Recent vulnerabilities

ID	Description	Published	Updated
ghsa-6mgg-q6v6-jm65	The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnera…	2025-11-08T06:30:26Z	2025-11-08T06:30:26Z
ghsa-5vw4-6m45-994c	The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded C…	2025-11-08T06:30:26Z	2025-11-08T06:30:26Z
ghsa-4q76-wc8j-pm27	The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to …	2025-11-08T06:30:26Z	2025-11-08T06:30:26Z
ghsa-m598-vr3f-944r	The Asgaros Forum plugin for WordPress is vulnerable to SQL Injection via the '$_COOKIE['asgarosfor…	2025-11-08T03:31:18Z	2025-11-08T03:31:18Z
ghsa-c563-3pgf-9rc7	The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data d…	2025-11-08T03:31:18Z	2025-11-08T03:31:18Z
ghsa-qv29-2g6c-w6pf	Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local at…	2025-11-08T00:31:01Z	2025-11-08T00:31:02Z
ghsa-6494-xg3r-pv38	Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remot…	2025-11-08T00:31:02Z	2025-11-08T00:31:02Z
ghsa-cvvh-gp7g-9334	Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remot…	2025-11-08T00:31:01Z	2025-11-08T00:31:01Z
ghsa-885p-rxgp-x27q	Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allo…	2025-11-08T00:31:01Z	2025-11-08T00:31:01Z
ghsa-5p88-6546-29fh	Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built…	2025-11-08T00:31:01Z	2025-11-08T00:31:01Z
ghsa-4m4m-6fm5-244f	Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remot…	2025-11-08T00:31:01Z	2025-11-08T00:31:01Z
ghsa-3jxx-m7vj-jgc2	Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.…	2025-11-08T00:31:01Z	2025-11-08T00:31:01Z
ghsa-2327-x98x-57c5	Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowe…	2025-11-08T00:31:01Z	2025-11-08T00:31:01Z
ghsa-qc8j-wvjf-7jfj	A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when t…	2025-09-23T18:30:24Z	2025-11-08T00:31:00Z
ghsa-j892-g9v8-f728	Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a cod…	2025-11-08T00:31:00Z	2025-11-08T00:31:00Z
ghsa-frcm-hvx7-5p9q	Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 …	2025-11-08T00:31:00Z	2025-11-08T00:31:00Z
ghsa-6wcq-272p-hrjw	A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue e…	2025-11-08T00:31:00Z	2025-11-08T00:31:00Z
ghsa-4pqv-hw6c-g45v	A stored cross-site scripting (XSS) vulnerability in the CrushFTP 11.3.7_50 Admin Panel (Reports / …	2025-11-08T00:31:00Z	2025-11-08T00:31:00Z
ghsa-wr57-3h2f-3q95	Magento affected by a server-side denial-of-service using a GraphQL field	2022-05-24T19:12:45Z	2025-11-07T23:27:56Z
ghsa-6cwv-wj7v-73xp	Magento executes code via the API File Option Upload Extension	2022-05-24T19:12:46Z	2025-11-07T23:27:50Z
ghsa-36xq-7w8w-xp68	Magento affected by a blind SSRF vulnerability in the bundled dotmailer extension	2022-05-24T19:12:46Z	2025-11-07T23:27:42Z
ghsa-mx5m-j5xr-jg8c	Magento vulnerable to file upload attack	2022-05-24T19:12:46Z	2025-11-07T23:27:25Z
ghsa-2pq5-gpqf-g4r3	Magento has a file extension restrictions bypass	2022-05-24T19:12:46Z	2025-11-07T23:26:39Z
ghsa-wgpr-9675-8r67	Magento discloses sensitive information via the Multishipping Module	2022-05-24T19:12:46Z	2025-11-07T23:24:03Z
ghsa-j46h-qjjv-cxfj	Magento affected by remote code execution via a file upload	2022-05-24T19:12:46Z	2025-11-07T23:23:17Z
ghsa-vrq2-w7r7-3fp2	Magento is affected by an improper authorization vulnerability	2022-05-24T19:12:46Z	2025-11-07T23:21:19Z
ghsa-3g7m-g8qm-x6j5	Magento discloses sensitive information	2022-05-24T19:12:46Z	2025-11-07T23:21:00Z
ghsa-qmq6-jpvg-j547	Magento is affected by an os command injection via the Data collection endpoint	2022-05-24T19:12:47Z	2025-11-07T23:20:26Z
ghsa-gvfx-9m9v-h839	Magento is affected by an improper input validation vulnerability while saving a customer's details	2022-05-24T19:12:47Z	2025-11-07T23:20:11Z
ghsa-5vw8-r55w-f4q4	Magento is affected by an improper input validation vulnerability	2022-05-24T19:12:47Z	2025-11-07T23:18:53Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2024-7383	7.4 (v3.1)	Libnbd: nbd server improper certificate validation			2024-08-05T13:19:13.933Z	2025-11-08T07:13:53.292Z
cve-2024-6505	6.8 (v3.1)	Qemu-kvm: virtio-net: queue index out-of-bounds access…			2024-07-05T13:51:38.241Z	2025-11-08T07:13:50.565Z
cve-2024-4418	6.2 (v3.1)	Libvirt: stack use-after-free in virnetclientioeventloop()			2024-05-08T03:03:05.135Z	2025-11-08T07:13:49.167Z
cve-2024-4693	5.5 (v3.1)	Qemu-kvm: virtio-pci: improper release of configure ve…			2024-05-10T12:57:41.445Z	2025-11-08T07:13:46.427Z
cve-2024-10306	5.4 (v3.1)	Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp…			2025-04-23T09:59:49.150Z	2025-11-08T07:11:48.337Z
cve-2024-2182	6.5 (v3.1)	Ovn: insufficient validation of bfd packets may lead t…			2024-03-12T16:18:31.829Z	2025-11-08T07:11:46.026Z
cve-2023-42755	6.5 (v3.1)	Kernel: rsvp: out-of-bounds read in rsvp_classify()	Red Hat	Red Hat Enterprise Linux 8	2023-10-05T18:25:23.117Z	2025-11-08T07:10:59.010Z
cve-2023-39192	6.7 (v3.1)	Kernel: netfilter: xtables out-of-bounds read in u32_m…	Red Hat	Red Hat Enterprise Linux 8	2023-10-09T17:57:48.959Z	2025-11-08T07:10:41.834Z
cve-2023-6841	7.5 (v3.1)	Keycloak: amount of attributes per object is not limit…			2024-09-10T16:15:32.639Z	2025-11-08T07:10:39.283Z
cve-2023-6683	6.5 (v3.1)	Qemu: vnc: null pointer dereference in qemu_clipboard_…	Red Hat	Red Hat Enterprise Linux 8	2024-01-12T19:01:25.542Z	2025-11-08T07:10:34.148Z
cve-2023-6610	7.1 (v3.1)	Kernel: oob access in smb2_dump_detail	Red Hat	Red Hat Enterprise Linux 8	2023-12-08T16:58:09.963Z	2025-11-08T07:10:28.228Z
cve-2023-6606	7.1 (v3.1)	Kernel: out-of-bounds read vulnerability in smbcalcsize	Red Hat	Red Hat Enterprise Linux 8	2023-12-08T16:58:08.746Z	2025-11-08T07:10:24.326Z
cve-2023-6240	6.5 (v3.1)	Kernel: marvin vulnerability side-channel leakage in t…	Red Hat	Red Hat Enterprise Linux 8	2024-02-04T14:11:17.824Z	2025-11-08T07:10:21.775Z
cve-2023-5090	6 (v3.1)	Kernel: kvm: svm: improper check in svm_set_x2apic_msr…	Red Hat	Red Hat Enterprise Linux 8	2023-11-06T10:56:57.062Z	2025-11-08T07:10:11.332Z
cve-2024-3567	5.5 (v3.1)	Qemu-kvm: net: assertion failure in update_sctp_checksum()			2024-04-10T14:32:02.343Z	2025-11-08T06:49:51.437Z
cve-2024-2496	5 (v3.1)	Libvirt: null pointer dereference in udevconnectlistal…			2024-03-18T12:54:17.647Z	2025-11-08T06:49:39.207Z
cve-2024-2494	6.2 (v3.1)	Libvirt: negative g_new0 length can lead to unbounded …			2024-03-21T13:39:08.847Z	2025-11-08T06:49:30.806Z
