNDERCODE	2024-11-26
WordPress	My Contador lesr plugin <= 2.0	Unauthenticated Stored Cross-Site Scripting (XSS)	Medium (CVSS: 3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)	View or Download	UNDERCODE	2024-11-26
WordPress	Dino Game - Embed Google Chrome Dinosaur Game plugin versions up to 1.1.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-26
WordPress	Pure CSS Circle Progress Bar plugin <= 1.2	Stored Cross-Site Scripting (XSS)	Critical (Unauthenticated attackers can inject malicious scripts)	View or Download	UNDERCODE	2024-11-26
WordPress	Up to and including 1.1.6	Reflected Cross-Site Scripting (XSS)	Medium (CVSS: 6.1)	View or Download	UNDERCODE	2024-11-26
WordPress	Theater for WordPress <= 0.18.6.2	Reflected Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-26
Android	(Not specified)	Local Privilege Escalation through Screen Capture	Critical	View or Download	UNDERCODE	2024-11-26
Zoho ManageEngine Exchange Reporter Plus	5714 and below	Authenticated SQL injection	Critical	View or Download	UNDERCODE	2024-11-26
Jewel Theme Master Addons for Elementor	All versions up to 2.0.5.4.1 (uncertain about earlier versions)	Missing Authorization	Critical	View or Download	UNDERCODE	2024-11-26
HarmonyOS (based on source)	Not specified	Missing permission check in applyCustomDescription of SaveUi.java	High (Local Information Disclosure)	View or Download	UNDERCODE	2024-11-26
KiviCare	Up to 3.6.2	Authorization Bypass Through User-Controlled Key	Critical	View or Download	UNDERCODE	2024-11-26
Keycloak Connector Server	< 2.5.5	Reflected XSS	Moderate	View or Download	UNDERCODE	2024-11-26
sigstore-java	v1.0.0 (patched in v1.1.0)	Incomplete verification in KeylessVerifier.verify()	Critical	View or Download	UNDERCODE	2024-11-26
Android	Not specified (All versions potentially affected)	Confused Deputy in PrintManagerService.java	Medium	View or Download	UNDERCODE	2024-11-26
Qualcomm Snapdragon Firmware	All	CWE-835 (Loop or Recursion Vulnerability)		View or Download	UNDERCODE	2024-11-26
Qualcomm Multi-mode Call Processor	Not Applicable (Affects All Versions)	Denial-of-Service (DoS)	Medium	View or Download	UNDERCODE	2024-11-26
		Unknown (reference to CWE-787 suggests Out-of-bounds Write)	Unknown (severity cannot be determined from this blog post)	View or Download	UNDERCODE	2024-11-26
UkrSolution Barcode Scanner with Inventory & Order Manager			Critical	View or Download	UNDERCODE	2024-11-26
Lobe Chat	Before 1.19.13	Unauthorized SSRF	Critical (CVSS: 9.0)	View or Download	UNDERCODE	2024-11-26
Android	Not specified (all versions potentially affected)	Out-of-bounds write due to missing bounds check	Critical (allows remote code execution)	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (unaffected versions not specified)	DXF file parsing out-of-bounds read leading to RCE	Critical	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (unaffected versions not yet identified)	Out-of-bounds read in DXF file parsing leading to RCE	Critical	View or Download	UNDERCODE	2024-11-26
IrfanView	All versions (unaffected version not specified yet)	Out-of-Bounds Read Remote Code Execution (DXF File Parsing)	Critical	View or Download	UNDERCODE	2024-11-26
Centreon	All versions before 22.04.24, 22.10.22, 23.04.18, 23.10.12, and 24.04.0 (not mentioned in the article)	SQL Injection in the updateServiceHost function	Critical (allows remote code execution)	View or Download	UNDERCODE	2024-11-26
Centreon Web	All versions before the fixes mentioned below	SQL Injection leading to Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-26
Dell PowerProtect DD	Before 7.7.5.50	Exposure of Sensitive Information to Unauthorized Actor	Low (CVSS: 3.1)	View or Download	UNDERCODE	2024-11-26
Dell PowerProtect Data Domain	Prior to 8.1.0.0, 7.13.1.10, 7.10.1.40, and 7.7.5.50	Escalation of Privilege (EoP)	Critical (CVSS score details not provided)	View or Download	UNDERCODE	2024-11-26
Project Worlds Free Download Online Shopping System	All versions up to 192.168.1.88 (unclear if specific to this IP or a version range)	SQL injection	Critical (CVSS score: 5.3 MEDIUM)	View or Download	UNDERCODE	2024-11-26
ManageEngine ADAudit Plus	Below 8121	SQL Injection (CVE-2024-5608)	Critical (CVSS score: 8.3)	View or Download	UNDERCODE	2024-11-26
emqx Neuron	Up to 2.10.0	Buffer Overflow	Critical (CVSS v4.0: MEDIUM)	View or Download	UNDERCODE	2024-11-26
E-Health Care System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-26
GitLab CE/EE	16.0 to 17.3.6, 17.4 to 17.4.3, 17.5 to 17.5.1 (Fixed in 17.3.7, 17.4.4, 17.5.2)	Unauthorized access to Kubernetes agent (CVE-2024-9693)	High (CVSS score: 8.5)	View or Download	UNDERCODE	2024-11-26
Python	0.1.13	Credential Harvesting	High	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified	Out-of-memory access in dvbdev	High (CVSS score not provided)	View or Download	UNDERCODE	2024-11-25
MLflow	Affected versions are not explicitly specified.	Excessive directory permissions	High	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	Heap-based buffer overflow in JPM file parsing	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	DJVU File Parsing Use-After-Free Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All	Heap-based Buffer Overflow Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
