Recent vulnerabilities

ID	Description	Published	Updated
ghsa-vfpf-xmwh-8m65	ProsemirrorToHtml has a Cross-Site Scripting (XSS) vulnerability through unescaped HTML attribute values	2025-11-07T23:17:31Z	2025-11-07T23:17:31Z
ghsa-f83h-ghpp-7wcc	Insecure Deserialization (pickle) in pdfminer.six CMap Loader — Local Privesc	2025-11-07T23:17:05Z	2025-11-07T23:17:05Z
ghsa-5pjj-7fq8-9gpf	Magento has an XML Injection vulnerability	2022-05-24T19:12:47Z	2025-11-07T23:16:16Z
ghsa-qw6q-3pgr-5cwq	KubeVirt Arbitrary Container File Read	2025-11-06T23:33:33Z	2025-11-07T23:08:11Z
ghsa-w832-gg5g-x44m	Open redirect endpoint in Datasette	2025-11-06T15:13:33Z	2025-11-07T21:56:19Z
ghsa-38jw-g2qx-4286	KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer	2025-11-06T23:32:54Z	2025-11-07T21:56:08Z
ghsa-wwqv-p2pp-99h5	LangGraph Checkpoint affected by RCE in "json" mode of JsonPlusSerializer	2025-11-05T19:52:50Z	2025-11-07T21:55:55Z
ghsa-cpf4-pmr4-w6cx	IDOR Vulnerabilities in ZITADEL's Organization API allows Cross-Tenant Data Tempering	2025-11-05T19:52:01Z	2025-11-07T21:55:43Z
ghsa-ccrc-5vp5-vp5j	Liferay search widget vulnerable to Cross-site Scripting	2025-09-17T00:31:12Z	2025-11-07T21:55:07Z
ghsa-xvvv-9ch3-x72q	Improper resource management in firmware of some Solidigm DC Products may allow an attacker with lo…	2025-11-07T21:31:20Z	2025-11-07T21:31:21Z
ghsa-vx5j-462j-vrmg	Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "T…	2025-11-07T21:31:20Z	2025-11-07T21:31:21Z
ghsa-q269-xqww-45mm	A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exe…	2025-11-07T21:31:21Z	2025-11-07T21:31:21Z
ghsa-p7g8-g57p-r8qx	A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocat…	2025-11-07T21:31:21Z	2025-11-07T21:31:21Z
ghsa-ghg3-c9m4-3hc2	The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to …	2025-11-07T21:31:20Z	2025-11-07T21:31:21Z
ghsa-fx2p-cf25-w3gm	A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1.0 & Angular v18.0.0 allows a…	2025-11-07T21:31:21Z	2025-11-07T21:31:21Z
ghsa-fw46-chhq-69jm	TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in /order_notes via the id parameter.	2025-11-07T21:31:20Z	2025-11-07T21:31:21Z
ghsa-9fwq-22j4-xfwr	A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML parsing library. This function …	2025-11-07T21:31:20Z	2025-11-07T21:31:21Z
ghsa-8qh7-rvp7-2455	Sourcecodester Medicine Reminder App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Medic…	2025-11-07T21:31:20Z	2025-11-07T21:31:21Z
ghsa-88qg-f543-x242	A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration pac…	2025-11-07T21:31:21Z	2025-11-07T21:31:21Z
ghsa-xqj2-5wmj-m7c5	In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System M…	2025-11-07T18:30:30Z	2025-11-07T21:31:20Z
ghsa-wj4q-gpcg-gvvm	Improper Control of Generation of Code ('Code Injection') vulnerability in VillaTheme HAPPY happy-h…	2025-11-06T18:32:52Z	2025-11-07T21:31:20Z
ghsa-whqj-vxh6-h4wx	IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM…	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z
ghsa-w3m4-2rp8-wq32	The change password functionality at /pet_grooming/admin/change_pass.php in SourceCodester Pet Groo…	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z
