Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-r64v-2m5c-fmx7 | Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-m2m8-9ppp-q3c7 | Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to cha… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-jmmc-j836-r5v7 | Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-gpch-6qpg-rp8g | Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-g4f4-x2rq-h8g8 | Ecessa ShieldLink SL175EHQ 10.7.4 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-fv28-hc36-43g9 | GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allo… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-cm58-6j6x-c433 | Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows au… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-9wqg-38fc-34m9 | Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated atta… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-86rg-f667-jpq7 | Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to c… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-64rh-68mc-5mmx | Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attac… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-5cqx-px25-wv82 | Ecessa Edge EV150 10.7.4 contains a cross-site request forgery vulnerability that allows attackers … | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-3fjq-mm23-rr9w | Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability tha… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-x747-j9vr-9hhj | Synaccess netBooter NP-0801DU 7.4 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-rjwj-m7w5-fr82 | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote atta… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-h2gq-4xqf-ccqf | FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their … | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-ghwc-hrr9-vj2w | NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE)… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-f9jj-8x8f-vvx3 | Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNew… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-cph6-mwmj-r2r8 | FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers … | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-c68w-pf33-46g8 | FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attack… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-8j6v-82x4-pg34 | FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be ch… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-8hvh-73q5-g7pg | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig RES… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-58r7-rx7j-5v4g | Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers t… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-x4fw-5929-5227 | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerabi… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-wx69-963x-88g9 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ghsa-wcqx-pwqh-x4mj | SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilitie… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-w77q-cf84-7mcq | Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-w… | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ghsa-vvm7-2r5j-f59p | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ghsa-r8pj-6rqm-3whh | IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker b… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-r7mr-v7hp-8j95 | Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Five Star Restaurant Reservations res… | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ghsa-m662-6p96-4253 | SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-14932 | 7.8 (v3.0) | NSF Unidata NetCDF-C Time Unit Stack-based Buffer Over… |
NSF Unidata |
NetCDF-C |
2025-12-23T21:11:17.340Z | 2025-12-26T19:34:14.913Z |
| cve-2025-14933 | 7.8 (v3.0) | NSF Unidata NetCDF-C NC Variable Integer Overflow Remo… |
NSF Unidata |
NetCDF-C |
2025-12-23T21:09:15.230Z | 2025-12-26T19:33:58.950Z |
| cve-2025-14934 | 7.8 (v3.0) | NSF Unidata NetCDF-C Variable Name Stack-based Buffer … |
NSF Unidata |
NetCDF-C |
2025-12-23T21:09:09.693Z | 2025-12-26T19:33:30.294Z |
| cve-2025-15094 | sunkaifei FlyCMS User Login UserController.java userLo… |
sunkaifei |
FlyCMS |
2025-12-26T01:32:06.271Z | 2025-12-26T19:32:41.210Z | |
| cve-2025-15095 | postmanlabs httpbin core.py cross site scripting |
postmanlabs |
httpbin |
2025-12-26T02:02:07.191Z | 2025-12-26T19:32:01.296Z | |
| cve-2025-68941 | 4.9 (v3.1) | Gitea before 1.22.3 mishandles access to a privat… |
Gitea |
Gitea |
2025-12-26T02:31:59.031Z | 2025-12-26T19:31:33.303Z |
| cve-2025-15097 | Alteryx Server status improper authentication |
Alteryx |
Server |
2025-12-26T02:32:05.819Z | 2025-12-26T19:30:52.340Z | |
| cve-2025-68942 | 5.4 (v3.1) | Gitea before 1.22.2 allows XSS because the search… |
Gitea |
Gitea |
2025-12-26T02:50:35.144Z | 2025-12-26T19:30:04.360Z |
| cve-2025-15098 | YunaiV yudao-cloud Business Process Management BpmSync… |
YunaiV |
yudao-cloud |
2025-12-26T03:02:06.492Z | 2025-12-26T19:29:29.970Z | |
| cve-2025-68943 | 5.3 (v3.1) | Gitea before 1.21.8 inadvertently discloses users… |
Gitea |
Gitea |
2025-12-26T03:19:45.242Z | 2025-12-26T19:28:57.206Z |
| cve-2025-68944 | 5 (v3.1) | Gitea before 1.22.2 sometimes mishandles the prop… |
Gitea |
Gitea |
2025-12-26T03:37:28.693Z | 2025-12-26T19:28:23.900Z |
| cve-2025-52601 | 6.3 (v4.0) | Hardcoding sensitive information |
Hanwha Vision Co., Ltd. |
Device Manager |
2025-12-26T04:29:25.830Z | 2025-12-26T19:27:44.838Z |
| cve-2025-13158 | 9.3 (v4.0) | apidoc-core - prototype pollution in api_group.js, api… |
apiDoc |
apidoc-core |
2025-12-26T16:00:27.208Z | 2025-12-26T19:26:12.935Z |
| cve-2025-68946 | 5.4 (v3.1) | In Gitea before 1.20.1, a forbidden URL scheme su… |
Gitea |
Gitea |
2025-12-26T04:14:03.775Z | 2025-12-26T18:59:45.647Z |
| cve-2025-68945 | 5.8 (v3.1) | In Gitea before 1.21.2, an anonymous user can vis… |
Gitea |
Gitea |
2025-12-26T03:58:46.724Z | 2025-12-26T18:59:29.985Z |
| cve-2025-68940 | 3.1 (v3.1) | In Gitea before 1.22.5, branch deletion permissio… |
Gitea |
Gitea |
2025-12-26T02:14:52.076Z | 2025-12-26T18:57:56.965Z |
| cve-2025-68939 | 8.2 (v3.1) | Gitea before 1.23.0 allows attackers to add attac… |
Gitea |
Gitea |
2025-12-26T02:03:59.691Z | 2025-12-26T18:57:27.065Z |
| cve-2025-68938 | 4.3 (v3.1) | Gitea before 1.25.2 mishandles authorization for … |
Gitea |
Gitea |
2025-12-26T01:19:10.609Z | 2025-12-26T18:53:35.494Z |
| cve-2024-44065 | N/A | Time-based blind SQL Injection vulnerability in C… |
n/a |
n/a |
2025-12-26T00:00:00.000Z | 2025-12-26T18:35:58.415Z |
| cve-2025-24148 | N/A | This issue was addressed with improved handling o… |
Apple |
macOS |
2025-03-31T22:22:20.776Z | 2025-12-26T16:48:50.913Z |
| cve-2025-43296 | N/A | A logic issue was addressed with improved validat… |
Apple |
macOS |
2025-10-09T20:50:48.673Z | 2025-12-26T16:44:12.881Z |
| cve-2025-43348 | N/A | A logic issue was addressed with improved validat… |
Apple |
macOS |
