Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-pgww-xf46-h92r | lxml vulnerable to Cross-site Scripting | 2021-01-07T21:54:01Z | 2025-12-20T05:10:35Z |
| ghsa-x5r2-hj5c-8jx6 | SSRF in adminer | 2021-02-11T20:42:59Z | 2025-10-22T19:05:30Z |
| ghsa-2m8v-572m-ff2v | Command Injection Vulnerability | 2021-02-16T16:51:04Z | 2025-10-22T19:06:01Z |
| ghsa-2v5f-23xc-v9qr | ansi_up cross-site scripting vulnerability | 2021-03-11T22:50:39Z | 2025-11-04T16:33:40Z |
| ghsa-4qwp-7c67-jmcc | Unauthenticated remote code execution in Ignition | 2021-03-29T20:23:46Z | 2025-10-22T17:58:58Z |
| ghsa-w3hj-wr2q-x83g | Discovery uses the same AES/GCM Nonce throughout the session | 2021-04-06T17:22:17Z | 2025-12-02T01:28:16Z |
| ghsa-r96p-v3cr-gfv8 | Cross-site Scripting (XSS) in @scullyio/scully | 2021-04-13T15:28:01Z | 2025-10-20T19:43:52Z |
| ghsa-hj5v-574p-mj7c | py vulnerable to Regular Expression Denial of Service | 2021-04-20T16:39:57Z | 2025-11-04T16:34:14Z |
| ghsa-rpw6-9xfx-jvcx | Directory Traversal in Archive_Tar | 2021-04-22T16:20:36Z | 2025-10-22T18:00:26Z |
| ghsa-75c5-f4gw-38r9 | Multiple vulnerabilities through filename manipulation in Archive_Tar | 2021-04-22T16:20:59Z | 2025-10-22T17:56:52Z |
| ghsa-hhx9-p69v-cx2j | Authentication bypass in Apache Airflow | 2021-04-30T17:34:13Z | 2025-10-22T17:56:14Z |
| ghsa-cf4h-3jhx-xvhq | Arbitrary Code Execution in underscore | 2021-05-06T16:09:43Z | 2025-11-04T16:33:59Z |
| ghsa-7w8j-85wm-6xfq | Prototype Pollution in jquery-bbq | 2021-05-24T19:51:58Z | 2025-11-04T16:34:47Z |
| ghsa-j9h8-phrw-h4fh | XStream is vulnerable to a Remote Command Execution attack | 2021-08-25T14:48:19Z | 2025-10-22T19:07:26Z |
| ghsa-mxr5-mc97-63rc | Account Takeover in Octobercms | 2021-08-30T16:13:02Z | 2025-10-22T19:06:40Z |
| ghsa-52cf-226f-rhr6 | Default CORS config allows any origin with credentials | 2021-09-02T16:52:18Z | 2025-12-11T21:15:42Z |
| ghsa-2j58-pwwv-x666 | Cross-Site Request Forgery in sqlite-web | 2021-09-09T17:10:35Z | 2025-11-27T09:16:04Z |
| ghsa-p5w8-wqhj-9hhf | StripComments filter contains a regular expression that is vulnerable to ReDOS (Regular Expression … | 2021-09-10T17:56:06Z | 2025-11-04T16:35:21Z |
| ghsa-5vcm-3xc3-w7x3 | Response Splitting from unsanitized headers | 2021-09-22T19:18:41Z | 2025-12-11T21:12:05Z |
| ghsa-69j6-29vr-p3j9 | Authentication bypass for viewing and deletions of snapshots | 2021-10-05T20:24:02Z | 2025-10-22T19:08:03Z |
| ghsa-3r3g-g73x-g593 | coreos-installer improperly verifies GPG signature when decompressing gzipped artifact | 2021-10-12T16:06:47Z | 2025-12-22T16:27:06Z |
| ghsa-68jc-v27h-vhmw | Drupal core Unrestricted Upload of File with Dangerous Type | 2021-10-12T16:28:25Z | 2025-10-22T17:59:37Z |
| ghsa-gpqq-952q-5327 | XSS in the `of` option of the `.position()` util in jquery-ui | 2021-10-26T14:55:12Z | 2025-11-04T19:36:07Z |
| ghsa-px6h-65pj-6gq3 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution whe… | 2021-11-17T19:13:08Z | 2025-11-03T21:30:36Z |
| ghsa-4xx3-xg55-3wr5 | Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker… | 2021-11-24T00:00:27Z | 2025-10-22T00:32:26Z |
| ghsa-xrj7-4gfh-q9h7 | Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.463… | 2021-11-24T00:00:27Z | 2025-10-22T00:32:26Z |
| ghsa-9q3v-827r-c9mw | The myCred WordPress plugin before 2.3 does not validate or escape the fields parameter before usin… | 2021-11-30T00:00:52Z | 2025-10-17T18:31:05Z |
| ghsa-xm89-vxjx-jvcg | Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCent… | 2021-11-30T00:00:52Z | 2025-10-22T00:32:26Z |
| ghsa-7cjm-mv56-4mg4 | NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. | 2021-12-02T00:00:36Z | 2025-11-03T21:30:36Z |
| ghsa-r79c-6hf5-2jjx | vim is vulnerable to Heap-based Buffer Overflow | 2021-12-02T00:00:51Z | 2025-11-03T21:30:36Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2010-0738 | N/A | The JMX-Console web application in JBossAs in Red… |
n/a |
n/a |
2010-04-28T22:00:00.000Z | 2025-10-22T00:05:52.604Z |
| cve-2010-1428 | N/A | The Web Console (aka web-console) in JBossAs in R… |
n/a |
n/a |
2010-04-28T22:00:00.000Z | 2025-10-22T00:05:52.450Z |
| cve-2010-1297 | N/A | Adobe Flash Player before 9.0.277.0 and 10.x befo… |
n/a |
n/a |
2010-06-08T18:00:00.000Z | 2025-10-22T00:05:52.284Z |
| cve-2010-2568 | N/A | Windows Shell in Microsoft Windows XP SP3, Server… |
n/a |
n/a |
2010-07-22T10:00:00.000Z | 2025-10-22T00:05:52.095Z |
| cve-2010-1871 | N/A | JBoss Seam 2 (jboss-seam2), as used in JBoss Ente… |
n/a |
n/a |
2010-08-04T19:00:00.000Z | 2025-10-22T00:05:51.923Z |
| cve-2010-2861 | N/A | Multiple directory traversal vulnerabilities in t… |
n/a |
n/a |
2010-08-11T18:00:00.000Z | 2025-10-22T00:05:51.755Z |
| cve-2010-3035 | N/A | Cisco IOS XR 3.4.0 through 3.9.1, when BGP is ena… |
n/a |
n/a |
2010-08-30T20:00:00.000Z | 2025-10-22T00:05:51.586Z |
| cve-2010-2883 | N/A | Stack-based buffer overflow in CoolType.dll in Ad… |
n/a |
n/a |
2010-09-09T21:00:00.000Z | 2025-10-22T00:05:51.427Z |