		PDF File Parsing Out-Of-Bounds Read Information Disclosure	LOW	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not yet disclosed)	Out-of-Bounds Read Remote Code Execution (RCE)	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	Out-of-Bounds Write in JPM File Parsing	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	DXF file parsing memory corruption leading to remote code execution	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	Out-of-bounds read during DWG file parsing leading to Remote Code Execution (RCE)	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (not specified)	Out-of-bounds write during ARW file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not specified)	Out-of-bounds write during JPM file parsing (CVE-2024-11517)	Critical (RCE)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not specified yet)	DWG File Parsing Memory Corruption RCE	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not yet identified)	DXF File Parsing Use-After-Free Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
WordPress	ImagePress – Image Gallery plugin versions up to 1.2.2 (inclusive)	Cross-Site Request Forgery (CSRF)	Medium (CVSS v3 score not provided)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions	DXF File Parsing Memory Corruption Remote Code Execution	Critical (CVSS: 7.8)	View or Download	UNDERCODE	2024-11-25
Keycloak	26 and earlier	Denial-of-Service (DoS)	Critical	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B2967 -> Formula Error: Unexpected ,	Denial-of-Service (DoS)	Moderate	View or Download	UNDERCODE	2024-11-25
deno_doc	All versions before a fix is released	Cross-site Scripting (XSS)	Low	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B2969 -> Formula Error: Unexpected ,	Sensitive data exposure	High	View or Download	UNDERCODE	2024-11-25
Dell SmartFabric OS10 Software	10.5.3.x, 10.5.4.x, 10.5.5.x, 10.5.6.x	Improper Neutralization of Special Elements (Command Injection)	HIGH	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B2971 -> Formula Error: Unexpected ,	Sensitive data exposure during build process	Moderate	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B2972 -> Formula Error: Unexpected ,	Path Traversal	Low	View or Download	UNDERCODE	2024-11-25
Keycloak	!ERROR! B2973 -> Formula Error: Unexpected ,	Inefficient Regular Expression Complexity		View or Download	UNDERCODE	2024-11-25
Xiaomi Router AX9000	Not specified	Post-authorization Command Injection	MEDIUM (CVSS 3.1 base score: 6.4)	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unspecified)	Out-of-Bounds Write during SID File Parsing (Remote Code Execution)	Critical	View or Download	UNDERCODE	2024-11-25
1000 Projects Beauty Parlour Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-25
Tungsten Automation Power PDF	Not specified	JPF File Parsing Out-Of-Bounds Write Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
IrfanView	All versions (unaffected versions not specified)	WSQ File Parsing Out-Of-Bounds Write Remote Code Execution	Critical	View or Download	UNDERCODE	2024-11-25
Tungsten Automation Power PDF	Not specified	PSD File Parsing Out-Of-Bounds Write Remote Code Execution	Critical (CVSS score not provided, but the description indicates remote attackers can execute arbitrary code)	View or Download	UNDERCODE	2024-11-25
Tungsten Automation Power PDF	Not specified	Stack-based buffer overflow in TIF file parsing	Critical	View or Download	UNDERCODE	2024-11-25
WordPress	HUSKY - Products Filter Professional for WooCommerce plugin versions up to 1.3.6.3	Reflected Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-25
W3speedster	Up to 7.25	Cross-Site Request Forgery (CSRF)	Critical	View or Download	UNDERCODE	2024-11-25
Vivwebs Dynamic Widgets	Up to 1.6.4	Cross-Site Request Forgery (CSRF)	Medium (based on CVSS v3.1 score)	View or Download	UNDERCODE	2024-11-25
		XSS in error messages	Low (user-controlled input needed in error message)	View or Download	UNDERCODE	2024-11-25
Taurus Multi-Party Signature Library	Not specified		Critical (both vulnerabilities)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified (all versions potentially affected)	Race condition in i40e driver	Moderate (CVSS score not provided)	View or Download	UNDERCODE	2024-11-25
lxml (HTML cleaning functionality)	Before 0.4.0	Improper context handling for special HTML tags (SVG, Math, Noscript)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-25
Android	Not specified	Improper Input Validation in CompanionDeviceManagerService.java (CVE-2024-0022)	High	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified	Improper reference count handling for CPU device nodes (RISC-V)	Medium (CVSS v3 base score: 5.5)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified (likely impacts multiple versions)	Improper resource handling in iwlwifi driver during AP stop/start	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Not specified (requires kernel update)	Incorrect NULL vs IS_ERR() check in drm/tegra driver	Low (CVSS v3 Base Score: 5.5)	View or Download	UNDERCODE	2024-11-25
Linux Kernel	Unaffected versions not listed (potentially all before the fix)	Out-of-bounds memory access in virtio_net driver	HIGH (CVSS 3.1 base score: 7.1)	View or Download	UNDERCODE	2024-11-25