cve-2025-12498		EventPrime – Events Calendar, Bookings and Tickets <= …	metagauss	EventPrime – Events Calendar, Bookings and Tickets	2025-11-08T06:39:56.156Z	2025-11-08T06:39:56.156Z
cve-2023-3750	6.5 (v3.1)	Libvirt: improper locking in virstoragepoolobjlistsear…	Red Hat	Red Hat Enterprise Linux 9	2023-07-24T15:19:22.512Z	2025-11-08T06:30:27.187Z
cve-2023-3255	6.5 (v3.1)	Qemu: vnc: infinite loop in inflate_buffer() leads to …	Red Hat	Red Hat Enterprise Linux 8	2023-09-13T16:12:52.294Z	2025-11-08T06:30:19.755Z
cve-2025-9334		Better Find and Replace <= 1.7.7 - Authenticated (Subs…	codesolz	Better Find and Replace – AI-Powered Suggestions	2025-11-08T05:52:43.249Z	2025-11-08T05:52:43.249Z
cve-2025-10230	10 (v3.1)	Samba: command injection in wins server hook script			2025-11-07T19:42:06.624Z	2025-11-08T04:55:22.163Z
cve-2025-36186	7.4 (v3.1)	IBM Db2 privilege escalation	IBM	Db2	2025-11-07T18:40:32.478Z	2025-11-08T04:55:21.393Z
cve-2025-9458	7.8 (v3.1)	PRT File Parsing Memory Corruption Vulnerability	Autodesk	Shared Components	2025-11-07T18:01:48.595Z	2025-11-08T04:55:20.636Z
cve-2025-12790	7.4 (v3.1)	Rubygem-mqtt: rubygem-mqtt hostname validation	Red Hat	Red Hat Satellite 6	2025-11-06T21:07:34.970Z	2025-11-08T04:55:19.808Z
cve-2025-10885	7.8 (v3.1)	Privilege Escalation Vulnerability	Autodesk	Installer	2025-11-06T17:01:19.327Z	2025-11-08T04:55:19.036Z
cve-2025-11458	N/A	Heap buffer overflow in Sync in Google Chrome pri…	Google	Chrome	2025-11-06T22:26:49.076Z	2025-11-08T04:55:18.292Z
cve-2025-11756	N/A	Use after free in Safe Browsing in Google Chrome …	Google	Chrome	2025-11-06T22:26:20.265Z	2025-11-08T04:55:17.540Z
cve-2025-11205	N/A	Heap buffer overflow in WebGPU in Google Chrome p…	Google	Chrome	2025-11-06T22:08:52.920Z	2025-11-08T04:55:16.818Z
cve-2025-11206	N/A	Heap buffer overflow in Video in Google Chrome pr…	Google	Chrome	2025-11-06T22:08:53.382Z	2025-11-08T04:55:16.020Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-12064		WP2Social Auto Publish <= 2.4.7 - Reflected Cross-Site…	f1logic	WP2Social Auto Publish	2025-11-08T03:27:46.417Z	2025-11-08T03:27:46.417Z
cve-2025-12042		Course Booking System <= 6.1.5 - Missing Authorization…	werbeagenturcommotion	Course Booking System	2025-11-08T03:27:46.819Z	2025-11-08T03:27:46.819Z
cve-2025-12000		WPFunnels <= 3.6.2 - Authenticated (Administrator+) Ar…	getwpfunnels	Easy WordPress Funnel Builder To Collect Leads And Increase Sales – WPFunnels	2025-11-08T03:27:49.707Z	2025-11-08T03:27:49.707Z
cve-2025-11972		Tag, Category, and Taxonomy Manager – AI Autotagger wi…	stevejburge	Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI	2025-11-08T03:27:48.135Z	2025-11-08T03:27:48.135Z
cve-2025-11748		Groups <= 6.7.0 - Authenticated (Subscriber+) Insecure…	itthinx	Groups	2025-11-08T03:27:49.308Z	2025-11-08T03:27:49.308Z
cve-2025-12583		Simple Downloads List <= 1.4.3 - Missing Authorization…	neofix	Simple Downloads List	2025-11-08T02:28:03.760Z	2025-11-08T02:28:03.760Z
cve-2025-11452		Asgaros Forum <= 3.1.0 - Unauthenticated SQL Injection	asgaros	Asgaros Forum	2025-11-08T02:28:01.507Z	2025-11-08T02:28:01.507Z
cve-2025-64496		Open WebUI Affected by an External Model Server (Direc…	open-webui	open-webui	2025-11-08T01:29:02.654Z	2025-11-08T01:29:02.654Z
cve-2025-64495		Open WebUI vulnerable to Stored DOM XSS via prompts wh…	open-webui	open-webui	2025-11-08T01:25:48.995Z	2025-11-08T01:25:48.995Z
cve-2025-64494		Soft Serve does not sanitize ANSI escape sequences in …	charmbracelet	soft-serve	2025-11-08T01:19:01.203Z	2025-11-08T01:19:01.203Z
cve-2025-64493		SuiteCRM is Vulnerable to Authenticated Blind SQL Inje…	SuiteCRM	SuiteCRM-Core	2025-11-08T01:16:22.833Z	2025-11-08T01:16:22.833Z
cve-2025-64492		SuiteCRM is Vulnerable to Authenticated Time Based Bli…	SuiteCRM	SuiteCRM-Core	2025-11-08T01:07:23.393Z	2025-11-08T01:07:23.393Z
cve-2025-64491		SuiteCRM is vulnerable to unauthenticated reflected XS…	SuiteCRM	SuiteCRM	2025-11-08T00:45:07.617Z	2025-11-08T00:45:07.617Z
cve-2025-64490		SuiteCRM's Inconsistent RBAC Enforcement Enables Acces…	SuiteCRM	SuiteCRM	2025-11-08T00:22:38.183Z	2025-11-08T00:22:38.183Z
cve-2025-64489		SuiteCRM: Privilege Escalation via Improper Session In…	SuiteCRM	SuiteCRM	2025-11-08T00:15:44.728Z	2025-11-08T00:15:44.728Z
cve-2025-12735		CVE-2025-12735	silentmatt	expr-eval	2025-11-05T00:22:55.297Z	2025-11-08T00:11:55.078Z
cve-2025-64488		SuiteCRM: Authenticated SQL Injection Possible in Resc…	SuiteCRM	SuiteCRM	2025-11-07T23:59:46.011Z	2025-11-07T23:59:46.011Z
cve-2025-64486		calibre is vulnerable to arbitrary code execution when…	kovidgoyal	calibre	2025-11-07T23:25:55.996Z	2025-11-07T23:25:55.996Z
cve-2025-64485		CVAT: Mounted share file overwrite via crafted request	cvat-ai	cvat	2025-11-07T23:21:06.984Z	2025-11-07T23:21:06.984Z
cve-2025-12911	N/A	Inappropriate implementation in Permissions in Go…	Google	Chrome	2025-11-07T23:23:39.451Z	2025-11-07T23:23:39.451Z
cve-2025-12910	N/A	Inappropriate implementation in Passkeys in Googl…	Google	Chrome	2025-11-07T23:23:39.074Z	2025-11-07T23:23:39.074Z
cve-2025-12909	N/A	Insufficient policy enforcement in Devtools in Go…	Google	Chrome	2025-11-07T23:23:38.684Z	2025-11-07T23:23:38.684Z
cve-2025-12908	N/A	Insufficient validation of untrusted input in Dow…	Google	Chrome	2025-11-07T23:23:38.329Z	2025-11-07T23:23:38.329Z
cve-2025-12907	N/A	Insufficient validation of untrusted input in Dev…	Google	Chrome	2025-11-07T23:23:37.805Z	2025-11-07T23:23:37.805Z
cve-2025-12906	N/A	Inappropriate implementation in Permissions in Go…	Google	Chrome	2025-11-07T23:23:37.150Z	2025-11-07T23:23:37.150Z
cve-2025-12905	N/A	Inappropriate implementation in Downloads in Goog…	Google	Chrome	2025-11-07T23:23:36.585Z	2025-11-07T23:23:36.585Z
cve-2025-64437		KubeVirt Isolation Detection Flaw Allows Arbitrary Fil…	kubevirt	kubevirt	2025-11-07T23:04:10.913Z	2025-11-07T23:04:10.913Z
cve-2025-64436		KubeVirt Excessive Role Permissions Could Enable Unaut…	kubevirt	kubevirt	2025-11-07T22:59:47.228Z	2025-11-07T22:59:47.228Z
cve-2025-64435		KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation	kubevirt	kubevirt	2025-11-07T22:57:02.600Z	2025-11-07T22:57:02.600Z
cve-2025-64434		KubeVirt Improper TLS Certificate Management Handling …	kubevirt	kubevirt	2025-11-07T22:54:04.772Z	2025-11-07T22:54:04.772Z

