Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-wxxw-j7jh-6gvh | ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window.… | 2025-12-25T21:30:11Z | 2025-12-25T21:30:11Z |
| ghsa-w9p6-fhvw-j42q | A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the f… | 2025-12-25T21:30:11Z | 2025-12-25T21:30:12Z |
| ghsa-v55r-6gfm-698m | ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer. | 2025-12-25T21:30:11Z | 2025-12-25T21:30:11Z |
| ghsa-gjff-p6ff-7g4f | A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the f… | 2025-12-25T21:30:11Z | 2025-12-25T21:30:11Z |
| ghsa-g7fx-r7wp-m8cx | A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the functio… | 2025-12-25T21:30:11Z | 2025-12-25T21:30:11Z |
| ghsa-3jrf-74h9-v6jf | A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function get… | 2025-12-25T21:30:11Z | 2025-12-25T21:30:11Z |
| ghsa-jh6h-m4rf-fh9p | A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file… | 2025-12-25T18:30:16Z | 2025-12-25T18:30:16Z |
| ghsa-4rqq-pph2-52g5 | A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown fun… | 2025-12-25T18:30:16Z | 2025-12-25T18:30:16Z |
| ghsa-p87w-9cw5-5fmp | A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub_… | 2025-12-25T15:30:11Z | 2025-12-25T15:30:11Z |
| ghsa-578c-qx9g-33c9 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-12-25T15:30:11Z | 2025-12-25T15:30:11Z |
| ghsa-hhv7-2hwf-76m2 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-12-25T15:30:10Z | 2025-12-25T15:30:10Z |
| ghsa-4w5f-h3jc-88q6 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-12-25T15:30:10Z | 2025-12-25T15:30:10Z |
| ghsa-xxv4-5prv-8f29 | Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-qjqw-2rg5-mqgm | Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-g75q-8q7j-ggf3 | Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a re… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-g3v9-6rgp-gh2r | Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler fo… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-cxwj-2rvj-cg44 | Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-96px-f628-2m88 | Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media f… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-3q6q-gxwr-7gqv | Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allow… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-34j4-424f-xr64 | Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation… | 2025-12-25T06:30:26Z | 2025-12-25T06:30:26Z |
| ghsa-rf7c-qh7c-23vw | A weakness has been identified in Tenda CH22 1.0.0.1. Impacted is an unknown function of the file /… | 2025-12-25T06:30:25Z | 2025-12-25T06:30:25Z |
| ghsa-m536-ggcv-cwmj | A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element is… | 2025-12-25T06:30:25Z | 2025-12-25T06:30:26Z |
| ghsa-hxpf-jx7m-hmj8 | A security vulnerability has been detected in itsourcecode Student Management System 1.0. The affec… | 2025-12-25T06:30:25Z | 2025-12-25T06:30:25Z |
| ghsa-8jr5-3mrg-hm2v | Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacke… | 2025-12-25T06:30:25Z | 2025-12-25T06:30:26Z |
| ghsa-j6c2-c6mc-xjrf | A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. This vulner… | 2025-12-25T03:30:11Z | 2025-12-25T03:30:11Z |
| ghsa-467j-v66f-jv73 | A security flaw has been discovered in itsourcecode Student Management System 1.0. This issue affec… | 2025-12-25T03:30:11Z | 2025-12-25T03:30:11Z |
| ghsa-6rp6-72p8-59rr | OpenOps before 0.6.11 allows remote code execution in the Terraform block. | 2025-12-25T00:30:18Z | 2025-12-25T00:30:18Z |
| ghsa-2h4c-6rjw-w7rh | A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affect… | 2025-12-25T00:30:18Z | 2025-12-25T00:30:18Z |
| ghsa-7wwf-6mwx-wx77 | C-Kermit (aka ckermit) through 10.0 Beta.12 (aka 416-beta12) before 244644d allows a remote Kermit … | 2025-12-25T00:30:17Z | 2025-12-25T00:30:17Z |
| ghsa-xx8r-jj29-vw5j | LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities th… | 2025-12-24T21:30:34Z | 2025-12-24T21:30:34Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15087 | youlaitech youlai-mall OrderController.java submitOrde… |
youlaitech |
youlai-mall |
2025-12-25T21:02:07.632Z | 2025-12-25T21:02:07.632Z | |
| cve-2025-15086 | youlaitech youlai-mall MemberController.java getMember… |
youlaitech |
youlai-mall |
2025-12-25T20:32:06.220Z | 2025-12-25T20:32:06.220Z | |
| cve-2025-68936 | 6.4 (v3.1) | ONLYOFFICE Docs before 9.2.1 allows XSS via the C… |
ONLYOFFICE |
Document Server |
