Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-5054
7.8 (3.0)
NoMachine External Control of File Path Local Privileg… NoMachine
 NoMachine
 2026-04-11T00:14:16.658Z 2026-04-11T00:14:16.658Z
CVE-2026-5053
7.1 (3.0)
NoMachine External Control of File Path Arbitrary File… NoMachine
 NoMachine
 2026-04-11T00:14:07.656Z 2026-04-11T00:14:07.656Z
CVE-2026-5495
7.8 (3.0)
Labcenter Electronics Proteus PDSPRJ File Parsing Out-… Labcenter Electronics
 Proteus
 2026-04-11T00:13:26.901Z 2026-04-11T00:13:26.901Z
CVE-2026-5494
7.8 (3.0)
Labcenter Electronics Proteus PDSPRJ File Parsing Out-… Labcenter Electronics
 Proteus
 2026-04-11T00:13:22.854Z 2026-04-11T00:13:22.854Z
CVE-2026-5493
7.8 (3.0)
Labcenter Electronics Proteus PDSPRJ File Parsing Out-… Labcenter Electronics
 Proteus
 2026-04-11T00:13:18.336Z 2026-04-11T00:13:18.336Z
CVE-2026-5496
7.8 (3.0)
Labcenter Electronics Proteus PDSPRJ File Parsing Type… Labcenter Electronics
 Proteus
 2026-04-11T00:13:14.901Z 2026-04-11T00:13:14.901Z
CVE-2026-4149
10 (3.0)
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote… Sonos
 Era 300
 2026-04-11T00:12:33.497Z 2026-04-11T00:12:33.497Z
CVE-2026-40199
N/A
Net::CIDR::Lite versions before 0.23 for Perl mishandl… STIGTSP
 Net::CIDR::Lite
 2026-04-10T21:49:48.353Z 2026-04-10T21:49:48.353Z
CVE-2026-40198
N/A
Net::CIDR::Lite versions before 0.23 for Perl does not… STIGTSP
 Net::CIDR::Lite
 2026-04-10T21:42:06.835Z 2026-04-10T21:42:06.835Z
CVE-2026-33118
4.3 (3.1)
Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft
 Microsoft Edge (Chromium-based)
 2026-04-10T21:20:44.423Z 2026-04-10T21:20:44.423Z
CVE-2026-33119
5.4 (3.1)
Microsoft Edge (Chromium-based) for Android Spoofing V… Microsoft
 Microsoft Edge for Android
 2026-04-10T21:20:37.767Z 2026-04-10T21:20:37.767Z
CVE-2026-5724
6.3 (4.0)
Missing Authentication on Streaming gRPC Replication E… Temporal Technologies, Inc.
 temporal
 2026-04-10T21:06:31.788Z 2026-04-10T21:22:30.134Z
CVE-2026-40252
5.3 (4.0)
Broken Access Control (IDOR) Leading to Cross-Tenant A… labring
 FastGPT
 2026-04-10T20:52:15.218Z 2026-04-10T20:52:15.218Z
CVE-2026-40242
7.2 (3.1)
Arcane Unauthenticated SSRF with Conditional Response … getarcaneapp
 arcane
 2026-04-10T20:34:12.777Z 2026-04-10T20:34:12.777Z
CVE-2026-40194
3.7 (3.1)
phpseclib has a variable-time HMAC comparison in SSH2:… phpseclib
 phpseclib
 2026-04-10T20:24:06.696Z 2026-04-10T20:24:06.696Z
CVE-2026-40191
6.8 (4.0)
ClearanceKit has a policy bypass via dual-path Endpoin… craigjbass
 clearancekit
 2026-04-10T20:19:35.909Z 2026-04-10T20:19:35.909Z
CVE-2026-39922
5.3 (4.0)
GeoNode < 4.4.5, 5.0.2 SSRF via Service Registration GeoNode
 GeoNode
 2026-04-10T19:53:05.159Z 2026-04-10T19:53:05.159Z
CVE-2026-39921
5.3 (4.0)
GeoNode < 4.4.5, 5.0.2 SSRF via Document Upload GeoNode
 GeoNode
 2026-04-10T19:52:49.924Z 2026-04-10T19:52:49.924Z
CVE-2026-40190
5.6 (3.1)
LangSmith Client SDKs has Prototype Pollution in langs… langchain-ai
 langsmith-sdk
 2026-04-10T19:47:57.642Z 2026-04-10T19:47:57.642Z
CVE-2026-40189
9.3 (4.0)
goshs has a file-based ACL authorization bypass in gos… patrickhener
 goshs
 2026-04-10T19:44:54.672Z 2026-04-10T19:44:54.672Z
CVE-2026-40188
7.7 (3.1)
goshs is Missing Write Protection for Parametric Data Values patrickhener
 goshs
 2026-04-10T19:43:45.197Z 2026-04-10T19:43:45.197Z
CVE-2026-40185
7.1 (3.1)
Missing Authorization on Immich Trip Photo Routes in TREK mauriceboe
 TREK
 2026-04-10T19:40:16.382Z 2026-04-10T19:40:16.382Z
CVE-2026-40184
3.7 (3.1)
Unauthenticated Access to Uploaded Files in TREK mauriceboe
 TREK
 2026-04-10T19:39:32.442Z 2026-04-10T19:39:32.442Z
CVE-2026-40180
7.7 (4.0)
Zip Slip Path Traversal in quarkus-openapi-generator A… quarkiverse
 quarkus-openapi-generator
 2026-04-10T19:35:53.440Z 2026-04-10T19:35:53.440Z
CVE-2026-40178
6.9 (4.0)
ajenti.plugin.core has a race conditions in 2FA ajenti
 ajenti
 2026-04-10T19:30:47.083Z 2026-04-10T19:30:47.083Z
CVE-2026-40177
9.3 (4.0)
Password bypass when 2FA is activated ajenti
 ajenti
 2026-04-10T19:29:00.851Z 2026-04-10T19:29:00.851Z
CVE-2026-40175
10 (3.1)
Axios has Unrestricted Cloud Metadata Exfiltration via… axios
 axios
 2026-04-10T19:23:52.285Z 2026-04-10T19:23:52.285Z
CVE-2026-40168
8.2 (3.1)
Postiz has Server-Side Request Forgery via Redirect By… gitroomhq
 postiz-app
 2026-04-10T19:20:16.365Z 2026-04-10T19:20:16.365Z
CVE-2026-32252
7.7 (3.1)
Chartbrew Cross-Tenant Template Export and Secret Disc… chartbrew
 chartbrew
 2026-04-10T19:17:53.438Z 2026-04-10T19:17:53.438Z
CVE-2026-30232
7.8 (4.0)
Chartbrew has SSRF in API Data Connection - No IP Vali… chartbrew
 chartbrew
 2026-04-10T19:15:11.439Z 2026-04-10T19:15:11.439Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-4150
7.8 (3.0)
GIMP PSD File Parsing Integer Overflow Remote Code Exe… GIMP
 GIMP
 2026-04-11T00:15:36.377Z 2026-04-11T00:15:36.377Z
CVE-2026-4149
10 (3.0)
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote… Sonos
 Era 300
 2026-04-11T00:12:33.497Z 2026-04-11T00:12:33.497Z
CVE-2026-40354
2.9 (3.1)
Flatpak xdg-desktop-portal before 1.20.4 and 1.21… Flatpak
 xdg-desktop-portal
 2026-04-11T00:29:03.467Z 2026-04-11T00:29:03.467Z
CVE-2026-3691
5.3 (3.0)
OpenClaw Client PKCE Verifier Information Disclosure V… OpenClaw
 OpenClaw
 2026-04-11T00:17:40.509Z 2026-04-11T00:17:40.509Z
CVE-2026-3690
7.4 (3.0)
OpenClaw Canvas Authentication Bypass Vulnerability OpenClaw
 OpenClaw
 2026-04-11T00:17:32.474Z 2026-04-11T00:17:32.474Z
CVE-2026-3689
6.5 (3.0)
OpenClaw Canvas Path Traversal Information Disclosure … OpenClaw
 OpenClaw
 2026-04-11T00:17:24.472Z 2026-04-11T00:17:24.472Z
CVE-2026-40199
N/A
Net::CIDR::Lite versions before 0.23 for Perl mishandl… STIGTSP
 Net::CIDR::Lite
 2026-04-10T21:49:48.353Z 2026-04-10T21:49:48.353Z
CVE-2026-40198
N/A
Net::CIDR::Lite versions before 0.23 for Perl does not… STIGTSP
 Net::CIDR::Lite
 2026-04-10T21:42:06.835Z 2026-04-10T21:42:06.835Z
CVE-2026-33119
5.4 (3.1)
Microsoft Edge (Chromium-based) for Android Spoofing V… Microsoft
 Microsoft Edge for Android
 2026-04-10T21:20:37.767Z 2026-04-10T21:20:37.767Z
CVE-2026-33118
4.3 (3.1)
Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft
 Microsoft Edge (Chromium-based)
 2026-04-10T21:20:44.423Z 2026-04-10T21:20:44.423Z
CVE-2026-5724
6.3 (4.0)
Missing Authentication on Streaming gRPC Replication E… Temporal Technologies, Inc.
 temporal
 2026-04-10T21:06:31.788Z 2026-04-10T21:22:30.134Z
CVE-2026-40252
5.3 (4.0)
Broken Access Control (IDOR) Leading to Cross-Tenant A… labring
 FastGPT
 2026-04-10T20:52:15.218Z 2026-04-10T20:52:15.218Z
CVE-2026-40242
7.2 (3.1)
Arcane Unauthenticated SSRF with Conditional Response … getarcaneapp
 arcane
 2026-04-10T20:34:12.777Z 2026-04-10T20:34:12.777Z
CVE-2026-40194
3.7 (3.1)
phpseclib has a variable-time HMAC comparison in SSH2:… phpseclib
 phpseclib
 2026-04-10T20:24:06.696Z 2026-04-10T20:24:06.696Z
CVE-2026-40191
6.8 (4.0)
ClearanceKit has a policy bypass via dual-path Endpoin… craigjbass
 clearancekit
 2026-04-10T20:19:35.909Z 2026-04-10T20:19:35.909Z
CVE-2026-40190
5.6 (3.1)
LangSmith Client SDKs has Prototype Pollution in langs… langchain-ai
 langsmith-sdk
 2026-04-10T19:47:57.642Z 2026-04-10T19:47:57.642Z
CVE-2026-40189
9.3 (4.0)
goshs has a file-based ACL authorization bypass in gos… patrickhener
 goshs
 2026-04-10T19:44:54.672Z 2026-04-10T19:44:54.672Z
CVE-2026-40188
7.7 (3.1)
goshs is Missing Write Protection for Parametric Data Values patrickhener
 goshs
 2026-04-10T19:43:45.197Z 2026-04-10T19:43:45.197Z
CVE-2026-40185
7.1 (3.1)
Missing Authorization on Immich Trip Photo Routes in TREK mauriceboe
 TREK
 2026-04-10T19:40:16.382Z 2026-04-10T19:40:16.382Z
CVE-2026-40184
3.7 (3.1)
Unauthenticated Access to Uploaded Files in TREK mauriceboe
 TREK
 2026-04-10T19:39:32.442Z 2026-04-10T19:39:32.442Z
CVE-2026-40180
7.7 (4.0)
Zip Slip Path Traversal in quarkus-openapi-generator A… quarkiverse
 quarkus-openapi-generator
 2026-04-10T19:35:53.440Z 2026-04-10T19:35:53.440Z
CVE-2026-40178
6.9 (4.0)
ajenti.plugin.core has a race conditions in 2FA ajenti
 ajenti
 2026-04-10T19:30:47.083Z 2026-04-10T19:30:47.083Z
CVE-2026-40177
9.3 (4.0)
Password bypass when 2FA is activated ajenti
 ajenti
 2026-04-10T19:29:00.851Z 2026-04-10T19:29:00.851Z
CVE-2026-40175
10 (3.1)
Axios has Unrestricted Cloud Metadata Exfiltration via… axios
 axios
 2026-04-10T19:23:52.285Z 2026-04-10T19:23:52.285Z
CVE-2026-40168
8.2 (3.1)
Postiz has Server-Side Request Forgery via Redirect By… gitroomhq
 postiz-app
 2026-04-10T19:20:16.365Z 2026-04-10T19:20:16.365Z
CVE-2026-39922
5.3 (4.0)
GeoNode < 4.4.5, 5.0.2 SSRF via Service Registration GeoNode
 GeoNode
 2026-04-10T19:53:05.159Z 2026-04-10T19:53:05.159Z
CVE-2026-39921
5.3 (4.0)
GeoNode < 4.4.5, 5.0.2 SSRF via Document Upload GeoNode
 GeoNode
 2026-04-10T19:52:49.924Z 2026-04-10T19:52:49.924Z
CVE-2026-32252
7.7 (3.1)
Chartbrew Cross-Tenant Template Export and Secret Disc… chartbrew
 chartbrew
 2026-04-10T19:17:53.438Z 2026-04-10T19:17:53.438Z
CVE-2026-30232
7.8 (4.0)
Chartbrew has SSRF in API Data Connection - No IP Vali… chartbrew
 chartbrew
 2026-04-10T19:15:11.439Z 2026-04-10T19:15:11.439Z
CVE-2026-3446
6 (4.0)
Base64 decoding stops at first padded quad by default Python Software Foundation
 CPython
 2026-04-10T18:17:35.045Z 2026-04-10T18:26:41.904Z
ID Description Published Updated
fkie_cve-2026-2101 A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm … 2026-02-16T17:18:09.003 2026-02-18T17:52:22.253
fkie_cve-2026-26930 SmarterTools SmarterMail before 9526 allows XSS via MAPI requests. 2026-02-16T17:18:08.813 2026-02-22T20:15:59.023
fkie_cve-2026-2563 A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the f… 2026-02-16T16:19:18.070 2026-02-23T11:16:32.330
fkie_cve-2026-1783 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued i… 2026-02-16T16:19:17.880 2026-02-16T16:19:17.880
fkie_cve-2025-65717 An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files v… 2026-02-16T16:19:17.510 2026-02-25T18:43:19.847
fkie_cve-2025-65716 An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to exe… 2026-02-16T16:19:17.403 2026-02-25T18:46:08.703
fkie_cve-2025-65715 An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.… 2026-02-16T16:19:17.287 2026-02-25T15:21:49.487
fkie_cve-2026-2562 A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the … 2026-02-16T15:18:35.020 2026-02-23T11:16:32.100
fkie_cve-2026-2561 A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the funct… 2026-02-16T15:18:34.840 2026-02-23T11:16:31.870
fkie_cve-2026-2447 Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1… 2026-02-16T15:18:34.740 2026-02-22T21:16:00.017
fkie_cve-2026-2032 Malicious scripts that interrupt new tab page loading could cause desynchronization between the add… 2026-02-16T15:18:34.620 2026-02-18T20:48:12.960
fkie_cve-2026-2560 A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The impacted element is the funct… 2026-02-16T14:16:18.840 2026-02-18T17:52:22.253
fkie_cve-2026-2558 A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the f… 2026-02-16T14:16:18.650 2026-02-18T17:52:22.253
fkie_cve-2026-2557 A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com… 2026-02-16T14:16:18.440 2026-02-20T17:56:15.777
fkie_cve-2026-1335 An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawi… 2026-02-16T14:16:18.303 2026-02-26T18:15:57.777
fkie_cve-2026-1334 An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawin… 2026-02-16T14:16:18.160 2026-02-26T18:16:03.453
fkie_cve-2026-1333 A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWOR… 2026-02-16T14:16:18.003 2026-02-26T18:15:50.280
fkie_cve-2026-2556 A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown p… 2026-02-16T13:16:00.940 2026-02-20T17:57:52.997
fkie_cve-2026-1046 Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a mal… 2026-02-16T13:16:00.793 2026-03-23T17:27:17.083
fkie_cve-2025-14573 Mattermost versions 10.11.x <= 10.11.9 fail to enforce invite permissions when updating team settin… 2026-02-16T13:16:00.623 2026-02-18T20:18:01.113
fkie_cve-2025-14350 Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validat… 2026-02-16T13:15:59.953 2026-02-18T20:19:20.907
fkie_cve-2026-2555 A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDo… 2026-02-16T12:16:22.667 2026-02-18T21:43:53.793
fkie_cve-2026-2553 A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f… 2026-02-16T12:16:22.480 2026-02-18T17:52:22.253
fkie_cve-2026-2552 A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delet… 2026-02-16T12:16:22.277 2026-02-20T18:00:00.757
fkie_cve-2025-2418 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in TR7 Cyber ​​Defense Inc. Web A… 2026-02-16T12:16:22.093 2026-02-18T17:52:22.253
fkie_cve-2025-13821 Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to sanitize sensiti… 2026-02-16T12:16:21.423 2026-02-18T21:44:27.573
fkie_cve-2026-2551 A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the functi… 2026-02-16T11:15:56.550 2026-02-20T19:06:41.460
fkie_cve-2026-2452 Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… 2026-02-16T11:15:56.420 2026-03-12T17:29:01.843
fkie_cve-2026-2451 Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… 2026-02-16T11:15:56.290 2026-03-13T12:39:56.690
fkie_cve-2026-2415 Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… 2026-02-16T11:15:56.047 2026-03-13T12:47:32.733
ID Severity Description Published Updated
ghsa-fh28-mqr2-jxm7
7.8 (3.1)
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allo… 2026-04-11T03:30:29Z 2026-04-11T03:30:29Z
