Recent vulnerabilities

ID	Description	Published	Updated
ghsa-7mhf-6fhv-c83c	Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server she…	2025-12-26T00:30:12Z	2025-12-26T03:30:14Z
ghsa-vxr5-9gfx-r9w6	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-vxpf-6v9m-jq3x	A vulnerability was detected in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is the func…	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-jh7j-fmhv-cv25	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-ff49-f5c2-ggcq	A vulnerability was determined in UTT 进取 512W up to 1.7.7-171114. This issue affects the function s…	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-6g4h-3cjf-h9q9	The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress …	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-4v76-jcg6-9p6m	A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This vulnerability affects the functio…	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-29wh-g4c8-c35q	A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy …	2025-12-26T00:30:12Z	2025-12-26T00:30:12Z
ghsa-w9p6-fhvw-j42q	A security vulnerability has been detected in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the f…	2025-12-25T21:30:11Z	2025-12-25T21:30:12Z
ghsa-wxxw-j7jh-6gvh	ONLYOFFICE Docs before 9.2.1 allows XSS via the Font field for the Multilevel list settings window.…	2025-12-25T21:30:11Z	2025-12-25T21:30:11Z
ghsa-v55r-6gfm-698m	ONLYOFFICE Docs before 9.2.1 allows XSS via the Color theme name. This is related to DocumentServer.	2025-12-25T21:30:11Z	2025-12-25T21:30:11Z
ghsa-gjff-p6ff-7g4f	A vulnerability was identified in youlaitech youlai-mall 1.0.0/2.0.0. The impacted element is the f…	2025-12-25T21:30:11Z	2025-12-25T21:30:11Z
ghsa-g7fx-r7wp-m8cx	A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the functio…	2025-12-25T21:30:11Z	2025-12-25T21:30:11Z
ghsa-3jrf-74h9-v6jf	A weakness has been identified in youlaitech youlai-mall 1.0.0/2.0.0. This impacts the function get…	2025-12-25T21:30:11Z	2025-12-25T21:30:11Z
ghsa-jh6h-m4rf-fh9p	A vulnerability was found in TOZED ZLT M30s up to 1.47. Impacted is an unknown function of the file…	2025-12-25T18:30:16Z	2025-12-25T18:30:16Z
ghsa-4rqq-pph2-52g5	A vulnerability was determined in TOZED ZLT M30s up to 1.47. The affected element is an unknown fun…	2025-12-25T18:30:16Z	2025-12-25T18:30:16Z
ghsa-p87w-9cw5-5fmp	A vulnerability has been found in JD Cloud BE6500 4.4.1.r4308. This issue affects the function sub_…	2025-12-25T15:30:11Z	2025-12-25T15:30:11Z
ghsa-578c-qx9g-33c9	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera…	2025-12-25T15:30:11Z	2025-12-25T15:30:11Z
ghsa-hhv7-2hwf-76m2	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera…	2025-12-25T15:30:10Z	2025-12-25T15:30:10Z
ghsa-4w5f-h3jc-88q6	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera…	2025-12-25T15:30:10Z	2025-12-25T15:30:10Z
ghsa-xxv4-5prv-8f29	Pexip Infinity 32.0 through 37.1 before 37.2, in certain configurations of OTJ (One Touch Join) for…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-qjqw-2rg5-mqgm	Pexip Infinity 33.0 through 37.0 before 37.1 has improper input validation in signaling that allows…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-m536-ggcv-cwmj	A vulnerability was detected in itsourcecode Student Management System 1.0. The impacted element is…	2025-12-25T06:30:25Z	2025-12-25T06:30:26Z
ghsa-g75q-8q7j-ggf3	Pexip Infinity before 39.0 has Improper Input Validation in the media implementation, allowing a re…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-g3v9-6rgp-gh2r	Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler fo…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-cxwj-2rvj-cg44	Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product-internal…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-96px-f628-2m88	Pexip Infinity 35.0 through 38.1 before 39.0, in non-default configurations that use Direct Media f…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-8jr5-3mrg-hm2v	Pexip Infinity before 37.0 has improper input validation in signalling that allows a remote attacke…	2025-12-25T06:30:25Z	2025-12-25T06:30:26Z
ghsa-3q6q-gxwr-7gqv	Pexip Infinity 35.0 through 37.2 before 38.0 has Improper Input Validation in signalling that allow…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z
ghsa-34j4-424f-xr64	Pexip Infinity 38.0 and 38.1 before 39.0 has insufficient access control in the RTMP implementation…	2025-12-25T06:30:26Z	2025-12-25T06:30:26Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2023-54161	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:22:41.047Z'}}	N/A	N/A	2025-12-24T13:07:09.692Z	2025-12-29T15:22:41.047Z
cve-2023-53469	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:22:17.258Z'}}	N/A	N/A	2025-10-01T11:42:39.467Z	2025-12-29T15:22:17.258Z
cve-2023-54082	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:21:52.231Z'}}	N/A	N/A	2025-12-24T13:06:14.011Z	2025-12-29T15:21:52.231Z
cve-2024-47683	N/A	drm/amd/display: Skip Recompute DSC Params if no Strea…	Linux	Linux	2024-10-21T11:53:25.118Z	2025-12-29T15:02:40.578Z
cve-2024-43895	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:02:19.009Z'}}	N/A	N/A	2024-08-26T10:10:50.934Z	2025-12-29T15:02:19.009Z
cve-2023-53749	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T14:56:30.742Z'}}	N/A	N/A	2025-12-08T01:19:08.617Z	2025-12-29T14:56:30.742Z
cve-2023-54061	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T14:55:54.287Z'}}	N/A	N/A	2025-12-24T12:23:07.954Z	2025-12-29T14:55:54.287Z
cve-2025-15153		PbootCMS SQLite Database pbootcms.db file access	n/a	PbootCMS	2025-12-28T20:32:07.587Z	2025-12-29T14:55:49.904Z
cve-2023-53642	N/A	x86: fix clear_user_rep_good() exception handling annotation	Linux	Linux	2025-10-07T15:19:41.693Z	2025-12-29T14:55:24.493Z
cve-2022-48843	N/A	{'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T14:48:08.310Z'}}	N/A	N/A	2024-07-16T12:25:13.159Z	2025-12-29T14:48:08.310Z
cve-2025-15154		PbootCMS Header handle.php get_user_ip less trusted source	n/a	PbootCMS	2025-12-28T21:02:07.992Z	2025-12-29T14:48:02.795Z
cve-2025-65570	N/A	A type confusion in jsish 2.0 allows incorrect co…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T14:44:10.558Z
cve-2025-15155		floooh sokol sokol_gfx.h _sg_pipeline_desc_defaults st…	floooh	sokol	2025-12-28T21:32:10.957Z	2025-12-29T14:43:28.566Z
cve-2025-15170		Advaya Softech GEMS ERP Portal Error Message home.jsp …	Advaya Softech	GEMS ERP Portal	2025-12-29T03:32:07.618Z	2025-12-29T14:40:15.648Z
cve-2025-15171		SohuTV CacheCloud ServerController.java index cross si…	SohuTV	CacheCloud	2025-12-29T04:02:05.763Z	2025-12-29T14:39:27.399Z
cve-2025-15176		Open5GS PFCP Session Establishment Request rule-match.…	n/a	Open5GS	2025-12-29T06:32:06.957Z	2025-12-29T14:38:33.043Z
cve-2025-15226	9.3 (v4.0) 9.8 (v3.1)	Sunnet｜WMPro - Arbitrary File Upload	Sunnet	WMPro	2025-12-29T06:39:27.426Z	2025-12-29T14:34:29.835Z
cve-2025-15177		Tenda WH450 HTTP Request SetIpBind stack-based overflow	Tenda	WH450	2025-12-29T07:02:07.082Z	2025-12-29T14:33:44.092Z
cve-2025-15227	8.7 (v4.0) 7.5 (v3.1)	WELLTEND TECHNOLOGY｜ BPMFlowWebkit - Arbitrary File Read	WELLTEND TECHNOLOGY	BPMFlowWebkit	2025-12-29T07:10:24.624Z	2025-12-29T14:31:48.689Z
cve-2025-15190		D-Link DWR-M920 formFilter sub_42261C stack-based overflow	D-Link	DWR-M920	2025-12-29T13:32:08.616Z	2025-12-29T14:26:52.164Z
cve-2025-15191		D-Link DWR-M920 formLtefotaUpgradeFibocom sub_4155B4 c…	D-Link	DWR-M920	2025-12-29T14:02:07.207Z	2025-12-29T14:26:08.160Z