ghsa-rwm7-f4gh-jc36	IBM Db2 10.5.0 through 10.5.11, 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through …	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z
ghsa-r6qj-9qxh-457g	IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) under speci…	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z
ghsa-qc98-fx88-c58q	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-11-06T18:32:54Z	2025-11-07T21:31:20Z
ghsa-pwp3-72qh-5c9p	TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in the /search_results endpoint via the q…	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z
ghsa-pp8v-2qr4-vr68	IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX a…	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z
ghsa-hrj4-vcrc-2hch	Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionalit…	2025-11-06T18:32:54Z	2025-11-07T21:31:20Z
ghsa-g439-3qrh-m8h2	Improper resource management in firmware of some Solidigm DC Products may allow an attacker with lo…	2025-11-07T21:31:20Z	2025-11-07T21:31:20Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-11460	N/A	Use after free in Storage in Google Chrome prior …	Google	Chrome	2025-11-06T22:26:49.566Z	2025-11-08T04:55:15.229Z
cve-2025-12036	N/A	Out of bounds memory access in V8 in Google Chrom…	Google	Chrome	2025-11-06T22:24:32.370Z	2025-11-08T04:55:14.335Z
cve-2025-24252	N/A	A use-after-free issue was addressed with improve…	Apple	tvOS	2025-04-29T02:05:22.184Z	2025-11-08T04:55:13.206Z
cve-2024-11614	7.4 (v3.0)	Dpdk: denial of service from malicious guest on hyperv…			2024-12-18T08:30:49.729Z	2025-11-08T04:04:41.508Z
cve-2024-4467	7.8 (v3.1)	Qemu-kvm: 'qemu-img info' leads to host file read/write			2024-07-02T15:57:23.648Z	2025-11-08T04:04:40.701Z
cve-2025-12125		HTML Forms <= 1.5.5 - Authenticated (Admin+) Stored Cr…	linksoftware	HTML Forms – Simple WordPress Forms Plugin	2025-11-08T03:27:50.508Z	2025-11-08T03:27:50.508Z
cve-2025-12112		Insert Headers and Footers Code – HT Script <= 1.1.6 -…	htplugins	Insert Headers and Footers Code – HT Script	2025-11-08T03:27:50.117Z	2025-11-08T03:27:50.117Z
cve-2025-12000		WPFunnels <= 3.6.2 - Authenticated (Administrator+) Ar…	getwpfunnels	Easy WordPress Funnel Builder To Collect Leads And Increase Sales – WPFunnels	2025-11-08T03:27:49.707Z	2025-11-08T03:27:49.707Z
cve-2025-11748		Groups <= 6.7.0 - Authenticated (Subscriber+) Insecure…	itthinx	Groups	2025-11-08T03:27:49.308Z	2025-11-08T03:27:49.308Z
cve-2025-12161		Smart Auto Upload Images <= 1.2.0 - Authenticated (Con…	burhandodhy	Smart Auto Upload Images – Import External Images	2025-11-08T03:27:48.931Z	2025-11-08T03:27:48.931Z
cve-2025-12193		Mang Board WP <= 2.3.1 - Reflected Cross-Site Scripting	kitae-park	Mang Board WP	2025-11-08T03:27:48.543Z	2025-11-08T03:27:48.543Z
cve-2025-11972		Tag, Category, and Taxonomy Manager – AI Autotagger wi…	stevejburge	Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI	2025-11-08T03:27:48.135Z	2025-11-08T03:27:48.135Z
cve-2025-7663		Ovatheme Events Manager <= 1.8.6 - Missing Authorization	ovatheme	Ovatheme Events Manager	2025-11-08T03:27:47.659Z	2025-11-08T03:27:47.659Z
