Security DB

Security Vulnerabily database. Tracking patch and vulnerability datasource

Join the service (Beta)

Latest Software Updates

Produit Date
Celery 2020-11-22 18:02:28
Symfony 2020-11-21 12:02:26
Centreon 2020-11-20 12:02:55
Snort 2020-11-20 00:02:38
Unifi 2020-11-20 00:02:25
FortiMail 2020-11-20 00:02:17
Snort 2020-11-19 18:03:07
Centreon 2020-11-19 18:02:51
Celery 2020-11-19 06:02:40
Nextcloud 2020-11-19 00:02:17
Docker 2020-11-18 06:02:44

Vulnerabilities of tracked products

Titre Date
LifeRay 7.2.1 GA2 Cross Site Scripting 2020-11-23 18:00:53
Ubuntu Security Notice USN-4634-2 2020-11-23 18:00:45
LifeRay 7.2.1 GA2 Cross Site Scripting 2020-11-23 18:00:14
Online Doctor Appointment Booking System PHP and Mysql 1.0 q SQL Injection 2020-11-23 18:00:14
postgresql96: Multiple vulnerabilities 2020-11-23 12:02:04
postgresql12: Multiple vulnerabilities 2020-11-23 12:02:04
postgresql10: Multiple vulnerabilities 2020-11-23 12:02:04
postgresql10: Multiple vulnerabilities 2020-11-23 12:02:04
postgresql10: Multiple vulnerabilities 2020-11-23 12:02:04
tomcat8: Multiple vulnerabilities 2020-11-23 06:02:10
zabbix: Execute arbitrary code/commands - Remote/unauthenticated 2020-11-23 06:02:07
mediawiki: Denial of service - Unknown/unspecified 2020-11-23 06:02:07
Fortinet FortiOS 6.0.4 Password Modification 2020-11-22 18:00:14
WordPress Fancy Product Designer For WooCommerce 4.5.1 File Upload 2020-11-22 18:00:14
Node.js -- November 2020 Security Releases 2020-11-22 00:02:29
CA Unified Infrastructure Management Privilege Escalation 2020-11-21 18:00:45
Vigil@nce - OpenSAML Java 2: overload via Gzip Bomb, analyzed on 21/09/2020 2020-11-21 12:01:21
Apache Tomcat AJP Ghostcat File Read/Inclusion (Metasploit) 2020-11-21 12:00:14
Vtiger CRM 7.0 Cross Site Scripting 2020-11-21 12:00:14
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. 2020-11-21 06:02:30
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. 2020-11-21 06:02:29
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. 2020-11-21 06:02:29
Vigil@nce - PHP: multiple vulnerabilities, analyzed on 20/02/2020 2020-11-20 18:01:15
CERTFR-2020-AVI-767 : Multiples vulnérabilités dans les produits VMware (20 novembre 2020) 2020-11-20 18:01:14
Vtiger CRM 7.0 Cross Site Scripting 2020-11-20 18:00:54
Ubuntu Security Notice USN-4637-2 2020-11-20 18:00:45
Ubuntu Security Notice USN-4639-1 2020-11-20 18:00:45
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL through 5.6.1 via the sowacgi.php typ parameter. 2020-11-20 06:02:29
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser. 2020-11-20 06:02:29
jackson-databind: Reduced security - Remote/unauthenticated 2020-11-20 06:02:18