Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-32293
3.7 (3.1)
6.3 (4.0)
GL-iNet Comet (GL-RM1) KVM insufficient certificate va… GL-iNet
 Comet KVM
 2026-03-17T17:19:07.549Z 2026-03-23T19:34:57.871Z
CVE-2026-32292
9.3 (4.0)
7.5 (3.1)
GL-iNet Comet (GL-RM1) KVM insufficient login rate-limiting GL-iNet
 Comet KVM
 2026-03-17T17:18:54.851Z 2026-03-23T19:34:33.902Z
CVE-2026-32291
7 (4.0)
6.8 (3.1)
GL-iNet Comet (GL-RM1) KVM unauthenticated root access… GL-iNet
 Comet KVM
 2026-03-17T17:18:34.947Z 2026-03-23T19:34:20.347Z
CVE-2026-32290
7 (4.0)
4.7 (3.1)
GL-iNet Comet (GL-RM1) KVM insufficient firmware verif… GL-iNet
 Comet KVM
 2026-03-17T17:18:14.150Z 2026-03-23T19:34:09.794Z
CVE-2024-46879
N/A
A Reflected Cross-Site Scripting (XSS) vulnerabil… n/a
 n/a
 2026-03-23T00:00:00.000Z 2026-03-23T19:27:37.348Z
CVE-2019-25593
6.8 (4.0)
5.5 (3.1)
jetCast Server 2.0 Denial of Service via Log Directory Jetaudio
 jetCast Server
 2026-03-22T13:38:31.056Z 2026-03-23T19:25:09.947Z
CVE-2026-32879
4.9 (3.1)
New API has passkey-based secure step-up verification … QuantumNous
 new-api
 2026-03-23T19:24:16.336Z 2026-03-23T19:24:16.336Z
CVE-2024-46878
N/A
A Cross-Site Scripting (XSS) vulnerability exists… n/a
 n/a
 2026-03-23T00:00:00.000Z 2026-03-23T19:21:26.723Z
CVE-2026-4596
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
projectworlds Lawyer Management System lawyers.php cro… projectworlds
 Lawyer Management System
 2026-03-23T19:20:03.984Z 2026-03-23T19:20:03.984Z
CVE-2026-2443
5.3 (3.1)
Libsoup: out-of-bounds read in libsoup handle_partial_… Red Hat
 Red Hat Enterprise Linux 10
 2026-02-13T11:58:20.313Z 2026-03-23T19:19:48.562Z
CVE-2019-25599
6.9 (4.0)
6.2 (3.1)
Backup Key Recovery 2.2.4 Denial of Service via Name Field Nsauditor
 Backup Key Recovery
 2026-03-22T13:38:35.822Z 2026-03-23T19:18:35.676Z
CVE-2026-30886
6.5 (3.1)
New API: IDOR in VideoProxy allows cross-user video co… QuantumNous
 new-api
 2026-03-23T19:18:34.150Z 2026-03-23T19:18:34.150Z
CVE-2025-15605
8.5 (4.0)
Hardcoded Cryptographic Key in Configuration Encryptio… TP-Link Systems Inc.
 Archer NX600 v3.0
 2026-03-23T18:02:01.109Z 2026-03-23T19:16:55.180Z
CVE-2025-15519
8.5 (4.0)
Command Injection in Modem Management CLI on TP-Link A… TP-Link Systems Inc.
 Archer NX600 v3.0
 2026-03-23T18:01:50.036Z 2026-03-23T19:16:54.966Z
CVE-2025-15518
8.5 (4.0)
Command Injection in Wireless Control CLI on TP-Link A… TP-Link Systems Inc.
 Archer NX600 v3.0
 2026-03-23T18:01:39.070Z 2026-03-23T19:16:54.799Z
CVE-2025-15517
8.6 (4.0)
Authorization Bypass in HTTP Server Endpoints on TP-Li… TP-Link Systems Inc.
 Archer NX600 v3.0
 2026-03-23T18:01:31.162Z 2026-03-23T19:16:54.459Z
CVE-2026-25075
8.7 (4.0)
7.5 (3.1)
strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer … strongSwan
 strongSwan
 2026-03-23T18:33:10.952Z 2026-03-23T19:16:09.076Z
CVE-2026-33548
8.6 (4.0)
MantisBT has Stored HTML Injection / XSS when displayi… mantisbt
 mantisbt
 2026-03-23T19:15:18.891Z 2026-03-23T19:15:18.891Z
CVE-2019-25605
8.7 (4.0)
7.5 (3.1)
EquityPandit 1.0 Insecure Logging Information Disclosure Play
 EquityPandit
 2026-03-22T13:38:40.499Z 2026-03-23T19:14:48.383Z
CVE-2024-1394
7.5 (3.1)
Golang-fips/openssl: memory leaks in code encrypting a… Red Hat
 Red Hat Ansible Automation Platform 2.4 for RHEL 8
 2024-03-21T12:16:38.790Z 2026-03-23T19:14:36.175Z
CVE-2026-33517
8.6 (4.0)
MantisBT Vulnerable to Stored HTML Injection in Tag De… mantisbt
 mantisbt
 2026-03-23T19:13:15.220Z 2026-03-23T19:13:15.220Z
CVE-2019-25611
8.6 (4.0)
8.4 (3.1)
MiniFtp parseconf_load_setting Buffer Overflow via Con… skyqinsc
 MiniFtp
 2026-03-22T13:38:44.675Z 2026-03-23T19:11:13.237Z
CVE-2026-30849
9.3 (4.0)
MantisBT SOAP API has an authentication bypass vulnera… mantisbt
 mantisbt
 2026-03-23T19:10:34.345Z 2026-03-23T19:10:34.345Z
CVE-2026-32852
5.1 (4.0)
MailEnable < 10.55 Reflected XSS via FreeBusy.aspx Sta… MailEnable
 MailEnable
 2026-03-23T19:06:41.939Z 2026-03-23T19:08:42.797Z
CVE-2026-32851
5.1 (4.0)
MailEnable < 10.55 Reflected XSS via FreeBusy.aspx Att… MailEnable
 MailEnable
 2026-03-23T19:06:27.131Z 2026-03-23T19:06:27.131Z
CVE-2026-32850
5.1 (4.0)
MailEnable < 10.55 Reflected XSS via ManageShares.aspx… MailEnable
 MailEnable
 2026-03-23T19:06:09.045Z 2026-03-23T19:06:09.045Z
CVE-2026-27131
5.5 (3.1)
Sprig Plugin for Craft CMS potentially discloses sensi… putyourlightson
 craft-sprig
 2026-03-23T19:04:37.417Z 2026-03-23T19:04:37.417Z
CVE-2019-25617
6.9 (4.0)
6.2 (3.1)
Ease Audio Converter 5.30 Denial of Service via Audio Cutter Audiotool
 Ease Audio Converter
 2026-03-22T13:38:49.049Z 2026-03-23T19:03:59.133Z
CVE-2025-7195
6.4 (3.1)
Operator-sdk: privilege escalation due to incorrect pe… operator-framework
 operator-sdk
 2025-08-07T19:05:08.756Z 2026-03-23T19:02:29.157Z
CVE-2019-25623
6.9 (4.0)
6.2 (3.1)
Luminance Studio 2.17 Denial of Service via Malformed Input Pixarra
 Luminance Studio
 2026-03-23T13:48:38.908Z 2026-03-23T19:00:21.879Z
ID CVSS Description Vendor Product Published Updated
CVE-2019-25596
6.9 (4.0)
6.2 (3.1)
SpotAuditor 5.2.6 Name Field Denial of Service Nsauditor
 SpotAuditor
 2026-03-22T13:38:33.383Z 2026-03-23T15:31:26.432Z
CVE-2025-71276
6.4 (3.1)
SOGo before 5.12.5 is prone to a XSS vulnerabilit… Alinto
 SOGo
 2026-03-22T02:11:49.600Z 2026-03-23T15:53:30.083Z
CVE-2026-32895
5.3 (4.0)
5.4 (3.1)
OpenClaw < 2026.2.26 - Sender Authorization Bypass in … OpenClaw
 OpenClaw
 2026-03-21T00:42:31.520Z 2026-03-23T18:46:18.897Z
CVE-2026-32896
6.3 (4.0)
4.8 (3.1)
OpenClaw < 2026.2.21 - Unauthenticated Webhook Access … OpenClaw
 OpenClaw
 2026-03-21T00:42:32.222Z 2026-03-23T16:55:52.767Z
CVE-2019-25614
9.3 (4.0)
9.8 (3.1)
Free Float FTP 1.0 STOR Command Remote Buffer Overflow Freefloat
 Free Float FTP
 2026-03-22T13:38:46.898Z 2026-03-23T15:29:55.416Z
CVE-2026-32954
7.1 (3.1)
ERP has a possibility SQL Injection vulnerability due … frappe
 erpnext
 2026-03-20T04:30:26.360Z 2026-03-20T14:27:42.195Z
CVE-2026-33237
5.5 (3.1)
AVideo has SSRF in Scheduler Plugin via callbackURL Mi… WWBN
 AVideo
 2026-03-20T23:30:04.209Z 2026-03-20T23:30:04.209Z
CVE-2026-32752
0 (3.1)
FreeScout: Broken Access Control in ThreadPolicy — Any… freescout-help-desk
 freescout
 2026-03-19T21:21:54.613Z 2026-03-20T18:10:32.968Z
CVE-2026-33238
4.3 (3.1)
AVideo has a Path Traversal in listFiles.json.php that… WWBN
 AVideo
 2026-03-20T23:31:35.134Z 2026-03-20T23:31:35.134Z
CVE-2026-33011
8.7 (4.0)
Nest Fastify HEAD Request Middleware Bypass nestjs
 nest
 2026-03-20T04:37:15.044Z 2026-03-20T15:48:23.564Z
CVE-2026-30874
1.8 (4.0)
OpenWrt procd PATH Environment Variable Filter Bypass … openwrt
 openwrt
 2026-03-19T22:36:04.507Z 2026-03-20T18:09:36.205Z
CVE-2026-32939
7.7 (4.0)
DataEase is Vulnerable to H2 JDBC RCE Bypass dataease
 dataease
 2026-03-20T03:27:46.645Z 2026-03-20T16:28:28.201Z
CVE-2026-32753
8.5 (4.0)
FreeScout: Stored XSS through SVG file upload with fil… freescout-help-desk
 freescout
 2026-03-19T21:26:09.802Z 2026-03-20T20:16:50.749Z
CVE-2026-32935
8.2 (4.0)
phpseclib's AES-CBC unpadding susceptible to padding o… phpseclib
 phpseclib
 2026-03-20T02:48:59.778Z 2026-03-20T16:32:34.194Z
CVE-2026-32810
4.8 (4.0)
Halloy has insecure file permissions on credential files squidowl
 halloy
 2026-03-20T22:40:49.237Z 2026-03-20T22:40:49.237Z
CVE-2026-32733
8.7 (4.0)
Halloy has a file transfer path traveral vulnerability squidowl
 halloy
 2026-03-20T22:37:39.365Z 2026-03-20T22:37:39.365Z
CVE-2026-33126
5 (3.1)
Frigate has SSRF vulnerability in /ffprobe endpoint blakeblackshear
 frigate
 2026-03-20T19:57:16.438Z 2026-03-20T19:57:16.438Z
CVE-2026-4595
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
code-projects Exam Form Submission update_s6.php cross… code-projects
 Exam Form Submission
 2026-03-23T18:37:03.375Z 2026-03-23T18:37:03.375Z
CVE-2026-33723
7.1 (3.1)
AVideo Vulnerable to SQL Injection in Subscribe Endpoi… WWBN
 AVideo
 2026-03-23T18:50:33.566Z 2026-03-23T18:50:33.566Z
CVE-2026-33719
8.6 (3.1)
AVideo Vulnerable to Unauthenticated CDN Configuration… WWBN
 AVideo
 2026-03-23T18:49:28.285Z 2026-03-23T18:49:28.285Z
CVE-2026-33717
8.8 (3.1)
AVideo Vulnerable to Remote Code Execution via Persist… WWBN
 AVideo
 2026-03-23T18:48:24.934Z 2026-03-23T18:48:24.934Z
CVE-2026-33716
9.4 (3.1)
AVideo Allows Unauthenticated Live Stream Control via … WWBN
 AVideo
 2026-03-23T18:46:47.412Z 2026-03-23T18:46:47.412Z
CVE-2026-33690
5.3 (3.1)
AVideo vulnerable to IP Address Spoofing via Untrusted… WWBN
 AVideo
 2026-03-23T18:45:25.729Z 2026-03-23T18:45:25.729Z
CVE-2026-33688
5.3 (3.1)
AVideo has Pre-Captcha User Enumeration and Account St… WWBN
 AVideo
 2026-03-23T18:43:59.276Z 2026-03-23T18:43:59.276Z
CVE-2026-33685
5.3 (3.1)
AVideo Allows Unauthenticated Access to AD_Server repo… WWBN
 AVideo
 2026-03-23T18:42:45.372Z 2026-03-23T18:42:45.372Z
CVE-2026-33683
5.4 (3.1)
AVideo vulnerable to Stored XSS via html_entity_decode… WWBN
 AVideo
 2026-03-23T18:41:13.923Z 2026-03-23T18:41:13.923Z
CVE-2026-33681
7.2 (3.1)
AVideo has Path Traversal in pluginRunDatabaseScript.j… WWBN
 AVideo
 2026-03-23T18:39:33.513Z 2026-03-23T18:40:41.680Z
CVE-2026-33651
8.1 (3.1)
AVideo has a Blind SQL Injection in Live Schedule Remi… WWBN
 AVideo
 2026-03-23T18:38:22.655Z 2026-03-23T18:38:22.655Z
CVE-2026-33650
7.6 (3.1)
AVideo's Video Moderator Privilege Escalation via Owne… WWBN
 AVideo
 2026-03-23T18:28:13.324Z 2026-03-23T18:28:13.324Z
CVE-2026-33649
8.1 (3.1)
AVideo's GET-Based CSRF in setPermission.json.php Enab… WWBN
 AVideo
 2026-03-23T18:26:32.866Z 2026-03-23T18:26:32.866Z
ID Description Published Updated
fkie_cve-2026-32003 OpenClaw versions prior to 2026.2.22 contain an environment variable injection vulnerability in the… 2026-03-19T22:16:32.527 2026-03-23T18:57:22.013
fkie_cve-2026-3580 In wolfSSL 5.8.4, constant-time masking logic in sp_256_get_entry_256_9 is optimized into condition… 2026-03-19T20:16:14.450 2026-03-23T18:57:07.400
fkie_cve-2026-3579 wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bi… 2026-03-19T20:16:14.300 2026-03-23T18:56:41.667
fkie_cve-2026-33209 Avo is a framework to create admin panels for Ruby on Rails apps. Prior to version 3.30.3, a reflec… 2026-03-20T23:16:45.843 2026-03-23T18:55:37.947
fkie_cve-2026-33476 SiYuan is a personal knowledge management system. Prior to version 3.6.2, the Siyuan kernel exposes… 2026-03-20T23:16:48.137 2026-03-23T18:53:37.800
fkie_cve-2026-32002 OpenClaw versions prior to 2026.2.23 contain a sandbox bypass vulnerability in the sandboxed image … 2026-03-19T22:16:32.327 2026-03-23T18:53:37.637
fkie_cve-2026-33194 SiYuan is a personal knowledge management system. Prior to version 3.6.2, the `IsSensitivePath()` f… 2026-03-20T23:16:45.357 2026-03-23T18:53:21.510
fkie_cve-2026-32001 OpenClaw versions prior to 2026.2.22 contain an authentication bypass vulnerability that allows cli… 2026-03-19T22:16:32.113 2026-03-23T18:51:27.170
fkie_cve-2026-33203 SiYuan is a personal knowledge management system. Prior to version 3.6.2, the SiYuan kernel WebSock… 2026-03-20T23:16:45.520 2026-03-23T18:48:43.490
fkie_cve-2026-32818 Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the forum modu… 2026-03-19T23:16:44.543 2026-03-23T18:47:49.850
fkie_cve-2026-33171 Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.14 an… 2026-03-20T22:16:28.820 2026-03-23T18:46:31.100