emqx neuron	Up to 2.10.0	Information Disclosure (CVE-2024-10965)	MEDIUM	View or Download	UNDERCODE	2024-11-23
AMTT Hotel Broadband Operation System	Up to 3.0.3.151204	Cross-site scripting (XSS)	Medium (CVSS score: 5.3)	View or Download	UNDERCODE	2024-11-23
code-projects Task Manager	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-23
Job Recruitment	1.0	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-23
WordPress Plugin - CTT Expresso para WooCommerce	Up to 3.2.12 (inclusive)	Sensitive Information Exposure	Medium	View or Download	UNDERCODE	2024-11-23
Code4Berry Decoration Management System	1.0	Improper Access Control	Critical	View or Download	UNDERCODE	2024-11-23
Dropbox Desktop	All	Mark-of-the-Web Bypass	Critical	View or Download	UNDERCODE	2024-11-23
WordPress	FundEngine plugin versions up to and including 1.7.0	Privilege Escalation	Critical	View or Download	UNDERCODE	2024-11-23
Code4Berry Decoration Management System	1.0	Permission Issues (User Handler - /decoration/admin/userregister.php)	Critical	View or Download	UNDERCODE	2024-11-23
Linux Kernel	Not specified (potentially all versions before the fix)	mctp i2c NULL header address handling	Medium (CVSS score not provided)	View or Download	UNDERCODE	2024-11-22
	All versions before the fix	Memory Leak	Medium (CVSS score to be determined)	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified	Null pointer dereference in firmware:qcom:scm	Medium (CVSS score not provided)	View or Download	UNDERCODE	2024-11-22
MBed OS	6.16.0	Buffer Overflow (CVE-2024-48982)	Critical	View or Download	UNDERCODE	2024-11-22
Code4Berry Decoration Management System	1.0	User Permission Handling Vulnerability (CVE-2024-11486)	Medium	View or Download	UNDERCODE	2024-11-22
Mbed OS	6.16.0	Buffer Overflow (CVE-2024-48986)	Critical	View or Download	UNDERCODE	2024-11-22
Tailoring Management System	1.0 (Unaffected versions not specified)	SQL Injection through /expcatedit.php argument manipulation (id)	Medium (CVSS v4.0 Base Score: 5.3)	View or Download	UNDERCODE	2024-11-22
Code4Berry Decoration Management System	1.0	SQL Injection (CVE-2024-11487)	Critical	View or Download	UNDERCODE	2024-11-22
1000 Projects Bookstore Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-22
AVL-DiTEST-DiagDev libdoip	1.0.0	Null Pointer Dereference in DoIPConnection::reactOnReceivedTcpMessage	Medium	View or Download	UNDERCODE	2024-11-22
idcCMS	1.60	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions with vulnerable bnxt_re driver)	Out-of-bounds memory access	Moderate (CVSS v3 base score: 5.5)	View or Download	UNDERCODE	2024-11-22
smol-toml	<1.3.1	Stack Overflow	Low	View or Download	UNDERCODE	2023-11-13
Tornado	Prior to 6.4.2	HTTP Cookie Parsing DoS	High	View or Download	UNDERCODE	2024-11-22
Sentry	All versions before next release	Potential Client ID and Secret exposure in error message	Low	View or Download	UNDERCODE	2024-11-22
UAMQP C library	Unaffected versions not specified	Remote Code Execution (RCE)	Critical (CVSS score likely high)	View or Download	UNDERCODE	2024-11-22
WordPress	Up to and including 1.7.2	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-22
java_shop	1.0	File Upload Vulnerability	Not yet rated by NIST	View or Download	UNDERCODE	2024-11-22
Android	Not specified (all versions before August 2024 patch)	Logic error in OwnersData.java	High	View or Download	UNDERCODE	2024-11-22
LibreNMS	Not specified	Reflected XSS (CVE-2024-51496)	Medium	View or Download	UNDERCODE	2024-11-22
ManageEngine ADAudit Plus	Below 8110	Authenticated SQL Injection (CVE-2024-36518)	High	View or Download	UNDERCODE	2024-11-22
Zyxel P-6101C ADSL modem	P-6101CSA6AP_20140331	Improper Authentication	HIGH	View or Download	UNDERCODE	2024-11-22
LibreNMS	All versions before 24.10.0	Reflected XSS	Critical	View or Download	UNDERCODE	2024-11-22
WordPress	Breakdance versions up to 1.7.2 (inclusive)	Unauthorized Access of Data	Medium	View or Download	UNDERCODE	2024-11-22
java_shop	1.0	Incorrect Access Control	Critical (CVSS details not yet available)	View or Download	UNDERCODE	2024-11-22
SourceCodester Student Record Management System	1.0	Memory Corruption	Critical	View or Download	UNDERCODE	2024-11-22
Querydsl	5.1.0	SQL/HQL Injection	High	View or Download	UNDERCODE	2024-11-22
	Not specified (versions 3.2.0 through 4.1.3 are vulnerable)	Server-Side Request Forgery (SSRF)	High (CVSS score: 7.5)	View or Download	UNDERCODE	2024-11-22
SFTPGo	All versions	Arbitrary Command Execution	Critical	View or Download	UNDERCODE	2023-10-24
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
Luxion KeyShot	Not specified	Remote Code Execution (RCE) through jt file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
Luxion KeyShot	Not specified	Stack overflow due to improper validation in 3DS file parsing	Critical (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution (RCE)	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
Adobe InDesign	(not specified)	Information Disclosure	Low	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-18
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified	Division by zero error in v4l2-tpg	Medium	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions potentially affected)	Slab-use-after-free in ksmbd_smb2_session_create	High (CVSS score: 7.8)	View or Download	UNDERCODE	2024-11-22
