Recent vulnerabilities


ID CVSS Description Vendor Product Published Updated
CVE-2026-22034
9.2 (4.0)
Snuffleupagus vulnerable to RCE on instances with uplo… jvoisin
snuffleupagus
2026-01-08T14:49:05.020Z 2026-01-08T14:49:05.020Z
CVE-2026-21688
8.8 (3.1)
iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() … InternationalColorConsortium
iccDEV
2026-01-07T21:43:06.245Z 2026-01-08T14:47:10.716Z
CVE-2025-15079
5.3 (3.1)
libssh global known_hosts override curl
curl
2026-01-08T10:08:13.410Z 2026-01-08T14:46:47.042Z
CVE-2026-0701
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
code-projects Intern Membership Management System add_… code-projects
Intern Membership Management System
2026-01-08T08:02:05.900Z 2026-01-08T14:46:22.979Z
CVE-2026-21689
6.5 (3.1)
iccDEV has Type Confusion in CIccProfileXml::ParseBasi… InternationalColorConsortium
iccDEV
2026-01-07T21:46:12.392Z 2026-01-08T14:46:02.908Z
CVE-2026-21690
6.3 (3.1)
iccDEV has Type Confusion in CIccTagXmlTagData::ToXml() InternationalColorConsortium
iccDEV
2026-01-07T21:50:25.822Z 2026-01-08T14:44:06.772Z
CVE-2026-21874
5.3 (3.1)
NiceGUI has Redis connection leak via tab storage caus… zauberzeug
nicegui
2026-01-08T09:50:47.247Z 2026-01-08T14:43:50.018Z
CVE-2025-62877
9.8 (3.1)
Harvest may expose OS default ssh login password via S… SUSE
harvester
2026-01-08T12:29:07.079Z 2026-01-08T14:43:34.114Z
CVE-2026-21894
6.5 (3.1)
n8n's Missing Stripe-Signature Verification Allows Una… n8n-io
n8n
2026-01-08T09:56:04.274Z 2026-01-08T14:42:36.631Z
CVE-2026-21691
5.4 (3.1)
iccDEV has Type Confusion in CIccTag:IsTypeCompressed() InternationalColorConsortium
iccDEV
2026-01-07T21:53:02.461Z 2026-01-08T14:40:49.437Z
CVE-2025-15224
3.1 (3.1)
libssh key passphrase bypass without agent set curl
curl
2026-01-08T10:08:27.516Z 2026-01-08T14:39:55.278Z
CVE-2025-69264
8.8 (3.1)
pnpm v10+ Bypass "Dependency lifecycle scripts executi… pnpm
pnpm
2026-01-07T21:53:09.806Z 2026-01-08T14:38:49.231Z
CVE-2026-0719
7.8 (3.1)
Libsoup: libsoup: arbitrary code execution via stack-b… Red Hat
Red Hat Enterprise Linux 10
2026-01-08T12:38:30.740Z 2026-01-08T14:35:23.797Z
CVE-2026-22032
4.3 (3.1)
Directus has open redirect in SAML directus
directus
2026-01-08T14:32:06.619Z 2026-01-08T14:32:06.619Z
CVE-2026-22242
4.9 (3.1)
CoreShop Vulnerable to SQL Injection via Admin Reports coreshop
CoreShop
2026-01-08T09:59:24.849Z 2026-01-08T14:26:19.902Z
CVE-2025-66002
6.9 (4.0)
Local users can perform arbitrary unmounts via smb4k m… https://github.com/KDE/
smb4k
2026-01-08T14:25:44.172Z 2026-01-08T14:25:44.172Z
CVE-2025-8306
5.1 (4.0)
Improper Access Control in Asseco Infomedica Plus Asseco
InfoMedica Plus
2026-01-08T13:43:33.570Z 2026-01-08T14:23:20.313Z
CVE-2025-69258
9.8 (3.1)
A LoadLibraryEX vulnerability in Trend Micro Apex… Trend Micro, Inc.
Trend Micro Apex Central
2026-01-08T12:50:25.113Z 2026-01-08T14:19:43.117Z
CVE-2025-8307
5.9 (4.0)
Recoverable passwords in Asseco Infomedica Plus Asseco
InfoMedica Plus
2026-01-08T13:43:37.330Z 2026-01-08T14:18:51.530Z
CVE-2026-22028
7.2 (4.0)
Preact has JSON VNode Injection issue preactjs
preact
2026-01-08T14:16:22.461Z 2026-01-08T14:17:41.614Z
CVE-2025-14025
8.5 (3.1)
Ansible-automation-platform/aap-gateway: aap-gateway: … Red Hat
Red Hat Ansible Automation Platform 2.6 for RHEL 9
2026-01-08T13:44:04.764Z 2026-01-08T14:17:36.643Z
CVE-2025-69259
7.5 (3.1)
A message unchecked NULL return value vulnerabili… Trend Micro, Inc.
Trend Micro Apex Central
2026-01-08T12:50:43.746Z 2026-01-08T14:15:32.541Z
CVE-2026-21895
2.7 (4.0)
rsa crate has potential panic on a prime being equal to 1 RustCrypto
RSA
2026-01-08T14:06:29.288Z 2026-01-08T14:06:29.288Z
CVE-2026-21892
5.3 (3.1)
Parsl Monitoring Visualization Vulnerable to SQL Injection Parsl
parsl
2026-01-08T14:02:15.819Z 2026-01-08T14:02:15.819Z
CVE-2025-12543
9.6 (3.1)
Undertow-core: undertow http server fails to reject ma… Red Hat
Red Hat build of Apache Camel for Spring Boot 4
2026-01-07T16:04:22.155Z 2026-01-08T14:01:32.493Z
CVE-2026-21891
9.4 (3.1)
ZimaOS has Authentication Bypass via System-Level Username IceWhaleTech
ZimaOS
2026-01-08T14:00:14.578Z 2026-01-08T14:00:14.578Z
CVE-2026-21885
6.5 (3.1)
Miniflux Media Proxy SSRF via /proxy endpoint allows a… miniflux
v2
2026-01-08T13:57:25.445Z 2026-01-08T13:57:25.445Z
CVE-2026-21876
9.3 (3.1)
OWASP CRS has multipart bypass using multiple content-… coreruleset
coreruleset
2026-01-08T13:55:37.102Z 2026-01-08T13:55:37.102Z
CVE-2025-69260
7.5 (3.1)
A message out-of-bounds read vulnerability in Tre… Trend Micro, Inc.
Trend Micro Apex Central
2026-01-08T12:50:55.959Z 2026-01-08T12:50:55.959Z
CVE-2024-1574
6.7 (3.1)
Use of Externally-Controlled Input to Select Clas… Mitsubishi Electric Iconics Digital Solutions
GENESIS64
2024-07-04T09:02:35.260Z 2026-01-08T11:49:03.786Z
ID CVSS Description Vendor Product Published Updated
CVE-2025-3547
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
frdel Agent-Zero get_work_dir_files path traversal frdel
Agent-Zero
2025-04-14T02:00:09.568Z 2025-04-14T15:37:27.259Z
CVE-2025-6166
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
frdel Agent-Zero image_get.py image_get path traversal frdel
Agent-Zero
2025-06-17T06:00:19.953Z 2025-06-17T13:32:35.728Z
CVE-2024-31144
3.8 (3.1)
Xapi: Metadata injection attack against backup/restore… Xen Project
Xen
2025-02-14T20:16:39.941Z 2025-04-26T20:03:17.226Z
CVE-2025-24700
7.1 (3.1)
WordPress WP Event Aggregator Plugin <= 1.8.2 - Reflec… Xylus Themes
WP Event Aggregator
2025-02-14T12:44:35.903Z 2025-02-14T13:35:17.287Z
CVE-2025-23998
7.1 (3.1)
WordPress UltraLight theme <= 1.2 - Reflected Cross Si… Rara Theme
UltraLight
2025-01-21T13:57:36.578Z 2025-02-12T20:31:26.012Z
CVE-2024-37937
4.3 (3.1)
WordPress Rara Business theme <= 1.2.5 - Cross Site Re… Rara Theme
Rara Business
2025-01-02T12:01:02.910Z 2025-01-02T16:25:30.880Z
CVE-2025-55523
3.5 (3.1)
An issue in the component /api/download_work_dir_… n/a
n/a
2025-08-21T00:00:00.000Z 2025-08-21T19:20:29.269Z
CVE-2025-55524
7.3 (3.1)
Insecure permissions in Agent-Zero v0.8.* allow a… n/a
n/a
2025-08-21T00:00:00.000Z 2025-08-21T18:07:35.541Z
CVE-2024-37508
4.3 (3.1)
WordPress Construction Landing Page theme <= 1.3.5 - C… Rara Theme
Construction Landing Page
2025-01-02T12:00:59.095Z 2025-01-02T14:52:05.113Z
CVE-2024-37503
4.3 (3.1)
WordPress Lawyer Landing Page theme <= 1.2.4 - Cross S… Rara Theme
Lawyer Landing Page
2025-01-02T12:00:58.527Z 2025-01-02T14:52:05.254Z
CVE-2026-21895
2.7 (4.0)
rsa crate has potential panic on a prime being equal to 1 RustCrypto
RSA
2026-01-08T14:06:29.288Z 2026-01-08T14:06:29.288Z
CVE-2026-21892
5.3 (3.1)
Parsl Monitoring Visualization Vulnerable to SQL Injection Parsl
parsl
2026-01-08T14:02:15.819Z 2026-01-08T14:02:15.819Z
CVE-2026-21891
9.4 (3.1)
ZimaOS has Authentication Bypass via System-Level Username IceWhaleTech
ZimaOS
2026-01-08T14:00:14.578Z 2026-01-08T14:00:14.578Z
CVE-2026-21885
6.5 (3.1)
Miniflux Media Proxy SSRF via /proxy endpoint allows a… miniflux
v2
2026-01-08T13:57:25.445Z 2026-01-08T13:57:25.445Z
CVE-2026-21876
9.3 (3.1)
OWASP CRS has multipart bypass using multiple content-… coreruleset
coreruleset
2026-01-08T13:55:37.102Z 2026-01-08T13:55:37.102Z
CVE-2025-8307
5.9 (4.0)
Recoverable passwords in Asseco Infomedica Plus Asseco
InfoMedica Plus
2026-01-08T13:43:37.330Z 2026-01-08T14:18:51.530Z
CVE-2025-8306
5.1 (4.0)
Improper Access Control in Asseco Infomedica Plus Asseco
InfoMedica Plus
2026-01-08T13:43:33.570Z 2026-01-08T14:23:20.313Z
CVE-2025-14025
8.5 (3.1)
Ansible-automation-platform/aap-gateway: aap-gateway: … Red Hat
Red Hat Ansible Automation Platform 2.6 for RHEL 9
2026-01-08T13:44:04.764Z 2026-01-08T14:17:36.643Z
CVE-2024-37451
4.3 (3.1)
WordPress Travel Agency theme <= 1.4.9 - Cross Site Re… Rara Theme
Travel Agency
2025-01-02T12:00:53.246Z 2025-01-03T18:58:58.479Z
CVE-2024-37450
4.3 (3.1)
WordPress Benevolent theme <= 1.3.4 - Cross Site Reque… Rara Theme
Benevolent
2025-01-02T12:00:52.665Z 2025-01-03T18:59:08.711Z
CVE-2024-37435
4.3 (3.1)
WordPress Perfect Portfolio theme <= 1.2.0 - Cross Sit… Rara Theme
Perfect Portfolio
2025-01-02T12:00:50.873Z 2025-01-02T16:28:18.280Z
CVE-2025-14966
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
FastAdmin Backend Controller Backend.php selectpage sq… n/a
FastAdmin
2025-12-19T19:32:08.599Z 2025-12-19T19:42:37.211Z
CVE-2025-59301
4 (3.1)
Modbus/TCP Dos Vulnerability in DVP15MC11T Delta Electronics
DVP15MC11T
2025-12-22T02:56:42.733Z 2025-12-22T15:08:55.949Z
CVE-2026-0719
7.8 (3.1)
Libsoup: libsoup: arbitrary code execution via stack-b… Red Hat
Red Hat Enterprise Linux 10
2026-01-08T12:38:30.740Z 2026-01-08T14:35:23.797Z
CVE-2025-69260
7.5 (3.1)
A message out-of-bounds read vulnerability in Tre… Trend Micro, Inc.