ghsa-93g8-mgqc-w7h9
7.4 (3.1)
OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to … 2026-04-11T03:30:29Z 2026-04-11T03:30:29Z
ghsa-8v6v-j22p-w63g
10.0 (3.1)
Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerabi… 2026-04-11T03:30:29Z 2026-04-11T03:30:29Z
ghsa-67qf-qf6p-xgv3
7.8 (3.1)
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… 2026-04-11T03:30:29Z 2026-04-11T03:30:29Z
ghsa-4h5x-fjp7-jhq3
5.3 (3.1)
OpenClaw Client PKCE Verifier Information Disclosure Vulnerability. This vulnerability allows remot… 2026-04-11T03:30:29Z 2026-04-11T03:30:29Z
ghsa-c25q-mqx5-m6v8
Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow I… 2026-04-11T00:31:19Z 2026-04-11T00:31:19Z
ghsa-932w-96j4-j35v
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allo… 2026-04-11T00:31:19Z 2026-04-11T00:31:19Z
ghsa-4c9q-86fx-4cv8
4.3 (3.1)
Microsoft Edge (Chromium-based) Spoofing Vulnerability 2026-04-11T00:31:19Z 2026-04-11T00:31:19Z
ghsa-29q2-v59x-3mg8
5.4 (3.1)
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) al… 2026-04-11T00:31:19Z 2026-04-11T00:31:19Z
ghsa-9cp7-j3f8-p5jx
10.0 (3.1)
Daptin has Unauthenticated Path Traversal and Zip Slip 2026-04-10T22:11:04Z 2026-04-10T22:11:04Z
ghsa-jvff-x2qm-6286
8.8 (3.1)
mathjs Allows Improperly Controlled Modification of Dynamically-Determined Object Attributes 2026-04-10T22:10:49Z 2026-04-10T22:10:49Z
ghsa-x7mm-9vvv-64w8
2.3 (4.0)
unhead: Streaming SSR `streamKey` injected into inline script without identifier validation 2026-04-10T22:09:39Z 2026-04-10T22:09:39Z
ghsa-55v6-g8pm-pw4c
4.3 (3.1)
rembg server is vulnerable to Server-Side Request Forgery (SSRF) and a weak default CORS configuration 2026-04-10T22:09:15Z 2026-04-10T22:09:15Z
ghsa-q98v-9f9w-f49q
6.3 (4.0)
The frontend gRPC server's streaming interceptor chain did not include the authorization intercepto… 2026-04-10T21:31:16Z 2026-04-10T21:31:16Z
ghsa-x87c-g7pw-2xr5
5.3 (4.0)
GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulner… 2026-04-10T21:31:15Z 2026-04-10T21:31:15Z
ghsa-v8f7-cg9p-w5jx
5.3 (4.0)
GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulner… 2026-04-10T21:31:15Z 2026-04-10T21:31:15Z
ghsa-8r9f-h969-mm4m
6.0 (4.0)
When calling base64.b64decode() or related functions the decoding process would stop after encounte… 2026-04-10T21:31:15Z 2026-04-10T21:31:15Z
ghsa-68qg-g8mg-6pr7
10.0 (3.1)
paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass 2026-04-10T21:08:57Z 2026-04-10T21:08:57Z
ghsa-93vf-569f-22cq
4.7 (3.1)
rhukster/dom-sanitizer: SVG <style> tag allows CSS injection via unfiltered url() and @import directives 2026-04-10T21:08:30Z 2026-04-10T21:08:31Z
ghsa-2rhw-gw3f-477j
DNN: Same HostGUID for all new installs 2026-04-10T21:07:13Z 2026-04-10T21:07:13Z
ghsa-fpj4-9qhx-5m6m
4.3 (3.1)
DNN: Force Friend Request Acceptance 2026-04-10T21:07:08Z 2026-04-10T21:07:08Z
ghsa-8f24-v5vv-gm5j
6.9 (4.0)
next-intl has an open redirect vulnerability 2026-04-10T21:03:55Z 2026-04-10T21:03:55Z
ghsa-7m55-2hr4-pw78
6.1 (4.0)
Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence 2026-04-10T21:00:35Z 2026-04-10T21:00:35Z
ghsa-w5fq-8965-c969
9.9 (3.1)
Juju: CloudSpec method leaking cloud credentials 2026-04-10T21:00:16Z 2026-04-10T21:00:16Z
ghsa-m5gr-86j6-99jp
9.1 (3.1)
gramps-webapi: Zip Slip Path Traversal in Media Archive Import 2026-04-10T21:00:09Z 2026-04-10T21:32:40Z
ghsa-75hx-xj24-mqrw
8.2 (3.1)
n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport 2026-04-10T20:59:58Z 2026-04-10T20:59:58Z
ghsa-3crg-w4f6-42mx
6.9 (4.0)
pypdf: Manipulated XMP metadata entity declarations can exhaust RAM 2026-04-10T20:59:36Z 2026-04-10T21:32:54Z
ghsa-ff24-4prj-gpmj
7.2 (3.1)
Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch Endpoint 2026-04-10T20:59:27Z 2026-04-10T21:37:59Z
ghsa-r854-jrxh-36qx
3.7 (3.1)
phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash… 2026-04-10T20:58:10Z 2026-04-10T21:37:53Z
ghsa-ffq7-898w-9jc4
8.0 (3.1)
DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG upload 2026-04-10T20:42:48Z 2026-04-10T20:42:48Z
ID Severity Description Package Published Updated
pysec-2025-34
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… picklescan 2025-04-24T01:15:49+00:00 2025-04-24T03:08:15.436691+00:00
pysec-2025-56
4.3 (3.1)
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… octoprint 2025-04-22T18:15:59+00:00 2025-06-27T17:22:53.513680+00:00
pysec-2025-41
9.8 (3.1)
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… torch 2025-04-18T16:15:23+00:00 2025-05-28T15:23:37.843138+00:00
pysec-2025-35
7.5 (3.1)
Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… weblate 2025-04-15T21:16:04+00:00 2025-04-30T17:22:51.467257+00:00
pysec-2025-32
9.8 (3.1)
BentoML is a Python library for building online serving systems optimized for AI apps and… bentoml 2025-04-09T16:15:25+00:00 2025-04-22T19:21:34.073355+00:00
pysec-2025-36
9.8 (3.1)
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… langflow 2025-04-07T15:15:44+00:00 2025-05-07T19:22:44.993642+00:00
pysec-2025-16
7.5 (3.1)
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… lnbits 2025-04-06T20:15:15+00:00 2025-04-09T17:27:25.872691+00:00
pysec-2025-14
An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normal… django 2025-04-02T13:15:44+00:00 2025-04-09T17:27:25.169049+00:00
pysec-2025-48
9.8 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2025-03-31T17:15:42+00:00 2025-06-12T22:23:10.476087+00:00
pysec-2025-17
5.5 (3.1)
In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… mlflow 2025-03-20T10:15:54+00:00 2025-04-09T17:27:26.322333+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
pysec-2025-10
9.1 (3.1)
A vulnerability in the `download_model` function of the onnx/onnx framework, before and i… onnx 2025-03-20T10:15:37+00:00 2025-03-26T19:21:38.843396+00:00
pysec-2025-11
5.9 (3.1)
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi… llama-index 2025-03-20T10:15:31+00:00 2025-04-01T23:22:47.294256+00:00
pysec-2025-9
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through… invokeai 2025-03-20T10:15:26+00:00 2025-03-20T11:21:37.872971+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-22
9.8 (3.1)
A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… plotai 2025-03-10T14:15:24+00:00 2025-04-09T17:27:27.203714+00:00
pysec-2025-21
9.8 (3.1)
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… picklescan 2025-03-10T12:15:12+00:00 2025-04-09T17:27:27.016747+00:00
pysec-2025-20
6.5 (3.1)
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… picklescan 2025-03-10T12:15:10+00:00 2025-04-09T17:27:26.966215+00:00
pysec-2025-13
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2… django 2025-03-06T19:15:27+00:00 2025-04-09T17:27:25.095679+00:00
pysec-2025-23
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… ray 2025-03-06T05:15:16+00:00 2025-04-09T17:27:27.434099+00:00
pysec-2025-19
9.8 (3.1)
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … picklescan 2025-03-03T19:15:34+00:00 2025-04-09T17:27:26.916350+00:00
pysec-2025-25
6.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.532849+00:00
pysec-2025-24
7.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.486485+00:00
pysec-2025-15
5.3 (3.1)
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilde… flask-appbuilder 2025-03-03T16:15:41+00:00 2025-04-09T17:27:25.227116+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-18
picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… picklescan 2025-02-26T15:15:24+00:00 2025-04-09T17:27:26.867210+00:00
pysec-2025-31
vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.116292+00:00
pysec-2025-30
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.064106+00:00
pysec-2025-29
vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.005382+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
ID Description Updated
ID Description Published Updated
mal-2026-2533 Malicious code in phasedibd (PyPI) 2026-04-10T15:27:24Z 2026-04-10T15:27:24Z
mal-2026-2530 Malicious code in noonhelpers (PyPI) 2026-04-10T12:02:29Z 2026-04-10T12:02:29Z
mal-2026-2527 Malicious code in sjs-biginteger (npm) 2026-04-09T14:05:08Z 2026-04-10T17:23:36Z
mal-2026-2528 Malicious code in sjs-lint-build1 (npm) 2026-04-09T14:04:30Z 2026-04-10T17:23:36Z
mal-2026-2522 Malicious code in st-payment (PyPI) 2026-04-09T13:30:26Z 2026-04-09T13:30:26Z
mal-2026-2521 Malicious code in gc-grocery-api (PyPI) 2026-04-09T13:29:38Z 2026-04-09T13:29:38Z
mal-2026-2520 Malicious code in @signals-notebook/utils (npm) 2026-04-09T11:05:56Z 2026-04-10T17:23:32Z
mal-2026-2523 Malicious code in @telekom-wfa/auth-core (npm) 2026-04-09T08:25:05Z 2026-04-10T17:23:32Z
mal-2026-2519 Malicious code in just4testlm (PyPI) 2026-04-09T07:28:17Z 2026-04-09T08:40:08Z
mal-2026-2518 Malicious code in viewer-assets-generator (npm) 2026-04-09T03:10:01Z 2026-04-10T17:23:37Z
mal-2026-2517 Malicious code in kraken-trader (PyPI) 2026-04-08T20:22:02Z 2026-04-08T20:22:02Z
mal-2026-2516 Malicious code in sentinel-tool (PyPI) 2026-04-08T16:31:08Z 2026-04-08T16:31:08Z
mal-2026-2515 Malicious code in granulate-utils (PyPI) 2026-04-08T12:34:04Z 2026-04-08T12:34:04Z
mal-2026-2514 Malicious code in gprofiler-logging (PyPI) 2026-04-08T12:33:58Z 2026-04-08T12:33:58Z
mal-2026-2513 Malicious code in gprofiler (npm) 2026-04-08T11:45:58Z 2026-04-10T17:23:34Z
mal-2026-2512 Malicious code in roboat-utils (PyPI) 2026-04-08T09:50:08Z 2026-04-10T21:49:20Z
mal-2026-2510 Malicious code in @velora-dex/sdk (npm) 2026-04-08T04:29:51Z 2026-04-10T17:23:32Z
mal-2026-2506 Malicious code in @fairwords/encryption (npm) 2026-04-08T04:19:17Z 2026-04-10T17:23:32Z
mal-2026-2507 Malicious code in @fairwords/loopback-connector-es (npm) 2026-04-08T04:19:03Z 2026-04-10T17:23:32Z
mal-2026-2508 Malicious code in @fairwords/websocket (npm) 2026-04-08T04:18:49Z 2026-04-10T17:23:32Z
mal-2026-2504 Malicious code in strapi-plugin-cache (npm) 2026-04-07T16:01:07Z 2026-04-10T17:23:36Z
mal-2026-2505 Malicious code in @aspect-security/argon2 (npm) 2026-04-07T12:16:51Z 2026-04-10T17:23:32Z
mal-2026-2511 Malicious code in argon2-napi (npm) 2026-04-07T12:15:56Z 2026-04-10T17:23:32Z
mal-2026-2509 Malicious code in @langgraphjs/toolkit (npm) 2026-04-07T12:15:13Z 2026-04-10T17:23:32Z
mal-2026-2503 Malicious code in genesis-1p-tools-rpm-bundle (PyPI) 2026-04-07T09:41:03Z 2026-04-07T09:41:03Z
mal-2026-2502 Malicious code in databasenaps (PyPI) 2026-04-07T04:39:13Z 2026-04-10T21:49:20Z
mal-2026-2501 Malicious code in databaselooks (PyPI) 2026-04-07T04:00:02Z 2026-04-10T21:49:20Z
mal-2026-2525 Malicious code in frontend-backoffice (npm) 2026-04-06T16:24:27Z 2026-04-10T17:23:34Z
mal-2026-2529 Malicious code in use-form-builder-plugin (npm) 2026-04-06T16:16:50Z 2026-04-10T17:23:37Z
mal-2026-2524 Malicious code in a2a-chat-canvas (npm) 2026-04-06T16:13:05Z 2026-04-10T17:23:32Z
ID Description Published Updated
9akk108471a1621 EIBPORT Session Management Fail 2025-06-02T00:30:00.000Z 2025-06-04T00:30:00.000Z
9akk108470a8948 ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. 2025-05-29T00:30:00.000Z 2025-06-05T00:30:00.000Z
9akk108471a0021 ELSB/BLBA ASPECT advisory several CVEs 2025-05-22T00:30:00.000Z 2025-05-23T10:30:00.000Z
2crt000006 ANC – ABB Network Card Multiple vulnerabilities in ANC 2025-04-30T00:30:00.000Z 2025-04-30T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
2crt000007 Ekip Com IEC61850 Vulnerability in 3rd Party Library 2025-04-29T00:30:00.000Z 2025-04-29T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
9akk108470a9989 ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities 2025-04-10T08:30:00.000Z 2025-04-10T08:30:00.000Z
2nga002579 ABB Arctic communication solution ARM600 Vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
2nga002427 ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
9akk108470a9494 Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
9akk108470a9491 ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
sa24p015 B&R APROL Potential Privilege Escalation and Information Disclosure 2025-03-24T00:30:00.000Z 2025-03-24T00:30:00.000Z
9akk108470a8565 RMC-100 Vulnerability in the Web UI (REST Interface) 2025-03-11T00:30:00.000Z 2025-03-11T00:30:00.000Z
7paa012159 System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text 2025-02-10T00:30:00.000Z 2025-02-10T00:30:00.000Z
9akk108470a6775 Hardcoded credentials in ASPECT Energy Management System 2025-02-05T00:30:00.000Z 2025-02-06T00:30:00.000Z
9akk108470a5466 Drive Composer Path Traversal Vulnerability 2025-02-05T00:30:00.000Z 2025-01-10T00:30:00.000Z
9akk108470a5684 FLXeon Controllers Cyber Security Advisory 2025-01-20T00:30:00.000Z 2025-02-14T00:30:00.000Z
sa25p001 Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates 2025-01-15T00:30:00.000Z 2025-01-16T00:30:00.000Z
3adr011377 AC500 V3 Multiple vulnerabilities 2025-01-07T00:30:00.000Z 2025-01-07T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-0870 libpng: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0869 SolarWinds Platform: Mehrere Schwachstellen ermöglichen Cross-Site Scripting 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0865 Keycloak: Schwachstelle ermöglicht Offenlegung von Informationen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0864 OpenBao: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0863 Internet Systems Consortium BIND: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0861 Linux Kernel: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0860 NGINX und NGINX Plus: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0858 NATS Server: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0856 OpenClaw: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0855 Xen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0854 Squid: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0851 IBM InfoSphere Information Server: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0850 Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0849 ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-24T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0847 GitLab: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0845 IBM WebSphere Application Server Liberty: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0844 Hitachi Ops Center: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0843 Node.js: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0837 Google Chrome: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0833 Ruby on Rails: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0831 systemd: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0826 Znuny: Schwachstelle ermöglicht Cross-Site Scripting 2026-03-23T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0825 strongSwan: Schwachstelle ermöglicht Denial of Service 2026-03-23T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0824 Python: Schwachstelle ermöglicht Codeausführung 2026-03-22T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0822 PTC FlexPLM und Windchill: Schwachstelle ermöglicht Codeausführung 2026-03-22T23:00:00.000+00:00 2026-03-23T23:00:00.000+00:00
wid-sec-w-2026-0821 Keycloak: Mehrere Schwachstellen 2026-03-22T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0816 Apache ActiveMQ Artemis: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-22T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0794 Microsoft Azure DevOps, Data Factory and Cloud Shell: Mehrere Schwachstellen 2026-03-19T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0793 Netwrix Password Secure: Mehrere Schwachstellen 2026-03-19T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
wid-sec-w-2026-0792 SuiteCRM: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-03-19T23:00:00.000+00:00
ID Description Published Updated
icsa-26-076-04 Siemens SICAM SIAPP SDK 2026-03-10T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-071-05 Siemens Heliox EV Chargers 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-04 Siemens SIMATIC 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-03 Siemens SIDIS Prime 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-02 Siemens RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-064-01 Delta Electronics CNCSoft-G2 2026-03-05T07:00:00.000000Z 2026-03-05T07:00:00.000000Z
icsa-26-062-05 Labkotec LID-3300IP 2026-03-03T07:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-04 Portwell Engineering Toolkits 2026-03-03T07:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-08 Everon OCPP Backends 2026-03-03T06:00:00.000000Z 2026-03-03T06:00:00.000000Z
icsa-26-062-07 ePower epower.ie 2026-03-03T06:00:00.000000Z 2026-03-03T06:00:00.000000Z
icsa-26-062-06 Mobiliti e-mobi.hu 2026-03-03T06:00:00.000000Z 2026-03-03T06:00:00.000000Z
icsa-26-062-01 Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module 2026-03-03T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-076-01 CODESYS in Festo Automation Suite 2026-02-26T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-057-10 Copeland XWEB and XWEB Pro 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-09 Yokogawa CENTUM VP R6, R7 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-08 Mobility46 mobility46.se 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-07 EV Energy ev.energy 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-06 SWITCH EV swtchenergy.com 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-05 Chargemap chargemap.com 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-04 EV2GO ev2go.io 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-03 CloudCharge cloudcharge.se 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-02 Pelco, Inc. Sarix Pro 3 Series IP Cameras 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-01 Johnson Controls, Inc. Frick Controls Quantum HD 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-055-01 InSAT MasterSCADA BUK-TS 2026-02-24T07:00:00.000000Z 2026-02-24T07:00:00.000000Z
icsa-26-055-03 Gardyn Home Kit (Update A) 2026-02-24T06:00:00.000000Z 2026-04-02T05:00:00.000000Z
icsa-26-092-03 Hitachi Energy Ellipse 2026-02-24T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-062-03 Hitachi Energy RTU500 Product 2026-02-24T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-02 Hitachi Energy Relion REB500 Product 2026-02-24T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-050-04 Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller 2026-02-19T07:00:00.000000Z 2026-02-19T07:00:00.000000Z
icsa-26-050-03 Jinan USR IOT Technology Limited (PUSR) USR-W610 2026-02-19T07:00:00.000000Z 2026-02-19T07:00:00.000000Z
ID Description Published Updated
cisco-sa-ftd-dnd-dos-bpecg7b7 Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-cmd-inj-mtzgzexf Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-sql-injection-2qh6ccjd Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-rce-nkhnuljh Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 2026-03-04T16:00:00+00:00 2026-03-25T14:21:24+00:00
cisco-sa-asaftd-vpn-m9sx6mbc Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-saml-lkttrwzp Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ospf-zh8phbsw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-luainject-vescqgms Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ikev2-dos-ebuegdeg Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-desync-n5avzeqw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asa-ssh-keybypass-cr5xpusf Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ucsm-cmdinj-gvxlpesb Cisco UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsm-afwae-mogufyln Cisco UCS Manager Software Privilege Escalation Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsfxosxss-7skve8zv Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsciv-wgytc78q Cisco FXOS and UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-sdwan-rpa-ehchtzk Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 2026-02-25T16:00:00+00:00 2026-03-03T00:38:56+00:00
cisco-sa-sdwan-authbp-qwcx8d4v Cisco Catalyst SD-WAN Vulnerabilities 2026-02-25T16:00:00+00:00 2026-03-18T01:06:38+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4 Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-dsnmp-cnn39uh Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-cpdos-qlsv6pfd Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3 Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability 2026-02-04T16:00:00+00:00 2026-02-20T21:08:47+00:00
cisco-sa-tce-roomos-dos-9v9jrc2q Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability 2026-02-04T16:00:00+00:00 2026-02-12T17:37:39+00:00
cisco-sa-pi-xss-byevkcd Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-epnm-pi-redirect-6sx82dn Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-cmm-file-up-ky47n8kk Cisco Meeting Management Arbitrary File Upload Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-voice-rce-morhqy4b Cisco Unified Communications Products Remote Code Execution Vulnerability 2026-01-21T16:00:00+00:00 2026-02-13T15:21:01+00:00
cisco-sa-ucce-pcce-xss-2jvyg3ud Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-intersight-privesc-p6tbm6jk Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-34979 OpenPrinting CUPS: Heap overflow in `get_options()` 2026-04-02T00:00:00.000Z 2026-04-09T01:01:35.000Z
msrc_cve-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) 2026-04-02T00:00:00.000Z 2026-04-09T01:01:30.000Z
msrc_cve-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon 2026-04-02T00:00:00.000Z 2026-04-09T01:01:25.000Z
msrc_cve-2026-34743 XZ Utils: Buffer overflow in lzma_index_append() 2026-04-02T00:00:00.000Z 2026-04-11T01:40:16.000Z
msrc_cve-2026-34601 xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion 2026-04-02T00:00:00.000Z 2026-04-04T01:02:47.000Z
msrc_cve-2026-34591 Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write 2026-04-02T00:00:00.000Z 2026-04-07T01:02:30.000Z
msrc_cve-2026-34446 ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load 2026-04-02T00:00:00.000Z 2026-04-09T01:02:48.000Z
msrc_cve-2026-34445 ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings. 2026-04-02T00:00:00.000Z 2026-04-09T01:02:56.000Z
msrc_cve-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 2026-04-02T00:00:00.000Z 2026-04-11T01:10:17.000Z
msrc_cve-2026-32289 JsBraceDepth Context Tracking Bugs (XSS) in html/template 2026-04-02T00:00:00.000Z 2026-04-11T01:07:20.000Z
msrc_cve-2026-32288 Unbounded allocation for old GNU sparse in archive/tar 2026-04-02T00:00:00.000Z 2026-04-11T01:06:16.000Z
msrc_cve-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls 2026-04-02T00:00:00.000Z 2026-04-11T01:07:52.000Z
msrc_cve-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix 2026-04-02T00:00:00.000Z 2026-04-11T01:09:15.000Z
msrc_cve-2026-32281 Inefficient policy validation in crypto/x509 2026-04-02T00:00:00.000Z 2026-04-11T01:06:47.000Z
msrc_cve-2026-32280 Unexpected work during chain building in crypto/x509 2026-04-02T00:00:00.000Z 2026-04-11T01:08:24.000Z
msrc_cve-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization 2026-04-02T00:00:00.000Z 2026-04-07T01:02:25.000Z
msrc_cve-2026-31790 Incorrect Failure Handling in RSA KEM RSASVE Encapsulation 2026-04-02T00:00:00.000Z 2026-04-10T14:39:43.000Z
msrc_cve-2026-31789 Heap Buffer Overflow in Hexadecimal Conversion 2026-04-02T00:00:00.000Z 2026-04-11T01:05:12.000Z
msrc_cve-2026-31410 ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION 2026-04-02T00:00:00.000Z 2026-04-07T01:01:16.000Z
msrc_cve-2026-31408 Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold 2026-04-02T00:00:00.000Z 2026-04-07T01:01:28.000Z
msrc_cve-2026-31407 netfilter: conntrack: add missing netlink policy validations 2026-04-02T00:00:00.000Z 2026-04-07T01:01:22.000Z
msrc_cve-2026-31394 mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations 2026-04-02T00:00:00.000Z 2026-04-07T14:37:49.000Z
msrc_cve-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) 2026-04-02T00:00:00.000Z 2026-04-11T01:03:43.000Z
msrc_cve-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver 2026-04-02T00:00:00.000Z 2026-04-11T01:01:30.000Z
msrc_cve-2026-28390 Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo 2026-04-02T00:00:00.000Z 2026-04-11T01:02:31.000Z
msrc_cve-2026-28389 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo 2026-04-02T00:00:00.000Z 2026-04-11T01:02:05.000Z
msrc_cve-2026-28388 NULL Pointer Dereference When Processing a Delta CRL 2026-04-02T00:00:00.000Z 2026-04-11T01:04:53.000Z
msrc_cve-2026-28387 Potential Use-after-free in DANE Client Code 2026-04-02T00:00:00.000Z 2026-04-11T01:04:19.000Z
msrc_cve-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup 2026-04-02T00:00:00.000Z 2026-04-07T01:41:30.000Z
msrc_cve-2026-27447 OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup 2026-04-02T00:00:00.000Z 2026-04-07T01:40:54.000Z
ID Description Published Updated
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ncsc-2026-0078 Kwetsbaarheden verholpen in Kibana 2026-03-05T09:36:49.056247Z 2026-03-05T09:36:49.056247Z
ncsc-2026-0077 Kwetsbaarheden verholpen in Cisco Secure Firewall systemen 2026-03-05T09:05:21.646499Z 2026-03-05T09:05:21.646499Z
ncsc-2026-0076 Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center 2026-03-04T20:49:12.211658Z 2026-03-19T11:48:18.917205Z
ncsc-2026-0075 Kwetsbaarheid verholpen in n8n Automation Platform 2026-03-04T14:03:54.207583Z 2026-03-04T14:03:54.207583Z
ncsc-2026-0074 Kwetsbaarheden verholpen in Google Android en Samsung Mobile 2026-03-03T09:07:09.279353Z 2026-03-03T09:07:09.279353Z
ncsc-2026-0073 Kwetsbaarheid verholpen in Juniper Junos OS Evolved 2026-02-27T09:48:51.845864Z 2026-02-27T09:48:51.845864Z
ncsc-2026-0072 Kwetsbaarheden verholpen in GitLab 2026-02-27T07:15:18.318821Z 2026-02-27T07:15:18.318821Z
ncsc-2026-0071 Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager 2026-02-25T17:11:09.013125Z 2026-03-06T12:07:02.595940Z
ncsc-2026-0070 Kwetsbaarheden verholpen in VMware Aria Operations 2026-02-25T11:24:46.807867Z 2026-03-04T08:54:08.940512Z
ncsc-2026-0069 Kwetsbaarheden verholpen in SolarWinds Serv-U 2026-02-25T10:39:38.154815Z 2026-02-25T10:39:38.154815Z
ncsc-2026-0068 Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform 2026-02-23T14:27:28.865278Z 2026-02-23T14:27:28.865278Z
ncsc-2026-0067 Kwetsbaarheden verholpen in GitHub Enterprise Server 2026-02-20T10:13:39.540778Z 2026-02-20T10:13:39.540778Z
ncsc-2026-0066 Kwetsbaarheid verholpen in Google Chrome 2026-02-19T08:29:30.712590Z 2026-02-19T08:29:30.712590Z
ncsc-2026-0065 Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines 2026-02-18T13:18:23.815384Z 2026-02-18T13:18:23.815384Z
ncsc-2026-0064 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-02-13T13:35:03.870920Z 2026-02-13T13:35:03.870920Z
ncsc-2026-0063 Kwetsbaarheden verholpen in Apple macOS 2026-02-13T13:24:06.433550Z 2026-02-13T13:24:06.433550Z
ncsc-2026-0062 Kwetsbaarheden verholpen in GitLab CE/EE 2026-02-11T11:45:05.986313Z 2026-02-11T11:45:05.986313Z
ncsc-2026-0061 Kwetsbaarheden verholpen in Fortinet FortiOS 2026-02-11T11:34:50.888067Z 2026-02-11T11:34:50.888067Z
ncsc-2026-0060 Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient 2026-02-11T11:34:36.684955Z 2026-02-11T11:34:36.684955Z
ncsc-2026-0059 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2026-02-11T08:16:27.583936Z 2026-03-10T14:20:48.176282Z
ncsc-2026-0058 Kwetsbaarheden verholpen in Microsoft Office 2026-02-10T19:11:42.825147Z 2026-02-10T19:11:42.825147Z
ncsc-2026-0057 Kwetsbaarheden verholpen in Microsoft Azure 2026-02-10T19:08:27.878305Z 2026-02-10T19:08:27.878305Z
ncsc-2026-0056 Kwetsbaarheden verholpen in Microsoft Developer Tools 2026-02-10T19:07:16.028511Z 2026-02-10T19:07:16.028511Z
ncsc-2026-0055 Kwetsbaarheid verholpen in Microsoft SQL Server 2026-02-10T19:05:45.729972Z 2026-02-10T19:05:45.729972Z
ncsc-2026-0054 Kwetsbaarheid verholpen in Microsoft Exchange 2026-02-10T19:04:51.366294Z 2026-02-10T19:04:51.366294Z
ncsc-2026-0053 Kwetsbaarheden verholpen in Microsoft Windows 2026-02-10T19:01:45.561771Z 2026-02-10T19:01:45.561771Z
ncsc-2026-0052 Kwetsbaarheden verholpen in SAP producten 2026-02-10T12:28:40.531069Z 2026-02-10T12:28:40.531069Z
ncsc-2026-0051 Kwetsbaarheden verholpen in Siemens producten 2026-02-10T12:27:40.637581Z 2026-02-10T12:27:40.637581Z
ID Description Published Updated
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_1-01 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 2023-05-03T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:1-01 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 2023-05-03T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022_2-02 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022_2-01 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022:2-02 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022:2-01 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021_2-01 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021_1-01 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021:2-01 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021:1-01 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020_3-01 Angular template injection on custom report name field 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020_2-01 Cross-site request forgery attack on change password form 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020:3-01 Angular template injection on custom report name field 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020:2-01 Cross-site request forgery attack on change password form 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019_2-01 CSV Injection on node label 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019_1-01 Stored XSS in field name data model 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:20468-1 Security update for python-cbor2 2026-04-07T11:57:38Z 2026-04-07T11:57:38Z
opensuse-su-2026:20466-1 Security update for libpng16 2026-04-07T11:57:38Z 2026-04-07T11:57:38Z
opensuse-su-2026:20473-1 Security update for osslsigncode 2026-04-07T07:50:40Z 2026-04-07T07:50:40Z
opensuse-su-2026:10499-1 python311-social-auth-app-django-5.7.0-1.1 on GA media 2026-04-07T00:00:00Z 2026-04-07T00:00:00Z
opensuse-su-2026:10498-1 libeverest-3.6.6-1.1 on GA media 2026-04-07T00:00:00Z 2026-04-07T00:00:00Z
opensuse-su-2026:10497-1 heroic-games-launcher-2.20.1-5.1 on GA media 2026-04-07T00:00:00Z 2026-04-07T00:00:00Z
opensuse-su-2026:10496-1 git-cliff-2.12.0-1.1 on GA media 2026-04-07T00:00:00Z 2026-04-07T00:00:00Z
opensuse-su-2026:10495-1 ckermit-9.0.302-20.1 on GA media 2026-04-07T00:00:00Z 2026-04-07T00:00:00Z
opensuse-su-2026:10494-1 SDL2_image-devel-2.8.10-1.1 on GA media 2026-04-07T00:00:00Z 2026-04-07T00:00:00Z
opensuse-su-2026:20464-1 Security update for cockpit-repos 2026-04-05T02:50:21Z 2026-04-05T02:50:21Z
opensuse-su-2026:10493-1 SDL3_image-devel-3.4.2-1.1 on GA media 2026-04-05T00:00:00Z 2026-04-05T00:00:00Z
opensuse-su-2026:10492-1 liblzma5-32bit-5.8.3-1.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:10491-1 python311-scitokens-1.8.1-2.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:10490-1 python311-aiohttp-3.13.5-2.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:10489-1 libinput-devel-1.31.1-1.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:10488-1 corosync-3.1.10-4.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:10487-1 chromedriver-146.0.7680.177-1.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:10486-1 amazon-ssm-agent-3.3.4121.0-1.1 on GA media 2026-04-04T00:00:00Z 2026-04-04T00:00:00Z
opensuse-su-2026:20460-1 Security update for chromium 2026-04-03T06:09:23Z 2026-04-03T06:09:23Z
opensuse-su-2026:10485-1 python311-Flask-Cors-6.0.2-1.1 on GA media 2026-04-03T00:00:00Z 2026-04-03T00:00:00Z
opensuse-su-2026:10484-1 k6-1.7.1-1.1 on GA media 2026-04-03T00:00:00Z 2026-04-03T00:00:00Z
opensuse-su-2026:10483-1 himmelblau-2.3.9+git0.a9fd29b-1.1 on GA media 2026-04-03T00:00:00Z 2026-04-03T00:00:00Z
opensuse-su-2026:20461-1 Security update for dnsdist 2026-04-02T09:11:51Z 2026-04-02T09:11:51Z
opensuse-su-2026:10482-1 osslsigncode-2.13-1.1 on GA media 2026-04-02T00:00:00Z 2026-04-02T00:00:00Z
opensuse-su-2026:20459-1 Security update for perl-XML-Parser 2026-04-01T16:23:38Z 2026-04-01T16:23:38Z
opensuse-su-2026:20456-1 Security update for tinyproxy 2026-04-01T16:15:06Z 2026-04-01T16:15:06Z
opensuse-su-2026:20458-1 Security update for python-Pillow 2026-04-01T14:57:29Z 2026-04-01T14:57:29Z
opensuse-su-2026:20452-1 Security update for kea 2026-04-01T09:24:21Z 2026-04-01T09:24:21Z
opensuse-su-2026:10481-1 python314-3.14.3-4.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10480-1 python313-3.13.12-3.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
ID Description Published Updated
ID Description Published Updated
rhsa-2026:7123 Red Hat Security Advisory: nodejs:22 security update 2026-04-08T18:17:58+00:00 2026-04-10T08:08:42+00:00
rhsa-2026:7128 Red Hat Security Advisory: RHACS 4.9.5 security and bug fix update 2026-04-08T17:43:53+00:00 2026-04-10T15:10:11+00:00
rhsa-2026:7106 Red Hat Security Advisory: libarchive security update 2026-04-08T17:01:18+00:00 2026-04-09T20:37:33+00:00
rhsa-2026:7105 Red Hat Security Advisory: libarchive security update 2026-04-08T16:59:33+00:00 2026-04-09T20:37:33+00:00
rhsa-2026:7107 Red Hat Security Advisory: openssh security update 2026-04-08T16:43:28+00:00 2026-04-09T23:07:40+00:00
rhsa-2026:7110 Red Hat Security Advisory: RHACS 4.8.10 security and bug fix update 2026-04-08T16:37:57+00:00 2026-04-10T15:10:11+00:00
rhsa-2026:7100 Red Hat Security Advisory: kernel-rt security update 2026-04-08T15:45:13+00:00 2026-04-08T20:50:09+00:00
rhsa-2026:7093 Red Hat Security Advisory: libarchive security update 2026-04-08T14:29:28+00:00 2026-04-09T20:37:33+00:00
rhsa-2026:7081 Red Hat Security Advisory: libtiff security update 2026-04-08T14:09:08+00:00 2026-04-09T20:37:08+00:00
rhsa-2026:7010 Red Hat Security Advisory: python3.12 security update 2026-04-08T14:07:33+00:00 2026-04-11T01:47:21+00:00
rhsa-2026:7080 Red Hat Security Advisory: nodejs22 security update 2026-04-08T13:58:58+00:00 2026-04-10T08:08:40+00:00
rhsa-2026:7011 Red Hat Security Advisory: grafana security update 2026-04-08T13:36:08+00:00 2026-04-10T11:59:06+00:00
rhsa-2026:7009 Red Hat Security Advisory: grafana-pcp security update 2026-04-08T13:35:28+00:00 2026-04-10T11:59:06+00:00
rhsa-2026:7035 Red Hat Security Advisory: libpng12 security update 2026-04-08T12:41:42+00:00 2026-04-09T14:38:04+00:00
rhsa-2026:7052 Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.14 2026-04-08T12:26:52+00:00 2026-04-10T22:24:32+00:00
rhsa-2026:7013 Red Hat Security Advisory: kernel security update 2026-04-08T12:16:32+00:00 2026-04-08T19:38:05+00:00
rhsa-2026:7032 Red Hat Security Advisory: libpng12 security update 2026-04-08T12:15:17+00:00 2026-04-09T14:38:03+00:00
rhsa-2026:7033 Red Hat Security Advisory: libpng12 security update 2026-04-08T12:14:27+00:00 2026-04-09T14:38:03+00:00
rhsa-2026:7034 Red Hat Security Advisory: libpng12 security update 2026-04-08T12:04:23+00:00 2026-04-09T14:38:03+00:00
rhsa-2026:7036 Red Hat Security Advisory: libpng12 security update 2026-04-08T11:57:07+00:00 2026-04-09T14:38:04+00:00
rhsa-2026:7005 Red Hat Security Advisory: git-lfs security update 2026-04-08T11:31:47+00:00 2026-04-10T11:59:06+00:00
rhsa-2026:7003 Red Hat Security Advisory: kernel security update 2026-04-08T08:35:32+00:00 2026-04-08T19:39:03+00:00
rhsa-2026:7002 Red Hat Security Advisory: nginx security update 2026-04-08T08:11:46+00:00 2026-04-10T01:26:17+00:00
rhsa-2026:7001 Red Hat Security Advisory: fontforge security update 2026-04-08T07:20:26+00:00 2026-04-08T13:34:40+00:00
rhsa-2026:6986 Red Hat Security Advisory: kernel security update 2026-04-08T06:13:06+00:00 2026-04-08T19:37:24+00:00
rhsa-2026:6958 Red Hat Security Advisory: freerdp security update 2026-04-08T05:18:01+00:00 2026-04-08T13:34:43+00:00
rhsa-2026:6961 Red Hat Security Advisory: kernel security update 2026-04-08T05:15:46+00:00 2026-04-08T19:38:08+00:00
rhsa-2026:6954 Red Hat Security Advisory: kernel security update 2026-04-08T03:38:11+00:00 2026-04-08T19:38:10+00:00
rhsa-2026:6953 Red Hat Security Advisory: kernel security update 2026-04-08T03:26:26+00:00 2026-04-08T19:37:33+00:00
rhsa-2026:6562 Red Hat Security Advisory: OpenShift Container Platform 4.21.9 security and extras update 2026-04-08T02:06:59+00:00 2026-04-10T15:33:35+00:00
ID Description Published Updated
sevd-2025-161-01 Insight Home and Insight Facility 2025-06-10T04:00:00.000Z 2025-06-10T04:00:00.000Z
sevd-2025-133-05 Galaxy VS, Galaxy VL, Galaxy VXL 2025-05-13T04:00:00.000Z 2025-09-24T04:00:00.000Z
sevd-2025-133-04 Schneider Electric PrismaSeT Active - Wireless Panel Server 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-03 EcoStruxure Power Build Rapsody 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-02 Wiser Home Automation 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-098-02 Trio™ Q Licensed Data Radios 2025-04-08T04:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-098-01 ConneXium Network Manager Software 2025-04-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-070-03 WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-02 EPAS-UI & EcoSUI 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-01 EcoStruxure™ Panel Server 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-042-04 Enerlin'X IFE and eIFE 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-03 EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-01 ASCO 5310 / 5350 Remote Annunciator 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-03 Wind River VxWorks DHCP Server Vulnerability 2025-01-14T05:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-014-01 Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC 2025-01-14T05:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-014-09 EcoStruxure™ Power Build Rapsody 2025-01-14T00:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-014-08 Power Logic HDPM6000 High-Density Metering System 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-05 Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules 2025-01-14T00:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-014-04 Web Designer for Modicon Communication Modules 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-02 Pro-face GP-Pro EX and Remote HMI 2025-01-14T00:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2024-345-02 Harmony HMI and Pro-face HMI products 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-345-01 PowerChute Serial Shutdown 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-317-04 EcoStruxure™ IT Gateway 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-317-02 Modicon Controllers M340 / Momentum / MC80 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
ID Description Published Updated
sca-2023-0009 Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products 2023-09-29T10:00:00.000Z 2023-09-29T10:00:00.000Z
sca-2023-0007 Vulnerabilities in SICK LMS5xx 2023-08-25T11:00:00.000Z 2023-08-25T11:00:00.000Z
sca-2023-0006 Vulnerabilities in SICK ICR890-4 2023-07-10T13:00:00.000Z 2023-07-10T13:00:00.000Z
sca-2023-0005 Vulnerabilities in SICK EventCam App 2023-06-19T11:00:00.000Z 2023-06-19T11:00:00.000Z
sca-2023-0004 Vulnerabilities in SICK FTMg 2023-05-11T13:00:00.000Z 2023-05-11T13:00:00.000Z
sca-2023-0003 Vulnerability in SICK Flexi Soft and Flexi Classic Gateways 2023-05-03T13:00:00.000Z 2023-05-03T13:00:00.000Z
sca-2023-0002 Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways 2023-04-11T10:00:00.000Z 2023-04-11T10:00:00.000Z
sca-2023-0001 Bootloader mode vulnerability in Flexi Soft Gateways v3 2023-02-20T14:00:00.000Z 2023-02-20T14:00:00.000Z
sca-2022-0015 Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR 2022-12-08T16:00:00.000Z 2022-12-08T16:00:00.000Z
sca-2022-0014 SICK FlexiCompact affected by Denial of Service vulnerability 2022-10-31T11:00:00.000Z 2022-10-31T11:00:00.000Z
sca-2022-0013 Password recovery vulnerability affects multiple SICK SIMs 2022-10-21T13:00:00.000Z 2022-11-04T14:00:00.000Z
sca-2022-0012 OpenSSL vulnerability affects multiple SICK SIMs 2022-08-08T13:00:00.000Z 2022-08-03T13:00:00.000Z
sca-2022-0011 Vulnerabilities in SICK Package Analytics 2022-06-08T15:00:00.000Z 2022-06-08T15:00:00.000Z
sca-2022-0010 Vulnerability in SICK Flexi Soft Designer & Safety Designer 2022-05-16T10:00:00.000Z 2022-07-19T10:00:00.000Z
sca-2022-0009 Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET 2022-04-29T15:00:00.000Z 2022-04-29T15:00:00.000Z
sca-2022-0008 Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 2022-04-29T15:00:00.000Z 2022-04-29T15:00:00.000Z
sca-2022-0007 Vulnerabilities in SICK MARSIC300 2022-04-21T15:00:00.000Z 2022-04-21T15:00:00.000Z
sca-2022-0006 Vulnerability in SICK MSC800 2022-04-11T15:00:00.000Z 2022-04-11T15:00:00.000Z
sca-2022-0005 Vulnerability in SICK Overall Equipment Effectiveness (OEE) 2022-04-11T15:00:00.000Z 2022-04-11T15:00:00.000Z
sca-2022-0004 Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC 2022-04-11T15:00:00.000Z 2022-03-31T15:00:00.000Z
sca-2022-0003 Vulnerabilities in SICK FTMg 2022-03-31T15:00:00.000Z 2022-03-31T15:00:00.000Z
sca-2022-0002 PwnKit vulnerability affects multiple SICK IPCs 2022-02-23T16:00:00.000Z 2022-02-23T16:00:00.000Z
sca-2022-0001 Vulnerability in SICK FieldEcho 2022-02-17T16:00:00.000Z 2022-02-17T16:00:00.000Z
sca-2021-0004 Vulnerabilities in SICK SOPAS ET 2021-12-16T08:00:00.000Z 2021-12-17T08:00:00.000Z
sca-2021-0003 SICK Security Advisory for Apache Log4j (CVE-2021-44228) 2021-12-14T17:00:00.000Z 2021-12-17T12:00:00.000Z
sca-2021-0002 MEAC affected by Windows SMBv1 vulnerability 2021-08-04T10:00:00.000Z 2021-08-04T10:00:00.000Z
sca-2021-0001 Inadequate SSH configuration in SICK Visionary-S CX 2021-06-25T10:00:00.000Z 2021-06-25T10:00:00.000Z
sca-2020-0005 Package Analytics affected by Windows TCP/IP vulnerability 2020-10-29T11:00:00.000Z 2020-10-29T11:00:00.000Z
sca-2020-0004 Vulnerability in Platform Mechanism AutoIP 2020-08-31T10:00:00.000Z 2020-08-31T10:00:00.000Z
sca-2020-0003 MEAC affected by Windows SMBv3 vulnerability 2020-08-07T10:00:00.000Z 2020-08-07T10:00:00.000Z
ID Description Published Updated
ssa-416652 SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-356310 SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-202008 SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-241605 SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-190588 SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-682326 SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-522291 SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-514895 SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-365596 SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-339694 SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-267056 SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-201498 SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-599451 SSA-599451: Multiple Vulnerabilities in SiPass integrated 2025-10-14T00:00:00Z 2026-02-10T00:00:00Z
ssa-541582 SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-486936 SSA-486936: Authentication Vulnerability in SIMATIC ET 200SP Communication Processors 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-365200 SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products 2025-10-14T00:00:00Z 2026-01-13T00:00:00Z
ssa-318832 SSA-318832: SQL Injection Vulnerability in SINEC NMS 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-062309 SSA-062309: Information Disclosure Vulnerability in TeleControl Server Basic V3.1 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-916339 SSA-916339: Information Disclosure Vulnerability in Apogee PXC and Talon TC Devices 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ssa-722410 SSA-722410: Multiple Vulnerabilities in User Management Component (UMC) 2025-09-09T00:00:00Z 2025-10-14T00:00:00Z
ssa-640476 SSA-640476: Denial of Service Vulnerability in Industrial Edge Management 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ssa-563922 SSA-563922: Local Privilege Escalation Vulnerability in SIMOTION Tools 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ssa-534283 SSA-534283: Insecure File Share Vulnerability in SIMATIC Virtualization as a Service (SIVaaS) 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ssa-494539 SSA-494539: Multiple Vulnerabilities in SINEC OS 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ssa-027652 SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives 2025-09-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-395458 SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module 2025-08-14T00:00:00Z 2025-08-14T00:00:00Z
ssa-201595 SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2025-08-14T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-994087 SSA-994087: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7 2025-08-12T00:00:00Z 2025-08-12T00:00:00Z
ssa-978177 SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices 2025-08-12T00:00:00Z 2026-01-13T00:00:00Z
ID Description Published Updated
suse-su-2026:1209-1 Security update for bind 2026-04-08T07:12:41Z 2026-04-08T07:12:41Z
suse-su-2026:1208-1 Security update for ignition 2026-04-08T07:12:23Z 2026-04-08T07:12:23Z
suse-su-2026:1095-1 Security update for vim 2026-04-07T14:35:54Z 2026-04-07T14:35:54Z
suse-su-2026:0910-1 Security update for vim 2026-04-07T14:35:08Z 2026-04-07T14:35:08Z
suse-su-2026:1206-1 Security update for python 2026-04-07T14:18:48Z 2026-04-07T14:18:48Z
suse-su-2026:1203-1 Security update for ImageMagick 2026-04-07T12:24:55Z 2026-04-07T12:24:55Z
suse-su-2026:1202-1 Security update for ImageMagick 2026-04-07T12:24:42Z 2026-04-07T12:24:42Z
suse-su-2026:1201-1 Security update for ImageMagick 2026-04-07T12:24:24Z 2026-04-07T12:24:24Z
suse-su-2026:1200-1 Security update for ignition 2026-04-07T11:50:19Z 2026-04-07T11:50:19Z
suse-su-2026:20969-1 Security update for polkit 2026-04-07T11:50:03Z 2026-04-07T11:50:03Z
suse-su-2026:1199-1 Security update for python-PyJWT 2026-04-07T10:25:37Z 2026-04-07T10:25:37Z
suse-su-2026:1198-1 Security update for ignition 2026-04-07T10:25:22Z 2026-04-07T10:25:22Z
suse-su-2026:1197-1 Security update for ignition 2026-04-07T10:25:02Z 2026-04-07T10:25:02Z
suse-su-2026:1195-1 Security update for google-cloud-sap-agent 2026-04-07T09:25:22Z 2026-04-07T09:25:22Z
suse-su-2026:1194-1 Security update for google-cloud-sap-agent 2026-04-07T09:25:07Z 2026-04-07T09:25:07Z
suse-su-2026:1193-1 Security update for gimp 2026-04-07T08:40:15Z 2026-04-07T08:40:15Z
suse-su-2026:1192-1 Security update for python-pyOpenSSL 2026-04-07T08:39:34Z 2026-04-07T08:39:34Z
suse-su-2026:1191-1 Security update for avahi 2026-04-06T10:53:58Z 2026-04-06T10:53:58Z
suse-su-2026:1189-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7) 2026-04-05T10:34:20Z 2026-04-05T10:34:20Z
suse-su-2026:1188-1 Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7) 2026-04-05T10:34:17Z 2026-04-05T10:34:17Z
suse-su-2026:1187-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) 2026-04-05T10:04:24Z 2026-04-05T10:04:24Z
suse-su-2026:20997-1 Security update for cockpit-repos 2026-04-05T03:01:00Z 2026-04-05T03:01:00Z
suse-su-2026:20973-1 Security update for cockpit-repos 2026-04-05T03:01:00Z 2026-04-05T03:01:00Z
suse-su-2026:20967-1 Security update for cockpit-repos 2026-04-05T03:01:00Z 2026-04-05T03:01:00Z
suse-su-2026:1185-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP7) 2026-04-03T16:41:59Z 2026-04-03T16:41:59Z
suse-su-2026:1180-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 15 SP7) 2026-04-03T16:41:43Z 2026-04-03T16:41:43Z
suse-su-2026:1179-1 Security update for libsoup2 2026-04-02T15:08:33Z 2026-04-02T15:08:33Z
suse-su-2026:1177-1 Security update for tar 2026-04-02T15:00:45Z 2026-04-02T15:00:45Z
suse-su-2026:1174-1 Security update for LibVNCServer 2026-04-02T12:43:24Z 2026-04-02T12:43:24Z
suse-su-2026:1173-1 Security update for LibVNCServer 2026-04-02T12:43:10Z 2026-04-02T12:43:10Z
ID Description Published Updated
alsa-2026:6005 Important: freerdp security update 2026-03-30T00:00:00Z 2026-04-02T09:00:17Z
alsa-2026:6004 Important: freerdp security update 2026-03-30T00:00:00Z 2026-03-31T08:19:51Z
alsa-2026:5942 Important: golang security update 2026-03-26T00:00:00Z 2026-03-27T10:17:44Z
alsa-2026:5941 Important: golang security update 2026-03-26T00:00:00Z 2026-03-27T10:26:32Z
alsa-2026:5939 Important: freerdp security update 2026-03-26T00:00:00Z 2026-03-27T10:28:32Z
alsa-2026:5932 Important: firefox security update 2026-03-26T00:00:00Z 2026-03-30T10:46:04Z
alsa-2026:5931 Important: firefox security update 2026-03-26T00:00:00Z 2026-03-30T10:43:43Z
alsa-2026:5930 Important: firefox security update 2026-03-26T00:00:00Z 2026-03-30T11:00:48Z
alsa-2026:5913 Moderate: ncurses security update 2026-03-26T00:00:00Z 2026-03-27T10:30:59Z
alsa-2026:5640 Moderate: mysql:8.4 security update 2026-03-24T00:00:00Z 2026-03-26T11:56:07Z
alsa-2026:5603 Moderate: opencryptoki security update 2026-03-24T00:00:00Z 2026-03-26T10:00:53Z
alsa-2026:5602 Moderate: vim security update 2026-03-24T00:00:00Z 2026-03-26T10:18:47Z
alsa-2026:5599 Moderate: nginx security update 2026-03-24T00:00:00Z 2026-03-26T13:22:57Z
alsa-2026:5588 Moderate: python3 security update 2026-03-24T00:00:00Z 2026-03-26T10:36:35Z
alsa-2026:5587 Moderate: opencryptoki security update 2026-03-24T00:00:00Z 2026-03-26T10:48:17Z
alsa-2026:5585 Moderate: gnutls security update 2026-03-24T00:00:00Z 2026-03-26T11:01:10Z
alsa-2026:5581 Moderate: nginx:1.24 security update 2026-03-24T00:00:00Z 2026-03-26T13:17:49Z
alsa-2026:5580 Moderate: mysql:8.0 security update 2026-03-24T00:00:00Z 2026-03-26T11:12:21Z
alsa-2026:5578 Moderate: virt:rhel and virt-devel:rhel security update 2026-03-24T00:00:00Z 2026-03-26T13:09:57Z
alsa-2026:5513 Moderate: 389-ds:1.4 security update 2026-03-24T00:00:00Z 2026-03-26T11:22:25Z
alsa-2026:5146 Important: yggdrasil security update 2026-03-19T00:00:00Z 2026-03-20T07:36:24Z
alsa-2026:5145 Important: yggdrasil-worker-package-manager security update 2026-03-19T00:00:00Z 2026-03-20T07:40:23Z
alsa-2026:5113 Important: gimp:2.8 security update 2026-03-19T00:00:00Z 2026-03-20T13:31:59Z
alsa-2026:5080 Important: libarchive security update 2026-03-19T00:00:00Z 2026-03-20T07:21:56Z
alsa-2026:5063 Important: libarchive security update 2026-03-19T00:00:00Z 2026-03-20T07:26:23Z
alsa-2026:4898 Important: capstone security update 2026-03-18T00:00:00Z 2026-03-19T15:08:06Z
alsa-2026:4828 Moderate: mysql security update 2026-03-17T00:00:00Z 2026-03-19T15:05:35Z
alsa-2026:4772 Moderate: glibc security update 2026-03-17T00:00:00Z 2026-03-19T12:43:04Z
alsa-2026:4760 Moderate: grub2 security update 2026-03-17T00:00:00Z 2026-03-19T14:40:59Z
alsa-2026:4759 Moderate: kernel security update 2026-03-17T00:00:00Z 2026-03-20T07:32:09Z
ID Description Published Updated
hsec-2023-0003 code injection in xmonad-contrib 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0002 Improper Verification of Cryptographic Signature 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0001 Hash flooding vulnerability in aeson 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
ID Description Published Updated
osv-2026-215 UNKNOWN READ in getTypeCacheHashTableBucket 2026-02-10T00:07:25.477890Z 2026-02-10T00:07:25.478286Z
osv-2026-212 UNKNOWN READ in gpsd_poll 2026-02-09T00:15:09.775765Z 2026-02-09T00:15:09.776491Z
osv-2026-209 Use-of-uninitialized-value in ntrip_parse_url 2026-02-08T00:06:08.137216Z 2026-02-08T00:06:08.137699Z
osv-2026-205 UNKNOWN READ in gpsd_poll 2026-02-07T00:03:03.099317Z 2026-02-07T00:03:03.099778Z
osv-2026-204 Segv on unknown address in icalarray_append 2026-02-06T00:20:37.969087Z 2026-02-06T00:20:37.969390Z
osv-2026-200 Global-buffer-overflow in nameMatch 2026-02-06T00:15:58.927791Z 2026-02-06T00:15:58.928058Z
osv-2026-196 Null-dereference READ in ubsan_GetStackTrace 2026-02-06T00:06:05.778394Z 2026-02-06T00:06:05.778867Z
osv-2026-195 Use-of-uninitialized-value in vcardstructured_free 2026-02-05T00:15:22.587525Z 2026-02-05T00:15:22.587818Z
osv-2026-189 Global-buffer-overflow in gpsd_poll 2026-02-04T00:05:14.950372Z 2026-02-04T00:05:14.950857Z
osv-2026-182 Use-of-uninitialized-value in json_internal_read_object 2026-02-03T00:11:05.023029Z 2026-02-03T00:11:05.023344Z
osv-2026-177 Security exception in org.apache.poi.util.IOUtils.safelyAllocate 2026-02-02T00:20:01.368972Z 2026-02-02T00:20:01.369362Z
osv-2026-169 Null-dereference READ in execute_post_instantiate_functions 2026-02-01T00:01:05.927662Z 2026-02-01T00:01:05.927997Z
osv-2026-167 Use-of-uninitialized-value in aivdm_analyze 2026-01-31T00:10:49.750917Z 2026-01-31T00:10:49.751204Z
osv-2026-166 Use-of-uninitialized-value in ntrip_parse_url 2026-01-31T00:10:39.163525Z 2026-01-31T00:10:39.163931Z
osv-2026-156 Segv on unknown address in aivdm_analyze 2026-01-28T00:06:24.327227Z 2026-01-28T00:06:24.327712Z
osv-2026-150 Null-dereference READ in wasm_runtime_invoke_native 2026-01-27T00:02:06.850780Z 2026-01-27T00:02:06.851098Z
osv-2026-144 Use-of-uninitialized-value in initFilter 2026-01-26T00:05:57.473672Z 2026-01-26T00:05:57.473958Z
osv-2026-141 Segv on unknown address in yuv2rgb4_X_c 2026-01-26T00:03:47.552290Z 2026-01-26T00:03:47.552807Z
osv-2026-136 Memcpy-param-overlap in grk::memStreamRead 2026-01-25T00:10:48.352834Z 2026-01-25T00:10:48.353140Z
osv-2026-122 Use-of-uninitialized-value in rtcm2_unpack 2026-01-24T00:18:15.169881Z 2026-01-24T00:18:15.170285Z
osv-2026-121 Use-of-uninitialized-value in trySubset 2026-01-24T00:15:22.824642Z 2026-01-24T14:24:01.498986Z
osv-2026-119 Segv on unknown address in gpsd_poll 2026-01-23T00:09:08.434854Z 2026-01-23T00:09:08.435286Z
osv-2026-112 Use-of-uninitialized-value in PrintSERPacket 2026-01-23T00:01:50.403598Z 2026-01-23T00:01:50.404362Z
osv-2026-105 Use-of-uninitialized-value in pcpp::SSLServerHelloMessage::ServerHelloTLSFingerprint::toString 2026-01-22T00:08:03.696405Z 2026-01-22T00:08:03.696709Z
osv-2026-98 Heap-buffer-overflow in hostname_issubdomain 2026-01-21T00:16:59.551255Z 2026-01-21T00:16:59.551548Z
osv-2026-97 Heap-buffer-overflow in vpx_wb_write_literal 2026-01-21T00:09:09.897624Z 2026-01-28T14:23:52.198239Z
osv-2026-91 Use-after-poison in compress.cc 2026-01-20T00:09:07.159786Z 2026-01-20T00:09:07.160128Z
osv-2026-87 Security exception in org.apache.poi.util.IOUtils.safelyAllocate 2026-01-18T00:18:36.932063Z 2026-01-20T14:24:38.539978Z
osv-2026-86 Security exception in java.base/java.util.Arrays.copyOfRange 2026-01-18T00:18:18.214799Z 2026-01-18T00:18:18.215108Z
osv-2025-1061 Security exception in org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup.<ini 2026-01-18T00:03:40.245475Z 2026-01-21T14:26:21.135983Z
ID Description Published Updated
rustsec-2026-0053 `tokio-tls` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0052 `tokio-sync` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0051 `tokio-threadpool` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0050 `tokio-uds` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0067 `unpack_in` can chmod arbitrary directories by following symlinks 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0048 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0044 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0042 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0066 Insufficient validation of PAX extensions during extraction 2026-03-17T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0041 Decompressing invalid data can leak information from uninitialized memory or reused output buffer 2026-03-17T12:00:00Z 2026-03-17T16:08:45Z
rustsec-2026-0040 `tracing-ethers` was removed from crates.io due to malicious code 2026-03-14T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0039 `chrono_anchor` was removed from crates.io due to malicious code 2026-03-10T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0037 Denial of service in Quinn endpoints 2026-03-09T12:00:00Z 2026-03-14T07:21:57Z
rustsec-2026-0038 RustSec Advisory 2026-03-08T12:00:00Z 2026-03-11T06:21:51Z
rustsec-2026-0077 Incorrect Check of Signer Response Norm During Verification 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0076 Panic in Signature Hint Decoding During Verification 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0075 All-Zero Key Generation on Catastrophic RNG Failure 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0074 Incorrect Output of Incremental Portable SHAKE API 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0073 Panic in Standalone MAC Operations 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0036 `time-sync` was removed from crates.io due to malicious code 2026-03-04T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0035 Cache poisoning via insecure-by-default cache key 2026-03-04T12:00:00Z 2026-03-09T20:53:55Z
rustsec-2026-0034 HTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding Misparsing 2026-03-04T12:00:00Z 2026-03-09T20:53:55Z
rustsec-2026-0033 HTTP Request Smuggling via Premature Upgrade 2026-03-04T12:00:00Z 2026-03-09T20:53:55Z
rustsec-2026-0032 `dnp3times` was removed from crates.io due to malicious code 2026-03-04T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0031 `time_calibrators` was removed from crates.io due to malicious code 2026-03-03T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0030 `time_calibrator` was removed from crates.io due to malicious code 2026-03-03T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0047 PKCS7_verify Signature Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0046 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
ID Description Published Updated
bit-discourse-2026-32113 Discourse: Open redirect via `sso_destination_url` cookie in `enter` 2026-04-07T08:43:40.581Z 2026-04-07T09:14:25.218Z
bit-parse-2026-34784 Parse Server: Streaming file download bypasses afterFind file trigger authorization 2026-04-06T14:49:38.726Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34595 Parse Server: LiveQuery protected-field guard bypass via array-like logical operator value 2026-04-06T14:49:36.710Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34574 Parse Server: Session field immutability bypass via falsy-value guard 2026-04-06T14:49:34.810Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34573 Parse Server: GraphQL complexity validator exponential fragment traversal DoS 2026-04-06T14:49:33.069Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34532 Parse Server: Cloud function validator bypass via prototype chain traversal 2026-04-06T14:49:31.298Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34373 Parse Server: GraphQL API endpoint ignores CORS origin restriction 2026-04-06T14:49:29.676Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34363 Parse Server: LiveQuery protected field leak via shared mutable state across concurrent subscribers 2026-04-06T14:49:27.983Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34224 Parse Server: MFA single-use token bypass via concurrent authData login requests 2026-04-06T14:49:26.245Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34215 Parse Server: Auth data exposed via verify password endpoint 2026-04-06T14:49:24.609Z 2026-04-06T15:13:09.641Z
bit-minio-2026-34204 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers 2026-04-06T09:26:13.602Z 2026-04-06T11:34:08.453Z
bit-node-2026-21717 2026-04-06T07:58:47.295Z 2026-04-06T08:26:41.107Z
bit-node-2026-21716 2026-04-06T07:58:44.008Z 2026-04-06T08:26:41.107Z
bit-node-2026-21715 2026-04-06T07:58:41.424Z 2026-04-06T08:26:41.107Z
bit-node-2026-21714 2026-04-06T07:58:38.953Z 2026-04-06T08:26:41.107Z
bit-node-2026-21713 2026-04-06T07:58:36.353Z 2026-04-06T08:26:41.107Z
bit-node-2026-21712 2026-04-06T07:58:33.472Z 2026-04-06T08:26:41.107Z
bit-node-2026-21711 2026-04-06T07:58:30.648Z 2026-04-06T08:26:41.107Z
bit-node-2026-21710 2026-04-06T07:58:28.068Z 2026-04-06T08:26:41.107Z
bit-mongodb-2026-5170 Users could trigger a crash of mongod primaries during promotion to sharded 2026-04-06T07:54:20.562Z 2026-04-06T08:26:41.107Z
bit-mongodb-2026-4358 Memory safety issues in slot-based execution hash table spill 2026-04-06T07:54:17.803Z 2026-04-06T08:26:41.107Z
bit-grafana-2026-21724 Missing Protected-field Authorization in Provisioning Contact Points API 2026-04-06T07:50:18.770Z 2026-04-06T08:26:41.107Z
bit-kyverno-2026-4789 CVE-2026-4789 2026-04-06T07:49:20.364Z 2026-04-06T08:26:41.107Z
bit-dotnet-2026-26131 .NET Elevation of Privilege Vulnerability 2026-04-06T07:48:26.731Z 2026-04-06T08:26:41.107Z
bit-dotnet-2026-26127 .NET Denial of Service Vulnerability 2026-04-06T07:48:23.759Z 2026-04-06T08:26:41.107Z
bit-cilium-2026-33726 Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic 2026-04-06T07:45:24.262Z 2026-04-06T08:26:41.107Z
bit-grafana-2026-33375 Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS 2026-04-01T08:41:17.463Z 2026-04-08T09:14:18.943Z
bit-grafana-2026-28375 Grafana Testdata datasource can issue unbounded memory allocations 2026-04-01T08:41:15.363Z 2026-04-08T09:14:18.943Z
bit-grafana-2026-27880 OpenFeature evaluation API reads input data with no bounds 2026-04-01T08:41:13.459Z 2026-04-08T09:14:18.943Z
bit-grafana-2026-27879 Query resampling can cause unbounded memory allocations 2026-04-01T08:41:11.477Z 2026-04-08T09:14:18.943Z
ID Description Published Updated
cleanstart-2026-fe32006 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-07T00:41:34.518345Z 2026-04-06T06:37:58Z
cleanstart-2026-gg94489 go-retryablehttp prior to 0 2026-04-07T00:41:33.578433Z 2026-04-06T13:01:42Z
cleanstart-2026-aj47488 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 2026-04-07T00:40:03.631106Z 2026-04-06T13:01:42Z
cleanstart-2026-bk17545 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-07T00:38:33.362093Z 2026-04-06T13:01:42Z
cleanstart-2026-kf75900 In libexpat before 2 2026-04-06T06:20:25.150640Z 2026-04-06T04:56:02Z
cleanstart-2026-jl41223 In libexpat before 2 2026-04-06T06:19:55.229801Z 2026-04-06T04:56:02Z
cleanstart-2026-ob18608 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T06:19:25.639311Z 2026-04-06T04:56:02Z
cleanstart-2026-jg79570 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T06:19:24.747052Z 2026-04-06T04:56:02Z
cleanstart-2026-dz75075 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T06:19:24.775093Z 2026-04-06T04:56:02Z
cleanstart-2026-mu54962 Security fixes for ghsa-527x-5wrf-22m2, ghsa-g754-hx8w-x2g6, ghsa-jgfp-53c3-624w, ghsa-px8v-pp82-rcvr, ghsa-vv39-3w5q-974q applied in versions: 1.25.0-r0, 1.26.7-r0 2026-04-06T02:54:48.662994Z 2026-04-01T11:32:34Z
cleanstart-2026-hj96712 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 2026-04-06T02:53:02.079256Z 2026-04-01T11:32:34Z
cleanstart-2026-po55014 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:53:00.589014Z 2026-04-01T11:32:34Z
cleanstart-2026-bl95928 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:52:47.736498Z 2026-04-01T11:32:34Z
cleanstart-2026-kc06018 Security fixes for CVE-2017-12158, CVE-2017-12159, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-4cx2-fc23-5wg6, ghsa-5rfx-cp42-p624, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-9342-92gg-6v29, ghsa-cbdj-484d-3x9q, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.1.4-r1, 26.5.0-r0, 26.5.0-r1, 26.5.0-r2, 26.5.6-r3 2026-04-06T02:52:37.677608Z 2026-04-01T11:37:49Z
cleanstart-2026-nb78893 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-64715, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33726 applied in versions: 0.13.3-r0, 0.13.3-r1 2026-04-06T02:52:24.792809Z 2026-04-01T13:08:16Z
cleanstart-2026-mq18886 Security fixes for CVE-2026-22735, CVE-2026-22737 applied in versions: 6.2.3-r0 2026-04-06T02:52:03.544300Z 2026-04-01T11:39:45Z
cleanstart-2026-ip72442 Security fixes for CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1 2026-04-06T02:52:00.185166Z 2026-04-01T14:41:16Z
cleanstart-2026-ly39171 Security fixes for CVE-2026-33186 applied in versions: 3.1.4-r0 2026-04-06T02:51:58.911697Z 2026-04-01T11:39:45Z
cleanstart-2026-ag21538 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:50:01.578746Z 2026-04-02T04:45:04Z
cleanstart-2026-an95970 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T02:49:57.502118Z 2026-04-02T04:45:04Z
cleanstart-2026-ny32236 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:49:48.749661Z 2026-04-02T04:45:04Z
cleanstart-2026-io43826 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:49:47.698715Z 2026-04-02T04:45:04Z
cleanstart-2026-gn22652 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 2026-04-06T02:48:55.605608Z 2026-04-03T06:50:37Z
cleanstart-2026-lc01167 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2 2026-04-06T02:48:42.431061Z 2026-04-03T06:52:41Z
cleanstart-2026-hl08143 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:48:38.996528Z 2026-04-03T06:50:37Z
cleanstart-2026-dm25112 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:48:32.316783Z 2026-04-03T06:50:37Z
cleanstart-2026-gm09342 Security fixes for CVE-2025-68121, CVE-2026-26958, ghsa-fw7p-63qq-7hpr, ghsa-mqqf-5wvp-8fh8 applied in versions: 0.29.0-r0, 0.29.0-r1 2026-04-06T02:48:25.848581Z 2026-04-03T06:51:44Z
cleanstart-2026-dm62512 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.35.0-r0 2026-04-06T02:48:21.440386Z 2026-04-03T06:57:54Z
cleanstart-2026-lr09759 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T02:46:06.138686Z 2026-04-03T07:10:19Z
cleanstart-2026-li54613 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:45:58.881296Z 2026-04-03T07:10:19Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2024-ale-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
CERTFR-2024-ALE-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
certfr-2025-ale-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
CERTFR-2025-ALE-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
certfr-2024-ale-015 [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks 2024-11-15T00:00:00.000000 2024-11-18T00:00:00.000000
CERTFR-2024-ALE-015 [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks 2024-11-15T00:00:00.000000 2024-11-18T00:00:00.000000
certfr-2024-ale-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
CERTFR-2024-ALE-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
certfr-2024-ale-012 [MàJ] Vulnérabilités affectant OpenPrinting CUPS 2024-09-27T00:00:00.000000 2024-11-21T00:00:00.000000
CERTFR-2024-ALE-012 [MàJ] Vulnérabilités affectant OpenPrinting CUPS 2024-09-27T00:00:00.000000 2024-11-21T00:00:00.000000
certfr-2024-ale-011 Vulnérabilité dans SonicWall 2024-09-10T00:00:00.000000 2024-11-21T00:00:00.000000
CERTFR-2024-ALE-011 Vulnérabilité dans SonicWall 2024-09-10T00:00:00.000000 2024-11-21T00:00:00.000000
certfr-2024-ale-010 Multiples vulnérabilités dans Roundcube 2024-08-09T00:00:00.000000 2024-10-07T00:00:00.000000
CERTFR-2024-ALE-010 Multiples vulnérabilités dans Roundcube 2024-08-09T00:00:00.000000 2024-10-07T00:00:00.000000
certfr-2024-ale-009 Vulnérabilité dans OpenSSH 2024-07-01T00:00:00.000000 2024-07-03T00:00:00.000000
CERTFR-2024-ALE-009 Vulnérabilité dans OpenSSH 2024-07-01T00:00:00.000000 2024-07-03T00:00:00.000000