| cve-2010-3765 | N/A | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x th… |
n/a |
n/a |
2010-10-27T22:00:00.000Z | 2025-10-22T00:05:51.248Z |
| cve-2010-3962 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2010-11-05T16:28:00.000Z | 2025-10-22T00:05:51.096Z |
| cve-2010-2572 | N/A | Buffer overflow in Microsoft PowerPoint 2002 SP3 … |
n/a |
n/a |
2010-11-10T01:00:00.000Z | 2025-10-22T00:05:50.925Z |
| cve-2010-3333 | N/A | Stack-based buffer overflow in Microsoft Office X… |
n/a |
n/a |
2010-11-10T01:00:00.000Z | 2025-10-22T00:05:50.753Z |
| cve-2010-4398 | N/A | Stack-based buffer overflow in the RtlQueryRegist… |
n/a |
n/a |
2010-12-03T20:00:00.000Z | 2025-10-22T00:05:50.613Z |
| cve-2010-3904 | N/A | The rds_page_copy_user function in net/rds/page.c… |
n/a |
n/a |
2010-12-06T20:00:00.000Z | 2025-10-22T00:05:50.418Z |
| cve-2010-4344 | N/A | Heap-based buffer overflow in the string_vformat … |
n/a |
n/a |
2010-12-14T15:00:00.000Z | 2025-10-22T00:05:50.264Z |
| cve-2010-4345 | N/A | Exim 4.72 and earlier allows local users to gain … |
n/a |
n/a |
2010-12-14T15:00:00.000Z | 2025-10-22T00:05:50.114Z |
| cve-2010-4756 | N/A | The glob implementation in the GNU C Library (aka… |
n/a |
n/a |
2011-03-02T19:00:00.000Z | 2025-11-03T21:43:58.193Z |
| cve-2011-0609 | N/A | Unspecified vulnerability in Adobe Flash Player 1… |
n/a |
n/a |
2011-03-15T17:00:00.000Z | 2025-10-22T00:05:49.973Z |
| cve-2011-0611 | N/A | Adobe Flash Player before 10.2.154.27 on Windows,… |
n/a |
n/a |
2011-04-13T14:00:00.000Z | 2025-10-22T00:05:49.821Z |
| cve-2011-1823 | N/A | The vold volume manager daemon on Android 3.0 and… |
n/a |
n/a |
2011-06-09T10:00:00.000Z | 2025-10-22T00:05:49.671Z |
| cve-2011-1889 | N/A | The NSPLookupServiceNext function in the client i… |
n/a |
n/a |
2011-06-16T20:21:00.000Z | 2025-10-22T00:05:49.491Z |
| cve-2011-2005 | N/A | afd.sys in the Ancillary Function Driver in Micro… |
n/a |
n/a |
2011-10-12T01:00:00.000Z | 2025-10-22T00:05:49.314Z |
| cve-2011-3544 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2011-10-19T21:00:00.000Z | 2025-10-22T00:05:49.147Z |
| cve-2011-3402 | N/A | Unspecified vulnerability in the TrueType font pa… |
n/a |
n/a |
2011-11-04T21:00:00.000Z | 2025-10-22T00:05:48.983Z |
| cve-2011-2462 | N/A | Unspecified vulnerability in the U3D component in… |
n/a |
n/a |
2011-12-07T19:00:00.000Z | 2025-11-21T15:56:38.224Z |
| cve-2011-4723 | N/A | The D-Link DIR-300 router stores cleartext passwo… |
n/a |
n/a |
2011-12-20T11:00:00.000Z | 2025-10-22T00:05:48.669Z |
| cve-2012-0391 | N/A | The ExceptionDelegator component in Apache Struts… |
n/a |
n/a |
2012-01-08T15:00:00.000Z | 2025-10-22T00:05:48.504Z |
| cve-2012-0754 | N/A | Adobe Flash Player before 10.3.183.15 and 11.x be… |
n/a |
n/a |
2012-02-16T19:00:00.000Z | 2025-11-17T20:14:29.301Z |
| cve-2012-0767 | N/A | Cross-site scripting (XSS) vulnerability in Adobe… |
n/a |
n/a |
2012-02-16T19:00:00.000Z | 2025-10-22T00:05:48.202Z |
| cve-2012-0151 | N/A | The Authenticode Signature Verification function … |
n/a |
n/a |
2012-04-10T21:00:00.000Z | 2025-10-22T00:05:48.035Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2009-2055 | N/A | Cisco IOS XR 3.4.0 through 3.8.1 allows remote at… |
n/a |
n/a |
2009-08-19T17:00:00.000Z | 2025-10-22T00:05:54.237Z |
| cve-2009-3129 | N/A | Microsoft Office Excel 2002 SP3, 2003 SP3, and 20… |
n/a |
n/a |
2009-11-11T19:00:00.000Z | 2025-10-22T00:05:54.084Z |
| cve-2009-4324 | N/A | Use-after-free vulnerability in the Doc.media.new… |
n/a |
n/a |
2009-12-15T02:00:00.000Z | 2025-10-22T00:05:53.934Z |
| cve-2009-3953 | N/A | The U3D implementation in Adobe Reader and Acroba… |
n/a |
n/a |
2010-01-13T19:00:00.000Z | 2025-10-22T00:05:53.712Z |
| cve-2010-0232 | N/A | The kernel in Microsoft Windows NT 3.1 through Wi… |
n/a |
n/a |
2010-01-21T19:00:00.000Z | 2025-10-22T00:05:53.248Z |
| cve-2009-3960 | N/A | Unspecified vulnerability in BlazeDS 3.2 and earl… |
n/a |
n/a |
2010-02-15T18:00:00.000Z | 2025-10-22T00:05:53.086Z |
| cve-2010-0188 | N/A | Unspecified vulnerability in Adobe Reader and Acr… |
n/a |
n/a |
2010-02-21T17:00:00.000Z | 2025-10-22T00:05:52.918Z |
| cve-2010-0840 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2010-04-01T16:00:00.000Z | 2025-10-22T00:05:52.754Z |
| cve-2010-0738 | N/A | The JMX-Console web application in JBossAs in Red… |
n/a |
n/a |
2010-04-28T22:00:00.000Z | 2025-10-22T00:05:52.604Z |
| cve-2010-1428 | N/A | The Web Console (aka web-console) in JBossAs in R… |
n/a |
n/a |
2010-04-28T22:00:00.000Z | 2025-10-22T00:05:52.450Z |
| cve-2010-1297 | N/A | Adobe Flash Player before 9.0.277.0 and 10.x befo… |
n/a |
n/a |
2010-06-08T18:00:00.000Z | 2025-10-22T00:05:52.284Z |
| cve-2010-2568 | N/A | Windows Shell in Microsoft Windows XP SP3, Server… |
n/a |
n/a |
2010-07-22T10:00:00.000Z | 2025-10-22T00:05:52.095Z |
| cve-2010-1871 | N/A | JBoss Seam 2 (jboss-seam2), as used in JBoss Ente… |
n/a |
n/a |
2010-08-04T19:00:00.000Z | 2025-10-22T00:05:51.923Z |
| cve-2010-2861 | N/A | Multiple directory traversal vulnerabilities in t… |
n/a |
