Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-61548 |
9.8 (3.1)
|
SQL Injection is present on the hfInventoryDistFo… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:44:35.115Z |
| CVE-2025-66913 |
9.8 (3.1)
|
JimuReport thru version 2.1.3 is vulnerable to re… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:44:30.895Z |
| CVE-2025-61549 |
6.1 (3.1)
|
Cross-Site Scripting (XSS) is present on the Logi… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:43:41.290Z |
| CVE-2025-61550 |
5.4 (3.1)
|
Cross-Site Scripting (XSS) is present on the ctl0… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:43:11.814Z |
| CVE-2025-56424 |
7.5 (3.1)
|
An issue in Insiders Technologies GmbH e-invoice … |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:41:47.667Z |
| CVE-2025-14025 |
8.5 (3.1)
|
Ansible-automation-platform/aap-gateway: aap-gateway: … |
Red Hat |
Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
2026-01-08T13:44:04.764Z | 2026-01-08T19:40:20.629Z |
| CVE-2025-61246 |
9.8 (3.1)
|
indieka900 online-shopping-system-php 1.0 is vuln… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:37:53.508Z |
| CVE-2019-25231 |
8.5 (4.0)
8.4 (3.1)
|
devolo dLAN Cockpit 4.3.1 Unquoted Service Path Privil… |
devolo AG |
devolo dLAN Cockpit |
2026-01-07T23:09:57.200Z | 2026-01-08T19:26:44.290Z |
| CVE-2019-25259 |
5.1 (4.0)
5.3 (3.1)
|
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Cro… |
Leica Geosystems AG |
Leica Geosystems GR10/GR25/GR30/GR50 GNSS |
2026-01-07T23:09:57.621Z | 2026-01-08T19:26:27.630Z |
| CVE-2019-25268 |
8.6 (4.0)
9.8 (3.1)
|
NREL BEopt 2.8.0 Insecure Library Loading Arbitrary Co… |
NREL |
BEopt |
2026-01-07T23:09:58.121Z | 2026-01-08T19:26:09.416Z |
| CVE-2019-25278 |
9.1 (4.0)
7.5 (3.1)
|
FaceSentry Access Control System 6.4.8 Authentication … |
iWT Ltd. |
FaceSentry Access Control System |
2026-01-07T23:09:59.751Z | 2026-01-08T19:25:51.049Z |
| CVE-2019-25279 |
6.8 (4.0)
8.2 (3.1)
|
FaceSentry Access Control System 6.4.8 Cleartext Passw… |
iWT Ltd. |
FaceSentry Access Control System |
2026-01-07T23:10:00.907Z | 2026-01-08T19:25:30.795Z |
| CVE-2019-25282 |
5.1 (4.0)
9.8 (3.1)
|
V-SOL GPON/EPON OLT Platform V2.03.62R_IPv6 v2.03 Open… |
Guangzhou V |
V-SOL GPON/EPON OLT Platform |
2026-01-07T23:10:02.783Z | 2026-01-08T19:25:13.144Z |
| CVE-2019-25289 |
8.7 (4.0)
8.8 (3.1)
|
INIM Electronics SmartLiving SmartLAN/G/SI <=6.x Remot… |
INIM Electronics s.r.l. |
SmartLiving SmartLAN/G/SI |
2026-01-07T23:10:04.081Z | 2026-01-08T19:24:50.385Z |
| CVE-2019-25290 |
6.9 (4.0)
5.3 (3.1)
|
INIM Electronics Smartliving SmartLAN/G/SI <=6.x Unaut… |
INIM Electronics s.r.l. |
Smartliving SmartLAN/G/SI |
2026-01-07T23:10:04.541Z | 2026-01-08T19:24:33.517Z |
| CVE-2025-66916 |
N/A
|
The snailjob component in RuoYi-Vue-Plus versions… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:24:21.094Z |
| CVE-2019-25291 |
9.3 (4.0)
7.5 (3.1)
|
INIM Electronics Smartliving SmartLAN/G/SI <=6.x Hard-… |
INIM Electronics s.r.l. |
Smartliving SmartLAN/G/SI |
2026-01-07T23:10:05.042Z | 2026-01-08T19:24:13.174Z |
| CVE-2026-21694 |
6.8 (3.1)
|
Titra APIs have Improper Access Control |
kromitgmbh |
titra |
2026-01-07T23:10:48.362Z | 2026-01-08T19:23:48.439Z |
| CVE-2026-21859 |
5.8 (3.1)
|
Mailpit Proxy Endpoint is Vulnerable to Server-Side Re… |
axllent |
mailpit |
2026-01-07T23:24:07.869Z | 2026-01-08T19:23:22.033Z |
| CVE-2025-15346 |
9.3 (4.0)
|
wolfSSL Python library `CERT_REQUIRED` mode fails to e… |
wolfSSL |
wolfSSL-py |
2026-01-07T23:32:11.146Z | 2026-01-08T19:22:49.043Z |
| CVE-2026-21505 |
5.5 (3.1)
|
iccDEV has Undefined Behavior (UB) - Invalid Enum Value |
InternationalColorConsortium |
iccDEV |
2026-01-07T17:10:51.496Z | 2026-01-08T19:18:19.744Z |
| CVE-2025-68715 |
N/A
|
An issue was discovered in Panda Wireless PWRU0 d… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:17:55.222Z |
| CVE-2026-21869 |
8.8 (3.1)
|
llama.cpp has Out-of-bounds Write in llama-server |
ggml-org |
llama.cpp |
2026-01-07T23:37:59.886Z | 2026-01-08T19:15:28.709Z |
| CVE-2026-21875 |
9.8 (3.1)
|
ClipBucket v5 Vulnerable to Blind SQL Injection throug… |
MacWarrior |
clipbucket-v5 |
2026-01-07T23:52:18.729Z | 2026-01-08T19:13:03.740Z |
| CVE-2026-21858 |
10 (3.1)
|
n8n Vulnerable to Unauthenticated File Access via Impr… |
n8n-io |
n8n |
2026-01-07T23:57:52.079Z | 2026-01-08T19:09:36.015Z |
| CVE-2026-22035 |
7.8 (3.1)
|
Greenshot Vulnerable to OS Command Injection via Exter… |
greenshot |
greenshot |
2026-01-08T00:10:28.278Z | 2026-01-08T19:08:00.277Z |
| CVE-2026-21868 |
7.5 (3.1)
|
Flag Forge has ReDoS Vulnerability in User Profile Loo… |
FlagForgeCTF |
flagForge |
2026-01-08T00:26:46.668Z | 2026-01-08T19:06:16.315Z |
| CVE-2025-65518 |
7.5 (3.1)
|
Plesk Obsidian versions 8.0.1 through 18.0.73 are… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:05:27.934Z |
| CVE-2025-13151 |
7.5 (3.1)
|
CVE-2025-13151 |
GnuTLS |
libtasn1 |
2026-01-07T21:14:05.223Z | 2026-01-08T19:04:52.928Z |
| CVE-2025-67325 |
9.8 (3.1)
|
Unrestricted file upload in the hotel review feat… |
n/a |
n/a |
2026-01-08T00:00:00.000Z | 2026-01-08T19:00:01.475Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-23554 |
5.7 (3.1)
|
HCL BigFix Platform is susceptible to Cross-Site Reque… |
HCL Software |
BigFix Platform |
2024-05-17T23:31:39.585Z | 2024-08-01T23:06:25.219Z |
| CVE-2024-23583 |
6.7 (3.1)
|
HCL BigFix Platform is susceptible to insufficiently p… |
HCL Software |
BigFix Platform |
2024-05-17T23:06:36.167Z | 2024-08-01T23:06:25.252Z |
| CVE-2024-34670 |
4 (3.1)
|
Use of implicit intent for sensitive communicatio… |
Samsung Mobile |
Sound Assistant |
2024-10-08T06:30:52.541Z | 2024-10-08T13:27:19.140Z |
| CVE-2024-34672 |
5.5 (3.1)
|
Improper input validation in SamsungVideoPlayer p… |
Samsung Mobile |
SamsungVideoPlayer |
2024-10-08T06:30:54.940Z | 2024-10-08T13:25:40.797Z |
| CVE-2024-30124 |
4 (3.1)
|
HCL Sametime is impacted by insecure services |
HCL Software |
Sametime |
2024-10-23T15:17:24.303Z | 2024-10-29T14:36:33.446Z |
| CVE-2025-6732 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G API setSysAdm strcpy buffer overflow |
UTT |
HiPER 840G |
2025-06-26T21:31:12.543Z | 2025-06-27T13:56:24.208Z |
| CVE-2025-6733 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G API formConfigDnsFilterGlobal sub_41692… |
UTT |
HiPER 840G |
2025-06-26T22:31:05.529Z | 2025-06-27T14:02:18.205Z |
| CVE-2025-6734 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G API formP2PLimitConfig sub_484E40 buffe… |
UTT |
HiPER 840G |
2025-06-26T23:00:13.348Z | 2025-06-27T14:07:51.343Z |
| CVE-2025-7117 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G websWhiteList buffer overflow |
UTT |
HiPER 840G |
2025-07-07T07:02:05.623Z | 2025-07-07T16:10:07.178Z |
| CVE-2025-7118 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G formPictureUrl buffer overflow |
UTT |
HiPER 840G |
2025-07-07T07:32:05.386Z | 2025-07-07T16:02:11.010Z |
| CVE-2025-7570 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G aspRemoteApConfTempSend buffer overflow |
UTT |
HiPER 840G |
2025-07-14T04:02:05.003Z | 2025-07-14T13:42:03.821Z |
| CVE-2025-7571 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G aspApBasicConfigUrcp buffer overflow |
UTT |
HiPER 840G |
2025-07-14T04:14:05.759Z | 2025-07-14T13:27:11.348Z |
| CVE-2025-8065 |
7.1 (4.0)
|
Buffer Overflow in ONVIF XML Parser on Tapo C200 |
TP-Link Systems Inc. |
Tapo C200 V3 |
2025-12-20T00:41:56.823Z | 2025-12-22T16:07:49.424Z |
| CVE-2025-14300 |
8.7 (4.0)
|
Unauthenticated Access to connectAP API Endpoint on Ta… |
TP-Link Systems Inc. |
Tapo C200 V3 |
2025-12-20T00:43:39.476Z | 2025-12-22T16:12:08.247Z |
| CVE-2025-14299 |
7.1 (4.0)
|
Improper Content-Length Validation in HTTPS Requests o… |
TP-Link Systems Inc. |
Tapo C200 V3 |
2025-12-20T00:42:43.806Z | 2025-12-22T16:08:54.736Z |
| CVE-2025-10756 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G getOneApConfTempEntry buffer overflow |
UTT |
HiPER 840G |
2025-09-20T22:32:06.326Z | 2025-09-22T14:44:12.469Z |
| CVE-2025-11305 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT HiPER 840G formTaskEdit strcpy buffer overflow |
UTT |
HiPER 840G |
2025-10-05T21:32:07.072Z | 2025-10-06T16:09:39.632Z |
| CVE-2025-20760 |
7.5 (3.1)
|
In Modem, there is a possible read of uninitializ… |
MediaTek, Inc. |
MT2735, MT2737, MT6833, MT6835, MT6853, MT6855, MT6873, MT6875, MT6877, MT6878, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6896, MT6897, MT6899, MT6980, MT6983, MT6985, MT6986, MT6989, MT6990, MT6991, MT6993, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 |
2026-01-06T01:46:38.274Z | 2026-01-06T18:59:18.054Z |
| CVE-2025-20761 |
7.5 (3.1)
|
In Modem, there is a possible system crash due to… |
MediaTek, Inc. |
MT2735, MT2737, MT6833, MT6833P, MT6835, MT6835T, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6879, MT6880, MT6883, MT6885, MT6886, MT6889, MT6890, MT6891, MT6893, MT6895, MT6895TT, MT6896, MT6897, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893 |
2026-01-06T01:46:36.559Z | 2026-01-06T18:59:26.813Z |
| CVE-2025-20762 |
7.5 (3.1)
|
In Modem, there is a possible system crash due to… |
MediaTek, Inc. |
MT6835, MT6835T, MT6878, MT6878M, MT6897, MT6899, MT6991, MT8676, MT8678, MT8755, MT8792, MT8793, MT8863, MT8873, MT8883 |
2026-01-06T01:46:34.913Z | 2026-01-06T18:59:35.854Z |
| CVE-2025-20778 |
7.8 (3.1)
|
In display, there is a possible out of bounds wri… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:46:52.433Z | 2026-01-07T04:55:59.686Z |
| CVE-2025-20779 |
7 (3.1)
|
In display, there is a possible use after free du… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:46:54.136Z | 2026-01-07T04:56:01.100Z |
| CVE-2025-20780 |
7.8 (3.1)
|