2025-12-25T20:07:55.864Z | 2025-12-25T20:14:15.635Z |
| cve-2025-68935 | 6.4 (v3.1) | ONLYOFFICE Docs before 9.2.1 allows XSS via the F… |
ONLYOFFICE |
Document Server |
2025-12-25T20:05:48.545Z | 2025-12-25T20:13:47.534Z |
| cve-2025-15085 | youlaitech youlai-mall Balance MemberController.java d… |
youlaitech |
youlai-mall |
2025-12-25T19:32:08.203Z | 2025-12-25T19:32:08.203Z | |
| cve-2025-15084 | youlaitech youlai-mall Order Payment OrderController.j… |
youlaitech |
youlai-mall |
2025-12-25T18:32:05.729Z | 2025-12-25T18:32:05.729Z | |
| cve-2025-15083 | TOZED ZLT M30s UART on-chip debug and test interface w… |
TOZED |
ZLT M30s |
2025-12-25T17:32:06.260Z | 2025-12-25T17:32:06.260Z | |
| cve-2025-15082 | TOZED ZLT M30s Web Management proc_post information di… |
TOZED |
ZLT M30s |
2025-12-25T17:02:09.345Z | 2025-12-25T17:02:09.345Z | |
| cve-2025-15081 | JD Cloud BE6500 jdcapi sub_4780 command injection |
JD |
Cloud BE6500 |
2025-12-25T15:02:06.546Z | 2025-12-25T15:02:06.546Z | |
| cve-2025-2307 | 7.6 (v3.1) | XSS in Verisay Communication's Aidango |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Aidango |
2025-12-25T13:18:18.162Z | 2025-12-25T13:18:18.162Z |
| cve-2025-2406 | 7.6 (v3.1) | XSS in Verisay Communication's Trizbi |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Trizbi |
2025-12-25T13:14:49.099Z | 2025-12-25T13:14:49.099Z |
| cve-2025-2405 | 7.6 (v3.1) | XSS in Verisay Communication's Titarus |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Titarus |
2025-12-25T13:10:25.121Z | 2025-12-25T13:10:25.121Z |
| cve-2025-15078 | itsourcecode Student Management System list_report.php… |
itsourcecode |
Student Management System |
2025-12-25T05:02:06.963Z | 2025-12-25T05:02:06.963Z | |
| cve-2025-15077 | itsourcecode Student Management System form137.php sql… |
itsourcecode |
Student Management System |
2025-12-25T04:02:08.003Z | 2025-12-25T04:02:08.003Z | |
| cve-2025-15076 | Tenda CH22 public path traversal |
Tenda |
CH22 |
2025-12-25T03:32:06.775Z | 2025-12-25T03:32:06.775Z | |
| cve-2025-15075 | itsourcecode Student Management System student_p.php s… |
itsourcecode |
Student Management System |
2025-12-25T03:02:06.320Z | 2025-12-25T03:02:06.320Z | |
| cve-2025-15074 | itsourcecode Online Frozen Foods Ordering System custo… |
itsourcecode |
Online Frozen Foods Ordering System |
2025-12-25T02:32:06.261Z | 2025-12-25T02:32:06.261Z | |
| cve-2025-66443 | Pexip Infinity 35.0 through 38.1 before 39.0, in … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:50:33.288Z | |
| cve-2025-66379 | Pexip Infinity before 39.0 has Improper Input Val… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:54:22.261Z | |
| cve-2025-66378 | Pexip Infinity 38.0 and 38.1 before 39.0 has insu… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:57:10.055Z | |
| cve-2025-66377 | Pexip Infinity before 39.0 has Missing Authentica… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:58:59.626Z | |
| cve-2025-59683 | Pexip Infinity 15.0 through 38.0 before 38.1 has … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T05:02:45.879Z | |
| cve-2025-49088 | Pexip Infinity 32.0 through 37.1 before 37.2, in … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:52:41.031Z | |
| cve-2025-48704 | Pexip Infinity 35.0 through 37.2 before 38.0 has … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T05:00:56.186Z | |
| cve-2025-32096 | Pexip Infinity 33.0 through 37.0 before 37.1 has … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:46:04.144Z | |
| cve-2025-32095 | Pexip Infinity before 37.0 has improper input val… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:48:35.026Z | |
| cve-2025-68922 | 7.4 (v3.1) | OpenOps before 0.6.11 allows remote code executio… |
OpenOps |
OpenOps |
2025-12-24T23:05:18.982Z | 2025-12-24T23:12:22.933Z |
| cve-2025-15073 | itsourcecode Online Frozen Foods Ordering System conta… |
itsourcecode |
Online Frozen Foods Ordering System |
2025-12-24T23:02:07.917Z | 2025-12-24T23:02:07.917Z | |
| cve-2025-68920 | 8.9 (v3.1) | C-Kermit (aka ckermit) through 10.0 Beta.12 (aka … |
kermitproject |
C-Kermit |
2025-12-24T21:47:22.944Z | 2025-12-24T22:43:13.676Z |
| cve-2025-68919 | 5.6 (v3.1) | Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Exp… |
Fujitsu / Fsas Technologies |
ETERNUS SF ACM/SC/Express |
2025-12-24T21:01:44.380Z | 2025-12-24T21:29:13.243Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15087 | youlaitech youlai-mall OrderController.java submitOrde… |