cve-2025-1716	5.3 (v4.0)	picklescan - Security scanning bypass via 'pip main'	mmaitre314	picklescan	2025-02-26T14:51:38.085Z	2025-12-29T14:22:50.868Z
cve-2025-1889	5.3 (v4.0)	picklescan - Security scanning bypass via non-standard…	mmaitre314	picklescan	2025-03-03T18:38:10.046Z	2025-12-29T14:19:05.800Z
cve-2025-1944	5.3 (v4.0)	picklescan ZIP archive manipulation attack leads to crash	mmaitre314	picklescan	2025-03-10T11:30:32.896Z	2025-12-29T14:18:19.513Z
cve-2025-1945	5.3 (v4.0)	picklescan - Zip Flag Bit Exploit Crashes Picklescan B…	mmaitre314	picklescan	2025-03-10T11:43:02.158Z	2025-12-29T14:17:42.215Z
cve-2025-57460	N/A	File upload vulnerability in machsol machpanel 8.…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T14:09:43.250Z
cve-2025-15183		code-projects Refugee Food Management System viewtaken…	code-projects	Refugee Food Management System	2025-12-29T10:02:07.718Z	2025-12-29T13:52:13.840Z
cve-2025-15184		code-projects Refugee Food Management System refugeesr…	code-projects	Refugee Food Management System	2025-12-29T10:32:08.687Z	2025-12-29T13:30:04.962Z
cve-2025-15185		code-projects Refugee Food Management System refugeesr…	code-projects	Refugee Food Management System	2025-12-29T11:02:07.163Z	2025-12-29T13:24:46.871Z
cve-2025-15186		code-projects Refugee Food Management System addusers.…	code-projects	Refugee Food Management System	2025-12-29T11:32:06.009Z	2025-12-29T13:17:51.214Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-15211		code-projects Refugee Food Management System refugee.p…	code-projects	Refugee Food Management System	2025-12-30T00:02:07.439Z	2025-12-30T18:47:48.669Z
cve-2018-25153	N/A	{'providerMetadata': {'orgId': '83251b91-4cc7-4094-a5c7-464a1b83ea10', 'shortName': 'VulnCheck', 'dateUpdated': '2025-12-30T00:11:01.693Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak.'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak.'}], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}}	N/A	N/A	2025-12-24T19:27:53.062Z	2025-12-30T00:11:01.693Z
cve-2025-68499	6.5 (v3.1)	WordPress JetTabs plugin <= 2.2.12 - Cross Site Script…	Crocoblock	JetTabs	2025-12-29T23:10:45.157Z	2025-12-30T18:48:49.402Z
cve-2025-68498	6.5 (v3.1)	WordPress JetTabs plugin <= 2.2.12 - Broken Access Con…	Crocoblock	JetTabs	2025-12-29T23:13:35.444Z	2025-12-30T18:48:36.471Z
cve-2025-68040	6.5 (v3.1)	WordPress WP Project Manager plugin <= 3.0.1 - Sensiti…	weDevs	WP Project Manager	2025-12-29T23:25:11.382Z	2025-12-30T15:53:32.540Z
cve-2025-68036	7.5 (v3.1)	WordPress CubeWP plugin <= 1.1.27 - Broken Access Cont…	Emraan Cheema	CubeWP	2025-12-29T23:26:17.386Z	2025-12-30T15:54:23.634Z
cve-2025-23554	7.1 (v3.1)	WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cro…	Jakub Glos	Off Page SEO	2025-12-29T23:51:32.627Z	2025-12-30T18:48:17.168Z
cve-2025-23550	7.1 (v3.1)	WordPress Product Puller plugin <= 1.5.1 - Reflected C…	Kemal YAZICI	Product Puller	2025-12-29T23:50:08.713Z	2025-12-30T15:57:24.653Z
cve-2025-23469	7.1 (v3.1)	WordPress Sleekplan plugin <= 0.2.0 - Reflected Cross …	Sleekplan	Sleekplan	2025-12-29T23:48:36.314Z	2025-12-30T15:56:45.138Z
cve-2025-23458	7.1 (v3.1)	WordPress Ads24 Lite plugin <= 1.0 - Reflected Cross S…	Rakessh	Ads24 Lite	2025-12-29T23:32:44.943Z	2025-12-30T15:55:57.059Z
cve-2025-14847	8.7 (v4.0) 7.5 (v3.1)	Zlib compressed protocol header length confusion may a…	MongoDB Inc.	MongoDB Server	2025-12-19T11:00:22.465Z	2025-12-30T10:50:29.258Z
cve-2023-41656	5.4 (v3.1)	WordPress Better Elementor Addons plugin <= 1.3.7 - Br…	wpdive	Better Elementor Addons	2025-12-29T23:22:27.926Z	2025-12-30T15:52:40.995Z
cve-2025-15284	8.7 (v4.0) 7.5 (v3.1)	arrayLimit bypass in bracket notation allows DoS via m…			2025-12-29T22:56:45.240Z	2025-12-30T15:57:41.402Z
cve-2025-68860	9.8 (v3.1)	WordPress Mobile builder plugin <= 1.4.2 - Broken Auth…	Mobile Builder	Mobile builder	2025-12-29T21:08:56.358Z	2025-12-30T15:47:43.775Z
cve-2025-68607	6.5 (v3.1)	WordPress Custom Field Template plugin <= 2.7.5 - Cros…	Hiroaki Miyashita	Custom Field Template	2025-12-29T21:10:50.618Z	2025-12-30T15:48:23.658Z
cve-2025-68562	9.9 (v3.1)	WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Uplo…	RomanCode	MapSVG	2025-12-29T21:13:24.913Z	2025-12-30T15:49:09.276Z
cve-2025-68504	6.5 (v3.1)	WordPress JetSearch plugin <= 3.5.16 - Cross Site Scri…	Crocoblock	JetSearch	2025-12-29T21:14:40.576Z	2025-12-30T15:50:12.903Z
cve-2025-68503	6.5 (v3.1)	WordPress JetBlog plugin <= 2.4.7 - Broken Access Cont…	Crocoblock	JetBlog	2025-12-29T21:15:43.312Z	2025-12-29T21:15:43.312Z
cve-2025-68502	4.3 (v3.1)	WordPress JetPopup plugin <= 2.0.20.1 - Insecure Direc…	Crocoblock	JetPopup	2025-12-29T21:16:55.539Z	2025-12-29T21:16:55.539Z
cve-2025-69205		In µURU, a Specially Crafted Federation Name Allows Di…	olell	uURU	2025-12-29T20:52:17.516Z	2025-12-30T15:46:56.380Z
cve-2025-15205		code-projects Student File Management System download.…	code-projects	Student File Management System	2025-12-29T21:02:06.928Z	2025-12-30T15:58:03.924Z
cve-2025-13958	N/A	YaMaps < 0.6.40 - Contributor+ Stored XSS	Unknown	YaMaps for WordPress Plugin	2025-12-29T06:00:10.716Z	2025-12-29T20:16:35.365Z
cve-2025-13417	N/A	Plugin Organizer < 10.2.4 - Subscriber+ SQLi	Unknown	Plugin Organizer	2025-12-29T06:00:08.587Z	2025-12-29T20:15:42.608Z
cve-2024-27480	N/A	givanz VvvebJs 1.7.2 is vulnerable to Insecure Fi…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T20:27:33.820Z
cve-2024-25182	N/A	givanz VvvebJs 1.7.2 suffers from a File Upload v…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T20:40:54.229Z
cve-2025-14175	6 (v4.0)	Weak Algorithm Support in SSH Server on TL-WR820N	TP-Link Systems Inc.	TL-WR820N v2.8	2025-12-29T19:31:23.473Z	2025-12-29T19:31:23.473Z
cve-2024-30855	N/A	DedeCMS v5.7 was discovered to contain a Cross-Si…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T19:38:16.526Z
cve-2025-61924		PrestaShop Checkout Target PayPal merchant account hij…	PrestaShopCorp	ps_checkout	2025-10-16T17:33:49.254Z	2025-10-16T19:22:58.718Z
cve-2025-61922		PrestaShop Checkout allows customer account takeover v…	PrestaShopCorp	ps_checkout	2025-10-16T17:26:14.999Z	2025-10-17T14:00:38.840Z
cve-2025-61923		PrestaShop Checkout Backoffice directory traversal all…	PrestaShopCorp	ps_checkout	2025-10-16T17:31:07.064Z	2025-10-16T19:23:05.488Z

ID	Description	Published	Updated
fkie_cve-2025-68607	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T22:15:43.450	2025-12-29T22:15:43.450
fkie_cve-2025-68562	Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a W…	2025-12-29T22:15:43.310	2025-12-29T22:15:43.310
fkie_cve-2025-68504	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T22:15:43.163	2025-12-29T22:15:43.163
fkie_cve-2025-68503	Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured …	2025-12-29T22:15:43.020	2025-12-29T22:15:43.020
fkie_cve-2025-68502	Authorization Bypass Through User-Controlled Key vulnerability in Crocoblock JetPopup allows Exploi…	2025-12-29T22:15:42.877	2025-12-29T22:15:42.877
fkie_cve-2025-69205	Micro Registration Utility (µURU) is a telephone self registration utility based on asterisk. In ve…	2025-12-29T21:15:43.667	2025-12-29T21:15:43.667
fkie_cve-2025-15205	A vulnerability was identified in code-projects Student File Management System 1.0. Affected by thi…	2025-12-29T21:15:43.383	2025-12-29T21:15:43.383
fkie_cve-2025-13958	The YaMaps for WordPress Plugin WordPress plugin before 0.6.40 does not validate and escape some of…	2025-12-29T06:15:51.430	2025-12-29T21:15:42.793