n/a |
2010-08-11T18:00:00.000Z | 2025-10-22T00:05:51.755Z |
| cve-2010-3035 | N/A | Cisco IOS XR 3.4.0 through 3.9.1, when BGP is ena… |
n/a |
n/a |
2010-08-30T20:00:00.000Z | 2025-10-22T00:05:51.586Z |
| cve-2010-2883 | N/A | Stack-based buffer overflow in CoolType.dll in Ad… |
n/a |
n/a |
2010-09-09T21:00:00.000Z | 2025-10-22T00:05:51.427Z |
| cve-2010-3765 | N/A | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x th… |
n/a |
n/a |
2010-10-27T22:00:00.000Z | 2025-10-22T00:05:51.248Z |
| cve-2010-3962 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2010-11-05T16:28:00.000Z | 2025-10-22T00:05:51.096Z |
| cve-2010-2572 | N/A | Buffer overflow in Microsoft PowerPoint 2002 SP3 … |
n/a |
n/a |
2010-11-10T01:00:00.000Z | 2025-10-22T00:05:50.925Z |
| cve-2010-3333 | N/A | Stack-based buffer overflow in Microsoft Office X… |
n/a |
n/a |
2010-11-10T01:00:00.000Z | 2025-10-22T00:05:50.753Z |
| cve-2010-4398 | N/A | Stack-based buffer overflow in the RtlQueryRegist… |
n/a |
n/a |
2010-12-03T20:00:00.000Z | 2025-10-22T00:05:50.613Z |
| cve-2010-3904 | N/A | The rds_page_copy_user function in net/rds/page.c… |
n/a |
n/a |
2010-12-06T20:00:00.000Z | 2025-10-22T00:05:50.418Z |
| cve-2010-4344 | N/A | Heap-based buffer overflow in the string_vformat … |
n/a |
n/a |
2010-12-14T15:00:00.000Z | 2025-10-22T00:05:50.264Z |
| cve-2010-4345 | N/A | Exim 4.72 and earlier allows local users to gain … |
n/a |
n/a |
2010-12-14T15:00:00.000Z | 2025-10-22T00:05:50.114Z |
| cve-2010-4756 | N/A | The glob implementation in the GNU C Library (aka… |
n/a |
n/a |
2011-03-02T19:00:00.000Z | 2025-11-03T21:43:58.193Z |
| cve-2011-0609 | N/A | Unspecified vulnerability in Adobe Flash Player 1… |
n/a |
n/a |
2011-03-15T17:00:00.000Z | 2025-10-22T00:05:49.973Z |
| cve-2011-0611 | N/A | Adobe Flash Player before 10.2.154.27 on Windows,… |
n/a |
n/a |
2011-04-13T14:00:00.000Z | 2025-10-22T00:05:49.821Z |
| cve-2011-1823 | N/A | The vold volume manager daemon on Android 3.0 and… |
n/a |
n/a |
2011-06-09T10:00:00.000Z | 2025-10-22T00:05:49.671Z |
| cve-2011-1889 | N/A | The NSPLookupServiceNext function in the client i… |
n/a |
n/a |
2011-06-16T20:21:00.000Z | 2025-10-22T00:05:49.491Z |
| cve-2011-2005 | N/A | afd.sys in the Ancillary Function Driver in Micro… |
n/a |
n/a |
2011-10-12T01:00:00.000Z | 2025-10-22T00:05:49.314Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2023-1149 | Malicious code in cyclotron-svc (npm) | 2023-05-09T04:17:06Z | 2025-03-03T15:08:00Z |
| mal-2023-8041 | Malicious code in zmsqlite3 (npm) | 2023-05-11T00:00:00Z | 2025-03-31T07:07:50Z |
| mal-2023-1310 | Malicious code in stripe-terminal-react-native (npm) | 2023-05-20T05:01:00Z | 2025-03-20T00:34:20Z |
| mal-2023-1341 | Malicious code in wcc-connector (npm) | 2023-05-23T23:16:33Z | 2025-05-16T00:37:46Z |
| mal-2023-1169 | Malicious code in ee-cloud-functions (npm) | 2023-05-24T02:51:41Z | 2025-03-12T00:34:07Z |
| mal-2023-1191 | Malicious code in grabathon-4.0 (npm) | 2023-06-14T17:51:10Z | 2025-01-16T00:31:57Z |
| mal-2023-1296 | Malicious code in single-spa-workfront (npm) | 2023-06-21T01:57:41Z | 2025-03-15T00:34:02Z |
| mal-2023-8027 | Malicious code in firefly-shared-js (npm) | 2023-07-17T00:00:00Z | 2025-10-29T23:23:19Z |
| mal-2023-1086 | Malicious code in @mendeley-internal/react-ui (npm) | 2023-07-21T21:44:27Z | 2023-08-10T06:17:47Z |
| mal-2023-41 | Malicious code in @mendeley-internal/api (npm) | 2023-07-21T22:41:34Z | 2025-03-06T02:07:53Z |
| mal-2023-1327 | Malicious code in uitk-react-action-list-item (npm) | 2023-07-25T11:16:54Z | 2025-08-27T06:08:48Z |
| mal-2023-1137 | Malicious code in cloudsplaining (npm) | 2023-07-26T06:56:02Z | 2025-03-07T00:34:31Z |
| mal-2023-1474 | Malicious code in infima-website (npm) | 2023-08-16T00:38:53Z | 2025-03-01T00:37:01Z |
| mal-2023-8036 | Malicious code in sso-map (npm) | 2023-08-23T00:00:00Z | 2024-12-20T00:33:13Z |
| mal-2023-1566 | Malicious code in devops-challenge (npm) | 2023-08-24T11:55:48Z | 2024-12-20T10:06:07Z |
| mal-2023-7920 | Malicious code in yoga-repo (npm) | 2023-08-27T13:03:21Z | 2025-05-16T00:37:46Z |
| mal-2023-8259 | Malicious code in react-fixtures (npm) | 2023-09-27T03:10:44Z | 2025-03-18T00:34:30Z |
| mal-2023-8429 | Malicious code in littest (crates.io) | 2023-11-03T21:05:03Z | 2023-11-03T21:05:03Z |
| mal-2023-8700 | Malicious code in spectro-cloud-docs (npm) | 2023-12-15T09:47:10Z | 2025-01-24T00:32:09Z |
| mal-2023-8766 | Malicious code in newpackagetest2026 (PyPI) | 2023-12-25T20:46:03Z | 2025-12-11T09:27:53Z |
| mal-2023-8768 | Malicious code in newpackagetest2028 (PyPI) | 2023-12-25T20:50:36Z | 2025-12-11T09:27:53Z |
| mal-2023-8767 | Malicious code in newpackagetest2027 (PyPI) | 2023-12-25T20:50:40Z | 2025-12-11T09:27:53Z |
| mal-2023-8763 | Malicious code in enchantv (PyPI) | 2023-12-25T21:00:40Z | 2025-12-11T09:27:52Z |
| mal-2023-8764 | Malicious code in excaliburx (PyPI) | 2023-12-25T21:15:41Z | 2025-12-11T09:27:53Z |
| mal-2023-8769 | Malicious code in richcolor (PyPI) | 2023-12-25T21:20:47Z | 2025-12-11T09:27:53Z |
| mal-2024-3 | Malicious code in hubl-parser (npm) | 2024-01-01T18:33:56Z | 2025-12-10T20:26:07Z |
| mal-2024-145 | Malicious code in materialxtest (npm) | 2024-01-22T04:25:48Z | 2025-03-26T00:35:03Z |
| mal-2024-146 | Malicious code in vscode-mlir (npm) | 2024-01-22T04:31:08Z | 2025-08-18T06:10:43Z |
| mal-2024-147 | Malicious code in sample-schema-mgmt (npm) | 2024-01-22T04:56:02Z | 2025-03-05T00:34:33Z |
| mal-2024-1019 | Malicious code in eslint-plugin-unicorn-ts-2 (npm) | 2024-02-20T19:38:39Z | 2025-12-02T16:26:38Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2024-0219 | libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-01-25T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-0278 | expat: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-02-04T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-0459 | Linux Kernel: Mehrere Schwachstellen | 2024-02-21T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-0585 | Grafana: Schwachstelle ermöglicht Privilegieneskalation | 2024-03-07T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2024-0801 | Apache HTTP Server: Mehrere Schwachstellen ermöglichen Manipulation von Daten | 2024-04-04T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-0984 | Linux Kernel: Mehrere Schwachstellen | 2024-04-28T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-0995 | Red Hat Enterprise Linux: Mehrere Schwachstellen | 2024-04-29T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2024-1504 | Apache HTTP Server: Mehrere Schwachstellen | 2024-07-01T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-1547 | OpenSSH auf Red Hat Enterprise Linux 9: Schwachstelle ermöglicht Denial of Service | 2024-07-08T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2024-1606 | Bootstrap: Mehrere Schwachstellen ermöglichen Cross-Site Scripting | 2024-07-11T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-1625 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-07-16T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-1783 | Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen | 2024-08-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2024-1944 | Red Hat multicluster engine for Kubernetes: Schwachstelle ermöglicht Denial of Service | 2024-08-28T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-1951 | expat: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-08-29T22:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2024-2040 | OpenSSL: Schwachstelle ermöglicht Denial of Service | 2024-09-03T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2024-2133 | Linux Kernel: Mehrere Schwachstellen | 2024-09-12T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-2173 | Linux Kernel: Mehrere Schwachstellen | 2024-09-17T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-3066 | Redis: Mehrere Schwachstellen | 2024-10-03T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-3129 | Docker Desktop: Mehrere Schwachstellen | 2024-10-09T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-3176 | Eclipse Jetty: Mehrere Schwachstellen | 2024-10-14T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2024-3251 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-10-21T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3281 | expat: Schwachstelle ermöglicht Denial of Service | 2024-10-27T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2024-3283 | Linux-Kernel: Schwachstelle ermöglicht Codeausführung | 2024-10-27T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3338 | Red Hat OpenShift: Mehrere Schwachstelle | 2024-11-05T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2024-3339 | Linux Kernel: Mehrere Schwachstellen | 2024-11-05T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3368 | Linux Kernel: Mehrere Schwachstellen | 2024-11-06T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2024-3376 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-11-07T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3461 | Red Hat Enterprise Linux (WebKitGTK): Mehrere Schwachstellen | 2024-11-13T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-3497 | Linux Kernel: Mehrere Schwachstellen | 2024-11-18T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-3509 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-11-19T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-362164 | SSA-362164: Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS | 2021-02-09T00:00:00Z | 2022-11-08T00:00:00Z |
| ssa-428051 | SSA-428051: Privilege Escalation Vulnerability in TIA Administrator | 2021-02-09T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-794542 | SSA-794542: Insecure Folder Permissions in SIMARIS Configuration | 2021-02-09T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-296266 | SSA-296266: Denial-of-Service Vulnerability in SCALANCE and RUGGEDCOM Devices | 2021-03-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-541018 | SSA-541018: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SENTRON PAC / 3VA Devices (Part 2) | 2021-03-09T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-715184 | SSA-715184: Multiple File Parsing Vulnerabilities in Solid Edge | 2021-03-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-979775 | SSA-979775: Stack Overflow Vulnerability in SCALANCE and RUGGEDCOM Devices | 2021-03-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-163226 | SSA-163226: CELL File Parsing Vulnerability in Tecnomatix RobotExpert | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-185699 | SSA-185699: Out of Bounds Write Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS | 2021-04-13T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-187092 | SSA-187092: Several Buffer-Overflow Vulnerabilities in Web Server of SCALANCE X-200 | 2021-04-13T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-201384 | SSA-201384: Predictable UDP Port Number Vulnerability (NAME:WRECK) in the DNS Module of Nucleus RTOS | 2021-04-13T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-248289 | SSA-248289: Denial of Service Vulnerabilities in the IPv6 Stack of Nucleus RTOS | 2021-04-13T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-292794 | SSA-292794: Multiple Denial-of-Service Vulnerabilities in SINEMA Remote Connect Server | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-669158 | SSA-669158: DNS Client Vulnerabilities in SIMOTICS CONNECT 400 | 2021-04-13T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-705111 | SSA-705111: Multiple Vulnerabilities (NAME:WRECK) in the DNS Module of Nucleus RTOS | 2021-04-13T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-788287 | SSA-788287: Disclosure of Private Data | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-853866 | SSA-853866: User Credentials Disclosure Vulnerability in Siveillance Video Open Network Bridge (ONVIF) | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-983300 | SSA-983300: Vulnerabilities in LOGO! Soft Comfort | 2021-04-13T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-875726 | SSA-875726: Privilege Escalation Vulnerability in Mendix | 2021-04-14T00:00:00Z | 2021-04-14T00:00:00Z |
| ssa-116379 | SSA-116379: Denial-of-Service Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-286838 | SSA-286838: Multiple Vulnerabilities in SINAMICS Medium Voltage Products | 2021-05-11T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-501073 | SSA-501073: Vulnerabilities in Controllers CPU 1518 MFP using Intel CPUs (November 2020) | 2021-05-11T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-538778 | SSA-538778: SmartVNC Vulnerabilities in SIMATIC HMI/WinCC Products | 2021-05-11T00:00:00Z | 2021-10-12T00:00:00Z |
| ssa-594364 | SSA-594364: Denial-of-Service Vulnerability in SNMP Implementation of WinCC Runtime | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-676775 | SSA-676775: Denial-of-Service Vulnerability in SIMATIC NET CP 343-1 Devices | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-678983 | SSA-678983: Vulnerabilities in Industrial PCs and CNC devices using Intel CPUs (November 2020) | 2021-05-11T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-723417 | SSA-723417: Multiple Vulnerabilities in SCALANCE W1750D | 2021-05-11T00:00:00Z | 2021-10-12T00:00:00Z |
| ssa-752103 | SSA-752103: Telnet Authentication Vulnerability in SINAMICS Medium Voltage Products | 2021-05-11T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-854248 | SSA-854248: Information Disclosure Vulnerability in Mendix Excel Importer Module | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-919955 | SSA-919955: Information Disclosure Vulnerability in Mendix Database Replication Module | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2002:103 | Red Hat Security Advisory: : : : Updated Apache packages fix chunked encoding issue | 2002-06-19T23:57:00+00:00 | 2025-11-21T17:24:50+00:00 |
| rhsa-2002:118 | Red Hat Security Advisory: apache security update for Stronghold | 2002-06-20T13:22:00+00:00 | 2025-11-21T17:24:50+00:00 |
| rhsa-2002:129 | Red Hat Security Advisory: php security update | 2002-06-26T00:00:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:101 | Red Hat Security Advisory: : Updated mailman packages available | 2002-06-27T08:29:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:127 | Red Hat Security Advisory: : : : Updated OpenSSH packages fix various security issues | 2002-06-27T21:45:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:117 | Red Hat Security Advisory: : : : Updated secureweb packages fix chunked encoding issue | 2002-06-30T15:23:00+00:00 | 2025-11-21T17:24:50+00:00 |
| rhsa-2001:164 | Red Hat Security Advisory: : Updated secureweb packages available | 2002-07-01T10:35:00+00:00 | 2025-11-21T17:24:43+00:00 |
| rhsa-2002:051 | Red Hat Security Advisory: : : : New Squid packages available | 2002-07-04T02:44:00+00:00 | 2025-11-21T17:24:46+00:00 |
| rhsa-2002:131 | Red Hat Security Advisory: openssh security update | 2002-07-12T22:37:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:130 | Red Hat Security Advisory: squid security update | 2002-07-12T22:58:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:125 | Red Hat Security Advisory: mailman security update | 2002-07-12T22:59:00+00:00 | 2025-11-21T17:24:53+00:00 |
| rhsa-2002:126 | Red Hat Security Advisory: apache security update | 2002-07-12T23:00:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:128 | Red Hat Security Advisory: Updated kernel with information security fixes, bug fixes, and updated drivers | 2002-07-16T15:57:00+00:00 | 2025-11-21T17:24:52+00:00 |
| rhsa-2002:134 | Red Hat Security Advisory: : Updated mod_ssl packages available | 2002-07-16T19:23:00+00:00 | 2025-11-21T17:24:55+00:00 |
| rhsa-2002:136 | Red Hat Security Advisory: mod_ssl security update | 2002-07-16T21:35:00+00:00 | 2025-11-21T17:24:54+00:00 |
| rhsa-2002:135 | Red Hat Security Advisory: : : : Updated secureweb packages available | 2002-07-24T08:37:00+00:00 | 2025-11-21T17:24:54+00:00 |
| rhsa-2002:139 | Red Hat Security Advisory: : Updated glibc packages fix vulnerabilities in resolver | 2002-07-25T02:15:00+00:00 | 2025-11-21T17:24:55+00:00 |
| rhsa-2002:132 | Red Hat Security Advisory: : : : Updated util-linux package fixes password locking race | 2002-07-29T15:00:00+00:00 | 2025-11-21T17:24:53+00:00 |
| rhsa-2002:137 | Red Hat Security Advisory: util-linux security update | 2002-07-29T15:51:00+00:00 | 2025-11-21T17:24:54+00:00 |
| rhsa-2002:119 | Red Hat Security Advisory: bind security update | 2002-07-30T08:07:00+00:00 | 2025-11-21T17:24:50+00:00 |
| rhsa-2002:157 | Red Hat Security Advisory: openssl security update | 2002-07-30T10:46:00+00:00 | 2025-11-21T17:24:57+00:00 |
| rhsa-2002:155 | Red Hat Security Advisory: : Updated openssl packages fix remote vulnerabilities | 2002-07-30T10:47:00+00:00 | 2025-11-21T17:24:57+00:00 |
| rhsa-2002:154 | Red Hat Security Advisory: mm security update | 2002-07-31T08:50:00+00:00 | 2025-11-21T17:24:57+00:00 |
| rhsa-2002:153 | Red Hat Security Advisory: : Updated mm packages fix temporary file handling | 2002-07-31T08:51:00+00:00 | 2025-11-21T17:24:57+00:00 |
| rhsa-2002:164 | Red Hat Security Advisory: openssl, mm, mod_ssl security update for Stronghold | 2002-07-31T15:58:00+00:00 | 2025-11-21T17:24:59+00:00 |
| rhsa-2002:150 | Red Hat Security Advisory: apache security update for Stronghold | 2002-07-31T16:23:00+00:00 | 2025-11-21T17:24:56+00:00 |
| rhsa-2002:146 | Red Hat Security Advisory: mod_ssl security update for Stronghold | 2002-08-01T21:25:00+00:00 | 2025-11-21T17:24:55+00:00 |
| rhsa-2002:122 | Red Hat Security Advisory: gaim security update | 2002-08-02T13:50:00+00:00 | 2025-11-21T17:24:51+00:00 |
| rhsa-2002:152 | Red Hat Security Advisory: libpng security update | 2002-08-05T07:25:00+00:00 | 2025-11-21T17:24:56+00:00 |
| rhsa-2002:161 | Red Hat Security Advisory: openssl security update | 2002-08-05T18:59:00+00:00 | 2025-11-21T17:24:58+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2007-6109 | Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function as demonstrated via a certain "emacs -batch -eval" command line. | 2007-12-02T00:00:00.000Z | 2022-06-17T00:00:00.000Z |
| msrc_cve-2007-6353 | Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | 2007-12-02T00:00:00.000Z | 2025-10-01T23:10:51.000Z |
| msrc_cve-2007-4998 | cp when running with an option to preserve symlinks on multiple OSes allows local user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | 2008-01-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| msrc_cve-2008-0888 | The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data. | 2008-03-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2008-2149 | Stack-based buffer overflow in the searchwn function in Wordnet 2.0 2.1 and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end. | 2008-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2008-3908 | Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR (3) WNHOME or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges this issue only crosses privilege boundaries when WordNet is invoked as a third party component. | 2008-09-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2008-3912 | libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition. | 2008-09-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2008-3913 | Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic". | 2008-09-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2008-3914 | Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c. | 2008-09-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2009-0590 | The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. | 2009-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2009-1241 | Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive. | 2009-04-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2009-1890 | The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3 when a reverse proxy is configured does not properly handle an amount of streamed data that exceeds the Content-Length value which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests. | 2009-07-02T00:00:00.000Z | 2022-05-27T00:00:00.000Z |