Trend Micro Apex Central
2026-01-08T12:50:55.959Z 2026-01-08T12:50:55.959Z
CVE-2025-69259
7.5 (3.1)
A message unchecked NULL return value vulnerabili… Trend Micro, Inc.
Trend Micro Apex Central
2026-01-08T12:50:43.746Z 2026-01-08T14:15:32.541Z
CVE-2025-69258
9.8 (3.1)
A LoadLibraryEX vulnerability in Trend Micro Apex… Trend Micro, Inc.
Trend Micro Apex Central
2026-01-08T12:50:25.113Z 2026-01-08T14:19:43.117Z
CVE-2025-62877
9.8 (3.1)
Harvest may expose OS default ssh login password via S… SUSE
harvester
2026-01-08T12:29:07.079Z 2026-01-08T14:43:34.114Z
CVE-2024-1574
6.7 (3.1)
Use of Externally-Controlled Input to Select Clas… Mitsubishi Electric Iconics Digital Solutions
GENESIS64
2024-07-04T09:02:35.260Z 2026-01-08T11:49:03.786Z
CVE-2024-1573
5.9 (3.1)
Missing Authentication for Critical Function vuln… Mitsubishi Electric Iconics Digital Solutions
GENESIS64
2024-07-04T08:59:44.079Z 2026-01-08T11:47:53.400Z
ID Description Published Updated
fkie_cve-2024-1574 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in… 2024-07-04T09:15:03.720 2026-01-08T12:15:45.563
fkie_cve-2024-1573 Missing Authentication for Critical Function vulnerability in the mobile monitoring feature of Mits… 2024-07-04T09:15:03.260 2026-01-08T12:15:45.410
fkie_cve-2024-1182 Uncontrolled Search Path Element vulnerability in Mitsubishi Electric Iconics Digital Solutions GEN… 2024-07-04T09:15:02.743 2026-01-08T12:15:45.277
fkie_cve-2022-23130 Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versions 4.00A to 4.04E, Mitsubish… 2022-01-21T19:15:10.080 2026-01-08T12:15:44.200
fkie_cve-2025-53513 The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user… 2025-07-08T17:16:04.593 2026-01-08T11:51:23.900
fkie_cve-2025-53512 The /log endpoint on a Juju controller lacked sufficient authorization checks, allowing unauthorize… 2025-07-08T17:16:04.400 2026-01-08T11:51:20.107
fkie_cve-2025-0928 In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload… 2025-07-08T18:15:26.767 2026-01-08T11:51:10.430
fkie_cve-2025-66001 NeuVector supports login authentication through OpenID Connect. However, the TLS verification (whic… 2026-01-08T11:15:43.457 2026-01-08T11:15:43.457
fkie_cve-2025-15224 When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication,… 2026-01-08T10:15:47.207 2026-01-08T11:15:43.347
fkie_cve-2025-15079 When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl … 2026-01-08T10:15:47.100 2026-01-08T11:15:43.237
fkie_cve-2025-14819 When doing TLS related transfers with reused easy or multi handles and altering the `CURLSSLOPT_NO… 2026-01-08T10:15:46.730 2026-01-08T11:15:43.140
fkie_cve-2025-14524 When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a cross-pro… 2026-01-08T10:15:46.607 2026-01-08T11:15:43.017
fkie_cve-2025-14017 When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one… 2026-01-08T10:15:45.667 2026-01-08T11:15:41.997
fkie_cve-2026-22242 CoreShop is a Pimcore enhanced eCommerce solution. Prior to version 4.1.8, a blind SQL injection vu… 2026-01-08T10:15:56.127 2026-01-08T10:15:56.127
fkie_cve-2026-21894 n8n is an open source workflow automation platform. In versions from 0.150.0 to before 2.2.2, an au… 2026-01-08T10:15:55.970 2026-01-08T10:15:55.970
fkie_cve-2026-21874 NiceGUI is a Python-based UI framework. From versions v2.10.0 to 3.4.1, an unauthenticated attacker… 2026-01-08T10:15:55.820 2026-01-08T10:15:55.820
fkie_cve-2026-21873 NiceGUI is a Python-based UI framework. From versions 2.22.0 to 3.4.1, an unsafe implementation in … 2026-01-08T10:15:55.617 2026-01-08T10:15:55.617
fkie_cve-2026-21872 NiceGUI is a Python-based UI framework. From versions 2.22.0 to 3.4.1, an unsafe implementation in … 2026-01-08T10:15:55.470 2026-01-08T10:15:55.470
fkie_cve-2026-21871 NiceGUI is a Python-based UI framework. From versions 2.13.0 to 3.4.1, there is a XSS risk in NiceG… 2026-01-08T10:15:55.300 2026-01-08T10:15:55.300
fkie_cve-2026-0676 Missing Authorization vulnerability in G5Theme Zorka zorka allows Exploiting Incorrectly Configured… 2026-01-08T10:15:55.170 2026-01-08T10:15:55.170
fkie_cve-2026-0675 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webawar… 2026-01-08T10:15:55.043 2026-01-08T10:15:55.043
fkie_cve-2026-0674 Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for-ca… 2026-01-08T10:15:54.910 2026-01-08T10:15:54.910
fkie_cve-2025-9086 1. A cookie is set using the `secure` keyword for `https://target` 2. curl is redirected to or ot… 2025-09-12T06:15:44.100 2026-01-08T10:15:54.737
fkie_cve-2025-69169 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Noor… 2026-01-08T10:15:54.607 2026-01-08T10:15:54.607
fkie_cve-2025-68892 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T10:15:54.483 2026-01-08T10:15:54.483
fkie_cve-2025-68891 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T10:15:54.357 2026-01-08T10:15:54.357
fkie_cve-2025-68890 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T10:15:54.217 2026-01-08T10:15:54.217
fkie_cve-2025-68889 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T10:15:54.083 2026-01-08T10:15:54.083
fkie_cve-2025-68887 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T10:15:53.950 2026-01-08T10:15:53.950
fkie_cve-2025-68875 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T10:15:53.823 2026-01-08T10:15:53.823
ID Severity Description Published Updated
ghsa-xjhh-pfph-2w9v
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-v5cj-mgwg-2f9f
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-qf5w-6pph-h289
Missing Authorization vulnerability in G5Theme Zorka zorka allows Exploiting Incorrectly Configured… 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-pv5v-2jwc-r845
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-pf46-gqj7-27qr
Insertion of Sensitive Information Into Sent Data vulnerability in AITpro BulletProof Security bull… 2026-01-08T12:30:30Z 2026-01-08T12:30:31Z
ghsa-m8r3-25j5-pg42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-hxwj-3426-mwmr
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-g9j8-54mc-h6rm
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-cm78-g9rj-2vvv
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2026-01-08T12:30:30Z 2026-01-08T12:30:31Z
ghsa-c2pm-ffw5-vjrr
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in webawar… 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-57g6-cvq3-mxgp
Missing Authorization vulnerability in Campaign Monitor Campaign Monitor for WordPress forms-for-ca… 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-4j9w-6jcv-v8mp
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-365v-v88v-6gwg
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-333r-822h-h7j4
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Noor… 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-24qf-fgjm-mfxj
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:31Z 2026-01-08T12:30:31Z
ghsa-xxh6-2g83-jp5x
Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio conten… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-xww5-2rwh-r562
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-xf8h-2jhw-rgxq
Server-Side Request Forgery (SSRF) vulnerability in _nK nK Themes Helper nk-themes-helper allows Se… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-wgp2-94gx-4mrv
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-w8wr-qp39-g42p
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-vv2m-g4cj-x269
Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploit… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-vrh4-gx3w-4rrg
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-v3c6-jjjc-q3q2
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-rhq7-g7ch-6mm7
Authorization Bypass Through User-Controlled Key vulnerability in WofficeIO Woffice Core woffice-co… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-r3wf-mwj4-x8c7
Missing Authorization vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal… 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-qh42-ch7g-8fpq
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Corpkit corpkit allows … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-q723-5hqf-qmpp
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-q48c-25gr-hmq3
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2026-01-08T12:30:29Z 2026-01-08T12:30:30Z
ghsa-jx85-v8cw-87h5
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ghsa-gj5j-g2vm-fx8q
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-01-08T12:30:30Z 2026-01-08T12:30:30Z
ID Severity Description Package Published Updated
pysec-2024-85
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-01-05T19:35:06.035093Z
pysec-2024-84
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-01-05T19:35:05.938824Z
pysec-2024-83
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-01-05T19:35:05.836045Z
pysec-2024-82
8.8 (3.1)
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… mindsdb 2024-09-12T13:15:00Z 2026-01-05T19:35:05.731805Z
pysec-2023-278
5.3 (3.1)
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… mindsdb 2023-12-11T21:15:00Z 2026-01-05T19:35:05.588557Z
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2020-220
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… ansible 2020-10-05T14:15:00Z 2025-10-31T04:43:53.616247Z