fkie_cve-2025-13417	The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before…	2025-12-29T06:15:50.580	2025-12-29T21:15:42.520
fkie_cve-2024-27480	givanz VvvebJs 1.7.2 is vulnerable to Insecure File Upload.	2025-12-29T21:15:42.387	2025-12-29T21:15:42.387
fkie_cve-2024-25182	givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.	2025-12-29T21:15:40.157	2025-12-29T21:15:40.157
fkie_cve-2025-14175	A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic…	2025-12-29T20:15:41.400	2025-12-29T20:15:41.400
fkie_cve-2024-30855	DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/d…	2025-12-29T20:15:41.277	2025-12-29T20:15:41.277
fkie_cve-2025-61924	PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versio…	2025-10-16T18:15:39.140	2025-12-29T20:06:15.343
fkie_cve-2025-61922	PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. Starting …	2025-10-16T18:15:38.597	2025-12-29T20:06:13.033
fkie_cve-2025-61923	PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versio…	2025-10-16T18:15:38.987	2025-12-29T20:06:09.500
fkie_cve-2025-68706	A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices …	2025-12-29T19:15:57.090	2025-12-29T19:15:57.090
fkie_cve-2025-68431	libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEI…	2025-12-29T19:15:56.933	2025-12-29T19:15:56.933
fkie_cve-2025-67255	In NagiosXI 2026R1.0.1 build 1762361101, Dashboard parameters lack proper filtering, allowing any a…	2025-12-29T19:15:56.820	2025-12-29T19:15:56.820
fkie_cve-2025-67254	NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /admin/coreconfigsnaps…	2025-12-29T19:15:56.710	2025-12-29T19:15:56.710
fkie_cve-2025-14728	Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers tha…	2025-12-29T19:15:55.277	2025-12-29T19:15:55.277
fkie_cve-2025-14280	The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versi…	2025-12-29T19:15:54.870	2025-12-29T19:15:54.870
fkie_cve-2025-13592	The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and…	2025-12-29T19:15:54.687	2025-12-29T19:15:54.687
fkie_cve-2025-49131	FastGPT is an open-source project that provides a platform for building, deploying, and operating A…	2025-06-09T13:15:24.120	2025-12-29T19:09:21.850
fkie_cve-2025-27600	FastGPT is a knowledge-based platform built on the LLMs. Since the web crawling plug-in does not pe…	2025-03-06T19:15:28.117	2025-12-29T19:09:01.927
fkie_cve-2025-62612	FastGPT is an AI Agent building platform. Prior to version 4.11.1, in the workflow file reading nod…	2025-10-22T21:15:46.693	2025-12-29T19:08:53.507
fkie_cve-2025-52552	FastGPT is an AI Agent building platform. Prior to version 4.9.12, the LastRoute Parameter on login…	2025-06-21T03:15:24.990	2025-12-29T19:06:40.077
fkie_cve-2025-62690	Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs on the /error page, which all…	2025-12-17T13:15:58.510	2025-12-29T18:55:05.180
fkie_cve-2025-62190	Mattermost versions 11.0.x <= 11.0.4, 10.12.x <= 10.12.2, 10.11.x <= 10.11.6 and Mattermost Calls v…	2025-12-17T13:15:58.370	2025-12-29T18:51:51.667
fkie_cve-2025-13352	Mattermost versions 10.11.x <= 10.11.6 and Mattermost GitHub plugin versions <=2.4.0 fail to valida…	2025-12-17T13:15:56.627	2025-12-29T18:50:47.780

ID	Description	Package	Published	Updated
pysec-2023-172	The Create Single Payment application of SAP S/4HANA - versions 100, 101, 102, 103, 104, …	hana-ml	2023-09-12T02:15:00Z	2023-09-29T22:26:12.812435Z
pysec-2023-183	opencv-python versions before v4.8.1.78 bundled libwebp binaries in wheels that are vulne…	opencv-python		2023-09-29T21:15:28.039030+00:00
pysec-2023-184	opencv-python-headless versions before v4.8.1.78 bundled libwebp binaries in wheels that …	opencv-python-headless		2023-09-29T21:15:27.980982+00:00
pysec-2023-181	opencv-contrib-python versions before v4.8.1.78 bundled libwebp binaries in wheels that a…	opencv-contrib-python		2023-09-29T21:15:27.924031+00:00
pysec-2023-182	opencv-contrib-python-headless versions before v4.8.1.78 bundled libwebp binaries in whee…	opencv-contrib-python-headless		2023-09-29T21:15:27.863960+00:00
pysec-2023-180	Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foun…	matrix-synapse	2023-09-27T15:19:00+00:00	2023-09-29T20:23:39.578838+00:00
pysec-2023-179	This affects versions of the package pydash before 6.0.0. A number of pydash methods such…	pydash	2023-09-28T05:15:00+00:00	2023-09-28T10:29:02.604249+00:00
pysec-2023-175	Pillow versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to …	pillow		2023-09-25T17:25:13.946374Z
pysec-2023-177	An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges …	gevent	2023-09-25T12:15:00+00:00	2023-09-25T14:28:09.019811+00:00
pysec-2023-176	GeoNode is an open source platform that facilitates the creation, sharing, and collaborat…	geonode	2023-09-15T21:15:00+00:00	2023-09-20T17:25:44.504117+00:00
pysec-2023-174	imagecodecs versions before v2023.9.18 bundled libwebp binaries in wheels that are vulner…	imagecodecs		2023-09-20T05:12:42.403706+00:00
pysec-2023-173	Piccolo is an ORM and query builder which supports asyncio. In versions 0.120.0 and prior…	piccolo	2023-09-12T21:15:00+00:00	2023-09-19T05:26:00.954782+00:00
pysec-2023-171	Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authent…	apache-airflow	2023-09-12T12:15:00+00:00	2023-09-12T14:27:23.735580+00:00
pysec-2023-170	Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authent…	apache-airflow	2023-09-12T12:15:00+00:00	2023-09-12T14:27:23.660908+00:00
pysec-2023-169	Git Providers can read from the wrong environment because they get the same cache directo…	salt	2023-09-05T11:15:00+00:00	2023-09-08T20:23:17.288300+00:00
pysec-2023-168	Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation…	vyper	2023-09-04T18:15:00+00:00	2023-09-08T16:30:59.497777+00:00
pysec-2023-167	Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) …	vyper	2023-09-04T18:15:00+00:00	2023-09-08T15:22:00.929480+00:00
pysec-2023-166	Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving se…	salt	2023-09-05T11:15:00+00:00	2023-09-07T20:23:20.197102+00:00
pysec-2023-141	A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to ex…	pynetbox	2023-08-10T20:15:00Z	2023-09-07T15:50:00.665697Z
pysec-2023-165	GitPython is a python library used to interact with Git repositories. In order to resolv…	gitpython	2023-08-30T22:15:00+00:00	2023-09-07T14:33:25.683922+00:00
pysec-2023-164	borgbackup is an opensource, deduplicating archiver with compression and authenticated en…	borgbackup	2023-08-30T18:15:00+00:00	2023-09-06T16:31:20.448538+00:00
pysec-2023-161	GitPython is a python library used to interact with Git repositories. When resolving a p…	gitpython	2023-08-28T18:15:00+00:00	2023-09-05T22:26:14.587281+00:00
pysec-2023-160	A flaw was found in the Keylime registrar that could allow a bypass of the challenge-resp…	keylime	2023-08-25T17:15:00+00:00	2023-09-05T20:22:36.414406+00:00
pysec-2023-159	RestrictedPython is a restricted execution environment for Python to run untrusted code. …	restrictedpython	2023-08-30T18:15:00+00:00	2023-09-05T16:32:17.658660+00:00
pysec-2023-158	The session fixation vulnerability allowed the authenticated user to continue accessing A…	apache-airflow	2023-08-23T16:15:00+00:00	2023-09-04T08:29:37.781470+00:00
pysec-2023-157	jupyter-server is the backend for Jupyter web applications. Improper cross-site credentia…	jupyter-server	2023-08-28T21:15:00+00:00	2023-09-01T20:23:47.344401+00:00