youlaitech |
youlai-mall |
2025-12-25T21:02:07.632Z | 2025-12-25T21:02:07.632Z | |
| cve-2025-15086 | youlaitech youlai-mall MemberController.java getMember… |
youlaitech |
youlai-mall |
2025-12-25T20:32:06.220Z | 2025-12-25T20:32:06.220Z | |
| cve-2025-68936 | 6.4 (v3.1) | ONLYOFFICE Docs before 9.2.1 allows XSS via the C… |
ONLYOFFICE |
Document Server |
2025-12-25T20:07:55.864Z | 2025-12-25T20:14:15.635Z |
| cve-2025-68935 | 6.4 (v3.1) | ONLYOFFICE Docs before 9.2.1 allows XSS via the F… |
ONLYOFFICE |
Document Server |
2025-12-25T20:05:48.545Z | 2025-12-25T20:13:47.534Z |
| cve-2025-15085 | youlaitech youlai-mall Balance MemberController.java d… |
youlaitech |
youlai-mall |
2025-12-25T19:32:08.203Z | 2025-12-25T19:32:08.203Z | |
| cve-2025-15084 | youlaitech youlai-mall Order Payment OrderController.j… |
youlaitech |
youlai-mall |
2025-12-25T18:32:05.729Z | 2025-12-25T18:32:05.729Z | |
| cve-2025-15083 | TOZED ZLT M30s UART on-chip debug and test interface w… |
TOZED |
ZLT M30s |
2025-12-25T17:32:06.260Z | 2025-12-25T17:32:06.260Z | |
| cve-2025-15082 | TOZED ZLT M30s Web Management proc_post information di… |
TOZED |
ZLT M30s |
2025-12-25T17:02:09.345Z | 2025-12-25T17:02:09.345Z | |
| cve-2025-15081 | JD Cloud BE6500 jdcapi sub_4780 command injection |
JD |
Cloud BE6500 |
2025-12-25T15:02:06.546Z | 2025-12-25T15:02:06.546Z | |
| cve-2025-2406 | 7.6 (v3.1) | XSS in Verisay Communication's Trizbi |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Trizbi |
2025-12-25T13:14:49.099Z | 2025-12-25T13:14:49.099Z |
| cve-2025-2405 | 7.6 (v3.1) | XSS in Verisay Communication's Titarus |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Titarus |
2025-12-25T13:10:25.121Z | 2025-12-25T13:10:25.121Z |
| cve-2025-2307 | 7.6 (v3.1) | XSS in Verisay Communication's Aidango |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Aidango |
2025-12-25T13:18:18.162Z | 2025-12-25T13:18:18.162Z |
| cve-2025-66443 | Pexip Infinity 35.0 through 38.1 before 39.0, in … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:50:33.288Z | |
| cve-2025-66379 | Pexip Infinity before 39.0 has Improper Input Val… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:54:22.261Z | |
| cve-2025-66378 | Pexip Infinity 38.0 and 38.1 before 39.0 has insu… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:57:10.055Z | |
| cve-2025-66377 | Pexip Infinity before 39.0 has Missing Authentica… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:58:59.626Z | |
| cve-2025-59683 | Pexip Infinity 15.0 through 38.0 before 38.1 has … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T05:02:45.879Z | |
| cve-2025-49088 | Pexip Infinity 32.0 through 37.1 before 37.2, in … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:52:41.031Z | |
| cve-2025-48704 | Pexip Infinity 35.0 through 37.2 before 38.0 has … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T05:00:56.186Z | |
| cve-2025-32096 | Pexip Infinity 33.0 through 37.0 before 37.1 has … |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:46:04.144Z | |
| cve-2025-32095 | Pexip Infinity before 37.0 has improper input val… |
Pexip |
Infinity |
2025-12-25T00:00:00.000Z | 2025-12-25T04:48:35.026Z | |
| cve-2025-15078 | itsourcecode Student Management System list_report.php… |
itsourcecode |
Student Management System |
2025-12-25T05:02:06.963Z | 2025-12-25T05:02:06.963Z | |
| cve-2025-15077 | itsourcecode Student Management System form137.php sql… |
itsourcecode |
Student Management System |
2025-12-25T04:02:08.003Z | 2025-12-25T04:02:08.003Z | |
| cve-2025-15076 | Tenda CH22 public path traversal |
Tenda |
CH22 |
2025-12-25T03:32:06.775Z | 2025-12-25T03:32:06.775Z | |
| cve-2025-15075 | itsourcecode Student Management System student_p.php s… |
itsourcecode |
Student Management System |
2025-12-25T03:02:06.320Z | 2025-12-25T03:02:06.320Z | |
| cve-2025-15074 | itsourcecode Online Frozen Foods Ordering System custo… |
itsourcecode |
Online Frozen Foods Ordering System |
2025-12-25T02:32:06.261Z | 2025-12-25T02:32:06.261Z | |
| cve-2025-68922 | 7.4 (v3.1) | OpenOps before 0.6.11 allows remote code executio… |
OpenOps |
OpenOps |
2025-12-24T23:05:18.982Z | 2025-12-24T23:12:22.933Z |
| cve-2025-15073 | itsourcecode Online Frozen Foods Ordering System conta… |
itsourcecode |
Online Frozen Foods Ordering System |
2025-12-24T23:02:07.917Z | 2025-12-24T23:02:07.917Z | |
| cve-2025-68920 | 8.9 (v3.1) | C-Kermit (aka ckermit) through 10.0 Beta.12 (aka … |