Linux kernel	Not specified	Slab-use-after-free in smb3_preauth_hash_rsp function	HIGH (CVSS v3 score not provided)	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions vulnerable before a fix)	SCTP Chunk Size Validation Error (CVE-2024-50299)	Not officially rated by NIST (NVD) yet	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified	Buffer overflow in amdgpu_debugfs_gprwave_read() function	Medium (CVSS v2: 4.6, CVSS v3: 7.8)	View or Download	UNDERCODE	2024-11-22
Linux Kernel	Not specified (all versions potentially affected)	Uninitialized use of regulator_config in rtq2208 driver	High (CVSS score not yet available from NVD)	View or Download	UNDERCODE	2024-11-22
SourceCodester Student Record Management System	1.0	Stack-based buffer overflow	Critical	View or Download	UNDERCODE	2024-11-22
Android	Not specified (all versions before March 2024 security patch)	Local Information Disclosure (exercise route data)	High	View or Download	UNDERCODE	2024-11-22
Android	Not specified	Incorrect tag used during device policy serialization (CVE-2024-0047)	High (Potential for DoS)	View or Download	UNDERCODE	2024-11-22
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution (RCE)	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-21
IrfanView	4.69 and earlier	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
IrfanView	Affected versions prior to 4.70	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-21
Linux Kernel	(Not specified in the provided information)	Improper access control in raw_copy_{to,from}_user() functions	Critical (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-21
Linux Kernel	Not specified (all versions potentially affected)	Use-after-free in USB serial io_edgeport code	Medium (CVSS v2 score: 4.6, CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-21
Linux Kernel	All versions before the fix for CVE-2024-50265 are vulnerable.	Null pointer dereference in ocfs2_xa_remove() function	Critical	View or Download	UNDERCODE	2024-11-21
Linux Kernel	(Not specified in the provided information)	Flaw in sch_cake's flow accounting logic	Medium	View or Download	UNDERCODE	2024-11-21
Linux Kernel	Unaffected versions not specified	Use-After-Free in vsock/virtio (CVE-2024-50264)	Critical (CVSS v3 score details not provided)	View or Download	UNDERCODE	2024-11-21
Linux Kernel	Not specified (all versions vulnerable before fix)	Double free of TX skb	Critical	View or Download	UNDERCODE	2024-11-21
Oracle Agile PLM Framework	9.3.6	Information Disclosure	HIGH (CVSS Score: 7.5)	View or Download	UNDERCODE	2024-11-21
Opencast	13 and 14	Infinite loop with Elasticsearch queries	Critical	View or Download	UNDERCODE	2024-11-20
Litestar	All versions	Denial of Service (DoS)	Critical	View or Download	UNDERCODE	2024-11-20
Microsoft SharePoint Server	Not specified	Remote Code Execution (RCE)	Critical (CVSS score: 7.2)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (potential impact on all versions)	Information Disclosure	Low	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (likely affects multiple versions)	Firmware crash due to invalid peer nss value in association request	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-20
Qualcomm Multiple Products	Various	Multiple Vulnerabilities	Varies	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (all versions potentially affected)	io_uring overflow handling flaw	Low	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified	Memory access issue in drm/amd/display code	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-20
cert-manager	All versions since v0.1.0	Denial-of-service (DoS)	Medium	View or Download	UNDERCODE	2024-11-20
7-Zip	Affected versions prior to 24.07	Remote Code Execution	High (CVSS Score: 7.8)	View or Download	UNDERCODE	2024-11-20
N/A	N/A	N/A	N/A	View or Download	UNDERCODE	2024-11-20
		Undercoding (mentioned in the article but not a security vulnerability)	N/A (Undercoding is not a security vulnerability)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (all versions potentially affected)	Race condition in ntfs3 driver	Moderate (CVSS v3 score: 5.5)	View or Download	UNDERCODE	2024-11-20
Qualcomm devices	(not specified)	(not specified)	(not specified)	View or Download	UNDERCODE	2024-11-20
Qualcomm	(see article for specific versions)	Potential Remote Compromise	Critical	View or Download	UNDERCODE	2024-11-20
D-Link DI-8033	16.07.26A1	Buffer Overflow (CVE-2024-52759)	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-20
Monoprice Select Mini V2	V37.115.32	Improper input validation in printing files	Medium (CVSS 3.x Base Score: 5.5)	View or Download	UNDERCODE	2024-11-20
WordPress Testimonials Widget Plugin	Up to and including 4.0.4	Stored Cross-Site Scripting (XSS)	Unlisted (CVSS score not provided)	View or Download	UNDERCODE	2024-11-20
Tenda AC6	v2.0 v15.03.06.50	Buffer overflow in function "fromSetSysTime" (CVE-2024-52714)	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified	Integer overflow in drm/amd/display code	Moderate	View or Download	UNDERCODE	2024-11-20
Cosmos SDK	cosmossdk.io/math versions <= math/v1.3.0	Mismatched bit-length validation in sdk.Int and sdk.Dec	High	View or Download	UNDERCODE	2024-11-20
Moodle		Insecure Direct Object Reference (IDOR)	Moderate	View or Download	UNDERCODE	2024-11-20