pysec-2023-156	Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphe…	apache-airflow-providers-apache-spark	2023-08-28T08:15:00+00:00	2023-09-01T18:27:11.679668+00:00
pysec-2023-155	jupyter-server is the backend for Jupyter web applications. Open Redirect Vulnerability. …	jupyter-server	2023-08-28T21:15:00+00:00	2023-09-01T16:31:48.441782+00:00
pysec-2023-101	A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to…	selenium	2023-07-05T18:15:00Z	2023-08-31T20:11:41.543920Z
pysec-2023-153	Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_u…	horizon	2023-08-22T19:16:00+00:00	2023-08-30T18:28:45.068261+00:00

ID	Description	Updated
gsd-2024-33112	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.711610Z
gsd-2024-33017	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.711408Z
gsd-2024-33214	Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vu…	2024-04-24T05:02:09.710943Z
gsd-2024-33425	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.710668Z
gsd-2024-33232	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.710450Z
gsd-2024-33348	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.710252Z
gsd-2024-33442	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.710054Z
gsd-2024-33048	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.709832Z
gsd-2024-33020	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.709634Z
gsd-2024-33060	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.709441Z
gsd-2024-33243	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.709233Z
gsd-2024-33427	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.709032Z
gsd-2024-33019	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.708836Z
gsd-2024-33244	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.708588Z
gsd-2024-33122	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.708386Z
gsd-2024-33046	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.708183Z
gsd-2024-33246	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.707963Z
gsd-2024-33314	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.707734Z
gsd-2024-33155	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.707542Z
gsd-2024-33207	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.707334Z
gsd-2024-33514	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.707115Z
gsd-2024-33151	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.706908Z
gsd-2024-33223	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.706662Z
gsd-2024-33354	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.706465Z
gsd-2024-33291	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.706255Z
gsd-2024-33324	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.706012Z
gsd-2024-33086	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.705818Z
gsd-2024-33004	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.705613Z
gsd-2024-33148	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.705420Z
gsd-2024-33424	The format of the source doesn't require a description, click on the link for more details.	2024-04-24T05:02:09.705230Z

ID	Description	Published	Updated
mal-2025-192037	Malicious code in elf-stats-flickering-workbench-929 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192035	Malicious code in elf-stats-flickering-saddlebag-301 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192029	Malicious code in elf-stats-festive-hollyberry-572 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192028	Malicious code in elf-stats-festive-cocoa-106 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192026	Malicious code in elf-stats-evergreen-snowglobe-961 (npm)	2025-12-03T15:45:34Z	2025-12-23T19:37:08Z
mal-2025-192025	Malicious code in elf-stats-evergreen-sled-681 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192024	Malicious code in elf-stats-evergreen-muffin-867 (npm)	2025-12-03T11:42:10Z	2025-12-23T19:37:08Z
mal-2025-192023	Malicious code in elf-stats-evergreen-mitten-361 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192022	Malicious code in elf-stats-evergreen-mailbag-606 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192021	Malicious code in elf-stats-evergreen-fir-211 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192019	Malicious code in elf-stats-evergreen-bow-653 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192017	Malicious code in elf-stats-ember-muffin-717 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192016	Malicious code in elf-stats-ember-hammer-340 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:37:08Z
mal-2025-192697	Malicious code in mw-frontend-utils (npm)	2025-12-22T22:29:27Z	2025-12-23T19:24:03Z
mal-2025-192696	Malicious code in mui-wrapper-core (npm)	2025-12-22T22:29:27Z	2025-12-23T19:24:03Z
mal-2025-192543	Malicious code in mw-proto-ts (npm)	2025-12-11T12:17:38Z	2025-12-23T19:24:03Z
mal-2025-192542	Malicious code in mui-wrapper-styles (npm)	2025-12-11T12:15:41Z	2025-12-23T19:24:03Z
mal-2025-192541	Malicious code in mui-wrapper-icons (npm)	2025-12-11T12:17:23Z	2025-12-23T19:24:03Z
mal-2025-192692	Malicious code in @vienna_cancer_center_portal/js (npm)	2025-12-22T22:29:27Z	2025-12-23T19:24:01Z
mal-2025-192488	Malicious code in elf-stats-cocoa-pinecone-118 (npm)	2025-12-11T19:46:09Z	2025-12-23T19:09:02Z
mal-2025-192330	Malicious code in elf-stats-cranberry-pinecone-878 (npm)	2025-12-05T21:10:10Z	2025-12-23T19:09:02Z
mal-2025-192328	Malicious code in elf-stats-cosy-sled-550 (npm)	2025-12-05T21:10:10Z	2025-12-23T19:09:02Z
mal-2025-192208	Malicious code in elf-stats-cranberry-hollyberry-804 (npm)	2025-12-03T17:22:10Z	2025-12-23T19:09:02Z
mal-2025-192203	Malicious code in elf-stats-cocoa-ribbon-476 (npm)	2025-12-03T16:50:41Z	2025-12-23T19:09:02Z
mal-2025-192013	Malicious code in elf-stats-cosy-wishlist-811 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:09:02Z
mal-2025-192009	Malicious code in elf-stats-cocoa-reindeer-663 (npm)	2025-12-03T15:59:29Z	2025-12-23T19:09:02Z
mal-2025-191980	Malicious code in elf-stats-cosy-sleigh-356 (npm)	2025-12-03T14:31:21Z	2025-12-23T19:09:02Z
mal-2025-192429	Malicious code in yunxohang3 (npm)	2025-12-10T04:03:49Z	2025-12-23T18:26:18Z
mal-2025-192428	Malicious code in yunxoahng2 (npm)	2025-12-10T03:55:40Z	2025-12-23T18:26:18Z
mal-2025-192433	Malicious code in mws-common-ui (npm)	2025-12-10T13:07:26Z	2025-12-23T18:26:16Z

ID	Description	Published	Updated
wid-sec-w-2024-0687	Python: Mehrere Schwachstellen ermöglichen Codeausführung und DoS	2024-03-20T23:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2024-0233	GNOME: Schwachstelle ermöglicht Denial of Service und Code-Ausführung	2024-01-28T23:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2024-0127	X.Org X11: Mehrere Schwachstellen	2024-01-16T23:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2023-3131	X.Org X11: Mehrere Schwachstellen	2023-12-12T23:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2023-2749	X.Org X11: Mehrere Schwachstellen	2023-10-25T22:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2023-2599	Red Hat Enterprise Linux (libvpx): Mehrere Schwachstellen	2023-10-09T22:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2023-0793	X.Org X11: Schwachstelle ermöglicht Privilegieneskalation oder Codeausführung	2023-03-29T22:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2023-0293	X.Org X11: Schwachstelle ermöglicht Privilegieneskalation	2023-02-06T23:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2022-2312	X.Org X11: Mehrere Schwachstellen ermöglichen Privilegieneskalation	2022-12-13T23:00:00.000+00:00	2025-08-04T22:00:00.000+00:00