kermitproject |
C-Kermit |
2025-12-24T21:47:22.944Z | 2025-12-24T22:43:13.676Z |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2025-52 | gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2024-85 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-16T15:05:59.978434Z |
| pysec-2024-84 | Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-16T15:05:59.815196Z |
| pysec-2024-83 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-16T15:05:59.652331Z |
| pysec-2024-82 | Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-16T15:05:59.488172Z |
| pysec-2023-278 | MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2025-12-16T15:05:59.273145Z |
| pysec-2020-220 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192938 | Malicious code in bettermode-icons (npm) | 2025-12-25T21:52:38Z | 2025-12-25T22:40:17Z |
| mal-2025-192937 | Malicious code in bettermode-common (npm) | 2025-12-25T19:41:57Z | 2025-12-25T19:41:57Z |
| mal-2025-192934 | Malicious code in ing-feat-kyc-consent (npm) | 2025-12-25T18:55:12Z | 2025-12-25T18:55:12Z |
| mal-2025-192933 | Malicious code in ing-feat-auth-idin (npm) | 2025-12-25T18:54:53Z | 2025-12-25T18:54:53Z |
| mal-2025-192935 | Malicious code in ing-feat-mortgage-consent-starter (npm) | 2025-12-25T18:54:11Z | 2025-12-25T18:54:11Z |
| mal-2025-192936 | Malicious code in ing-feat-pis-single-payments (npm) | 2025-12-25T18:54:07Z | 2025-12-25T18:54:07Z |
| mal-2025-192932 | Malicious code in cc-raiesy (npm) | 2025-12-25T18:19:57Z | 2025-12-25T18:19:57Z |
| mal-2025-192931 | Malicious code in aiogram-sever-patch (PyPI) | 2025-12-25T14:18:44Z | 2025-12-25T17:08:16Z |
| mal-2025-192930 | Malicious code in pxdbench (PyPI) | 2025-12-25T11:04:53Z | 2025-12-25T11:04:53Z |
| mal-2025-192929 | Malicious code in envtoolsx (PyPI) | 2025-12-24T22:45:19Z | 2025-12-24T22:45:19Z |
| mal-2025-192928 | Malicious code in livekit-agents-hedra (PyPI) | 2025-12-24T20:38:01Z | 2025-12-24T20:38:01Z |
| mal-2025-192927 | Malicious code in adril7123 (npm) | 2025-12-24T17:05:44Z | 2025-12-24T17:05:45Z |
| mal-2025-192926 | Malicious code in @airtel-web/clickstream (npm) | 2025-12-24T12:20:46Z | 2025-12-24T13:17:43Z |
| mal-2025-192752 | Malicious code in @google_recaptcha/js (npm) | 2025-12-23T19:10:06Z | 2025-12-24T00:53:15Z |
| mal-2025-192763 | Malicious code in supply_chain_dummy_test_4 (npm) | 2025-12-23T19:07:56Z | 2025-12-24T00:53:20Z |
| mal-2025-192762 | Malicious code in supply_chain_dummy_test_3 (npm) | 2025-12-23T19:07:56Z | 2025-12-24T00:53:20Z |
| mal-2025-192761 | Malicious code in supply_chain_dummy_test_2 (npm) | 2025-12-23T19:07:56Z | 2025-12-24T00:53:20Z |
| mal-2025-192760 | Malicious code in supply_chain_dummy_test_1 (npm) | 2025-12-23T19:07:55Z | 2025-12-24T00:53:20Z |
| mal-2025-192755 | Malicious code in dotjsenv (npm) | 2025-12-23T18:37:29Z | 2025-12-24T00:53:16Z |
| mal-2025-192764 | Malicious code in trial-guard (npm) | 2025-12-23T18:30:06Z | 2025-12-24T00:53:20Z |
| mal-2025-192759 | Malicious code in start-log-plugin (npm) | 2025-12-23T18:30:06Z | 2025-12-24T00:53:20Z |
| mal-2025-192758 | Malicious code in start-log-backend (npm) | 2025-12-23T18:30:06Z | 2025-12-24T00:53:20Z |
| mal-2025-192757 | Malicious code in qxytest1 (npm) | 2025-12-23T18:30:06Z | 2025-12-24T00:53:19Z |
| mal-2025-192756 | Malicious code in qxytest (npm) | 2025-12-23T18:30:06Z | 2025-12-24T00:53:19Z |
| mal-2025-192754 | Malicious code in chai-max (npm) | 2025-12-23T18:30:01Z | 2025-12-24T00:53:16Z |
| mal-2025-192753 | Malicious code in chai-async-chains (npm) | 2025-12-23T18:26:52Z | 2025-12-24T00:53:16Z |
| mal-2025-192749 | Malicious code in rpc-validate (npm) | 2025-12-23T18:19:20Z | 2025-12-24T00:53:19Z |
| mal-2025-192747 | Malicious code in excluder-mcp-package (npm) | 2025-12-23T18:19:20Z | 2025-12-24T00:53:17Z |
| mal-2025-192746 | Malicious code in excluder-mcp (npm) | 2025-12-23T18:19:20Z | 2025-12-24T00:53:17Z |