pysec-2025-72
The `num2words` project was compromised via a phishing attack and two new versions were u… num2words 2025-07-31T14:34:47+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2024-259
9.8 (3.1)
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… torch 2024-10-29T21:15:04+00:00 2025-07-16T03:09:57.748865+00:00
pysec-2024-258
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… scrapy 2024-05-20T08:15:08+00:00 2025-07-15T17:37:50.051730+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2024-257
7.5 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-03-22T23:15:07+00:00 2025-06-30T15:23:50.085549+00:00
pysec-2025-58
8.8 (3.1)
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… vllm 2025-01-27T18:15:41+00:00 2025-06-27T21:22:36.583615+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
pysec-2025-56
4.3 (3.1)
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… octoprint 2025-04-22T18:15:59+00:00 2025-06-27T17:22:53.513680+00:00
pysec-2024-256
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-12-03T16:15:24+00:00 2025-06-27T17:22:53.325430+00:00
pysec-2025-55
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.407481+00:00
pysec-2025-54
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.319321+00:00
ID Description Updated
gsd-2024-33903 In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… 2024-04-29T05:02:07.295775Z
gsd-2024-33902 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.486429Z
gsd-2024-33901 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.525896Z
gsd-2024-33900 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.290639Z
gsd-2024-33899 RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… 2024-04-29T05:02:07.400574Z
gsd-2024-33898 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287632Z
gsd-2024-33897 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.283756Z
gsd-2024-33896 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.313250Z
gsd-2024-33895 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.493081Z
gsd-2024-33894 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.488420Z
gsd-2024-33893 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.381761Z
gsd-2024-33892 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.378170Z
gsd-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… 2024-04-29T05:02:07.412035Z
gsd-2024-33890 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.344384Z
gsd-2024-33889 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.392587Z
gsd-2024-33888 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.468423Z
gsd-2024-33887 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.503613Z
gsd-2024-33886 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287167Z
gsd-2024-33885 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.441746Z
gsd-2024-33884 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.534455Z
gsd-2024-33883 The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… 2024-04-29T05:02:07.271727Z
gsd-2024-4303 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.716348Z
gsd-2024-4302 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.603637Z
gsd-2024-4301 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.678292Z
gsd-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… 2024-04-29T05:02:05.715239Z
gsd-2024-4299 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… 2024-04-29T05:02:05.606402Z
gsd-2024-4298 The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… 2024-04-29T05:02:05.598531Z
gsd-2024-4297 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… 2024-04-29T05:02:05.700888Z
gsd-2024-4296 The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… 2024-04-29T05:02:05.621428Z
gsd-2024-33882 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.803998Z
ID Description Published Updated
mal-2026-164 Malicious code in @kyriba/data-frontend (npm) 2026-01-08T14:35:48Z 2026-01-08T14:35:48Z
mal-2026-163 Malicious code in do-not-install-this-package-002 (PyPI) 2026-01-08T13:35:59Z 2026-01-08T13:35:59Z
mal-2026-162 Malicious code in btcli-security (PyPI) 2026-01-08T10:55:10Z 2026-01-08T10:55:10Z
mal-2026-95 Malicious code in x-clients-features (npm) 2026-01-06T13:32:59Z 2026-01-08T09:13:18Z
mal-2026-83 Malicious code in wikibuy-mobile-analytics (npm) 2026-01-06T12:58:52Z 2026-01-08T09:13:18Z
mal-2026-82 Malicious code in wikibuy-mobile (npm) 2026-01-06T12:58:52Z 2026-01-08T09:13:18Z
mal-2026-81 Malicious code in upgrade-mobile (npm) 2026-01-06T12:58:52Z 2026-01-08T09:13:18Z
mal-2026-47 Malicious code in tiny-model-update (npm) 2026-01-05T03:15:19Z 2026-01-08T09:13:18Z
mal-2026-158 Malicious code in timeout-ts (npm) 2026-01-08T04:54:18Z 2026-01-08T09:13:18Z
mal-2026-157 Malicious code in test-thegenetic-module (npm) 2026-01-08T04:58:19Z 2026-01-08T09:13:18Z
mal-2026-152 Malicious code in week-4-node-modularization (npm) 2026-01-08T01:01:08Z 2026-01-08T09:13:18Z
mal-2026-124 Malicious code in wwwt (npm) 2026-01-07T06:49:55Z 2026-01-08T09:13:18Z
mal-2026-123 Malicious code in wifzap (npm) 2026-01-07T06:49:55Z 2026-01-08T09:13:18Z
mal-2026-122 Malicious code in vjri (npm) 2026-01-07T06:49:55Z 2026-01-08T09:13:18Z
mal-2026-106 Malicious code in transform-decorators-legacy (npm) 2026-01-07T05:38:18Z 2026-01-08T09:13:18Z
mal-2026-94 Malicious code in shopify-perf-kit (npm) 2026-01-06T13:29:42Z 2026-01-08T09:13:17Z
mal-2026-80 Malicious code in smartspacestoreapp (npm) 2026-01-06T12:58:52Z 2026-01-08T09:13:17Z
mal-2026-79 Malicious code in seanp-test-package-do-not-use2 (npm) 2026-01-06T12:58:52Z 2026-01-08T09:13:17Z
mal-2026-78 Malicious code in react-native-kyc (npm) 2026-01-06T12:58:52Z 2026-01-08T09:13:17Z
mal-2026-71 Malicious code in redis-request-parser (npm) 2026-01-06T04:45:27Z 2026-01-08T09:13:17Z
mal-2026-67 Malicious code in redis-cookie-parser (npm) 2026-01-06T02:34:56Z 2026-01-08T09:13:17Z
mal-2026-66 Malicious code in redis-cookie-js (npm) 2026-01-06T02:34:56Z 2026-01-08T09:13:17Z
mal-2026-57 Malicious code in react-transition-group-legacy (npm) 2026-01-05T21:25:51Z 2026-01-08T09:13:17Z
mal-2026-48 Malicious code in shop-state (npm) 2026-01-05T07:50:44Z 2026-01-08T09:13:17Z
mal-2026-43 Malicious code in published_at (npm) 2026-01-05T02:51:10Z 2026-01-08T09:13:17Z
mal-2026-41 Malicious code in spire.officejs-document (npm) 2026-01-05T00:56:20Z 2026-01-08T09:13:17Z
mal-2026-40 Malicious code in spire.officejs-editors (npm) 2026-01-05T00:40:44Z 2026-01-08T09:13:17Z
mal-2026-39 Malicious code in spire.officejs-common (npm) 2026-01-05T00:45:36Z 2026-01-08T09:13:17Z
mal-2026-156 Malicious code in sparkling-cli (npm) 2026-01-08T04:54:18Z 2026-01-08T09:13:17Z
mal-2026-155 Malicious code in shaktihacker2026 (npm) 2026-01-08T05:20:19Z 2026-01-08T09:13:17Z
ID Description Published Updated
wid-sec-w-2026-0037 GitLab CE und EE: Mehrere Schwachstellen 2026-01-07T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0036 OpenLDAP: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen 2026-01-07T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0035 MediaWiki Erweiterungen: Mehrere Schwachstellen 2026-01-07T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0034 Keycloak: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-01-07T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0030 cURL: Mehrere Schwachstellen 2026-01-06T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0026 HCL BigFix: Mehrere Schwachstellen 2026-01-06T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2026-0020 Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff 2026-01-06T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2916 Net-SNMP: Schwachstelle ermöglicht Codeausführung und DoS 2025-12-23T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2897 Apache log4j: Schwachstelle ermöglicht Offenlegung von Informationen 2025-12-18T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2867 HPE OneView: Schwachstelle ermöglicht Codeausführung 2025-12-16T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2798 Red Hat OpenShift Service Mesh: Mehrere Schwachstellen 2025-12-09T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2759 IBM WebSphere Application Server: Schwachstelle ermöglicht Cross-Site Scripting 2025-12-08T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2750 Apache HTTP Server: Mehrere Schwachstellen 2025-12-04T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2747 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-12-04T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2741 cPython: Schwachstelle ermöglicht Denial of Service 2025-12-03T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2737 libpng: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen 2025-12-03T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2694 MariaDB: Schwachstelle ermöglicht Codeausführung 2025-11-27T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2663 libpng: Mehrere Schwachstellen 2025-11-23T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2600 PostgreSQL: Mehrere Schwachstellen ermöglichen Denial of Service 2025-11-13T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2449 GIMP: Schwachstelle ermöglicht Codeausführung 2025-10-29T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2420 Apache Tomcat: Mehrere Schwachstellen 2025-10-27T23:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2386 Unbound: Schwachstelle ermöglicht Manipulation von Dateien 2025-10-22T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2298 Linux Kernel: Mehrere Schwachstellen 2025-10-14T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2227 Golang Go: Mehrere Schwachstellen 2025-10-07T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2170 Linux Kernel: Mehrere Schwachstellen 2025-09-30T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2129 GIMP: Mehrere Schwachstellen ermöglichen Codeausführung 2025-09-24T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2107 Linux Kernel: Mehrere Schwachstellen 2025-09-22T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2099 Linux Kernel: Mehrere Schwachstellen 2025-09-21T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2077 Linux Kernel: Mehrere Schwachstellen 2025-09-16T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