wid-sec-w-2025-1430	Linux Kernel: Mehrere Schwachstellen	2025-06-30T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1321	SaltStack Salt: Mehrere Schwachstellen	2025-06-12T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1150	Redis: Schwachstelle ermöglicht Denial of Service	2025-05-27T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1147	Apache ActiveMQ: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-05-26T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1143	Red Hat Enterprise Linux (python-tornado): Schwachstelle ermöglicht Denial of Service	2025-05-25T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1030	Intel Prozessoren: Mehrere Schwachstellen	2025-05-13T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1005	Varnish HTTP Cache: Schwachstelle ermöglicht Manipulation von Dateien	2025-05-12T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-0999	Linux Kernel: Mehrere Schwachstellen	2025-05-11T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-0986	PostgreSQL: Schwachstelle ermöglicht Denial of Service	2025-05-08T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-0732	Linux Kernel: Mehrere Schwachstellen	2025-04-07T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-0556	Ghostscript: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2025-03-12T23:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-0541	FreeType: Schwachstelle ermöglicht Codeausführung	2025-03-11T23:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-0394	OpenSSH: Mehrere Schwachstellen	2025-02-17T23:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-2124	Linux Kernel: Mehrere Schwachstellen	2024-09-11T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-1968	vim: Schwachstelle ermöglicht Denial of Service	2024-09-01T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-1920	vim: Schwachstelle ermöglicht Denial of Service	2024-08-25T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-1907	vim: Schwachstelle ermöglicht Denial of Service	2024-08-22T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-1607	Linux Kernel: Mehrere Schwachstellen	2024-07-14T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2024-1322	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe	2024-06-09T22:00:00.000+00:00	2025-07-31T22:00:00.000+00:00
wid-sec-w-2025-1683	Apple Safari: Mehrere Schwachstellen	2025-07-30T22:00:00.000+00:00	2025-07-30T22:00:00.000+00:00
wid-sec-w-2025-1682	Dell ECS: Schwachstelle ermöglicht Offenlegung von Informationen	2025-07-30T22:00:00.000+00:00	2025-07-30T22:00:00.000+00:00

ID	Description	Published	Updated
ssa-201384	SSA-201384: Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus RTOS	2021-04-13T00:00:00Z	2022-01-11T00:00:00Z
ssa-185699	SSA-185699: Out of Bounds Write Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS	2021-04-13T00:00:00Z	2022-01-11T00:00:00Z
ssa-173318	SSA-173318: Unquoted Search Path Vulnerability in SICAM PQ Analyzer	2022-01-11T00:00:00Z	2022-01-11T00:00:00Z
ssa-784507	SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products	2021-12-28T00:00:00Z	2021-12-28T00:00:00Z
ssa-479842	SSA-479842: Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platform, Basic and Advanced)	2021-12-21T00:00:00Z	2021-12-23T00:00:00Z
ssa-397453	SSA-397453: Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Energy TraceAlertServerPLUS	2021-12-20T00:00:00Z	2021-12-20T00:00:00Z
ssa-501673	SSA-501673: Apache Log4j Denial of Service Vulnerability (CVE-2021-45105) - Impact to Siemens Products	2021-12-19T00:00:00Z	2021-12-19T00:00:00Z
ssa-390195	SSA-390195: LibVNC Vulnerabilities in SIMATIC ITC Products	2021-12-14T00:00:00Z	2021-12-14T00:00:00Z
ssa-352143	SSA-352143: Multiple File Parsing Vulnerabilities in JTTK before V11.0.3.0 and JT Utilities before V13.0.3.0	2021-12-14T00:00:00Z	2021-12-14T00:00:00Z
ssa-199605	SSA-199605: Arbitrary File Download Vulnerability in SIMATIC eaSie PCS 7 Skill Package	2021-12-14T00:00:00Z	2021-12-14T00:00:00Z
ssa-161331	SSA-161331: Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer before V2021.3.1	2021-12-14T00:00:00Z	2021-12-14T00:00:00Z
ssa-160202	SSA-160202: Multiple Access Control Vulnerabilities in SiPass Integrated	2021-12-14T00:00:00Z	2021-12-14T00:00:00Z
ssa-133772	SSA-133772: Zip Path Traversal Vulnerability in Teamcenter Active Workspace	2021-12-14T00:00:00Z	2021-12-14T00:00:00Z
ssa-044112	SSA-044112: Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS	2021-11-09T00:00:00Z	2021-12-14T00:00:00Z
ssa-847986	SSA-847986: Denial-of-Service Vulnerabilities in SIPROTEC 5 relays	2021-09-14T00:00:00Z	2021-10-12T00:00:00Z
ssa-723417	SSA-723417: Multiple Vulnerabilities in SCALANCE W1750D	2021-05-11T00:00:00Z	2021-10-12T00:00:00Z
ssa-538778	SSA-538778: SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products	2021-05-11T00:00:00Z	2021-10-12T00:00:00Z
ssa-500748	SSA-500748: Denial-of-Service Vulnerabilities in SIPROTEC 5 Devices	2021-09-14T00:00:00Z	2021-10-12T00:00:00Z
ssa-728618	SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8	2021-09-28T00:00:00Z	2021-09-28T00:00:00Z
ssa-997732	SSA-997732: Modfem File Parsing Vulnerability in Simcenter Femap before V2021.2	2021-09-14T00:00:00Z	2021-09-14T00:00:00Z
ssa-987403	SSA-987403: Multiple Vulnerabilities in Teamcenter	2021-09-14T00:00:00Z	2021-09-14T00:00:00Z
ssa-944498	SSA-944498: Buffer Overflow Vulnerability in Web Server of APOGEE and TALON Automation Devices	2021-09-14T00:00:00Z	2021-09-14T00:00:00Z
ssa-938030	SSA-938030: DGN and PAR File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.2	2021-08-10T00:00:00Z	2021-09-14T00:00:00Z
ssa-830194	SSA-830194: Missing Authentication Vulnerability in S7-1200 Devices	2021-08-10T00:00:00Z	2021-09-14T00:00:00Z
ssa-756744	SSA-756744: OS Command Injection Vulnerability in SINEC NMS	2021-08-10T00:00:00Z	2021-09-14T00:00:00Z
ssa-692317	SSA-692317: Authorization Bypass Vulnerability in Industrial Edge	2021-09-14T00:00:00Z	2021-09-14T00:00:00Z
ssa-535380	SSA-535380: Command Injection Vulnerability in Siveillance OIS Affecting Several Building Management Systems	2021-09-14T00:00:00Z	2021-09-14T00:00:00Z
ssa-453715	SSA-453715: Deserialization Vulnerability in CCOM Communication Component of Desigo CC Family	2021-09-14T00:00:00Z	2021-09-14T00:00:00Z
ssa-434536	SSA-434536: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC	2021-07-13T00:00:00Z	2021-09-14T00:00:00Z
ssa-434535	SSA-434535: Memory Protection Bypass Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives	2021-07-13T00:00:00Z	2021-09-14T00:00:00Z

ID	Description	Published	Updated
rhsa-2023:0328	Red Hat Security Advisory: go-toolset and golang security and bug fix update	2023-01-23T15:26:30+00:00	2025-11-27T23:54:42+00:00
rhsa-2022:8750	Red Hat Security Advisory: OpenShift Virtualization 4.11.1 security and bug fix update	2022-12-01T21:09:40+00:00	2025-11-27T23:54:42+00:00
rhsa-2022:7954	Red Hat Security Advisory: podman security and bug fix update	2022-11-15T13:20:30+00:00	2025-11-27T23:54:41+00:00
rhsa-2022:6714	Red Hat Security Advisory: RHACS 3.72 enhancement and security update	2022-09-26T15:26:11+00:00	2025-11-27T23:54:40+00:00
rhsa-2022:6526	Red Hat Security Advisory: OpenShift Virtualization 4.11.0 Images security and bug fix update	2022-09-14T19:28:51+00:00	2025-11-27T23:54:39+00:00
rhsa-2022:6290	Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.0 security and bug fix update	2022-09-01T01:24:16+00:00	2025-11-27T23:54:39+00:00
rhsa-2022:6277	Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.5 security update	2022-08-31T16:58:21+00:00	2025-11-27T23:54:38+00:00