| mal-2025-192748 | Malicious code in lotusbail (npm) | 2025-12-23T17:40:05Z | 2025-12-24T00:53:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2910 | Hitachi Ops Center: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2909 | IBM App Connect Enterprise: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2905 | MongoDB: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2904 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2891 | WebKitGTK: Mehrere Schwachstellen ermöglichen Codeausführung und DoS | 2025-12-18T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2887 | PHP: Mehrere Schwachstellen | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2886 | Red Hat Enterprise Linux (git-lfs, opentelemetry-collector): Mehrere Schwachstellen | 2025-12-18T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2885 | Mozilla Firefox: Mehrere Schwachstellen | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2881 | Red Hat Enterprise Linux (multicluster global hub): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-17T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2871 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-12-17T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2868 | Linux Kernel: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2866 | Dropbear SSH: Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2860 | JetBrains TeamCity: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2858 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2857 | Apache Commons Text: Schwachstelle ermöglicht Codeausführung | 2025-12-16T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2854 | Roundcube: Mehrere Schwachstellen | 2025-12-15T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2849 | Red Hat Enterprise Linux (Keylime): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-15T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2846 | strongSwan (NetworkManager-Plugin): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-14T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2840 | Exim: Schwachstelle ermöglicht Codeausführung | 2025-12-14T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2830 | Red Hat Enterprise Linux (libsoup): Schwachstelle ermöglicht Denial of Service | 2025-12-11T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2825 | MediaWiki: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2814 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2812 | Mozilla Firefox: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2798 | Red Hat OpenShift Service Mesh: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2789 | Adobe Experience Manager: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-10T23:00:00.000+00:00 |
| wid-sec-w-2025-2756 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-07T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2751 | WebKitGTK: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2750 | Apache HTTP Server: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2747 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-04T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2746 | IBM InfoSphere Information Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-416652 | SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-202008 | SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-693808 | SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-493396 | SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-693776 | SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2 | 2025-06-10T00:00:00Z | 2025-06-10T00:00:00Z |
| ssa-633269 | SSA-633269: Incorrect Authorization Check Vulnerability in Industrial Communication Devices based on SINEC OS before V3.1 | 2025-06-10T00:00:00Z | 2025-06-10T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:22345 | Red Hat Security Advisory: Red Hat OpenShift Developer Tools - Source-to-Image 1.5.2 | 2025-11-27T22:06:09+00:00 | 2025-11-27T23:59:25+00:00 |
| rhsa-2025:22287 | Red Hat Security Advisory: Red Hat Quay 3.9 | 2025-11-27T14:54:51+00:00 | 2025-11-29T06:53:27+00:00 |
| rhsa-2025:21829 | Red Hat Security Advisory: OpenShift Container Platform 4.12.83 bug fix and security update | 2025-11-27T12:20:57+00:00 | 2025-11-27T17:38:04+00:00 |
| rhsa-2025:21824 | Red Hat Security Advisory: OpenShift Container Platform 4.16.53 bug fix and security update | 2025-11-27T11:08:51+00:00 | 2025-11-27T17:38:15+00:00 |
| rhsa-2025:21795 | Red Hat Security Advisory: OpenShift Container Platform 4.18.29 bug fix and security update | 2025-11-27T04:24:21+00:00 | 2025-11-27T17:38:14+00:00 |
| rhsa-2025:22205 | Red Hat Security Advisory: bind security update | 2025-11-26T21:38:30+00:00 | 2025-11-27T11:41:16+00:00 |
| rhsa-2025:22190 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update | 2025-11-26T17:02:38+00:00 | 2025-11-26T21:26:25+00:00 |
| rhsa-2025:22188 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 Security update | 2025-11-26T16:59:23+00:00 | 2025-11-26T21:26:20+00:00 |