wid-sec-w-2025-2040 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-09-11T22:00:00.000+00:00 2026-01-07T23:00:00.000+00:00
ID Description Published Updated
ncsc-2026-0002 Kwetsbaarheid verholpen in n8n 2026-01-08T12:34:29.315681Z 2026-01-08T12:34:29.315681Z
ncsc-2026-0001 Kwetsbaarheden verholpen in Hanwha camera systemen 2026-01-08T12:28:21.446188Z 2026-01-08T12:28:21.446188Z
ncsc-2025-0405 Kwetsbaarheid verholpen in Roundcube Webmail 2025-12-31T14:29:26.821576Z 2025-12-31T14:29:26.821576Z
ncsc-2025-0404 Kwetsbaarheid verholpen in SmarterMail 2025-12-31T14:19:01.847364Z 2025-12-31T14:19:01.847364Z
ncsc-2025-0403 Kwetsbaarheden verholpen in QNAP besturingssystemen 2025-12-29T09:17:28.385450Z 2025-12-29T09:17:28.385450Z
ncsc-2025-0402 Kwetsbaarheid verholpen in MongoDB 2025-12-27T11:38:11.514349Z 2025-12-27T11:38:11.514349Z
ncsc-2025-0399 Kwetsbaarheid verholpen in HPE OneView Software 2025-12-18T18:38:20.794784Z 2025-12-24T11:29:46.123674Z
ncsc-2025-0401 Kwetsbaarheden verholpen in Foxit PDF Reader 2025-12-24T09:14:56.590353Z 2025-12-24T09:14:56.590353Z
ncsc-2025-0400 Kwetsbaarheid verholpen in WatchGuard Firebox 2025-12-19T11:16:01.438518Z 2025-12-19T11:16:01.438518Z
ncsc-2025-0398 Kwetsbaarheid in Cisco AsyncOS 2025-12-17T19:47:00.346651Z 2025-12-17T19:47:00.346651Z
ncsc-2025-0386 Kwetsbaarheden verholpen in Fortinet producten 2025-12-10T09:51:34.918202Z 2025-12-16T10:33:05.061241Z
ncsc-2025-0397 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2025-12-15T09:08:39.804149Z 2025-12-15T09:08:39.804149Z
ncsc-2025-0396 Kwetsbaarheden verholpen in Apple macOS 2025-12-15T09:06:36.450655Z 2025-12-15T09:06:36.450655Z
ncsc-2025-0394 Kwetsbaarheden verholpen in React Server Components 2025-12-12T09:04:19.324080Z 2025-12-12T10:46:34.688189Z
ncsc-2025-0395 Kwetsbaarheden verholpen in SAP Software 2025-12-12T09:29:08.429888Z 2025-12-12T09:29:08.429888Z
ncsc-2025-0393 Kwetsbaarheid verholpen in GeoServer 2025-12-12T08:12:18.831044Z 2025-12-12T09:02:27.681292Z
ncsc-2025-0392 Kwetsbaarheid verholpen in Barracuda Service Center 2025-12-11T13:53:23.819008Z 2025-12-11T13:53:23.819008Z
ncsc-2025-0391 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2025-12-11T13:51:55.178462Z 2025-12-11T13:51:55.178462Z
ncsc-2025-0390 Kwetsbaarheden verholpen in GitLab CE/EE 2025-12-11T09:22:54.841848Z 2025-12-11T09:22:54.841848Z
ncsc-2025-0389 Kwetsbaarheden verholpen in Adobe Experience Manager 2025-12-10T14:59:57.911864Z 2025-12-10T14:59:57.911864Z
ncsc-2025-0388 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2025-12-10T13:35:58.314547Z 2025-12-10T13:35:58.314547Z
ncsc-2025-0387 Kwetsbaarheden verholpen in Adobe ColdFusion 2025-12-10T13:34:08.908897Z 2025-12-10T13:34:08.908897Z
ncsc-2025-0385 Kwetsbaarheden verholpen in Microsoft Exchange 2025-12-09T18:42:32.332749Z 2025-12-09T18:42:32.332749Z
ncsc-2025-0384 Kwetsbaarheden verholpen in Microsoft Office 2025-12-09T18:40:33.839342Z 2025-12-09T18:40:33.839342Z
ncsc-2025-0383 Kwetsbaarheden verholpen in Microsoft Windows 2025-12-09T18:39:18.152251Z 2025-12-09T18:39:18.152251Z
ncsc-2025-0382 Kwetsbaarheden verholpen in Siemens producten 2025-12-09T13:15:05.391966Z 2025-12-09T13:15:05.391966Z
ncsc-2025-0381 Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform 2025-12-08T08:23:21.965599Z 2025-12-08T08:23:21.965599Z
ncsc-2025-0380 Kwetsbaarheden verholpen in React Server Components 2025-12-03T20:11:57.728117Z 2025-12-05T12:13:36.590522Z
ncsc-2025-0379 Kwetsbaarheden verholpen in Google Android en Samsung Mobile 2025-12-02T13:25:17.745981Z 2025-12-02T13:25:17.745981Z
ncsc-2025-0378 Kwetsbaarheden verholpen in Mattermost 2025-11-28T09:53:42.334621Z 2025-11-28T09:53:42.334621Z
ID Description Published Updated
ssa-512988 SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 2025-12-12T00:00:00Z 2025-12-12T00:00:00Z
ssa-915282 SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-912274 SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-882673 SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-800126 SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-763474 SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-734261 SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-723487 SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products 2024-07-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-693808 SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-673996 SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products 2024-09-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-626856 SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-493396 SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-471761 SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-420375 SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-416652 SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-408105 SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products 2022-12-13T00:00:00Z 2025-12-09T00:00:00Z
ssa-392859 SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-356310 SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-282044 SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-202008 SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-978177 SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices 2025-08-12T00:00:00Z 2025-11-17T00:00:00Z
ssa-241605 SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-190588 SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-864900 SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2025-05-13T00:00:00Z 2025-11-11T00:00:00Z
ssa-832273 SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices 2024-03-12T00:00:00Z 2025-11-11T00:00:00Z
ssa-794185 SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products 2025-05-13T00:00:00Z 2025-11-11T00:00:00Z
ssa-770770 SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices 2025-02-11T00:00:00Z 2025-11-11T00:00:00Z
ID Description Published Updated
rhsa-2022:8861 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (numpy) security update 2022-12-07T20:28:14+00:00 2026-01-08T13:46:32+00:00
rhsa-2022:8852 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (numpy) security update 2022-12-07T19:19:32+00:00 2026-01-08T13:46:32+00:00
rhsa-2022:7144 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update 2022-10-26T20:05:57+00:00 2026-01-08T13:46:31+00:00
rhsa-2022:7143 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update 2022-10-26T20:15:34+00:00 2026-01-08T13:46:30+00:00
rhsa-2022:0345 Red Hat Security Advisory: java-1.8.0-ibm security update 2022-02-01T15:14:03+00:00 2026-01-08T13:46:30+00:00
rhsa-2022:5532 Red Hat Security Advisory: Red Hat Fuse 7.11.0 release and security update 2022-07-07T14:19:49+00:00 2026-01-08T13:46:29+00:00
rhsa-2022:4711 Red Hat Security Advisory: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update 2022-05-26T16:25:03+00:00 2026-01-08T13:46:28+00:00
rhsa-2022:1179 Red Hat Security Advisory: Red Hat support for Spring Boot 2.5.10 update 2022-04-12T19:06:09+00:00 2026-01-08T13:46:28+00:00
rhsa-2022:1000 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (numpy) security update 2022-03-23T22:11:40+00:00 2026-01-08T13:46:26+00:00
rhsa-2022:0987 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (numpy) security update 2022-03-24T10:59:05+00:00 2026-01-08T13:46:26+00:00
rhsa-2022:0310 Red Hat Security Advisory: java-1.7.1-ibm security update 2022-01-27T14:11:40+00:00 2026-01-08T13:46:24+00:00
rhsa-2021:4861 Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release 2021-11-30T14:28:36+00:00 2026-01-08T13:46:24+00:00
rhsa-2021:5030 Red Hat Security Advisory: java-1.8.0-ibm security update 2021-12-08T16:22:29+00:00 2026-01-08T13:46:22+00:00
rhsa-2021:4863 Red Hat Security Advisory: Red Hat JBoss Web Server 5.6.0 Security release 2021-11-30T14:25:37+00:00 2026-01-08T13:46:21+00:00
rhsa-2024:6667 Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.16.0 release 2024-09-12T21:30:49+00:00 2026-01-08T13:34:02+00:00
rhsa-2023:6821 Red Hat Security Advisory: mariadb:10.5 security update 2023-11-08T15:38:43+00:00 2026-01-08T13:34:02+00:00