fkie_cve-2026-33172 Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.14 an… 2026-03-20T22:16:28.973 2026-03-23T18:46:04.647
fkie_cve-2026-33177 Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.14 an… 2026-03-20T22:16:29.117 2026-03-23T18:45:27.150
fkie_cve-2026-33064 Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Ve… 2026-03-20T08:16:12.257 2026-03-23T18:43:25.237
fkie_cve-2023-53552 In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for Gu… 2025-10-04T16:15:50.480 2026-03-23T18:43:07.597
fkie_cve-2023-53549 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Rework long … 2025-10-04T16:15:50.143 2026-03-23T18:42:47.553
fkie_cve-2023-53579 In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain le… 2025-10-04T16:15:53.597 2026-03-23T18:41:45.090
fkie_cve-2023-53577 In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Make sure kthread… 2025-10-04T16:15:53.363 2026-03-23T18:41:33.650
fkie_cve-2023-53576 In the Linux kernel, the following vulnerability has been resolved: null_blk: Always check queue m… 2025-10-04T16:15:53.250 2026-03-23T18:41:22.237
fkie_cve-2023-53555 In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damo… 2025-10-04T16:15:50.813 2026-03-23T18:41:06.603
fkie_cve-2023-53553 In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memc… 2025-10-04T16:15:50.590 2026-03-23T18:40:55.583
fkie_cve-2023-53554 In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buf… 2025-10-04T16:15:50.697 2026-03-23T18:40:35.123
fkie_cve-2023-53535 In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: Add a check for… 2025-10-04T16:15:48.457 2026-03-23T18:37:22.950
fkie_cve-2023-53537 In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid use-after-f… 2025-10-04T16:15:48.697 2026-03-23T18:37:15.140
fkie_cve-2023-53587 In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works be… 2025-10-04T16:15:55.060 2026-03-23T18:36:36.820
fkie_cve-2023-53588 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check for stat… 2025-10-04T16:15:55.200 2026-03-23T18:36:24.410
fkie_cve-2023-53586 In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN… 2025-10-04T16:15:54.837 2026-03-23T18:36:13.460
fkie_cve-2023-53585 In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets i… 2025-10-04T16:15:54.703 2026-03-23T18:35:30.687
fkie_cve-2023-53584 In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifs_releasepage: Remo… 2025-10-04T16:15:54.217 2026-03-23T18:35:11.927
fkie_cve-2023-53583 In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERF_HES_… 2025-10-04T16:15:54.090 2026-03-23T18:34:24.807
ID Severity Description Published Updated
ghsa-wc3x-x63x-rj8q
6.2 (3.1)
XnSoft NConvert 7.230 is vulnerable to Use-After-Free via a crafted .tiff file 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-vfwf-qwpx-47fh
8.6 (4.0)
A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 t… 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-h33x-g7hg-8q7v
6.2 (3.1)
XnSoft NConvert 7.230 is vulnerable to Stack Buffer Overrun via a crafted .tiff file. 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-8fx2-x558-87xq
7.3 (3.1)
5.5 (4.0)
A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function… 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-6mq5-gjcx-rvxq
8.5 (4.0)
Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, N… 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-553r-96gg-xwgx
8.5 (4.0)
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, N… 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-473j-28g3-gv2f
6.3 (3.1)
2.1 (4.0)
A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function Er… 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-46q8-mxmv-wf7q
8.5 (4.0)
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX… 2026-03-23T18:30:32Z 2026-03-23T18:30:32Z
ghsa-xrr4-m4hg-53xg
4.8 (3.1)
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-x3w3-c4xr-rpcq
4.8 (3.1)
Multiple cross-site scripting (XSS) vulnerabilities in the component /admin/edit-vehicle.php of Php… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-wp9w-299c-wjxj
6.1 (3.1)
A stored cross-site scripting (XSS) vulnerability in the component /admin/search-vehicle.php of Php… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-rjfv-p85j-26xf
4.7 (3.1)
2.0 (4.0)
A weakness has been identified in kalcaddle kodbox 1.64. This affects the function checkBin of the … 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-rfmm-m252-pwvm
7.5 (3.1)
A NULL pointer dereference in the daap_reply_playlists function (src/httpd_daap.c) of owntone-serve… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-q44m-jgch-xfvg
7.5 (3.1)
A NULL pointer dereference in the safe_atou64 function (src/misc.c) of owntone-server through commi… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-m8q6-4942-rggg
4.8 (3.1)
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-hj7x-hmf2-hc2p
9.4 (3.1)
Use of hard coded credentials in GoHarbor Harbor version 2.15.0 and below, allows attackers to use … 2026-03-23T15:30:44Z 2026-03-23T18:30:31Z
ghsa-fh3m-562m-w4f6
A command injection vulnerability exists in DigitalOcean Droplet Agent through 1.3.2. The troublesh… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-8f63-r6mw-5h4q
5.6 (3.1)
2.9 (4.0)
A security vulnerability has been detected in kalcaddle kodbox 1.64. This impacts the function logi… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-79wj-5c4r-fqqm
4.8 (3.1)
A stored cross-site scripting (XSS) vulnerability in the component /admin/add-brand.php of Phpguruk… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-5jxj-w72m-5c8f
6.9 (4.0)
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() func… 2026-03-23T18:30:31Z 2026-03-23T18:30:31Z
ghsa-464q-cqxq-xhgr
5.9 (3.1)
2.0 (4.0)
Versions of the package jsrsasign before 11.1.1 are vulnerable to Division by zero due to the RSASe… 2026-03-23T06:30:29Z 2026-03-23T18:30:30Z
ghsa-m5wq-r4r4-4qrh
7.5 (3.1)
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library… 2026-03-20T21:31:28Z 2026-03-23T18:30:29Z
ghsa-365r-wjfh-hwpv
7.3 (3.1)
6.9 (4.0)
The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows m… 2026-03-21T00:31:43Z 2026-03-23T18:30:29Z
ghsa-p9f3-6w54-ch66
9.8 (3.1)
A command injection vulnerability exists in the web management interface of the WiFi Extender WDR20… 2026-03-18T18:31:18Z 2026-03-23T18:30:26Z
ghsa-fc63-xpp9-gfjj
9.1 (3.1)
The web interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) contains hardcoded … 2026-03-18T18:31:18Z 2026-03-23T18:30:26Z
ghsa-4mf8-x363-f56c
9.8 (3.1)
The WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) implements a broken authentication mecha… 2026-03-18T18:31:18Z 2026-03-23T18:30:26Z
ghsa-w4gx-392p-5m58
7.8 (3.1)
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet a… 2025-07-10T15:31:28Z 2026-03-23T18:30:25Z
ghsa-gjx5-j34g-5g5p
7.6 (3.1)
Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a mal… 2026-02-16T15:32:47Z 2026-03-23T18:30:25Z
ghsa-pwjx-qhcg-rvj4
4.4 (3.1)
webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T21:51:17Z 2026-03-23T17:40:52Z
ghsa-8fw8-q79c-fp9m
8.6 (3.1)
AVideo has an Unauthenticated Local File Inclusion in API locale (RCE possible with writable PHP) 2026-03-20T21:55:31Z 2026-03-23T17:31:49Z
ID Severity Description Package Published Updated
pysec-2024-85
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.848846Z
pysec-2024-84
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.756762Z
pysec-2024-83
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.662671Z
pysec-2024-82
8.8 (3.1)
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.563380Z
pysec-2023-278
5.3 (3.1)
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… mindsdb 2023-12-11T21:15:00Z 2026-03-03T16:29:37.448520Z
pysec-2023-121
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… zstd 2023-03-31T20:15:00+00:00 2026-02-25T19:20:58+00:00
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious version… dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2020-220
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… ansible 2020-10-05T14:15:00Z 2025-10-31T04:43:53.616247Z
pysec-2025-72
The `num2words` project was compromised via a phishing attack and two new versions were u… num2words 2025-07-31T14:34:47+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2024-259
9.8 (3.1)
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… torch 2024-10-29T21:15:04+00:00 2025-07-16T03:09:57.748865+00:00
pysec-2024-258
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… scrapy 2024-05-20T08:15:08+00:00 2025-07-15T17:37:50.051730+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2024-257
7.5 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-03-22T23:15:07+00:00 2025-06-30T15:23:50.085549+00:00
pysec-2025-58
8.8 (3.1)
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… vllm 2025-01-27T18:15:41+00:00 2025-06-27T21:22:36.583615+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
pysec-2025-56
4.3 (3.1)
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… octoprint 2025-04-22T18:15:59+00:00 2025-06-27T17:22:53.513680+00:00
pysec-2024-256
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-12-03T16:15:24+00:00 2025-06-27T17:22:53.325430+00:00
ID Description Updated
gsd-2024-33903 In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… 2024-04-29T05:02:07.295775Z
gsd-2024-33902 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.486429Z
gsd-2024-33901 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.525896Z
gsd-2024-33900 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.290639Z
gsd-2024-33899 RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… 2024-04-29T05:02:07.400574Z
gsd-2024-33898 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287632Z
gsd-2024-33897 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.283756Z
gsd-2024-33896 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.313250Z
gsd-2024-33895 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.493081Z
gsd-2024-33894 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.488420Z
gsd-2024-33893 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.381761Z
gsd-2024-33892 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.378170Z
gsd-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… 2024-04-29T05:02:07.412035Z
gsd-2024-33890 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.344384Z
gsd-2024-33889 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.392587Z
gsd-2024-33888 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.468423Z
gsd-2024-33887 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.503613Z
gsd-2024-33886 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287167Z
gsd-2024-33885 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.441746Z
gsd-2024-33884 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.534455Z
gsd-2024-33883 The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… 2024-04-29T05:02:07.271727Z
gsd-2024-4303 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.716348Z
gsd-2024-4302 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.603637Z
gsd-2024-4301 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.678292Z
gsd-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… 2024-04-29T05:02:05.715239Z
gsd-2024-4299 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… 2024-04-29T05:02:05.606402Z