2025-11-04T01:17:30.602Z | 2025-12-26T16:42:24.746Z |
| cve-2025-46291 | N/A | A logic issue was addressed with improved validat… |
Apple |
macOS |
2025-12-17T20:47:01.439Z | 2025-12-26T16:41:07.010Z |
| cve-2025-15082 | TOZED ZLT M30s Web Management proc_post information di… |
TOZED |
ZLT M30s |
2025-12-25T17:02:09.345Z | 2025-12-26T16:37:54.066Z | |
| cve-2025-15081 | JD Cloud BE6500 jdcapi sub_4780 command injection |
JD |
Cloud BE6500 |
2025-12-25T15:02:06.546Z | 2025-12-26T16:37:10.227Z | |
| cve-2025-2405 | 7.6 (v3.1) | XSS in Verisay Communication's Titarus |
Verisay Communication and Information Technology Industry and Trade Ltd. Co. |
Titarus |
2025-12-25T13:10:25.121Z | 2025-12-26T16:36:33.283Z |
| cve-2025-15073 | itsourcecode Online Frozen Foods Ordering System conta… |
itsourcecode |
Online Frozen Foods Ordering System |
2025-12-24T23:02:07.917Z | 2025-12-26T16:35:30.166Z | |
| cve-2025-15074 | itsourcecode Online Frozen Foods Ordering System custo… |
itsourcecode |
Online Frozen Foods Ordering System |
2025-12-25T02:32:06.261Z | 2025-12-26T16:34:54.287Z | |
| cve-2025-15075 | itsourcecode Student Management System student_p.php s… |
itsourcecode |
Student Management System |
2025-12-25T03:02:06.320Z | 2025-12-26T16:34:21.922Z | |
| cve-2025-15076 | Tenda CH22 public path traversal |
Tenda |
CH22 |
2025-12-25T03:32:06.775Z | 2025-12-26T16:33:52.331Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15192 | D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 c… |
D-Link |
DWR-M920 |
2025-12-29T14:32:08.392Z | 2025-12-29T16:11:38.000Z | |
| cve-2025-15191 | D-Link DWR-M920 formLtefotaUpgradeFibocom sub_4155B4 c… |
D-Link |
DWR-M920 |
2025-12-29T14:02:07.207Z | 2025-12-29T14:26:08.160Z | |
| cve-2025-15190 | D-Link DWR-M920 formFilter sub_42261C stack-based overflow |
D-Link |
DWR-M920 |
2025-12-29T13:32:08.616Z | 2025-12-29T14:26:52.164Z | |
| cve-2025-15189 | D-Link DWR-M920 formDefRoute sub_464794 buffer overflow |
D-Link |
DWR-M920 |
2025-12-29T13:02:11.742Z | 2025-12-29T13:15:00.973Z | |
| cve-2025-36154 | 6.2 (v3.1) | IBM Concert Software Cleartext Storage in a File or on Disk. |
IBM |
Concert |
2025-12-24T19:01:48.161Z | 2025-12-24T20:02:34.098Z |
| cve-2025-15143 | EyouCMS Backend Template Management FilemanagerLogic.p… |
n/a |
EyouCMS |
2025-12-28T16:02:08.347Z | 2025-12-29T16:24:22.854Z | |
| cve-2020-36902 | 9.3 (v4.0) | UBICOD Medivision Digital Signage 1.5.1 Authorization … |
UBICOD Co., Ltd. | MEDIVISION INC. |
UBICOD Medivision Digital Signage |
2025-12-10T21:05:41.753Z | 2025-12-11T18:52:29.859Z |
| cve-2025-67809 | N/A | An issue was discovered in Zimbra Collaboration (… |
n/a |
n/a |
2025-12-15T00:00:00.000Z | 2025-12-15T20:17:26.355Z |
| cve-2020-36901 | 8.6 (v4.0) | UBICOD Medivision Digital Signage 1.5.1 Cross-Site Req… |
UBICOD Co., Ltd. | MEDIVISION INC. |
UBICOD Medivision Digital Signage |
2025-12-10T21:05:21.945Z | 2025-12-11T18:52:35.866Z |
| cve-2025-55703 | An error-based SQL injection vulnerability exists… |
n/a |
n/a |
2025-12-15T00:00:00.000Z | 2025-12-15T20:08:08.419Z | |
| cve-2019-25243 | 8.7 (v4.0) 8.8 (v3.1) | FaceSentry 6.4.8 Authenticated Remote Command Injectio… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.965Z | 2025-12-24T20:23:05.664Z |
| cve-2025-66587 | N/A | {'providerMetadata': {'orgId': '7d14cffa-0d7d-4270-9dc0-52cabd5a23a6', 'shortName': 'icscert', 'dateUpdated': '2025-12-30T19:53:41.641Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-12-11T20:53:08.409Z | 2025-12-30T19:53:41.641Z |
| cve-2025-66584 | N/A | {'providerMetadata': {'orgId': '7d14cffa-0d7d-4270-9dc0-52cabd5a23a6', 'shortName': 'icscert', 'dateUpdated': '2025-12-30T19:53:19.816Z'}, 'rejectedReasons': [{'lang': 'en', 'supportingMedia': [{'base64': False, 'type': 'text/html', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'x_generator': {'engine': 'Vulnogram 0.1.0-dev'}} | N/A | N/A | 2025-12-11T20:58:53.846Z | 2025-12-30T19:53:19.816Z |
| cve-2019-25242 | 5.1 (v4.0) 4.3 (v3.1) | FaceSentry Access Control System 6.4.8 Cross-Site Requ… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.523Z | 2025-12-24T20:23:12.300Z |
| cve-2025-14860 | N/A | Use-after-free in the Disability Access APIs component |
Mozilla |
Firefox |
2025-12-18T14:21:13.483Z | 2025-12-19T20:35:53.096Z |
| cve-2025-14861 | N/A | Memory safety bugs fixed in Firefox 146.0.1 |
Mozilla |
Firefox |
2025-12-18T14:21:14.680Z | 2025-12-20T04:56:38.874Z |
| cve-2025-63757 | N/A | Integer overflow vulnerability in the yuv2ya16_X_… |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-18T19:31:22.092Z |
| cve-2025-63386 | N/A | A Cross-Origin Resource Sharing (CORS) misconfigu… |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-19T21:24:32.281Z |
| cve-2025-63388 | N/A | A Cross-Origin Resource Sharing (CORS) misconfigu… |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-19T21:29:11.310Z |
| cve-2025-63389 | N/A | A critical authentication bypass vulnerability ex… |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-19T18:02:03.129Z |
| cve-2025-63390 | N/A | An authentication bypass vulnerability exists in … |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-19T21:27:10.654Z |
| cve-2025-63391 | N/A | An authentication bypass vulnerability exists in … |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-18T17:51:07.483Z |
| cve-2025-68469 | ImageMagick vulnerable to heap-buffer-overflow |
ImageMagick |
ImageMagick |
2025-12-18T15:36:28.304Z | 2025-12-18T15:52:40.496Z | |
| cve-2025-56157 | N/A | Default credentials in Dify thru 1.5.1. PostgreSQ… |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-19T18:01:55.823Z |
| cve-2025-59949 | FreshRSS has Logout CSRF that Leads to DoS via <track src> |
FreshRSS |
FreshRSS |
2025-12-18T18:31:54.524Z | 2025-12-18T19:19:35.478Z | |
| cve-2024-58313 | 8.6 (v4.0) | xbtitFM 4.1.18 Insecure File Upload in file_hosting Feature |
xbtitfm |
xbtitFM |
2025-12-11T21:43:12.094Z | 2025-12-16T16:31:05.510Z |
| cve-2024-58312 | 8.7 (v4.0) | xbtitFM 4.1.18 Unauthenticated Path Traversal in nfogen.php |
xbtitfm |
xbtitFM |
2025-12-11T21:42:57.485Z | 2025-12-16T16:31:09.963Z |
| cve-2024-58309 | 8.7 (v4.0) | xbtitFM 4.1.18 Unauthenticated SQL Injection in shoute… |
xbtitfm |
xbtitFM |
2025-12-11T21:42:23.320Z | 2025-12-16T16:31:19.233Z |
| cve-2025-14709 | Shiguangwu sgwbox N3 WIRELESSCFGGET http_eshell_server… |
Shiguangwu |
sgwbox N3 |
2025-12-15T07:02:07.039Z | 2025-12-15T17:33:08.135Z | |
| cve-2025-63387 | N/A | Dify v1.9.1 is vulnerable to Insecure Permissions… |
n/a |
n/a |
2025-12-18T00:00:00.000Z | 2025-12-19T18:01:50.697Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-36154 | IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker b… | 2025-12-24T19:15:44.333 | 2025-12-30T20:35:00.550 |
| fkie_cve-2025-15143 | A security flaw has been discovered in EyouCMS up to 1.7.6. The affected element is an unknown func… | 2025-12-28T16:15:51.467 | 2025-12-30T20:31:31.950 |
| fkie_cve-2020-36902 | UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows … | 2025-12-10T21:16:03.037 | 2025-12-30T20:31:06.793 |
| fkie_cve-2025-67809 | An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A hardcoded Flickr API key and… | 2025-12-15T20:15:52.103 | 2025-12-30T20:30:14.527 |
| fkie_cve-2020-36901 | UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that al… | 2025-12-10T21:16:02.847 | 2025-12-30T20:30:12.703 |
| fkie_cve-2025-55703 | An error-based SQL injection vulnerability exists in the Sunbird Power IQ 9.2.0 API. The vulnerabil… | 2025-12-15T20:15:51.607 | 2025-12-30T20:28:27.717 |
| fkie_cve-2019-25243 | FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php a… | 2025-12-24T20:15:52.310 | 2025-12-30T20:19:32.513 |
| fkie_cve-2025-66587 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-12-11T21:15:57.733 | 2025-12-30T20:16:01.160 |
| fkie_cve-2025-66584 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-12-11T21:15:57.263 | 2025-12-30T20:16:00.837 |
| fkie_cve-2019-25242 | FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that all… | 2025-12-24T20:15:52.150 | 2025-12-30T20:14:33.950 |
| fkie_cve-2025-14860 | Use-after-free in the Disability Access APIs component. This vulnerability affects Firefox < 146.0.1. | 2025-12-18T15:15:53.057 | 2025-12-30T20:05:41.570 |
| fkie_cve-2025-14861 | Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption … | 2025-12-18T15:15:53.157 | 2025-12-30T20:05:07.467 |
| fkie_cve-2025-63757 | Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmp… | 2025-12-18T15:15:56.750 | 2025-12-30T20:04:35.607 |
| fkie_cve-2025-63386 | A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the … | 2025-12-18T16:15:54.533 | 2025-12-30T20:02:54.327 |
| fkie_cve-2025-63388 | A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the … | 2025-12-18T16:15:54.650 | 2025-12-30T20:01:16.307 |
| fkie_cve-2025-63389 | A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in version… | 2025-12-18T16:15:54.760 | 2025-12-30T20:00:32.400 |
| fkie_cve-2025-63390 | An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endp… | 2025-12-18T16:15:54.867 | 2025-12-30T19:59:45.083 |
| fkie_cve-2025-63391 | An authentication bypass vulnerability exists in Open-WebUI <=0.6.32 in the /api/config endpoint. T… | 2025-12-18T16:15:54.983 | 2025-12-30T19:58:55.447 |
| fkie_cve-2025-68469 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prio… | 2025-12-18T16:15:57.700 | 2025-12-30T19:56:36.630 |
| fkie_cve-2025-56157 | Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-co… | 2025-12-18T19:16:26.687 | 2025-12-30T19:54:42.977 |
| fkie_cve-2025-59949 | FreshRSS is a free, self-hostable RSS aggregator. Versions prior to 1.27.1 have a logout cross-site… | 2025-12-18T19:16:30.847 | 2025-12-30T19:52:57.570 |
| fkie_cve-2024-58313 | xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers w… | 2025-12-11T22:15:52.943 | 2025-12-30T19:51:17.830 |
| fkie_cve-2024-58312 | xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to acc… | 2025-12-11T22:15:52.790 | 2025-12-30T19:51:08.650 |
| fkie_cve-2024-58309 | xbtitFM 4.1.18 contains an unauthenticated SQL injection vulnerability that allows remote attackers… | 2025-12-11T22:15:52.487 | 2025-12-30T19:50:50.680 |
| fkie_cve-2025-14709 | A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue i… | 2025-12-15T07:15:51.520 | 2025-12-30T19:45:54.163 |
| fkie_cve-2025-63387 | Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HT… | 2025-12-18T19:16:33.157 | 2025-12-30T19:39:12.797 |
| fkie_cve-2023-44475 | Cross-Site Request Forgery (CSRF) vulnerability in Michael Simpson Add Shortcodes Actions And Filte… | 2023-10-10T15:15:10.320 | 2025-12-30T19:38:28.437 |
| fkie_cve-2025-15048 | A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the fil… | 2025-12-23T23:15:44.167 | 2025-12-30T19:29:50.420 |
| fkie_cve-2025-15047 | A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown function of the file /go… | 2025-12-23T22:15:51.860 | 2025-12-30T19:29:29.563 |
| fkie_cve-2025-15046 | A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function… | 2025-12-23T22:15:51.677 | 2025-12-30T19:29:13.577 |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2013-32 | cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP qu… | suds | 2013-09-23T20:55:00Z | 2022-09-08T23:05:05.113905Z |
| pysec-2017-83 | Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via … | scrapy | 2017-09-05T17:29:00Z | 2022-09-08T23:05:04.997181Z |
| pysec-2022-261 | In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow c… | apache-airflow | 2022-09-02T07:15:00Z | 2022-09-08T22:36:09.971521Z |
| pysec-2022-260 | Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when u… | mako | 2022-09-07T13:15:00Z | 2022-09-07T14:38:27.809318Z |
| pysec-2022-259 | An attacker who obtains a JWT can arbitrarily forge its contents without knowing the secr… | python-jwt | 2022-09-01T18:51:51Z | 2022-09-05T01:24:44.773501Z |
| pysec-2022-258 | A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double q… | oslo-utils | 2022-08-29T15:15:00Z | 2022-09-01T22:32:57.246318Z |
| pysec-2022-257 | NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrus… | nvflare | 2022-08-29T03:15:00Z | 2022-09-01T20:35:14.493490Z |
| pysec-2022-256 | The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from … | deluge | 2022-08-26T16:15:00Z | 2022-08-31T20:34:06.230496Z |
| pysec-2022-255 | There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXM… | vtk | 2022-08-25T18:15:00Z | 2022-08-31T18:46:05.259402Z |
| pysec-2022-254 | A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a reque… | mod-wsgi | 2022-08-25T18:15:00Z | 2022-08-31T18:46:04.047573Z |
| pysec-2022-253 | A flaw was found in ansible-runner. An improper escaping of the shell command, while call… | ansible-runner | 2022-08-24T16:15:00Z | 2022-08-29T16:56:41.591821Z |
| pysec-2022-252 | The deep-translator project on PyPI was taken over via user account compromise via a phis… | deep-translator | 2022-08-26T17:55:00.000000Z | 2022-08-26T17:55:00.000000Z |
| pysec-2022-251 | The spam project on PyPI was taken over via user account compromise via a phishing attack… | spam | 2022-08-26T17:55:00.000000Z | 2022-08-26T17:55:00.000000Z |
| pysec-2022-250 | The exotel project on PyPI was taken over via user account compromise via a phishing atta… | exotel | 2022-08-26T17:55:00.000000Z | 2022-08-26T17:55:00.000000Z |
| pysec-2022-212 | Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to … | notebook | 2022-06-14T18:15:00Z | 2022-08-24T20:50:33.251121Z |
| pysec-2022-249 | The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnera… | nbconvert | 2022-08-18T19:15:00Z | 2022-08-20T05:32:49.275202Z |
| pysec-2022-248 | Streamlit is a data oriented application development framework for python. Users hosting … | streamlit | 2022-08-01T22:15:00Z | 2022-08-10T17:01:37.061546Z |
| pysec-2022-247 | Flask-AppBuilder is an application development framework built on top of Flask python fra… | flask-appbuilder | 2022-08-01T19:15:00Z | 2022-08-08T16:56:55.240734Z |