rhsa-2022:6187	Red Hat Security Advisory: Node Health Check Operator 0.3.1 security update	2022-08-25T10:08:43+00:00	2025-11-27T23:54:37+00:00
rhsa-2022:6156	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update	2022-08-24T13:45:52+00:00	2025-11-27T23:54:34+00:00
rhsa-2022:6155	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement & bugfix update	2022-08-24T13:43:53+00:00	2025-11-27T23:54:34+00:00
rhsa-2022:6152	Red Hat Security Advisory: Secondary Scheduler Operator for Red Hat OpenShift 1.1.0 security update	2022-09-01T05:40:28+00:00	2025-11-27T23:54:32+00:00
rhsa-2022:6094	Red Hat Security Advisory: OpenShift Container Platform 4.10.28 packages and security update	2022-08-23T18:15:46+00:00	2025-11-27T23:54:31+00:00
rhsa-2022:6042	Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.24.0	2022-08-10T11:39:17+00:00	2025-11-27T23:54:29+00:00
rhsa-2022:6040	Red Hat Security Advisory: Release of OpenShift Serverless 1.24.0	2022-08-10T13:13:24+00:00	2025-11-27T23:54:28+00:00
rhsa-2022:5875	Red Hat Security Advisory: OpenShift Container Platform 4.10.26 security update	2022-08-09T02:34:48+00:00	2025-11-27T23:54:24+00:00
rhsa-2022:5840	Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.3 security and bug fix update	2022-08-02T07:44:20+00:00	2025-11-27T23:53:48+00:00
rhsa-2022:5799	Red Hat Security Advisory: go-toolset and golang security and bug fix update	2022-08-01T16:07:42+00:00	2025-11-27T23:53:47+00:00
rhsa-2022:5729	Red Hat Security Advisory: OpenShift Container Platform 4.10.25 security update	2022-08-01T11:18:52+00:00	2025-11-27T23:53:45+00:00
rhsa-2022:5415	Red Hat Security Advisory: go-toolset-1.17 and go-toolset-1.17-golang security and bug fix update	2022-06-30T17:34:35+00:00	2025-11-27T23:53:45+00:00
rhsa-2022:5337	Red Hat Security Advisory: go-toolset:rhel8 security and bug fix update	2022-06-30T21:00:23+00:00	2025-11-27T23:53:45+00:00
rhsa-2022:5068	Red Hat Security Advisory: OpenShift Container Platform 4.11.0 packages and security update	2022-08-10T10:13:03+00:00	2025-11-27T23:53:44+00:00
rhsa-2022:5006	Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.3 Containers security update	2022-06-13T12:43:57+00:00	2025-11-27T23:53:43+00:00
rhsa-2022:1372	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.10.0 enhancement, security & bug fix update	2022-04-13T18:48:58+00:00	2025-11-27T23:53:43+00:00
rhsa-2022:1329	Red Hat Security Advisory: OpenShift Virtualization 4.8.5 RPMs security update	2022-04-12T15:09:58+00:00	2025-11-27T23:53:43+00:00
rhsa-2022:0998	Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (golang-github-vbatts-tar-split) security update	2022-03-23T22:12:28+00:00	2025-11-27T23:53:43+00:00
rhsa-2022:0988	Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (golang-github-vbatts-tar-split) security update	2022-03-24T10:59:08+00:00	2025-11-27T23:53:41+00:00
rhsa-2022:0947	Red Hat Security Advisory: OpenShift Virtualization 4.10.0 Images security and bug fix update	2022-03-16T15:45:58+00:00	2025-11-27T23:53:41+00:00
rhsa-2022:0577	Red Hat Security Advisory: Windows Container Support for Red Hat OpenShift 5.0.0 [security update]	2022-03-28T09:34:15+00:00	2025-11-27T23:53:41+00:00
rhsa-2022:0260	Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update	2022-01-25T13:55:40+00:00	2025-11-27T23:53:41+00:00
rhsa-2022:0237	Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update	2022-01-24T13:53:27+00:00	2025-11-27T23:53:40+00:00

ID	Description	Published	Updated
msrc_cve-2025-22111	net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.	2025-04-02T00:00:00.000Z	2025-12-07T01:37:24.000Z
msrc_cve-2024-42066	drm/xe: Fix potential integer overflow in page size calculation	2024-07-01T07:00:00.000Z	2025-12-07T01:37:20.000Z
msrc_cve-2025-55551	An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.	2025-09-02T00:00:00.000Z	2025-12-07T01:37:15.000Z
msrc_cve-2025-52881	runc: LSM labels can be bypassed with malicious config using dummy procfs files	2025-11-02T00:00:00.000Z	2025-12-07T01:37:15.000Z
msrc_cve-2024-41067	btrfs: scrub: handle RST lookup error correctly	2024-07-01T07:00:00.000Z	2025-12-07T01:37:14.000Z
msrc_cve-2025-22115	btrfs: fix block group refcount race in btrfs_create_pending_block_groups()	2025-04-02T00:00:00.000Z	2025-12-07T01:37:02.000Z
msrc_cve-2024-42064	drm/amd/display: Skip pipe if the pipe idx not set properly	2024-07-01T07:00:00.000Z	2025-12-07T01:36:57.000Z
msrc_cve-2025-37745	PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()	2025-05-02T00:00:00.000Z	2025-12-07T01:36:52.000Z
msrc_cve-2025-10158	Rsync: Out of bounds array access via negative index	2025-11-02T00:00:00.000Z	2025-12-07T01:36:46.000Z
msrc_cve-2025-21885	RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers	2025-03-02T00:00:00.000Z	2025-12-07T01:36:42.000Z
msrc_cve-2024-57872	scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()	2025-01-02T00:00:00.000Z	2025-12-07T01:36:36.000Z
msrc_cve-2025-37945	net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY	2025-05-02T00:00:00.000Z	2025-12-07T01:36:32.000Z
msrc_cve-2024-57804	scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs	2025-01-02T00:00:00.000Z	2025-12-07T01:36:31.000Z
msrc_cve-2025-55560	An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.	2025-09-02T00:00:00.000Z	2025-12-07T01:36:29.000Z
msrc_cve-2025-21892	RDMA/mlx5: Fix the recovery flow of the UMR QP	2025-03-02T00:00:00.000Z	2025-12-07T01:36:21.000Z
msrc_cve-2018-7159	The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.	2018-05-02T00:00:00.000Z	2025-12-07T01:36:21.000Z
msrc_cve-2025-46152	In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument.	2025-09-02T00:00:00.000Z	2025-12-07T01:36:18.000Z
msrc_cve-2025-12748	Libvirt: denial of service in xml parsing	2025-11-02T00:00:00.000Z	2025-12-07T01:36:12.000Z
msrc_cve-2024-35794	dm-raid: really frozen sync_thread during suspend	2024-05-02T07:00:00.000Z	2025-12-07T01:36:12.000Z
msrc_cve-2025-10911	Libxslt: use-after-free with key data stored cross-rvt	2025-09-02T00:00:00.000Z	2025-12-07T01:36:04.000Z
msrc_cve-2024-56782	ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()	2025-01-02T00:00:00.000Z	2025-12-07T01:36:04.000Z
msrc_cve-2025-21985	drm/amd/display: Fix out-of-bound accesses	2025-04-02T00:00:00.000Z	2025-12-07T01:36:01.000Z
msrc_cve-2023-27043	The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.	2023-04-01T00:00:00.000Z	2025-12-07T01:35:56.000Z
msrc_cve-2025-40202	ipmi: Rework user message limit handling	2025-11-02T00:00:00.000Z	2025-12-07T01:35:54.000Z
msrc_cve-2024-56775	drm/amd/display: Fix handling of plane refcount	2025-01-02T00:00:00.000Z	2025-12-07T01:35:54.000Z
msrc_cve-2025-21732	RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error	2025-02-02T00:00:00.000Z	2025-12-07T01:35:51.000Z
msrc_cve-2025-58354	Kata Containers coco-tdx malicious host can circumvent initdata verification	2025-09-02T00:00:00.000Z	2025-12-07T01:35:50.000Z
msrc_cve-2024-25740	A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.	2024-02-02T08:00:00.000Z	2025-12-07T01:35:44.000Z
msrc_cve-2024-53201	drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe	2024-12-02T00:00:00.000Z	2025-12-07T01:35:43.000Z
msrc_cve-2025-40204	sctp: Fix MAC comparison to be constant-time	2025-11-02T00:00:00.000Z	2025-12-07T01:35:42.000Z

ID	Description	Published	Updated
icsa-13-217-02	Schneider Electric Vijeo Citect, CitectSCADA, PowerLogic SCADA Vulnerability	2013-05-08T06:00:00.000000Z	2025-06-06T18:39:09.378557Z