gsd-2024-4298 The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… 2024-04-29T05:02:05.598531Z
gsd-2024-4297 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… 2024-04-29T05:02:05.700888Z
gsd-2024-4296 The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… 2024-04-29T05:02:05.621428Z
gsd-2024-33882 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.803998Z
ID Description Published Updated
mal-2026-2118 Malicious code in hash-utils-py (PyPI) 2026-03-23T15:38:29Z 2026-03-23T15:38:29Z
mal-2026-2109 Malicious code in pyregions-snowflake (PyPI) 2026-03-23T14:08:04Z 2026-03-23T14:54:39Z
mal-2026-2108 Malicious code in modelconftranslator (PyPI) 2026-03-23T14:03:21Z 2026-03-23T14:54:39Z
mal-2026-2106 Malicious code in dmclc (PyPI) 2026-03-23T14:05:43Z 2026-03-23T14:54:38Z
mal-2026-2112 Malicious code in apply-hive-table (PyPI) 2026-03-23T14:19:12Z 2026-03-23T14:19:12Z
mal-2026-2110 Malicious code in react-tailwindcss-style (npm) 2026-03-23T14:17:29Z 2026-03-23T14:17:34Z
mal-2026-2111 Malicious code in tailwind-font-inter (npm) 2026-03-23T14:17:29Z 2026-03-23T14:17:30Z
mal-2026-2107 Malicious code in financial-crimes-general-utils (PyPI) 2026-03-23T13:56:01Z 2026-03-23T13:56:01Z
mal-2026-2101 Malicious code in sidebar-basket (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:18Z
mal-2026-2087 Malicious code in in-app-marketing (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:18Z
mal-2026-2095 Malicious code in pulse-shop-section (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:14Z
mal-2026-2089 Malicious code in milla-migration (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:14Z
mal-2026-2088 Malicious code in internal-linking (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:14Z
mal-2026-2105 Malicious code in ty-search-suggestion (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:13Z
mal-2026-2100 Malicious code in shakti-pwa (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:13Z
mal-2026-2094 Malicious code in pulse-scroll-triggered-list-items (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:13Z
mal-2026-2093 Malicious code in pulse-rsvp-card-entity (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:13Z
mal-2026-2102 Malicious code in storefront-logger (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:12Z
mal-2026-2098 Malicious code in sd-basket-highlight (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:12Z
mal-2026-2096 Malicious code in puzzle-asset (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:12Z
mal-2026-2086 Malicious code in falcor-server (npm) 2026-03-23T13:47:10Z 2026-03-23T13:47:12Z
mal-2026-2103 Malicious code in ty-config-provider (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:11Z
mal-2026-2099 Malicious code in sfx-event-bridge (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:11Z
mal-2026-2091 Malicious code in netflixidentity (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:11Z
mal-2026-2104 Malicious code in ty-fragment-core (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:10Z
mal-2026-2097 Malicious code in puzzle-render-kit (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:10Z
mal-2026-2090 Malicious code in netflixid (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:10Z
mal-2026-2092 Malicious code in pulse-feature-flag (npm) 2026-03-23T13:47:09Z 2026-03-23T13:47:09Z
mal-2026-2085 Malicious code in uipagain (npm) 2026-03-23T12:10:52Z 2026-03-23T12:10:52Z
mal-2026-2084 Malicious code in license-utils-kit (PyPI) 2026-03-23T09:41:24Z 2026-03-23T11:49:37Z
ID Description Published Updated
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ​​PVI​ ​​Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ​B&R PCs vulnerable to PixieFail attack​ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
3adr011432 AC500 V2 Buffer overread on Modbus protocol 2025-07-23T00:30:00.000Z 2025-07-23T00:30:00.000Z
9akk108471a4556 Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. 2025-07-21T00:30:00.000Z 2025-07-21T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-0081 Microsoft Office Produkte: Mehrere Schwachstellen 2026-01-13T23:00:00.000+00:00 2026-03-22T23:00:00.000+00:00
wid-sec-w-2026-0794 Microsoft Azure DevOps, Data Factory and Cloud Shell: Mehrere Schwachstellen 2026-03-19T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0793 Netwrix Password Secure: Mehrere Schwachstellen 2026-03-19T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0792 SuiteCRM: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0785 libarchive: Schwachstelle ermöglicht Denial of Service 2026-03-18T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0784 Ubiquiti UniFi Network Application: Mehrere Schwachstellen ermöglichen Privilegieneskalation 2026-03-18T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0769 Red Hat Enterprise Linux (capstone) und OpenShift (rhcos): Mehrere Schwachstellen 2026-03-17T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0758 Canonical Snap: Schwachstelle ermöglicht Erlangen von Administratorrechten 2026-03-17T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0734 GNU InetUtils: Mehrere Schwachstellen 2026-03-15T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0723 Google Chrome/Microsoft Edge: Mehrere Schwachstellen 2026-03-12T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0714 ImageMagick: Schwachstelle ermöglicht nicht spezifizierten Angriff 2026-03-12T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0702 Google Chrome und Microsoft Edge: Mehrere Schwachstellen 2026-03-11T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0690 cURL: Mehrere Schwachstellen 2026-03-10T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0643 ImageMagick: Mehrere Schwachstellen 2026-03-09T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0614 Linux Kernel: Mehrere Schwachstellen 2026-03-04T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0607 CPython: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-04T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0548 Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2026-02-26T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0514 FreeRDP: Mehrere Schwachstellen 2026-02-24T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0507 util-linux: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-02-24T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0497 Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen 2026-02-24T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0494 Red Hat Enterprise Linux (389-ds-base): Schwachstelle ermöglicht Codeausführung und potenziell Denial of Service 2026-02-23T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0482 libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service 2026-02-23T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0469 GIMP: Mehrere Schwachstellen ermöglichen Codeausführung 2026-02-19T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0462 Linux Kernel: Mehrere Schwachstellen 2026-02-18T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0443 Apache Tomcat und Tomcat Native: Mehrere Schwachstellen 2026-02-17T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0422 Mattermost: Mehrere Schwachstellen 2026-02-15T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0421 Linux Kernel: Mehrere Schwachstellen 2026-02-15T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0419 vim (NetBeans): Schwachstelle ermöglicht Codeausführung 2026-02-15T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0409 PostgreSQL: Mehrere Schwachstellen 2026-02-12T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0388 Synacor Zimbra: Mehrere Schwachstellen 2026-02-10T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
ID Description Published Updated
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-05 Mitsubishi Electric CNC Series 2026-03-10T00:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-02 Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-01 Schneider Electric Modicon M241, M251, and M262 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-07 IGL-Technologies eParking.fi 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-078-06 CTEK Chargeportal 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-076-04 Siemens SICAM SIAPP SDK 2026-03-10T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-03 Schneider Electric EcoStruxure Data Center Expert 2026-03-10T07:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-02 Schneider Electric SCADAPack and RemoteConnect 2026-02-10T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-01 CODESYS in Festo Automation Suite 2026-02-26T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-015-10 Schneider Electric EcoStruxure Power Build Rapsody (Update A) 2026-01-13T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-25-160-02 Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A) 2023-06-27T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-25-303-01 International Standards Organization ISO 15118-2 (Update A) 2025-10-30T05:00:00.000000Z 2026-03-17T05:00:00.000000Z
icsa-26-071-06 Inductive Automation Ignition Software 2026-03-12T06:00:00.000000Z 2026-03-13T06:00:00.000000Z
icsa-26-071-05 Siemens Heliox EV Chargers 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-04 Siemens SIMATIC 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-03 Siemens SIDIS Prime 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-02 Siemens RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-01 Trane Tracer SC, Tracer SC+, and Tracer Concierge 2026-03-12T06:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-048-04 Honeywell HIB2PI CCTV Camera (Update B) 2026-02-17T07:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-08 Siemens NX 2026-02-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-03 Siemens COMOS 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-345-05 Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-345-04 Siemens IAM Client 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-254-03 Siemens SINAMICS Drives 2025-09-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-231-02 Siemens Mendix SAML Module 2025-08-14T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-226-22 Siemens Web Installer 2025-08-12T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-25-162-05 Siemens SIMATIC S7-1500 CPU Family 2025-06-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
ID Description Published Updated
cisco-sa-fmc-rce-nkhnuljh Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 2026-03-04T16:00:00+00:00 2026-03-18T16:05:27+00:00
cisco-sa-sdwan-authbp-qwcx8d4v Cisco Catalyst SD-WAN Vulnerabilities 2026-02-25T16:00:00+00:00 2026-03-18T01:06:38+00:00
cisco-sa-xrncs-epni-int-dos-twmffusn Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-isis-dos-kdmxpszk Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-iosxr-privesc-bf8d5u4w Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-cc-xss-mrnah5jh Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-fmc-sql-inject-2enmtc8v Cisco Secure Firewall Management Center Software SQL Injection Vulnerability 2024-10-23T16:00:00+00:00 2026-03-04T16:11:01+00:00
cisco-sa-asaftd-cmd-inj-zjv8wysm Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability 2024-04-24T16:00:00+00:00 2026-03-04T16:10:59+00:00