| pysec-2022-246 | Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.3. | fava | 2022-08-01T15:15:00Z | 2022-08-05T03:26:17.915953Z |
| pysec-2022-245 | An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.… | django | 2022-08-03T14:15:00Z | 2022-08-03T16:55:03.165433Z |
| pysec-2022-244 | untangle is a python library to convert XML data to python objects. untangle versions 1.2… | untangle | 2022-07-26T06:15:00Z | 2022-08-01T20:42:29.787320Z |
| pysec-2022-243 | untangle is a python library to convert XML data to python objects. untangle versions 1.2… | untangle | 2022-07-26T06:15:00Z | 2022-08-01T18:50:11.676911Z |
| pysec-2022-43166 | The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inser… | scu-captcha | 2022-07-22T15:15:00+00:00 | 2022-07-29T12:45:00+00:00 |
| pysec-2022-242 | The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor insert… | pycrowdtangle | 2022-07-22T15:15:00Z | 2022-07-29T05:45:36.692082Z |
| pysec-2022-241 | The eziod package in PyPI before v0.0.1 included a code execution backdoor inserted by a … | eziod | 2022-07-22T15:15:00Z | 2022-07-29T05:45:35.868408Z |
| pysec-2022-240 | Cross-site Scripting (XSS) - Reflected in GitHub repository beancount/fava prior to 1.22.2. | fava | 2022-07-25T14:15:00Z | 2022-07-27T20:32:05.236760Z |
| pysec-2022-239 | The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due… | fava | 2022-07-25T14:15:00Z | 2022-07-27T20:32:05.196440Z |
| pysec-2022-238 | This affects the package codecov before 2.0.16. The vulnerability occurs due to not sanit… | codecov | 2022-07-13T12:15:00Z | 2022-07-26T13:13:30.178958Z |
| pysec-2022-237 | In mistune through 2.0.2, support of inline markup is implemented by using regular expres… | mistune | 2022-07-25T23:15:00Z | 2022-07-26T03:40:40.758214Z |
| pysec-2022-236 | The Apache Spark UI offers the possibility to enable ACLs via the configuration option sp… | pyspark | 2022-07-18T07:15:00Z | 2022-07-25T14:38:46.692270Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-4053 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.881476Z |
| gsd-2024-4103 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.881278Z |
| gsd-2024-4077 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-24T05:02:07.881052Z |
| gsd-2024-4092 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.880159Z |
| gsd-2024-4068 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.879380Z |
| gsd-2024-4067 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.878926Z |
| gsd-2024-4084 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.877317Z |
| gsd-2024-4108 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.876858Z |
| gsd-2024-4076 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.874996Z |
| gsd-2024-4070 | A vulnerability has been found in Kashipara Online Furniture Shopping Ecommerce Website 1… | 2024-04-24T05:02:07.872260Z |
| gsd-2024-4094 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.871747Z |
| gsd-2024-4109 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.871548Z |
| gsd-2024-4104 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.871352Z |
| gsd-2024-4098 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.870871Z |
| gsd-2024-4080 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.870665Z |
| gsd-2024-4047 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.870133Z |
| gsd-2024-4110 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.869682Z |
| gsd-2024-4048 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.869478Z |
| gsd-2024-4106 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.869278Z |
| gsd-2024-4055 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.869036Z |
| gsd-2024-4082 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.868830Z |
| gsd-2024-4065 | A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated as critical. This i… | 2024-04-24T05:02:07.867875Z |
| gsd-2024-4052 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.866890Z |
| gsd-2024-4071 | A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0 an… | 2024-04-24T05:02:07.866219Z |
| gsd-2024-4057 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.865946Z |
| gsd-2024-4095 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.865505Z |
| gsd-2024-4091 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.865311Z |
| gsd-2024-4099 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.865120Z |
| gsd-2024-4101 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.864889Z |
| gsd-2024-4059 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-24T05:02:07.864696Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192599 | Malicious code in tailwind-stylecss (npm) | 2025-12-16T07:27:00Z | 2025-12-22T21:38:14Z |
| mal-2025-192596 | Malicious code in starling-api (npm) | 2025-12-16T07:03:48Z | 2025-12-22T21:38:14Z |
| mal-2025-192567 | Malicious code in uba-plugins (npm) | 2025-12-12T06:34:06Z | 2025-12-22T21:38:14Z |
| mal-2025-192681 | Malicious code in othw (npm) | 2025-12-20T10:21:24Z | 2025-12-22T21:38:13Z |
| mal-2025-192677 | Malicious code in shakti20261 (npm) | 2025-12-19T20:30:42Z | 2025-12-22T21:38:13Z |
| mal-2025-192671 | Malicious code in spamsms (npm) | 2025-12-19T16:20:59Z | 2025-12-22T21:38:13Z |
| mal-2025-192670 | Malicious code in sonia3-npm-js (npm) | 2025-12-19T16:20:59Z | 2025-12-22T21:38:13Z |
| mal-2025-192638 | Malicious code in qwqwqw (npm) | 2025-12-19T08:40:34Z | 2025-12-22T21:38:13Z |
| mal-2025-192637 | Malicious code in pwnxmljs2 (npm) | 2025-12-19T08:40:34Z | 2025-12-22T21:38:13Z |
| mal-2025-192636 | Malicious code in ppppparserfruit (npm) | 2025-12-19T08:36:38Z | 2025-12-22T21:38:13Z |
| mal-2025-192635 | Malicious code in parashaxmgflhg (npm) | 2025-12-19T08:23:46Z | 2025-12-22T21:38:13Z |
| mal-2025-192614 | Malicious code in react-enhanced-glow (npm) | 2025-12-19T08:21:11Z | 2025-12-22T21:38:13Z |
| mal-2025-192606 | Malicious code in sarumaan_a (npm) | 2025-12-18T11:16:23Z | 2025-12-22T21:38:13Z |
| mal-2025-192602 | Malicious code in plugin-senna (npm) | 2025-12-17T05:44:09Z | 2025-12-22T21:38:13Z |
| mal-2025-192597 | Malicious code in raven-hubspot (npm) | 2025-12-16T07:30:49Z | 2025-12-22T21:38:13Z |
| mal-2025-192594 | Malicious code in prod-natwest (npm) | 2025-12-16T07:03:48Z | 2025-12-22T21:38:13Z |
| mal-2025-192582 | Malicious code in sds-swissid-common (npm) | 2025-12-16T06:23:05Z | 2025-12-22T21:38:13Z |
| mal-2025-192581 | Malicious code in sds-oauth-client (npm) | 2025-12-16T06:23:04Z | 2025-12-22T21:38:13Z |
| mal-2025-192580 | Malicious code in sds-auth-ui (npm) | 2025-12-16T06:23:04Z | 2025-12-22T21:38:13Z |
| mal-2025-192575 | Malicious code in polygon-src (npm) | 2025-12-15T07:40:32Z | 2025-12-22T21:38:13Z |
| mal-2025-192572 | Malicious code in phx-core (npm) | 2025-12-15T06:02:42Z | 2025-12-22T21:38:13Z |
| mal-2025-192571 | Malicious code in paypal-scripts-server-utils (npm) | 2025-12-15T05:39:09Z | 2025-12-22T21:38:13Z |
| mal-2025-192561 | Malicious code in pp-js-lib (npm) | 2025-12-12T06:34:06Z | 2025-12-22T21:38:13Z |