django CMS	Before 4.0	Cross-site Scripting (XSS)	Moderate	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (likely affects multiple versions)	Improper synchronization when accessing superblock buffer	Moderate (CVSS v3 base score: 5.5)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	Not specified (potentially all versions with aforementioned configurations enabled)	Out-of-bounds read (based on CVE description)	Medium (according to CVE details, no exploit exists)	View or Download	UNDERCODE	2024-11-20
N/A	N/A	N/A	N/A	View or Download	UNDERCODE	2024-11-20
		Buffer overflow in `amdgpu_dm` initialization	Unknown (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publishing)	Cross-site Scripting (XSS)	Medium (CVSS score: 6.1)	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publication)	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publication)	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-20
Cisco ISE	All versions (at the time of publishing)	XXE (CVE-2024-20531)	MEDIUM (CVSS score: 5.5)	View or Download	UNDERCODE	2024-11-20
Linux Kernel	All versions before 6.11.7	Null Pointer Dereference (CVE-2024-53050)	Medium	View or Download	UNDERCODE	2024-11-20
Cisco Identity Services Engine (ISE)	All versions (at the time of publication)	Cross-site Scripting (XSS)	MEDIUM	View or Download	UNDERCODE	2024-11-20
Linux kernel	Not specified	Null pointer dereference in `intel_hdcp_get_capability`	Medium (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-20
Anton Hoelstad WP Quick Setup	<= 2.0	Unrestricted Upload of File with Dangerous Type	Critical	View or Download	UNDERCODE	2024-11-20
Mindstien Technologies My Geo Posts Free	All versions up to 1.2 (inclusive)	Deserialization of Untrusted Data	Critical	View or Download	UNDERCODE	2024-11-20
WordPress Video Robot - The Ultimate Video Importer	All versions up to 1.20.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-20
Lis Video Gallery	Up to 0.2.1	Deserialization of Untrusted Data	Critical	View or Download	UNDERCODE	2024-11-20
Post SMTP	All versions up to 2.9.9	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-20
GLPI	All versions before 10.0.17	Reflected XSS	Medium	View or Download	UNDERCODE	2024-11-20
GLPI	All versions before 10.0.17	SQL Injection	High (CVSS score: 8.1)	View or Download	UNDERCODE	2024-11-20
code-projects Job Recruitment	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-20
Saso Nikolov Event Tickets with Ticket Scanner	n/a - 2.3.11	Improper Neutralization of Special Elements Used in a Template Engine	Critical	View or Download	UNDERCODE	2024-11-20
	3.1	Heap-Overflow Vulnerability in DCERPC Protocol	CRITICAL	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
Moodle	All versions before 4.5.0-rc2 (unconfirmed)	Improper Authorization	Medium (CVSS v2 score: 5.0, CVSS v3 score: 6.5)	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored XSS	Medium	View or Download	UNDERCODE	2024-11-20
LibreNMS	Unaffected versions not listed (all versions before 24.10.0 likely vulnerable)	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
Moodle	Versions before 4.5.0-rc2 are affected (unclear which specific versions)	Improper Authorization	Medium (CVSS v2 score: 6.4, CVSS v3 score: 4.3)	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-20
Urchenko Drozd – Addons for Elementor	Up to 1.1.1	Stored XSS (Cross-site Scripting) (CVE-2024-52425)	Medium (CVSS details not specified)	View or Download	UNDERCODE	2024-11-20
Moodle	All versions before 4.1.14, 4.2.11, 4.3.8, 4.4.4 (not exhaustive)	Information Disclosure	Medium	View or Download	UNDERCODE	2024-11-20
WordPress	Linear plugin <= 2.7.11	Cross-site Scripting (XSS)	Medium (CVSS details not specified)	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
LibreNMS	Unaffected versions not listed (all versions before 24.10.0 likely vulnerable)	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-20
LibreNMS	All versions before 24.10.0	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-20
SourceCodester Online Eyewear Shop	1.0	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-20
Windows	SecureID Software Token for Microsoft Windows	Remote Code Execution	High	View or Download	UNDERCODE	2024-11-19
eDrawings Viewer	All versions from SOLIDWORKS 2024 through 2025 (unspecified)	Heap-based buffer overflow and uninitialized variable vulnerabilities in X_B and SAT file parsing	Critical (CVSS: 7.8)	View or Download	UNDERCODE	2024-11-19
1000 Projects Beauty Parlour Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-19
WordPress	WP Activity Log plugin versions up to 5.2.1	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-19
GLPI	All versions before 10.0.17 (vulnerable)	Access Control Bypass (CVE-2024-45611)	Medium	View or Download	UNDERCODE	2024-11-19
WordPress	Tripetto plugin versions up to 8.0.3	Stored Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-19
1000 Projects Beauty Parlour Management System	1.0	SQL Injection	Critical	View or Download	UNDERCODE	2024-11-19
1000 Projects Portfolio Management System MCA	1.0	SQL injection	Critical	View or Download	UNDERCODE	2024-11-19
Farmacia	1.0 (all versions likely affected)	Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
Adobe Audition	23.6.9, 24.4.6 and earlier	Out-of-bounds read vulnerability	Medium (CVSS: 5.5)	View or Download	UNDERCODE	2024-11-19