icsa-13-217-01	MOXA Weak Entropy in DSA Keys Vulnerability	2013-05-08T06:00:00.000000Z	2025-06-06T18:39:02.876567Z
icsa-13-213-04a	MatrikonOPC SCADA DNP3 Master Station Improper Input Validation	2013-05-04T06:00:00.000000Z	2025-06-06T18:38:56.423839Z
icsa-13-213-03	IOServer Master Station Improper Input Validation	2013-05-04T06:00:00.000000Z	2025-06-06T18:38:49.972335Z
icsa-13-213-02	Siemens WinCC TIA Portal Vulnerabilities	2013-05-04T06:00:00.000000Z	2025-06-06T18:38:37.068310Z
icsa-13-189-02	Triangle Research Nano 10 PLC Denial of Service	2013-04-10T06:00:00.000000Z	2025-06-06T18:38:30.225993Z
icsa-15-244-01	Siemens RUGGEDCOM ROS IP Forwarding Vulnerability	2015-06-04T06:00:00.000000Z	2025-06-06T16:10:32.525653Z
icsa-15-246-03	Moxa Industrial Managed Switch Vulnerabilities	2015-06-06T06:00:00.000000Z	2025-06-06T16:10:26.107916Z
icsa-15-246-02	Schneider Electric Modicon PLC Vulnerabilities	2015-06-06T06:00:00.000000Z	2025-06-06T16:10:13.250913Z
icsa-15-239-01	Moxa SoftCMS Buffer Overflow Vulnerabilities	2015-05-30T06:00:00.000000Z	2025-06-06T16:10:00.281281Z
icsa-15-253-01	Yokogawa Multiple Products Buffer Overflow Vulnerabilities	2015-06-13T06:00:00.000000Z	2025-06-06T16:09:40.885670Z
icsa-15-239-03	Innominate mGuard VPN Vulnerability	2015-05-30T06:00:00.000000Z	2025-06-06T16:09:34.476889Z
icsa-15-181-02a	SMA Solar Technology AG Sunny WebBox Hard-Coded Account Vulnerability	2015-04-02T06:00:00.000000Z	2025-06-06T16:09:27.695836Z
icsa-15-161-01	Hospira Plum A+ and Symbiq Infusion Systems Vulnerabilities	2015-03-13T06:00:00.000000Z	2025-06-06T16:08:42.194031Z
icsa-15-239-02	Siemens SIMATIC S7-1200 CSRF Vulnerability	2015-05-30T06:00:00.000000Z	2025-06-06T16:08:35.760091Z
icsa-15-251-01a	Advantech WebAccess Buffer Overflow Vulnerability	2015-06-11T06:00:00.000000Z	2025-06-06T16:08:29.333916Z
icsa-15-237-01	Endress+Hauser HART Device DTM Vulnerability	2015-05-28T06:00:00.000000Z	2025-06-06T16:08:22.636411Z
icsa-15-041-01	Advantech EKI-1200 Buffer Overflow	2015-11-13T07:00:00.000000Z	2025-06-06T16:08:16.200699Z
icsa-15-125-01b	Hospira LifeCare PCA Infusion System Vulnerabilities	2015-02-05T07:00:00.000000Z	2025-06-06T16:07:30.609417Z
icsa-15-246-01	Cogent DataHub Code Injection Vulnerability	2015-06-06T06:00:00.000000Z	2025-06-06T16:07:24.191912Z
icsa-13-169-02	Siemens WinCC 7.2 Multiple Vulnerabilities	2013-03-21T06:00:00.000000Z	2025-06-06T16:07:03.931759Z
icsa-13-169-03	Siemens COMOS Permissions, Privileges, and Access Controls	2013-03-21T06:00:00.000000Z	2025-06-06T16:06:57.517659Z
icsa-13-169-01	Siemens Scalance X200 IRT Multiple Vulnerabilities	2013-03-21T06:00:00.000000Z	2025-06-06T16:06:44.607249Z
icsa-13-184-01	Alstom Grid S1 Agile Improper Authorization	2013-04-05T06:00:00.000000Z	2025-06-06T16:06:38.167917Z
icsa-13-170-01	GE Proficy HMI/SCADA CIMPLICITY WebView Improper Input Validation	2013-03-22T06:00:00.000000Z	2025-06-06T16:06:31.741308Z
icsa-13-161-01	IOServer DNP3 Improper Input Validation	2013-03-13T06:00:00.000000Z	2025-06-06T16:06:25.315778Z
icsa-13-189-01	QNX Multiple Vulnerabilities	2013-04-10T06:00:00.000000Z	2025-06-06T16:06:12.410332Z
icsa-13-067-01	InduSoft Advantech Studio Directory Traversal	2013-12-10T07:00:00.000000Z	2025-06-06T16:06:05.937479Z
icsa-13-091-01	Wind River VxWorks SSH and Web Server and General Electric D20MX	2013-01-03T07:00:00.000000Z	2025-06-06T16:05:33.422392Z
icsa-13-100-01	Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability	2013-01-12T07:00:00.000000Z	2025-06-06T16:05:26.967911Z

ID	Description	Published	Updated
cisco-sa-umbrella-tunnel-gjw5thge	Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-umbrella-tunnel-gJw5thgE	Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-uccx-wcp-jjeqdt3s	Cisco Unified Contact Center Express Finesse Portal Web Cache Poisoning Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-uccx-wcp-JJeqDT3S	Cisco Unified Contact Center Express Finesse Portal Web Cache Poisoning Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-pi-epnm-storedxss-ttjo62r	Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-pi-epnm-storedxss-tTjO62r	Cisco Prime Infrastructure and Evolved Programmable Network Manager Stored Cross-Site Scripting Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-pi-epnm-bfjsrjp5	Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerabilities	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-pi-epnm-BFjSRJP5	Cisco Prime Infrastructure and Evolved Programmable Network Manager Cross-Site Scripting Vulnerabilities	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ivpa-cmdinj-c5xrbboy	Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ivpa-cmdinj-C5XRbbOy	Cisco Intersight Private Virtual Appliance Command Injection Vulnerabilities	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ise-credentials-tkto3h3	Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ise-credentials-tkTO3h3	Cisco Identity Services Engine Device Credential Information Disclosure Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ipphone-csrf-hocmxw2c	Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ipphone-csrf-HOCmXW2c	Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-intersight-forward-c45ncgqb	Cisco Intersight Virtual Appliance Unauthenticated Port Forwarding Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-intersight-forward-C45ncgqb	Cisco Intersight Virtual Appliance Unauthenticated Port Forwarding Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-expressway-injection-x475ebtq	Cisco Expressway Series and Cisco TelePresence Video Communication Server Command Injection Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-expressway-injection-X475EbTQ	Cisco Expressway Series and Cisco TelePresence Video Communication Server Command Injection Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-duo-dha-filewrite-xpmbmzak	Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-duo-dha-filewrite-xPMBMZAK	Cisco Duo Device Health Application for Windows Arbitrary File Write Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-cucm-injection-g6mbwh2	Cisco Unified Communications Manager SQL Injection Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-cucm-injection-g6MbwH2	Cisco Unified Communications Manager SQL Injection Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-cucm-imp-xss-qtt4vdsk	Cisco Unified Communications Products Cross-Site Scripting Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-cucm-imp-xss-QtT4VdsK	Cisco Unified Communications Products Cross-Site Scripting Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-clamav-dos-ftkhqmwz	ClamAV AutoIt Module Denial of Service Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-clamav-dos-FTkhqMWZ	ClamAV AutoIt Module Denial of Service Vulnerability	2023-08-16T16:00:00+00:00	2023-08-16T16:00:00+00:00
cisco-sa-ac-leak-sew6g2kd	Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables Affecting Cisco AnyConnect Secure Mobility Client and Cisco Secure Client	2023-08-08T15:00:00+00:00	2023-08-08T15:00:00+00:00
cisco-sa-ac-leak-Sew6g2kd	Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables Affecting Cisco AnyConnect Secure Mobility Client and Cisco Secure Client	2023-08-08T15:00:00+00:00	2023-08-08T15:00:00+00:00
cisco-sa-ucm-file-read-h8h4hej3	Cisco Unified Communications Products Arbitrary File Read Vulnerability	2022-04-20T16:00:00+00:00	2023-08-02T20:18:45+00:00