certfr-2024-ale-008 [MàJ] Vulnérabilité dans les produits Check Point 2024-05-30T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-008 [MàJ] Vulnérabilité dans les produits Check Point 2024-05-30T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-007 Multiples vulnérabilités dans les produits Cisco 2024-04-25T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-007 Multiples vulnérabilités dans les produits Cisco 2024-04-25T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-006 [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect 2024-04-12T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-006 [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect 2024-04-12T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-005 [MàJ] Vulnérabilité dans Microsoft Outlook 2024-02-15T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-005 [MàJ] Vulnérabilité dans Microsoft Outlook 2024-02-15T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-004 [MàJ] Vulnérabilité dans Fortinet FortiOS 2024-02-09T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-004 [MàJ] Vulnérabilité dans Fortinet FortiOS 2024-02-09T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-003 [MàJ] Incident affectant les solutions AnyDesk 2024-02-05T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-003 [MàJ] Incident affectant les solutions AnyDesk 2024-02-05T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-002 [MàJ] Multiples Vulnérabilités dans GitLab 2024-01-12T00:00:00.000000 2024-02-22T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0394 Multiples vulnérabilités dans VMware Tanzu 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0393 Vulnérabilité dans Synology Mail Station 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0392 Multiples vulnérabilités dans Microsoft Edge 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0391 Multiples vulnérabilités dans OpenSSH 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0390 Multiples vulnérabilités dans Belden NetModule Router Software 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0389 Vulnérabilité dans Microsoft Azure Linux 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0388 Multiples vulnérabilités dans les produits Cisco 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0387 Multiples vulnérabilités dans les produits Netgate 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0386 Multiples vulnérabilités dans les produits Microsoft 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0385 Multiples vulnérabilités dans Google Chrome 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0384 Multiples vulnérabilités dans Joomla! 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0383 Multiples vulnérabilités dans Sonicwall Email Security 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0382 Multiples vulnérabilités dans les produits FoxIT 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0381 Multiples vulnérabilités dans les produits Microsoft 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0380 Multiples vulnérabilités dans Microsoft Edge 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0379 Vulnérabilité dans Elastic OpenTelemetry Java 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0378 Vulnérabilité dans Symantec Data Loss Prevention (DLP) 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0377 Multiples vulnérabilités dans Papercut 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0376 Multiples vulnérabilités dans les produits Microsoft 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0375 Multiples vulnérabilités dans Microsoft Edge 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0374 Vulnérabilité dans Docker Desktop 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0373 Vulnérabilité dans Roundcube 2026-03-30T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0372 Multiples vulnérabilités dans les produits IBM 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0371 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0370 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0369 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0368 Vulnérabilité dans les produits Microsoft 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0367 Multiples vulnérabilités dans Zabbix 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0366 Multiples vulnérabilités dans Traefik 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0365 Multiples vulnérabilités dans Spring AI 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
ID Description Published Updated
jvndb-2026-000036 Improper file access permission settings in multiple Digital Arts products 2026-03-09T14:57+09:00 2026-03-09T16:23+09:00
jvndb-2026-000035 Installer for Qsee Client may insecurely load Dynamic Link Libraries 2026-03-09T14:57+09:00 2026-03-09T14:57+09:00
jvndb-2026-006102 Security issues in ESC/POS 2026-03-06T10:31+09:00 2026-03-06T10:31+09:00
jvndb-2026-000034 django-allauth vulnerable to open redirect 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000033 EC-CUBE vulnerable to multi-factor authentication bypass 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000032 Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) 2026-03-04T12:20+09:00 2026-03-04T12:20+09:00
jvndb-2026-005746 Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005744 Canon IJ Scan Utility registers Windows services with unquoted file paths 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005259 Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) 2026-03-02T11:46+09:00 2026-03-02T11:46+09:00
jvndb-2026-000031 Improper file access permission settings in the installers for multiple Soliton Systems products 2026-02-27T15:41+09:00 2026-02-27T15:41+09:00
jvndb-2026-000030 IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization 2026-02-27T15:41+09:00 2026-03-03T10:06+09:00
jvndb-2026-000029 Multiple vulnerabilities in the installer of FinalCode Client 2026-02-26T14:24+09:00 2026-02-26T14:24+09:00
jvndb-2026-004811 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-004810 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-000026 Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal 2026-02-25T15:14+09:00 2026-02-25T15:14+09:00
jvndb-2026-004359 Security information for Hitachi Disk Array Systems 2026-02-20T18:35+09:00 2026-02-20T18:35+09:00
jvndb-2026-000027 WordPress Plugin "Survey Maker" vulnerable to cross-site scripting 2026-02-20T12:32+09:00 2026-02-20T12:32+09:00
jvndb-2026-000028 Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries 2026-02-20T12:31+09:00 2026-02-20T12:31+09:00
jvndb-2026-003912 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003911 Vulnerability in Cosminexus HTTP Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003910 Multiple Vulnerabilities in Cosminexus HTTP Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003909 Multiple Vulnerabilities in Hitachi Command Suite products 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003908 Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003907 Multiple Vulnerabilities in JP1 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003906 Multiple Vulnerabilities in Cosminexus 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003905 Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-000025 Joomla! CMS vulnerable to cross-site scripting 2026-02-17T12:46+09:00 2026-02-17T12:46+09:00
jvndb-2026-000023 FileZen vulnerable to OS command injection 2026-02-13T16:51+09:00 2026-02-13T17:08+09:00
jvndb-2026-000024 Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries 2026-02-12T13:32+09:00 2026-02-12T13:32+09:00
jvndb-2026-000022 Oki Electric Industry products and OEM products register Windows services with unquoted file paths 2026-02-09T15:21+09:00 2026-02-09T15:21+09:00
ID Description Published Updated
cnvd-2026-15835 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15835) 2026-03-31 2026-04-01
cnvd-2026-15834 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15834) 2026-03-31 2026-04-01
cnvd-2026-15833 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15833) 2026-03-31 2026-04-01
cnvd-2026-15832 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15832) 2026-03-31 2026-04-01
cnvd-2026-15831 HCL Aftermarket DPC会话固定漏洞 2026-03-31 2026-04-01
cnvd-2026-15830 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15830) 2026-03-31 2026-04-01
cnvd-2026-15829 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15829) 2026-03-31 2026-04-01
cnvd-2026-15828 HCL Aftermarket DPC存在未明漏洞(CNVD-2026-15828) 2026-03-31 2026-04-01
cnvd-2026-15827 HCL Aftermarket DPC存在未明漏洞 2026-03-31 2026-04-01
cnvd-2026-15826 HCL Aftermarket DPC跨源资源共享漏洞 2026-03-31 2026-04-01
cnvd-2026-15825 HCL Aftermarket DPC SQL注入漏洞 2026-03-31 2026-04-01
cnvd-2026-16066 WordPress插件King Addons for Elementor信息泄露漏洞 2026-03-26 2026-04-03
cnvd-2026-16065 WordPress插件Download Manager信息泄露漏洞 2026-03-26 2026-04-03
cnvd-2026-16063 GNU BinUtils缓冲区溢出漏洞(CNVD-2026-16063) 2026-03-26 2026-04-03
cnvd-2026-16057 OpenClaw路径遍历漏洞(CNVD-2026-16057) 2026-03-26 2026-04-03
cnvd-2026-16056 OpenClaw安全绕过漏洞(CNVD-2026-16056) 2026-03-26 2026-04-03
cnvd-2026-16055 OpenClaw安全绕过漏洞(CNVD-2026-16055) 2026-03-26 2026-04-03
cnvd-2026-16054 OpenClaw命令执行漏洞(CNVD-2026-16054) 2026-03-26 2026-04-03
cnvd-2026-16053 OpenClaw拒绝服务漏洞(CNVD-2026-16053) 2026-03-26 2026-04-03
cnvd-2026-16052 OpenClaw访问控制错误漏洞(CNVD-2026-16052) 2026-03-26 2026-04-03
cnvd-2026-16051 OpenClaw安全绕过漏洞(CNVD-2026-16051) 2026-03-26 2026-04-03
cnvd-2026-16050 OpenClaw操作系统命令注入漏洞(CNVD-2026-16050) 2026-03-26 2026-04-03
cnvd-2026-16049 OpenClaw存在未明漏洞(CNVD-2026-16049) 2026-03-26 2026-04-03
cnvd-2026-16048 OpenClaw存在未明漏洞(CNVD-2026-16048) 2026-03-26 2026-04-03
cnvd-2026-16047 OpenClaw代码执行漏洞(CNVD-2026-16047) 2026-03-26 2026-04-03
cnvd-2026-16046 OpenClaw命令执行漏洞(CNVD-2026-16046) 2026-03-26 2026-04-03
cnvd-2026-16045 OpenClaw安全绕过漏洞(CNVD-2026-16045) 2026-03-26 2026-04-03
cnvd-2026-16044 OpenClaw操作系统命令注入漏洞(CNVD-2026-16044) 2026-03-26 2026-04-03
cnvd-2026-16043 OpenClaw操作系统命令注入漏洞(CNVD-2026-16043) 2026-03-26 2026-04-03
cnvd-2026-16042 OpenClaw路径遍历漏洞(CNVD-2026-16042) 2026-03-26 2026-04-03
ID Description Published Updated
bdu:2026-01814 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… 16.02.2026 16.02.2026
bdu:2026-01813 Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … 16.02.2026 16.02.2026
bdu:2026-01812 Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… 16.02.2026 16.02.2026
bdu:2026-01811 Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… 16.02.2026 16.02.2026
bdu:2026-01810 Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… 16.02.2026 16.02.2026
bdu:2026-01809 Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … 16.02.2026 16.02.2026
bdu:2026-01808 Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … 16.02.2026 16.02.2026
bdu:2026-01807 Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… 16.02.2026 16.02.2026
bdu:2026-01806 Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… 16.02.2026 16.02.2026
bdu:2026-01805 Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… 16.02.2026 16.02.2026
bdu:2026-01804 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01803 Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … 16.02.2026 16.02.2026
bdu:2026-01802 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01801 Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… 16.02.2026 16.02.2026
bdu:2026-01800 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01799 Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… 16.02.2026 16.02.2026
bdu:2026-01798 Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… 16.02.2026 16.02.2026
bdu:2026-01797 Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… 16.02.2026 16.02.2026
bdu:2026-01796 Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01795 Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… 16.02.2026 16.02.2026
bdu:2026-01794 Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… 16.02.2026 16.02.2026
bdu:2026-01792 Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… 13.02.2026 16.02.2026
bdu:2026-01791 Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанна… 13.02.2026 13.02.2026
bdu:2026-01790 Уязвимость Защитника Microsoft (Microsoft Defender for Endpoint) операционных систем Linu… 13.02.2026 13.02.2026
bdu:2026-01789 Уязвимость редактора исходного кода Microsoft Visual Studio Code, связанная с ошибками си… 13.02.2026 13.02.2026
bdu:2026-01788 Уязвимость сервиса Azure AI Language Authoring, связанная с недостатками механизма десери… 13.02.2026 13.02.2026
bdu:2026-01787 Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанна… 13.02.2026 13.02.2026
bdu:2026-01786 Уязвимость компонента Windows Installer приложения Windows App, позволяющая нарушителю по… 13.02.2026 13.02.2026
bdu:2026-01785 Уязвимость редактора исходного кода Microsoft Visual Studio Code, связанная с непринятием… 13.02.2026 13.02.2026
bdu:2026-01784 Уязвимость средства разработки программного обеспечения Azure DevOps Server, связанная с … 13.02.2026 13.02.2026
ID Description Updated
var-202001-0832 A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… 2024-07-23T22:37:43.319000Z
var-201208-0222 Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… 2024-07-23T22:37:43.393000Z
var-202108-1148 An access issue was addressed with improved access restrictions. This issue is fixed in m… 2024-07-23T22:36:01.656000Z
var-200202-0006 Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… 2024-07-23T22:34:48.127000Z
var-202007-0395 Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities … 2024-07-23T22:33:57.481000Z
var-201805-1147 WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… 2024-07-23T22:32:10.966000Z
var-201902-0647 LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening … 2024-07-23T22:32:09.990000Z
var-201908-0863 Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… 2024-07-23T22:30:33.144000Z
var-201912-0120 A memory corruption issue was addressed with improved validation. This issue is fixed in … 2024-07-23T22:30:32.761000Z
var-201912-0114 A memory corruption issue was addressed with improved validation. This issue is fixed in … 2024-07-23T22:30:32.792000Z
var-202305-1589 D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulne… 2024-07-23T22:30:26.856000Z
var-202407-0235 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… 2024-07-23T22:30:24.825000Z
var-202407-0234 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … 2024-07-23T22:30:24.699000Z
var-202407-0233 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … 2024-07-23T22:30:24.731000Z
var-202407-0232 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… 2024-07-23T22:30:24.657000Z
var-201112-0097 Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… 2024-07-23T22:29:05.132000Z
var-201801-0152 An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri… 2024-07-23T22:28:30.754000Z
var-201801-0151 A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior … 2024-07-23T22:28:30.640000Z
var-201807-0341 ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… 2024-07-23T22:28:27.949000Z
var-201806-1058 Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… 2024-07-23T22:28:27.641000Z
var-201906-1029 In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… 2024-07-23T22:28:26.009000Z
var-202004-0077 There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc… 2024-07-23T22:28:24.545000Z
var-202206-2050 The affected product is vulnerable to multiple SQL injections, which may allow an unautho… 2024-07-23T22:27:49.515000Z
var-202305-1981 D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution V… 2024-07-23T22:27:44.287000Z
var-202305-0214 D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerabilit… 2024-07-23T22:27:44.496000Z
var-202305-0130 D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vul… 2024-07-23T22:27:44.522000Z
var-202407-0441 A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC R… 2024-07-23T22:27:41.577000Z
var-201105-0156 Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 30… 2024-07-23T22:25:52.955000Z
var-201402-0028 The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… 2024-07-23T22:25:48.624000Z
var-201402-0027 The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… 2024-07-23T22:25:48.742000Z
ID Description Published Updated
ID Description Published Updated
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-062 Phoenix Contact: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products 2023-11-21T08:15:00.000Z 2023-11-21T08:15:00.000Z
vde-2023-030 Phoenix Contact: Multiple products affected by WIBU Codemeter Vulnerability (Update A) 2023-09-19T06:50:00.000Z 2023-11-13T11:00:00.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-010 PHOENIX CONTACT: FL MGUARD affected by two vulnerabilities 2023-06-13T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-004 Phoenix Contact: Directory Traversal Vulnerability in ENERGY AXC PU Web service 2023-04-11T08:00:00.000Z 2023-04-11T08:00:00.000Z
vde-2023-003 PHOENIX CONTACT: Multiple vulnerabilities in ENERGY AXC PU 2023-03-14T09:14:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-053 PHOENIX CONTACT: Advisory for TC ROUTER and CLOUD CLIENT 2023-03-07T07:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2022-058 PHOENIX CONTACT: Profinet SDK libexpat vulnerabilities 2022-12-13T07:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-051 PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family 2022-11-15T09:27:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-048 PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities 2022-11-15T09:25:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-046 PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware 2022-11-10T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-028 PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool 2022-06-21T05:18:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-026 PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool 2022-06-21T05:16:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-025 PHOENIX CONTACT: Vulnerability in classic line industrial controllers 2022-06-21T05:15:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-018 PHOENIX CONTACT: Multiple vulnerabilities in RAD-ISM-900-EN-BD devices 2022-05-11T14:20:00.000Z 2022-05-11T14:20:00.000Z
vde-2022-014 PHOENIX CONTACT: mGuard Device Manager affected by HTTP Request Smuggling of Apache Webserver 2022-04-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-013 PHOENIX CONTACT: Multiple products affected by possible infinite loop within OpenSSL library 2022-04-12T06:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-010 PHOENIX CONTACT: Multiple Linux component vulnerabilities fixed in latest AXC F x152 LTS release 2022-04-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-005 PHOENIX CONTACT: Vulnerabilities in XML parser library Expat (libexpat) 2022-03-30T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-007 PHOENIX CONTACT: Path Traversal in Library of PLCnext Technology Toolchain and FL Network Manager 2022-03-22T07:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-001 PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment 2022-01-25T08:05:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-059 PHOENIX CONTACT: BLUEMARK X1 / LED / CLED printers utilizing the Siemens Nucleus RTOS TCP/IP Stack 2022-01-11T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-056 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 and WebVisualisation 2021-11-16T14:11:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-046 PHOENIX CONTACT: XSS and memory-leak in FL MGUARD 1102/1105 2021-11-10T07:23:00.000Z 2021-11-10T07:23:00.000Z
vde-2021-052 PHOENIX CONTACT: PC Worx/-Express prone to improper input validation vulnerability 2021-11-03T09:45:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
vde-2018-008 Pepperl+Fuchs: Remote Code Execution Vulnerability in HMI Devices 2018-07-06T13:37:00.000Z 2018-07-06T13:37:00.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2017-005 Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption 2017-12-11T13:26:00.000Z 2018-10-23T10:00:00.000Z
ID Description Published Updated
ID Description Published Updated
vde-2023-015 WAGO: Improper privilege management in web-based management 2023-11-20T07:00:00.000Z 2023-11-20T07:00:00.000Z
vde-2023-046 WAGO: Multiple products vulnerable to local file inclusion 2023-10-23T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2023-042 Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B) 2023-09-25T10:00:00.000Z 2024-11-20T11:00:00.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-014 WAGO: Bluetooth LE vulnerability in WLAN-ETHERNET-Gateway 2023-07-31T07:00:00.000Z 2023-07-31T07:00:00.000Z
vde-2023-006 WAGO: Controller with CODESYS 2.3 Runtime Denial-of-Service 2023-06-25T06:00:00.000Z 2024-07-08T10:00:00.000Z
vde-2023-005 WAGO: Series 750-3x/-8x prone to MODBUS server DoS 2023-06-25T06:00:00.000Z 2023-06-25T06:00:00.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-060 WAGO: Multiple vulnerabilities in web-based management of multiple products 2023-02-27T11:00:00.000Z 2023-02-27T11:00:00.000Z
vde-2022-055 WAGO: Exposure of configuration interface in unmanaged switches 2023-02-16T13:43:00.000Z 2023-02-16T13:43:00.000Z
vde-2022-054 WAGO: Unauthenticated Configuration Export in web-based management in multiple devices 2023-01-12T07:52:00.000Z 2023-01-12T07:52:00.000Z
vde-2022-042 WAGO: Multiple products - Loss of MAC-Address-Filtering after reboot 2022-10-17T08:00:00.000Z 2022-10-17T08:00:00.000Z
vde-2022-040 WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime 2022-10-17T08:00:00.000Z 2023-09-22T12:39:00.000Z
vde-2022-047 WAGO: FTP-Server - Denial-of-Service 2022-10-12T08:00:00.000Z 2022-10-12T08:00:00.000Z
vde-2022-035 WAGO: Multiple product series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-031 WAGO: Multiple Products Series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-004 WAGO: Web-Based Management Cross-Site Scripting 2022-03-09T07:00:00.000Z 2022-03-09T07:00:00.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-050 WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack. 2021-11-16T11:02:00.000Z 2021-11-16T11:02:00.000Z
vde-2021-043 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2021-08-31T07:02:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-044 WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX 2021-08-31T07:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-038 WAGO: OpenSSL DoS Vulnerability in PLCs 2021-08-31T07:00:00.000Z 2025-05-14T12:53:43.000Z
vde-2020-036 WAGO: Multiple Vulnerabilities in I/O-Check Service 2021-06-29T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-013 WAGO: Multiple Vulnerabilities in the Web-Based Management Interface 2021-05-05T08:54:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-048 M&M Software (WAGO): Deserialisation of untrusted data in fdtContainer 2021-01-14T14:57:00.000Z 2021-01-14T14:57:00.000Z
vde-2020-045 WAGO: Command Injection Vulnerability in I/O-Check Service of multiple products 2020-12-17T09:02:00.000Z 2025-05-14T12:53:43.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
GCVE-1-2025-0026
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-26T16:35:00.000Z 2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-26T16:27:00.000Z 2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024
9.4 (4.0)
cross-site scripting (XSS) vulnerability in the MISP s… misp
 misp
 2025-11-26T16:14:00.000Z 2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023
9.4 (4.0)
XSS in MISP server comparison tool misp
 misp
 2025-11-26T16:10:00.000Z 2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022
9.4 (4.0)
Clarified setting's impact on download_attachments_on_load misp
 misp
 2025-11-26T16:04:00.000Z 2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021
9.4 (4.0)
XSS in MISP ReST client in HTML view misp
 misp
 2025-11-26T15:55:00.000Z 2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020
9.4 (4.0)
cross-site scripting (XSS) in Galaxy element JSON view misp
 misp
 2025-11-26T15:49:00.000Z 2025-12-02T08:47:41.151429Z
GCVE-1-2025-0019
4 (4.0)
Path traversal vulnerability in EventReport for site-admin misp
 misp
 2025-11-26T14:47:00.000Z 2025-11-28T07:27:42.721350Z
GCVE-1-2025-0018
9.4 (4.0)
HTML injection issue was identified in Lookyloo’s web … lookyloo
 lookyloo
 2025-11-18T15:33:00.000Z 2025-11-18T20:39:45.579295Z
GCVE-1-2025-0017
9.4 (4.0)
Privilege escalation in Cerebrate allows an authentica… cerebrate
 cerebrate
 2025-11-12T08:15:00.000Z 2025-11-28T07:22:08.205835Z
GCVE-1-2025-0016
6 (4.0)
Local file inclusion in [ImportFromUrl() URL hand… misp
 misp
 2025-11-04T09:20:00.000Z 2025-11-04T09:56:38.383646Z
GCVE-1-2025-0015
9 (4.0)
Potential XSS in decaying simulation tool misp
 misp
 2025-11-04T09:06:00.000Z 2025-11-04T09:06:59.216121Z
GCVE-1-2025-0014
9.4 (4.0)
XSS in event report via Mermaid diagram misp
 misp
 2025-11-04T08:58:00.024516Z 2025-11-04T08:58:00.024516Z
GCVE-1-2025-0013
9.4 (4.0)
Vulnerability in sharing group blueprints allowing sha… misp
 misp
 2025-11-04T08:49:21.558087Z 2025-11-04T08:49:21.558087Z
GCVE-1-2025-0012
N/A
Potential vulnerability in file check upload but non-e… misp
 misp
 2025-11-04T07:20:00.000Z 2025-11-28T07:16:21.589449Z
GCVE-1-2025-0011
9.4 (4.0)
Arbitrary file inclusion / deletion via import modules… misp
 misp
 2025-11-04T07:01:25.464225Z 2025-11-04T07:01:25.464225Z
GCVE-1-2025-0010
6.3 (4.0)
Arbitrary file hash inclusion via templates accessible… misp
 misp
 2025-11-04T06:25:11.108987Z 2025-11-04T06:25:11.108987Z
GCVE-1-2025-0009
6.4 (4.0)
A pre-auth user could self-assign a reporter without b… CIRCL
 vulnerability-lookup
 2025-10-13T09:20:24.800890Z 2025-10-13T09:20:24.800890Z
GCVE-1-2025-0008
7 (4.0)
Logged users can view vulnerability disclosure comment… CIRCL
 vulnerability-lookup
 2025-10-13T09:10:00.000Z 2025-10-13T09:15:31.637686Z
GCVE-1-2025-0007
4.5 (4.0)
Missing email validation on user management CIRCL
 vulnerability-lookup
 2025-10-13T08:37:00.000Z 2025-10-13T08:51:37.408861Z
GCVE-1-2025-0006
9.3 (4.0)
Potential XSS in admin CPE in organization model CIRCL
 vulnerability-lookup
 2025-10-13T08:29:00.000Z 2025-10-13T08:52:23.411325Z
GCVE-1-2025-0005
9.4 (4.0)
Reflected XSS due to insecure use of Markup CIRCL
 vulnerability-lookup
 2025-10-13T08:23:29.812914Z 2025-10-13T08:23:29.812914Z
GCVE-1-2025-0004
10 (4.0)
XSS in Comments, Bundles, and Sightings component of v… CIRCL
 vulnerability-lookup
 2025-09-25T14:10:00.000Z 2025-11-19T10:16:47.656802Z
GCVE-1-2025-0003
9.3 (4.0)
Incorrect ACL for user settings edit, which previ… cerebrate
 cerebrate
 2025-08-22T12:33:00.000Z 2025-08-23T07:55:10.950332Z
GCVE-1-2025-0002
8.9 (4.0)
Command Injection in Cl0p Exfiltration Python Script Cl0p ransomware
 exfiltration
 2025-07-01T08:19:00.000Z 2025-07-01T10:58:58.443468Z
GCVE-1-2025-0001
5.3 (4.0)
The absence of a password confirmation step when deact… CIRCL
 Vulnerability-Lookup
 2025-05-27T08:58:00.000Z 2025-05-30T14:27:56.273945Z
ID CVSS Description Vendor Product Published Updated