Microsoft VHDX	(Not specified)	Denial-of-Service (DoS)	Medium (CVSS score: 5.9)	View or Download	UNDERCODE	2024-11-19
GLPI	All versions before 10.0.17	Reflected XSS (CVE-2024-45609)	Medium (CVSS v3.1 score: 6.5) - Though some sources list it as High (CVSS v2 score: 7.8)	View or Download	UNDERCODE	2024-11-19
WordPress	Up to and including 2.5.7	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
Windows	Not specified	Elevation of Privilege in USB Video Class System Driver	MEDIUM (CVSS score: 6.8)	View or Download	UNDERCODE	2024-11-19
Windows SMBv3 Server	(not specified in this article)	Remote Code Execution (RCE)	High (CVSS score: 8.1)	View or Download	UNDERCODE	2024-11-19
GLPI	All versions before 10.0.17	Reflected Cross-Site Scripting (XSS)	Pending analysis by NIST	View or Download	UNDERCODE	2024-11-19
WordPress Plugin (The Music Player for Elementor)	All versions up to 2.4.1	Unauthorized modification of data (CVE-2024-10582)	Critical	View or Download	UNDERCODE	2024-11-19
		Remote Code Execution	High (CVSS score: 8.8)	View or Download	UNDERCODE	2024-11-19
Ceph RGW (civetweb)	Not specified	Multiple connection establishment to exhaust file descriptors	Denial-of-Service (DoS)	View or Download	UNDERCODE	2024-11-19
Intel Server Board M10JNP2SB Family (exact versions not specified)	Not specified	Improper input validation in UEFI firmware	High (CVSS score: 7.5 - 8.7 depending on the version of CVSS used)	View or Download	UNDERCODE	2024-11-19
		Windows Registry Elevation of Privilege Vulnerability	HIGH (CVSS score: 7.5)	View or Download	UNDERCODE	2024-11-19
ImageMagick, GraphicsMagick	Before 1.3.24 (both platforms)	Arbitrary Code Execution	Not specified (CVSS score likely available elsewhere)	View or Download	UNDERCODE	2024-11-19
ImageMagick	Not specified (versions before the fix are vulnerable)	Out-of-bounds write via PDB file	Medium (CVSS v3 score: 6.5)	View or Download	UNDERCODE	2024-11-19
LittleCMS (lcms or liblcms)	Before 1.18beta2	Multiple integer overflows	High (CVSS v2 score: 9.3)	View or Download	UNDERCODE	2024-11-19
.NET Core	9.0	Denial of Service (DoS)	High (CVSS v3 base score: 7.5)	View or Download	UNDERCODE	2024-11-19
tsMuxer	nightly-2024-05-12-02-01-18 (specific version only)	Heap-based buffer under-read	Not specified (CVSS score not provided)	View or Download	UNDERCODE	2024-11-19
		Improper Access Control in UEFI firmware	Not yet analyzed by NVD	View or Download	UNDERCODE	2024-11-19
GentleSource Appointmind	All versions before 4.0.0	Cross-Site Request Forgery (CSRF) leading to Stored XSS	High (based on CVE details)	View or Download	UNDERCODE	2024-11-19
rclone	v1.68.1	Insecure Handling of Symlinks	High	View or Download	UNDERCODE	2024-11-19
Siemens Tecnomatix Plant Simulation	All versions before V2302.0018 and V2404.0007	Out-of-bounds read vulnerability in WRL file parsing	High (CVSS v3.1 score: 7.8)	View or Download	UNDERCODE	2024-11-19
Siemens Tecnomatix Plant Simulation	(not specified)	Remote Code Execution (RCE) through WRL file parsing	High (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
Siemens Tecnomatix Plant Simulation	Not specified	Remote Code Execution (RCE) through WRL file parsing		View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Improper Neutralization of Delimiters	Medium (CVSS 3.1 score: 4.0)	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	v7.14	Out-of-range Pointer Offset	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	High (CVSS Score: 8.5)	View or Download	UNDERCODE	2024-11-19
EyouCMS	1.51	Path Traversal	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Integer Overflow or Wraparound	High (CVSS v2 score: 7.8, CVSS v3 score: 7.5)	View or Download	UNDERCODE	2024-11-19
Craft CMS	Prior to 4.12.2 and 5.4.3	Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)	High	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Improper Neutralization of Delimiters	Medium	View or Download	UNDERCODE	2024-11-19
Cesanta Mongoose Web Server	7.14	Use of Out-of-range Pointer Offset	Medium (CVSS score: 4.3)	View or Download	UNDERCODE	2024-11-19
Craft CMS	All versions before 5.4.9 and 4.12.8	Information Disclosure	High	View or Download	UNDERCODE	2024-11-19
Apache Kafka	2.3.0 - 3.5.2, 3.6.2, 3.7.0	Improper Privilege Management	High	View or Download	UNDERCODE	2023-10-17
Linux kernel	Not specified (likely affects multiple versions)	Unbalanced locking in pc_clock_settime()	Moderate (CVSS v3: 5.5, CVSS v4: 6.8)	View or Download	UNDERCODE	2024-11-19
ImageMagick	Not specified	Denial-of-Service (DoS) via crafted PSD file	Medium (CVSS score: 6.5)	View or Download	UNDERCODE	2024-11-19
Security Center application (vendor not specified)	All versions (not specified)	HTML Injection	Medium (CVSS 3.x Base Score: 5.9)	View or Download	UNDERCODE	2024-11-19
Linux Kernel	Not specified	Namespace copy issue (rbtree removal)	Not provided (CVSS details likely missing from provided text)	View or Download	UNDERCODE	2024-11-19
Linux Kernel	Not specified	Memory Corruption in RDMA/bnxt_re driver	Not specified (CVSS score not provided)	View or Download	UNDERCODE	2024-11-19
Linux kernel	Not specified	Improper locking during sub buffer order change (CVE-2024-50207)	Medium (CVSS score not explicitly mentioned)	View or Download	UNDERCODE	2024-11-19