cisco-sa-snort3-multi-dos-xfwkwswz Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-onprem-fmc-authbypass-5jpp45v2 Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftdfmc-dir-trav-wergjhwq Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-tcp-dos-rhfqnwrg Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-snort-bypass-rlggkzvf Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-dnd-dos-bpecg7b7 Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-cmd-inj-mtzgzexf Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-sql-injection-2qh6ccjd Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-vpn-m9sx6mbc Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-saml-lkttrwzp Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ospf-zh8phbsw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-luainject-vescqgms Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ikev2-dos-ebuegdeg Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-desync-n5avzeqw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asa-ssh-keybypass-cr5xpusf Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-sdwan-rpa-ehchtzk Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 2026-02-25T16:00:00+00:00 2026-03-03T00:38:56+00:00
cisco-sa-sd-wan-priv-e6e8tedf Cisco SD-WAN Software Privilege Escalation Vulnerabilities 2022-09-28T16:00:00+00:00 2026-02-25T20:29:00+00:00
cisco-sa-ucsm-cmdinj-gvxlpesb Cisco UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsm-afwae-mogufyln Cisco UCS Manager Software Privilege Escalation Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsfxosxss-7skve8zv Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsciv-wgytc78q Cisco FXOS and UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4 Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib 2026-03-02T00:00:00.000Z 2026-03-23T01:01:21.000Z
msrc_cve-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames 2026-03-02T00:00:00.000Z 2026-03-22T01:01:24.000Z
msrc_cve-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response 2026-03-02T00:00:00.000Z 2026-03-22T01:01:18.000Z
msrc_cve-2026-27135 nghttp2 Denial of service: Assertion failure due to the missing state validation 2026-03-02T00:00:00.000Z 2026-03-21T01:37:11.000Z
msrc_cve-2026-27459 pyOpenSSL DTLS cookie callback buffer overflow 2026-03-02T00:00:00.000Z 2026-03-21T01:37:02.000Z
msrc_cve-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback 2026-03-02T00:00:00.000Z 2026-03-21T01:36:53.000Z
msrc_cve-2026-32775 CVE-2026-32775 2026-03-02T00:00:00.000Z 2026-03-21T01:36:45.000Z
msrc_cve-2026-3479 pkgutil.get_data() does not enforce documented restrictions 2026-03-02T00:00:00.000Z 2026-03-21T01:03:01.000Z
msrc_cve-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion 2026-03-02T00:00:00.000Z 2026-03-21T01:02:51.000Z
msrc_cve-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection 2026-03-02T00:00:00.000Z 2026-03-21T01:02:43.000Z
msrc_cve-2026-3632 Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames 2026-03-02T00:00:00.000Z 2026-03-21T01:02:34.000Z
msrc_cve-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header 2026-03-02T00:00:00.000Z 2026-03-21T01:02:26.000Z
msrc_cve-2026-32766 astral-tokio-tar insufficiently validates PAX extensions during extraction 2026-03-02T00:00:00.000Z 2026-03-21T01:02:18.000Z
msrc_cve-2026-23276 net: add xmit recursion limit to tunnel xmit functions 2026-03-02T00:00:00.000Z 2026-03-21T01:01:49.000Z
msrc_cve-2026-23271 perf: Fix __perf_event_overflow() vs perf_remove_from_context() race 2026-03-02T00:00:00.000Z 2026-03-21T01:01:44.000Z
msrc_cve-2026-23272 netfilter: nf_tables: unconditionally bump set->nelems before insertion 2026-03-02T00:00:00.000Z 2026-03-21T01:01:38.000Z
msrc_cve-2026-23278 netfilter: nf_tables: always walk all pending catchall elements 2026-03-02T00:00:00.000Z 2026-03-21T01:01:33.000Z
msrc_cve-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit 2026-03-02T00:00:00.000Z 2026-03-21T01:01:27.000Z
msrc_cve-2026-23274 netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels 2026-03-02T00:00:00.000Z 2026-03-21T01:01:22.000Z
msrc_cve-2026-23204 net/sched: cls_u32: use skb_header_pointer_careful() 2026-02-02T00:00:00.000Z 2026-03-21T01:01:16.000Z
msrc_cve-2026-23266 fbdev: rivafb: fix divide error in nv3_arb() 2026-03-02T00:00:00.000Z 2026-03-20T14:38:03.000Z
msrc_cve-2026-23267 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes 2026-03-02T00:00:00.000Z 2026-03-20T14:37:56.000Z
msrc_cve-2026-23259 io_uring/rw: free potentially allocated iovec on cache put failure 2026-03-02T00:00:00.000Z 2026-03-20T14:37:49.000Z
msrc_cve-2025-71265 fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata 2026-03-02T00:00:00.000Z 2026-03-20T14:37:34.000Z
msrc_cve-2026-23243 RDMA/umad: Reject negative data_len in ib_umad_write 2026-03-02T00:00:00.000Z 2026-03-20T14:37:28.000Z
msrc_cve-2025-71267 fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST 2026-03-02T00:00:00.000Z 2026-03-20T14:37:21.000Z
msrc_cve-2025-71266 fs: ntfs3: check return value of indx_find to avoid infinite loop 2026-03-02T00:00:00.000Z 2026-03-20T14:37:15.000Z
msrc_cve-2026-23248 perf/core: Fix refcount bug and potential UAF in perf_mmap 2026-03-02T00:00:00.000Z 2026-03-20T14:37:08.000Z
msrc_cve-2026-23242 RDMA/siw: Fix potential NULL pointer dereference in header processing 2026-03-02T00:00:00.000Z 2026-03-20T14:37:01.000Z
msrc_cve-2026-23233 f2fs: fix to avoid mapping wrong physical block for swapfile 2026-03-02T00:00:00.000Z 2026-03-20T14:36:55.000Z
ID Description Published Updated
ncsc-2026-0100 Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway 2026-03-23T13:43:30.957806Z 2026-03-23T13:43:30.957806Z
ncsc-2026-0099 Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager 2026-03-20T15:56:12.716324Z 2026-03-20T15:56:12.716324Z
ncsc-2026-0010 Kwetsbaarheden verholpen in Microsoft Office 2026-01-13T19:18:45.984019Z 2026-03-20T14:03:59.225773Z
ncsc-2026-0076 Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center 2026-03-04T20:49:12.211658Z 2026-03-19T11:48:18.917205Z
ncsc-2026-0098 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-13T08:41:19.155490Z 2026-03-13T08:41:19.155490Z
ncsc-2026-0097 Kwetsbaarheden verholpen in Google Chrome 2026-03-13T08:33:43.877125Z 2026-03-13T08:33:43.877125Z
ncsc-2026-0096 Kwetsbaarheden verholpen in Veeam Backup & Replication 2026-03-12T14:54:08.200676Z 2026-03-12T14:54:08.200676Z
ncsc-2026-0095 Kwetsbaarheid verholpen in pac4j-jwt 2026-03-12T14:45:51.156512Z 2026-03-12T14:45:51.156512Z
ncsc-2026-0094 Kwetsbaarheden verholpen in Cisco IOS XR 2026-03-12T14:44:08.106602Z 2026-03-12T14:44:08.106602Z
ncsc-2026-0093 Kwetsbaarheden verholpen in GitLab 2026-03-12T14:42:46.936248Z 2026-03-12T14:42:46.936248Z
ncsc-2026-0092 Kwetsbaarheden verholpen in Fortinet FortiWeb 2026-03-12T07:46:15.529522Z 2026-03-12T07:46:15.529522Z
ncsc-2026-0091 Kwetsbaarheden verholpen in SAP-producten 2026-03-12T07:24:16.575638Z 2026-03-12T07:24:16.575638Z
ncsc-2026-0090 Kwetsbaarheden verholpen in Adobe Experience Manager 2026-03-12T07:12:51.952931Z 2026-03-12T07:12:51.952931Z
ncsc-2026-0089 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2026-03-12T07:03:24.148324Z 2026-03-12T07:03:24.148324Z
ncsc-2026-0088 Kwetsbaarheden verholpen in Adobe Illustrator 2026-03-12T06:55:39.712240Z 2026-03-12T06:55:39.712240Z
ncsc-2026-0087 Kwetsbaarheden verholpen in Adobe Commerce 2026-03-12T06:49:56.459199Z 2026-03-12T06:49:56.459199Z
ncsc-2026-0086 Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer 2026-03-11T09:19:38.777277Z 2026-03-11T09:19:38.777277Z
ncsc-2026-0085 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-03-10T20:35:10.478398Z 2026-03-10T20:35:10.478398Z
ncsc-2026-0084 Kwetsbaarheden verholpen in Microsoft Office 2026-03-10T20:20:08.157658Z 2026-03-10T20:20:08.157658Z
ncsc-2026-0083 Kwetsbaarheid verholpen in Microsoft Authenticator app 2026-03-10T20:18:35.792755Z 2026-03-10T20:18:35.792755Z
ncsc-2026-0082 Kwetsbaarheden verholpen in Microsoft Azure 2026-03-10T20:15:41.528951Z 2026-03-10T20:15:41.528951Z
ncsc-2026-0081 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-03-10T20:12:56.032261Z 2026-03-10T20:12:56.032261Z
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0059 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2026-02-11T08:16:27.583936Z 2026-03-10T14:20:48.176282Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ncsc-2026-0071 Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager 2026-02-25T17:11:09.013125Z 2026-03-06T12:07:02.595940Z
ncsc-2026-0078 Kwetsbaarheden verholpen in Kibana 2026-03-05T09:36:49.056247Z 2026-03-05T09:36:49.056247Z
ncsc-2026-0077 Kwetsbaarheden verholpen in Cisco Secure Firewall systemen 2026-03-05T09:05:21.646499Z 2026-03-05T09:05:21.646499Z
ncsc-2026-0075 Kwetsbaarheid verholpen in n8n Automation Platform 2026-03-04T14:03:54.207583Z 2026-03-04T14:03:54.207583Z
ncsc-2026-0070 Kwetsbaarheden verholpen in VMware Aria Operations 2026-02-25T11:24:46.807867Z 2026-03-04T08:54:08.940512Z
ID Description Published Updated
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10406-1 lemon-3.51.3-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10405-1 python314-3.14.3-3.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10404-1 python310-3.10.20-2.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10403-1 python311-pypdf-6.9.1-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10402-1 python311-PyPDF2-2.11.1-8.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10401-1 freeciv-3.2.4-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10400-1 chromedriver-146.0.7680.153-2.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10399-1 GraphicsMagick-1.3.46-4.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10398-1 python311-3.11.15-3.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10397-1 python311-PyJWT-2.12.1-1.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10396-1 openbao-2.5.1-1.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10390-1 tempo-cli-2.10.3-1.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10389-1 python311-salt-3006.0-56.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10388-1 mumble-1.5.857-2.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10387-1 kernel-devel-6.19.8-1.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10386-1 ImageMagick-7.1.2.17-1.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10377-1 python312-3.12.13-2.1 on GA media 2026-03-16T00:00:00Z 2026-03-16T00:00:00Z
opensuse-su-2026:10376-1 chromedriver-146.0.7680.80-1.1 on GA media 2026-03-16T00:00:00Z 2026-03-16T00:00:00Z
opensuse-su-2026:10375-1 coturn-4.9.0-1.1 on GA media 2026-03-15T00:00:00Z 2026-03-15T00:00:00Z
opensuse-su-2026:10374-1 python311-tornado6-6.5.5-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:10373-1 python311-simpleeval-1.0.5-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:10372-1 python311-black-26.3.1-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:10371-1 curl-8.19.0-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:20357-1 Security update for qemu 2026-03-13T10:47:15Z 2026-03-13T10:47:15Z
opensuse-su-2026:20354-1 Security update for libsoup2 2026-03-13T08:41:04Z 2026-03-13T08:41:04Z
opensuse-su-2026:10370-1 smb4k-4.0.5-1.2 on GA media 2026-03-13T00:00:00Z 2026-03-13T00:00:00Z
opensuse-su-2026:10369-1 skaffold-2.18.0-1.1 on GA media 2026-03-13T00:00:00Z 2026-03-13T00:00:00Z