| rhsa-2025:22187 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update | 2025-11-26T16:59:20+00:00 | 2025-11-26T21:26:20+00:00 |
| rhsa-2025:22181 | Red Hat Security Advisory: golang security update | 2025-11-26T15:05:54+00:00 | 2025-11-27T23:59:23+00:00 |
| rhsa-2025:22182 | Red Hat Security Advisory: Red Hat Quay 3.10.16 | 2025-11-26T14:52:57+00:00 | 2025-11-29T06:53:26+00:00 |
| rhsa-2025:22179 | Red Hat Security Advisory: RHSA 4.8.6 security and bug fix update | 2025-11-26T13:57:08+00:00 | 2025-11-26T15:51:13+00:00 |
| rhsa-2025:22177 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T13:19:45+00:00 | 2025-11-27T14:15:58+00:00 |
| rhsa-2025:22175 | Red Hat Security Advisory: expat security update | 2025-11-26T11:07:19+00:00 | 2025-11-27T11:41:12+00:00 |
| rhsa-2025:22168 | Red Hat Security Advisory: bind9.16 security update | 2025-11-26T07:25:14+00:00 | 2025-11-27T03:24:39+00:00 |
| rhsa-2025:22167 | Red Hat Security Advisory: tigervnc security update | 2025-11-26T07:17:26+00:00 | 2025-11-26T15:30:40+00:00 |
| rhsa-2025:22163 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T05:49:49+00:00 | 2025-11-27T14:15:58+00:00 |
| rhsa-2025:22164 | Red Hat Security Advisory: tigervnc security update | 2025-11-26T05:26:30+00:00 | 2025-11-26T09:25:19+00:00 |
| rhsa-2025:22162 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T05:26:29+00:00 | 2025-11-27T14:16:01+00:00 |
| rhsa-2025:22124 | Red Hat Security Advisory: kernel-rt security update | 2025-11-25T18:17:51+00:00 | 2025-11-25T21:29:42+00:00 |
| rhsa-2025:22095 | Red Hat Security Advisory: kernel security update | 2025-11-25T17:26:16+00:00 | 2025-11-25T21:29:44+00:00 |
| rhsa-2025:22096 | Red Hat Security Advisory: tigervnc security update | 2025-11-25T17:25:56+00:00 | 2025-11-26T09:25:17+00:00 |
| rhsa-2025:22087 | Red Hat Security Advisory: kernel-rt security update | 2025-11-25T16:42:52+00:00 | 2025-11-25T21:29:43+00:00 |
| rhsa-2025:22090 | Red Hat Security Advisory: Red Hat build of Keycloak 26.4.6 Images Security Update | 2025-11-25T16:24:09+00:00 | 2025-11-27T06:34:39+00:00 |
| rhsa-2025:22088 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.11 Images Security Update | 2025-11-25T16:12:38+00:00 | 2025-11-28T05:32:35+00:00 |
| rhsa-2025:22091 | Red Hat Security Advisory: Red Hat build of Keycloak 26.4.6 Security Update | 2025-11-25T16:07:25+00:00 | 2025-11-27T06:34:41+00:00 |
| rhsa-2025:22089 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.11 Security Update | 2025-11-25T16:06:13+00:00 | 2025-11-28T05:32:35+00:00 |
| rhsa-2025:22077 | Red Hat Security Advisory: tigervnc security update | 2025-11-25T13:07:15+00:00 | 2025-11-26T09:25:18+00:00 |
| rhsa-2025:22072 | Red Hat Security Advisory: kernel security update | 2025-11-25T12:37:05+00:00 | 2025-11-25T21:29:42+00:00 |
| rhsa-2025:22068 | Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release of Model Transparency | 2025-11-25T11:12:13+00:00 | 2025-11-25T15:44:17+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-65046 | Microsoft Edge (Chromium-based) Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-65041 | Microsoft Partner Center Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-65037 | Azure Container Apps Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-64680 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-23T08:00:00.000Z |
| msrc_cve-2025-64679 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64678 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64677 | Office Out-of-Box Experience Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-64676 | Microsoft Purview eDiscovery Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-64675 | Azure Cosmos DB Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-64673 | Windows Storage VSP Driver Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64672 | Microsoft SharePoint Server Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64671 | GitHub Copilot for Jetbrains Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64670 | Windows DirectX Information Disclosure Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64669 | Windows Admin Center Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-11T08:00:00.000Z |
| msrc_cve-2025-64667 | Microsoft Exchange Server Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64666 | Microsoft Exchange Server Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64663 | Custom Question Answering Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-18T08:00:00.000Z |