| mal-2025-192669 | Malicious code in nmapchecker (npm) | 2025-12-19T16:20:59Z | 2025-12-22T21:38:12Z |
| mal-2025-192634 | Malicious code in okta-mfa-library (npm) | 2025-12-19T08:36:04Z | 2025-12-22T21:38:12Z |
| mal-2025-192613 | Malicious code in my-ctf-package (npm) | 2025-12-19T08:23:46Z | 2025-12-22T21:38:12Z |
| mal-2025-192593 | Malicious code in openhands-frontend (npm) | 2025-12-16T07:05:12Z | 2025-12-22T21:38:12Z |
| mal-2025-192592 | Malicious code in nad-home (npm) | 2025-12-16T07:05:11Z | 2025-12-22T21:38:12Z |
| mal-2025-192678 | Malicious code in jest-stable (npm) | 2025-12-19T21:32:30Z | 2025-12-22T21:38:11Z |
| mal-2025-192633 | Malicious code in hubstyletokens (npm) | 2025-12-19T08:36:05Z | 2025-12-22T21:38:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2023-2498 | Google Chrome / Microsoft Edge : Mehrere Schwachstellen ermöglichen Codeausführung | 2023-09-27T22:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2023-2337 | Apache Tomcat mod_jk Connector: Schwachstelle ermöglicht Umgehung von Sicherheitsmaßnahmen oder Offenlegung von Informationen | 2023-09-12T22:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2023-2305 | Google Chrome / Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2023-09-11T22:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2023-1738 | Red Hat OpenShift: Mehrere Schwachstellen | 2023-07-12T22:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2023-1230 | libssh2: Mehrere Schwachstellen | 2019-03-18T23:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0842 | PowerDNS: Schwachstelle ermöglicht Denial of Service | 2022-03-27T22:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2023-0427 | OpenSSL: Mehrere Schwachstellen | 2016-03-01T23:00:00.000+00:00 | 2025-01-14T23:00:00.000+00:00 |
| wid-sec-w-2025-0057 | Zoom Video Communications: Mehrere Schwachstellen | 2025-01-13T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0056 | Keycloak: Mehrere Schwachstellen | 2025-01-13T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0055 | TYPO3 Core: Mehrere Schwachstellen | 2025-01-13T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0053 | Qlik Sense: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2025-01-13T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0052 | Apache CloudStack: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-01-13T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0051 | SAP Patchday Januar 2025: Mehrere Schwachstellen | 2025-01-13T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0040 | Red Hat Enterprise Linux (dpdk): Schwachstelle ermöglicht Denial of Service | 2025-01-09T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2025-0009 | FRRouting Project FRRouting: Schwachstelle ermöglicht Denial of Service | 2025-01-05T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-3726 | BeyondTrust Privileged Remote Access: Schwachstelle ermöglicht Ausführen von beliebigen Kommandos | 2024-12-18T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-3424 | Intel Graphics Driver: Mehrere Schwachstellen | 2024-11-12T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-2072 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-09-05T22:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-1970 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2024-09-02T22:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-1555 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-07-09T22:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0851 | Linux Kernel: Mehrere Schwachstellen | 2024-04-10T22:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0804 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-04-04T22:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0654 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe | 2024-03-17T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0561 | Linux Kernel: Mehrere Schwachstellen | 2024-03-05T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0478 | Linux Kernel: Mehrere Schwachstellen | 2024-02-26T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0475 | Linux-Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe | 2024-02-25T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0473 | Linux Kernel: Mehrere Schwachstellen | 2024-02-22T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0346 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2024-02-11T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0345 | Linux Kernel: Mehrere Schwachstellen | 2024-02-11T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| wid-sec-w-2024-0296 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-02-04T23:00:00.000+00:00 | 2025-01-13T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2023:6363 | Red Hat Security Advisory: skopeo security update | 2023-11-07T08:33:26+00:00 | 2025-11-27T11:59:47+00:00 |
| rhsa-2023:6474 | Red Hat Security Advisory: podman security, bug fix, and enhancement update | 2023-11-07T08:52:01+00:00 | 2025-11-27T11:59:43+00:00 |
| rhsa-2023:6473 | Red Hat Security Advisory: buildah security update | 2023-11-07T08:39:45+00:00 | 2025-11-27T11:59:43+00:00 |
| rhsa-2023:6402 | Red Hat Security Advisory: containernetworking-plugins security and bug fix update | 2023-11-07T09:01:07+00:00 | 2025-11-27T11:59:43+00:00 |
| rhsa-2023:6346 | Red Hat Security Advisory: toolbox security and bug fix update | 2023-11-07T09:12:30+00:00 | 2025-11-27T11:59:42+00:00 |
| rhsa-2023:5407 | Red Hat Security Advisory: openshift-gitops-kam security update | 2023-09-29T14:15:37+00:00 | 2025-11-27T11:58:47+00:00 |
| rhsa-2023:5314 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update | 2023-09-20T15:43:10+00:00 | 2025-11-27T11:58:46+00:00 |
| rhsa-2023:5233 | Red Hat Security Advisory: OpenShift Virtualization 4.13.4 security and bug fix update | 2023-09-19T11:41:55+00:00 | 2025-11-27T11:58:46+00:00 |
| rhsa-2023:4731 | Red Hat Security Advisory: OpenShift Container Platform 4.13.10 security update | 2023-08-30T19:20:56+00:00 | 2025-11-27T11:58:42+00:00 |
| rhsa-2023:4664 | Red Hat Security Advisory: OpenShift Virtualization 4.13.3 Images security and bug fix update | 2023-08-16T14:09:26+00:00 | 2025-11-27T11:58:42+00:00 |
| rhsa-2023:4421 | Red Hat Security Advisory: OpenShift Virtualization 4.12.5 security and bug fix update | 2023-08-01T14:51:28+00:00 | 2025-11-27T11:58:41+00:00 |
| rhsa-2023:4627 | Red Hat Security Advisory: Migration Toolkit for Applications security and bug fix update | 2023-08-14T01:02:25+00:00 | 2025-11-27T11:58:39+00:00 |
| rhsa-2023:4603 | Red Hat Security Advisory: OpenShift Container Platform 4.13.9 bug fix and security update | 2023-08-16T00:38:00+00:00 | 2025-11-27T11:58:38+00:00 |
| rhsa-2023:4456 | Red Hat Security Advisory: OpenShift Container Platform 4.13.8 bug fix and security update | 2023-08-08T11:17:33+00:00 | 2025-11-27T11:58:38+00:00 |
| rhsa-2023:4293 | Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.11 security and bug fix update | 2023-07-27T01:13:57+00:00 | 2025-11-27T11:58:36+00:00 |
| rhsa-2023:4226 | Red Hat Security Advisory: OpenShift Container Platform 4.13.6 bug fix and security update | 2023-07-27T01:09:58+00:00 | 2025-11-27T11:58:35+00:00 |
| rhsa-2023:4225 | Red Hat Security Advisory: OpenShift Container Platform 4.13.6 security and extras update | 2023-07-27T00:28:34+00:00 | 2025-11-27T11:58:35+00:00 |
| rhsa-2023:4113 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.3.5 security update | 2023-07-17T16:29:42+00:00 | 2025-11-27T11:58:33+00:00 |
| rhsa-2023:4112 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.8 security update | 2023-07-17T16:29:41+00:00 | 2025-11-27T11:58:33+00:00 |
| rhsa-2023:3943 | Red Hat Security Advisory: ACS 4.1 enhancement and security update | 2023-06-29T14:32:26+00:00 | 2025-11-27T11:58:29+00:00 |
| rhsa-2023:3918 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.5 security and bug fix update | 2023-06-29T00:59:02+00:00 | 2025-11-27T11:58:26+00:00 |
| rhsa-2023:3615 | Red Hat Security Advisory: OpenShift Container Platform 4.12.22 bug fix and security update | 2023-06-24T01:26:01+00:00 | 2025-11-27T11:58:24+00:00 |
| rhsa-2023:3614 | Red Hat Security Advisory: OpenShift Container Platform 4.13.4 bug fix and security update | 2023-06-23T04:23:30+00:00 | 2025-11-27T11:58:21+00:00 |
| rhsa-2023:3537 | Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update | 2023-06-13T13:10:24+00:00 | 2025-11-27T11:58:11+00:00 |
| rhsa-2023:3455 | Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0 | 2023-06-05T23:42:42+00:00 | 2025-11-27T11:58:11+00:00 |
| rhsa-2023:3495 | Red Hat Security Advisory: Logging Subsystem 5.7.2 - Red Hat OpenShift security update | 2023-06-12T19:08:51+00:00 | 2025-11-27T11:58:09+00:00 |
| rhsa-2023:3450 | Red Hat Security Advisory: OpenShift Serverless Client kn 1.29.0 release | 2023-06-05T16:47:21+00:00 | 2025-11-27T11:58:06+00:00 |
| rhsa-2023:3447 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update | 2023-06-05T18:54:02+00:00 | 2025-11-27T11:58:04+00:00 |
| rhsa-2023:3367 | Red Hat Security Advisory: OpenShift Container Platform 4.13.2 bug fix and security update | 2023-06-07T01:50:35+00:00 | 2025-11-27T11:58:04+00:00 |
| rhsa-2023:3445 | Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update | 2023-06-05T18:55:04+00:00 | 2025-11-27T11:58:01+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-59511 | Windows WLAN Service Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59510 | Windows Routing and Remote Access Service (RRAS) Denial of Service Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59509 | Windows Speech Recognition Information Disclosure Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59508 | Windows Speech Recognition Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59507 | Windows Speech Runtime Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59506 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59505 | Windows Smart Card Reader Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59504 | Azure Monitor Agent Remote Code Execution Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59499 | Microsoft SQL Server Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-59240 | Microsoft Excel Information Disclosure Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-47179 | Configuration Manager Elevation of Privilege Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-30398 | Nuance PowerScribe 360 Information Disclosure Vulnerability | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| msrc_cve-2025-12863 | Libxml2: namespace use-after-free in xmlsettreedoc() function of libxml2 | 2025-11-02T00:00:00.000Z | 2025-11-11T01:01:30.000Z |
| msrc_cve-2025-60753 | An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash). | 2025-11-02T00:00:00.000Z | 2025-11-11T01:01:21.000Z |
| msrc_cve-2025-40109 | crypto: rng - Ensure set_ent is always present | 2025-11-02T00:00:00.000Z | 2025-11-10T01:03:03.000Z |
| msrc_cve-2022-49803 | netdevsim: Fix memory leak of nsim_dev->fa_cookie | 2025-05-02T00:00:00.000Z | 2025-11-09T01:01:29.000Z |
| msrc_cve-2022-49766 | netlink: Bounds-check struct nlmsgerr creation | 2025-05-02T00:00:00.000Z | 2025-11-08T01:08:11.000Z |
| msrc_cve-2022-49764 | bpf: Prevent bpf program recursion for raw tracepoint probes | 2025-05-02T00:00:00.000Z | 2025-11-08T01:08:05.000Z |
| msrc_cve-2023-53064 | iavf: fix hang on reboot with ice | 2025-05-02T00:00:00.000Z | 2025-11-08T01:02:25.000Z |
| msrc_cve-2025-23143 | net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. | 2025-05-02T00:00:00.000Z | 2025-11-07T01:01:21.000Z |
| msrc_cve-2025-23129 | wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path | 2025-04-02T00:00:00.000Z | 2025-11-06T01:01:28.000Z |
| msrc_cve-2025-61099 | FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet. | 2025-10-02T00:00:00.000Z | 2025-11-05T01:01:58.000Z |
| msrc_cve-2025-40107 | can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled | 2025-11-02T00:00:00.000Z | 2025-11-04T01:01:14.000Z |
| msrc_cve-2025-61104 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-11-02T01:02:44.000Z |
| msrc_cve-2025-61100 | FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions. | 2025-10-02T00:00:00.000Z | 2025-11-02T01:02:36.000Z |
| msrc_cve-2025-61101 | FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. | 2025-10-02T00:00:00.000Z | 2025-11-02T01:02:28.000Z |
| msrc_cve-2025-22090 | x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() | 2025-04-02T00:00:00.000Z | 2025-11-02T01:02:16.000Z |
| msrc_cve-2025-21955 | ksmbd: prevent connection release during oplock break notification | 2025-04-02T00:00:00.000Z | 2025-11-02T01:01:47.000Z |
| msrc_cve-2025-21899 | tracing: Fix bad hist from corrupting named_triggers list | 2025-04-02T00:00:00.000Z | 2025-11-02T01:01:41.000Z |
| msrc_cve-2025-21894 | net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC | 2025-04-02T00:00:00.000Z | 2025-11-02T01:01:35.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-23-131-06 | Siemens SCALANCE LPE9403 | 2023-05-09T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-131-05 | Siemens SINEC NMS Third-Party | 2023-05-09T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-131-04 | Siemens SIMATIC Cloud Connect 7 | 2023-05-09T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-12 | Siemens Polarion ALM | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-11 | Siemens Teamcenter Visualization and JT2Go | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-10 | Siemens Industrial Products | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-09 | Siemens SCALANCE XCM332 | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-08 | Siemens Mendix Forgot Password Module | 2023-04-18T19:27:35.031502Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-05 | Siemens SCALANCE X-200IRT Devices | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-03 | Siemens in OPC Foundation Local Discovery Server | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-103-02 | Siemens JT Open and JT Utilities | 2023-04-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-075-05 | Siemens Mendix SAML Module | 2023-03-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-23-047-09 | Siemens SIMATIC Industrial Products | 2023-02-14T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-20 | Siemens Teamcenter Visualization and JT2Go | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-16 | Siemens APOGEE and TALON | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-14 | Siemens SISCO MMS-EASE Third Party Component | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-12 | Siemens Parasolid | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-10 | Siemens APOGEE/TALON Field Panels | 2022-12-15T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-08 | Siemens Polarion ALM | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-07 | Siemens Simcenter STAR-CCM+ | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-04 | Siemens SCALANCE Products | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-349-03 | Siemens Multiple Denial of Service Vulnerabilities in Industrial Products | 2022-12-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-314-09 | Siemens Teamcenter Visualization and JT2Go | 2022-11-08T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-314-06 | Siemens QMS Automotive | 2022-11-08T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-314-02 | Siemens Web Server Login Page of Industrial Controllers | 2022-11-08T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-286-11 | Siemens SCALANCE and RUGGEDCOM Products (Update A) | 2022-10-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-286-09 | Siemens SICAM P850 and P855 Devices | 2022-10-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-286-08 | Siemens SCALANCE and RUGGEDCOM Devices | 2022-10-11T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-258-03 | Siemens RUGGEDCOM ROS | 2022-09-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-195-01 | Siemens SCALANCE X Switch Devices | 2022-07-12T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-fmc-dos-oweunwjn | Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-fmc-dos-OwEunWJN | Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-fmc-cmd-inj-z3b5my35 | Cisco Firepower Management Center Software Command Injection Vulnerabilities | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-fmc-cmd-inj-Z3B5MY35 | Cisco Firepower Management Center Software Command Injection Vulnerabilities | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-asaftd-snmp-dos-qsqbnm6x | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-asaftd-snmp-dos-qsqBNM6x | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-asa-ftd-vp-authz-n2gckjn6 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN Authorization Bypass Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-asa-ftd-vp-authz-N2GckjN6 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software VPN Authorization Bypass Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-asa-ftd-dap-dos-ghyzbxdu | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-asa-ftd-dap-dos-GhYZBxDU | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability | 2022-11-09T16:00:00+00:00 | 2022-11-09T16:00:00+00:00 |
| cisco-sa-umbrella-xss-lfeyqv3 | Cisco Umbrella Stored Cross-Site Scripting Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-umbrella-xss-LfeYQV3 | Cisco Umbrella Stored Cross-Site Scripting Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-ise-sec-atk-dos-zw5rcuyp | Cisco Identity Services Engine Software Resource Exhaustion Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-ise-sec-atk-dos-zw5RCUYp | Cisco Identity Services Engine Software Resource Exhaustion Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-esa-http-inject-nvsycumr | Cisco Email Security Appliance and Cisco Secure Email and Web Manager HTTP Response Header Injection Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-esa-dos-gdghhmbv | Cisco Email Security Appliance Denial of Service Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-esa-dos-gdghHmbV | Cisco Email Security Appliance Denial of Service Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-cnt-sec-infodiscl-bvkknug | Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-cnt-sec-infodiscl-BVKKnUG | Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Information Disclosure Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-ESA-HTTP-Inject-nvsycUmR | Cisco Email Security Appliance and Cisco Secure Email and Web Manager HTTP Response Header Injection Vulnerability | 2022-11-02T16:00:00+00:00 | 2022-11-02T16:00:00+00:00 |
| cisco-sa-voip-phone-csrf-k56vxvvx | Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability | 2022-04-06T16:00:00+00:00 | 2022-10-28T14:20:37+00:00 |
| cisco-sa-voip-phone-csrf-K56vXvVx | Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Cross-Site Request Forgery Vulnerability | 2022-04-06T16:00:00+00:00 | 2022-10-28T14:20:37+00:00 |
| cisco-sa-ac-win-path-traverse-qo4hwbsj | Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability | 2020-02-19T16:00:00+00:00 | 2022-10-25T13:31:56+00:00 |
| cisco-sa-ac-win-path-traverse-qO4HWBsj | Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability | 2020-02-19T16:00:00+00:00 | 2022-10-25T13:31:56+00:00 |
| cisco-sa-anyconnect-dll-f26wwjw | Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability | 2020-08-05T16:00:00+00:00 | 2022-10-25T13:15:17+00:00 |
| cisco-sa-anyconnect-dll-F26WwJW | Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability | 2020-08-05T16:00:00+00:00 | 2022-10-25T13:15:17+00:00 |
| cisco-sa-jabber-xmpp-ne9scm | Cisco Jabber Client Software Extensible Messaging and Presence Protocol Stanza Smuggling Vulnerability | 2022-10-05T16:00:00+00:00 | 2022-10-19T20:47:17+00:00 |
| cisco-sa-jabber-xmpp-Ne9SCM | Cisco Jabber Client Software Extensible Messaging and Presence Protocol Stanza Smuggling Vulnerability | 2022-10-05T16:00:00+00:00 | 2022-10-19T20:47:17+00:00 |
| cisco-sa-meraki-mx-vpn-dos-vnesbgbf | Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability | 2022-10-19T16:00:00+00:00 | 2022-10-19T19:44:34+00:00 |
| cisco-sa-meraki-mx-vpn-dos-vnESbgBf | Cisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability | 2022-10-19T16:00:00+00:00 | 2022-10-19T19:44:34+00:00 |
| ID | Description | Updated |
|---|---|---|
| var-200704-0216 | Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 al… | 2024-11-29T20:07:56.631000Z |
| var-200412-0902 | Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 a… | 2024-11-29T20:07:48.175000Z |
| var-200107-0161 | Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a … | 2024-11-29T20:07:18.005000Z |
| var-200611-0472 | Apple Mac OS X AppleTalk allows local users to cause a denial of service (kernel panic) b… | 2024-11-29T20:06:44.997000Z |
| var-201605-0077 | The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consi… | 2024-11-29T20:06:44.920000Z |
| var-201912-1857 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T20:06:10.580000Z |
| var-201512-0484 | The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh,… | 2024-11-29T20:05:26.071000Z |
| var-201912-0545 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T20:05:23.977000Z |
| var-201605-0494 | Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.… | 2024-11-29T20:05:23.783000Z |
| var-200310-0072 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code… | 2024-11-29T20:05:21.307000Z |
| var-201806-1444 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS bef… | 2024-11-29T20:05:20.787000Z |
| var-201806-1437 | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari be… | 2024-11-29T20:05:15.914000Z |
| var-202112-1654 | A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a … | 2024-11-29T20:05:15.626000Z |
| var-200809-0006 | Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, … | 2024-11-29T20:04:42.042000Z |
| var-200904-0821 | The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products… | 2024-11-29T20:03:35.910000Z |
| var-200609-1236 | Buffer overflow in PPP on Apple Mac OS X 10.4.x up to 10.4.8 and 10.3.x up to 10.3.9, whe… | 2024-11-29T20:03:35.833000Z |
| var-201203-0188 | Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers … | 2024-11-29T20:03:34.830000Z |
| var-201711-0474 | An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari be… | 2024-11-29T20:03:34.625000Z |
| var-200910-0505 | Use-after-free vulnerability in the abstract file-descriptor handling interface in the cu… | 2024-11-29T20:02:56.551000Z |
| var-200801-0578 | The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, w… | 2024-11-29T20:02:38.953000Z |
| var-202203-0034 | A carefully crafted request body can cause a read to a random memory area which could cau… | 2024-11-29T20:02:38.873000Z |
| var-200809-0402 | Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.4.11 and 10.… | 2024-11-29T20:02:07.082000Z |
| var-201804-1163 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari be… | 2024-11-29T20:02:05.182000Z |
| var-200704-0222 | URLMount in Apple Mac OS X 10.3.9 through 10.4.9 passes the username and password credent… | 2024-11-29T20:02:04.884000Z |
| var-201606-0329 | Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/us… | 2024-11-29T20:02:00.214000Z |
| var-201912-0627 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T20:01:41.100000Z |
| var-202006-1832 | A memory corruption issue was addressed with improved validation. This issue is fixed in … | 2024-11-29T20:01:02.830000Z |
| var-201302-0224 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java … | 2024-11-29T20:01:02.268000Z |
| var-201912-0480 | A type confusion issue was addressed with improved memory handling. This issue is fixed i… | 2024-11-29T20:01:01.464000Z |
| var-200609-0311 | Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote at… | 2024-11-29T20:01:01.069000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2019-000012 | Multiple vulnerabilities in Nablarch | 2019-02-27T17:14+09:00 | 2019-09-27T10:15+09:00 |
| jvndb-2019-000011 | WordPress plugin "FormCraft" vulnerable to cross-site request forgery | 2019-02-26T14:46+09:00 | 2019-09-27T10:12+09:00 |
| jvndb-2019-000013 | Windows 7 may insecurely load Dynamic Link Libraries | 2019-02-28T15:52+09:00 | 2019-09-27T10:09+09:00 |
| jvndb-2019-000015 | iChain Insurance Wallet App for iOS vulnerable to directory traversal | 2019-03-12T14:28+09:00 | 2019-09-27T10:04+09:00 |
| jvndb-2019-000016 | WordPress plugin "Smart Forms" vulnerable to cross-site request forgery | 2019-02-28T15:57+09:00 | 2019-09-27T09:59+09:00 |
| jvndb-2018-000128 | Multiple vulnerabilities in multiple SEIKO EPSON printers and scanners | 2018-12-06T16:19+09:00 | 2019-09-27T09:55+09:00 |
| jvndb-2019-000017 | Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting | 2019-03-05T14:18+09:00 | 2019-09-27T09:54+09:00 |
| jvndb-2018-000107 | OpenAM (Open Source Edition) vulnerable to session management | 2018-10-12T14:44+09:00 | 2019-09-26T18:10+09:00 |
| jvndb-2019-000004 | UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries | 2019-01-31T15:46+09:00 | 2019-09-26T18:08+09:00 |
| jvndb-2019-000006 | POWER EGG vulnerability where EL expression may be executed | 2019-02-05T14:09+09:00 | 2019-09-26T18:05+09:00 |
| jvndb-2019-000018 | "an" App for iOS vulnerable to directory traversal | 2019-03-19T15:51+09:00 | 2019-09-26T17:56+09:00 |
| jvndb-2019-000019 | KinagaCMS vulnerable to cross-site scripting | 2019-03-15T17:03+09:00 | 2019-09-26T17:10+09:00 |
| jvndb-2019-000057 | SHIRASAGI vulnerable to open redirect | 2019-09-10T13:56+09:00 | 2019-09-10T13:56+09:00 |
| jvndb-2019-008917 | Multiple Vulnerabilities in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor | 2019-09-09T15:58+09:00 | 2019-09-09T15:58+09:00 |
| jvndb-2019-000005 | The installers of UNLHA32.DLL, UNARJ32.DLL and LHMelting may insecurely load Dynamic Link Libraries | 2019-01-31T15:35+09:00 | 2019-08-28T12:08+09:00 |
| jvndb-2019-000007 | OpenAM (Open Source Edition) vulnerable to open redirect | 2019-02-06T15:45+09:00 | 2019-08-28T11:00+09:00 |
| jvndb-2018-000132 | Multiple vulnerabilities in Toshiba Lighting & Technology Corporation Home gateway | 2018-12-19T15:20+09:00 | 2019-08-28T10:45+09:00 |
| jvndb-2018-000133 | cordova-plugin-ionic-webview vulnerable to path traversal | 2018-12-21T14:17+09:00 | 2019-08-28T10:04+09:00 |
| jvndb-2018-000125 | The installer of MARKET SPEED may insecurely load Dynamic Link Libraries | 2018-11-28T17:27+09:00 | 2019-08-28T10:01+09:00 |
| jvndb-2019-000001 | WordPress plugin "spam-byebye" vulnerable to cross-site scripting | 2019-01-10T15:45+09:00 | 2019-08-28T09:54+09:00 |
| jvndb-2018-000092 | Multiple vulnerabilities in INplc | 2018-09-07T16:49+09:00 | 2019-08-28T09:51+09:00 |
| jvndb-2018-000127 | EC-CUBE vulnerable to open redirect | 2018-11-28T17:24+09:00 | 2019-08-28T09:42+09:00 |
| jvndb-2018-000118 | The installer of Windows10 Fall Creators Update Modify module for Security Measures tool may insecurely load Dynamic Link Libraries | 2018-11-09T16:13+09:00 | 2019-08-27T18:03+09:00 |
| jvndb-2018-000093 | Multiple script injection vulnerabilities in multiple Yamaha network devices | 2018-08-29T18:01+09:00 | 2019-08-27T17:53+09:00 |
| jvndb-2018-000122 | Multiple vulnerabilities in Panasonic BN-SDWBP3 | 2019-06-28T18:28+09:00 | 2019-08-27T17:46+09:00 |
| jvndb-2018-000134 | PgpoolAdmin fails to restrict access permissions | 2018-12-21T14:10+09:00 | 2019-08-27T17:41+09:00 |
| jvndb-2018-000100 | +Message App fails to verify SSL server certificates | 2018-09-27T16:52+09:00 | 2019-08-27T17:22+09:00 |
| jvndb-2018-000124 | Multiple vulnerabilities in RICOH Interactive Whiteboard | 2018-11-27T15:26+09:00 | 2019-08-27T17:01+09:00 |
| jvndb-2018-000076 | Multiple vulnerabilities in Aterm W300P | 2018-07-12T15:04+09:00 | 2019-08-27T16:56+09:00 |
| jvndb-2018-000130 | Cybozu Garoon access restriction bypass vulnerability | 2018-12-10T14:14+09:00 | 2019-08-27T16:54+09:00 |
| ID | Description | Updated |
|---|