ID	Description	Published	Updated
fkie_cve-2025-12064	The WP2Social Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via…	2025-11-08T04:15:44.117	2025-11-08T04:15:44.117
fkie_cve-2025-12042	The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to …	2025-11-08T04:15:43.937	2025-11-08T04:15:43.937
fkie_cve-2025-12000	The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient fil…	2025-11-08T04:15:43.753	2025-11-08T04:15:43.753
fkie_cve-2025-11972	The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is vulnera…	2025-11-08T04:15:43.577	2025-11-08T04:15:43.577
fkie_cve-2025-11748	The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions u…	2025-11-08T04:15:43.383	2025-11-08T04:15:43.383
fkie_cve-2025-12583	The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data d…	2025-11-08T03:15:36.350	2025-11-08T03:15:36.350
fkie_cve-2025-11452	The Asgaros Forum plugin for WordPress is vulnerable to SQL Injection via the '$_COOKIE['asgarosfor…	2025-11-08T03:15:36.117	2025-11-08T03:15:36.117
fkie_cve-2025-64496	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. …	2025-11-08T02:15:35.443	2025-11-08T02:15:35.443
fkie_cve-2025-64495	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. …	2025-11-08T02:15:35.250	2025-11-08T02:15:35.250
fkie_cve-2025-64494	Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there a…	2025-11-08T02:15:35.060	2025-11-08T02:15:35.060
fkie_cve-2025-64493	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software applic…	2025-11-08T02:15:34.880	2025-11-08T02:15:34.880
fkie_cve-2025-64492	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software applic…	2025-11-08T02:15:34.693	2025-11-08T02:15:34.693
fkie_cve-2025-64491	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software applic…	2025-11-08T01:15:39.000	2025-11-08T01:15:39.000
fkie_cve-2025-64490	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software applic…	2025-11-08T01:15:38.830	2025-11-08T01:15:38.830
fkie_cve-2025-64489	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software applic…	2025-11-08T01:15:38.607	2025-11-08T01:15:38.607
fkie_cve-2025-12735	The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate m…	2025-11-05T01:15:33.313	2025-11-08T01:15:37.553
fkie_cve-2025-64488	SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software applic…	2025-11-08T00:15:36.313	2025-11-08T00:15:36.313
fkie_cve-2025-64486	calibre is an e-book manager. In versions 8.13.0 and prior, calibre does not validate filenames whe…	2025-11-08T00:15:36.170	2025-11-08T00:15:36.170
fkie_cve-2025-64485	CVAT is an open source interactive video and image annotation tool for computer vision. In versions…	2025-11-08T00:15:36.023	2025-11-08T00:15:36.023
fkie_cve-2025-12911	Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remot…	2025-11-08T00:15:35.913	2025-11-08T00:15:35.913
fkie_cve-2025-12910	Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local at…	2025-11-08T00:15:35.817	2025-11-08T00:15:35.817
fkie_cve-2025-12909	Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remot…	2025-11-08T00:15:35.717	2025-11-08T00:15:35.717
fkie_cve-2025-12908	Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.…	2025-11-08T00:15:35.583	2025-11-08T00:15:35.583
fkie_cve-2025-12907	Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allo…	2025-11-08T00:15:35.443	2025-11-08T00:15:35.443
fkie_cve-2025-12906	Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remot…	2025-11-08T00:15:35.340	2025-11-08T00:15:35.340
fkie_cve-2025-12905	Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowe…	2025-11-08T00:15:35.203	2025-11-08T00:15:35.203
fkie_cve-2025-64437	KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1,…	2025-11-07T23:15:46.147	2025-11-07T23:15:46.147
fkie_cve-2025-64436	KubeVirt is a virtual machine management add-on for Kubernetes. In 1.5.0 and earlier, the permissio…	2025-11-07T23:15:46.003	2025-11-07T23:15:46.003
fkie_cve-2025-64435	KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.7.0-beta.0, a logic flaw…	2025-11-07T23:15:45.850	2025-11-07T23:15:45.850
fkie_cve-2025-64434	KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, due to th…	2025-11-07T23:15:45.690	2025-11-07T23:15:45.690

ID	Description	Package	Published	Updated
pysec-2025-53	vLLM is an inference and serving engine for large language models (LLMs). Prior to versio…	vllm	2025-05-29T17:15:21+00:00	2025-06-26T21:23:06.231251+00:00
pysec-2025-51	Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v…	apache-airflow-providers-snowflake	2025-06-24T08:15:24+00:00	2025-06-26T21:23:03.132527+00:00
pysec-2025-50	vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp…	vllm	2025-05-30T18:15:32+00:00	2025-06-19T03:02:28.572160+00:00
pysec-2024-255	Gradio before 4.20 allows credential leakage on Windows.	gradio	2024-05-05T20:15:07+00:00	2025-06-17T19:21:48.983901+00:00
pysec-2024-254	A session fixation vulnerability exists in the zenml-io/zenml application, where JWT toke…	zenml	2024-04-16T00:15:11+00:00	2025-06-13T00:48:41.806476+00:00
pysec-2025-49	setuptools is a package that allows users to download, build, install, upgrade, and unins…	setuptools	2025-05-17T16:15:19+00:00	2025-06-12T22:23:11.115559+00:00
pysec-2025-48	Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2025-03-31T17:15:42+00:00	2025-06-12T22:23:10.476087+00:00
pysec-2024-253	pretix before 2024.1.1 mishandles file validation.	pretix	2024-02-26T16:28:00+00:00	2025-06-11T15:23:51.683422+00:00
pysec-2024-252	PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in t…	torch	2024-04-17T19:15:07+00:00	2025-06-10T19:22:08.948962+00:00
pysec-2024-251	Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in…	torch	2024-04-17T19:15:07+00:00	2025-06-10T03:12:59.077932+00:00
pysec-2025-47	An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2…	django	2025-06-05T03:15:25+00:00	2025-06-05T05:23:28.296596+00:00
pysec-2025-46	A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri…	pypickle	2025-05-26T08:15:19+00:00	2025-06-03T17:36:58.579358+00:00
pysec-2025-45	A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.…	pypickle	2025-05-26T07:15:26+00:00	2025-06-03T17:36:58.528116+00:00
pysec-2024-250	Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csr…	torch	2024-04-19T21:15:08+00:00	2025-06-03T15:23:56.072490+00:00
pysec-2023-312	Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b…	redis	2023-07-15T23:15:09Z	2025-06-02T11:48:06.372423Z
pysec-2025-44	django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod…	django-helpdesk	2025-05-31T01:15:19+00:00	2025-05-31T03:09:35.357757+00:00
pysec-2025-43	vLLM is an inference and serving engine for large language models (LLMs). In versions sta…	vllm	2025-05-29T17:15:21+00:00	2025-05-29T19:21:01.611587+00:00
pysec-2025-42	vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver…	vllm	2025-04-30T01:15:51+00:00	2025-05-28T21:23:12.396609+00:00
pysec-2025-41	PyTorch is a Python package that provides tensor computation with strong GPU acceleration…	torch	2025-04-18T16:15:23+00:00	2025-05-28T15:23:37.843138+00:00
pysec-2025-40	A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`…	transformers	2025-05-19T12:15:19+00:00	2025-05-21T19:22:10.801823+00:00
pysec-2024-249	### Summary On all Label Studio versions prior to 1.11.0, data imported via file upload f…	label-studio	2024-02-22T22:15:47+00:00	2025-05-19T11:22:35.312280+00:00
pysec-2024-248	OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its …	opencanary	2024-10-14T21:15:12+00:00	2025-05-16T14:23:05.150356+00:00
pysec-2025-39	motionEye is an online interface for the software motion, a video surveillance program wi…	motioneye	2025-05-14T16:15:29+00:00	2025-05-14T17:22:51.050788+00:00
pysec-2025-38	OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im…	ironic	2025-05-08T17:16:01Z	2025-05-13T04:24:03.083929Z
pysec-2024-247	A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically…	zenml	2024-04-16T00:15:11+00:00	2025-05-12T15:23:53.861001+00:00
pysec-2025-37	An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2…	django	2025-05-08T04:17:18+00:00	2025-05-08T05:23:16.210893+00:00
pysec-2025-36	Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida…	langflow	2025-04-07T15:15:44+00:00	2025-05-07T19:22:44.993642+00:00
pysec-2024-246	Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in…	vyper	2024-04-25T17:15:50+00:00	2025-05-05T19:21:20.899426+00:00
pysec-2024-111	A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha…	langchain	2024-10-29T13:15:00Z	2025-05-02T18:39:47.588215Z
pysec-2024-245	Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated user…	apache-airflow	2024-02-29T11:15:08+00:00	2025-05-01T21:22:38.598048+00:00