rhsa-2023:3447 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update 2023-06-05T18:54:02+00:00 2026-01-08T13:34:02+00:00
rhsa-2023:3445 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update 2023-06-05T18:55:04+00:00 2026-01-08T13:34:02+00:00
rhsa-2023:3441 Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (etcd) security update 2023-06-05T19:02:22+00:00 2026-01-08T13:34:01+00:00
rhsa-2023:3223 Red Hat Security Advisory: Red Hat AMQ Streams 2.4.0 release and security update 2023-05-18T09:54:05+00:00 2026-01-08T13:34:01+00:00
rhsa-2023:2723 Red Hat Security Advisory: Red Hat Data Grid 8.4.2 security update 2023-05-10T13:41:52+00:00 2026-01-08T13:34:01+00:00
rhsa-2023:2713 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update 2023-05-10T11:59:30+00:00 2026-01-08T13:34:00+00:00
rhsa-2023:2710 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 for OpenShift image security update 2023-05-10T14:30:46+00:00 2026-01-08T13:34:00+00:00
rhsa-2023:2707 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 9 2023-05-10T11:25:29+00:00 2026-01-08T13:33:59+00:00
rhsa-2023:2705 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 7 2023-05-10T11:25:19+00:00 2026-01-08T13:33:59+00:00
rhsa-2023:2706 Red Hat Security Advisory: Red Hat Single Sign-On 7.6.3 security update on RHEL 8 2023-05-10T11:25:30+00:00 2026-01-08T13:33:58+00:00
rhsa-2023:0756 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 XP 4.0.0.GA Security release 2023-02-14T11:49:05+00:00 2026-01-08T13:33:56+00:00
rhsa-2022:7273 Red Hat Security Advisory: Red Hat JBoss Web Server 5.7.0 release and security update 2022-11-02T10:40:29+00:00 2026-01-08T13:33:56+00:00
rhsa-2022:6407 Red Hat Security Advisory: Red Hat Integration Camel-K 1.8 security update 2022-09-09T07:12:07+00:00 2026-01-08T13:33:56+00:00
rhsa-2022:7119 Red Hat Security Advisory: mysql:8.0 security, bug fix, and enhancement update 2022-10-25T09:10:59+00:00 2026-01-08T13:33:55+00:00
ID Description Published Updated
icsa-26-006-01 Columbia Weather Systems MicroServer 2026-01-06T07:00:00.000000Z 2026-01-06T07:00:00.000000Z
icsma-25-364-01 WHILL Model C2 Electric Wheelchairs and Model F Power Chairs 2025-12-30T07:00:00.000000Z 2025-12-30T07:00:00.000000Z
icsa-25-345-03 AzeoTech DAQFactory (Update A) 2025-12-11T07:00:00.000000Z 2025-12-30T07:00:00.000000Z
icsa-25-177-01 Mitsubishi Electric Air Conditioning Systems (Update B) 2025-06-26T06:00:00.000000Z 2025-12-23T07:00:00.000000Z
icsa-25-352-02 Schneider Electric EcoStruxure Foxboro DCS Advisor 2025-12-09T08:00:00.000000Z 2025-12-18T18:23:06.311869Z
icsa-25-352-05 Siemens Interniche IP-Stack 2025-12-09T00:00:00.000000Z 2025-12-18T18:13:59.515670Z
icsa-25-352-08 Axis Communications Camera Station Pro, Camera Station, and Device Manager 2025-12-18T07:00:00.000000Z 2025-12-18T07:00:00.000000Z
icsa-25-352-07 Rockwell Automation Micro820, Micro850, Micro870 2025-12-18T07:00:00.000000Z 2025-12-18T07:00:00.000000Z
icsa-25-352-06 Advantech WebAccess/SCADA 2025-12-18T07:00:00.000000Z 2025-12-18T07:00:00.000000Z
icsa-25-352-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products 2025-12-18T07:00:00.000000Z 2025-12-18T07:00:00.000000Z
icsa-25-352-03 National Instruments LabView 2025-12-18T07:00:00.000000Z 2025-12-18T07:00:00.000000Z
icsa-25-352-01 Inductive Automation Ignition 2025-12-18T07:00:00.000000Z 2025-12-18T07:00:00.000000Z
icsa-24-291-03 Mitsubishi Electric CNC Series (Update C) 2024-10-17T06:00:00.000000Z 2025-12-18T07:00:00.000000Z
va-25-352-01 BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities 2025-12-18T00:00:00Z 2025-12-18T00:00:00Z
icsa-25-350-04 Mitsubishi Electric GT Designer3 2025-12-16T07:00:00.000000Z 2025-12-16T07:00:00.000000Z
icsa-25-350-03 Hitachi Energy AFS, AFR and AFF Series 2025-12-16T07:00:00.000000Z 2025-12-16T07:00:00.000000Z
icsa-25-350-02 Johnson Controls PowerG, IQPanel and IQHub 2025-12-16T07:00:00.000000Z 2025-12-16T07:00:00.000000Z
icsa-25-350-01 Güralp Systems Fortimus Series, Minimus Series, and Certimus Series 2025-12-16T07:00:00.000000Z 2025-12-16T07:00:00.000000Z
icsa-25-308-01 Fuji Electric Monitouch V-SFT-6 (Update A) 2025-11-04T07:00:00.000000Z 2025-12-16T07:00:00.000000Z
icsa-25-224-02 Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 (Update A) 2025-08-12T06:00:00.000000Z 2025-12-16T07:00:00.000000Z
va-25-345-01 CISA Software Acquisition Guide Supplier Response Web Tool XSS 2025-12-12T20:27:47Z 2025-12-12T20:27:47Z
icsma-25-345-02 Varex Imaging Panoramic Dental Imaging Software 2025-12-11T07:00:00.000000Z 2025-12-11T07:00:00.000000Z
icsma-25-345-01 Grassroots DICOM (GDCM) 2025-12-11T07:00:00.000000Z 2025-12-11T07:00:00.000000Z
icsa-25-345-10 OpenPLC_V3 2025-12-11T07:00:00.000000Z 2025-12-11T07:00:00.000000Z
icsa-25-345-02 Johnson Controls iSTAR Ultra 2025-12-11T07:00:00.000000Z 2025-12-11T07:00:00.000000Z
icsa-25-345-01 Johnson Controls iSTAR 2025-12-11T07:00:00.000000Z 2025-12-11T07:00:00.000000Z
va-25-343-01 Windscribe for Linux 'changeMTU' local privilege escalation 2025-12-10T16:46:41Z 2025-12-10T16:46:41Z
icsa-25-343-01 Universal Boot Loader (U-Boot) 2025-12-09T07:00:00.000000Z 2025-12-09T07:00:00.000000Z
icsa-25-343-03 Multiple India-based CCTV Cameras** 2025-12-09T05:00:00.000000Z 2025-12-09T05:00:00.000000Z
icsa-25-345-09 Siemens Gridscale X Prepay 2025-12-09T00:00:00.000000Z 2025-12-09T00:00:00.000000Z
ID Description Published Updated
cisco-sa-react-flight-tyw32ddb Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 2025-12-04T16:00:00+00:00 2025-12-17T22:37:17+00:00
cisco-sa-sma-attack-n9bf4 Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager 2025-12-17T16:00:00+00:00 2025-12-17T16:00:00+00:00
cisco-sa-ise-multiple-vulns-o9beswjh Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities 2025-11-05T16:00:00+00:00 2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn Multiple Cisco Contact Center Products Vulnerabilities 2025-11-05T16:00:00+00:00 2025-11-18T14:49:09+00:00
cisco-sa-privesc-catc-ryjreelu Cisco Catalyst Center Privilege Escalation Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59 Cisco Catalyst Center Cross-Site Scripting Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt Cisco Catalyst Center REST API Command Injection Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-cc-unauth-rce-qen8h7mq Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities 2025-11-05T16:00:00+00:00 2025-11-13T12:48:42+00:00
cisco-sa-asaftd-webvpn-yrootuw Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability 2025-09-25T16:00:00+00:00 2025-11-06T15:50:55+00:00
cisco-sa-asaftd-webvpn-z5xp8eub Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability 2025-09-25T16:00:00+00:00 2025-11-06T15:50:54+00:00
cisco-sa-http-code-exec-wmfp3h3o Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability 2025-09-25T16:00:00+00:00 2025-11-06T15:50:51+00:00
cisco-sa-ise-radsupress-dos-8yf3jthh Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability 2025-11-05T16:00:00+00:00 2025-11-05T16:00:00+00:00
cisco-sa-broadworks-xss-o696ymra Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability 2025-07-02T16:00:00+00:00 2025-10-21T15:13:31+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities 2025-10-15T16:00:00+00:00 2025-10-15T16:00:00+00:00
cisco-sa-roomos-inf-disc-qggsbxam Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability 2025-10-15T16:00:00+00:00 2025-10-15T16:00:00+00:00
cisco-sa-phone-dos-fpyjlv7a Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities 2025-10-15T16:00:00+00:00 2025-10-15T16:00:00+00:00
cisco-sa-secboot-uqfd8avc Cisco IOS XE Software Secure Boot Bypass Vulnerabilities 2025-09-24T16:00:00+00:00 2025-10-15T15:57:29+00:00
cisco-sa-snmp-x4lphte Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability 2025-09-24T16:00:00+00:00 2025-10-06T18:27:02+00:00
cisco-sa-ios-tacacs-hdb7thjw Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability 2025-09-24T16:00:00+00:00 2025-10-01T16:39:50+00:00
cisco-sa-cv-xss-rwrakaj9 Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities 2025-10-01T16:00:00+00:00 2025-10-01T16:00:00+00:00
cisco-sa-cucm-stored-xss-fnj66yly Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability 2025-10-01T16:00:00+00:00 2025-10-01T16:00:00+00:00
cisco-sa-cat9k-ptmd7bgy Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability 2025-09-24T16:00:00+00:00 2025-09-30T14:26:46+00:00
cisco-sa-ap-ipv6-gw-tuazpn9o Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability 2025-09-24T16:00:00+00:00 2025-09-26T16:35:51+00:00
cisco-sa-webui-xss-vwydgjou Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability 2025-09-24T16:00:00+00:00 2025-09-26T16:35:50+00:00
cisco-sa-snmpwred-x3mjyf5m Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability 2025-09-24T16:00:00+00:00 2025-09-24T16:00:00+00:00
cisco-sa-nbar-dos-lavwtmet Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability 2025-09-24T16:00:00+00:00 2025-09-24T16:00:00+00:00
cisco-sa-iosxe-arg-inject-eyddbh4e Cisco IOS XE Software CLI Argument Injection Vulnerability 2025-09-24T16:00:00+00:00 2025-09-24T16:00:00+00:00
cisco-sa-ios-xe-cmd-inject-rpjm8bgl Cisco IOS XE Software HTTP API Command Injection Vulnerability 2025-09-24T16:00:00+00:00 2025-09-24T16:00:00+00:00