opensuse-su-2026:10368-1 ruby4.0-rubygem-websocket-extensions-0.1.5-1.24 on GA media 2026-03-13T00:00:00Z 2026-03-13T00:00:00Z
opensuse-su-2026:10367-1 ruby4.0-rubygem-web-console-4.2.1-1.9 on GA media 2026-03-13T00:00:00Z 2026-03-13T00:00:00Z
opensuse-su-2026:10366-1 ruby4.0-rubygem-thor-1.4.0-1.3 on GA media 2026-03-13T00:00:00Z 2026-03-13T00:00:00Z
ID Description Published Updated
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2026:5452 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T16:13:04+00:00 2026-03-23T19:33:18+00:00
rhsa-2026:5447 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T16:03:55+00:00 2026-03-23T19:33:18+00:00
rhsa-2026:5444 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T15:45:35+00:00 2026-03-23T19:33:18+00:00
rhsa-2026:5439 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T15:37:52+00:00 2026-03-23T19:33:16+00:00
rhsa-2026:5110 Red Hat Security Advisory: Multicluster Global Hub 1.5.4 security update 2026-03-19T10:27:09+00:00 2026-03-23T19:33:16+00:00
rhsa-2026:4672 Red Hat Security Advisory: container-tools:rhel8 security update 2026-03-17T04:01:11+00:00 2026-03-23T19:33:15+00:00
rhsa-2026:4942 Red Hat Security Advisory: Red Hat Quay 3.12.15 2026-03-18T16:21:15+00:00 2026-03-23T19:33:12+00:00
rhsa-2026:4467 Red Hat Security Advisory: RHACS 4.9.4 security and bug fix update 2026-03-12T11:53:58+00:00 2026-03-23T19:33:09+00:00
rhsa-2026:4466 Red Hat Security Advisory: RHACS 4.8.9 security and bug fix update 2026-03-12T11:53:42+00:00 2026-03-23T19:33:08+00:00
rhsa-2026:4434 Red Hat Security Advisory: OpenShift Container Platform 4.19.26 bug fix and security update 2026-03-18T18:31:59+00:00 2026-03-23T19:33:07+00:00
rhsa-2026:4170 Red Hat Security Advisory: Red Hat OpenShift API for Data Protection 2026-03-10T10:02:11+00:00 2026-03-23T19:33:07+00:00
rhsa-2026:3884 Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.2 security update 2026-03-05T12:07:11+00:00 2026-03-23T19:33:05+00:00
rhsa-2026:3880 Red Hat Security Advisory: grafana security update 2026-03-05T12:20:43+00:00 2026-03-23T19:33:05+00:00
rhsa-2026:3855 Red Hat Security Advisory: OpenShift Container Platform 4.20.16 bug fix and security update 2026-03-11T04:54:31+00:00 2026-03-23T19:33:04+00:00
rhsa-2026:3854 Red Hat Security Advisory: grafana security update 2026-03-05T11:07:41+00:00 2026-03-23T19:33:03+00:00
rhsa-2026:3851 Red Hat Security Advisory: OpenShift Container Platform 4.20.16 packages and security update 2026-03-11T05:24:06+00:00 2026-03-23T19:33:03+00:00
rhsa-2026:3838 Red Hat Security Advisory: grafana security update 2026-03-05T09:44:33+00:00 2026-03-23T19:33:02+00:00
rhsa-2026:3836 Red Hat Security Advisory: grafana security update 2026-03-05T09:03:15+00:00 2026-03-23T19:33:01+00:00
rhsa-2026:3835 Red Hat Security Advisory: grafana security update 2026-03-05T09:01:36+00:00 2026-03-23T19:33:01+00:00
rhsa-2026:3833 Red Hat Security Advisory: grafana security update 2026-03-05T08:23:57+00:00 2026-03-23T19:33:00+00:00
rhsa-2026:3831 Red Hat Security Advisory: grafana security update 2026-03-05T07:55:46+00:00 2026-03-23T19:32:59+00:00
rhsa-2026:3556 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.14 2026-03-02T16:52:33+00:00 2026-03-23T19:32:59+00:00
rhsa-2026:3782 Red Hat Security Advisory: RHOAI 2.25.3 - Red Hat OpenShift AI 2026-03-04T18:23:40+00:00 2026-03-23T19:32:58+00:00
rhsa-2026:3753 Red Hat Security Advisory: osbuild-composer security update 2026-03-04T15:52:29+00:00 2026-03-23T19:32:58+00:00
rhsa-2026:3752 Red Hat Security Advisory: osbuild-composer security update 2026-03-04T15:29:36+00:00 2026-03-23T19:32:57+00:00
rhsa-2026:3559 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.14 2026-03-02T17:03:40+00:00 2026-03-23T19:32:55+00:00
rhsa-2026:3489 Red Hat Security Advisory: go-toolset:rhel8 security update 2026-03-02T02:56:16+00:00 2026-03-23T19:32:55+00:00
rhsa-2026:3473 Red Hat Security Advisory: golang security update 2026-03-02T01:23:25+00:00 2026-03-23T19:32:55+00:00
rhsa-2026:3472 Red Hat Security Advisory: golang security update 2026-03-02T01:26:30+00:00 2026-03-23T19:32:54+00:00
rhsa-2026:3471 Red Hat Security Advisory: go-toolset:rhel8 security update 2026-03-02T01:35:05+00:00 2026-03-23T19:32:53+00:00
ID Description Published Updated
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-343-01 EcoStruxure™ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-03 EcoStruxure™ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-343-02 EcoStruxure™ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2023-192-04 CODESYS Runtime Vulnerabilities 2023-07-11T07:15:18.000Z 2025-12-09T08:00:00.000Z
sevd-2021-159-04 ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools 2021-06-08T04:36:25.000Z 2025-11-15T00:00:00.000Z
sevd-2022-284-03 ISaGRAF Workbench for SAGE RTU 2022-10-10T22:13:16.000Z 2025-11-14T06:30:00.000Z
sevd-2025-315-02 EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-01 PowerChute™ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-02 EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-287-01 EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
ID Description Published Updated
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2025-05-20T11:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
SCA-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
ID Description Published Updated
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-770770 SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices 2025-02-11T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-513708 SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-485750 SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-430425 SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0 2024-10-08T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-282044 SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery 2025-08-12T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-201595 SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2025-08-14T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-126399 SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-082556 SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-027652 SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives 2025-09-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-613116 SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-355557 SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-089022 SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 2026-01-28T00:00:00Z 2026-02-24T00:00:00Z
ssa-965753 SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-864900 SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2025-05-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-783261 SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 2012-12-12T00:00:00Z 2026-02-10T00:00:00Z
ssa-674753 SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices 2026-01-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-625934 SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-599451 SSA-599451: Multiple Vulnerabilities in SiPass integrated 2025-10-14T00:00:00Z 2026-02-10T00:00:00Z
ssa-507364 SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-445819 SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-265688 SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 2024-04-09T00:00:00Z 2026-02-10T00:00:00Z
ssa-216014 SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs 2025-03-11T00:00:00Z 2026-02-10T00:00:00Z
ID Description Published Updated
suse-su-2026:0940-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7 RT) 2026-03-22T22:49:08Z 2026-03-22T22:49:08Z
suse-su-2026:0941-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7 RT) 2026-03-22T22:49:05Z 2026-03-22T22:49:05Z
suse-su-2026:0943-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7 RT) 2026-03-22T22:48:59Z 2026-03-22T22:48:59Z
suse-su-2026:0944-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7 RT) 2026-03-22T22:48:56Z 2026-03-22T22:48:56Z
suse-su-2026:0945-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7 RT) 2026-03-22T22:48:53Z 2026-03-22T22:48:53Z
suse-su-2026:0947-1 Security update for go1.25-openssl 2026-03-20T15:06:59Z 2026-03-20T15:06:59Z
suse-su-2026:0938-1 Security update for GraphicsMagick 2026-03-20T13:41:10Z 2026-03-20T13:41:10Z
suse-su-2026:0936-1 Security update for libssh 2026-03-20T07:46:48Z 2026-03-20T07:46:48Z
suse-su-2026:0933-1 Security update for freerdp 2026-03-19T10:34:05Z 2026-03-19T10:34:05Z
suse-su-2026:0932-1 Security update for tomcat 2026-03-19T10:26:49Z 2026-03-19T10:26:49Z
suse-su-2026:0931-1 Security update for jq 2026-03-19T08:23:28Z 2026-03-19T08:23:28Z
suse-su-2026:0930-1 Security update for krb5-appl 2026-03-18T23:08:02Z 2026-03-18T23:08:02Z
suse-su-2026:0928-1 Security update for the Linux Kernel 2026-03-18T13:32:23Z 2026-03-18T13:32:23Z
suse-su-2026:0923-1 Security update for gvfs 2026-03-18T09:15:47Z 2026-03-18T09:15:47Z
suse-su-2026:0922-1 Security update for tomcat 2026-03-18T09:15:06Z 2026-03-18T09:15:06Z
suse-su-2026:0921-1 Security update for curl 2026-03-18T08:52:04Z 2026-03-18T08:52:04Z
suse-su-2026:0917-1 Security update for kubernetes 2026-03-18T07:47:08Z 2026-03-18T07:47:08Z
suse-su-2026:0916-1 Security update for gvfs 2026-03-18T07:46:59Z 2026-03-18T07:46:59Z
suse-su-2026:0915-1 Security update for 389-ds 2026-03-18T07:46:51Z 2026-03-18T07:46:51Z
suse-su-2026:0914-1 Security update for 389-ds 2026-03-18T07:46:33Z 2026-03-18T07:46:33Z
suse-su-2026:0913-1 Security update for 389-ds 2026-03-18T07:46:25Z 2026-03-18T07:46:25Z
suse-su-2026:0911-1 Security update for curl 2026-03-17T19:56:50Z 2026-03-17T19:56:50Z
suse-su-2026:0910-1 Security update for vim 2026-03-17T19:34:17Z 2026-03-17T19:34:17Z
suse-su-2026:0909-1 Security update for container-suseconnect 2026-03-17T17:34:33Z 2026-03-17T17:34:33Z
suse-su-2026:0908-1 Security update for xen 2026-03-17T16:32:40Z 2026-03-17T16:32:40Z
suse-su-2026:0907-1 Security update for kea 2026-03-17T16:32:34Z 2026-03-17T16:32:34Z
suse-su-2026:0903-1 Security update for curl 2026-03-17T10:04:47Z 2026-03-17T10:04:47Z
suse-su-2026:0902-1 Security update for freerdp 2026-03-17T09:38:11Z 2026-03-17T09:38:11Z
suse-su-2026:0900-1 Security update for python-black 2026-03-13T18:33:38Z 2026-03-13T18:33:38Z
suse-su-2026:0898-1 Security update for libpng15 2026-03-13T15:26:30Z 2026-03-13T15:26:30Z
ID Description Published Updated
alsa-2026:4772 Moderate: glibc security update 2026-03-17T00:00:00Z 2026-03-19T12:43:04Z
alsa-2026:4728 Important: libpng security update 2026-03-17T00:00:00Z 2026-03-19T12:37:34Z
alsa-2026:4473 Moderate: python3.11 security update 2026-03-12T00:00:00Z 2026-03-19T12:33:18Z
alsa-2026:4648 Moderate: grub2 security update 2026-03-16T00:00:00Z 2026-03-17T10:24:06Z
alsa-2026:4672 Important: container-tools:rhel8 security update 2026-03-17T00:00:00Z 2026-03-17T10:17:22Z
alsa-2026:4445 Important: .NET 10.0 security update 2026-03-12T00:00:00Z 2026-03-16T16:52:17Z
alsa-2026:4472 Moderate: compat-openssl11 security update 2026-03-12T00:00:00Z 2026-03-16T16:49:36Z
alsa-2026:4447 Important: libvpx security update 2026-03-12T00:00:00Z 2026-03-16T16:46:00Z
alsa-2026:4456 Important: .NET 9.0 security update 2026-03-12T00:00:00Z 2026-03-16T16:41:08Z