ID	Description	Updated
gsd-2024-33874	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.959238Z
gsd-2024-33861	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.958057Z
gsd-2024-33850	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.952536Z
gsd-2024-33856	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.944669Z
gsd-2024-33870	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.943118Z
gsd-2024-33849	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.924449Z
gsd-2024-33854	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.916266Z
gsd-2024-33868	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.896638Z
gsd-2024-33881	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.886591Z
gsd-2024-33880	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.882744Z
gsd-2024-33877	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.871220Z
gsd-2024-33873	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.870402Z
gsd-2024-33859	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.867340Z
gsd-2024-33875	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.862083Z
gsd-2024-33878	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.850311Z
gsd-2024-33858	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.848478Z
gsd-2024-33872	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.839468Z
gsd-2024-33857	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.834866Z
gsd-2024-33853	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.825026Z
gsd-2024-33863	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.824810Z
gsd-2024-33852	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.824312Z
gsd-2024-33866	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.819755Z
gsd-2024-33867	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.808129Z
gsd-2024-33882	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.803998Z
gsd-2024-33871	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.800751Z
gsd-2024-33862	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.799465Z
gsd-2024-33864	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.792101Z
gsd-2024-33865	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.790923Z
gsd-2024-33869	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.784255Z
gsd-2024-33860	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.777612Z

ID	Description	Published	Updated
mal-2025-49698	Malicious code in yuni-ketan65-devapp (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49697	Malicious code in yuni-kacang89-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49696	Malicious code in yuni-jengkol41-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49695	Malicious code in yuni-gulai75-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49694	Malicious code in yuni-gembus33-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49693	Malicious code in yuni-enting7-miaww (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49692	Malicious code in yuni-empal67-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49691	Malicious code in yuni-dradag68-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49690	Malicious code in yuni-brongkos6-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49689	Malicious code in yuni-botok35-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49688	Malicious code in yuni-bakwan55-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49687	Malicious code in yuni-bakwan46-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49686	Malicious code in yanti-ubi33-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49685	Malicious code in yanti-tomat18-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49684	Malicious code in yanti-takokak94-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49683	Malicious code in yanti-tahutek18-miaww (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49682	Malicious code in yanti-tahu68-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49681	Malicious code in yanti-tahu51-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49680	Malicious code in yanti-tahu41-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49679	Malicious code in yanti-tahu32-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49678	Malicious code in yanti-soto97-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49677	Malicious code in yanti-semur43-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49676	Malicious code in yanti-sate13-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49675	Malicious code in yanti-sasag6-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49674	Malicious code in yanti-sasag23-riris (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49673	Malicious code in yanti-sambel17-riris (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49672	Malicious code in yanti-saguer17-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49671	Malicious code in yanti-rujaksoto27-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49670	Malicious code in yanti-ronde61-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49669	Malicious code in yanti-rangi86-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z

ID	Description	Published	Updated
wid-sec-w-2025-2166	OpenSSL und LibreSSL: Mehrere Schwachstellen	2025-09-30T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2150	Red Hat Enterprise Linux: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-09-29T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2134	Red Hat Enterprise Linux (Developer Hub): Schwachstelle ermöglicht Denial of Service	2025-09-25T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2132	Linux Kernel: Mehrere Schwachstellen	2025-09-24T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2114	Dell PowerEdge BIOS und iDRAC9: Schwachstelle ermöglicht Offenlegung von Informationen	2025-09-23T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2107	Linux Kernel: Mehrere Schwachstellen	2025-09-22T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2104	WebKitGTK: Mehrere Schwachstellen	2025-09-22T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2099	Linux Kernel: Mehrere Schwachstellen	2025-09-21T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2092	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-09-18T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2087	Linux Kernel: Mehrere Schwachstellen	2025-09-17T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2078	Red Hat Enterprise Linux (Developer Hub): Mehrere Schwachstellen	2025-09-16T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2077	Linux Kernel: Mehrere Schwachstellen	2025-09-16T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2053	Linux Kernel: Mehrere Schwachstellen	2025-09-15T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2051	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-09-14T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2045	expat: Schwachstelle ermöglicht Denial of Service	2025-09-14T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2040	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-09-11T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2039	CUPS: Mehrere Schwachstellen	2025-09-11T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2028	Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Codeausführung	2025-09-10T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2023	cURL: Mehrere Schwachstellen ermöglichen Manipulation von Dateien	2025-09-09T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2002	libssh: Schwachstelle ermöglicht Denial of Service	2025-09-09T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1988	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-09-07T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1976	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-09-04T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1974	Podman: Schwachstelle ermöglicht Manipulation von Dateien	2025-09-04T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1965	Linux Kernel: Schwachstelle ermöglicht Denial of Service	2025-09-03T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1928	Linux UDisks Daemon: Schwachstelle ermöglicht Privilegieneskalation	2025-08-28T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1921	Linux Kernel: Schwachstelle ermöglicht Denial of Service	2025-08-27T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1914	Linux Kernel: Schwachstelle ermöglicht Codeausführung	2025-08-26T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-1898	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-08-24T22:00:00.000+00:00	2025-10-30T23:00:00.000+00:00
wid-sec-w-2025-2440	Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes	2015-11-22T23:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2395	Rancher Manager: Mehrere Schwachstellen	2025-10-23T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00

ID	Description	Published	Updated
ssa-534283	SSA-534283: Insecure File Share Vulnerability in SIMATIC Virtualization as a Service (SIVaaS)	2025-09-09T00:00:00Z	2025-09-09T00:00:00Z
ssa-503939	SSA-503939: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP	2025-03-11T00:00:00Z	2025-09-09T00:00:00Z
ssa-494539	SSA-494539: Multiple Vulnerabilities in SINEC OS	2025-09-09T00:00:00Z	2025-09-09T00:00:00Z
ssa-366067	SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices	2024-03-12T00:00:00Z	2025-09-09T00:00:00Z
ssa-331739	SSA-331739: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products	2025-08-12T00:00:00Z	2025-09-09T00:00:00Z
ssa-027652	SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives	2025-09-09T00:00:00Z	2025-09-09T00:00:00Z
ssa-707630	SSA-707630: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager Before V3.3	2025-08-12T00:00:00Z	2025-08-26T00:00:00Z
ssa-201595	SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager	2025-08-14T00:00:00Z	2025-08-19T00:00:00Z
ssa-711309	SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products	2023-09-12T00:00:00Z	2025-08-18T00:00:00Z
ssa-395458	SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module	2025-08-14T00:00:00Z	2025-08-14T00:00:00Z
ssa-028723	SSA-028723: Multiple OpenSSL Vulnerabilities in BFCClient Before V2.17	2025-08-12T00:00:00Z	2025-08-13T00:00:00Z
ssa-994087	SSA-994087: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-914892	SSA-914892: Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime	2024-11-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-908185	SSA-908185: Mirror Port Isolation Vulnerability in RUGGEDCOM ROS Devices	2023-08-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-894058	SSA-894058: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-856721	SSA-856721: Vulnerability in RUGGEDCOM Discovery Protocol (RCDP) of Industrial Communication Devices	2017-09-28T00:00:00Z	2025-08-12T00:00:00Z
ssa-840800	SSA-840800: Code Injection Vulnerability in RUGGEDCOM ROS	2022-07-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-800126	SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-794185	SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products	2025-05-13T00:00:00Z	2025-08-12T00:00:00Z
ssa-787941	SSA-787941: Denial of Service Vulnerability in RUGGEDCOM ROS devices	2022-11-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-770902	SSA-770902: Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices	2023-08-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-770770	SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices	2025-02-11T00:00:00Z	2025-08-12T00:00:00Z
ssa-769791	SSA-769791: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-767615	SSA-767615: Information Disclosure Vulnerability in SIPROTEC 5 Devices	2025-02-11T00:00:00Z	2025-08-12T00:00:00Z
ssa-764417	SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-687955	SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5	2025-02-11T00:00:00Z	2025-08-12T00:00:00Z
ssa-674084	SSA-674084: File Parsing Vulnerabilities in Simcenter Femap Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-665108	SSA-665108: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-613116	SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-529291	SSA-529291: Information Disclosure Vulnerabilities in SICAM Q100/Q200	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z