cisco-sa-ucm-file-read-h8h4HEJ3	Cisco Unified Communications Products Arbitrary File Read Vulnerability	2022-04-20T16:00:00+00:00	2023-08-02T20:18:45+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Updated
var-202012-1546	A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. d…	2024-11-29T21:01:32.415000Z
var-201710-1406	An issue was discovered in certain Apple products. iOS before 11 is affected. Safari befo…	2024-11-29T21:01:29.516000Z
var-202104-1571	A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lea…	2024-11-29T21:01:29.452000Z
var-202105-1431	The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired…	2024-11-29T21:01:29.204000Z
var-200809-0007	slapconfig in Directory Services in Apple Mac OS X 10.5 through 10.5.4 allows local users…	2024-11-29T21:01:25.245000Z
var-201306-0256	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2024-11-29T21:01:25.160000Z
var-202106-0349	Incomplete cleanup in some Intel(R) VT-d products may allow an authenticated user to pote…	2024-11-29T21:01:25.076000Z
var-201310-0612	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, J…	2024-11-29T21:01:24.774000Z
var-201302-0304	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on …	2024-11-29T21:01:24.333000Z
var-201310-0135	Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Ja…	2024-11-29T21:01:19.330000Z
var-201708-0212	The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 all…	2024-11-29T21:00:10.607000Z
var-201904-0743	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T21:00:09.477000Z
var-200811-0014	Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPho…	2024-11-29T21:00:04.935000Z
var-201108-0185	Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and…	2024-11-29T21:00:04.563000Z
var-202109-1315	A memory corruption issue was addressed with improved state management. This issue is fix…	2024-11-29T21:00:04.069000Z
var-201110-0321	FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterpri…	2024-11-29T21:00:02.584000Z
var-200812-0322	Integer overflow in the _cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows re…	2024-11-29T20:59:31.019000Z
var-201904-1398	A use after free issue was addressed with improved memory management. This issue affected…	2024-11-29T20:59:30.908000Z
var-201302-0305	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on …	2024-11-29T20:59:30.507000Z
var-201912-1848	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T20:59:30.435000Z
var-201103-0291	Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in Im…	2024-11-29T20:58:59.314000Z
var-201912-1847	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T20:58:53.545000Z
var-201801-1711	Systems with microprocessors utilizing speculative execution and indirect branch predicti…	2024-11-29T20:58:50.283000Z
var-202109-1966	There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a mal…	2024-11-29T20:58:50.093000Z
var-202010-1512	An input validation issue was addressed with improved input validation. This issue is fix…	2024-11-29T20:57:58.848000Z
var-201708-0038	The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 al…	2024-11-29T20:57:57.600000Z
var-200611-0368	The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Pas…	2024-11-29T20:57:55.324000Z
var-201108-0147	Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before …	2024-11-29T20:57:50.970000Z
var-200908-0708	Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Po…	2024-11-29T20:56:48.175000Z
var-200703-0012	Integer overflow in Apple QuickTime before 7.1.5 allows remote user-assisted attackers to…	2024-11-29T20:56:44.166000Z

ID	Description	Published	Updated
jvndb-2021-006026	TP-Link TL-WR802N V4(JP) vulnerable to OS command injection	2021-12-24T15:31+09:00	2021-12-24T15:31+09:00
jvndb-2021-005998	Multiple vulnerabilities in QNAP VioStar NVR	2021-12-24T10:58+09:00	2021-12-24T10:58+09:00
jvndb-2021-003929	Multiple vulnerabilities in multiple Yamaha routers	2021-12-24T10:51+09:00	2021-12-24T10:51+09:00
jvndb-2021-000112	Android Apps developed using Yappli fails to restrict custom URL schemes properly	2021-12-22T15:07+09:00	2021-12-22T15:07+09:00
jvndb-2021-000111	Multiple vulnerabilities in GroupSession	2021-12-20T14:53+09:00	2021-12-21T14:20+09:00
jvndb-2021-000022	Multiple vulnerabilities in Cybozu Office	2021-03-15T15:56+09:00	2021-12-17T17:51+09:00
jvndb-2021-000093	Movable Type XMLRPC API vulnerable to OS command injection	2021-10-20T17:38+09:00	2021-12-17T17:36+09:00
jvndb-2021-000110	UNIVERGE DT Series vulnerable to missing encryption of sensitive data	2021-12-17T16:57+09:00	2021-12-17T16:57+09:00
jvndb-2021-005174	Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)	2021-12-09T13:43+09:00	2021-12-09T13:43+09:00
jvndb-2021-000107	Wi-Fi STATION SH-52A vulnerable to cross-site scripting	2021-11-30T14:49+09:00	2021-11-30T14:49+09:00
jvndb-2021-004716	Trend Micro Antivirus for MAC vulnerable to improper access controls	2021-11-29T13:52+09:00	2021-11-29T13:52+09:00
jvndb-2021-000106	Multiple vulnerabilities in baserCMS	2021-11-26T14:59+09:00	2021-11-26T14:59+09:00
jvndb-2021-000104	WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery	2021-11-25T14:31+09:00	2021-11-25T14:31+09:00
jvndb-2021-004432	Multiple Vulnerabilities in JP1/Automatic Operation	2021-11-22T16:10+09:00	2021-11-22T16:10+09:00
jvndb-2021-000103	WordPress Plugin "Push Notifications for WordPress (Lite)" vulnerable to cross-site request forgery	2021-11-16T13:42+09:00	2021-11-16T13:42+09:00
jvndb-2021-000102	rwtxt vulnerable to cross-site scripting	2021-11-16T13:38+09:00	2021-11-16T13:38+09:00
jvndb-2021-000101	Unlimited Sitemap Generator vulnerable to cross-site request forgery	2021-11-12T15:07+09:00	2021-11-12T15:07+09:00
jvndb-2021-003840	Cross-site Scripting Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer	2021-11-12T11:41+09:00	2021-11-12T11:41+09:00
jvndb-2021-000100	Multiple vulnerabilities in EC-CUBE 2 series	2021-11-11T15:09+09:00	2021-11-11T15:09+09:00
jvndb-2021-000094	WordPress Plugin "Booking Package - Appointment Booking Calendar System" vulnerable to cross-site scripting	2021-11-10T14:26+09:00	2021-11-10T14:26+09:00
jvndb-2021-003811	File Permission Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center	2021-11-05T15:04+09:00	2021-11-05T15:04+09:00
jvndb-2021-003660	Authentication Bypass Vulnerability in Hitachi Device Manager	2021-11-01T15:56+09:00	2021-11-01T15:56+09:00
jvndb-2021-003080	OMRON CX-Supervisor vulnerable to out-of-bounds read	2021-10-18T15:26+09:00	2021-11-01T15:37+09:00
jvndb-2021-000096	Android App "Mercari (Merpay) - Marketplace and Mobile Payments App" (Japan version) vulnerable to improper handling of Intent	2021-10-29T15:11+09:00	2021-10-29T15:11+09:00
jvndb-2021-000098	ESET Cyber Security and ESET Endpoint series vulnerable to denial-of-service (DoS)	2021-10-29T14:58+09:00	2021-10-29T14:58+09:00
jvndb-2021-000095	Multiple improper restriction of XML external entity reference (XXE) vulnerabilities in Office Server Document Converter	2021-10-28T15:03+09:00	2021-10-28T15:03+09:00
jvndb-2021-003385	Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation	2021-10-26T12:35+09:00	2021-10-26T12:35+09:00
jvndb-2021-000091	128 Technology Session Smart Router vulnerable to authentication bypass	2021-10-18T14:58+09:00	2021-10-18T14:58+09:00
jvndb-2021-000090	Apache HTTP Server vulnerable to directory traversal	2021-10-11T18:07+09:00	2021-10-11T18:07+09:00
jvndb-2021-000089	Nike App fails to restrict custom URL schemes properly	2021-10-08T14:32+09:00	2021-10-08T14:32+09:00

ID	Description	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated