Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-54pw-8jmv-p9rc | A remote unauthenticated attacker may be able to bypass authentication by utilizing a specific API… | 2025-12-24T21:30:34Z | 2025-12-24T21:30:34Z |
| ghsa-4hfm-3834-w3r8 | Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner. | 2025-12-24T21:30:34Z | 2025-12-24T21:30:34Z |
| ghsa-2gg3-j2hg-72f4 | VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerabi… | 2025-12-24T21:30:34Z | 2025-12-24T21:30:34Z |
| ghsa-x3j6-h5jv-f97w | Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows … | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-vq8q-pgj7-r79w | Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allow… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-rc3h-p7vv-v9x3 | Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that all… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-qmhc-vf98-cwmf | Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authentica… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-pmc3-hmfh-583m | iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that … | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-p8qm-v86v-r6gq | FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-c… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-p7cm-25mc-8h96 | SmartHouse Webapp 6.5.33 contains multiple cross-site request forgery and cross-site scripting vuln… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-p782-2pf9-qvmm | devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows at… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-p43h-75mm-qgfv | FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that all… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-mfqx-6pfv-xp5p | Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-jj2g-vwxg-qv6m | AVE DOMINAplus 1.10.x contains cross-site request forgery and cross-site scripting vulnerabilities … | 2025-12-24T21:30:32Z | 2025-12-24T21:30:33Z |
| ghsa-cfpm-r69w-j97p | V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-8cmh-3qph-fccm | FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php a… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-6fff-m75x-hprm | Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attacke… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-4h7f-qwj6-qpx3 | Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-46cm-29f3-f9rv | V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-43qf-qj5j-5r47 | V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability … | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-2gww-fh48-p92f | Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthentica… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-x8gg-ghxq-c254 | Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to e… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-r64v-2m5c-fmx7 | Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-m2m8-9ppp-q3c7 | Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to cha… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-jmmc-j836-r5v7 | Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-gpch-6qpg-rp8g | Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-g4f4-x2rq-h8g8 | Ecessa ShieldLink SL175EHQ 10.7.4 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-fv28-hc36-43g9 | GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allo… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-cm58-6j6x-c433 | Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows au… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-9wqg-38fc-34m9 | Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated atta… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2024-40317 | N/A | A reflected cross-site scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-12-24T00:00:00.000Z | 2025-12-24T21:47:08.435Z |
| cve-2025-68919 | 5.6 (v3.1) | Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Exp… |
Fujitsu / Fsas Technologies |
ETERNUS SF ACM/SC/Express |
2025-12-24T21:01:44.380Z | 2025-12-24T21:29:13.243Z |
| cve-2025-68917 | 6.4 (v3.1) | ONLYOFFICE Docs before 9.2.1 allows XSS in the te… |
ONLYOFFICE |
Document Server |
2025-12-24T20:19:25.402Z | 2025-12-24T20:38:16.538Z |
| cve-2025-8769 | 9.8 (v3.1) 9.3 (v4.0) | MegaSys Computer Technologies Telenium Online Web Appl… |
MegaSys Computer Technologies |
Telenium Online Web Application |
2025-12-24T20:14:20.035Z | 2025-12-24T20:36:42.847Z |
| cve-2018-25127 | 5.1 (v4.0) 5.3 (v3.1) | SOCA Access Control System 180612 Cross-Site Request F… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.423Z | 2025-12-24T20:27:27.630Z |
| cve-2018-25128 | 9.3 (v4.0) 8.2 (v3.1) | SOCA Access Control System 180612 SQL Injection and Au… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.899Z | 2025-12-24T20:27:21.283Z |
| cve-2018-25129 | 7.1 (v4.0) 7.5 (v3.1) | SOCA Access Control System 180612 Information Disclosu… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:43.322Z | 2025-12-24T20:27:15.081Z |
| cve-2018-25130 | 6.8 (v4.0) 6.2 (v3.1) | Beward Intercom 2.3.1 Local Credentials Disclosure via… |
Beward R&D Co., Ltd |
BEWARD Intercom |
2025-12-24T19:27:43.752Z | 2025-12-24T20:27:08.870Z |
| cve-2018-25131 | 5.1 (v4.0) 7.2 (v3.1) | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Sto… |
Leica Geosystems AG |
GR10/GR25/GR30/GR50 GNSS |
2025-12-24T19:27:44.162Z | 2025-12-24T20:27:01.726Z |
| cve-2018-25133 | 5.1 (v4.0) 4.3 (v3.1) | Synaccess netBooter NP-0801DU 7.4 Cross-Site Request F… |
Synaccess Networks Inc. |
netBooter NP-0801DU |
2025-12-24T19:27:44.567Z | 2025-12-24T20:26:55.174Z |
| cve-2018-25134 | 9.3 (v4.0) 9.8 (v3.1) | Synaccess netBooter NP-02x/NP-08x 6.8 Authentication B… |
Synaccess Networks Inc. |
netBooter NP-02x/NP-08x |
2025-12-24T19:27:44.967Z | 2025-12-24T20:26:48.331Z |
| cve-2018-25135 | 9.3 (v4.0) 9.8 (v3.1) | Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via… |
Anviz Biometric Technology Co., Ltd. |
Anviz AIM CrossChex Standard |
2025-12-24T19:27:45.375Z | 2025-12-24T20:26:41.287Z |
| cve-2018-25136 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated RTSP… |
FLIR Systems, Inc. |
Brickstream 3D+ |
2025-12-24T19:27:45.779Z | 2025-12-24T20:26:35.205Z |
| cve-2018-25137 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Conf… |
FLIR Systems, Inc. |
FLIR Brickstream 3D+ |
2025-12-24T19:27:46.300Z | 2025-12-24T20:26:28.490Z |
| cve-2018-25138 | 9.3 (v4.0) 7.5 (v3.1) | FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials… |
FLIR Systems |
FLIR AX8 Thermal Camera |
2025-12-24T19:27:46.730Z | 2025-12-24T20:26:22.231Z |
| cve-2018-25139 | 8.7 (v4.0) 7.5 (v3.1) | FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP S… |
FLIR Systems, Inc. |
FLIR AX8 Thermal Camera |
2025-12-24T19:27:47.117Z | 2025-12-24T20:26:15.968Z |
| cve-2018-25140 | 9.3 (v4.0) 7.5 (v3.1) | FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthentic… |
FLIR Systems, Inc. |
Thermal Traffic Cameras |
2025-12-24T19:27:47.524Z | 2025-12-24T20:26:09.413Z |
| cve-2018-25141 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthentic… |
FLIR |
FLIR Thermal Traffic Cameras |
2025-12-24T19:27:47.928Z | 2025-12-24T20:26:01.745Z |
| cve-2018-25142 | 7.1 (v4.0) 9.8 (v3.1) | NovaRad NovaPACS Diagnostics Viewer 8.5 XML External E… |
NovaRad Corporation |
NovaPACS Diagnostics Viewer |
2025-12-24T19:27:48.350Z | 2025-12-24T20:25:54.871Z |
| cve-2018-25143 | 8.7 (v4.0) 8.8 (v3.1) | Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via M… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak |
2025-12-24T19:27:48.742Z | 2025-12-24T20:25:48.441Z |
| cve-2018-25144 | 8.7 (v4.0) 5.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Arbitrary File Access vi… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Arbitrary File Attacks |
2025-12-24T19:27:49.167Z | 2025-12-24T20:25:41.747Z |
| cve-2018-25145 | 7.1 (v4.0) 6.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Configuration Disclosure… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Configuration Download |
2025-12-24T19:27:49.597Z | 2025-12-24T20:25:35.251Z |
| cve-2018-25146 | 7.1 (v4.0) 6.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Service Control Denial o… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS |
2025-12-24T19:27:50.006Z | 2025-12-24T20:25:28.526Z |
| cve-2018-25147 | 9.3 (v4.0) 7.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Default Credentials Auth… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials |
2025-12-24T19:27:50.490Z | 2025-12-24T20:25:21.195Z |
| cve-2018-25148 | 8.7 (v4.0) 8.8 (v3.1) | Microhard Systems IPn4G 1.1.0 Remote Code Execution vi… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit |
2025-12-24T19:27:50.947Z | 2025-12-24T20:25:14.760Z |
| cve-2018-25149 | 5.1 (v4.0) 4.3 (v3.1) | Microhard Systems IPn4G 1.1.0 Cross-Site Request Forge… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities |
2025-12-24T19:27:51.383Z | 2025-12-24T20:25:07.980Z |
| cve-2018-25150 | 5.1 (v4.0) 5.3 (v3.1) | Ecessa ShieldLink SL175EHQ 10.7.4 Cross-Site Request F… |
Ecessa Corporation |
Ecessa ShieldLink SL175EHQ |
2025-12-24T19:27:51.814Z | 2025-12-24T20:24:59.684Z |
| cve-2018-25151 | 5.1 (v4.0) 4.3 (v3.1) | Ecessa WANWorx WVR-30 < 10.7.4 Cross-Site Request Forg… |
Ecessa Corporation |
WANWorx WVR-30 |
2025-12-24T19:27:52.222Z | 2025-12-24T20:24:53.133Z |
| cve-2018-25152 | 5.1 (v4.0) 5.3 (v3.1) | Ecessa Edge EV150 10.7.4 Cross-Site Request Forgery vi… |
Ecessa Corporation |
Ecessa Edge EV150 |
2025-12-24T19:27:52.680Z | 2025-12-24T20:24:45.919Z |
| cve-2018-25153 | 6.9 (v4.0) 7.5 (v3.1) | GNU Barcode 0.99 Memory Leak Vulnerability in Command … |
The GNU Project | Free Software Foundation, Inc. |
GNU Barcode |
2025-12-24T19:27:53.062Z | 2025-12-24T20:24:39.099Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-8769 | 9.8 (v3.1) 9.3 (v4.0) | MegaSys Computer Technologies Telenium Online Web Appl… |
MegaSys Computer Technologies |
Telenium Online Web Application |
2025-12-24T20:14:20.035Z | 2025-12-24T20:36:42.847Z |
| cve-2025-68919 | 5.6 (v3.1) | Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Exp… |
Fujitsu / Fsas Technologies |
ETERNUS SF ACM/SC/Express |
2025-12-24T21:01:44.380Z | 2025-12-24T21:29:13.243Z |
| cve-2025-68917 | 6.4 (v3.1) | ONLYOFFICE Docs before 9.2.1 allows XSS in the te… |
ONLYOFFICE |
Document Server |
2025-12-24T20:19:25.402Z | 2025-12-24T20:38:16.538Z |
| cve-2019-25258 | 7.1 (v4.0) 7.5 (v3.1) | LogicalDOC Enterprise 7.7.4 Multiple Post-Authenticati… |
LogicalDOC Srl |
LogicalDOC Enterprise |
2025-12-24T19:28:06.519Z | 2025-12-24T20:21:23.564Z |
| cve-2019-25257 | 8.7 (v4.0) 6.5 (v3.1) | LogicalDOC Enterprise 7.7.4 Authenticated Command Exec… |
LogicalDOC Srl |
LogicalDOC Enterprise |
2025-12-24T19:28:06.119Z | 2025-12-24T20:21:30.648Z |
| cve-2019-25256 | 7.1 (v4.0) 6.5 (v3.1) | VideoFlow Digital Video Protection DVP 2.10 Authentica… |
VideoFlow Ltd. |
Digital Video Protection DVP |
2025-12-24T19:28:05.689Z | 2025-12-24T20:21:37.347Z |
| cve-2019-25255 | 8.7 (v4.0) 4.3 (v3.1) | VideoFlow Digital Video Protection DVP 2.10 Authentica… |
VideoFlow Ltd. |
VideoFlow Digital Video Protection DVP |
2025-12-24T19:28:05.284Z | 2025-12-24T20:21:43.515Z |
| cve-2019-25254 | 5.1 (v4.0) 5.3 (v3.1) | KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery … |
KYOCERA Corporation |
KYOCERA Net Admin |
2025-12-24T19:28:04.889Z | 2025-12-24T20:21:49.801Z |
| cve-2019-25253 | 7.1 (v4.0) 7.5 (v3.1) | KYOCERA Net Admin 3.4.0906 Unauthenticated XML Externa… |
KYOCERA Corporation |
KYOCERA Net Admin |
2025-12-24T19:28:04.490Z | 2025-12-24T20:21:56.818Z |
| cve-2019-25252 | 5.1 (v4.0) 5.3 (v3.1) | Teradek VidiU Pro 3.0.3 Cross-Site Request Forgery via… |
Teradek |
VidiU Pro |
2025-12-24T19:28:04.078Z | 2025-12-24T20:22:04.713Z |
| cve-2019-25251 | 6.9 (v4.0) 5.3 (v3.1) | Teradek VidiU Pro 3.0.3 Server-Side Request Forgery vi… |
Teradek, LLC |
VidiU Pro |
2025-12-24T19:28:03.642Z | 2025-12-24T20:22:13.312Z |
| cve-2019-25250 | 5.1 (v4.0) 5.3 (v3.1) | Devolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Reques… |
devolo AG |
dLAN 550 duo+ Starter Kit |
2025-12-24T19:28:03.241Z | 2025-12-24T20:22:20.223Z |
| cve-2019-25249 | 8.7 (v4.0) 9.8 (v3.1) | devolo dLAN 500 AV Wireless+ 3.1.0-1 Remote Code Execu… |
devolo AG |
dLAN 550 duo+ Starter Kit |
2025-12-24T19:28:02.779Z | 2025-12-24T20:22:26.831Z |
| cve-2019-25248 | 8.7 (v4.0) 7.5 (v3.1) | Beward N100 M2.1.6 Unauthenticated RTSP Video Stream D… |
Beward |
N100 H.264 VGA IP Camera |
2025-12-24T19:28:02.157Z | 2025-12-24T20:22:33.063Z |
| cve-2019-25247 | 5.1 (v4.0) 5.3 (v3.1) | Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin … |
Beward R&D Co., Ltd |
N100 H.264 VGA IP Camera |
2025-12-24T19:28:00.994Z | 2025-12-24T20:22:39.710Z |
| cve-2019-25246 | 7.1 (v4.0) 8.8 (v3.1) | Beward N100 H.264 VGA IP Camera M2.1.6 Authenticated F… |
Beward R&D Co., Ltd |
N100 H.264 VGA IP Camera |
2025-12-24T19:28:00.474Z | 2025-12-24T20:22:45.916Z |
| cve-2019-25245 | 8.5 (v4.0) 8.8 (v3.1) | Ross Video DashBoard 8.5.1 Privilege Escalation via In… |
Ross Video Ltd. |
DashBoard |
2025-12-24T19:27:59.816Z | 2025-12-24T20:22:52.203Z |
| cve-2019-25244 | 5.1 (v4.0) 5.3 (v3.1) | Legrand BTicino Driver Manager F454 1.0.51 CSRF and St… |
BTicino S.p.A. |
Legrand BTicino Driver Manager F454 |
2025-12-24T19:27:59.384Z | 2025-12-24T20:22:58.420Z |
| cve-2019-25243 | 8.7 (v4.0) 8.8 (v3.1) | FaceSentry 6.4.8 Authenticated Remote Command Injectio… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.965Z | 2025-12-24T20:23:05.664Z |
| cve-2019-25242 | 5.1 (v4.0) 4.3 (v3.1) | FaceSentry Access Control System 6.4.8 Cross-Site Requ… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.523Z | 2025-12-24T20:23:12.300Z |
| cve-2019-25241 | 9.3 (v4.0) 7.5 (v3.1) | FaceSentry Access Control System 6.4.8 Remote SSH Root… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.126Z | 2025-12-24T20:23:18.700Z |
| cve-2019-25240 | 8.7 (v4.0) 9.8 (v3.1) | Rifatron 5brid DVR 5brid DVR (HD6-532/516, DX6-516/508… |
Rifatron Co., Ltd. |
DVR |
2025-12-24T19:27:57.698Z | 2025-12-24T20:23:25.132Z |
| cve-2019-25239 | 8.7 (v4.0) 7.5 (v3.1) | V-SOL GPON/EPON OLT Platform 2.03 Unauthenticated Conf… |
Guangzhou V-SOLUTION Electronic Technology |
GPON/EPON OLT Platform |
2025-12-24T19:27:57.201Z | 2025-12-24T20:23:32.107Z |
| cve-2019-25238 | 5.1 (v4.0) 4.3 (v3.1) | V-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request F… |
Guangzhou V-SOLUTION Electronic Technology Co., Ltd. |
SOL GPON/EPON OLT Platform |
2025-12-24T19:27:56.801Z | 2025-12-24T20:23:38.963Z |
| cve-2019-25237 | 8.7 (v4.0) 9.8 (v3.1) | V-SOL GPON/EPON OLT Platform 2.03 Privilege Escalation… |
Guangzhou V-SOLUTION Electronic Technology Co., Ltd. |
SOL GPON/EPON OLT Platform |
2025-12-24T19:27:56.411Z | 2025-12-24T20:23:45.916Z |
| cve-2019-25236 | 8.7 (v4.0) 9.8 (v3.1) | iSeeQ Hybrid DVR WH-H4 1.03R Unauthenticated Live Stre… |
iSeeQ |
Hybrid DVR WH-H4 |
2025-12-24T19:27:55.979Z | 2025-12-24T20:23:52.108Z |
| cve-2019-25235 | 8.8 (v4.0) 9.8 (v3.1) | Smartwares HOME easy 1.0.9 Client-Side Authentication … |
Smartwares |
Smartwares HOME easy |
2025-12-24T19:27:55.565Z | 2025-12-24T20:23:58.323Z |
| cve-2019-25234 | 5.1 (v4.0) 5.3 (v3.1) | Carlo Gavazzi SmartHouse Webapp 6.5.33 Cross-Site Requ… |
Carlo Gavazzi AB |
SmartHouse Webapp |
2025-12-24T19:27:55.152Z | 2025-12-24T20:24:05.780Z |
| cve-2019-25233 | 5.1 (v4.0) 5.3 (v3.1) | AVE DOMINAplus 1.10.x Cross-Site Request Forgery and X… |
AVE S.p.A. |
DOMINAplus |
2025-12-24T19:27:54.735Z | 2025-12-24T20:24:12.386Z |
| cve-2018-25156 | 5.1 (v4.0) 5.3 (v3.1) | Teradek Cube 7.3.6 Cross-Site Request Forgery Password… |
Teradek, LLC |
Cube |
2025-12-24T19:27:54.324Z | 2025-12-24T20:24:19.107Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2019-25255 | VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnera… | 2025-12-24T20:15:54.160 | 2025-12-24T21:16:03.623 |
| fkie_cve-2019-25254 | KYOCERA Net Admin 3.4.0906 contains a cross-site request forgery vulnerability that allows attacker… | 2025-12-24T20:15:54.010 | 2025-12-24T21:16:03.503 |
| fkie_cve-2019-25253 | KYOCERA Net Admin 3.4.0906 contains an XML External Entity (XXE) injection vulnerability in the Mul… | 2025-12-24T20:15:53.857 | 2025-12-24T21:16:03.367 |
| fkie_cve-2019-25252 | Teradek VidiU Pro 3.0.3 contains a cross-site request forgery vulnerability that allows attackers t… | 2025-12-24T20:15:53.700 | 2025-12-24T21:16:03.240 |
| fkie_cve-2019-25251 | Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management inte… | 2025-12-24T20:15:53.553 | 2025-12-24T21:16:03.117 |
| fkie_cve-2019-25250 | Devolo dLAN 500 AV Wireless+ 3.1.0-1 contains a cross-site request forgery vulnerability that allow… | 2025-12-24T20:15:53.403 | 2025-12-24T21:16:03.003 |
| fkie_cve-2019-25249 | devolo dLAN 500 AV Wireless+ 3.1.0-1 contains an authentication bypass vulnerability that allows at… | 2025-12-24T20:15:53.247 | 2025-12-24T21:16:02.890 |
| fkie_cve-2019-25248 | Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers to… | 2025-12-24T20:15:53.093 | 2025-12-24T21:16:02.770 |
| fkie_cve-2019-25247 | Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that all… | 2025-12-24T20:15:52.937 | 2025-12-24T21:16:02.657 |
| fkie_cve-2019-25246 | Beward N100 H.264 VGA IP Camera M2.1.6 contains an authenticated file disclosure vulnerability that… | 2025-12-24T20:15:52.780 | 2025-12-24T21:16:02.543 |
| fkie_cve-2019-25245 | Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authentica… | 2025-12-24T20:15:52.623 | 2025-12-24T21:16:02.430 |
| fkie_cve-2019-25244 | Legrand BTicino Driver Manager F454 1.0.51 contains multiple web vulnerabilities that allow attacke… | 2025-12-24T20:15:52.473 | 2025-12-24T21:16:02.313 |
| fkie_cve-2019-25243 | FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php a… | 2025-12-24T20:15:52.310 | 2025-12-24T21:16:02.200 |
| fkie_cve-2019-25242 | FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that all… | 2025-12-24T20:15:52.150 | 2025-12-24T21:16:02.087 |
| fkie_cve-2019-25241 | FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-c… | 2025-12-24T20:15:51.993 | 2025-12-24T21:16:01.973 |
| fkie_cve-2019-25240 | Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows … | 2025-12-24T20:15:51.840 | 2025-12-24T21:16:01.867 |
| fkie_cve-2019-25239 | V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability … | 2025-12-24T20:15:51.690 | 2025-12-24T21:16:01.760 |
| fkie_cve-2019-25238 | V-SOL GPON/EPON OLT Platform 2.03 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T20:15:51.543 | 2025-12-24T21:16:01.650 |
| fkie_cve-2019-25237 | V-SOL GPON/EPON OLT Platform v2.03 contains a privilege escalation vulnerability that allows normal… | 2025-12-24T20:15:51.380 | 2025-12-24T21:16:01.540 |
| fkie_cve-2019-25236 | iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script that … | 2025-12-24T20:15:51.223 | 2025-12-24T21:16:01.427 |
| fkie_cve-2019-25235 | Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthentica… | 2025-12-24T20:15:51.070 | 2025-12-24T21:16:01.317 |
| fkie_cve-2019-25234 | SmartHouse Webapp 6.5.33 contains multiple cross-site request forgery and cross-site scripting vuln… | 2025-12-24T20:15:50.913 | 2025-12-24T21:16:01.207 |
| fkie_cve-2019-25233 | AVE DOMINAplus 1.10.x contains cross-site request forgery and cross-site scripting vulnerabilities … | 2025-12-24T20:15:50.750 | 2025-12-24T21:16:01.100 |
| fkie_cve-2018-25156 | Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to cha… | 2025-12-24T20:15:50.587 | 2025-12-24T21:16:00.973 |
| fkie_cve-2018-25155 | Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to c… | 2025-12-24T20:15:50.430 | 2025-12-24T21:16:00.873 |
| fkie_cve-2018-25149 | Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attac… | 2025-12-24T20:15:49.517 | 2025-12-24T21:16:00.500 |
| fkie_cve-2018-25148 | Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities… | 2025-12-24T20:15:49.367 | 2025-12-24T21:16:00.397 |
| fkie_cve-2018-25147 | Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through… | 2025-12-24T20:15:49.210 | 2025-12-24T21:16:00.280 |
| fkie_cve-2018-25146 | Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated atta… | 2025-12-24T20:15:49.057 | 2025-12-24T21:16:00.167 |
| fkie_cve-2018-25145 | Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows au… | 2025-12-24T20:15:48.903 | 2025-12-24T21:16:00.053 |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2025-35 | Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… | weblate | 2025-04-15T21:16:04+00:00 | 2025-04-30T17:22:51.467257+00:00 |
| pysec-2025-34 | The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… | picklescan | 2025-04-24T01:15:49+00:00 | 2025-04-24T03:08:15.436691+00:00 |
| pysec-2025-33 | Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the… | vyper | 2025-01-14T18:16:05+00:00 | 2025-04-23T21:23:01.322686+00:00 |
| pysec-2025-32 | BentoML is a Python library for building online serving systems optimized for AI apps and… | bentoml | 2025-04-09T16:15:25+00:00 | 2025-04-22T19:21:34.073355+00:00 |
| pysec-2025-31 | vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.116292+00:00 |
| pysec-2025-30 | vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.064106+00:00 |
| pysec-2025-29 | vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.005382+00:00 |
| pysec-2025-28 | The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.772920+00:00 |
| pysec-2025-27 | The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.711157+00:00 |
| pysec-2025-26 | The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.645758+00:00 |
| pysec-2021-891 | CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 S… | salt | 2021-03-03T10:15:13+00:00 | 2025-04-09T17:27:27.582884+00:00 |
| pysec-2025-25 | Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… | rembg | 2025-03-03T17:15:14+00:00 | 2025-04-09T17:27:27.532849+00:00 |
| pysec-2025-24 | Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… | rembg | 2025-03-03T17:15:14+00:00 | 2025-04-09T17:27:27.486485+00:00 |
| pysec-2025-23 | Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… | ray | 2025-03-06T05:15:16+00:00 | 2025-04-09T17:27:27.434099+00:00 |
| pysec-2022-43179 | Poetry is a dependency manager for Python. To handle dependencies that come from a Git re… | poetry | 2022-09-07T19:15:08+00:00 | 2025-04-09T17:27:27.255151+00:00 |
| pysec-2025-22 | A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… | plotai | 2025-03-10T14:15:24+00:00 | 2025-04-09T17:27:27.203714+00:00 |
| pysec-2023-311 | plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen… | plone-namedfile | 2023-09-21T15:15:10+00:00 | 2025-04-09T17:27:27.153848+00:00 |
| pysec-2025-21 | picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… | picklescan | 2025-03-10T12:15:12+00:00 | 2025-04-09T17:27:27.016747+00:00 |
| pysec-2025-20 | picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… | picklescan | 2025-03-10T12:15:10+00:00 | 2025-04-09T17:27:26.966215+00:00 |
| pysec-2025-19 | picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … | picklescan | 2025-03-03T19:15:34+00:00 | 2025-04-09T17:27:26.916350+00:00 |
| pysec-2025-18 | picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… | picklescan | 2025-02-26T15:15:24+00:00 | 2025-04-09T17:27:26.867210+00:00 |
| pysec-2023-310 | Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO… | mobsf | 2023-09-21T22:15:11+00:00 | 2025-04-09T17:27:26.663665+00:00 |
| pysec-2025-17 | In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… | mlflow | 2025-03-20T10:15:54+00:00 | 2025-04-09T17:27:26.322333+00:00 |
| pysec-2023-309 | Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. | mlflow | 2023-12-13T00:15:07+00:00 | 2025-04-09T17:27:26.271200+00:00 |
| pysec-2023-308 | Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. | mlflow | 2023-07-19T01:15:10+00:00 | 2025-04-09T17:27:26.223213+00:00 |
| pysec-2025-16 | LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… | lnbits | 2025-04-06T20:15:15+00:00 | 2025-04-09T17:27:25.872691+00:00 |
| pysec-2025-15 | Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilde… | flask-appbuilder | 2025-03-03T16:15:41+00:00 | 2025-04-09T17:27:25.227116+00:00 |
| pysec-2025-14 | An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normal… | django | 2025-04-02T13:15:44+00:00 | 2025-04-09T17:27:25.169049+00:00 |
| pysec-2025-13 | An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2… | django | 2025-03-06T19:15:27+00:00 | 2025-04-09T17:27:25.095679+00:00 |
| pysec-2022-43178 | An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo … | cleo | 2022-11-09T20:15:10+00:00 | 2025-04-09T17:27:24.793038+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33855 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.741239Z |
| gsd-2024-33851 | phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point… | 2024-04-28T05:02:07.732559Z |
| gsd-2024-33879 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.727068Z |
| gsd-2024-4294 | A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Ap… | 2024-04-28T05:02:06.079201Z |
| gsd-2024-4292 | A vulnerability classified as critical has been found in Contemporary Controls BASrouter … | 2024-04-28T05:02:06.073286Z |
| gsd-2024-4295 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:06.068263Z |
| gsd-2024-4291 | A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri… | 2024-04-28T05:02:06.058388Z |
| gsd-2024-4293 | A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana… | 2024-04-28T05:02:06.052534Z |
| gsd-2023-52722 | An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER … | 2024-04-28T05:01:28.746814Z |
| gsd-2022-48685 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:00:27.870720Z |
| gsd-2022-48684 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:00:27.715598Z |
| gsd-2024-24777 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:24.547536Z |
| gsd-2024-28875 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:20.401696Z |
| gsd-2024-33786 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.606155Z |
| gsd-2024-33697 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.598872Z |
| gsd-2024-33722 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.598142Z |
| gsd-2024-33784 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.595808Z |
| gsd-2024-33788 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.591276Z |
| gsd-2024-33814 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.590797Z |
| gsd-2024-33701 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.589032Z |
| gsd-2024-33776 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.587852Z |
| gsd-2024-33712 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.587066Z |
| gsd-2024-33840 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.586722Z |
| gsd-2024-33838 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.585807Z |
| gsd-2024-33749 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.584613Z |
| gsd-2024-33839 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.579161Z |
| gsd-2024-33733 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.577869Z |
| gsd-2024-33845 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.569462Z |
| gsd-2024-33741 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.568527Z |
| gsd-2024-33738 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.562140Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-191675 | Malicious code in aiostreams (PyPI) | 2025-11-24T21:58:24Z | 2025-12-24T10:09:32Z |
| mal-2025-191674 | Malicious code in aiogram-msgeffect (PyPI) | 2025-11-22T16:25:53Z | 2025-12-24T10:09:32Z |
| mal-2025-191535 | Malicious code in tableate (PyPI) | 2025-11-25T11:06:37Z | 2025-12-24T10:09:32Z |
| mal-2025-191534 | Malicious code in tablates (PyPI) | 2025-11-26T10:20:42Z | 2025-12-24T10:09:32Z |
| mal-2024-6103 | Malicious code in termcolour (PyPI) | 2024-06-25T13:43:19Z | 2025-12-24T10:09:32Z |
| mal-2024-5721 | Malicious code in pyhttpproxifier (PyPI) | 2024-06-25T13:40:09Z | 2025-12-24T10:09:32Z |
| mal-2024-5326 | Malicious code in libsocks5 (PyPI) | 2024-06-25T13:36:56Z | 2025-12-24T10:09:32Z |
| mal-2024-5325 | Malicious code in libsock (PyPI) | 2024-06-25T13:36:56Z | 2025-12-24T10:09:32Z |
| mal-2024-5323 | Malicious code in libproxy (PyPI) | 2024-06-25T13:36:55Z | 2025-12-24T10:09:32Z |
| mal-2024-5221 | Malicious code in httprequesthub (PyPI) | 2024-06-25T13:36:05Z | 2025-12-24T10:09:32Z |
| mal-2024-5101 | Malicious code in easyhttprequest (PyPI) | 2024-06-25T13:35:06Z | 2025-12-24T10:09:32Z |
| mal-2024-11518 | Malicious code in aiocpa (PyPI) | 2024-12-09T06:49:42Z | 2025-12-24T10:09:32Z |
| mal-2024-10163 | Malicious code in solana-token (PyPI) | 2024-10-16T14:51:34Z | 2025-12-24T10:09:32Z |
| mal-2025-66552 | Malicious code in vite-plugin-postcss-tools (npm) | 2025-11-11T00:04:35Z | 2025-12-24T10:09:31Z |
| mal-2025-66551 | Malicious code in tensor-fi-utils-lib (npm) | 2025-11-11T00:09:38Z | 2025-12-24T10:09:31Z |
| mal-2025-49372 | Malicious code in vite-smart-chunk (npm) | 2025-11-05T23:17:31Z | 2025-12-24T10:09:31Z |
| mal-2025-48951 | Malicious code in xdater (npm) | 2025-10-29T01:46:43Z | 2025-12-24T10:09:31Z |
| mal-2025-48915 | Malicious code in vite-plugin-es6-compat (npm) | 2025-10-28T01:39:47Z | 2025-12-24T10:09:31Z |
| mal-2025-48914 | Malicious code in vite-manual-chunker (npm) | 2025-10-28T01:44:03Z | 2025-12-24T10:09:31Z |
| mal-2025-48784 | Malicious code in vite-plugin-parsify (npm) | 2025-10-27T07:09:08Z | 2025-12-24T10:09:31Z |
| mal-2025-48599 | Malicious code in vite-compiler-tools (npm) | 2025-10-24T02:49:26Z | 2025-12-24T10:09:31Z |
| mal-2025-48426 | Malicious code in vite-plugin-parseflow (npm) | 2025-10-15T13:05:55Z | 2025-12-24T10:09:31Z |
| mal-2025-192656 | Malicious code in xvxx (npm) | 2025-12-19T08:41:06Z | 2025-12-24T10:09:31Z |
| mal-2025-192645 | Malicious code in vdous (npm) | 2025-12-19T08:41:06Z | 2025-12-24T10:09:31Z |
| mal-2025-192402 | Malicious code in wartsila-text-csv (npm) | 2025-12-10T01:44:48Z | 2025-12-24T10:09:31Z |
| mal-2025-192375 | Malicious code in tensor-fi-utils-core (npm) | 2025-12-08T03:36:17Z | 2025-12-24T10:09:31Z |
| mal-2025-191669 | Malicious code in wfui-dsm-react-ui (npm) | 2025-12-02T17:30:50Z | 2025-12-24T10:09:31Z |
| mal-2025-191668 | Malicious code in wfui-dbd-react-ui (npm) | 2025-12-02T17:36:00Z | 2025-12-24T10:09:31Z |
| mal-2025-191600 | Malicious code in vite-dynamic-chunks (npm) | 2025-12-01T13:29:03Z | 2025-12-24T10:09:31Z |
| mal-2025-191504 | Malicious code in testhaus (npm) | 2025-12-01T16:00:47Z | 2025-12-24T10:09:31Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2840 | Exim: Schwachstelle ermöglicht Codeausführung | 2025-12-14T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2825 | MediaWiki: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2814 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2798 | Red Hat OpenShift Service Mesh: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2751 | WebKitGTK: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2737 | libpng: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2025-12-03T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2663 | libpng: Mehrere Schwachstellen | 2025-11-23T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2657 | WebKitGTK: Mehrere Schwachstellen | 2025-11-20T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2586 | Red Hat Enterprise Linux (python-kdcproxy): Mehrere Schwachstellen | 2025-11-12T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2537 | BusyBox (wget): Schwachstelle ermöglicht Umgehung von Sicherheitsvorkehrungen | 2025-11-10T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2409 | Xen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-10-26T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2407 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-26T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2298 | Linux Kernel: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2268 | Linux Kernel: Mehrere Schwachstellen | 2025-10-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2198 | MediaWiki: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2170 | Linux Kernel: Mehrere Schwachstellen | 2025-09-30T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2144 | binutils: Mehrere Schwachstellen | 2025-09-28T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2115 | WordPress Core: Mehrere Schwachstellen | 2025-09-23T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2099 | Linux Kernel: Mehrere Schwachstellen | 2025-09-21T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2045 | expat: Schwachstelle ermöglicht Denial of Service | 2025-09-14T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1898 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-08-24T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1870 | Keycloak: Schwachstelle ermöglicht Versand beliebiger E-Mails | 2025-08-19T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1833 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-08-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1822 | Ruby on Rails: Mehrere Schwachstellen | 2025-08-13T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1807 | IBM WebSphere Application Server Liberty: Mehrere Schwachstellen | 2025-08-12T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1757 | Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsmechanismen | 2025-08-11T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1591 | IBM WebSphere Application Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-07-17T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1582 | IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service | 2025-07-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1460 | PHP: Mehrere Schwachstellen | 2025-07-03T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1335 | Apache Tomcat: Mehrere Schwachstellen | 2025-06-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-318832 | SSA-318832: SQL Injection Vulnerability in SINEC NMS | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-279823 | SSA-279823: Cross-Site Scripting Vulnerability in SIMATIC S7-1200 CPU V2/V3 Before V3.0.2 | 2012-10-08T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 | 2024-04-09T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-240718 | SSA-240718: Insecure Storage of HTTPS CA Certificate in SIMATIC S7-1200 CPU V2 | 2012-09-13T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-186293 | SSA-186293: XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER | 2025-08-12T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-083019 | SSA-083019: Multiple Vulnerabilities in RUGGEDCOM ROS Devices | 2025-07-08T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-062309 | SSA-062309: Information Disclosure Vulnerability in TeleControl Server Basic V3.1 | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-054046 | SSA-054046: Unauthenticated Information Disclosure in Web Server of SIMATIC S7-1500 CPUs | 2024-10-08T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-039007 | SSA-039007: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC) | 2024-09-10T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-916339 | SSA-916339: Information Disclosure Vulnerability in Apogee PXC and Talon TC Devices | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-712929 | SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products | 2022-06-14T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-691715 | SSA-691715: Vulnerability in OPC Foundation Local Discovery Server Affecting Siemens Products | 2023-04-11T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-640476 | SSA-640476: Denial of Service Vulnerability in Industrial Edge Management | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-563922 | SSA-563922: Local Privilege Escalation Vulnerability in SIMOTION Tools | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-534283 | SSA-534283: Insecure File Share Vulnerability in SIMATIC Virtualization as a Service (SIVaaS) | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-503939 | SSA-503939: Vulnerabilities in the BIOS of the SIMATIC S7-1500 TM MFP | 2025-03-11T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-494539 | SSA-494539: Multiple Vulnerabilities in SINEC OS | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-366067 | SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-331739 | SSA-331739: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting Siemens Products | 2025-08-12T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-027652 | SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-707630 | SSA-707630: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager Before V3.3 | 2025-08-12T00:00:00Z | 2025-08-26T00:00:00Z |
| ssa-201595 | SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2025-08-14T00:00:00Z | 2025-08-19T00:00:00Z |
| ssa-395458 | SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module | 2025-08-14T00:00:00Z | 2025-08-14T00:00:00Z |
| ssa-028723 | SSA-028723: Multiple OpenSSL Vulnerabilities in BFCClient Before V2.17 | 2025-08-12T00:00:00Z | 2025-08-13T00:00:00Z |
| ssa-994087 | SSA-994087: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-914892 | SSA-914892: Race Condition Vulnerability in Basic Authentication Implementation of Mendix Runtime | 2024-11-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-908185 | SSA-908185: Mirror Port Isolation Vulnerability in RUGGEDCOM ROS Devices | 2023-08-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-894058 | SSA-894058: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-856721 | SSA-856721: Vulnerability in RUGGEDCOM Discovery Protocol (RCDP) of Industrial Communication Devices | 2017-09-28T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-840800 | SSA-840800: Code Injection Vulnerability in RUGGEDCOM ROS | 2022-07-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:4669 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-07T14:59:09+00:00 | 2025-11-29T06:54:32+00:00 |
| rhsa-2025:4666 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.11.7 container updates | 2025-05-07T16:17:54+00:00 | 2025-11-29T06:54:32+00:00 |
| rhsa-2025:4605 | Red Hat Security Advisory: multicluster Engine for Kubernetes 2.6.7 container updates | 2025-05-07T03:32:30+00:00 | 2025-11-29T06:54:31+00:00 |
| rhsa-2025:4569 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-06T16:43:52+00:00 | 2025-11-29T06:54:29+00:00 |
| rhsa-2025:4511 | Red Hat Security Advisory: RHODF-4.18-RHEL-9 security update | 2025-05-06T07:14:59+00:00 | 2025-11-29T06:54:29+00:00 |
| rhsa-2025:4502 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.10.8 container updates | 2025-05-06T06:29:57+00:00 | 2025-11-29T06:54:28+00:00 |
| rhsa-2025:4473 | Red Hat Security Advisory: multicluster Engine for Kubernetes 2.5.9 container updates | 2025-05-05T23:34:14+00:00 | 2025-11-29T06:54:27+00:00 |
| rhsa-2025:4462 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-05T14:35:59+00:00 | 2025-11-29T06:54:26+00:00 |
| rhsa-2025:4427 | Red Hat Security Advisory: OpenShift Container Platform 4.18.12 bug fix and security update | 2025-05-09T04:31:09+00:00 | 2025-11-29T06:54:24+00:00 |
| rhsa-2025:4211 | Red Hat Security Advisory: OpenShift Container Platform 4.18.11 bug fix and security update | 2025-05-01T03:08:42+00:00 | 2025-11-29T06:54:24+00:00 |
| rhsa-2025:4422 | Red Hat Security Advisory: OpenShift Container Platform 4.15.50 bug fix and security update | 2025-05-08T19:55:32+00:00 | 2025-11-29T06:54:23+00:00 |
| rhsa-2025:4409 | Red Hat Security Advisory: OpenShift Container Platform 4.12.76 bug fix and security update | 2025-05-08T19:54:33+00:00 | 2025-11-29T06:54:23+00:00 |
| rhsa-2025:4250 | Red Hat Security Advisory: RHSA: Submariner 0.19.4 - bug fix and enhancement update | 2025-04-28T16:10:25+00:00 | 2025-11-29T06:54:20+00:00 |
| rhsa-2025:4204 | Red Hat Security Advisory: OpenShift Container Platform 4.17.27 bug fix and security update | 2025-04-30T03:47:47+00:00 | 2025-11-29T06:54:20+00:00 |
| rhsa-2025:4188 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.2 | 2025-04-24T13:21:19+00:00 | 2025-11-29T06:54:18+00:00 |
| rhsa-2025:4171 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.3 | 2025-04-24T11:52:49+00:00 | 2025-11-29T06:54:18+00:00 |
| rhsa-2025:4019 | Red Hat Security Advisory: OpenShift Container Platform 4.18.10 bug fix and security update | 2025-04-22T23:52:01+00:00 | 2025-11-29T06:54:18+00:00 |
| rhsa-2025:4012 | Red Hat Security Advisory: OpenShift Container Platform 4.17.26 bug fix and security update | 2025-04-23T12:41:37+00:00 | 2025-11-29T06:54:18+00:00 |
| rhsa-2025:3993 | Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-6 Update | 2025-04-17T14:42:51+00:00 | 2025-11-29T06:54:17+00:00 |
| rhsa-2025:3932 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.20.0 release | 2025-04-16T02:48:23+00:00 | 2025-11-29T06:54:15+00:00 |
| rhsa-2025:3930 | Red Hat Security Advisory: RHACS 4.7 security update | 2025-04-15T20:29:23+00:00 | 2025-11-29T06:54:15+00:00 |
| rhsa-2025:3929 | Red Hat Security Advisory: ACS 4.6 enhancement and security update | 2025-04-15T19:52:32+00:00 | 2025-11-29T06:54:15+00:00 |
| rhsa-2025:3928 | Red Hat Security Advisory: ACS 4.5 enhancement and security update | 2025-04-15T19:46:07+00:00 | 2025-11-29T06:54:15+00:00 |
| rhsa-2025:3906 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.13 | 2025-04-16T10:29:32+00:00 | 2025-11-29T06:54:13+00:00 |
| rhsa-2025:3905 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.0.7 | 2025-04-16T14:51:29+00:00 | 2025-11-29T06:54:13+00:00 |
| rhsa-2025:3886 | Red Hat Security Advisory: RHOAI 2.19.0 - Red Hat OpenShift AI | 2025-04-15T07:52:02+00:00 | 2025-11-29T06:54:13+00:00 |
| rhsa-2025:3833 | Red Hat Security Advisory: gvisor-tap-vsock security update | 2025-04-14T09:21:59+00:00 | 2025-11-29T06:54:13+00:00 |
| rhsa-2025:3863 | Red Hat Security Advisory: Red Hat multicluster global hub 1.3.3 bug fixes and container update | 2025-04-14T18:00:47+00:00 | 2025-11-29T06:54:11+00:00 |
| rhsa-2025:3820 | Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release | 2025-04-10T17:22:43+00:00 | 2025-11-29T06:54:11+00:00 |
| rhsa-2025:3814 | Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release | 2025-04-10T15:20:44+00:00 | 2025-11-29T06:54:09+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2024-7883 | CMSE secure state may leak from stack to floating-point registers | 2024-10-01T07:00:00.000Z | 2025-12-24T01:05:01.000Z |
| msrc_cve-2025-68343 | can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:56.000Z |
| msrc_cve-2025-68340 | team: Move team device type change at the end of team_port_add | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:51.000Z |
| msrc_cve-2025-68342 | can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:45.000Z |
| msrc_cve-2025-68338 | net: dsa: microchip: Don't free uninitialized ksz_irq | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:35.000Z |
| msrc_cve-2025-68339 | atm/fore200e: Fix possible data race in fore200e_open() | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:29.000Z |
| msrc_cve-2025-38476 | rpl: Fix use-after-free in rpl_do_srh_inline(). | 2025-07-02T00:00:00.000Z | 2025-12-24T01:04:23.000Z |
| msrc_cve-2025-38474 | usb: net: sierra: check for no status endpoint | 2025-07-02T00:00:00.000Z | 2025-12-24T01:04:18.000Z |
| msrc_cve-2025-38473 | Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() | 2025-07-02T00:00:00.000Z | 2025-12-24T01:04:14.000Z |
| msrc_cve-2025-38470 | net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime | 2025-07-02T00:00:00.000Z | 2025-12-24T01:04:08.000Z |
| msrc_cve-2025-38468 | net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree | 2025-07-02T00:00:00.000Z | 2025-12-24T01:04:03.000Z |
| msrc_cve-2025-38467 | drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:58.000Z |
| msrc_cve-2025-38466 | perf: Revert to requiring CAP_SYS_ADMIN for uprobes | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:53.000Z |
| msrc_cve-2025-38465 | netlink: Fix wraparounds of sk->sk_rmem_alloc. | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:48.000Z |
| msrc_cve-2025-38464 | tipc: Fix use-after-free in tipc_conn_close(). | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:43.000Z |
| msrc_cve-2025-38462 | vsock: Fix transport_{g2h,h2g} TOCTOU | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:38.000Z |
| msrc_cve-2025-38461 | vsock: Fix transport_* TOCTOU | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:33.000Z |
| msrc_cve-2025-38460 | atm: clip: Fix potential null-ptr-deref in to_atmarpd(). | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:28.000Z |
| msrc_cve-2025-38459 | atm: clip: Fix infinite recursive call of clip_push(). | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:23.000Z |
| msrc_cve-2025-38458 | atm: clip: Fix NULL pointer dereference in vcc_sendmsg() | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:18.000Z |
| msrc_cve-2025-38457 | net/sched: Abort __tc_modify_qdisc if parent class does not exist | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:13.000Z |
| msrc_cve-2025-38448 | usb: gadget: u_serial: Fix race condition in TTY wakeup | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:08.000Z |
| msrc_cve-2025-38445 | md/raid1: Fix stack memory use after return in raid1_reshape | 2025-07-02T00:00:00.000Z | 2025-12-24T01:03:03.000Z |
| msrc_cve-2025-38444 | raid10: cleanup memleak at raid10_make_request | 2025-07-02T00:00:00.000Z | 2025-12-24T01:02:58.000Z |
| msrc_cve-2025-38443 | nbd: fix uaf in nbd_genl_connect() error path | 2025-07-02T00:00:00.000Z | 2025-12-24T01:02:53.000Z |
| msrc_cve-2025-38441 | netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() | 2025-07-02T00:00:00.000Z | 2025-12-24T01:02:49.000Z |
| msrc_cve-2025-38439 | bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT | 2025-07-02T00:00:00.000Z | 2025-12-24T01:02:43.000Z |
| msrc_cve-2025-38437 | ksmbd: fix potential use-after-free in oplock/lease break ack | 2025-07-02T00:00:00.000Z | 2025-12-24T01:02:38.000Z |
| msrc_cve-2025-62230 | Xorg: xwayland: use-after-free in xkb client resource removal | 2025-10-02T00:00:00.000Z | 2025-12-24T01:02:33.000Z |
| msrc_cve-2025-62231 | Xorg: xmayland: value overflow in xkbsetcompatmap() | 2025-10-02T00:00:00.000Z | 2025-12-24T01:02:28.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-329-04 | Opto 22 groov View | 2025-11-25T06:00:00.000000Z | 2025-11-25T06:00:00.000000Z |
| icsa-25-324-06 | Emerson Appleton UPSMON-PRO | 2025-11-20T07:00:00.000000Z | 2025-11-20T07:00:00.000000Z |
| icsa-25-324-01 | Automated Logic WebCTRL Premium Server | 2025-11-20T07:00:00.000000Z | 2025-11-20T07:00:00.000000Z |
| icsa-25-324-03 | Opto 22 GRV-EPIC and groov RIO | 2025-11-20T06:00:00.000000Z | 2025-11-20T06:00:00.000000Z |
| icsa-25-324-02 | ICAM365 CCTV Camera Multiple Models | 2025-11-20T06:00:00.000000Z | 2025-11-20T06:00:00.000000Z |
| icsa-25-322-05 | METZ CONNECT EWIO2 | 2025-11-18T12:00:00.000000Z | 2025-11-18T12:00:00.000000Z |
| icsa-25-322-03 | Shelly Pro 3EM | 2025-11-18T07:00:00.000000Z | 2025-11-18T07:00:00.000000Z |
| icsa-25-322-02 | Shelly Pro 4PM | 2025-11-18T07:00:00.000000Z | 2025-11-18T07:00:00.000000Z |
| icsa-25-317-12 | Siemens Spectrum Power 4 | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-11 | Siemens SICAM P850 family and SICAM P855 family | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-10 | *Rockwell Automation AADvance-Trusted SIS Workstation * | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-09 | Rockwell Automation FactoryTalk Policy Manager | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-07 | Rockwell Automation FactoryTalk DataMosaix Private Cloud | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-06 | Rockwell Automation Studio 5000 Simulation Interface | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-05 | Rockwell Automation Verve Asset Manager | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-04 | Brightpick Mission Control / Internal Logic Control | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-03 | AVEVA Edge | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-02 | AVEVA Application Server IDE | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-01 | Mitsubishi Electric MELSEC iQ-F Series | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-273-04 | Festo Controller CECC-S,-LK,-D Family Firmware (Update A) | 2025-09-30T06:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-322-04 | Schneider Electric PowerChute Serial Shutdown | 2025-11-11T08:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-322-01 | Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio | 2025-11-11T08:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-224-03 | Schneider Electric EcoStruxure Power Monitoring Expert | 2025-08-12T04:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-317-17 | Siemens Software Center and Solid Edge | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-16 | Siemens Altair Grid Engine | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-15 | Siemens COMOS | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-14 | Siemens Solid Edge | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-13 | Siemens LOGO! 8 BM Devices | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-17 | Siemens RUGGEDCOM ROX II | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-15 | Siemens Mendix OIDC SSO | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ise-file-upload-qksx6c8g | Cisco Identity Services Engine Arbitrary File Upload Vulnerability | 2025-08-20T16:00:00+00:00 | 2025-08-20T16:43:01+00:00 |
| cisco-sa-pi-epnm-tet4gxbx | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Sensitive Information Disclosure Vulnerability | 2025-08-20T16:00:00+00:00 | 2025-08-20T16:00:00+00:00 |
| cisco-sa-authproxlog-sxczxq63 | Cisco Duo Authentication Proxy Information Disclosure Vulnerability | 2025-08-20T16:00:00+00:00 | 2025-08-20T16:00:00+00:00 |
| cisco-sa-20180328-smi2 | Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability | 2018-03-28T16:00:00+00:00 | 2025-08-20T14:26:26+00:00 |
| cisco-sa-asaftd-ssltls-dos-ehw76vze | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-19T16:32:05+00:00 |
| cisco-sa-ftd-ravpn-geobypass-9h38m37z | Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-ftd-dos-svkhtjgt | Cisco Secure Firewall Threat Defense Software Snort 3 Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-xss-jtnmcusp | Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-xpathinj-corthdmb | Cisco Secure Firewall Management Center Software XPATH Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-radius-rce-tnbkf79 | Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-html-inj-mqjrzrny | Cisco Secure Firewall Management Center Software HTML Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-ftd-cmdinj-phe7kmt | Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-cmd-inj-hcrlpfyn | Cisco Secure Firewall Management Center Software Command Injection Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-fmc-authz-bypass-m7xhnau | Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-vpnwebs-dos-hjbhmbsx | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-vpn-dos-mfpeka6e | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-nat-dns-dos-bqhynhtm | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-http-file-huyx2jl4 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-dhcp-qj7ngs4n | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software DHCP Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asaftd-cmdinj-vehfezq3 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asa-ftd-ios-dos-doeshwhy | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asa-ftd-acl-bypass-mtpze9yh | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Rules Bypass Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-asa-buffer-overflow-pyruhwbc | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-08-14T16:00:00+00:00 |
| cisco-sa-webex-join-ynxfqhk4 | Cisco Webex Meeting Client Join Certificate Validation Vulnerability | 2025-08-06T16:00:00+00:00 | 2025-08-06T16:00:00+00:00 |
| cisco-sa-ise_xss_acc_cont-ysr4ut4u | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities | 2025-08-06T16:00:00+00:00 | 2025-08-06T16:00:00+00:00 |
| cisco-sa-20170629-snmp | SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software | 2017-06-29T16:00:00+00:00 | 2025-07-30T16:27:06+00:00 |
| cisco-sa-ise-unauth-rce-zad2gnj6 | Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities | 2025-06-25T16:00:00+00:00 | 2025-07-24T23:30:31+00:00 |
| cisco-sa-piepnm-bsi-25jjqsbb | Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-ise-multi-3vpsxoxo | Cisco Identity Services Engine Authenticated Remote Code Execution and Authorization Bypass Vulnerabilities | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-cuis-ssrf-jsudjev | Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| SCA-2022-0008 | Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0007 | Vulnerabilities in SICK MARSIC300 | 2022-04-21T15:00:00.000Z | 2022-04-21T15:00:00.000Z |
| SCA-2022-0007 | Vulnerabilities in SICK MARSIC300 | 2022-04-21T15:00:00.000Z | 2022-04-21T15:00:00.000Z |
| sca-2022-0006 | Vulnerability in SICK MSC800 | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0005 | Vulnerability in SICK Overall Equipment Effectiveness (OEE) | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| SCA-2022-0006 | Vulnerability in SICK MSC800 | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| SCA-2022-0005 | Vulnerability in SICK Overall Equipment Effectiveness (OEE) | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0004 | Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC | 2022-04-11T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0003 | Vulnerabilities in SICK FTMg | 2022-03-31T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| SCA-2022-0004 | Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC | 2022-04-11T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| SCA-2022-0003 | Vulnerabilities in SICK FTMg | 2022-03-31T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0002 | PwnKit vulnerability affects multiple SICK IPCs | 2022-02-23T16:00:00.000Z | 2022-02-23T16:00:00.000Z |
| SCA-2022-0002 | PwnKit vulnerability affects multiple SICK IPCs | 2022-02-23T16:00:00.000Z | 2022-02-23T16:00:00.000Z |
| sca-2022-0001 | Vulnerability in SICK FieldEcho | 2022-02-17T16:00:00.000Z | 2022-02-17T16:00:00.000Z |
| SCA-2022-0001 | Vulnerability in SICK FieldEcho | 2022-02-17T16:00:00.000Z | 2022-02-17T16:00:00.000Z |
| sca-2021-0003 | SICK Security Advisory for Apache Log4j (CVE-2021-44228) | 2021-12-14T17:00:00.000Z | 2021-12-17T12:00:00.000Z |
| SCA-2021-0003 | SICK Security Advisory for Apache Log4j (CVE-2021-44228) | 2021-12-14T17:00:00.000Z | 2021-12-17T12:00:00.000Z |
| sca-2021-0004 | Vulnerabilities in SICK SOPAS ET | 2021-12-16T08:00:00.000Z | 2021-12-17T08:00:00.000Z |
| SCA-2021-0004 | Vulnerabilities in SICK SOPAS ET | 2021-12-16T08:00:00.000Z | 2021-12-17T08:00:00.000Z |
| sca-2021-0002 | MEAC affected by Windows SMBv1 vulnerability | 2021-08-04T10:00:00.000Z | 2021-08-04T10:00:00.000Z |
| SCA-2021-0002 | MEAC affected by Windows SMBv1 vulnerability | 2021-08-04T10:00:00.000Z | 2021-08-04T10:00:00.000Z |
| sca-2021-0001 | Inadequate SSH configuration in SICK Visionary-S CX | 2021-06-25T10:00:00.000Z | 2021-06-25T10:00:00.000Z |
| SCA-2021-0001 | Inadequate SSH configuration in SICK Visionary-S CX | 2021-06-25T10:00:00.000Z | 2021-06-25T10:00:00.000Z |
| sca-2020-0005 | Package Analytics affected by Windows TCP/IP vulnerability | 2020-10-29T11:00:00.000Z | 2020-10-29T11:00:00.000Z |
| SCA-2020-0005 | Package Analytics affected by Windows TCP/IP vulnerability | 2020-10-29T11:00:00.000Z | 2020-10-29T11:00:00.000Z |
| sca-2020-0004 | Vulnerability in Platform Mechanism AutoIP | 2020-08-31T10:00:00.000Z | 2020-08-31T10:00:00.000Z |
| SCA-2020-0004 | Vulnerability in Platform Mechanism AutoIP | 2020-08-31T10:00:00.000Z | 2020-08-31T10:00:00.000Z |
| sca-2020-0003 | MEAC affected by Windows SMBv3 vulnerability | 2020-08-07T10:00:00.000Z | 2020-08-07T10:00:00.000Z |
| SCA-2020-0003 | MEAC affected by Windows SMBv3 vulnerability | 2020-08-07T10:00:00.000Z | 2020-08-07T10:00:00.000Z |
| sca-2020-0002 | Vulnerabilities in SICK Package Analytics | 2020-08-07T10:00:00.000Z | 2020-07-28T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| NN-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2022:2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2022:2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023_16-01 | Path traversal via 'zip slip' in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023_14-01 | Unsafe temporary data privileges on Unix systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023_13-01 | Missing authentication for local web interface in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023_1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023:5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023:16-01 | Path traversal via 'zip slip' in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023:14-01 | Unsafe temporary data privileges on Unix systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023:13-01 | Missing authentication for local web interface in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2023:1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2021_2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2021_1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2021:2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2021:1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2020_3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2020_2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2020:3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2020:2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2019_2-01 | CSV Injection on node label | 2019-11-11T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2019_1-01 | Stored XSS in field name data model | 2019-11-11T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2019:2-01 | CSV Injection on node label | 2019-11-11T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| nn-2019:1-01 | Stored XSS in field name data model | 2019-11-11T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2023:5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2023:16-01 | Path traversal via 'zip slip' in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2023:14-01 | Unsafe temporary data privileges on Unix systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2023:13-01 | Missing authentication for local web interface in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2023:1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-202106-0541 | A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists i… | 2024-11-29T22:41:05.395000Z |
| var-201404-0398 | Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an… | 2024-11-29T22:40:03.814000Z |
| var-201512-0325 | The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml… | 2024-11-29T22:39:27.935000Z |
| var-201110-0442 | ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial… | 2024-11-29T22:39:20.695000Z |
| var-202108-1249 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed … | 2024-11-29T22:39:20.492000Z |
| var-201908-0266 | Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a den… | 2024-11-29T22:39:19.970000Z |
| var-201401-0010 | The get_free_port function in Xen allows local authenticated DomU users to cause a denial… | 2024-11-29T22:39:13.941000Z |
| var-201903-0441 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T22:39:13.461000Z |
| var-202205-1313 | A memory corruption issue was addressed with improved state management. This issue is fix… | 2024-11-29T22:39:12.582000Z |
| var-202104-0160 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is f… | 2024-11-29T22:39:12.341000Z |
| var-201912-0584 | A memory corruption issue was addressed with improved input validation. This issue is fix… | 2024-11-29T22:39:12.042000Z |
| var-202010-1294 | A use after free issue was addressed with improved memory management. This issue is fixed… | 2024-11-29T22:39:02.841000Z |
| var-201505-0337 | The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorit… | 2024-11-29T22:38:58.066000Z |
| var-202206-1157 | Incomplete cleanup in specific special register write operations for some Intel(R) Proces… | 2024-11-29T22:38:27.104000Z |
| var-201912-0589 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T22:38:26.505000Z |
| var-202201-0304 | A logic issue was addressed with improved state management. This issue is fixed in iOS 15… | 2024-11-29T22:38:25.432000Z |
| var-202203-0129 | A cookie management issue was addressed with improved state management. This issue is fix… | 2024-11-29T22:38:19.652000Z |
| var-201103-0294 | Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800… | 2024-11-29T22:38:19.331000Z |
| var-202210-0997 | An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML docum… | 2024-11-29T22:38:18.877000Z |
| var-202105-0131 | A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packe… | 2024-11-29T22:37:42.279000Z |
| var-201210-0272 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2024-11-29T22:37:41.281000Z |
| var-201904-1323 | A memory corruption issue was addressed with improved memory handling. This issue affecte… | 2024-11-29T22:37:41.181000Z |
| var-200604-0209 | Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote att… | 2024-11-29T22:37:40.335000Z |
| var-200809-0184 | Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-passwo… | 2024-11-29T22:37:38.416000Z |
| var-200110-0170 | The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Cry… | 2024-11-29T22:37:36.551000Z |
| var-201509-0438 | Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C L… | 2024-11-29T22:37:33.901000Z |
| var-202003-1785 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between seriali… | 2024-11-29T22:37:30.055000Z |
| var-201912-0593 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T22:36:43.180000Z |
| var-201009-0241 | Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10… | 2024-11-29T22:36:42.881000Z |
| var-201912-0605 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T22:36:42.789000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-014081 | Multiple Brother and its OEM products with weak initial administrator passwords | 2025-09-19T10:52+09:00 | 2025-09-19T10:52+09:00 |
| jvndb-2025-000079 | UNIVERGE IX/IX-R/IX-V series routers provided by NEC Corporation vulnerable to cross-site scripting | 2025-09-18T17:43+09:00 | 2025-09-18T17:43+09:00 |
| jvndb-2025-000078 | Century HW RAID Manager registers a Windows service with an unquoted file path | 2025-09-17T13:45+09:00 | 2025-09-17T13:45+09:00 |
| jvndb-2025-000048 | WTW-EAGLE App vulnerable to improper server certificate validation | 2025-09-12T13:57+09:00 | 2025-09-12T13:57+09:00 |
| jvndb-2025-000070 | "Gunosy" App vulnerable to insertion of sensitive information into sent data | 2025-09-02T14:20+09:00 | 2025-09-09T09:51+09:00 |
| jvndb-2025-000072 | Obsidian GitHub Copilot Plugin stores sensitive information in cleartext | 2025-09-05T16:52+09:00 | 2025-09-05T16:52+09:00 |
| jvndb-2025-000073 | RATOC RAID Monitoring Manager for Windows registers a Windows service with an unquoted file path | 2025-09-05T16:20+09:00 | 2025-09-05T16:20+09:00 |
| jvndb-2025-000071 | "Yahoo! Shopping" App for Android fails to restrict custom URL schemes properly | 2025-09-05T15:12+09:00 | 2025-09-05T15:12+09:00 |
| jvndb-2025-000075 | Multiple vulnerabilities in TkEasyGUI | 2025-09-05T14:53+09:00 | 2025-09-05T14:53+09:00 |
| jvndb-2025-000069 | Web Caster V130 vulnerable to cross-site request forgery | 2025-09-03T14:23+09:00 | 2025-09-03T14:23+09:00 |
| jvndb-2025-000068 | Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection | 2025-09-01T16:21+09:00 | 2025-09-01T16:21+09:00 |
| jvndb-2025-012659 | Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series | 2025-09-01T15:22+09:00 | 2025-09-01T15:22+09:00 |
| jvndb-2025-000067 | Multiple vulnerabilities in multiple iND products | 2025-08-29T14:47+09:00 | 2025-08-29T14:47+09:00 |
| jvndb-2025-000064 | Multiple vulnerabilities in SS1 | 2025-08-27T15:13+09:00 | 2025-08-27T15:13+09:00 |
| jvndb-2025-000065 | ScanSnap Manager installers vulnerable to privilege escalation | 2025-08-27T14:22+09:00 | 2025-08-27T14:22+09:00 |
| jvndb-2025-011884 | FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation | 2025-08-21T11:49+09:00 | 2025-08-25T10:38+09:00 |
| jvndb-2025-000063 | Western Digital Kitfox registers a Windows service with an unquoted file path | 2025-08-22T13:37+09:00 | 2025-08-22T13:37+09:00 |
| jvndb-2025-000062 | Multiple vulnerabilities in Group-Office | 2025-08-21T14:03+09:00 | 2025-08-21T14:03+09:00 |
| jvndb-2025-000061 | Multiple vulnerabilities in Movable Type | 2025-08-20T15:30+09:00 | 2025-08-20T15:30+09:00 |
| jvndb-2025-000059 | Seagate Toolkit registers a Windows service with an unquoted file path | 2025-08-14T12:32+09:00 | 2025-08-19T14:40+09:00 |
| jvndb-2025-010854 | Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection | 2025-08-07T12:25+09:00 | 2025-08-19T11:36+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-000060 | PgManage vulnerable to injection | 2025-08-18T13:40+09:00 | 2025-08-18T13:40+09:00 |
| jvndb-2025-000058 | WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection | 2025-08-08T15:29+09:00 | 2025-08-08T15:29+09:00 |
| jvndb-2025-010972 | Multiple SEIKO EPSON products use weak initial passwords | 2025-08-08T14:50+09:00 | 2025-08-08T14:50+09:00 |
| jvndb-2025-000057 | Multiple vulnerabilities in Mubit Powered BLUE 870 | 2025-08-08T14:47+09:00 | 2025-08-08T14:47+09:00 |
| jvndb-2025-000056 | Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series | 2025-08-06T16:38+09:00 | 2025-08-06T16:38+09:00 |
| jvndb-2025-010603 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs | 2025-08-05T11:29+09:00 | 2025-08-05T11:29+09:00 |
| jvndb-2025-010408 | Multiple vulnerabilities in PowerCMS | 2025-08-01T12:05+09:00 | 2025-08-01T12:05+09:00 |
| jvndb-2025-000055 | ZXHN-F660T and ZXHN-F660A use a common credential for all installations | 2025-07-31T15:12+09:00 | 2025-07-31T15:12+09:00 |
| ID | Description | Updated |
|---|