ID	Description	Published	Updated
rhsa-2024:0833	Red Hat Security Advisory: OpenShift Container Platform 4.12.50 bug fix and security update	2024-02-21T01:44:15+00:00	2025-11-09T18:42:23+00:00
rhsa-2024:0777	Red Hat Security Advisory: jenkins and jenkins-2-plugins security update	2024-02-12T10:27:23+00:00	2025-11-09T18:42:23+00:00
rhsa-2024:0766	Red Hat Security Advisory: OpenShift Container Platform 4.15.0 security update	2024-02-28T08:10:56+00:00	2025-11-09T18:42:21+00:00
rhsa-2024:0741	Red Hat Security Advisory: OpenShift Container Platform 4.13.33 bug fix and security update	2024-02-14T06:34:01+00:00	2025-11-09T18:42:20+00:00
rhsa-2024:0664	Red Hat Security Advisory: OpenShift Container Platform 4.12.49 bug fix update and security update	2024-02-08T19:31:18+00:00	2025-11-09T18:42:19+00:00
rhsa-2024:0660	Red Hat Security Advisory: OpenShift Container Platform 4.13.32 bug fix and security update	2024-02-07T15:07:37+00:00	2025-11-09T18:42:18+00:00
rhsa-2024:0642	Red Hat Security Advisory: OpenShift Container Platform 4.14.11 bug fix and security update	2024-02-07T17:36:34+00:00	2025-11-09T18:42:17+00:00
rhsa-2024:0485	Red Hat Security Advisory: OpenShift Container Platform 4.12.48 bug fix and security update	2024-01-31T16:17:59+00:00	2025-11-09T18:42:16+00:00
rhsa-2024:0484	Red Hat Security Advisory: OpenShift Container Platform 4.13.31 bug fix and security update	2024-02-01T19:01:48+00:00	2025-11-09T18:42:16+00:00
rhsa-2024:0306	Red Hat Security Advisory: OpenShift Container Platform 4.11.57 bug fix and security update	2024-01-24T20:54:46+00:00	2025-11-09T18:42:15+00:00
rhsa-2024:0302	Red Hat Security Advisory: Kube Descheduler Operator for Red Hat OpenShift 5.0.0 for RHEL 9:security update	2024-03-06T13:33:21+00:00	2025-11-09T18:42:14+00:00
rhsa-2024:0290	Red Hat Security Advisory: OpenShift Container Platform 4.14.10 bug fix and security update	2024-01-23T20:26:08+00:00	2025-11-09T18:42:14+00:00
rhsa-2023:7827	Red Hat Security Advisory: OpenShift Container Platform 4.13.z security update	2024-01-04T14:22:05+00:00	2025-11-09T18:42:14+00:00
rhsa-2024:0273	Red Hat Security Advisory: OpenShift Virtualization 4.12.9 Images security and bug fix update	2024-01-17T08:29:36+00:00	2025-11-09T18:42:13+00:00
rhsa-2024:0269	Red Hat Security Advisory: Run Once Duration Override Operator for Red Hat OpenShift 1.1.0 for RHEL 9	2024-02-28T00:20:04+00:00	2025-11-09T18:42:12+00:00
rhsa-2024:0198	Red Hat Security Advisory: OpenShift Container Platform 4.12.47 security update	2024-01-17T18:20:55+00:00	2025-11-09T18:42:12+00:00
rhsa-2024:0193	Red Hat Security Advisory: OpenShift Container Platform 4.13.29 bug fix and security update	2024-01-17T09:48:09+00:00	2025-11-09T18:42:11+00:00
rhsa-2024:0059	Red Hat Security Advisory: OpenShift Container Platform 4.11.56 bug fix and security update	2024-01-10T00:23:49+00:00	2025-11-09T18:42:10+00:00
rhsa-2024:0050	Red Hat Security Advisory: OpenShift Container Platform 4.14.8 bug fix and security update	2024-01-09T16:55:38+00:00	2025-11-09T18:42:10+00:00
rhsa-2023:7831	Red Hat Security Advisory: OpenShift Container Platform 4.14.7 bug fix and security update	2024-01-03T20:04:32+00:00	2025-11-09T18:42:10+00:00
rhsa-2023:7741	Red Hat Security Advisory: Red Hat Ceph Storage 6.1 security, enhancements, and bug fix update	2023-12-12T13:55:37+00:00	2025-11-09T18:42:09+00:00
rhsa-2023:7710	Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 7.2.0 security update	2023-12-11T00:20:04+00:00	2025-11-09T18:42:08+00:00
rhsa-2023:7687	Red Hat Security Advisory: OpenShift Container Platform 4.13.26 bug fix and security update	2023-12-13T00:13:20+00:00	2025-11-09T18:42:08+00:00
rhsa-2023:7704	Red Hat Security Advisory: OpenShift Virtualization 4.14.1 security and bug fix update	2023-12-07T15:00:28+00:00	2025-11-09T18:42:07+00:00
rhsa-2023:7703	Red Hat Security Advisory: Red Hat OpenShift Pipelines 1.10.6 release and security update	2023-12-07T14:57:07+00:00	2025-11-09T18:42:07+00:00
rhsa-2023:7699	Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.10.6 release and security update	2023-12-07T14:26:32+00:00	2025-11-09T18:42:07+00:00
rhsa-2023:7691	Red Hat Security Advisory: OpenShift Container Platform 4.11.55 bug fix and security update	2023-12-13T21:44:50+00:00	2025-11-09T18:42:06+00:00
rhsa-2023:7690	Red Hat Security Advisory: OpenShift Container Platform 4.11.55 security update	2023-12-13T21:03:30+00:00	2025-11-09T18:42:05+00:00
rhsa-2023:7599	Red Hat Security Advisory: OpenShift Container Platform 4.14.5 bug fix and security update	2023-12-05T09:57:03+00:00	2025-11-09T18:42:05+00:00
rhsa-2023:7682	Red Hat Security Advisory: OpenShift Container Platform 4.14.6 bug fix and security update	2023-12-12T09:48:40+00:00	2025-11-09T18:42:04+00:00