| msrc_cve-2025-64661 | Windows Shell Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64658 | Windows File Explorer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62573 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62572 | Application Information Service Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62571 | Windows Installer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62570 | Windows Camera Frame Server Monitor Information Disclosure Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62569 | Microsoft Brokering File System Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62567 | Windows Hyper-V Denial of Service Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62565 | Windows File Explorer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62564 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-17T08:00:00.000Z |
| msrc_cve-2025-62563 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62562 | Microsoft Outlook Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-17T08:00:00.000Z |
| msrc_cve-2025-62561 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-17T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-352-08 | Axis Communications Camera Station Pro, Camera Station, and Device Manager | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-07 | Rockwell Automation Micro820, Micro850, Micro870 | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-06 | Advantech WebAccess/SCADA | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-03 | National Instruments LabView | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-01 | Inductive Automation Ignition | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| va-25-352-01 | BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities | 2025-12-18T00:00:00Z | 2025-12-18T00:00:00Z |
| icsa-25-350-04 | Mitsubishi Electric GT Designer3 | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-03 | Hitachi Energy AFS, AFR and AFF Series | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-02 | Johnson Controls PowerG, IQPanel and IQHub | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-01 | Güralp Systems Fortimus Series, Minimus Series, and Certimus Series | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| va-25-345-01 | CISA Software Acquisition Guide Supplier Response Web Tool XSS | 2025-12-12T20:27:47Z | 2025-12-12T20:27:47Z |
| icsma-25-345-02 | Varex Imaging Panoramic Dental Imaging Software | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsma-25-345-01 | Grassroots DICOM (GDCM) | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-10 | OpenPLC_V3 | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-03 | AzeoTech DAQFactory | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-02 | Johnson Controls iSTAR Ultra | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-01 | Johnson Controls iSTAR | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| va-25-343-01 | Windscribe for Linux 'changeMTU' local privilege escalation | 2025-12-10T16:46:41Z | 2025-12-10T16:46:41Z |
| icsa-25-352-02 | Schneider Electric EcoStruxure Foxboro DCS Advisor | 2025-12-09T08:00:00.000000Z | 2025-12-18T18:23:06.311869Z |
| icsa-25-343-01 | Universal Boot Loader (U-Boot) | 2025-12-09T07:00:00.000000Z | 2025-12-09T07:00:00.000000Z |
| icsa-25-343-03 | Multiple India-based CCTV Cameras** | 2025-12-09T05:00:00.000000Z | 2025-12-09T05:00:00.000000Z |
| icsa-25-352-05 | Siemens Interniche IP-Stack | 2025-12-09T00:00:00.000000Z | 2025-12-18T18:13:59.515670Z |
| icsa-25-345-09 | Siemens Gridscale X Prepay | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-08 | Siemens Energy Services | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-07 | Siemens Building X - Security Manager Edge Controller | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-06 | Siemens SINEMA Remote Connect Server | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-05 | Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-04 | Siemens IAM Client | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-338-07 | Advantech iView | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-sma-attack-n9bf4 | Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager | 2025-12-17T16:00:00+00:00 | 2025-12-17T16:00:00+00:00 |