cve-2025-12353		WPFunnels <= 3.6.2 - Unauthorized User Registration	getwpfunnels	Easy WordPress Funnel Builder To Collect Leads And Increase Sales – WPFunnels	2025-11-08T03:27:47.222Z	2025-11-08T03:27:47.222Z
cve-2025-12042		Course Booking System <= 6.1.5 - Missing Authorization…	werbeagenturcommotion	Course Booking System	2025-11-08T03:27:46.819Z	2025-11-08T03:27:46.819Z
cve-2025-12064		WP2Social Auto Publish <= 2.4.7 - Reflected Cross-Site…	f1logic	WP2Social Auto Publish	2025-11-08T03:27:46.417Z	2025-11-08T03:27:46.417Z
cve-2025-12177		Download Manager <= 3.3.30 - Unauthenticated Cron Trig…	codename065	Download Manager	2025-11-08T03:27:45.992Z	2025-11-08T03:27:45.992Z
cve-2025-12167		Contact Form 7 AWeber Extension <= 0.1.42 - Missing Au…	rnzo	Contact Form 7 AWeber Extension	2025-11-08T03:27:45.362Z	2025-11-08T03:27:45.362Z
cve-2024-52336	7.8 (v3.1)	Tuned: `script_pre` and `script_post` options allow to…			2024-11-26T15:21:13.518Z	2025-11-08T03:14:13.425Z
cve-2023-5157	7.5 (v3.1)	Mariadb: node crashes with transport endpoint is not c…	Red Hat	Red Hat Enterprise Linux 8	2023-09-26T13:25:24.082Z	2025-11-08T03:13:36.712Z
cve-2023-4004	7.8 (v3.1)	Kernel: netfilter: use-after-free due to improper elem…	Red Hat	Red Hat Enterprise Linux 8	2023-07-31T16:22:18.380Z	2025-11-08T03:13:35.436Z
cve-2024-3049	5.9 (v3.1)	Booth: specially crafted hash can lead to invalid hmac…			2024-06-06T05:30:04.137Z	2025-11-08T03:10:49.077Z
cve-2025-12583		Simple Downloads List <= 1.4.3 - Missing Authorization…	neofix	Simple Downloads List	2025-11-08T02:28:03.760Z	2025-11-08T02:28:03.760Z
cve-2025-11452		Asgaros Forum <= 3.1.0 - Unauthenticated SQL Injection	asgaros	Asgaros Forum	2025-11-08T02:28:01.507Z	2025-11-08T02:28:01.507Z
cve-2025-64496		Open WebUI Affected by an External Model Server (Direc…	open-webui	open-webui	2025-11-08T01:29:02.654Z	2025-11-08T01:29:02.654Z
cve-2025-64495		Open WebUI vulnerable to Stored DOM XSS via prompts wh…	open-webui	open-webui	2025-11-08T01:25:48.995Z	2025-11-08T01:25:48.995Z
cve-2025-64494		Soft Serve does not sanitize ANSI escape sequences in …	charmbracelet	soft-serve	2025-11-08T01:19:01.203Z	2025-11-08T01:19:01.203Z
cve-2025-64493		SuiteCRM is Vulnerable to Authenticated Blind SQL Inje…	SuiteCRM	SuiteCRM-Core	2025-11-08T01:16:22.833Z	2025-11-08T01:16:22.833Z
cve-2025-64492		SuiteCRM is Vulnerable to Authenticated Time Based Bli…	SuiteCRM	SuiteCRM-Core	2025-11-08T01:07:23.393Z	2025-11-08T01:07:23.393Z
cve-2025-64491		SuiteCRM is vulnerable to unauthenticated reflected XS…	SuiteCRM	SuiteCRM	2025-11-08T00:45:07.617Z	2025-11-08T00:45:07.617Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-64433		KubeVirt Arbitrary Container File Read	kubevirt	kubevirt	2025-11-07T23:07:31.434Z	2025-11-07T23:07:31.434Z
cve-2025-37736	8.8 (v3.1)	Elastic Cloud Enterprise Improper Authorization	Elastic	Elastic Cloud Enterprise (ECE)	2025-11-07T22:08:11.891Z	2025-11-07T22:17:25.666Z
cve-2025-9900	8.8 (v3.1)	Libtiff: libtiff write-what-where			2025-09-23T16:26:22.846Z	2025-11-07T21:36:11.090Z
cve-2025-9784	7.5 (v3.1)	Undertow: undertow madeyoureset http/2 ddos vulnerability			2025-09-02T13:37:59.772Z	2025-11-07T21:45:03.905Z