ID	Description	Published	Updated
msrc_cve-2025-58188	Panic when validating certificates with DSA public keys in crypto/x509	2025-10-02T00:00:00.000Z	2025-10-31T01:08:48.000Z
msrc_cve-2025-58187	Quadratic complexity when checking name constraints in crypto/x509	2025-10-02T00:00:00.000Z	2025-10-31T01:08:15.000Z
msrc_cve-2025-61723	Quadratic complexity when parsing some invalid inputs in encoding/pem	2025-10-02T00:00:00.000Z	2025-10-31T01:07:43.000Z
msrc_cve-2025-61724	Excessive CPU consumption in Reader.ReadResponse in net/textproto	2025-10-02T00:00:00.000Z	2025-10-31T01:07:11.000Z
msrc_cve-2025-58186	Lack of limit when parsing cookies can cause memory exhaustion in net/http	2025-10-02T00:00:00.000Z	2025-10-31T01:06:39.000Z
msrc_cve-2025-58185	Parsing DER payload can cause memory exhaustion in encoding/asn1	2025-10-02T00:00:00.000Z	2025-10-31T01:06:07.000Z
msrc_cve-2025-47912	Insufficient validation of bracketed IPv6 hostnames in net/url	2025-10-02T00:00:00.000Z	2025-10-31T01:05:35.000Z
msrc_cve-2025-61725	Excessive CPU consumption in ParseAddress in net/mail	2025-10-02T00:00:00.000Z	2025-10-31T01:05:04.000Z
msrc_cve-2025-58183	Unbounded allocation when parsing GNU sparse map in archive/tar	2025-10-02T00:00:00.000Z	2025-10-31T01:04:32.000Z
msrc_cve-2025-40085	ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card	2025-10-02T00:00:00.000Z	2025-10-31T01:03:31.000Z
msrc_cve-2025-40083	net/sched: sch_qfq: Fix null-deref in agg_dequeue	2025-10-02T00:00:00.000Z	2025-10-31T01:03:26.000Z
msrc_cve-2025-40084	ksmbd: transport_ipc: validate payload size before reading handle	2025-10-02T00:00:00.000Z	2025-10-31T01:03:20.000Z
msrc_cve-2025-12058	Vulnerability in Keras Model.load_model Leading to Arbitrary Local File Loading and SSRF	2025-10-02T00:00:00.000Z	2025-10-31T01:03:15.000Z
msrc_cve-2025-53783	Microsoft Teams Remote Code Execution Vulnerability	2025-08-12T07:00:00.000Z	2025-10-30T07:00:00.000Z
msrc_cve-2025-40071	tty: n_gsm: Don't block input queue by waiting MSC	2025-10-02T00:00:00.000Z	2025-10-29T01:05:06.000Z
msrc_cve-2025-40079	riscv, bpf: Sign extend struct ops return values properly	2025-10-02T00:00:00.000Z	2025-10-29T01:05:01.000Z
msrc_cve-2025-40068	fs: ntfs3: Fix integer overflow in run_unpack()	2025-10-02T00:00:00.000Z	2025-10-29T01:04:55.000Z
msrc_cve-2025-40057	ptp: Add a upper bound on max_vclocks	2025-10-02T00:00:00.000Z	2025-10-29T01:04:50.000Z
msrc_cve-2025-40075	tcp_metrics: use dst_dev_net_rcu()	2025-10-02T00:00:00.000Z	2025-10-29T01:04:44.000Z
msrc_cve-2025-40065	RISC-V: KVM: Write hgatp register with valid mode bits	2025-10-02T00:00:00.000Z	2025-10-29T01:04:39.000Z
msrc_cve-2025-40027	net/9p: fix double req put in p9_fd_cancelled	2025-10-02T00:00:00.000Z	2025-10-29T01:04:34.000Z
msrc_cve-2025-11840	GNU Binutils ldmisc.c vfinfo out-of-bounds	2025-10-02T00:00:00.000Z	2025-10-29T01:04:28.000Z
msrc_cve-2025-40049	Squashfs: fix uninit-value in squashfs_get_parent	2025-10-02T00:00:00.000Z	2025-10-29T01:04:20.000Z
msrc_cve-2025-40081	perf: arm_spe: Prevent overflow in PERF_IDX2OFF()	2025-10-02T00:00:00.000Z	2025-10-29T01:04:15.000Z
msrc_cve-2025-40048	uio_hv_generic: Let userspace take care of interrupt mask	2025-10-02T00:00:00.000Z	2025-10-29T01:04:10.000Z
msrc_cve-2025-40036	misc: fastrpc: fix possible map leak in fastrpc_put_args	2025-10-02T00:00:00.000Z	2025-10-29T01:04:04.000Z
msrc_cve-2025-40039	ksmbd: Fix race condition in RPC handle list access	2025-10-02T00:00:00.000Z	2025-10-29T01:03:59.000Z
msrc_cve-2025-40043	net: nfc: nci: Add parameter validation for packet data	2025-10-02T00:00:00.000Z	2025-10-29T01:03:54.000Z
msrc_cve-2025-40064	smc: Fix use-after-free in __pnet_find_base_ndev().	2025-10-02T00:00:00.000Z	2025-10-29T01:03:48.000Z
msrc_cve-2025-40074	ipv4: start using dst_dev_rcu()	2025-10-02T00:00:00.000Z	2025-10-29T01:03:43.000Z

ID	Description	Published	Updated
icsa-24-121-01	Delta Electronics CNCSoft-G2 DOPSoft (Update A)	2024-04-30T06:00:00.000000Z	2025-10-16T06:00:00.000000Z
icsa-25-301-01	Schneider Electric EcoStruxure	2025-10-14T07:00:00.000000Z	2025-10-14T07:00:00.000000Z
icsa-25-259-01	Schneider Electric Altivar products ATVdPAC module ILC992 InterLink Converter (Update A)	2025-09-09T04:00:00.000000Z	2025-10-14T07:00:00.000000Z
icsa-25-224-03	Schneider Electric EcoStruxure Power Monitoring Expert	2025-08-12T04:00:00.000000Z	2025-10-14T07:00:00.000000Z
icsa-25-140-08	Schneider Electric Modicon Controllers (Update B)	2025-05-13T04:00:00.000000Z	2025-10-14T07:00:00.000000Z
icsa-24-352-04	Schneider Electric Modicon	2024-12-10T05:00:00.000000Z	2025-10-14T07:00:00.000000Z
icsa-25-287-01	Rockwell Automation 1715 EtherNet/IP Comms Module	2025-10-14T06:00:00.000000Z	2025-10-14T06:00:00.000000Z
icsa-25-294-04	Siemens RUGGEDCOM ROS Devices	2025-07-08T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-294-03	Siemens SIMATIC S7-1200 CPU V1/V2 Devices	2011-06-10T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-289-10	Siemens HyperLynx and Industrial Edge App Publisher	2025-10-14T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-289-09	Siemens TeleControl Server Basic	2025-10-14T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-289-08	Siemens SINEC NMS	2025-10-14T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-289-07	Siemens SIMATIC ET 200SP Communication Processors	2025-10-14T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-289-06	Siemens SiPass	2025-10-14T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-289-05	Siemens Solid Edge	2025-10-14T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-254-07	Siemens User Management Component (UMC)	2025-09-09T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-226-22	Siemens Web Installer	2025-08-12T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-226-18	Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER	2025-08-12T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-226-11	Siemens SIMATIC S7-PLCSIM	2025-08-12T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-226-09	Siemens RUGGEDCOM APE1808	2025-08-12T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-226-03	Siemens Engineering Platforms	2025-08-12T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-162-02	Siemens RUGGEDCOM APE1808	2025-06-10T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-148-01	Siemens SiPass	2025-05-23T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-135-09	Siemens User Management Component (UMC)	2025-05-13T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-24-284-10	Siemens SIMATIC S7-1500 CPUs	2024-10-08T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-24-284-01	Siemens SIMATIC S7-1500 and S7-1200 CPUs	2024-10-08T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-24-256-03	Siemens User Management Component (UMC)	2024-09-10T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-24-102-01	Siemens SIMATIC S7-1500	2024-04-09T00:00:00.000000Z	2025-10-14T00:00:00.000000Z
icsa-25-252-08	Rockwell Automation Analytics LogixAI	2025-09-09T06:00:00.000000Z	2025-10-10T06:00:00.000000Z
va-25-282-01	Newforma Project Center multiple vulnerabilities	2025-10-09T19:50:00Z	2025-10-09T19:50:00Z

ID	Description	Published	Updated
cisco-sa-xrsig-uy4zrucg	Cisco IOS XR Software Image Verification Bypass Vulnerability	2025-09-10T16:00:00+00:00	2025-09-10T16:00:00+00:00
cisco-sa-iosxr-arp-storm-ejuu55ym	Cisco IOS XR ARP Broadcast Storm Denial of Service Vulnerability	2025-09-10T16:00:00+00:00	2025-09-10T16:00:00+00:00
cisco-sa-acl-packetio-swjhhbtz	Cisco IOS XR Software Management Interface ACL Bypass Vulnerability	2025-09-10T16:00:00+00:00	2025-09-10T16:00:00+00:00
cisco-sa-fp2k-ipsec-dos-tjwgdzco	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-09-09T21:22:34+00:00
cisco-sa-webex-xss-55bv8hhm	Cisco Webex Meetings Cross-Site Scripting Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-webex-urlredirect-uk8ddjsz	Cisco Webex Meetings URL Redirection Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-phone-write-g3kcc5df	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-imp-xss-xqgu4hsg	Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-epnm-pi-stored-xss-xjqzsycp	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-epnm-info-dis-zhppmfgz	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Information Disclosure Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-epni-arb-file-upload-jjdm2p83	Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-cucm-csrf-w762pryd	Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability	2025-09-03T16:00:00+00:00	2025-09-03T16:00:00+00:00
cisco-sa-3100_4200_tlsdos-2ynscd54	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-09-03T13:37:50+00:00
cisco-sa-ucs-xss-ey6xhyps	Cisco UCS Manager Software Stored Cross-Site Scripting Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-ucs-vkvmorv-cnkrv7hk	Cisco Integrated Management Controller Virtual Keyboard Video Monitor Open Redirect Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-ucs-multi-cmdinj-e4ukjyrz	Cisco UCS Manager Software Command Injection Vulnerabilities	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-ucs-kvmsxss-6h7anuyk	Cisco Integrated Management Controller Virtual Keyboard Video Monitor Stored Cross-Site Scripting Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-nxospc-pim6-vg4jfph	Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-nxos-infodis-tectysfg	Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-nxos-cmdinj-qhnze5ss	Cisco NX-OS Software Command Injection Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-nshs-urapi-gjubvfpu	Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-nd-ptrs-xu2fm2wb	Cisco Nexus Dashboard Path Traversal Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-n39k-isis-dos-jhja8rfx	Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability	2025-08-27T16:00:00+00:00	2025-08-27T16:00:00+00:00
cisco-sa-ise-file-upload-qksx6c8g	Cisco Identity Services Engine Arbitrary File Upload Vulnerability	2025-08-20T16:00:00+00:00	2025-08-20T16:43:01+00:00
cisco-sa-pi-epnm-tet4gxbx	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Sensitive Information Disclosure Vulnerability	2025-08-20T16:00:00+00:00	2025-08-20T16:00:00+00:00
cisco-sa-authproxlog-sxczxq63	Cisco Duo Authentication Proxy Information Disclosure Vulnerability	2025-08-20T16:00:00+00:00	2025-08-20T16:00:00+00:00
cisco-sa-20180328-smi2	Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability	2018-03-28T16:00:00+00:00	2025-08-20T14:26:26+00:00
cisco-sa-asaftd-ssltls-dos-ehw76vze	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-19T16:32:05+00:00
cisco-sa-ftd-ravpn-geobypass-9h38m37z	Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-ftd-dos-svkhtjgt	Cisco Secure Firewall Threat Defense Software Snort 3 Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00

ID	Description	Published	Updated
sca-2023-0007	Vulnerabilities in SICK LMS5xx	2023-08-25T11:00:00.000Z	2023-08-25T11:00:00.000Z
SCA-2023-0007	Vulnerabilities in SICK LMS5xx	2023-08-25T11:00:00.000Z	2023-08-25T11:00:00.000Z
sca-2023-0006	Vulnerabilities in SICK ICR890-4	2023-07-10T13:00:00.000Z	2023-07-10T13:00:00.000Z
SCA-2023-0006	Vulnerabilities in SICK ICR890-4	2023-07-10T13:00:00.000Z	2023-07-10T13:00:00.000Z
sca-2023-0005	Vulnerabilities in SICK EventCam App	2023-06-19T11:00:00.000Z	2023-06-19T11:00:00.000Z
SCA-2023-0005	Vulnerabilities in SICK EventCam App	2023-06-19T11:00:00.000Z	2023-06-19T11:00:00.000Z
sca-2023-0004	Vulnerabilities in SICK FTMg	2023-05-11T13:00:00.000Z	2023-05-11T13:00:00.000Z
SCA-2023-0004	Vulnerabilities in SICK FTMg	2023-05-11T13:00:00.000Z	2023-05-11T13:00:00.000Z
sca-2023-0003	Vulnerability in SICK Flexi Soft and Flexi Classic Gateways	2023-05-03T13:00:00.000Z	2023-05-03T13:00:00.000Z
SCA-2023-0003	Vulnerability in SICK Flexi Soft and Flexi Classic Gateways	2023-05-03T13:00:00.000Z	2023-05-03T13:00:00.000Z
sca-2023-0002	Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways	2023-04-11T10:00:00.000Z	2023-04-11T10:00:00.000Z
SCA-2023-0002	Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways	2023-04-11T10:00:00.000Z	2023-04-11T10:00:00.000Z
sca-2023-0001	Bootloader mode vulnerability in Flexi Soft Gateways v3	2023-02-20T14:00:00.000Z	2023-02-20T14:00:00.000Z
SCA-2023-0001	Bootloader mode vulnerability in Flexi Soft Gateways v3	2023-02-20T14:00:00.000Z	2023-02-20T14:00:00.000Z
sca-2022-0015	Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR	2022-12-08T16:00:00.000Z	2022-12-08T16:00:00.000Z
SCA-2022-0015	Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR	2022-12-08T16:00:00.000Z	2022-12-08T16:00:00.000Z
sca-2022-0013	Password recovery vulnerability affects multiple SICK SIMs	2022-10-21T13:00:00.000Z	2022-11-04T14:00:00.000Z
SCA-2022-0013	Password recovery vulnerability affects multiple SICK SIMs	2022-10-21T13:00:00.000Z	2022-11-04T14:00:00.000Z
sca-2022-0014	SICK FlexiCompact affected by Denial of Service vulnerability	2022-10-31T11:00:00.000Z	2022-10-31T11:00:00.000Z
SCA-2022-0014	SICK FlexiCompact affected by Denial of Service vulnerability	2022-10-31T11:00:00.000Z	2022-10-31T11:00:00.000Z
sca-2022-0012	OpenSSL vulnerability affects multiple SICK SIMs	2022-08-08T13:00:00.000Z	2022-08-03T13:00:00.000Z
SCA-2022-0012	OpenSSL vulnerability affects multiple SICK SIMs	2022-08-08T13:00:00.000Z	2022-08-03T13:00:00.000Z
sca-2022-0010	Vulnerability in SICK Flexi Soft Designer & Safety Designer	2022-05-16T10:00:00.000Z	2022-07-19T10:00:00.000Z
SCA-2022-0010	Vulnerability in SICK Flexi Soft Designer & Safety Designer	2022-05-16T10:00:00.000Z	2022-07-19T10:00:00.000Z
sca-2022-0011	Vulnerabilities in SICK Package Analytics	2022-06-08T15:00:00.000Z	2022-06-08T15:00:00.000Z
SCA-2022-0011	Vulnerabilities in SICK Package Analytics	2022-06-08T15:00:00.000Z	2022-06-08T15:00:00.000Z
sca-2022-0009	Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET	2022-04-29T15:00:00.000Z	2022-04-29T15:00:00.000Z
sca-2022-0008	Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3	2022-04-29T15:00:00.000Z	2022-04-29T15:00:00.000Z
SCA-2022-0009	Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET	2022-04-29T15:00:00.000Z	2022-04-29T15:00:00.000Z
SCA-2022-0008	Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3	2022-04-29T15:00:00.000Z	2022-04-29T15:00:00.000Z

ID	Description	Published	Updated
nn-2023:4-01	Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:3-01	Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:2-01	Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:15-01	Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:11-01	SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:10-01	DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2022_2-02	Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2022_2-01	Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2022:2-02	Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2022:2-01	Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2024:2-01	Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0	2024-09-11T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2024:1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:7-01	DoS via SAML configuration in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:6-01	Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:4-01	Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:3-01	Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:2-01	Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:15-01	Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:11-01	SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2023:10-01	DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2022:2-02	Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z
NN-2022:2-01	Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023_5-01	Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023_16-01	Path traversal via 'zip slip' in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z