In display, there is a possible memory corruption… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:46:55.851Z | 2026-01-07T04:56:03.060Z |
| CVE-2025-20781 |
7.8 (3.1)
|
In display, there is a possible memory corruption… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:46:57.545Z | 2026-01-07T04:56:04.660Z |
| CVE-2025-20782 |
6.7 (3.1)
|
In display, there is a possible out of bounds wri… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:46:59.663Z | 2026-01-07T04:55:35.318Z |
| CVE-2025-20783 |
6.7 (3.1)
|
In display, there is a possible out of bounds wri… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:47:01.550Z | 2026-01-07T04:55:33.482Z |
| CVE-2025-20784 |
6.7 (3.1)
|
In display, there is a possible memory corruption… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:47:03.436Z | 2026-01-07T04:55:31.529Z |
| CVE-2025-20785 |
6.7 (3.1)
|
In display, there is a possible memory corruption… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:47:05.514Z | 2026-01-07T04:55:29.523Z |
| CVE-2025-20786 |
6.7 (3.1)
|
In display, there is a possible memory corruption… |
MediaTek, Inc. |
MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8186, MT8188, MT8196, MT8667, MT8673, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8791T, MT8792, MT8793, MT8795T, MT8796, MT8798, MT8873, MT8883 |
2026-01-06T01:47:07.490Z | 2026-01-07T04:55:27.924Z |
| CVE-2025-20787 |
6.7 (3.1)
|
In display, there is a possible memory corruption… |
MediaTek, Inc. |
MT2718, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6897, MT6899, MT6983, MT6985, MT6989, MT6991, MT8196, MT8676, MT8678, MT8796 |
2026-01-06T01:47:09.208Z | 2026-01-07T04:55:25.901Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2024-29882 | SRS is a simple, high-efficiency, real-time video server. SRS's `/api/v1/vhosts/vid-<id>?callback=<… | 2024-03-28T14:15:14.337 | 2026-01-08T18:55:16.647 |
| fkie_cve-2024-29898 | CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. An oversight during t… | 2024-03-28T14:15:14.783 | 2026-01-08T18:53:33.980 |
| fkie_cve-2023-45706 | An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Mid… | 2024-03-28T15:15:45.797 | 2026-01-08T18:47:06.017 |
| fkie_cve-2023-45715 | The console may experience a service interruption when processing file names with invalid characters. | 2024-03-28T15:15:45.983 | 2026-01-08T18:43:55.323 |
| fkie_cve-2025-13204 | npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express ev… | 2025-11-14T17:16:01.603 | 2026-01-08T18:28:13.923 |
| fkie_cve-2025-14727 | A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation… | 2025-12-17T16:16:05.047 | 2026-01-08T18:24:50.703 |
| fkie_cve-2026-22587 | Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated atta… | 2026-01-08T18:16:00.807 | 2026-01-08T18:16:00.807 |
| fkie_cve-2026-22235 | OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' e… | 2026-01-08T18:16:00.523 | 2026-01-08T18:16:00.523 |
| fkie_cve-2026-22234 | OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the 'A… | 2026-01-08T18:16:00.380 | 2026-01-08T18:16:00.380 |
| fkie_cve-2026-22233 | OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the "Estimat… | 2026-01-08T18:16:00.220 | 2026-01-08T18:16:00.220 |
| fkie_cve-2026-22232 | OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" fie… | 2026-01-08T18:16:00.063 | 2026-01-08T18:16:00.063 |
| fkie_cve-2026-22231 | OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Docu… | 2026-01-08T18:15:59.910 | 2026-01-08T18:15:59.910 |
| fkie_cve-2026-22230 | OPEXUS eCASE Audit allows an authenticated attacker to modify client-side JavaScript or craft HTTP … | 2026-01-08T18:15:59.750 | 2026-01-08T18:15:59.750 |
| fkie_cve-2026-21896 | Kirby is an open-source content management system. From versions 5.0.0 to 5.2.1, Kirby is missing p… | 2026-01-08T18:15:59.593 | 2026-01-08T18:15:59.593 |
| fkie_cve-2026-21881 | Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below is… | 2026-01-08T02:15:53.803 | 2026-01-08T18:15:59.500 |
| fkie_cve-2026-21639 | A malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airM… | 2026-01-08T17:15:50.483 | 2026-01-08T18:15:59.360 |
| fkie_cve-2025-68867 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T10:15:53.427 | 2026-01-08T18:15:59.203 |
| fkie_cve-2025-68158 | Authlib is a Python library which builds OAuth and OpenID Connect servers. In version 1.6.5 and pri… | 2026-01-08T18:15:59.060 | 2026-01-08T18:15:59.060 |
| fkie_cve-2025-67825 | An issue was discovered in Nitro PDF Pro for Windows before 14.42.0.34. In certain cases, it displa… | 2026-01-08T18:15:58.957 | 2026-01-08T18:15:58.957 |
| fkie_cve-2025-67288 | An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary… | 2025-12-22T19:15:49.710 | 2026-01-08T18:15:58.790 |
| fkie_cve-2025-59470 | This vulnerability allows a Backup Operator to perform remote code execution (RCE) as the postgres … | 2026-01-08T17:15:48.290 | 2026-01-08T18:15:58.683 |
| fkie_cve-2025-59469 | This vulnerability allows a Backup or Tape Operator to write files as root. | 2026-01-08T17:15:48.183 | 2026-01-08T18:15:58.570 |
| fkie_cve-2025-55125 | This vulnerability allows a Backup or Tape Operator to perform remote code execution (RCE) as root … | 2026-01-08T17:15:47.730 | 2026-01-08T18:15:58.450 |
| fkie_cve-2026-21635 | An Improper Access Control could allow a malicious actor in Wi-Fi range to the EV Station Lite (v1.… | 2026-01-05T17:15:47.350 | 2026-01-08T18:09:49.800 |
| fkie_cve-2026-21634 | A malicious actor with access to the adjacent network could overflow the UniFi Protect Application … | 2026-01-05T17:15:47.243 | 2026-01-08T18:09:49.800 |
| fkie_cve-2026-21633 | A malicious actor with access to the adjacent network could obtain unauthorized access to a UniFi P… | 2026-01-05T17:15:47.133 | 2026-01-08T18:09:49.800 |
| fkie_cve-2026-21484 | AnythingLLM is an application that turns pieces of content into context that any LLM can use as ref… | 2026-01-03T02:15:41.553 | 2026-01-08T18:09:49.800 |
| fkie_cve-2026-21483 | listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to version 6.0.0,… | 2026-01-02T21:16:03.217 | 2026-01-08T18:09:49.800 |
| fkie_cve-2026-21452 | MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exi… | 2026-01-02T21:16:03.067 | 2026-01-08T18:09:49.800 |
| fkie_cve-2026-21451 | Bagisto is an open source laravel eCommerce platform. A stored Cross-Site Scripting (XSS) vulnerabi… | 2026-01-02T21:16:02.930 | 2026-01-08T18:09:49.800 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-87hc-h4r5-73f7 |
6.3 (4.0)
|
Werkzeug safe_join() allows Windows special device names with compound extensions | 2026-01-08T19:51:21Z | 2026-01-08T19:51:21Z |
| ghsa-xgp7-wwhw-7q3c |
5.5 (3.1)
4.8 (4.0)
|
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment in the "Estimat… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:51Z |
| ghsa-f5vm-3c88-r99x |
7.5 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:51Z |
| ghsa-xp5p-5cr9-v76h |
|
Cross-Site Scripting (XSS) is present on the LoginID parameter on the /PSP/app/web/reg/reg_display.… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-xgf4-g8fr-fcv9 |
4.3 (3.1)
|
Authorization Bypass Through User-Controlled Key vulnerability in Wptexture Image Slider Slideshow … | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-x8xj-f5m5-qr25 |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-wf77-qcj8-w36g |
5.4 (3.1)
|
Missing Authorization vulnerability in niklaslindemann Bulk Landing Page Creator for WordPress LPag… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-w644-m557-r6g2 |
5.4 (3.1)
|
Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress allo… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-vj27-g5qj-m2px |
|
indieka900 online-shopping-system-php 1.0 is vulnerable to SQL Injection in master/review_action.ph… | 2026-01-08T18:30:49Z | 2026-01-08T18:30:50Z |
| ghsa-v7w8-9cgx-wgv4 |
7.5 (3.1)
8.7 (4.0)
|
OPEXUS eComplaint before version 9.0.45.0 allows an attacker to visit the the 'DocumentOpen.aspx' e… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-rw5g-57c7-74m2 |
9.8 (3.1)
9.3 (4.0)
|
OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the 'A… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-r83q-64h3-fghq |
6.5 (3.1)
|
Missing Authorization vulnerability in Munir Kamal Block Slider allows Exploiting Incorrectly Confi… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-r4j5-j8m6-jr6p |
|
An issue was discovered in Nitro PDF Pro for Windows before 14.42.0.34. In certain cases, it displa… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-p898-wg6q-9r89 |
|
Cross-Site Scripting (XSS) is present on the ctl00_Content01_fieldValue parameters on the /psp/appN… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-mj74-6q5x-phrf |
5.5 (3.1)
4.8 (4.0)
|
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript in the "A or SIC Number" fie… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-mc6v-g8qv-fwmp |
7.6 (3.1)
7.2 (4.0)
|
OPEXUS eCASE Audit allows an authenticated attacker to modify client-side JavaScript or craft HTTP … | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-m92x-4jg5-v4px |
8.8 (3.1)
|
A malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airM… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-fqvg-3mcf-p6g9 |
5.3 (3.1)
|
Missing Authorization vulnerability in IdeaBox Creations Dashboard Welcome for Beaver Builder allow… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-9vw7-2gjw-jc6x |
5.4 (3.1)
|
A malicious actor in Wi-Fi range of the affected product could leverage a vulnerability in the airM… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-9rqg-238c-x4mh |
4.3 (3.1)
|
Missing Authorization vulnerability in Nawawi Jamili Docket Cache allows Exploiting Incorrectly Con… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-8mm8-wv67-v583 |
4.3 (3.1)
|
Missing Authorization vulnerability in baqend Speed Kit allows Exploiting Incorrectly Configured Ac… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-859g-62gq-28q4 |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-7cgr-2c4h-cvgf |
5.5 (3.1)
4.8 (4.0)
|
OPEXUS eCASE Audit allows an authenticated attacker to save JavaScript as a comment within the Docu… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-79p6-j87f-jqp9 |
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-65cr-c32f-9764 |
5.3 (3.1)
|
Missing Authorization vulnerability in Hakob Re Gallery & Responsive Photo Gallery Plugin allows Ex… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-466m-2qm3-2495 |
5.5 (3.1)
4.8 (4.0)
|
Ideagen DevonWay contains a stored cross site scripting vulnerability. A remote, authenticated atta… | 2026-01-08T18:30:50Z | 2026-01-08T18:30:50Z |
| ghsa-xjhh-pfph-2w9v |
6.1 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T12:30:31Z | 2026-01-08T18:30:49Z |
| ghsa-x2cc-cqcm-pm2j |
6.5 (3.1)
|
An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6… | 2026-01-08T18:30:49Z | 2026-01-08T18:30:49Z |
| ghsa-wxm8-fmqv-9x7q |
8.1 (3.1)
|
A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4.6.8. The vuln… | 2026-01-08T18:30:49Z | 2026-01-08T18:30:49Z |
| ghsa-v5cj-mgwg-2f9f |
5.4 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-01-08T12:30:31Z | 2026-01-08T18:30:49Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-85 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-01-08T19:23:31.725246Z |
| pysec-2024-84 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-01-08T19:23:31.557526Z |
| pysec-2024-83 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2026-01-08T19:23:31.393745Z |
| pysec-2024-82 |
8.8 (3.1)
|
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2026-01-08T19:23:31.224746Z |
| pysec-2023-278 |
5.3 (3.1)
|
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2026-01-08T19:23:31.032367Z |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2020-220 |
|
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2025-72 |
|
The `num2words` project was compromised via a phishing attack and two new versions were u… | num2words | 2025-07-31T14:34:47+00:00 | |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2024-259 |
9.8 (3.1)
|
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-258 |
|
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… | scrapy | 2024-05-20T08:15:08+00:00 | 2025-07-15T17:37:50.051730+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-66 |
|
Improper privilege management in a REST interface allowed registered users to access unau… | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-63 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-62 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2024-257 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-03-22T23:15:07+00:00 | 2025-06-30T15:23:50.085549+00:00 |
| pysec-2025-58 |
8.8 (3.1)
|
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… | vllm | 2025-01-27T18:15:41+00:00 | 2025-06-27T21:22:36.583615+00:00 |
| pysec-2025-57 |
|
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| pysec-2025-56 |
4.3 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2024-256 |
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-12-03T16:15:24+00:00 | 2025-06-27T17:22:53.325430+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33903 | In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… | 2024-04-29T05:02:07.295775Z |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.486429Z |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.525896Z |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.290639Z |
| gsd-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… | 2024-04-29T05:02:07.400574Z |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287632Z |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.283756Z |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.313250Z |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.493081Z |
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.488420Z |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.381761Z |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.378170Z |
| gsd-2024-33891 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… | 2024-04-29T05:02:07.412035Z |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.344384Z |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.392587Z |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.468423Z |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.503613Z |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287167Z |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.441746Z |
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.534455Z |
| gsd-2024-33883 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… | 2024-04-29T05:02:07.271727Z |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.716348Z |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.603637Z |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.678292Z |
| gsd-2024-4300 | E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… | 2024-04-29T05:02:05.715239Z |
| gsd-2024-4299 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… | 2024-04-29T05:02:05.606402Z |
| gsd-2024-4298 | The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… | 2024-04-29T05:02:05.598531Z |
| gsd-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… | 2024-04-29T05:02:05.700888Z |
| gsd-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… | 2024-04-29T05:02:05.621428Z |
| gsd-2024-33882 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.803998Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-168 | Malicious code in @zuora-marketing/linting (npm) | 2026-01-08T15:40:55Z | 2026-01-08T18:47:03Z |
| mal-2026-163 | Malicious code in do-not-install-this-package-002 (PyPI) | 2026-01-08T13:35:59Z | 2026-01-08T18:11:09Z |
| mal-2026-164 | Malicious code in @kyriba/data-frontend (npm) | 2026-01-08T14:35:48Z | 2026-01-08T15:10:45Z |
| mal-2026-167 | Malicious code in icon-service (npm) | 2026-01-08T14:55:56Z | 2026-01-08T14:55:56Z |
| mal-2026-165 | Malicious code in @kyriba/mf-kit (npm) | 2026-01-08T14:55:40Z | 2026-01-08T14:55:40Z |
| mal-2026-166 | Malicious code in @kyriba/ui-workspace (npm) | 2026-01-08T14:47:39Z | 2026-01-08T14:47:39Z |
| mal-2026-162 | Malicious code in btcli-security (PyPI) | 2026-01-08T10:55:10Z | 2026-01-08T10:55:10Z |
| mal-2026-95 | Malicious code in x-clients-features (npm) | 2026-01-06T13:32:59Z | 2026-01-08T09:13:18Z |
| mal-2026-83 | Malicious code in wikibuy-mobile-analytics (npm) | 2026-01-06T12:58:52Z | 2026-01-08T09:13:18Z |
| mal-2026-82 | Malicious code in wikibuy-mobile (npm) | 2026-01-06T12:58:52Z | 2026-01-08T09:13:18Z |
| mal-2026-81 | Malicious code in upgrade-mobile (npm) | 2026-01-06T12:58:52Z | 2026-01-08T09:13:18Z |
| mal-2026-47 | Malicious code in tiny-model-update (npm) | 2026-01-05T03:15:19Z | 2026-01-08T09:13:18Z |
| mal-2026-158 | Malicious code in timeout-ts (npm) | 2026-01-08T04:54:18Z | 2026-01-08T09:13:18Z |
| mal-2026-157 | Malicious code in test-thegenetic-module (npm) | 2026-01-08T04:58:19Z | 2026-01-08T09:13:18Z |
| mal-2026-152 | Malicious code in week-4-node-modularization (npm) | 2026-01-08T01:01:08Z | 2026-01-08T09:13:18Z |
| mal-2026-124 | Malicious code in wwwt (npm) | 2026-01-07T06:49:55Z | 2026-01-08T09:13:18Z |
| mal-2026-123 | Malicious code in wifzap (npm) | 2026-01-07T06:49:55Z | 2026-01-08T09:13:18Z |
| mal-2026-122 | Malicious code in vjri (npm) | 2026-01-07T06:49:55Z | 2026-01-08T09:13:18Z |
| mal-2026-106 | Malicious code in transform-decorators-legacy (npm) | 2026-01-07T05:38:18Z | 2026-01-08T09:13:18Z |
| mal-2026-94 | Malicious code in shopify-perf-kit (npm) | 2026-01-06T13:29:42Z | 2026-01-08T09:13:17Z |
| mal-2026-80 | Malicious code in smartspacestoreapp (npm) | 2026-01-06T12:58:52Z | 2026-01-08T09:13:17Z |
| mal-2026-79 | Malicious code in seanp-test-package-do-not-use2 (npm) | 2026-01-06T12:58:52Z | 2026-01-08T09:13:17Z |
| mal-2026-78 | Malicious code in react-native-kyc (npm) | 2026-01-06T12:58:52Z | 2026-01-08T09:13:17Z |
| mal-2026-71 | Malicious code in redis-request-parser (npm) | 2026-01-06T04:45:27Z | 2026-01-08T09:13:17Z |
| mal-2026-67 | Malicious code in redis-cookie-parser (npm) | 2026-01-06T02:34:56Z | 2026-01-08T09:13:17Z |
| mal-2026-66 | Malicious code in redis-cookie-js (npm) | 2026-01-06T02:34:56Z | 2026-01-08T09:13:17Z |
| mal-2026-57 | Malicious code in react-transition-group-legacy (npm) | 2026-01-05T21:25:51Z | 2026-01-08T09:13:17Z |
| mal-2026-48 | Malicious code in shop-state (npm) | 2026-01-05T07:50:44Z | 2026-01-08T09:13:17Z |
| mal-2026-43 | Malicious code in published_at (npm) | 2026-01-05T02:51:10Z | 2026-01-08T09:13:17Z |
| mal-2026-41 | Malicious code in spire.officejs-document (npm) | 2026-01-05T00:56:20Z | 2026-01-08T09:13:17Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-0037 | GitLab CE und EE: Mehrere Schwachstellen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0036 | OpenLDAP: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0035 | MediaWiki Erweiterungen: Mehrere Schwachstellen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0034 | Keycloak: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0030 | cURL: Mehrere Schwachstellen | 2026-01-06T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0026 | HCL BigFix: Mehrere Schwachstellen | 2026-01-06T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0020 | Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2026-01-06T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2916 | Net-SNMP: Schwachstelle ermöglicht Codeausführung und DoS | 2025-12-23T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2897 | Apache log4j: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-18T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2867 | HPE OneView: Schwachstelle ermöglicht Codeausführung | 2025-12-16T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2798 | Red Hat OpenShift Service Mesh: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2759 | IBM WebSphere Application Server: Schwachstelle ermöglicht Cross-Site Scripting | 2025-12-08T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2750 | Apache HTTP Server: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2747 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-04T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2741 | cPython: Schwachstelle ermöglicht Denial of Service | 2025-12-03T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2737 | libpng: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2025-12-03T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2694 | MariaDB: Schwachstelle ermöglicht Codeausführung | 2025-11-27T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2663 | libpng: Mehrere Schwachstellen | 2025-11-23T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2600 | PostgreSQL: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-11-13T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2449 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-10-29T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2420 | Apache Tomcat: Mehrere Schwachstellen | 2025-10-27T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2386 | Unbound: Schwachstelle ermöglicht Manipulation von Dateien | 2025-10-22T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2298 | Linux Kernel: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2227 | Golang Go: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2170 | Linux Kernel: Mehrere Schwachstellen | 2025-09-30T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2129 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-09-24T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2107 | Linux Kernel: Mehrere Schwachstellen | 2025-09-22T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2099 | Linux Kernel: Mehrere Schwachstellen | 2025-09-21T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2077 | Linux Kernel: Mehrere Schwachstellen | 2025-09-16T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2040 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-11T22:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0002 | Kwetsbaarheid verholpen in n8n | 2026-01-08T12:34:29.315681Z | 2026-01-08T12:34:29.315681Z |
| ncsc-2026-0001 | Kwetsbaarheden verholpen in Hanwha camera systemen | 2026-01-08T12:28:21.446188Z | 2026-01-08T12:28:21.446188Z |
| ncsc-2025-0405 | Kwetsbaarheid verholpen in Roundcube Webmail | 2025-12-31T14:29:26.821576Z | 2025-12-31T14:29:26.821576Z |
| ncsc-2025-0404 | Kwetsbaarheid verholpen in SmarterMail | 2025-12-31T14:19:01.847364Z | 2025-12-31T14:19:01.847364Z |
| ncsc-2025-0403 | Kwetsbaarheden verholpen in QNAP besturingssystemen | 2025-12-29T09:17:28.385450Z | 2025-12-29T09:17:28.385450Z |
| ncsc-2025-0402 | Kwetsbaarheid verholpen in MongoDB | 2025-12-27T11:38:11.514349Z | 2025-12-27T11:38:11.514349Z |
| ncsc-2025-0399 | Kwetsbaarheid verholpen in HPE OneView Software | 2025-12-18T18:38:20.794784Z | 2025-12-24T11:29:46.123674Z |
| ncsc-2025-0401 | Kwetsbaarheden verholpen in Foxit PDF Reader | 2025-12-24T09:14:56.590353Z | 2025-12-24T09:14:56.590353Z |
| ncsc-2025-0400 | Kwetsbaarheid verholpen in WatchGuard Firebox | 2025-12-19T11:16:01.438518Z | 2025-12-19T11:16:01.438518Z |
| ncsc-2025-0398 | Kwetsbaarheid in Cisco AsyncOS | 2025-12-17T19:47:00.346651Z | 2025-12-17T19:47:00.346651Z |
| ncsc-2025-0386 | Kwetsbaarheden verholpen in Fortinet producten | 2025-12-10T09:51:34.918202Z | 2025-12-16T10:33:05.061241Z |
| ncsc-2025-0397 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2025-12-15T09:08:39.804149Z | 2025-12-15T09:08:39.804149Z |
| ncsc-2025-0396 | Kwetsbaarheden verholpen in Apple macOS | 2025-12-15T09:06:36.450655Z | 2025-12-15T09:06:36.450655Z |
| ncsc-2025-0394 | Kwetsbaarheden verholpen in React Server Components | 2025-12-12T09:04:19.324080Z | 2025-12-12T10:46:34.688189Z |
| ncsc-2025-0395 | Kwetsbaarheden verholpen in SAP Software | 2025-12-12T09:29:08.429888Z | 2025-12-12T09:29:08.429888Z |
| ncsc-2025-0393 | Kwetsbaarheid verholpen in GeoServer | 2025-12-12T08:12:18.831044Z | 2025-12-12T09:02:27.681292Z |
| ncsc-2025-0392 | Kwetsbaarheid verholpen in Barracuda Service Center | 2025-12-11T13:53:23.819008Z | 2025-12-11T13:53:23.819008Z |
| ncsc-2025-0391 | Kwetsbaarheden verholpen in Ivanti Endpoint Manager | 2025-12-11T13:51:55.178462Z | 2025-12-11T13:51:55.178462Z |
| ncsc-2025-0390 | Kwetsbaarheden verholpen in GitLab CE/EE | 2025-12-11T09:22:54.841848Z | 2025-12-11T09:22:54.841848Z |
| ncsc-2025-0389 | Kwetsbaarheden verholpen in Adobe Experience Manager | 2025-12-10T14:59:57.911864Z | 2025-12-10T14:59:57.911864Z |
| ncsc-2025-0388 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2025-12-10T13:35:58.314547Z | 2025-12-10T13:35:58.314547Z |
| ncsc-2025-0387 | Kwetsbaarheden verholpen in Adobe ColdFusion | 2025-12-10T13:34:08.908897Z | 2025-12-10T13:34:08.908897Z |
| ncsc-2025-0385 | Kwetsbaarheden verholpen in Microsoft Exchange | 2025-12-09T18:42:32.332749Z | 2025-12-09T18:42:32.332749Z |
| ncsc-2025-0384 | Kwetsbaarheden verholpen in Microsoft Office | 2025-12-09T18:40:33.839342Z | 2025-12-09T18:40:33.839342Z |
| ncsc-2025-0383 | Kwetsbaarheden verholpen in Microsoft Windows | 2025-12-09T18:39:18.152251Z | 2025-12-09T18:39:18.152251Z |
| ncsc-2025-0382 | Kwetsbaarheden verholpen in Siemens producten | 2025-12-09T13:15:05.391966Z | 2025-12-09T13:15:05.391966Z |
| ncsc-2025-0381 | Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform | 2025-12-08T08:23:21.965599Z | 2025-12-08T08:23:21.965599Z |
| ncsc-2025-0380 | Kwetsbaarheden verholpen in React Server Components | 2025-12-03T20:11:57.728117Z | 2025-12-05T12:13:36.590522Z |
| ncsc-2025-0379 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 2025-12-02T13:25:17.745981Z | 2025-12-02T13:25:17.745981Z |
| ncsc-2025-0378 | Kwetsbaarheden verholpen in Mattermost | 2025-11-28T09:53:42.334621Z | 2025-11-28T09:53:42.334621Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-800126 | SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20 | 2024-12-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-723487 | SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products | 2024-07-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-693808 | SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-673996 | SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products | 2024-09-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-493396 | SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-416652 | SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-408105 | SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products | 2022-12-13T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-392859 | SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20 | 2024-12-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-202008 | SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-864900 | SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-794185 | SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-770770 | SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:9584 | Red Hat Security Advisory: kernel security update | 2025-06-25T00:46:30+00:00 | 2026-01-08T17:01:38+00:00 |
| rhsa-2025:9348 | Red Hat Security Advisory: kernel security update | 2025-06-23T07:46:57+00:00 | 2026-01-08T17:01:38+00:00 |
| rhsa-2025:9302 | Red Hat Security Advisory: kernel security update | 2025-06-23T01:11:47+00:00 | 2026-01-08T17:01:37+00:00 |
| rhsa-2025:7043 | Red Hat Security Advisory: microcode_ctl security update | 2025-05-13T08:49:17+00:00 | 2026-01-08T17:01:36+00:00 |
| rhsa-2025:6966 | Red Hat Security Advisory: kernel security update | 2025-05-13T08:28:50+00:00 | 2026-01-08T17:01:30+00:00 |
| rhsa-2025:22854 | Red Hat Security Advisory: kernel security update | 2025-12-09T08:51:05+00:00 | 2026-01-08T17:01:30+00:00 |
| rhsa-2025:2270 | Red Hat Security Advisory: kernel security update | 2025-03-05T02:49:03+00:00 | 2026-01-08T17:01:22+00:00 |
| rhsa-2025:22405 | Red Hat Security Advisory: kernel security update | 2025-12-01T11:06:22+00:00 | 2026-01-08T17:01:20+00:00 |
| rhsa-2025:20518 | Red Hat Security Advisory: kernel security update | 2025-11-11T09:13:24+00:00 | 2026-01-08T17:01:19+00:00 |
| rhsa-2025:20095 | Red Hat Security Advisory: kernel security update | 2025-11-11T08:21:57+00:00 | 2026-01-08T17:01:19+00:00 |
| rhsa-2025:14748 | Red Hat Security Advisory: kernel security update | 2025-08-27T15:33:14+00:00 | 2026-01-08T17:01:19+00:00 |
| rhsa-2025:14746 | Red Hat Security Advisory: kernel-rt security update | 2025-08-27T11:42:30+00:00 | 2026-01-08T17:01:18+00:00 |
| rhsa-2025:13805 | Red Hat Security Advisory: kernel security update | 2025-08-13T15:29:16+00:00 | 2026-01-08T17:01:16+00:00 |
| rhsa-2025:13776 | Red Hat Security Advisory: kernel security update | 2025-08-13T02:49:20+00:00 | 2026-01-08T17:01:16+00:00 |
| rhsa-2025:1335 | Red Hat Security Advisory: RHUI 4.11 security, bugfix, and enhancement update | 2025-02-12T00:11:35+00:00 | 2026-01-08T17:01:14+00:00 |
| rhsa-2025:13061 | Red Hat Security Advisory: kernel security update | 2025-08-05T18:01:14+00:00 | 2026-01-08T17:01:13+00:00 |
| rhsa-2025:12526 | Red Hat Security Advisory: kernel security update | 2025-08-04T15:19:33+00:00 | 2026-01-08T17:01:13+00:00 |
| rhsa-2025:12525 | Red Hat Security Advisory: kernel-rt security update | 2025-08-04T15:19:38+00:00 | 2026-01-08T17:01:11+00:00 |
| rhsa-2025:11572 | Red Hat Security Advisory: kernel-rt security update | 2025-07-23T00:18:22+00:00 | 2026-01-08T17:01:10+00:00 |
| rhsa-2025:11571 | Red Hat Security Advisory: kernel security update | 2025-07-23T00:28:12+00:00 | 2026-01-08T17:01:08+00:00 |
| rhsa-2025:11299 | Red Hat Security Advisory: kernel-rt security update | 2025-07-16T05:49:58+00:00 | 2026-01-08T17:01:08+00:00 |
| rhsa-2025:11298 | Red Hat Security Advisory: kernel security update | 2025-07-16T06:06:47+00:00 | 2026-01-08T17:00:43+00:00 |
| rhsa-2025:11245 | Red Hat Security Advisory: kernel security update | 2025-07-15T21:19:21+00:00 | 2026-01-08T17:00:38+00:00 |
| rhsa-2025:10701 | Red Hat Security Advisory: kernel security update | 2025-07-09T12:22:33+00:00 | 2026-01-08T17:00:38+00:00 |
| rhsa-2024:8856 | Red Hat Security Advisory: kernel security update | 2024-11-05T01:22:51+00:00 | 2026-01-08T17:00:38+00:00 |
| rhsa-2024:9546 | Red Hat Security Advisory: kernel security update | 2024-11-13T15:59:33+00:00 | 2026-01-08T17:00:37+00:00 |
| rhsa-2024:9315 | Red Hat Security Advisory: kernel security update | 2024-11-12T09:11:05+00:00 | 2026-01-08T17:00:37+00:00 |
| rhsa-2024:9150 | Red Hat Security Advisory: python-jinja2 security update | 2024-11-12T08:45:30+00:00 | 2026-01-08T17:00:35+00:00 |
| rhsa-2024:8870 | Red Hat Security Advisory: kernel-rt security update | 2024-11-05T00:54:55+00:00 | 2026-01-08T17:00:33+00:00 |
| rhsa-2024:8617 | Red Hat Security Advisory: kernel security update | 2024-10-30T01:41:14+00:00 | 2026-01-08T17:00:32+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-26-006-01 | Columbia Weather Systems MicroServer | 2026-01-06T07:00:00.000000Z | 2026-01-06T07:00:00.000000Z |
| icsma-25-364-01 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs | 2025-12-30T07:00:00.000000Z | 2025-12-30T07:00:00.000000Z |
| icsa-25-345-03 | AzeoTech DAQFactory (Update A) | 2025-12-11T07:00:00.000000Z | 2025-12-30T07:00:00.000000Z |
| icsa-25-177-01 | Mitsubishi Electric Air Conditioning Systems (Update B) | 2025-06-26T06:00:00.000000Z | 2025-12-23T07:00:00.000000Z |
| icsa-25-352-02 | Schneider Electric EcoStruxure Foxboro DCS Advisor | 2025-12-09T08:00:00.000000Z | 2025-12-18T18:23:06.311869Z |
| icsa-25-352-05 | Siemens Interniche IP-Stack | 2025-12-09T00:00:00.000000Z | 2025-12-18T18:13:59.515670Z |
| icsa-25-352-08 | Axis Communications Camera Station Pro, Camera Station, and Device Manager | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-07 | Rockwell Automation Micro820, Micro850, Micro870 | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-06 | Advantech WebAccess/SCADA | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-03 | National Instruments LabView | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-01 | Inductive Automation Ignition | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-24-291-03 | Mitsubishi Electric CNC Series (Update C) | 2024-10-17T06:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| va-25-352-01 | BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities | 2025-12-18T00:00:00Z | 2025-12-18T00:00:00Z |
| icsa-25-350-04 | Mitsubishi Electric GT Designer3 | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-03 | Hitachi Energy AFS, AFR and AFF Series | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-02 | Johnson Controls PowerG, IQPanel and IQHub | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-01 | Güralp Systems Fortimus Series, Minimus Series, and Certimus Series | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-308-01 | Fuji Electric Monitouch V-SFT-6 (Update A) | 2025-11-04T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-224-02 | Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 (Update A) | 2025-08-12T06:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| va-25-345-01 | CISA Software Acquisition Guide Supplier Response Web Tool XSS | 2025-12-12T20:27:47Z | 2025-12-12T20:27:47Z |
| icsma-25-345-02 | Varex Imaging Panoramic Dental Imaging Software | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsma-25-345-01 | Grassroots DICOM (GDCM) | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-10 | OpenPLC_V3 | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-02 | Johnson Controls iSTAR Ultra | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-01 | Johnson Controls iSTAR | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| va-25-343-01 | Windscribe for Linux 'changeMTU' local privilege escalation | 2025-12-10T16:46:41Z | 2025-12-10T16:46:41Z |
| icsa-25-343-01 | Universal Boot Loader (U-Boot) | 2025-12-09T07:00:00.000000Z | 2025-12-09T07:00:00.000000Z |
| icsa-25-343-03 | Multiple India-based CCTV Cameras** | 2025-12-09T05:00:00.000000Z | 2025-12-09T05:00:00.000000Z |
| icsa-25-345-09 | Siemens Gridscale X Prepay | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ise-xxe-jwsbsdkt | Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability | 2026-01-07T16:00:00+00:00 | 2026-01-07T16:00:00+00:00 |
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-17T22:37:17+00:00 |
| cisco-sa-sma-attack-n9bf4 | Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager | 2025-12-17T16:00:00+00:00 | 2025-12-17T16:00:00+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-broadworks-xss-o696ymra | Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-10-21T15:13:31+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-snmp-x4lphte | Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-10-06T18:27:02+00:00 |
| cisco-sa-ios-tacacs-hdb7thjw | Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-10-01T16:39:50+00:00 |
| cisco-sa-cv-xss-rwrakaj9 | Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-cucm-stored-xss-fnj66yly | Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-cat9k-ptmd7bgy | Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-30T14:26:46+00:00 |
| cisco-sa-ap-ipv6-gw-tuazpn9o | Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-26T16:35:51+00:00 |
| cisco-sa-webui-xss-vwydgjou | Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-26T16:35:50+00:00 |
| cisco-sa-snmpwred-x3mjyf5m | Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-nbar-dos-lavwtmet | Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-iosxe-arg-inject-eyddbh4e | Cisco IOS XE Software CLI Argument Injection Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| SCA-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| SCA-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| SCA-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| SCA-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| sca-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2023_17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2024_1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2023_12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023_9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-1744 | Out-of-bounds Write in radare2 | 2025-02-02T00:00:00.000Z | 2026-01-08T01:40:54.000Z |
| msrc_cve-2025-68766 | irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() | 2026-01-02T00:00:00.000Z | 2026-01-08T01:40:49.000Z |
| msrc_cve-2025-68753 | ALSA: firewire-motu: add bounds check in put_user loop for DSP events | 2026-01-02T00:00:00.000Z | 2026-01-08T01:40:44.000Z |
| msrc_cve-2025-15284 | arrayLimit bypass in bracket notation allows DoS via memory exhaustion | 2025-12-02T00:00:00.000Z | 2026-01-08T01:40:35.000Z |
| msrc_cve-2025-34468 | libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE | 2025-12-02T00:00:00.000Z | 2026-01-08T01:40:21.000Z |
| msrc_cve-2025-68380 | wifi: ath11k: fix peer HE MCS assignment | 2025-12-02T00:00:00.000Z | 2026-01-08T01:40:16.000Z |
| msrc_cve-2025-68346 | ALSA: dice: fix buffer overflow in detect_stream_formats() | 2025-12-02T00:00:00.000Z | 2026-01-08T01:40:11.000Z |
| msrc_cve-2025-68367 | macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse | 2025-12-02T00:00:00.000Z | 2026-01-08T01:40:06.000Z |
| msrc_cve-2025-68729 | wifi: ath12k: Fix MSDU buffer types handling in RX error path | 2025-12-02T00:00:00.000Z | 2026-01-08T01:40:01.000Z |
| msrc_cve-2025-38425 | i2c: tegra: check msg length in SMBUS block read | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:56.000Z |
| msrc_cve-2025-38476 | rpl: Fix use-after-free in rpl_do_srh_inline(). | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:51.000Z |
| msrc_cve-2025-38437 | ksmbd: fix potential use-after-free in oplock/lease break ack | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:46.000Z |
| msrc_cve-2025-68476 | KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential | 2025-12-02T00:00:00.000Z | 2026-01-08T01:39:41.000Z |
| msrc_cve-2025-38377 | rose: fix dangling neighbour pointers in rose_rt_device_down() | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:34.000Z |
| msrc_cve-2025-38259 | ASoC: codecs: wcd9335: Fix missing free of regulator supplies | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:29.000Z |
| msrc_cve-2025-38257 | s390/pkey: Prevent overflow in size calculation for memdup_user() | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:24.000Z |
| msrc_cve-2025-38230 | jfs: validate AG parameters in dbMount() to prevent crashes | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:19.000Z |
| msrc_cve-2025-68156 | Expr has Denial of Service via Unbounded Recursion in Builtin Functions | 2025-12-02T00:00:00.000Z | 2026-01-08T01:39:14.000Z |
| msrc_cve-2025-38131 | coresight: prevent deactivate active config while enabling the config | 2025-07-02T00:00:00.000Z | 2026-01-08T01:39:09.000Z |
| msrc_cve-2025-68287 | usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths | 2025-12-02T00:00:00.000Z | 2026-01-08T01:39:04.000Z |
| msrc_cve-2025-68290 | most: usb: fix double free on late probe failure | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:59.000Z |
| msrc_cve-2025-68301 | net: atlantic: fix fragment overflow handling in RX path | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:53.000Z |
| msrc_cve-2025-68311 | tty: serial: ip22zilog: Use platform device for probing | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:46.000Z |
| msrc_cve-2025-68303 | platform/x86: intel: punit_ipc: fix memory corruption | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:41.000Z |
| msrc_cve-2025-2296 | Un-verified kernel bypass Secure Boot mechanism in direct boot mode | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:35.000Z |
| msrc_cve-2025-68256 | staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:25.000Z |
| msrc_cve-2025-68266 | bfs: Reconstruct file type when loading from disk | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:20.000Z |
| msrc_cve-2025-68255 | staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing | 2025-12-02T00:00:00.000Z | 2026-01-08T01:38:15.000Z |
| msrc_cve-2025-66293 | LIBPNG has an out-of-bounds read in png_image_read_composite | 2025-12-02T00:00:00.000Z | 2026-01-08T01:37:57.000Z |
| msrc_cve-2025-38644 | wifi: mac80211: reject TDLS operations when station is not associated | 2025-08-02T00:00:00.000Z | 2026-01-08T01:02:42.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 2crt000009 | WebPro SNMP Card PowerValue Multiple Vulnerabilities | 2026-01-07T00:30:00.000Z | 2026-01-07T00:30:00.000Z |
| 9akk108471a8107 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-09-16T00:30:00.000Z | 2025-11-28T08:00:00.000Z |
| 4hzm000603 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) | 2025-11-27T00:30:00.000Z | 2025-11-28T00:30:00.000Z |
| 7paa022088 | Edgenius Management Portal Authentication Bypass | 2025-11-20T00:30:00.000Z | 2025-11-20T00:30:00.000Z |
| 2nga002813 | PCM600 SharpZip library vulnerability | 2025-11-03T00:30:00.000Z | 2025-11-03T00:30:00.000Z |
| 4tz00000006007 | ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations | 2025-10-20T00:30:00.000Z | 2025-10-23T00:30:00.000Z |
| 9akk108471a8948 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-10-20T00:30:00.000Z | 2025-10-21T00:30:00.000Z |
| 3kxg200000r4801 | CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability | 2025-04-16T00:30:00.000Z | 2025-10-20T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| 3adr011432 | AC500 V2 Buffer overread on Modbus protocol | 2025-07-23T00:30:00.000Z | 2025-07-23T00:30:00.000Z |
| 9akk108471a4556 | Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. | 2025-07-21T00:30:00.000Z | 2025-07-21T00:30:00.000Z |
| 2crt000008 | Lite Panel Pro Vulnerability in Session Management | 2025-06-26T00:30:00.000Z | 2025-06-26T00:30:00.000Z |
| 9akk108470a8948 | ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. | 2025-05-29T00:30:00.000Z | 2025-06-05T00:30:00.000Z |
| 9akk108471a1621 | EIBPORT Session Management Fail | 2025-06-02T00:30:00.000Z | 2025-06-04T00:30:00.000Z |
| 9akk108471a0021 | ELSB/BLBA ASPECT advisory several CVEs | 2025-05-22T00:30:00.000Z | 2025-05-23T10:30:00.000Z |
| 2crt000006 | ANC – ABB Network Card Multiple vulnerabilities in ANC | 2025-04-30T00:30:00.000Z | 2025-04-30T00:30:00.000Z |
| 2crt000007 | Ekip Com IEC61850 Vulnerability in 3rd Party Library | 2025-04-29T00:30:00.000Z | 2025-04-29T00:30:00.000Z |
| 9akk108470a9989 | ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities | 2025-04-10T08:30:00.000Z | 2025-04-10T08:30:00.000Z |
| 2nga002579 | ABB Arctic communication solution ARM600 Vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 2nga002427 | ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 9akk108470a9494 | Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| 9akk108470a9491 | ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-202407-2188 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… | 2024-07-23T22:46:32.699000Z |
| var-202406-3119 | Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… | 2024-07-23T22:46:22.685000Z |
| var-202407-1740 | NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… | 2024-07-23T22:46:18.378000Z |
| var-202407-1417 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… | 2024-07-23T22:46:07.784000Z |
| var-202407-1103 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… | 2024-07-23T22:46:01.992000Z |
| var-202407-0957 | WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… | 2024-07-23T22:45:59.391000Z |
| var-202407-0819 | SIMATIC S7-1500 is a modular control system suitable for various automation applications … | 2024-07-23T22:45:56.958000Z |
| var-202407-0818 | NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… | 2024-07-23T22:45:56.946000Z |
| var-202407-0779 | Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … | 2024-07-23T22:45:56.150000Z |
| var-202407-0778 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… | 2024-07-23T22:45:56.131000Z |
| var-202407-0745 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… | 2024-07-23T22:45:55.498000Z |
| var-202305-1479 | D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … | 2024-07-23T22:45:09.335000Z |
| var-202108-1158 | A race condition was addressed with improved locking. This issue is fixed in macOS Monter… | 2024-07-23T22:44:06.976000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… | 2024-07-23T22:43:49.590000Z |
| var-200702-0378 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … | 2024-07-23T22:43:25.614000Z |
| var-201011-0225 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … | 2024-07-23T22:41:43.584000Z |
| var-201112-0297 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… | 2024-07-23T22:41:20.004000Z |
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includ… | 2024-07-23T22:41:18.832000Z |
| var-201803-1810 | A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … | 2024-07-23T22:41:17.171000Z |
| var-201809-0087 | WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… | 2024-07-23T22:41:16.554000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… | 2024-07-23T22:41:04.279000Z |
| var-201702-0423 | An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… | 2024-07-23T22:40:53.160000Z |
| var-202305-1588 | D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… | 2024-07-23T22:40:05.297000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … | 2024-07-23T22:39:32.535000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… | 2024-07-23T22:39:32.874000Z |
| var-201706-0017 | In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… | 2024-07-23T22:38:34.494000Z |
| var-202305-1520 | D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… | 2024-07-23T22:38:26.576000Z |
| var-202407-0490 | A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … | 2024-07-23T22:38:24.768000Z |
| var-201810-0396 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… | 2024-07-23T22:37:44.850000Z |
| var-202001-0833 | A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… | 2024-07-23T22:37:43.471000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000004 | The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries | 2026-01-08T13:47+09:00 | 2026-01-08T13:47+09:00 |
| jvndb-2026-000001 | Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2 | 2026-01-07T14:19+09:00 | 2026-01-07T14:19+09:00 |
| jvndb-2026-000002 | Multiple vulnerabilities in multiple Sharp Display Solutions Projectors | 2026-01-07T14:10+09:00 | 2026-01-07T14:10+09:00 |
| jvndb-2026-001001 | Authentication bypass vulnerability in OpenBlocks series | 2026-01-07T10:46+09:00 | 2026-01-07T10:46+09:00 |
| jvndb-2025-022878 | Media Player MP-01 vulnerable to Missing Authentication for Critical Function | 2025-12-24T11:10+09:00 | 2025-12-24T11:10+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-12-24T10:54+09:00 |
| jvndb-2025-014967 | Multiple vulnerabilities in multiple Keyence products | 2025-10-03T11:19+09:00 | 2025-12-23T14:36+09:00 |
| jvndb-2025-000117 | SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow | 2025-12-16T15:31+09:00 | 2025-12-23T11:57+09:00 |
| jvndb-2025-022400 | Ruijie Networks AP180 Series vulnerable to OS command injection | 2025-12-19T12:33+09:00 | 2025-12-19T12:33+09:00 |
| jvndb-2025-000118 | GROWI vulnerable to cross-site request forgery | 2025-12-17T13:04+09:00 | 2025-12-17T13:04+09:00 |
| jvndb-2025-022062 | Multiple vulnerabilities in CHOCO TEI WATCHER mini | 2025-12-17T11:28+09:00 | 2025-12-17T11:28+09:00 |
| jvndb-2025-000115 | QND vulnerable to privilege escalation | 2025-12-11T14:33+09:00 | 2025-12-11T14:33+09:00 |
| jvndb-2025-000113 | Multiple vulnerabilities in GroupSession | 2025-12-08T17:48+09:00 | 2025-12-11T11:30+09:00 |
| jvndb-2025-000091 | Multiple I-O DATA NAS management applications register Windows services with unquoted file paths | 2025-10-22T15:04+09:00 | 2025-12-10T16:20+09:00 |
| jvndb-2021-000081 | Multiple vulnerabilities in Sharp NEC Display Solutions' public displays | 2021-09-17T15:13+09:00 | 2025-12-10T10:24+09:00 |
| jvndb-2025-021305 | Android App "Brother iPrint&Scan" improper use of an external cache directory | 2025-12-09T17:25+09:00 | 2025-12-09T17:25+09:00 |
| jvndb-2025-000114 | ELECOM Clone for Windows registers a Windows service with an unquoted file path | 2025-12-09T17:16+09:00 | 2025-12-09T17:16+09:00 |
| jvndb-2025-000116 | GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths | 2025-12-08T14:06+09:00 | 2025-12-08T14:06+09:00 |
| jvndb-2025-000094 | Multiple vulnerabilities in ABB Terra AC Wallbox | 2025-12-05T14:12+09:00 | 2025-12-05T14:12+09:00 |