ID Description Published Updated
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2025-05-20T11:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
SCA-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
SCA-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
sca-2023-0008 Vulnerability in SICK SIM1012 2023-09-29T13:00:00.000Z 2023-09-29T13:00:00.000Z
SCA-2023-0008 Vulnerability in SICK SIM1012 2023-09-29T13:00:00.000Z 2023-09-29T13:00:00.000Z
sca-2023-0009 Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products 2023-09-29T10:00:00.000Z 2023-09-29T10:00:00.000Z
SCA-2023-0009 Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products 2023-09-29T10:00:00.000Z 2023-09-29T10:00:00.000Z
sca-2023-0007 Vulnerabilities in SICK LMS5xx 2023-08-25T11:00:00.000Z 2023-08-25T11:00:00.000Z
ID Description Published Updated
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
msrc_cve-2025-1744 Out-of-bounds Write in radare2 2025-02-02T00:00:00.000Z 2026-01-08T01:40:54.000Z
msrc_cve-2025-68766 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() 2026-01-02T00:00:00.000Z 2026-01-08T01:40:49.000Z
msrc_cve-2025-68753 ALSA: firewire-motu: add bounds check in put_user loop for DSP events 2026-01-02T00:00:00.000Z 2026-01-08T01:40:44.000Z
msrc_cve-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion 2025-12-02T00:00:00.000Z 2026-01-08T01:40:35.000Z
msrc_cve-2025-34468 libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE 2025-12-02T00:00:00.000Z 2026-01-08T01:40:21.000Z
msrc_cve-2025-68380 wifi: ath11k: fix peer HE MCS assignment 2025-12-02T00:00:00.000Z 2026-01-08T01:40:16.000Z
msrc_cve-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats() 2025-12-02T00:00:00.000Z 2026-01-08T01:40:11.000Z
msrc_cve-2025-68367 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse 2025-12-02T00:00:00.000Z 2026-01-08T01:40:06.000Z
msrc_cve-2025-68729 wifi: ath12k: Fix MSDU buffer types handling in RX error path 2025-12-02T00:00:00.000Z 2026-01-08T01:40:01.000Z
msrc_cve-2025-38425 i2c: tegra: check msg length in SMBUS block read 2025-07-02T00:00:00.000Z 2026-01-08T01:39:56.000Z
msrc_cve-2025-38476 rpl: Fix use-after-free in rpl_do_srh_inline(). 2025-07-02T00:00:00.000Z 2026-01-08T01:39:51.000Z
msrc_cve-2025-38437 ksmbd: fix potential use-after-free in oplock/lease break ack 2025-07-02T00:00:00.000Z 2026-01-08T01:39:46.000Z
msrc_cve-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential 2025-12-02T00:00:00.000Z 2026-01-08T01:39:41.000Z
msrc_cve-2025-38377 rose: fix dangling neighbour pointers in rose_rt_device_down() 2025-07-02T00:00:00.000Z 2026-01-08T01:39:34.000Z
msrc_cve-2025-38259 ASoC: codecs: wcd9335: Fix missing free of regulator supplies 2025-07-02T00:00:00.000Z 2026-01-08T01:39:29.000Z
msrc_cve-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user() 2025-07-02T00:00:00.000Z 2026-01-08T01:39:24.000Z
msrc_cve-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes 2025-07-02T00:00:00.000Z 2026-01-08T01:39:19.000Z
msrc_cve-2025-68156 Expr has Denial of Service via Unbounded Recursion in Builtin Functions 2025-12-02T00:00:00.000Z 2026-01-08T01:39:14.000Z
msrc_cve-2025-38131 coresight: prevent deactivate active config while enabling the config 2025-07-02T00:00:00.000Z 2026-01-08T01:39:09.000Z
msrc_cve-2025-68287 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths 2025-12-02T00:00:00.000Z 2026-01-08T01:39:04.000Z
msrc_cve-2025-68290 most: usb: fix double free on late probe failure 2025-12-02T00:00:00.000Z 2026-01-08T01:38:59.000Z
msrc_cve-2025-68301 net: atlantic: fix fragment overflow handling in RX path 2025-12-02T00:00:00.000Z 2026-01-08T01:38:53.000Z
msrc_cve-2025-68311 tty: serial: ip22zilog: Use platform device for probing 2025-12-02T00:00:00.000Z 2026-01-08T01:38:46.000Z
msrc_cve-2025-68303 platform/x86: intel: punit_ipc: fix memory corruption 2025-12-02T00:00:00.000Z 2026-01-08T01:38:41.000Z
msrc_cve-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode 2025-12-02T00:00:00.000Z 2026-01-08T01:38:35.000Z
msrc_cve-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser 2025-12-02T00:00:00.000Z 2026-01-08T01:38:25.000Z
msrc_cve-2025-68266 bfs: Reconstruct file type when loading from disk 2025-12-02T00:00:00.000Z 2026-01-08T01:38:20.000Z
msrc_cve-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing 2025-12-02T00:00:00.000Z 2026-01-08T01:38:15.000Z
msrc_cve-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite 2025-12-02T00:00:00.000Z 2026-01-08T01:37:57.000Z
msrc_cve-2025-38644 wifi: mac80211: reject TDLS operations when station is not associated 2025-08-02T00:00:00.000Z 2026-01-08T01:02:42.000Z
ID Description Published Updated
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
3adr011432 AC500 V2 Buffer overread on Modbus protocol 2025-07-23T00:30:00.000Z 2025-07-23T00:30:00.000Z
9akk108471a4556 Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. 2025-07-21T00:30:00.000Z 2025-07-21T00:30:00.000Z
2crt000008 Lite Panel Pro Vulnerability in Session Management 2025-06-26T00:30:00.000Z 2025-06-26T00:30:00.000Z
9akk108470a8948 ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. 2025-05-29T00:30:00.000Z 2025-06-05T00:30:00.000Z
9akk108471a1621 EIBPORT Session Management Fail 2025-06-02T00:30:00.000Z 2025-06-04T00:30:00.000Z
9akk108471a0021 ELSB/BLBA ASPECT advisory several CVEs 2025-05-22T00:30:00.000Z 2025-05-23T10:30:00.000Z
2crt000006 ANC – ABB Network Card Multiple vulnerabilities in ANC 2025-04-30T00:30:00.000Z 2025-04-30T00:30:00.000Z
2crt000007 Ekip Com IEC61850 Vulnerability in 3rd Party Library 2025-04-29T00:30:00.000Z 2025-04-29T00:30:00.000Z
9akk108470a9989 ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities 2025-04-10T08:30:00.000Z 2025-04-10T08:30:00.000Z
2nga002579 ABB Arctic communication solution ARM600 Vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
2nga002427 ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
9akk108470a9494 Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
9akk108470a9491 ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications … 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monter… 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includ… 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… 2024-07-23T22:37:43.471000Z
ID Description Published Updated
jvndb-2026-000004 The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries 2026-01-08T13:47+09:00 2026-01-08T13:47+09:00
jvndb-2026-000001 Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2 2026-01-07T14:19+09:00 2026-01-07T14:19+09:00
jvndb-2026-000002 Multiple vulnerabilities in multiple Sharp Display Solutions Projectors 2026-01-07T14:10+09:00 2026-01-07T14:10+09:00
jvndb-2026-001001 Authentication bypass vulnerability in OpenBlocks series 2026-01-07T10:46+09:00 2026-01-07T10:46+09:00
jvndb-2025-022878 Media Player MP-01 vulnerable to Missing Authentication for Critical Function 2025-12-24T11:10+09:00 2025-12-24T11:10+09:00
jvndb-2025-019621 EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts 2025-11-21T15:31+09:00 2025-12-24T10:54+09:00
jvndb-2025-014967 Multiple vulnerabilities in multiple Keyence products 2025-10-03T11:19+09:00 2025-12-23T14:36+09:00
jvndb-2025-000117 SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow 2025-12-16T15:31+09:00 2025-12-23T11:57+09:00
jvndb-2025-022400 Ruijie Networks AP180 Series vulnerable to OS command injection 2025-12-19T12:33+09:00 2025-12-19T12:33+09:00
jvndb-2025-000118 GROWI vulnerable to cross-site request forgery 2025-12-17T13:04+09:00 2025-12-17T13:04+09:00
jvndb-2025-022062 Multiple vulnerabilities in CHOCO TEI WATCHER mini 2025-12-17T11:28+09:00 2025-12-17T11:28+09:00
jvndb-2025-000115 QND vulnerable to privilege escalation 2025-12-11T14:33+09:00 2025-12-11T14:33+09:00
jvndb-2025-000113 Multiple vulnerabilities in GroupSession 2025-12-08T17:48+09:00 2025-12-11T11:30+09:00
jvndb-2025-000091 Multiple I-O DATA NAS management applications register Windows services with unquoted file paths 2025-10-22T15:04+09:00 2025-12-10T16:20+09:00
jvndb-2021-000081 Multiple vulnerabilities in Sharp NEC Display Solutions' public displays 2021-09-17T15:13+09:00 2025-12-10T10:24+09:00
jvndb-2025-021305 Android App "Brother iPrint&Scan" improper use of an external cache directory 2025-12-09T17:25+09:00 2025-12-09T17:25+09:00
jvndb-2025-000114 ELECOM Clone for Windows registers a Windows service with an unquoted file path 2025-12-09T17:16+09:00 2025-12-09T17:16+09:00
jvndb-2025-000116 GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths 2025-12-08T14:06+09:00 2025-12-08T14:06+09:00
jvndb-2025-000094 Multiple vulnerabilities in ABB Terra AC Wallbox 2025-12-05T14:12+09:00 2025-12-05T14:12+09:00
jvndb-2025-000112 Installer of INZONE Hub may insecurely load Dynamic Link Libraries 2025-11-28T13:36+09:00 2025-11-28T13:36+09:00
jvndb-2025-000111 SwitchBot Smart Video Doorbell vulnerable to active debug code 2025-11-26T14:35+09:00 2025-11-26T14:35+09:00
jvndb-2025-000110 Multiple vulnerabilities in Security Point (Windows) of MaLion 2025-11-25T17:17+09:00 2025-11-25T17:17+09:00
jvndb-2025-000109 Multiple vulnerabilities in SNC-CX600W 2025-11-25T14:59+09:00 2025-11-25T14:59+09:00