WordPress	Royal Elementor Addons and Templates plugin versions up to 1.7.1001	Stored Cross-Site Scripting (XSS)	Medium (CVSS 3.1 Base Score: 6.4)	View or Download	UNDERCODE	2024-11-19
OpenEMR	7.0.1	Stored XSS	High (CVSS score not yet available)	View or Download	UNDERCODE	2024-11-19
VK All in One Expansion Unit	Prior to 9.100.1.0	Cross-site scripting (XSS)	Medium (CVSS v3 score: 4.8)	View or Download	UNDERCODE	2024-11-19
Linux Kernel	Not specified (potentially all versions using nilfs2)	Improper Error Handling in nilfs2	Not yet assigned a CVSS score (as of November 19, 2024)	View or Download	UNDERCODE	2024-11-19
WordPress	AFI plugin up to and including 1.92.0	Reflected Cross-Site Scripting (XSS)	Medium (CVSS not yet analyzed)	View or Download	UNDERCODE	2024-11-19
WordPress	Royal Elementor Addons and Templates plugin versions up to 1.7.1001	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
calibre-web	Not specified	Cross-site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
WordPress	Up to 2.9.5	Local File Inclusion (LFI)	Critical (CVSS 3.x Base Score: 9.8)	View or Download	UNDERCODE	2024-11-19
WordPress	MultiManager WP – Manage All Your WordPress Sites Easily plugin (up to 1.0.5)	Authentication Bypass	Critical	View or Download	UNDERCODE	2024-11-19
WordPress	Royal Elementor Addons and Templates plugin versions up to 1.7.1001	Stored Cross-Site Scripting (XSS)	Medium	View or Download	UNDERCODE	2024-11-19
Thunderbird	< 128.4.3 and < 132.0.1	Disclosure of plaintext in OpenPGP encrypted messages	Not specified (CVSS score likely available elsewhere)	View or Download	UNDERCODE	2024-11-19
Dolibarr	Versions before 'develop' branch	Improper Authorization	Medium	View or Download	UNDERCODE	2024-11-19
Harbor	Unaffected versions not specified (all versions before 2.5.2 likely vulnerable)	Improper Authorization	Not available in provided resources	View or Download	UNDERCODE	2024-11-19
calibre-web	Unknown	Improper Access Control	Low	View or Download	UNDERCODE	2024-11-19
Harbor	Not specified	Improper Authorization	High (CVSS: 7.4)	View or Download	UNDERCODE	2024-11-19
SourceCodester Best Employee Management System	1.0	SQL Injection	Medium	View or Download	UNDERCODE	2024-11-19
Harbor	1.0 through 1.10.12, 2.0 through 2.4.2 and 2.5 through 2.5.1 (all versions before the fix)	Improper Authorization	High	View or Download	UNDERCODE	2024-11-19
Harbor	(Unaffected versions not specified)	Insecure Direct Object Reference (IDOR) - CVE-2022-31667	High (CVSS details not yet available)	View or Download	UNDERCODE	2024-11-19
PHPGurukul User Registration & Login and User Management System	3.2	Reflected Cross-Site Scripting (XSS)	Not officially rated, but likely medium based on similar vulnerabilities.	View or Download	UNDERCODE	2024-11-19
Harbor	All versions before 2.5.2	Insecure Direct Object Reference (IDOR)	High	View or Download	UNDERCODE	2024-11-19
SourceCodester Best Employee Management System	1.0 (all versions likely affected)	SQL Injection	Medium (CVSS v3: 5.1)	View or Download	UNDERCODE	2024-11-19
VIWIS LMS	9.11	Missing Authorization in Print Handler	Critical	View or Download	UNDERCODE	2024-11-19
phpipam	All versions before 1.4.7	Cross-Site Scripting (XSS)	Low	View or Download	UNDERCODE	2024-11-19
WordPress (Hoo Addons for Elementor plugin)	Up to 1.0.6	Cross-Site Scripting (XSS)	Not yet determined (CVSS information is undergoing analysis)	View or Download	UNDERCODE	2024-11-18
Kashipara E-learning Management System Project	1.0	SQL Injection	Critical (CVSS v3 score: 9.8)	View or Download	UNDERCODE	2024-11-18
Windows	Multiple versions	Elevation of Privilege	High	View or Download	UNDERCODE	2024-11-18
		NTLM Hash Disclosure Spoofing Vulnerability (CVE-2024-43451)	Medium (CVSS score: 6.5)	View or Download	UNDERCODE	2024-11-18
Palo Alto Networks Expedition	Not specified	SQL Injection (CVE-2024-9465)	Critical (CVSS score: 9.2)	View or Download	UNDERCODE	2024-11-18
Nostromo nhttpd	<= 1.9.6	Directory Traversal	Critical (Remote Code Execution)	View or Download	UNDERCODE	2024-11-18
PTZOptics PT30X-SDI/NDI-xx	Before 6.3.40	Insufficient Authentication (CVE-2024-8956)	Critical (CVSS Score: 9.1)	View or Download	UNDERCODE	2024-11-18
Palo Alto Networks Expedition	All versions before 1.2.96 (including 1.2.0)	OS Command Injection	CRITICAL (CVSS score: 9.9)	View or Download	UNDERCODE	2024-11-18
Roundcube Webmail	Before 1.5.7 and 1.6.x before 1.6.7	XSS via SVG animate attributes	Medium (CVSS score: 6.1)	View or Download	UNDERCODE	2024-11-18
PTZOptics PT30X-SDI/NDI-xx	Before 6.3.40	OS Command Injection (CVE-2024-8957)	HIGH (CVSS: 7.2)	View or Download	UNDERCODE	2024-11-18
				View or Download	UNDERCODE	2024-11-18
	9.0.0.M30	Deserialization of untrusted data vulnerability	CRITICAL	View or Download	UNDERCODE	2024-11-18
Metabase	< 0.40.5 and < 1.40.5	Local File Inclusion (LFI)	CRITICAL	View or Download	UNDERCODE	2023-11-28
Windows Kernel	All	Elevation of Privilege	HIGH	View or Download	UNDERCODE	2024-11-18
Palo Alto Networks Expedition	All versions before 1.2.92	Missing Authentication	CRITICAL (CVSS Score: 9.3)	View or Download	UNDERCODE	2024-11-18
ScienceLogic SL1 (formerly EM7)	All versions before 12.1.3, 12.2.3, and 12.3+	Remote Code Execution (RCE) due to unspecified third-party component vulnerability (CVE-2024-9537)	CRITICAL (CVSS v2: 9.8, CVSS v3: 9.3)	View or Download	UNDERCODE	2024-11-18