alsa-2026:3985 Important: git-lfs security update 2026-03-09T00:00:00Z 2026-03-13T12:38:07Z
alsa-2026:4306 Important: mingw-libpng security update 2026-03-11T00:00:00Z 2026-03-13T12:35:26Z
alsa-2026:4012 Moderate: kernel security update 2026-03-09T00:00:00Z 2026-03-13T09:42:02Z
alsa-2026:4450 Important: .NET 9.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:36:54Z
alsa-2026:4451 Important: .NET 8.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:34:29Z
alsa-2026:4453 Important: .NET 10.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:32:40Z
alsa-2026:3940 Moderate: nfs-utils security update 2026-03-05T00:00:00Z 2026-03-13T09:30:09Z
alsa-2026:3842 Moderate: delve security update 2026-03-05T00:00:00Z 2026-03-13T09:28:13Z
alsa-2026:4168 Moderate: python3.9 security update 2026-03-10T00:00:00Z 2026-03-13T09:26:02Z
alsa-2026:4177 Important: opentelemetry-collector security update 2026-03-10T00:00:00Z 2026-03-13T09:23:39Z
alsa-2026:4188 Moderate: gnutls security update 2026-03-10T00:00:00Z 2026-03-13T09:21:59Z
alsa-2026:4216 Moderate: python3.11 security update 2026-03-10T00:00:00Z 2026-03-13T09:19:57Z
alsa-2026:4454 Important: .NET 8.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:17:27Z
alsa-2026:4458 Important: .NET 10.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:14:44Z
alsa-2026:4455 Important: .NET 8.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:11:49Z
alsa-2026:4463 Moderate: python3.12 security update 2026-03-12T00:00:00Z 2026-03-13T09:03:59Z
alsa-2026:4443 Important: .NET 9.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:01:07Z
alsa-2026:4442 Moderate: vim security update 2026-03-12T00:00:00Z 2026-03-12T14:47:41Z
alsa-2026:4174 Important: opentelemetry-collector security update 2026-03-10T00:00:00Z 2026-03-11T17:46:34Z
alsa-2026:4235 Moderate: nginx:1.26 security update 2026-03-10T00:00:00Z 2026-03-11T11:13:12Z
alsa-2026:3966 Moderate: kernel security update 2026-03-09T00:00:00Z 2026-03-11T10:10:37Z
ID Description Published Updated
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0003 code injection in xmonad-contrib 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0002 Improper Verification of Cryptographic Signature 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0001 Hash flooding vulnerability in aeson 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
ID Description Published Updated
osv-2024-719 Heap-buffer-overflow in hevc_ref_pic_lists_modification 2024-08-07T00:05:22.699506Z 2026-03-23T14:31:33.332438Z
osv-2024-695 Stack-buffer-overflow in gf_vvc_parse_nalu_bs 2024-07-31T00:02:35.217594Z 2026-03-23T14:31:09.829004Z
osv-2024-664 Heap-buffer-overflow in gf_dash_group_get_template 2024-07-18T00:13:55.576218Z 2026-03-23T14:30:21.644486Z
osv-2024-659 Index-out-of-bounds in gf_vvc_parse_nalu_bs 2024-07-18T00:01:18.765548Z 2026-03-23T14:30:01.343679Z
osv-2026-437 Heap-use-after-free in tf::Executor::_invoke 2026-03-23T00:02:28.277984Z 2026-03-23T14:25:41.819255Z
osv-2023-307 Heap-buffer-overflow in bit_read_BB 2023-04-13T14:02:09.774988Z 2026-03-23T14:24:12.455660Z
osv-2022-714 Heap-buffer-overflow in dynapi_set_helper 2022-08-15T00:00:47.794062Z 2026-03-23T14:23:48.571716Z
osv-2022-653 Heap-double-free in dwg_free_common_entity_data 2022-07-30T00:01:52.491112Z 2026-03-23T14:23:30.686138Z
osv-2022-675 Heap-buffer-overflow in void RDKit::ParseV3000AtomProps<std::__1::vector<std::__1::basic_string_view<cha 2022-08-06T00:00:51.363676Z 2026-03-23T14:21:49.619853Z
osv-2022-388 Segv on unknown address in dwg_ref_get_object 2022-05-01T00:01:54.904711Z 2026-03-23T14:21:08.225627Z
osv-2022-400 Heap-double-free in dwg_free_XRECORD_private 2022-05-08T00:00:40.782520Z 2026-03-23T14:20:55.008245Z
osv-2022-379 Segv on unknown address in bit_write_TV 2022-04-27T00:00:44.539231Z 2026-03-23T14:20:46.828851Z
osv-2022-372 Heap-buffer-overflow in dwg_encode_VERTEX_2D 2022-04-26T00:00:09.352798Z 2026-03-23T14:20:42.830532Z
osv-2022-1259 Heap-buffer-overflow in dwg_decode_INSERT_private 2022-12-13T13:00:46.870838Z 2026-03-23T14:19:57.098371Z
osv-2022-1176 Heap-double-free in dwg_free 2022-11-18T13:00:26.857477Z 2026-03-23T14:19:55.214436Z
osv-2022-1198 Heap-buffer-overflow in dwg_json_LTYPE 2022-11-23T13:02:06.623044Z 2026-03-23T14:19:50.654423Z
osv-2021-1343 Heap-buffer-overflow in get_next_owned_entity 2021-09-21T00:01:33.177403Z 2026-03-23T14:19:26.863131Z
osv-2021-1086 Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 2021-08-02T00:00:31.888461Z 2026-03-23T14:19:25.904360Z
osv-2022-1288 Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*> 2024-11-04T00:16:22.516312Z 2026-03-23T14:18:28.605872Z
osv-2025-169 Stack-buffer-overflow in utf8_in2 2025-02-27T00:07:08.029075Z 2026-03-21T14:18:54.197384Z
osv-2024-245 Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept 2024-04-08T00:11:03.595756Z 2026-03-21T14:16:44.656434Z
osv-2023-390 Heap-buffer-overflow in sdhci_write 2023-05-12T14:00:08.854823Z 2026-03-19T14:59:03.200818Z
osv-2022-581 Heap-buffer-overflow in megasas_map_sgl 2022-07-14T00:00:45.644503Z 2026-03-19T14:30:01.203121Z
osv-2021-820 UNKNOWN READ in virtio_gpu_disable_scanout 2021-06-02T00:00:31.619765Z 2026-03-19T14:29:11.720599Z
osv-2022-842 Stack-buffer-overflow in wc_Shake256_Final 2022-09-05T00:00:28.251072Z 2026-03-19T14:24:32.279617Z
osv-2023-107 Heap-buffer-overflow in DecodeBasicOcspResponse 2023-02-25T13:00:07.390537Z 2026-03-19T14:20:03.939298Z
osv-2023-96 Heap-buffer-overflow in load_buffer 2023-02-23T13:00:28.515290Z 2026-03-19T14:18:07.139122Z
osv-2023-35 Heap-buffer-overflow in parse_classes_64 2023-01-29T13:01:45.762871Z 2026-03-19T14:17:03.762927Z
osv-2022-993 Stack-use-after-return in check_buffer 2022-09-29T00:02:10.256639Z 2026-03-19T14:16:25.708146Z
osv-2022-1137 Heap-buffer-overflow in io_memory_read 2022-11-05T00:00:44.243862Z 2026-03-19T14:12:36.662336Z
ID Description Published Updated
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-23T15:20:34Z
rustsec-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0067 `unpack_in` can chmod arbitrary directories by following symlinks 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0066 Insufficient validation of PAX extensions during extraction 2026-03-17T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0047 PKCS7_verify Signature Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0046 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0045 Timing Side-Channel in AES-CCM Tag Verification in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0043 Timing Side-Channel in AES-CCM Tag Verification in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0065 `tokio-signal` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0064 `tokio-udp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0063 `tokio-executor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0062 `tokio-compat` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0061 `tokio-fs` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0060 `tokio-timer` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0059 `tokio-tcp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0058 `tokio-io` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0057 `tokio-reactor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0056 `tokio-codec` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0055 `tokio-process` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0054 `tokio-current-thread` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0053 `tokio-tls` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0052 `tokio-sync` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0051 `tokio-threadpool` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0050 `tokio-uds` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0048 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0044 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0042 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2023-0103 `postgress` was removed from crates.io for malicious code 2023-08-16T12:00:00Z 2026-03-19T22:15:12Z
rustsec-2023-0102 `serd` was removed from crates.io for malicious code 2023-08-16T12:00:00Z 2026-03-19T22:15:12Z
rustsec-2023-0101 `oncecell` was removed from crates.io for malicious code 2023-08-16T12:00:00Z 2026-03-19T22:15:12Z
ID Description Published Updated
bit-valkey-2025-49844 Redis Lua Use-After-Free may lead to remote code execution 2025-10-16T09:19:55.260Z 2026-03-21T09:12:01.983Z
bit-redis-2025-49844 Redis Lua Use-After-Free may lead to remote code execution 2025-10-16T09:18:53.323Z 2026-03-21T09:12:01.983Z
bit-keydb-2025-49844 Redis Lua Use-After-Free may lead to remote code execution 2025-10-16T09:12:52.562Z 2026-03-21T09:12:01.983Z
bit-tomcat-2026-24734 Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass 2026-02-20T09:53:00.269Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled 2025-11-06T13:00:31.694Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-49125 Apache Tomcat: Security constraint bypass for pre/post-resources 2025-07-10T10:47:18.953Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-24813 Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT 2025-07-10T10:46:47.051Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-53506 Apache Tomcat: DoS via excessive h2 streams at connection start 2025-07-16T08:19:04.361Z 2026-03-20T12:05:40.000Z
bit-tomcat-2025-49124 Apache Tomcat: exe side-loading via icalcs.exe in Tomcat installer for Windows 2025-06-20T06:04:24.795Z 2026-03-20T12:05:40.000Z
bit-tomcat-2025-31651 Apache Tomcat: Bypass of rules in Rewrite Valve 2025-07-10T10:46:54.240Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-56337 Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete 2025-07-10T10:46:39.151Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-52317 Apache Tomcat: Request/response mix-up with HTTP/2 2024-11-20T07:20:06.896Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-52316 Apache Tomcat: Authentication bypass when using Jakarta Authentication API 2025-07-10T10:46:05.150Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-38286 Apache Tomcat: Denial of Service 2024-11-09T07:20:25.873Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-34750 Apache Tomcat: HTTP/2 excess header handling DoS 2025-07-29T14:30:29.115Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-24549 Apache Tomcat: HTTP/2 header handling DoS 2025-07-17T08:09:49.355Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-21733 Apache Tomcat: Leaking of unrelated request bodies in default error page 2024-03-06T11:07:26.980Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-46589 Apache Tomcat: HTTP request smuggling via malformed trailer headers 2024-03-06T11:07:35.204Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-45648 Apache Tomcat: Trailer header parsing too lenient 2024-03-06T11:07:43.292Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-42795 Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests 2024-03-06T11:08:01.506Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-41080 Apache Tomcat: Open redirect with FORM authentication 2024-03-06T11:08:22.964Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-28709 Apache Tomcat: Fix for CVE-2023-24998 is incomplete 2024-03-06T11:08:45.769Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-28708 Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations 2024-03-06T11:08:55.308Z 2026-03-20T12:05:40.000Z