cve-2025-8283	3.7 (v3.1)	Netavark: podman: netavark may resolve hostnames to un…			2025-07-28T18:16:07.853Z	2025-11-07T21:38:20.081Z
cve-2025-63420	N/A	A stored cross-site scripting (XSS) vulnerability…	n/a	n/a	2025-11-07T00:00:00.000Z	2025-11-07T21:20:04.341Z
cve-2025-60574	N/A	A Local File Inclusion (LFI) vulnerability has be…	n/a	n/a	2025-11-07T00:00:00.000Z	2025-11-07T21:21:43.767Z
cve-2025-12418	5.6 (v4.0)	Potential Denial of Service in Supported Versions of R…	Revenera	InstallShield	2025-11-07T21:27:04.650Z	2025-11-07T21:27:04.650Z
cve-2020-36870	9.2 (v4.0)	Ruijie Gateway EG & NBR Models v11.1(6)B9P1 - 11.9(4)B…	Beijing Star-Net Ruijie Network Technology Co., Ltd.	RG-EG1000C	2025-11-07T21:52:55.227Z	2025-11-07T21:52:55.227Z
cve-2020-7961	N/A	Deserialization of Untrusted Data in Liferay Port…	n/a	n/a	2020-03-20T18:16:42.000Z	2025-10-21T23:35:47.558Z
cve-2020-8515	N/A	DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Bet…	n/a	n/a	2020-02-01T12:36:59.000Z	2025-10-21T23:35:52.845Z
cve-2020-8644	N/A	PlaySMS before 1.4.3 does not sanitize inputs fro…	n/a	n/a	2020-02-05T21:03:11.000Z	2025-10-21T23:35:52.570Z
cve-2020-25506	N/A	D-Link DNS-320 FW v2.06B01 Revision Ax is affecte…	n/a	n/a	2021-02-02T13:00:11.000Z	2025-10-21T23:35:29.264Z
cve-2020-26919		NETGEAR JGS516PE devices before 2.6.0.43 are affe…	n/a	n/a	2020-10-09T06:29:14.000Z	2025-10-21T23:35:35.982Z
cve-2020-28949	N/A	Archive_Tar through 1.4.10 has :// filename sanit…	n/a	n/a	2020-11-19T18:14:18.000Z	2025-10-21T23:35:32.687Z
cve-2020-29557	N/A	An issue was discovered on D-Link DIR-825 R1 devi…	n/a	n/a	2021-01-29T19:32:51.000Z	2025-10-21T23:35:29.393Z
cve-2020-29574	N/A	An SQL injection vulnerability in the WebAdmin of…	n/a	n/a	2020-12-11T16:03:47.000Z	2025-10-21T23:35:31.377Z
cve-2020-29583	N/A	Firmware version 4.60 of Zyxel USG devices contai…	n/a	n/a	2020-12-22T00:00:00.000Z	2025-10-21T23:35:31.245Z
cve-2020-36193	N/A	Tar.php in Archive_Tar through 1.4.11 allows writ…	n/a	n/a	2021-01-18T19:24:18.000Z	2025-10-21T23:35:29.738Z
cve-2020-7247	N/A	smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6,…	n/a	n/a	2020-01-29T15:53:18.000Z	2025-10-21T23:35:53.008Z
cve-2020-17463	N/A	FUEL CMS 1.4.7 allows SQL Injection via the col p…	n/a	n/a	2020-08-13T12:28:57.000Z	2025-10-21T23:35:38.419Z
cve-2020-17496	N/A	vBulletin 5.5.4 through 5.6.2 allows remote comma…	n/a	n/a	2020-08-12T13:07:58.000Z	2025-10-21T23:35:38.580Z
cve-2020-24363	N/A	TP-Link TL-WA855RE V5 20200415-rel37464 devices a…	n/a	n/a	2020-08-31T15:49:15.000Z	2025-10-21T23:35:37.336Z
cve-2020-25078	N/A	An issue was discovered on D-Link DCS-2530L befor…	n/a	n/a	2020-09-02T15:33:18.000Z	2025-10-21T23:35:36.861Z
cve-2020-25079	N/A	An issue was discovered on D-Link DCS-2530L befor…	n/a	n/a	2020-09-02T15:33:07.000Z	2025-10-21T23:35:37.012Z
cve-2020-25213		The File Manager (wp-file-manager) plugin before …	n/a	n/a	2020-09-09T00:00:00.000Z	2025-10-21T23:35:36.713Z
cve-2020-25223	N/A	A remote code execution vulnerability exists in t…	n/a	n/a	2020-09-25T00:00:00.000Z	2025-10-21T23:35:36.271Z