| jvndb-2025-000112 | Installer of INZONE Hub may insecurely load Dynamic Link Libraries | 2025-11-28T13:36+09:00 | 2025-11-28T13:36+09:00 |
| jvndb-2025-000111 | SwitchBot Smart Video Doorbell vulnerable to active debug code | 2025-11-26T14:35+09:00 | 2025-11-26T14:35+09:00 |
| jvndb-2025-000110 | Multiple vulnerabilities in Security Point (Windows) of MaLion | 2025-11-25T17:17+09:00 | 2025-11-25T17:17+09:00 |
| jvndb-2025-000109 | Multiple vulnerabilities in SNC-CX600W | 2025-11-25T14:59+09:00 | 2025-11-25T14:59+09:00 |
| jvndb-2025-000108 | "FOD" App uses hard-coded cryptographic keys | 2025-11-25T14:15+09:00 | 2025-11-25T14:15+09:00 |
| jvndb-2025-000106 | Multiple vulnerabilities in LogStare Collector | 2025-11-21T16:27+09:00 | 2025-11-21T16:27+09:00 |
| jvndb-2025-000107 | Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries | 2025-11-19T16:22+09:00 | 2025-11-19T16:22+09:00 |
| jvndb-2025-000097 | "Dejira" App for iOS vulnerable to improper server certificate verification | 2025-11-17T14:09+09:00 | 2025-11-17T14:09+09:00 |
| jvndb-2025-000105 | NCP-HG100 vulnerable to OS command injection | 2025-11-14T15:26+09:00 | 2025-11-14T15:26+09:00 |
| jvndb-2025-000104 | Multiple vulnerabilities in GNU Libmicrohttpd | 2025-11-10T15:07+09:00 | 2025-11-10T15:07+09:00 |
| jvndb-2025-000103 | Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series" | 2025-11-07T15:39+09:00 | 2025-11-07T15:39+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2025-008 | TS-2025-008 | 2025-11-19T00:00 |
| ts-2025-007 | TS-2025-007 | 2025-11-07T00:00 |
| ts-2025-006 | TS-2025-006 | 2025-10-28T00:00 |
| ts-2025-005 | TS-2025-005 | 2025-08-07T00:00 |
| ts-2025-004 | TS-2025-004 | 2025-05-27T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:0053-1 | Security update for libpcap | 2026-01-07T11:03:52Z | 2026-01-07T11:03:52Z |
| suse-su-2026:0052-1 | Security update for curl | 2026-01-07T09:28:37Z | 2026-01-07T09:28:37Z |
| suse-su-2026:0051-1 | Security update for curl | 2026-01-07T09:28:27Z | 2026-01-07T09:28:27Z |
| suse-su-2026:0050-1 | Security update for curl | 2026-01-07T09:28:15Z | 2026-01-07T09:28:15Z |
| suse-su-2026:0044-1 | Security update for mozjs60 | 2026-01-06T16:10:16Z | 2026-01-06T16:10:16Z |
| suse-su-2026:0043-1 | Security update for qemu | 2026-01-06T16:03:07Z | 2026-01-06T16:03:07Z |
| suse-su-2026:0029-1 | Security update for the Linux Kernel | 2026-01-05T12:59:48Z | 2026-01-05T12:59:48Z |
| suse-su-2026:0028-1 | Security update for alloy | 2026-01-05T12:53:11Z | 2026-01-05T12:53:11Z |
| suse-su-2026:0027-1 | Security update for python3 | 2026-01-05T12:47:16Z | 2026-01-05T12:47:16Z |
| suse-su-2026:0025-1 | Security update for python312 | 2026-01-05T12:11:09Z | 2026-01-05T12:11:09Z |
| suse-su-2026:0024-1 | Security update for python313 | 2026-01-05T12:10:23Z | 2026-01-05T12:10:23Z |
| suse-su-2026:0023-1 | Security update for erlang26 | 2026-01-05T12:06:04Z | 2026-01-05T12:06:04Z |
| suse-su-2026:0022-1 | Security update for qemu | 2026-01-05T11:18:23Z | 2026-01-05T11:18:23Z |
| suse-su-2026:0021-1 | Security update for webkit2gtk3 | 2026-01-05T11:12:33Z | 2026-01-05T11:12:33Z |
| suse-su-2026:0020-1 | Security update for apache2 | 2026-01-05T11:08:42Z | 2026-01-05T11:08:42Z |
| suse-su-2026:0019-1 | Security update for apache2 | 2026-01-05T11:08:00Z | 2026-01-05T11:08:00Z |
| suse-su-2026:0018-1 | Security update for glib2 | 2026-01-05T10:52:26Z | 2026-01-05T10:52:26Z |
| suse-su-2026:0017-1 | Security update for libsoup | 2026-01-05T10:52:01Z | 2026-01-05T10:52:01Z |
| suse-su-2026:0016-1 | Security update for pgadmin4 | 2026-01-05T10:48:08Z | 2026-01-05T10:48:08Z |
| suse-su-2026:0015-1 | Security update for pgadmin4 | 2026-01-05T10:40:59Z | 2026-01-05T10:40:59Z |
| suse-su-2026:0014-1 | Security update for buildah | 2026-01-05T10:39:01Z | 2026-01-05T10:39:01Z |
| suse-su-2026:0013-1 | Security update for ImageMagick | 2026-01-05T10:36:11Z | 2026-01-05T10:36:11Z |
| suse-su-2026:0012-1 | Security update for xen | 2026-01-05T10:31:27Z | 2026-01-05T10:31:27Z |
| suse-su-2026:0011-1 | Security update for ImageMagick | 2026-01-05T10:28:55Z | 2026-01-05T10:28:55Z |
| suse-su-2026:0010-1 | Security update for python-tornado6 | 2026-01-05T10:26:32Z | 2026-01-05T10:26:32Z |
| suse-su-2026:0005-1 | Security update for rsync | 2026-01-02T12:30:51Z | 2026-01-02T12:30:51Z |
| suse-su-2025:4532-1 | Security update for apache2-mod_auth_openidc | 2025-12-29T13:53:59Z | 2025-12-29T13:53:59Z |
| suse-su-2025:4530-1 | Security update for the Linux Kernel | 2025-12-29T10:48:23Z | 2025-12-29T10:48:23Z |
| suse-su-2025:4528-1 | Security update for webkit2gtk3 | 2025-12-26T14:52:35Z | 2025-12-26T14:52:35Z |
| suse-su-2025:4527-1 | Security update for webkit2gtk3 | 2025-12-26T14:49:08Z | 2025-12-26T14:49:08Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10015-1 | libwget4-2.2.1-1.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10014-1 | python311-cbor2-5.8.0-2.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10013-1 | apptainer-1.4.5-1.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10012-1 | ImageMagick-7.1.2.12-1.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10006-1 | dcmtk-3.7.0-1.1 on GA media | 2026-01-05T00:00:00Z | 2026-01-05T00:00:00Z |
| opensuse-su-2026:10005-1 | python312-Django6-6.0-1.1 on GA media | 2026-01-03T00:00:00Z | 2026-01-03T00:00:00Z |
| opensuse-su-2026:10004-1 | fluidsynth-2.5.2-1.1 on GA media | 2026-01-03T00:00:00Z | 2026-01-03T00:00:00Z |
| opensuse-su-2026:20001-1 | Security update for sssd | 2026-01-02T16:58:16Z | 2026-01-02T16:58:16Z |
| opensuse-su-2026:20002-1 | Security update for MozillaThunderbird | 2026-01-02T12:14:18Z | 2026-01-02T12:14:18Z |
| opensuse-su-2026:10002-1 | libmatio-devel-1.5.29-1.1 on GA media | 2026-01-01T00:00:00Z | 2026-01-01T00:00:00Z |
| opensuse-su-2026:10001-1 | dirmngr-2.5.16-1.1 on GA media | 2026-01-01T00:00:00Z | 2026-01-01T00:00:00Z |
| opensuse-su-2026:10000-1 | gnu-recutils-1.9-3.1 on GA media | 2026-01-01T00:00:00Z | 2026-01-01T00:00:00Z |
| opensuse-su-2025:15853-1 | weblate-5.14.3-2.1 on GA media | 2025-12-30T00:00:00Z | 2025-12-30T00:00:00Z |
| opensuse-su-2025:15848-1 | python311-openapi-core-0.22.0-1.1 on GA media | 2025-12-28T00:00:00Z | 2025-12-28T00:00:00Z |
| opensuse-su-2025:15847-1 | anubis-1.24.0-1.1 on GA media | 2025-12-28T00:00:00Z | 2025-12-28T00:00:00Z |
| opensuse-su-2025:15846-1 | python39-3.9.25-2.1 on GA media | 2025-12-24T00:00:00Z | 2025-12-24T00:00:00Z |
| opensuse-su-2025:15845-1 | podman-5.7.1-1.1 on GA media | 2025-12-24T00:00:00Z | 2025-12-24T00:00:00Z |
| opensuse-su-2025:15844-1 | cpp-httplib-devel-0.28.0-1.1 on GA media | 2025-12-24T00:00:00Z | 2025-12-24T00:00:00Z |
| opensuse-su-2025:15843-1 | buildah-1.42.2-1.1 on GA media | 2025-12-24T00:00:00Z | 2025-12-24T00:00:00Z |
| opensuse-su-2025:15841-1 | zk-0.15.2-1.1 on GA media | 2025-12-22T00:00:00Z | 2025-12-22T00:00:00Z |
| opensuse-su-2025:15840-1 | python315-3.15.0~a3-1.1 on GA media | 2025-12-22T00:00:00Z | 2025-12-22T00:00:00Z |
| opensuse-su-2025:15839-1 | python310-3.10.19-3.1 on GA media | 2025-12-22T00:00:00Z | 2025-12-22T00:00:00Z |
| opensuse-su-2025:15832-1 | coredns-for-k8s1.35-1.13.1-2.1 on GA media | 2025-12-19T00:00:00Z | 2025-12-19T00:00:00Z |
| opensuse-su-2025:15831-1 | chromedriver-143.0.7499.146-1.1 on GA media | 2025-12-19T00:00:00Z | 2025-12-19T00:00:00Z |
| opensuse-su-2025:15830-1 | alloy-1.12.0-2.1 on GA media | 2025-12-19T00:00:00Z | 2025-12-19T00:00:00Z |
| opensuse-su-2025:15829-1 | ImageMagick-7.1.2.10-2.1 on GA media | 2025-12-19T00:00:00Z | 2025-12-19T00:00:00Z |
| opensuse-su-2025:15824-1 | netty-4.1.130-1.1 on GA media | 2025-12-17T00:00:00Z | 2025-12-17T00:00:00Z |
| opensuse-su-2025:15823-1 | clair-4.9.0-1.1 on GA media | 2025-12-17T00:00:00Z | 2025-12-17T00:00:00Z |
| opensuse-su-2025:15822-1 | strongswan-6.0.4-1.1 on GA media | 2025-12-15T00:00:00Z | 2025-12-15T00:00:00Z |
| opensuse-su-2025:15821-1 | qemu-10.1.3-1.1 on GA media | 2025-12-15T00:00:00Z | 2025-12-15T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-00125 | Men Salon Management System /admin/edit-customer-detailed.php文件SQL注入漏洞 | 2025-04-22 | 2026-01-04 |
| cnvd-2026-00124 | Men Salon Management System /admin/edit-services.php文件SQL注入漏洞 | 2025-04-22 | 2026-01-04 |
| cnvd-2026-00123 | TOTOLINK N200RE UploadFirmwareFile函数命令注入漏洞 | 2024-01-11 | 2026-01-04 |
| cnvd-2026-00122 | TOTOLINK N200RE setTracerouteCfg函数命令注入漏洞 | 2024-01-11 | 2026-01-04 |
| cnvd-2026-00121 | TOTOLINK N200RE setDiagnosisCfg函数命令注入漏洞 | 2024-01-11 | 2026-01-04 |
| cnvd-2026-00120 | TOTOLINK N200RE setLanguageCfg函数堆栈缓冲区溢出漏洞 | 2024-01-30 | 2026-01-04 |
| cnvd-2026-00119 | TOTOLINK N200RE setIpPortFilterRules函数堆栈缓冲区溢出漏洞 | 2024-01-30 | 2026-01-04 |
| cnvd-2026-00118 | TOTOLINK CP450硬编码密码漏洞 | 2024-05-22 | 2026-01-04 |
| cnvd-2026-00117 | TOTOLINK CPE CP450 setWebWlanIdx方法命令注入漏洞 | 2024-05-22 | 2026-01-04 |
| cnvd-2026-00116 | TOTOLINK CP450 setUrlFilterRules方法堆栈缓冲区溢出漏洞 | 2024-05-22 | 2026-01-04 |
| cnvd-2026-00115 | TOTOLINK CPE CP450 setUpgradeFW方法命令注入漏洞 | 2024-05-22 | 2026-01-04 |
| cnvd-2026-00114 | TOTOLINK CP450 setStaticDhcpConfig方法堆栈缓冲区溢出漏洞 | 2024-05-22 | 2026-01-04 |
| cnvd-2026-00113 | TOTOLINK CP450 SetPortForwardRules方法堆栈缓冲区溢出漏洞 | 2024-05-22 | 2026-01-04 |
| cnvd-2026-00112 | WordPress Real 3D FlipBook plugin跨站脚本漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00111 | WordPress User Submitted Posts plugin开放重定向漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00110 | WordPress Docket Cache plugin文件包含漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00109 | WordPress Diza plugin文件包含漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00108 | WordPress Chakra test plugin缺少授权漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00107 | WordPress Brave plugin缺少授权漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00106 | WordPress Brands for WooCommerce Plugin SQL注入漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00105 | WordPress Bold Timeline Lite plugin跨站脚本漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00104 | WordPress AutomatorWP plugin SQL注入漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00103 | WordPress Astra Widgets plugin跨站脚本漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00046 | Siemens SIMATIC CN 4100访问控制错误漏洞 | 2025-12-15 | 2026-01-04 |
| cnvd-2026-00045 | Microsoft AutoUpdate for Mac权限提升漏洞(CNVD-2026-00045) | 2025-01-17 | 2026-01-04 |
| cnvd-2026-00044 | Microsoft Outlook代码执行漏洞(CNVD-2026-00044) | 2025-02-14 | 2026-01-04 |
| cnvd-2026-00043 | Microsoft Outlook代码执行漏洞(CNVD-2026-00043) | 2025-02-14 | 2026-01-04 |
| cnvd-2026-00042 | Microsoft Visual Studio代码执行漏洞(CNVD-2026-00042) | 2025-02-24 | 2026-01-04 |
| cnvd-2026-00041 | Apache InLong安全绕过漏洞(CNVD-2026-00041) | 2025-06-11 | 2026-01-04 |
| cnvd-2026-00040 | Google Android权限提升漏洞(CNVD-2026-00040) | 2025-09-04 | 2026-01-04 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0015 | Multiples vulnérabilités dans les produits Centreon | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0014 | Multiples vulnérabilités dans GitLab | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0013 | Vulnérabilité dans Tenable Nessus Agent | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0012 | Multiples vulnérabilités dans Trend Micro Apex Central | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0011 | Vulnérabilité dans Google Android | 2026-01-08T00:00:00.000000 | 2026-01-08T00:00:00.000000 |
| certfr-2026-avi-0010 | Multiples vulnérabilités dans Curl | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0009 | Vulnérabilité dans Google Chrome | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0008 | Multiples vulnérabilités dans Joomla! | 2026-01-07T00:00:00.000000 | 2026-01-07T00:00:00.000000 |
| certfr-2026-avi-0007 | Vulnérabilité dans Stormshield Network Security | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2026-avi-0006 | Multiples vulnérabilités dans Veeam Backup & Replication | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2026-avi-0005 | Multiples vulnérabilités dans Centreon Open Tickets | 2026-01-06T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2025-avi-1097 | Vulnérabilité dans les produits Mitel | 2025-12-11T00:00:00.000000 | 2026-01-06T00:00:00.000000 |
| certfr-2026-avi-0004 | Vulnérabilité dans MariaDB | 2026-01-05T00:00:00.000000 | 2026-01-05T00:00:00.000000 |
| certfr-2026-avi-0003 | Multiples vulnérabilités dans les produits Qnap | 2026-01-05T00:00:00.000000 | 2026-01-05T00:00:00.000000 |
| certfr-2025-avi-1111 | Multiples vulnérabilités dans Roundcube | 2025-12-15T00:00:00.000000 | 2026-01-05T00:00:00.000000 |
| certfr-2026-avi-0002 | Multiples vulnérabilités dans les produits IBM | 2026-01-02T00:00:00.000000 | 2026-01-02T00:00:00.000000 |
| certfr-2026-avi-0001 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-02T00:00:00.000000 | 2026-01-02T00:00:00.000000 |
| certfr-2025-avi-1142 | Multiples vulnérabilités dans Moxa NPort | 2025-12-31T00:00:00.000000 | 2025-12-31T00:00:00.000000 |
| certfr-2025-avi-1141 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-12-26T00:00:00.000000 | 2025-12-26T00:00:00.000000 |
| certfr-2025-avi-1140 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-12-26T00:00:00.000000 | 2025-12-26T00:00:00.000000 |
| certfr-2025-avi-1139 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-12-26T00:00:00.000000 | 2025-12-26T00:00:00.000000 |
| certfr-2025-avi-1138 | Multiples vulnérabilités dans VMware Tanzu Platform | 2025-12-26T00:00:00.000000 | 2025-12-26T00:00:00.000000 |
| certfr-2025-avi-1137 | Multiples vulnérabilités dans les produits IBM | 2025-12-26T00:00:00.000000 | 2025-12-26T00:00:00.000000 |
| certfr-2025-avi-1076 | Multiples vulnérabilités dans MISP | 2025-12-08T00:00:00.000000 | 2025-12-24T00:00:00.000000 |
| certfr-2025-avi-1126 | Multiples vulnérabilités dans PHP | 2025-12-19T00:00:00.000000 | 2025-12-22T00:00:00.000000 |
| certfr-2025-avi-1136 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2025-12-19T00:00:00.000000 | 2025-12-19T00:00:00.000000 |
| certfr-2025-avi-1135 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2025-12-19T00:00:00.000000 | 2025-12-19T00:00:00.000000 |
| certfr-2025-avi-1134 | Multiples vulnérabilités dans MongoDB Server | 2025-12-19T00:00:00.000000 | 2025-12-19T00:00:00.000000 |
| certfr-2025-avi-1133 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2025-12-19T00:00:00.000000 | 2025-12-19T00:00:00.000000 |
| certfr-2025-avi-1132 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2025-12-19T00:00:00.000000 | 2025-12-19T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2025-12-08T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| CERTFR-2025-ALE-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| CERTFR-2025-ALE-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2025-12-08T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-ALE-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| CERTFR-2025-ALE-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| CERTFR-2025-ALE-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| CERTFR-2025-ALE-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| CERTFR-2025-ALE-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| CERTFR-2025-ALE-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| CERTFR-2025-ALE-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| CERTFR-2025-ALE-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| CERTFR-2025-ALE-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2026-0001 |
N/A
|
Bundle reference to gpg.fail |
gnupg |
gnupg |
2026-01-02T10:20:00.000Z | 2026-01-02T13:31:14.359346Z |
| GCVE-1-2025-0041 |
6.4 (4.0)
|
[online services] Reflected Cross-Site Scripting (XSS)… |
typo3 |
typo3 |
2025-12-19T14:25:00.000Z | 2025-12-19T14:54:51.594645Z |
| GCVE-1-2025-0031 |
7.1 (4.0)
|
A cross-site scripting (XSS) vulnerability was identif… |
misp |
misp |
2025-12-03T10:58:00.000Z | 2025-12-16T09:36:09.594750Z |
| GCVE-1-2025-0040 |
7.2 (4.0)
|
A cross-site scripting (XSS) vulnerability was id… |
misp |
misp |
2025-12-13T08:44:32.378924Z | 2025-12-13T08:44:32.378924Z |
| GCVE-1-2025-0039 |
8.5 (4.0)
|
XSS Reintroduced in MISP Dashboard World Map Widget Du… |
misp |
misp |
2025-12-10T14:33:52.856734Z | 2025-12-10T14:33:52.856734Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Ad… |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |
| GCVE-1-2025-0037 |
7 (4.0)
|
Reflected XSS in MISP Dashboard Widgets via Unescaped … |
misp |
misp |
2025-12-10T14:01:03.200804Z | 2025-12-10T14:01:03.200804Z |
| GCVE-1-2025-0036 |
8.3 (4.0)
|
A reflected cross-site scripting (XSS) vulnerability w… |
misp |
misp |
2025-12-10T13:46:07.170083Z | 2025-12-10T13:46:07.170083Z |
| GCVE-1-2025-0035 |
8.3 (4.0)
|
Insufficient sanitization of bundle metadata (availabl… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:25:00.000Z | 2025-12-08T12:14:06.307298Z |
| GCVE-1-2025-0034 |
7 (4.0)
|
Missing CSRF protection on state-changing endpoints in… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:19:00.000Z | 2025-12-08T12:13:24.197294Z |
| GCVE-1-2025-0033 |
8.1 (4.0)
|
Vulnerability-lookup did not track or limit failed One… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:11:00.000Z | 2025-12-08T12:12:53.235996Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox device… |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0030 |
6.2 (4.0)
|
A cross-site scripting (XSS) vulnerability in the MISP… |
misp |
misp |
2025-12-03T10:53:00.000Z | 2025-12-03T10:58:55.845341Z |
| GCVE-1-2025-0019 |
4 (4.0)
|
Path traversal vulnerability in EventReport for site-admin |
misp |
misp |
2025-11-26T14:47:00.000Z | 2025-11-28T07:27:42.721350Z |
| GCVE-1-2025-0017 |
9.4 (4.0)
|
Privilege escalation in Cerebrate allows an authentica… |
cerebrate |
cerebrate |
2025-11-12T08:15:00.000Z | 2025-11-28T07:22:08.205835Z |
| GCVE-1-2025-0029 |
6.3 (4.0)
|
Reflected cross-site scripting (XSS) vulnerabilities i… |
misp |
misp |
2025-11-27T12:41:00.000Z | 2025-11-27T12:48:51.085860Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |
| GCVE-1-2025-0028 |
8.5 (4.0)
|
Information leakage vulnerability in the MISP Feed con… |
misp |
misp |
2025-11-27T07:23:00.000Z | 2025-12-02T08:51:35.429494Z |
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |
| GCVE-1-2025-0025 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:27:00.000Z | 2025-12-02T08:50:18.897756Z |
| GCVE-1-2025-0024 |
9.4 (4.0)
|
cross-site scripting (XSS) vulnerability in the MISP s… |
misp |
misp |
2025-11-26T16:14:00.000Z | 2025-12-02T08:50:01.482327Z |
| GCVE-1-2025-0023 |
9.4 (4.0)
|
XSS in MISP server comparison tool |
misp |
misp |
2025-11-26T16:10:00.000Z | 2025-12-02T08:49:24.626168Z |
| GCVE-1-2025-0022 |
9.4 (4.0)
|
Clarified setting's impact on download_attachments_on_load |
misp |
misp |
2025-11-26T16:04:00.000Z | 2025-12-02T08:49:04.510294Z |
| GCVE-1-2025-0021 |
9.4 (4.0)
|
XSS in MISP ReST client in HTML view |
misp |
misp |
2025-11-26T15:55:00.000Z | 2025-12-02T08:48:41.869838Z |
| GCVE-1-2025-0020 |
9.4 (4.0)
|
cross-site scripting (XSS) in Galaxy element JSON view |
misp |
misp |
2025-11-26T15:49:00.000Z | 2025-12-02T08:47:41.151429Z |
| GCVE-1-2025-0018 |
9.4 (4.0)
|
HTML injection issue was identified in Lookyloo’s web … |
lookyloo |
lookyloo |
2025-11-18T15:33:00.000Z | 2025-11-18T20:39:45.579295Z |
| GCVE-1-2025-0016 |
6 (4.0)
|
Local file inclusion in [ImportFromUrl() URL hand… |
misp |
misp |
2025-11-04T09:20:00.000Z | 2025-11-04T09:56:38.383646Z |