Ravpn	Multiple versions affected	Remote Access VPN (RAVPN) Service Denial of Service (DoS) Vulnerability	MEDIUM	View or Download	UNDERCODE	2024-11-18
Jira			Critical	View or Download	UNDERCODE	2024-11-18
Spring MVC	Vulnerable versions	DoS	Moderate	View or Download	UNDERCODE	2024-11-19
Apache Tomcat	11.0.0-M23 through 11.0.0-M26, 10.1.27 through 10.1.30, 9.0.92 through 9.0.95	Request and/or response mix-up	Moderate	View or Download	UNDERCODE	2024-11-19
Rust crate `sharks`	Affected versions	Shamir Secret Sharing bias	Medium	View or Download	UNDERCODE	2024-11-19
django CMS	3.11.7, 3.11.8, 4.1.2, 4.1.3	Cross-Site Scripting (XSS)	Critical	View or Download	UNDERCODE	2024-11-19
aiohttp	(Affected versions)	Memory Leak	Moderate	View or Download	UNDERCODE	2024-11-19
PhpSpreadsheet	All versions before 1.9.4, 2.1.3, 2.3.2, and 3.4.0	XXE (XML External Entity)	High	View or Download	UNDERCODE	2024-11-19
Moodle	!ERROR! B3259 -> Formula Error: Unexpected ,	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Debezium database connector	[Specific version affected]	Script injection	Moderate	View or Download	UNDERCODE	2024-11-19
	< v2.10.2	Multiple Command Injection Vulnerabilities	Medium	View or Download	UNDERCODE	2024-11-19
Moodle		IDOR	Moderate	View or Download	UNDERCODE	2024-11-19
Cobbler	3.0.0 - 3.2.2 / 3.3.6 (all prior to 3.2.3 and 3.3.7)	Improper Authentication	Critical	View or Download	UNDERCODE	2024-11-19
Moodle		Unauthorized deletion of report audiences	Moderate	View or Download	UNDERCODE	2024-11-19
Undertow		Incorrect Cookie Parsing	High	View or Download	UNDERCODE	2024-11-19
Graylog	6.1.0, 6.1.1	Concurrent PDF report rendering information leakage	High	View or Download	UNDERCODE	2024-11-19
PhpSpreadsheet	= 2.0.0 = 2.2.0 = 3.3.0 < 3.4.0	XXE (XML External Entity)	High	View or Download	UNDERCODE	2024-11-19
LibreNMS	(Unaffected versions to be filled by official source)	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-19
aiohttp	Vulnerable versions	Request Smuggling	Moderate	View or Download	UNDERCODE	2024-11-19
		Regular Expression Denial of Service (ReDoS)	Low	View or Download	UNDERCODE	2024-11-19
OpenStack	[Specific Version Affected]	Improper Deletion of Access Rules	Moderate	View or Download	UNDERCODE	2024-11-19
		Elevation of Privilege in Secure Kernel Mode	Medium (CVSS v3.1 base score: 6.7)	View or Download	UNDERCODE	2024-11-19
		Elevation of Privilege	Medium (CVSS score: 6.8)	View or Download	UNDERCODE	2024-11-19
		Elevation of Privilege in DWM Core Library	HIGH (CVSS 3.1 base score: 7.8)	View or Download	UNDERCODE	2024-11-19
Windows	Not specified (all Windows versions with Kerberos are likely vulnerable)	Remote Code Execution (RCE)	Critical (CVSS 3.x score: 9.8)	View or Download	UNDERCODE	2024-11-19
Windows (affected versions not specified)	Not specified	Elevation of Privilege in USB Video Class System Driver	Medium (CVSS v3 score: 6.8)	View or Download	UNDERCODE	2024-11-19
Windows	(not specified)	Windows Registry Elevation of Privilege	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
TorchGeo (exact platform unspecified)	Unknown	Remote Code Execution (RCE)	HIGH (CVSS score: 8.1)	View or Download	UNDERCODE	2024-11-19
		Client-Side Caching Elevation of Privilege	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
		Win32k Elevation of Privilege Vulnerability	HIGH (CVSS v3.1 base score: 7.8)	View or Download	UNDERCODE	2024-11-19
Windows Kernel	Not specified	Elevation of Privilege	HIGH (CVSS v3 score: 7.8)	View or Download	UNDERCODE	2024-11-19
		Secure Kernel Mode Elevation of Privilege	Medium (CVSS v3 score: 6.7)	View or Download	UNDERCODE	2024-11-19
Microsoft PC Manager	(not specified in available information)	Elevation of Privilege	High (CVSS 3.1: 7.8)	View or Download	UNDERCODE	2024-11-19
Windows Telephony Service	(Not specified)	Remote Code Execution (RCE)	High (CVSS 3.x Base Score: 8.8)	View or Download	UNDERCODE	2024-11-19
Microsoft Hyper-V	(not specified in available information)	Denial of Service (DoS)	Medium (CVSS 3.1 base score: 6.5)	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Moodle	< 4.1.14, >= 4.2.0, < 4.2.11, >= 4.3.0, < 4.3.8, >= 4.4.0, < 4.4.4	IDOR (Insecure Direct Object Reference)	Moderate	View or Download	UNDERCODE	2024-11-19
Apple Products (tvOS, visionOS, Safari, watchOS, iOS, iPadOS, macOS)	Not applicable (fixed in specific versions)	URL protocol handling issue allowing potential web content restriction bypass	Medium (CVSS v2: 5.5, CVSS v3 details not provided)	View or Download	UNDERCODE	2024-11-19
Hugging Face Transformers	Affected versions	Remote Code Execution	Critical (CVSS 8.8)	View or Download	UNDERCODE	2024-11-19
Android	Not specified	Out-of-bounds write in PMRWritePMPageList function (pmr.c)	High (Local Privilege Escalation)	View or Download	UNDERCODE	2024-11-19
Gogs	<= 0.12.7	Remote Command Execution	Medium	View or Download	UNDERCODE	2024-11-19
usememos/memos	0.9.1 (Vulnerable)	Stored XSS	Critical	View or Download	UNDERCODE	2024-11-19
Wallabag	2.5.2	CSRF	Not specified in the provided information	View or Download	UNDERCODE	2024-11-19
<br>	1.0<br>	Test<br>	Low<br>	https://dailycve.com/test/	UNDERCODE	2023-01-01

🦑 WANT MORE ?