cve-2025-64481		Open redirect endpoint in Datasette	simonw	datasette	2025-11-07T20:35:39.827Z	2025-11-07T20:35:39.827Z
cve-2025-64442		HumHub is vulnerable to XSS through its Meta Search co…	humhub	humhub	2025-11-07T20:28:20.962Z	2025-11-07T20:44:02.514Z
cve-2025-64439		LangGraph Checkpoint affected by RCE in "json" mode of…	langchain-ai	langgraph	2025-11-07T20:15:21.710Z	2025-11-07T20:21:52.610Z

ID	Description	Published	Updated
fkie_cve-2025-64433	KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnera…	2025-11-07T23:15:45.537	2025-11-07T23:15:45.537
fkie_cve-2025-37736	Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built…	2025-11-07T23:15:44.350	2025-11-07T23:15:44.350
fkie_cve-2025-9900	A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when t…	2025-09-23T17:15:38.357	2025-11-07T22:15:39.977
fkie_cve-2025-9784	A flaw was found in Undertow where malformed client requests can trigger server-side stream resets …	2025-09-02T14:15:36.593	2025-11-07T22:15:39.830
fkie_cve-2025-8283	A vulnerability was found in the netavark package, a network stack for containers used with Podman.…	2025-07-28T19:15:43.957	2025-11-07T22:15:39.697
fkie_cve-2025-63420	A stored cross-site scripting (XSS) vulnerability in the CrushFTP 11.3.7_50 Admin Panel (Reports / …	2025-11-07T22:15:39.343	2025-11-07T22:15:39.343
fkie_cve-2025-60574	A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue e…	2025-11-07T22:15:39.210	2025-11-07T22:15:39.210
fkie_cve-2025-12418	Potential Denial of Service issue in all supported versions of Revenera InstallShield version 2025 …	2025-11-07T22:15:38.843	2025-11-07T22:15:38.843
fkie_cve-2020-36870	Various Ruijie Gateway EG and NBR models firmware versions 11.1(6)B9P1 < 11.9(4)B12P1 contain a cod…	2025-11-07T22:15:38.587	2025-11-07T22:15:38.587
fkie_cve-2020-7961	Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers t…	2020-03-20T19:15:12.737	2025-11-07T22:04:20.347
fkie_cve-2020-8515	DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4…	2020-02-01T13:15:12.623	2025-11-07T22:04:15.827
fkie_cve-2020-8644	PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.	2020-02-05T22:15:11.003	2025-11-07T22:04:10.590
fkie_cve-2020-25506	D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi compo…	2021-02-02T13:15:12.570	2025-11-07T22:03:39.490
fkie_cve-2020-26919	NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level.	2020-10-09T07:15:17.607	2025-11-07T22:03:33.150
fkie_cve-2020-28949	Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any…	2020-11-19T19:15:11.937	2025-11-07T22:03:27.543
fkie_cve-2020-29557	An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer over…	2021-01-29T20:15:12.933	2025-11-07T22:03:20.813
fkie_cve-2020-29574	An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthentic…	2020-12-11T17:15:13.480	2025-11-07T22:03:15.853
fkie_cve-2020-29583	Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchang…	2020-12-22T22:15:14.443	2025-11-07T22:03:10.220
fkie_cve-2020-36193	Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inade…	2021-01-18T20:15:12.667	2025-11-07T22:03:02.670
fkie_cve-2020-7247	smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows…	2020-01-29T16:15:12.897	2025-11-07T22:02:55.513