bit-parse-2026-33163 Parse Server leaks protected fields via LiveQuery afterEvent trigger 2026-03-20T11:37:51.448Z 2026-03-20T12:05:40.000Z
bit-parse-2026-33042 Parse Server affected by empty authData bypassing credential requirement on signup 2026-03-20T11:37:48.161Z 2026-03-20T12:05:40.000Z
bit-parse-2026-32944 Parse Server crash via deeply nested query condition operators 2026-03-20T11:37:45.054Z 2026-03-20T12:05:40.000Z
bit-parse-2026-32943 Parse Server has a password reset token single-use bypass via concurrent requests 2026-03-20T11:37:41.707Z 2026-03-20T12:05:40.000Z
bit-parse-2026-32886 Parse Server's Cloud function dispatch crashes server via prototype chain traversal 2026-03-20T11:37:38.226Z 2026-03-20T12:05:40.000Z
bit-parse-2026-32878 Parse Server vulnerable to schema poisoning via prototype pollution in deep copy 2026-03-20T11:37:35.433Z 2026-03-20T12:05:40.000Z
bit-parse-2026-32770 Parse Server: LiveQuery subscription with invalid regular expression crashes server 2026-03-20T11:37:32.539Z 2026-03-20T12:05:40.000Z
ID Description Published Updated
cleanstart-2026-zv38826 Within HostnameError 2026-03-10T01:00:05.764793Z 2026-03-09T13:15:34Z
cleanstart-2026-xh31600 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:58:05.974960Z 2026-03-09T13:15:34Z
cleanstart-2026-ra63757 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:56:05.142237Z 2026-03-09T13:15:34Z
cleanstart-2026-qk48981 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:00:35.988532Z 2026-03-09T13:15:34Z
cleanstart-2026-oh74241 Security fixes for GHSA-mqqf-5wvp-8fh8 applied in versions: 0.122-r0 2026-03-10T00:58:07.551022Z 2026-03-09T13:15:34Z
cleanstart-2026-od98869 Within HostnameError 2026-03-10T00:59:05.580952Z 2026-03-09T13:15:34Z
cleanstart-2026-mo83449 Within HostnameError 2026-03-10T00:59:35.550450Z 2026-03-09T13:15:34Z
cleanstart-2026-jz91219 Within HostnameError 2026-03-10T00:59:35.590693Z 2026-03-09T13:15:34Z
cleanstart-2026-ir62391 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:48:33.059735Z 2026-03-09T13:15:34Z
cleanstart-2026-gj95666 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:04:41.222114Z 2026-03-09T13:15:34Z
cleanstart-2026-dt66006 Within HostnameError 2026-03-10T00:58:35.493841Z 2026-03-09T13:15:34Z
cleanstart-2026-av02020 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:58:05.928030Z 2026-03-09T13:15:34Z
cleanstart-2026-af35851 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:02:37.708854Z 2026-03-09T13:15:34Z
cleanstart-2026-ab04032 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-10T00:58:35.570783Z 2026-03-09T13:15:34Z
cleanstart-2026-qy24299 @octokit/endpoint turns REST API endpoints into generic request options 2026-03-07T00:39:47.646997Z 2026-03-06T13:08:41Z
cleanstart-2026-pp62083 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-07T00:39:46.558367Z 2026-03-06T13:08:41Z
cleanstart-2026-gi57625 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-07T00:39:46.578400Z 2026-03-06T13:08:41Z
cleanstart-2026-yp32652 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:42:01.150900Z 2026-03-03T12:59:01Z
cleanstart-2026-xj84245 Rack is a modular Ruby web server interface 2026-03-04T00:43:02.364521Z 2026-03-03T12:59:01Z
cleanstart-2026-wy43835 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access 2026-03-04T00:41:31.079681Z 2026-03-03T12:59:01Z
cleanstart-2026-vc01496 Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 0.8.4-r0 2026-03-04T00:39:30.734261Z 2026-03-03T12:59:01Z
cleanstart-2026-sm37781 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic 2026-03-04T00:45:05.719125Z 2026-03-03T12:59:01Z
cleanstart-2026-na21773 GNU patch through 2 2026-03-04T00:42:01.122309Z 2026-03-03T12:59:01Z
cleanstart-2026-ew93264 Security fixes for GHSA-4cx2-fc23-5wg6, GHSA-6xw4-3v39-52mm, GHSA-72qj-48g4-5xgx, GHSA-mr3q-g2mv-mr4q, GHSA-p543-xpfm-54cp, GHSA-vc5p-v9hr-52mj, GHSA-vqg5-3255-v292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2 2026-03-04T00:39:32.590174Z 2026-03-03T12:59:01Z
cleanstart-2026-cq83284 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:43:01.818359Z 2026-03-03T12:59:01Z
cleanstart-2026-bz70876 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:42:00.996564Z 2026-03-03T12:59:01Z
cleanstart-2026-ay29369 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:43:31.868035Z 2026-03-03T12:59:01Z
cleanstart-2026-mw73882 filippo 2026-03-03T00:39:03.237072Z 2026-03-02T17:13:50Z
cleanstart-2026-by85815 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-03T00:39:03.275022Z 2026-03-02T17:13:50Z
cleanstart-2026-zn32454 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers 2026-02-27T00:50:08.716833Z 2026-02-26T12:09:56Z
ID Description Published Updated
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-11T16:35:02.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-11T16:33:14.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ts-2026-001 TS-2026-001 2026-01-15T00:00
ts-2025-008 TS-2025-008 2025-11-19T00:00
ts-2025-007 TS-2025-007 2025-11-07T00:00
ts-2025-006 TS-2025-006 2025-10-28T00:00
ts-2025-005 TS-2025-005 2025-08-07T00:00
ts-2025-004 TS-2025-004 2025-05-27T00:00
ts-2025-003 TS-2025-003 2025-05-21T00:00
ts-2025-002 TS-2025-002 2025-05-15T00:00
ts-2025-001 TS-2025-001 2025-03-07T00:00
ts-2024-013 TS-2024-013 2024-12-04T00:00
ts-2024-012 TS-2024-012 2024-10-02T00:00
ts-2024-011 TS-2024-011 2024-07-22T00:00
ts-2024-010 TS-2024-010 2024-07-19T00:00
ts-2024-009 TS-2024-009 2024-06-27T00:00
ts-2024-008 TS-2024-008 2024-06-14T00:00
ts-2024-007 TS-2024-007 2024-06-12T00:00
ts-2024-006 TS-2024-006 2024-05-22T00:00
ts-2024-005 TS-2024-005 2024-05-08T00:00
ts-2024-004 TS-2024-004 2024-05-06T00:00
ts-2024-003 TS-2024-003 2024-04-23T00:00
ts-2024-002 TS-2024-002 2024-01-30T00:00
ts-2024-001 TS-2024-001 2024-01-08T00:00
ts-2023-009 TS-2023-009 2023-12-22T00:00
ts-2023-008 TS-2023-008 2023-11-01T00:00
ts-2023-007 TS-2023-007 2023-10-26T00:00
ts-2023-006 TS-2023-006 2023-08-22T00:00
ts-2023-005 TS-2023-005 2023-04-28T00:00
ts-2023-004 TS-2023-004 2023-04-04T00:00
ts-2023-003 TS-2023-003 2023-03-22T00:00
ts-2023-002 TS-2023-002 2023-01-24T00:00
ID Description Published Updated
certfr-2026-ale-003 Note d’alerte – Ciblage des messageries instantanées 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-ale-002 [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-02-26T00:00:00.000000
certfr-2025-ale-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2026-ale-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2025-ale-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
certfr-2025-ale-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0341 Multiples vulnérabilités dans les produits Microsoft 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0340 Multiples vulnérabilités dans Microsoft Edge 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0339 Multiples vulnérabilités dans les produits VMware 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0338 Vulnérabilité dans les produits Synology 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0337 Multiples vulnérabilités dans les produits Citrix 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0336 Multiples vulnérabilités dans les produits Qnap 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0335 Vulnérabilité dans CPython 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0334 Vulnérabilité dans les produits Microsoft 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0333 Multiples vulnérabilités dans Traefik 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0332 Vulnérabilité dans Oracle Identity Manager et Web Services Manager 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0331 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0330 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0329 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0328 Multiples vulnérabilités dans le noyau Linux de Debian LTS 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0327 Multiples vulnérabilités dans les produits IBM 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0326 Multiples vulnérabilités dans les produits VMware 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0325 Multiples vulnérabilités dans les produits Elastic 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0324 Multiples vulnérabilités dans Google Chrome 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0323 Multiples vulnérabilités dans les produits Spring 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0322 Multiples vulnérabilités dans les produits VMware 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-avi-0321 Multiples vulnérabilités dans les produits Microsoft 2026-03-19T00:00:00.000000 2026-03-19T00:00:00.000000
certfr-2026-avi-0320 Multiples vulnérabilités dans Roundcube 2026-03-19T00:00:00.000000 2026-03-19T00:00:00.000000
certfr-2026-avi-0319 Vulnérabilité dans les produits Mitel 2026-03-19T00:00:00.000000 2026-03-19T00:00:00.000000
certfr-2026-avi-0318 Multiples vulnérabilités dans Splunk Universal Forwarder 2026-03-19T00:00:00.000000 2026-03-19T00:00:00.000000
certfr-2026-avi-0317 Vulnérabilité dans Python 2026-03-19T00:00:00.000000 2026-03-19T00:00:00.000000
certfr-2026-avi-0316 Multiples vulnérabilités dans les produits VMware 2026-03-19T00:00:00.000000 2026-03-19T00:00:00.000000
certfr-2026-avi-0315 Multiples vulnérabilités dans les produits VMware 2026-03-18T00:00:00.000000 2026-03-18T00:00:00.000000
certfr-2026-avi-0314 Multiples vulnérabilités dans les produits Atlassian 2026-03-18T00:00:00.000000 2026-03-18T00:00:00.000000
certfr-2026-avi-0313 Vulnérabilité dans les produits Apple 2026-03-18T00:00:00.000000 2026-03-18T00:00:00.000000
certfr-2026-avi-0312 Multiples vulnérabilités dans GLPI 2026-03-18T00:00:00.000000 2026-03-18T00:00:00.000000
ID Description Published Updated
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-03-23T14:54+09:00
jvndb-2026-007524 Vulnerability in Hitachi Command Suite 2026-03-17T16:42+09:00 2026-03-17T16:42+09:00
jvndb-2026-000038 Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries 2026-03-17T14:57+09:00 2026-03-17T14:57+09:00
jvndb-2026-000039 Missing authorization in the OpenAI thread/message API endpoints of GROWI 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-000037 OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-006887 Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 2026-03-12T17:22+09:00 2026-03-12T17:22+09:00
jvndb-2026-000036 Improper file access permission settings in multiple Digital Arts products 2026-03-09T14:57+09:00 2026-03-09T16:23+09:00
jvndb-2026-000035 Installer for Qsee Client may insecurely load Dynamic Link Libraries 2026-03-09T14:57+09:00 2026-03-09T14:57+09:00
jvndb-2026-006102 Security issues in ESC/POS 2026-03-06T10:31+09:00 2026-03-06T10:31+09:00
jvndb-2026-000034 django-allauth vulnerable to open redirect 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000033 EC-CUBE vulnerable to multi-factor authentication bypass 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000032 Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) 2026-03-04T12:20+09:00 2026-03-04T12:20+09:00