| msrc_cve-2009-3767 | libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4 and possibly other versions when OpenSSL is used does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority a related issue to CVE-2009-2408. | 2009-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2009-4484 | Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9 as used in mysqld in MySQL 5.0.x before 5.0.90 MySQL 5.1.x before 5.1.43 MySQL 5.5.x through 5.5.0-m2 and other products allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. | 2009-12-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2009-4487 | nginx 0.7.64 writes data to a log file without sanitizing non-printable characters which might allow remote attackers to modify a window's title or possibly execute arbitrary commands or overwrite files via an HTTP request containing an escape sequence for a terminal emulator. | 2010-01-02T00:00:00.000Z | 2020-11-17T00:00:00.000Z |
| msrc_cve-2010-0291 | The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." | 2010-02-02T00:00:00.000Z | 2025-09-03T22:00:06.000Z |
| msrc_cve-2010-0298 | The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (IOPL) in determining the memory access available to CPL3 code which allows guest OS users to cause a denial of service (guest OS crash) or gain privileges on the guest OS by leveraging access to a (1) IO port or (2) MMIO region a related issue to CVE-2010-0306. | 2010-02-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| msrc_cve-2010-0309 | The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file. | 2010-02-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| msrc_cve-2010-2249 | Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | 2010-06-02T00:00:00.000Z | 2025-09-03T23:15:39.000Z |
| msrc_cve-2010-2542 | Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy. | 2010-08-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2010-2891 | Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent attackers to execute arbitrary code via an Object Identifier (aka OID) represented as a numerical string containing many components separated by . (dot) characters. | 2010-10-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2010-2642 | Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. | 2011-01-02T00:00:00.000Z | 2025-10-01T23:10:51.000Z |
| msrc_cve-2010-3865 | Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request which triggers a buffer overflow. | 2011-01-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2011-0640 | The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB which allows user-assisted attackers to execute arbitrary programs via crafted USB data as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer. | 2011-01-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2010-4756 | The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. | 2011-03-02T00:00:00.000Z | 2025-09-04T04:29:41.000Z |
| msrc_cve-2011-1429 | Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766. | 2011-03-02T00:00:00.000Z | 2025-10-01T23:10:51.000Z |
| msrc_cve-2011-2501 | The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources. | 2011-07-02T00:00:00.000Z | 2025-04-16T00:00:00.000Z |
| msrc_cve-2011-2691 | The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. | 2011-07-02T00:00:00.000Z | 2025-04-16T00:00:00.000Z |
| msrc_cve-2009-5063 | Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244. | 2011-08-02T00:00:00.000Z | 2025-09-03T20:45:49.000Z |
| msrc_cve-2010-4563 | The Linux kernel when using IPv6 allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent as demonstrated by thcping. | 2012-02-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-24-347-02 | Siemens Engineering Platforms | 2024-12-10T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-352-04 | Schneider Electric Modicon | 2024-12-10T05:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-24-354-07 | Schneider Electric Modicon Controllers (Update A) | 2024-12-19T07:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-016-04 | Siemens SIPROTEC 5 Products | 2025-01-14T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-035-07 | Schneider Electric Pro-face GP-Pro EX and Remote HMI (Update A) | 2025-01-14T00:00:00.000000Z | 2025-09-09T04:00:00.000000Z |
| icsa-25-037-02 | Schneider Electric EcoStruxure (Update C) | 2025-02-06T07:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-044-04 | Siemens SIPROTEC 5 | 2025-02-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-044-06 | Siemens RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-072-11 | Siemens SIMATIC IPC Family, ITP1000, and Field PGs | 2025-03-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-05 | Siemens SIPROTEC and SICAM | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-09 | Siemens User Management Component (UMC) | 2025-05-13T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-135-15 | Siemens Mendix OIDC SSO | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-17 | Siemens RUGGEDCOM ROX II | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-140-08 | Schneider Electric Modicon Controllers (Update B) | 2025-05-13T04:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-140-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update B) | 2025-05-20T06:00:00.000000Z | 2025-08-28T06:00:00.000000Z |
| icsa-25-148-01 | Siemens SiPass | 2025-05-23T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-148-03 | Consilium Safety CS5000 Fire Panel (Update A) | 2025-05-29T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-162-02 | Siemens RUGGEDCOM APE1808 | 2025-06-10T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-177-01 | Mitsubishi Electric Air Conditioning Systems (Update B) | 2025-06-26T06:00:00.000000Z | 2025-12-23T07:00:00.000000Z |
| icsa-25-294-04 | Siemens RUGGEDCOM ROS Devices | 2025-07-08T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-205-01 | Mitsubishi Electric CNC Series (Update A) | 2025-07-24T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-219-02 | Johnson Controls FX Server, FX80 and FX90 (Update A) | 2025-08-07T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-226-03 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-09 | Siemens RUGGEDCOM APE1808 | 2025-08-12T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-226-11 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-18 | Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER | 2025-08-12T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-226-22 | Siemens Web Installer (SSA-282044) | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-224-03 | Schneider Electric EcoStruxure Power Monitoring Expert | 2025-08-12T04:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-224-02 | Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 (Update A) | 2025-08-12T06:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-254-07 | Siemens User Management Component (UMC) | 2025-09-09T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2005-000343 | DeleGate DNS Message Decompression Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000396 | Ruby XMLRPC Arbitrary Command Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000530 | Vulnerability in multiple web browsers allowing request spoofing attacks | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000537 | Webmin and Usermin authentication bypass vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000538 | Ruby vulnerability allowing to bypass safe level 4 as a sandbox | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000601 | OpenSSL version rollback vulnerability | 2008-05-21T00:00+09:00 | 2014-05-22T18:04+09:00 |
| jvndb-2005-000695 | Ruby XMLRPC Server Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000705 | Fujitsu Java Runtime Environment reflection API vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000706 | Fujitsu Java Runtime Environment reflection API vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000707 | Fujitsu Java Runtime Environment reflection API vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000727 | mod_imap cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2014-05-22T18:03+09:00 |
| jvndb-2005-000756 | Tsuru-Kame Mail vulnerable in S/MIME signature verification | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000757 | Cybozu Office browser script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000758 | msearch directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000759 | McAfee VirusScan Engine buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000760 | McAfee VirusScan Engine buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000761 | Norton AntiVirus causes abnormal OS termination when a user edits a shared network file | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000762 | Norton AntiVirus causes abnormal OS termination when scanning illegal files | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000763 | ppBlog cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000764 | Website connection problem when a mobile phone terminal uses specific QR code | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000765 | Buffalo router configuration management interface vulnerable to remote access and password leakage | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000766 | w3ml cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000767 | WebUD arbitrary program execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000768 | Movable Type session management vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000769 | Virus Security heap overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000770 | Virus Security memory leak vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000771 | Wiki clone cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000772 | Inappropriate interpretation of mailto URL scheme by mail client software | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000773 | desknet's cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000774 | SFS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|