jvndb-2025-000108 "FOD" App uses hard-coded cryptographic keys 2025-11-25T14:15+09:00 2025-11-25T14:15+09:00
jvndb-2025-000106 Multiple vulnerabilities in LogStare Collector 2025-11-21T16:27+09:00 2025-11-21T16:27+09:00
jvndb-2025-000107 Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries 2025-11-19T16:22+09:00 2025-11-19T16:22+09:00
jvndb-2025-000097 "Dejira" App for iOS vulnerable to improper server certificate verification 2025-11-17T14:09+09:00 2025-11-17T14:09+09:00
jvndb-2025-000105 NCP-HG100 vulnerable to OS command injection 2025-11-14T15:26+09:00 2025-11-14T15:26+09:00
jvndb-2025-000104 Multiple vulnerabilities in GNU Libmicrohttpd 2025-11-10T15:07+09:00 2025-11-10T15:07+09:00
jvndb-2025-000103 Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series" 2025-11-07T15:39+09:00 2025-11-07T15:39+09:00
ID Description Updated
ts-2025-008 TS-2025-008 2025-11-19T00:00
ts-2025-007 TS-2025-007 2025-11-07T00:00
ts-2025-006 TS-2025-006 2025-10-28T00:00
ts-2025-005 TS-2025-005 2025-08-07T00:00
ts-2025-004 TS-2025-004 2025-05-27T00:00
ts-2025-003 TS-2025-003 2025-05-21T00:00
ts-2025-002 TS-2025-002 2025-05-15T00:00
ts-2025-001 TS-2025-001 2025-03-07T00:00
ts-2024-013 TS-2024-013 2024-12-04T00:00
ts-2024-012 TS-2024-012 2024-10-02T00:00
ts-2024-011 TS-2024-011 2024-07-22T00:00
ts-2024-010 TS-2024-010 2024-07-19T00:00
ts-2024-009 TS-2024-009 2024-06-27T00:00
ts-2024-008 TS-2024-008 2024-06-14T00:00
ts-2024-007 TS-2024-007 2024-06-12T00:00
ts-2024-006 TS-2024-006 2024-05-22T00:00
ts-2024-005 TS-2024-005 2024-05-08T00:00
ts-2024-004 TS-2024-004 2024-05-06T00:00
ts-2024-003 TS-2024-003 2024-04-23T00:00
ts-2024-002 TS-2024-002 2024-01-30T00:00
ts-2024-001 TS-2024-001 2024-01-08T00:00
ts-2023-009 TS-2023-009 2023-12-22T00:00
ts-2023-008 TS-2023-008 2023-11-01T00:00
ts-2023-007 TS-2023-007 2023-10-26T00:00
ts-2023-006 TS-2023-006 2023-08-22T00:00
ts-2023-005 TS-2023-005 2023-04-28T00:00
ts-2023-004 TS-2023-004 2023-04-04T00:00
ts-2023-003 TS-2023-003 2023-03-22T00:00
ts-2023-002 TS-2023-002 2023-01-24T00:00
ts-2023-001 TS-2023-001 2023-01-17T00:00
ID Description Published Updated
suse-su-2026:0053-1 Security update for libpcap 2026-01-07T11:03:52Z 2026-01-07T11:03:52Z
suse-su-2026:0052-1 Security update for curl 2026-01-07T09:28:37Z 2026-01-07T09:28:37Z
suse-su-2026:0051-1 Security update for curl 2026-01-07T09:28:27Z 2026-01-07T09:28:27Z
suse-su-2026:0050-1 Security update for curl 2026-01-07T09:28:15Z 2026-01-07T09:28:15Z
suse-su-2026:0044-1 Security update for mozjs60 2026-01-06T16:10:16Z 2026-01-06T16:10:16Z
suse-su-2026:0043-1 Security update for qemu 2026-01-06T16:03:07Z 2026-01-06T16:03:07Z
suse-su-2026:0029-1 Security update for the Linux Kernel 2026-01-05T12:59:48Z 2026-01-05T12:59:48Z
suse-su-2026:0028-1 Security update for alloy 2026-01-05T12:53:11Z 2026-01-05T12:53:11Z
suse-su-2026:0027-1 Security update for python3 2026-01-05T12:47:16Z 2026-01-05T12:47:16Z
suse-su-2026:0025-1 Security update for python312 2026-01-05T12:11:09Z 2026-01-05T12:11:09Z
suse-su-2026:0024-1 Security update for python313 2026-01-05T12:10:23Z 2026-01-05T12:10:23Z
suse-su-2026:0023-1 Security update for erlang26 2026-01-05T12:06:04Z 2026-01-05T12:06:04Z
suse-su-2026:0022-1 Security update for qemu 2026-01-05T11:18:23Z 2026-01-05T11:18:23Z
suse-su-2026:0021-1 Security update for webkit2gtk3 2026-01-05T11:12:33Z 2026-01-05T11:12:33Z
suse-su-2026:0020-1 Security update for apache2 2026-01-05T11:08:42Z 2026-01-05T11:08:42Z
suse-su-2026:0019-1 Security update for apache2 2026-01-05T11:08:00Z 2026-01-05T11:08:00Z
suse-su-2026:0018-1 Security update for glib2 2026-01-05T10:52:26Z 2026-01-05T10:52:26Z
suse-su-2026:0017-1 Security update for libsoup 2026-01-05T10:52:01Z 2026-01-05T10:52:01Z
suse-su-2026:0016-1 Security update for pgadmin4 2026-01-05T10:48:08Z 2026-01-05T10:48:08Z
suse-su-2026:0015-1 Security update for pgadmin4 2026-01-05T10:40:59Z 2026-01-05T10:40:59Z
suse-su-2026:0014-1 Security update for buildah 2026-01-05T10:39:01Z 2026-01-05T10:39:01Z
suse-su-2026:0013-1 Security update for ImageMagick 2026-01-05T10:36:11Z 2026-01-05T10:36:11Z
suse-su-2026:0012-1 Security update for xen 2026-01-05T10:31:27Z 2026-01-05T10:31:27Z
suse-su-2026:0011-1 Security update for ImageMagick 2026-01-05T10:28:55Z 2026-01-05T10:28:55Z
suse-su-2026:0010-1 Security update for python-tornado6 2026-01-05T10:26:32Z 2026-01-05T10:26:32Z
suse-su-2026:0005-1 Security update for rsync 2026-01-02T12:30:51Z 2026-01-02T12:30:51Z
suse-su-2025:4532-1 Security update for apache2-mod_auth_openidc 2025-12-29T13:53:59Z 2025-12-29T13:53:59Z
suse-su-2025:4530-1 Security update for the Linux Kernel 2025-12-29T10:48:23Z 2025-12-29T10:48:23Z
suse-su-2025:4528-1 Security update for webkit2gtk3 2025-12-26T14:52:35Z 2025-12-26T14:52:35Z
suse-su-2025:4527-1 Security update for webkit2gtk3 2025-12-26T14:49:08Z 2025-12-26T14:49:08Z
ID Description Published Updated
opensuse-su-2026:10015-1 libwget4-2.2.1-1.1 on GA media 2026-01-07T00:00:00Z 2026-01-07T00:00:00Z
opensuse-su-2026:10014-1 python311-cbor2-5.8.0-2.1 on GA media 2026-01-07T00:00:00Z 2026-01-07T00:00:00Z
opensuse-su-2026:10013-1 apptainer-1.4.5-1.1 on GA media 2026-01-07T00:00:00Z 2026-01-07T00:00:00Z
opensuse-su-2026:10012-1 ImageMagick-7.1.2.12-1.1 on GA media 2026-01-07T00:00:00Z 2026-01-07T00:00:00Z
opensuse-su-2026:10006-1 dcmtk-3.7.0-1.1 on GA media 2026-01-05T00:00:00Z 2026-01-05T00:00:00Z
opensuse-su-2026:10005-1 python312-Django6-6.0-1.1 on GA media 2026-01-03T00:00:00Z 2026-01-03T00:00:00Z
opensuse-su-2026:10004-1 fluidsynth-2.5.2-1.1 on GA media 2026-01-03T00:00:00Z 2026-01-03T00:00:00Z
opensuse-su-2026:20001-1 Security update for sssd 2026-01-02T16:58:16Z 2026-01-02T16:58:16Z
opensuse-su-2026:20002-1 Security update for MozillaThunderbird 2026-01-02T12:14:18Z 2026-01-02T12:14:18Z
opensuse-su-2026:10002-1 libmatio-devel-1.5.29-1.1 on GA media 2026-01-01T00:00:00Z 2026-01-01T00:00:00Z
opensuse-su-2026:10001-1 dirmngr-2.5.16-1.1 on GA media 2026-01-01T00:00:00Z 2026-01-01T00:00:00Z
opensuse-su-2026:10000-1 gnu-recutils-1.9-3.1 on GA media 2026-01-01T00:00:00Z 2026-01-01T00:00:00Z
opensuse-su-2025:15853-1 weblate-5.14.3-2.1 on GA media 2025-12-30T00:00:00Z 2025-12-30T00:00:00Z
opensuse-su-2025:15848-1 python311-openapi-core-0.22.0-1.1 on GA media 2025-12-28T00:00:00Z 2025-12-28T00:00:00Z
opensuse-su-2025:15847-1 anubis-1.24.0-1.1 on GA media 2025-12-28T00:00:00Z 2025-12-28T00:00:00Z
opensuse-su-2025:15846-1 python39-3.9.25-2.1 on GA media 2025-12-24T00:00:00Z 2025-12-24T00:00:00Z
opensuse-su-2025:15845-1 podman-5.7.1-1.1 on GA media 2025-12-24T00:00:00Z 2025-12-24T00:00:00Z
opensuse-su-2025:15844-1 cpp-httplib-devel-0.28.0-1.1 on GA media 2025-12-24T00:00:00Z 2025-12-24T00:00:00Z
opensuse-su-2025:15843-1 buildah-1.42.2-1.1 on GA media 2025-12-24T00:00:00Z 2025-12-24T00:00:00Z
opensuse-su-2025:15841-1 zk-0.15.2-1.1 on GA media 2025-12-22T00:00:00Z 2025-12-22T00:00:00Z
opensuse-su-2025:15840-1 python315-3.15.0~a3-1.1 on GA media 2025-12-22T00:00:00Z 2025-12-22T00:00:00Z
opensuse-su-2025:15839-1 python310-3.10.19-3.1 on GA media 2025-12-22T00:00:00Z 2025-12-22T00:00:00Z
opensuse-su-2025:15832-1 coredns-for-k8s1.35-1.13.1-2.1 on GA media 2025-12-19T00:00:00Z 2025-12-19T00:00:00Z
opensuse-su-2025:15831-1 chromedriver-143.0.7499.146-1.1 on GA media 2025-12-19T00:00:00Z 2025-12-19T00:00:00Z
opensuse-su-2025:15830-1 alloy-1.12.0-2.1 on GA media 2025-12-19T00:00:00Z 2025-12-19T00:00:00Z
opensuse-su-2025:15829-1 ImageMagick-7.1.2.10-2.1 on GA media 2025-12-19T00:00:00Z 2025-12-19T00:00:00Z
opensuse-su-2025:15824-1 netty-4.1.130-1.1 on GA media 2025-12-17T00:00:00Z 2025-12-17T00:00:00Z
opensuse-su-2025:15823-1 clair-4.9.0-1.1 on GA media 2025-12-17T00:00:00Z 2025-12-17T00:00:00Z
opensuse-su-2025:15822-1 strongswan-6.0.4-1.1 on GA media 2025-12-15T00:00:00Z 2025-12-15T00:00:00Z
opensuse-su-2025:15821-1 qemu-10.1.3-1.1 on GA media 2025-12-15T00:00:00Z 2025-12-15T00:00:00Z
ID Description Published Updated
cnvd-2026-00125 Men Salon Management System /admin/edit-customer-detailed.php文件SQL注入漏洞 2025-04-22 2026-01-04
cnvd-2026-00124 Men Salon Management System /admin/edit-services.php文件SQL注入漏洞 2025-04-22 2026-01-04
cnvd-2026-00123 TOTOLINK N200RE UploadFirmwareFile函数命令注入漏洞 2024-01-11 2026-01-04
cnvd-2026-00122 TOTOLINK N200RE setTracerouteCfg函数命令注入漏洞 2024-01-11 2026-01-04
cnvd-2026-00121 TOTOLINK N200RE setDiagnosisCfg函数命令注入漏洞 2024-01-11 2026-01-04
cnvd-2026-00120 TOTOLINK N200RE setLanguageCfg函数堆栈缓冲区溢出漏洞 2024-01-30 2026-01-04
cnvd-2026-00119 TOTOLINK N200RE setIpPortFilterRules函数堆栈缓冲区溢出漏洞 2024-01-30 2026-01-04
cnvd-2026-00118 TOTOLINK CP450硬编码密码漏洞 2024-05-22 2026-01-04
cnvd-2026-00117 TOTOLINK CPE CP450 setWebWlanIdx方法命令注入漏洞 2024-05-22 2026-01-04
cnvd-2026-00116 TOTOLINK CP450 setUrlFilterRules方法堆栈缓冲区溢出漏洞 2024-05-22 2026-01-04
cnvd-2026-00115 TOTOLINK CPE CP450 setUpgradeFW方法命令注入漏洞 2024-05-22 2026-01-04
cnvd-2026-00114 TOTOLINK CP450 setStaticDhcpConfig方法堆栈缓冲区溢出漏洞 2024-05-22 2026-01-04
cnvd-2026-00113 TOTOLINK CP450 SetPortForwardRules方法堆栈缓冲区溢出漏洞 2024-05-22 2026-01-04
cnvd-2026-00112 WordPress Real 3D FlipBook plugin跨站脚本漏洞 2025-12-30 2026-01-04
cnvd-2026-00111 WordPress User Submitted Posts plugin开放重定向漏洞 2025-12-30 2026-01-04
cnvd-2026-00110 WordPress Docket Cache plugin文件包含漏洞 2025-12-30 2026-01-04
cnvd-2026-00109 WordPress Diza plugin文件包含漏洞 2025-12-30 2026-01-04
cnvd-2026-00108 WordPress Chakra test plugin缺少授权漏洞 2025-12-30 2026-01-04
cnvd-2026-00107 WordPress Brave plugin缺少授权漏洞 2025-12-30 2026-01-04
cnvd-2026-00106 WordPress Brands for WooCommerce Plugin SQL注入漏洞 2025-12-30 2026-01-04
cnvd-2026-00105 WordPress Bold Timeline Lite plugin跨站脚本漏洞 2025-12-30 2026-01-04
cnvd-2026-00104 WordPress AutomatorWP plugin SQL注入漏洞 2025-12-30 2026-01-04
cnvd-2026-00103 WordPress Astra Widgets plugin跨站脚本漏洞 2025-12-30 2026-01-04
cnvd-2026-00046 Siemens SIMATIC CN 4100访问控制错误漏洞 2025-12-15 2026-01-04
cnvd-2026-00045 Microsoft AutoUpdate for Mac权限提升漏洞(CNVD-2026-00045) 2025-01-17 2026-01-04
cnvd-2026-00044 Microsoft Outlook代码执行漏洞(CNVD-2026-00044) 2025-02-14 2026-01-04
cnvd-2026-00043 Microsoft Outlook代码执行漏洞(CNVD-2026-00043) 2025-02-14 2026-01-04
cnvd-2026-00042 Microsoft Visual Studio代码执行漏洞(CNVD-2026-00042) 2025-02-24 2026-01-04
cnvd-2026-00041 Apache InLong安全绕过漏洞(CNVD-2026-00041) 2025-06-11 2026-01-04
cnvd-2026-00040 Google Android权限提升漏洞(CNVD-2026-00040) 2025-09-04 2026-01-04
ID Description Published Updated
certfr-2026-avi-0010 Multiples vulnérabilités dans Curl 2026-01-07T00:00:00.000000 2026-01-07T00:00:00.000000
certfr-2026-avi-0009 Vulnérabilité dans Google Chrome 2026-01-07T00:00:00.000000 2026-01-07T00:00:00.000000
certfr-2026-avi-0008 Multiples vulnérabilités dans Joomla! 2026-01-07T00:00:00.000000 2026-01-07T00:00:00.000000
certfr-2026-avi-0007 Vulnérabilité dans Stormshield Network Security 2026-01-06T00:00:00.000000 2026-01-06T00:00:00.000000
certfr-2026-avi-0006 Multiples vulnérabilités dans Veeam Backup & Replication 2026-01-06T00:00:00.000000 2026-01-06T00:00:00.000000
certfr-2026-avi-0005 Multiples vulnérabilités dans Centreon Open Tickets 2026-01-06T00:00:00.000000 2026-01-06T00:00:00.000000
certfr-2025-avi-1097 Vulnérabilité dans les produits Mitel 2025-12-11T00:00:00.000000 2026-01-06T00:00:00.000000
certfr-2026-avi-0004 Vulnérabilité dans MariaDB 2026-01-05T00:00:00.000000 2026-01-05T00:00:00.000000
certfr-2026-avi-0003 Multiples vulnérabilités dans les produits Qnap 2026-01-05T00:00:00.000000 2026-01-05T00:00:00.000000
certfr-2025-avi-1111 Multiples vulnérabilités dans Roundcube 2025-12-15T00:00:00.000000 2026-01-05T00:00:00.000000
certfr-2026-avi-0002 Multiples vulnérabilités dans les produits IBM 2026-01-02T00:00:00.000000 2026-01-02T00:00:00.000000
certfr-2026-avi-0001 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-01-02T00:00:00.000000 2026-01-02T00:00:00.000000
certfr-2025-avi-1142 Multiples vulnérabilités dans Moxa NPort 2025-12-31T00:00:00.000000 2025-12-31T00:00:00.000000
certfr-2025-avi-1141 Multiples vulnérabilités dans le noyau Linux de Red Hat 2025-12-26T00:00:00.000000 2025-12-26T00:00:00.000000
certfr-2025-avi-1140 Multiples vulnérabilités dans le noyau Linux de SUSE 2025-12-26T00:00:00.000000 2025-12-26T00:00:00.000000
certfr-2025-avi-1139 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2025-12-26T00:00:00.000000 2025-12-26T00:00:00.000000
certfr-2025-avi-1138 Multiples vulnérabilités dans VMware Tanzu Platform 2025-12-26T00:00:00.000000 2025-12-26T00:00:00.000000
certfr-2025-avi-1137 Multiples vulnérabilités dans les produits IBM 2025-12-26T00:00:00.000000 2025-12-26T00:00:00.000000
certfr-2025-avi-1076 Multiples vulnérabilités dans MISP 2025-12-08T00:00:00.000000 2025-12-24T00:00:00.000000
certfr-2025-avi-1126 Multiples vulnérabilités dans PHP 2025-12-19T00:00:00.000000 2025-12-22T00:00:00.000000
certfr-2025-avi-1136 Multiples vulnérabilités dans le noyau Linux de Debian LTS 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1135 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1134 Multiples vulnérabilités dans MongoDB Server 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1133 Multiples vulnérabilités dans le noyau Linux de SUSE 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1132 Multiples vulnérabilités dans le noyau Linux de Red Hat 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1131 Multiples vulnérabilités dans les produits IBM 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1130 Multiples vulnérabilités dans les produits Foxit 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1129 Multiples vulnérabilités dans les produits VMware 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1128 Multiples vulnérabilités dans Mozilla Firefox 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
certfr-2025-avi-1127 Multiples vulnérabilités dans Centreon Web 2025-12-19T00:00:00.000000 2025-12-19T00:00:00.000000
ID Description Published Updated
certfr-2025-ale-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2025-12-08T00:00:00.000000
certfr-2025-ale-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2025-12-08T00:00:00.000000
certfr-2025-ale-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2025-ale-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
certfr-2025-ale-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
CERTFR-2025-ALE-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
CERTFR-2025-ALE-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
certfr-2024-ale-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
certfr-2024-ale-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
ffmpeg
2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
gnupg
2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)… typo3
typo3
2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identif… misp
misp
2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was id… misp
misp
2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Du… misp
misp
2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
misp
2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped … misp
misp
2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036
8.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability w… misp
misp
2025-12-10T13:46:07.170083Z 2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035
8.3 (4.0)
Insufficient sanitization of bundle metadata (availabl… CIRCL
vulnerability-lookup
2025-12-08T10:25:00.000Z 2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034
7 (4.0)
Missing CSRF protection on state-changing endpoints in… CIRCL
vulnerability-lookup
2025-12-08T10:19:00.000Z 2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033
8.1 (4.0)
Vulnerability-lookup did not track or limit failed One… CIRCL
vulnerability-lookup
2025-12-08T10:11:00.000Z 2025-12-08T12:12:53.235996Z
GCVE-1-2025-0032
10 (4.0)
The default configuration of WatchGuard Firebox device… watchguard
firebox
2025-12-03T16:25:00.000Z 2025-12-19T13:48:34.570799Z
GCVE-1-2025-0030
6.2 (4.0)
A cross-site scripting (XSS) vulnerability in the MISP… misp
misp
2025-12-03T10:53:00.000Z 2025-12-03T10:58:55.845341Z
GCVE-1-2025-0019
4 (4.0)
Path traversal vulnerability in EventReport for site-admin misp
misp
2025-11-26T14:47:00.000Z 2025-11-28T07:27:42.721350Z
GCVE-1-2025-0017
9.4 (4.0)
Privilege escalation in Cerebrate allows an authentica… cerebrate
cerebrate
2025-11-12T08:15:00.000Z 2025-11-28T07:22:08.205835Z
GCVE-1-2025-0029
6.3 (4.0)
Reflected cross-site scripting (XSS) vulnerabilities i… misp
misp
2025-11-27T12:41:00.000Z 2025-11-27T12:48:51.085860Z
GCVE-1-2025-0027
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
misp
2025-11-27T07:17:00.000Z 2025-12-02T08:51:04.323899Z
GCVE-1-2025-0028
8.5 (4.0)
Information leakage vulnerability in the MISP Feed con… misp
misp
2025-11-27T07:23:00.000Z 2025-12-02T08:51:35.429494Z
GCVE-1-2025-0026
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
misp
2025-11-26T16:35:00.000Z 2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
misp
2025-11-26T16:27:00.000Z 2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024
9.4 (4.0)
cross-site scripting (XSS) vulnerability in the MISP s… misp
misp
2025-11-26T16:14:00.000Z 2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023
9.4 (4.0)
XSS in MISP server comparison tool misp
misp
2025-11-26T16:10:00.000Z 2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022
9.4 (4.0)
Clarified setting's impact on download_attachments_on_load misp
misp
2025-11-26T16:04:00.000Z 2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021
9.4 (4.0)
XSS in MISP ReST client in HTML view misp
misp
2025-11-26T15:55:00.000Z 2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020
9.4 (4.0)
cross-site scripting (XSS) in Galaxy element JSON view misp
misp
2025-11-26T15:49:00.000Z 2025-12-02T08:47:41.151429Z
GCVE-1-2025-0018
9.4 (4.0)
HTML injection issue was identified in Lookyloo’s web … lookyloo
lookyloo
2025-11-18T15:33:00.000Z 2025-11-18T20:39:45.579295Z
GCVE-1-2025-0016
6 (4.0)
Local file inclusion in [ImportFromUrl() URL hand… misp
misp
2025-11-04T09:20:00.000Z 2025-11-04T09:56:38.383646Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
HexStrike AI
2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
CPX
2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
Go2
2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectin… Brother Industries, Ltd
HL-L8260CDN
2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z