jvndb-2026-005746 Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005744 Canon IJ Scan Utility registers Windows services with unquoted file paths 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-000030 IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization 2026-02-27T15:41+09:00 2026-03-03T10:06+09:00
jvndb-2026-005259 Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) 2026-03-02T11:46+09:00 2026-03-02T11:46+09:00
jvndb-2026-000031 Improper file access permission settings in the installers for multiple Soliton Systems products 2026-02-27T15:41+09:00 2026-02-27T15:41+09:00
jvndb-2026-000029 Multiple vulnerabilities in the installer of FinalCode Client 2026-02-26T14:24+09:00 2026-02-26T14:24+09:00
jvndb-2026-004811 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-004810 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-000026 Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal 2026-02-25T15:14+09:00 2026-02-25T15:14+09:00
jvndb-2026-004359 Security information for Hitachi Disk Array Systems 2026-02-20T18:35+09:00 2026-02-20T18:35+09:00
jvndb-2026-000027 WordPress Plugin "Survey Maker" vulnerable to cross-site scripting 2026-02-20T12:32+09:00 2026-02-20T12:32+09:00
jvndb-2026-000028 Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries 2026-02-20T12:31+09:00 2026-02-20T12:31+09:00
jvndb-2026-003912 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003911 Vulnerability in Cosminexus HTTP Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003910 Multiple Vulnerabilities in Cosminexus HTTP Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003909 Multiple Vulnerabilities in Hitachi Command Suite products 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003908 Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003907 Multiple Vulnerabilities in JP1 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
ID Description Published Updated
cnvd-2026-11369 厦门熵基科技有限公司人证魔方身份认证管理系统存在SQL注入漏洞 2026-02-05 2026-03-22
cnvd-2026-11389 用友网络科技股份有限公司U8 Cloud存在SQL注入漏洞(CNVD-C-2026-72551) 2026-02-04 2026-03-21
cnvd-2026-14410 Microsoft Exchange Server欺骗漏洞(CNVD-2026-14410) 2025-12-12 2026-03-20
cnvd-2026-14409 UTT 520W goform/formIpGroupConfig文件缓冲区溢出漏洞 2026-02-11 2026-03-20
cnvd-2026-14408 Microsoft Excel代码执行漏洞(CNVD-2026-14408) 2026-03-17 2026-03-20
cnvd-2026-14407 TeamViewer DEX Client权限提升漏洞 2025-12-18 2026-03-20
cnvd-2026-14406 MailEnable不安全DLL加载漏洞(CNVD-2026-14406) 2025-12-18 2026-03-20
cnvd-2026-14405 MailEnableMailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14405) 2025-12-18 2026-03-20
cnvd-2026-14404 MailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14404) 2025-12-18 2026-03-20
cnvd-2026-14403 MailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14403) 2025-12-18 2026-03-20
cnvd-2026-14402 MailEnable不安全DLL加载漏洞(CNVD-2026-14402) 2025-12-18 2026-03-20
cnvd-2026-14401 MailEnable不安全DLL加载漏洞(CNVD-2026-14401) 2025-12-18 2026-03-20
cnvd-2026-14400 MailEnable不安全DLL加载漏洞(CNVD-2026-14400) 2025-12-18 2026-03-20
cnvd-2026-14399 MailEnable不安全DLL加载漏洞(CNVD-2026-14399) 2025-12-18 2026-03-20
cnvd-2026-14398 MailEnable不安全DLL加载漏洞 2025-12-18 2026-03-20
cnvd-2026-14397 OpenClaw安全绕过漏洞 2026-03-12 2026-03-20
cnvd-2026-14396 OpenClaw文件包含漏洞 2026-03-12 2026-03-20
cnvd-2026-14395 OpenClaw访问控制错误漏洞(CNVD-2026-14395) 2026-03-12 2026-03-20
cnvd-2026-14394 OpenClaw目录遍历漏洞(CNVD-2026-14394) 2026-03-17 2026-03-20
cnvd-2026-14393 OpenClaw远程代码执行漏洞(CNVD-2026-14393) 2026-03-17 2026-03-20
cnvd-2026-14392 OpenClaw目录遍历漏洞(CNVD-2026-14392) 2026-03-17 2026-03-20
cnvd-2026-14391 OpenClaw代码注入漏洞(CNVD-2026-14391) 2026-03-17 2026-03-20
cnvd-2026-14390 OpenClaw访问控制错误漏洞(CNVD-2026-14390) 2026-03-19 2026-03-20
cnvd-2026-14389 OpenClaw信息泄露漏洞(CNVD-2026-14389) 2026-03-19 2026-03-20
cnvd-2026-14388 OpenClaw目录遍历漏洞 2026-03-17 2026-03-20
cnvd-2026-14387 WordPress插件Calculated Fields Form跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14386 WordPress插件Avada Core跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14385 WordPress插件Astra Bulk Edit跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14384 WordPress插件Active Products Tables for WooCommerce跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14383 WordPress插件Aardvark跨站脚本漏洞 2026-03-02 2026-03-20
ID Description Published Updated
bdu:2026-01844 Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… 16.02.2026 16.02.2026
bdu:2026-01843 Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… 16.02.2026 16.02.2026
bdu:2026-01842 Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … 16.02.2026 16.02.2026
bdu:2026-01841 Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… 16.02.2026 16.02.2026
bdu:2026-01840 Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… 16.02.2026 16.02.2026
bdu:2026-01839 Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… 16.02.2026 16.02.2026
bdu:2026-01838 Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… 16.02.2026 16.02.2026
bdu:2026-01837 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01836 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01835 Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… 16.02.2026 16.02.2026
bdu:2026-01834 Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… 16.02.2026 16.02.2026
bdu:2026-01833 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01832 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01831 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01830 Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… 16.02.2026 16.02.2026
bdu:2026-01829 Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… 16.02.2026 16.02.2026
bdu:2026-01828 Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… 16.02.2026 16.02.2026
bdu:2026-01827 Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… 16.02.2026 16.02.2026
bdu:2026-01826 Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… 16.02.2026 16.02.2026
bdu:2026-01825 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01824 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01823 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01822 Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… 16.02.2026 16.02.2026
bdu:2026-01821 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01820 Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … 16.02.2026 16.02.2026
bdu:2026-01819 Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… 16.02.2026 16.02.2026
bdu:2026-01818 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01817 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01816 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01815 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications … 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monter… 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includ… 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2018-003 PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities 2018-03-23T09:43:00.000Z 2025-10-01T08:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2019-015 PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers 2019-08-07T00:00:00.000Z 2025-07-11T07:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2020-002 PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks 2020-02-25T09:07:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-051 PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family 2022-11-15T09:27:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
ID Description Published Updated
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
ID Description Published Updated
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI – devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
ID Description Published Updated
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
ID Description Published Updated
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2018-013 WAGO: 750-8xx Controller Denial of Service 2018-08-17T09:45:00.000Z 2025-09-22T10:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-011 WAGO: Multiple Vulnerabilities in I/O-Check Service 2020-03-09T09:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-009 WAGO: e!Cockpit Two Update Package Vulnerabilities 2020-03-09T09:18:00.000Z 2025-05-22T13:03:10.000Z
vde-2018-010 WAGO: Multiple vulnerabilities in e!DISPLAY products 2018-07-10T09:50:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-036 WAGO: Multiple Vulnerabilities in I/O-Check Service 2021-06-29T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-044 WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX 2021-08-31T07:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-042 WAGO: PLC families 750-88x and 750-352 prone to DoS attack, versions < FW10 (Update A) 2020-10-27T10:28:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-024 Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2025-12-05T11:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0021
10 (4.0)
Critical RCE Vulnerability reported in Windchill windchill
 FlexPLM
 2026-03-23T12:30:40.249187Z 2026-03-23T12:30:40.249187Z
GCVE-1-2026-0020
10 (4.0)
Remote Code Execution Attack Against Eircom D1000 Router Eir
 D1000
 2026-03-11T14:12:00.000Z 2026-03-11T14:23:24.609831Z
GCVE-1-2026-0019
6.4 (4.0)
Improper URL validation in MISP dashboard button widge… misp
 misp
 2026-02-27T14:55:00.000Z 2026-02-27T15:44:29.998063Z
GCVE-1-2026-0018
6.5 (4.0)
Improper access control in MISP user contact form allo… misp
 misp
 2026-02-27T13:25:32.632362Z 2026-02-27T13:25:32.632362Z
GCVE-1-2026-0017
7.2 (4.0)
Improper Neutralization of Raw HTML in MISP modules Ma… misp
 misp-modules
 2026-02-27T13:10:24.641948Z 2026-02-27T13:10:24.641948Z
GCVE-1-2026-0016
7 (4.0)
Server-Side Request Forgery via Event Report Import Fr… misp
 misp
 2026-02-27T10:56:32.745676Z 2026-02-27T10:56:32.745676Z
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDA… fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifi… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Rese… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enum… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet … EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer ha… EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer ne… EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authentication… gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encry… cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model A… cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlle… cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URL… misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)… typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identif… misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was id… misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Du… misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped … misp
 misp
 2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036
8.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability w… misp
 misp
 2025-12-10T13:46:07.170083Z 2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035
8.3 (4.0)
Insufficient sanitization of bundle metadata (availabl… CIRCL
 vulnerability-lookup
 2025-12-08T10:25:00.000Z 2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034
7 (4.0)
Missing CSRF protection on state-changing endpoints in… CIRCL
 vulnerability-lookup
 2025-12-08T10:19:00.000Z 2025-12-08T12:13:24.197294Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectin… Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z