ID	Description	Published	Updated
OXAS-ADV-2023-0005	OX App Suite Security Advisory OXAS-ADV-2023-0005	2023-09-19T00:00:00+02:00	2024-01-22T00:00:00+00:00
OXAS-ADV-2023-0004	OX App Suite Security Advisory OXAS-ADV-2023-0004	2023-08-01T00:00:00+02:00	2024-01-22T00:00:00+00:00
OXAS-ADV-2023-0003	OX App Suite Security Advisory OXAS-ADV-2023-0003	2023-05-02T00:00:00+02:00	2024-01-22T00:00:00+00:00
OXAS-ADV-2023-0002	OX App Suite Security Advisory OXAS-ADV-2023-0002	2023-03-20T00:00:00+01:00	2024-01-22T00:00:00+00:00
OXAS-ADV-2023-0001	OX App Suite Security Advisory OXAS-ADV-2023-0001	2023-02-06T00:00:00+01:00	2024-01-22T00:00:00+00:00
OXAS-ADV-2022-0002	OX App Suite Security Advisory OXAS-ADV-2022-0002	2022-11-02T00:00:00+01:00	2024-01-22T00:00:00+00:00
OXAS-ADV-2022-0001	OX App Suite Security Advisory OXAS-ADV-2022-0001	2022-08-10T00:00:00+02:00	2024-01-22T00:00:00+00:00

ID	Description	Updated
var-201801-0152	An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri…	2024-11-29T22:49:44.989000Z
var-202004-0077	There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc…	2024-11-29T22:49:10.471000Z
var-202411-1369	A parameter within a command does not properly validate input within myPRO Manager which …	2024-11-29T22:48:08.493000Z
var-202411-1372	The web application uses a weak authentication mechanism to verify that a request is comi…	2024-11-29T22:48:08.477000Z
var-202411-1370	An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a c…	2024-11-29T22:48:08.461000Z
var-202411-1371	The administrative interface listens by default on all interfaces on a TCP port and does …	2024-11-29T22:48:08.445000Z
var-202411-1373	The back-end does not sufficiently verify the user-controlled filename parameter which ma…	2024-11-29T22:48:08.429000Z
var-200512-0300	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe…	2024-11-29T22:47:57.596000Z
var-200512-0643	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe…	2024-11-29T22:47:55.749000Z
var-200512-0297	Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit…	2024-11-29T22:47:55.685000Z
var-200512-0611	Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and…	2024-11-29T22:47:55.607000Z
var-200512-0294	Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitr…	2024-11-29T22:47:55.530000Z
var-201112-0097	Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a…	2024-11-29T22:47:02.572000Z
var-201805-1143	In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and pr…	2024-11-29T22:46:30.150000Z
var-201805-1144	In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and pr…	2024-11-29T22:46:30.043000Z
var-201806-1058	Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo…	2024-11-29T22:46:29.795000Z
var-201902-0647	LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening …	2024-11-29T22:46:28.037000Z
var-200202-0006	Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause…	2024-11-29T22:46:09.598000Z
var-200107-0035	slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cau…	2024-11-29T22:45:37.258000Z
var-200607-0396	Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b…	2024-11-29T22:45:25.291000Z
var-201601-0038	Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote atta…	2024-11-29T22:42:17.893000Z
var-201801-0394	TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbi…	2024-11-29T22:41:34.504000Z
var-201805-1147	WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe…	2024-11-29T22:41:28.661000Z
var-201904-0181	Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow…	2024-11-29T22:41:17.815000Z
var-202001-0833	A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo…	2024-11-29T22:41:12.131000Z
var-202001-0832	A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic…	2024-11-29T22:41:12.054000Z
var-201208-0222	Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r…	2024-11-29T22:41:11.980000Z
var-202005-0008	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf…	2024-11-29T22:41:10.312000Z
var-202007-0395	Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities …	2024-11-29T22:41:08.364000Z
var-202106-0542	A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic …	2024-11-29T22:41:05.439000Z

ID	Description	Published	Updated
jvndb-2025-000044	Denial-of-service (DoS) vulnerabilities in multiple Apache products	2025-06-26T14:41+09:00	2025-10-01T14:18+09:00
jvndb-2025-014642	Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers	2025-09-30T11:50+09:00	2025-09-30T11:50+09:00
jvndb-2025-000066	Improper file access permission settings in multiple i-FILTER products	2025-08-27T19:50+09:00	2025-09-29T13:45+09:00
jvndb-2025-000077	RICOH Streamline NX vulnerable to tampering with operation history	2025-09-08T13:42+09:00	2025-09-24T16:53+09:00
jvndb-2025-007519	Multiple vulnerabilities in multiple BROTHER products	2025-06-26T18:15+09:00	2025-09-22T10:16+09:00
jvndb-2025-014105	OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path	2025-09-19T16:21+09:00	2025-09-19T16:21+09:00
jvndb-2025-014104	Multiple vulnerabilities in I-O DATA wireless LAN routers	2025-09-19T14:58+09:00	2025-09-19T14:58+09:00
jvndb-2025-014081	Multiple Brother and its OEM products with weak initial administrator passwords	2025-09-19T10:52+09:00	2025-09-19T10:52+09:00
jvndb-2025-000079	UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting	2025-09-18T17:43+09:00	2025-09-18T17:43+09:00
jvndb-2025-000078	Century HW RAID Manager registers a Windows service with an unquoted file path	2025-09-17T13:45+09:00	2025-09-17T13:45+09:00
jvndb-2025-000048	WTW-EAGLE App vulnerable to improper server certificate validation	2025-09-12T13:57+09:00	2025-09-12T13:57+09:00
jvndb-2025-000070	"Gunosy" App vulnerable to insertion of sensitive information into sent data	2025-09-02T14:20+09:00	2025-09-09T09:51+09:00
jvndb-2025-000072	Obsidian GitHub Copilot Plugin stores sensitive information in cleartext	2025-09-05T16:52+09:00	2025-09-05T16:52+09:00
jvndb-2025-000073	RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path	2025-09-05T16:20+09:00	2025-09-05T16:20+09:00
jvndb-2025-000071	"Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly	2025-09-05T15:12+09:00	2025-09-05T15:12+09:00
jvndb-2025-000075	Multiple vulnerabilities in TkEasyGUI	2025-09-05T14:53+09:00	2025-09-05T14:53+09:00
jvndb-2025-000069	Web Caster V130 vulnerable to cross-site request forgery	2025-09-03T14:23+09:00	2025-09-03T14:23+09:00
jvndb-2025-000068	Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection	2025-09-01T16:21+09:00	2025-09-01T16:21+09:00
jvndb-2025-012659	Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series	2025-09-01T15:22+09:00	2025-09-01T15:22+09:00
jvndb-2025-000067	Multiple vulnerabilities in multiple iND products	2025-08-29T14:47+09:00	2025-08-29T14:47+09:00
jvndb-2025-000064	Multiple vulnerabilities in SS1	2025-08-27T15:13+09:00	2025-08-27T15:13+09:00
jvndb-2025-000065	ScanSnap Manager installers vulnerable to privilege escalation	2025-08-27T14:22+09:00	2025-08-27T14:22+09:00
jvndb-2025-011884	FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation	2025-08-21T11:49+09:00	2025-08-25T10:38+09:00
jvndb-2025-000063	Western Digital Kitfox registers a Windows service with an unquoted file path	2025-08-22T13:37+09:00	2025-08-22T13:37+09:00
jvndb-2025-000062	Multiple vulnerabilities in Group-Office	2025-08-21T14:03+09:00	2025-08-21T14:03+09:00
jvndb-2025-000061	Multiple vulnerabilities in Movable Type	2025-08-20T15:30+09:00	2025-08-20T15:30+09:00
jvndb-2025-000059	Seagate Toolkit registers a Windows service with an unquoted file path	2025-08-14T12:32+09:00	2025-08-19T14:40+09:00
jvndb-2025-010854	Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection	2025-08-07T12:25+09:00	2025-08-19T11:36+09:00
jvndb-2025-007521	Multiple Brother driver installers for Windows vulnerable to privilege escalation	2025-06-27T09:37+09:00	2025-08-19T11:29+09:00
jvndb-2025-000060	PgManage vulnerable to injection	2025-08-18T13:40+09:00	2025-08-18T13:40+09:00

ID	Description	Updated
ts-2022-003	TS-2022-003	2022-06-14T00:00
ts-2022-002	TS-2022-002	2022-05-11T00:00
ts-2022-001	TS-2022-001	2022-02-07T00:00

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated