CVE-2026-35506

creationtimestamp| type| source ---|---|--- 2026-05-11 22:00:00+00:00| seen| https://jvn.jp/en/jp/JVN03037325 2026-06-03 01:22:01+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mndx2dnnas2u...

IBM Aspera Shares Encryption Problem Vulnerability (CNVD-2026-16873)

IBM Aspera Shares is a Web application from International Business Machines IBM. An encryption issue vulnerability exists in IBM Aspera Shares versions 1.9.9 through 1.11.0. The vulnerability stems from the use of a weak encryption algorithm and can be exploited by an attacker to decrypt highly...

CVE-2026-20892

creationtimestamp| type| source ---|---|--- 2026-03-11 05:00:00+00:00| seen| https://jvn.jp/en/vu/JVNVU98103854/ 2026-03-16 03:00:08+00:00| seen| https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-006887.html...

EUVD-2026-3956

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Universal Video Player universal-video-player allows Reflected XSS.This issue affects Universal Video Player: from n/a through = 3.8.4...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37921)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37921 advisory. - In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion ...

CVE-2026-21943

CVE-2026-21943 affects Oracle E-Business Suite Scripting Admin in versions 12.2.3–12.2.15. An unauthenticated attacker with network access via HTTP can compromise Oracle Scripting, with human interaction required. Impact includes unauthorized updates, inserts, deletes, and read access to Oracle S...

EUVD-2026-2948

Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120...

EUVD-2026-2905

In the portal in LemonLDAP::NG before 2.21.0, cross-site scripting XSS allows remote attackers to inject arbitrary web script or HTML into the login page via the tab parameter, for Choice authentication...

EUVD-2026-0133

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

ECHO-DB35-C03E-F270

Bulletin has no description...

CVE-2022-50138

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

EUVD-2025-30349

Malicious code in bioql PyPI...

CVE-2022-50266

In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix check for probe enabled in killkprobe In killkprobe, the check whether disarmkprobeftrace needs to be called always fails. This is because before that we set the KPROBEFLAGGONE flag for kprobe so that...

CVE-2025-49997 WordPress Giveaways and Contests by RafflePress plugin <= 1.12.17 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Syed Balkhi Giveaways and Contests by RafflePress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Giveaways and Contests by RafflePress: from n/a through 1.12.17...

CVE-2025-41379

The Intellian C700 web panel allows you to add firewall rules. Each of these rules has an associated ID, but there is a problem when adding a new rule, the ID used to create the database entry may be different from the JSON ID. If the rule needs to be deleted later, the system will use the JSON I...

CVE-2025-41379 Injection vulnerability in Iridium Certus 700

The Intellian C700 web panel allows you to add firewall rules. Each of these rules has an associated ID, but there is a problem when adding a new rule, the ID used to create the database entry may be different from the JSON ID. If the rule needs to be deleted later, the system will use the JSON I...

CVE-2012-4015

Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...

SUSE CVE-2025-37921

In the Linux kernel, the following vulnerability has been resolved: vxlan: vnifilter: Fix unlocked deletion of default FDB entry When a VNI is deleted from a VXLAN device in 'vnifilter' mode, the FDB entry associated with the default remote assuming one was configured is deleted without holding t...

CVE-2025-1057

CVE-2025-1057 affects Keylime (registrar) where a change in database type handling introduced in version 7.12.0 prevents reading prior-version entries (e.g., 7.11.0) because older data is stored as bytes while the registrar now expects strings. This mismatch can trigger an error/exceptions during...

CVE-2025-1057 Keylime: keylime registrar dos due to incompatible database entry handling

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...