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-17T22:37:17+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-broadworks-xss-o696ymra | Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-10-21T15:13:31+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-022878 | Media Player MP-01 vulnerable to Missing Authentication for Critical Function | 2025-12-24T11:10+09:00 | 2025-12-24T11:10+09:00 |
| jvndb-2025-022400 | Ruijie Networks AP180 Series vulnerable to OS command injection | 2025-12-19T12:33+09:00 | 2025-12-19T12:33+09:00 |
| jvndb-2025-000118 | GROWI vulnerable to cross-site request forgery | 2025-12-17T13:04+09:00 | 2025-12-17T13:04+09:00 |
| jvndb-2025-022062 | Multiple vulnerabilities in CHOCO TEI WATCHER mini | 2025-12-17T11:28+09:00 | 2025-12-17T11:28+09:00 |
| jvndb-2025-000117 | SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow | 2025-12-16T15:31+09:00 | 2025-12-23T11:57+09:00 |
| jvndb-2025-000115 | QND vulnerable to privilege escalation | 2025-12-11T14:33+09:00 | 2025-12-11T14:33+09:00 |
| jvndb-2025-021305 | Android App "Brother iPrint&Scan" improper use of an external cache directory | 2025-12-09T17:25+09:00 | 2025-12-09T17:25+09:00 |
| jvndb-2025-000114 | ELECOM Clone for Windows registers a Windows service with an unquoted file path | 2025-12-09T17:16+09:00 | 2025-12-09T17:16+09:00 |
| jvndb-2025-000113 | Multiple vulnerabilities in GroupSession | 2025-12-08T17:48+09:00 | 2025-12-11T11:30+09:00 |
| jvndb-2025-000116 | GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths | 2025-12-08T14:06+09:00 | 2025-12-08T14:06+09:00 |
| jvndb-2025-000094 | Multiple vulnerabilities in ABB Terra AC Wallbox | 2025-12-05T14:12+09:00 | 2025-12-05T14:12+09:00 |
| jvndb-2025-000112 | Installer of INZONE Hub may insecurely load Dynamic Link Libraries | 2025-11-28T13:36+09:00 | 2025-11-28T13:36+09:00 |
| jvndb-2025-000111 | SwitchBot Smart Video Doorbell vulnerable to active debug code | 2025-11-26T14:35+09:00 | 2025-11-26T14:35+09:00 |
| jvndb-2025-000110 | Multiple vulnerabilities in Security Point (Windows) of MaLion | 2025-11-25T17:17+09:00 | 2025-11-25T17:17+09:00 |
| jvndb-2025-000109 | Multiple vulnerabilities in SNC-CX600W | 2025-11-25T14:59+09:00 | 2025-11-25T14:59+09:00 |
| jvndb-2025-000108 | "FOD" App uses hard-coded cryptographic keys | 2025-11-25T14:15+09:00 | 2025-11-25T14:15+09:00 |
| jvndb-2025-000106 | Multiple vulnerabilities in LogStare Collector | 2025-11-21T16:27+09:00 | 2025-11-21T16:27+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-12-24T10:54+09:00 |
| jvndb-2025-000107 | Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries | 2025-11-19T16:22+09:00 | 2025-11-19T16:22+09:00 |
| jvndb-2025-000097 | "Dejira" App for iOS vulnerable to improper server certificate verification | 2025-11-17T14:09+09:00 | 2025-11-17T14:09+09:00 |
| jvndb-2025-000105 | NCP-HG100 vulnerable to OS command injection | 2025-11-14T15:26+09:00 | 2025-11-14T15:26+09:00 |
| jvndb-2025-000104 | Multiple vulnerabilities in GNU Libmicrohttpd | 2025-11-10T15:07+09:00 | 2025-11-10T15:07+09:00 |
| jvndb-2025-000103 | Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series" | 2025-11-07T15:39+09:00 | 2025-11-07T15:39+09:00 |
| jvndb-2025-000102 | CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection | 2025-11-07T14:55+09:00 | 2025-11-07T14:55+09:00 |
| jvndb-2025-000101 | GROWI vulnerable to stored cross-site scripting | 2025-11-06T13:45+09:00 | 2025-11-06T13:45+09:00 |
| jvndb-2025-017972 | Multiple vulnerabilities in Century Systems FutureNet MA and IP-K series | 2025-11-04T16:37+09:00 | 2025-11-04T16:37+09:00 |
| jvndb-2025-000100 | Multiple Roboticsware products register Windows services with unquoted file paths | 2025-11-04T14:17+09:00 | 2025-11-04T14:17+09:00 |
| jvndb-2025-000098 | Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path | 2025-11-04T13:51+09:00 | 2025-11-04T13:51+09:00 |
| jvndb-2025-000099 | Progress Flowmon vulnerable to authenticated OS command injection | 2025-11-04T12:47+09:00 | 2025-11-04T12:47+09:00 |
| jvndb-2025-000096 | Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries | 2025-10-29T14:17+09:00 | 2025-10-29T14:17+09:00 |
| ID | Description | Updated |
|---|
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010 | 7.3 (v3.1) | Unitree Multiple Robotic Products Command Injection |
Unitree |
Go2 |
2025-09-26T06:53:49.585Z | 2025-09-26T15:16:57.586Z |
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 | 4.3 (v3.1) | Unauthenticated leak of sensitive information affectin… |
Brother Industries, Ltd |
HL-L8260CDN |
2025-08-12T15:23:00.577Z | 2025-08-15T05:53:23.017Z |