fkie_cve-2020-17463	FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /…	2020-08-13T13:15:17.357	2025-11-07T22:02:23.617
fkie_cve-2020-17496	vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an aja…	2020-08-12T14:15:13.017	2025-11-07T22:02:19.063
fkie_cve-2020-24363	TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same netw…	2020-08-31T16:15:15.380	2025-11-07T22:02:12.810
fkie_cve-2020-25078	An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 device…	2020-09-02T16:15:12.627	2025-11-07T22:02:08.727
fkie_cve-2020-25079	An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 device…	2020-09-02T16:15:12.690	2025-11-07T22:02:03.050
fkie_cve-2020-25213	The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to uploa…	2020-09-09T16:15:12.127	2025-11-07T22:01:59.633
fkie_cve-2020-25223	A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9…	2020-09-25T04:23:04.857	2025-11-07T22:01:53.673
fkie_cve-2025-64481	Datasette is an open source multi-tool for exploring and publishing data. In versions 0.65.1 and be…	2025-11-07T21:15:42.010	2025-11-07T21:15:42.010
fkie_cve-2025-64442	HumHub is an Open Source Enterprise Social Network. Versions below 1.17.4 have a XSS vulnerability …	2025-11-07T21:15:41.847	2025-11-07T21:15:41.847
fkie_cve-2025-64439	LangGraph SQLite Checkpoint is an implementation of LangGraph CheckpointSaver that uses SQLite DB (…	2025-11-07T21:15:41.690	2025-11-07T21:15:41.690

ID	Description	Package	Published	Updated
pysec-2025-35	Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp…	weblate	2025-04-15T21:16:04+00:00	2025-04-30T17:22:51.467257+00:00
pysec-2025-34	The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_…	picklescan	2025-04-24T01:15:49+00:00	2025-04-24T03:08:15.436691+00:00
pysec-2025-33	Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the…	vyper	2025-01-14T18:16:05+00:00	2025-04-23T21:23:01.322686+00:00
pysec-2025-32	BentoML is a Python library for building online serving systems optimized for AI apps and…	bentoml	2025-04-09T16:15:25+00:00	2025-04-22T19:21:34.073355+00:00
pysec-2025-31	vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen…	vyper	2025-02-21T22:15:13+00:00	2025-04-09T17:27:28.116292+00:00
pysec-2025-30	vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single …	vyper	2025-02-21T22:15:13+00:00	2025-04-09T17:27:28.064106+00:00
pysec-2025-29	vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the …	vyper	2025-02-21T22:15:13+00:00	2025-04-09T17:27:28.005382+00:00
pysec-2025-28	The Snowflake Connector for Python provides an interface for developing Python applicatio…	snowflake-connector-python	2025-01-29T21:15:21+00:00	2025-04-09T17:27:27.772920+00:00
pysec-2025-27	The Snowflake Connector for Python provides an interface for developing Python applicatio…	snowflake-connector-python	2025-01-29T21:15:21+00:00	2025-04-09T17:27:27.711157+00:00
pysec-2025-26	The Snowflake Connector for Python provides an interface for developing Python applicatio…	snowflake-connector-python	2025-01-29T21:15:21+00:00	2025-04-09T17:27:27.645758+00:00
pysec-2021-891	CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 S…	salt	2021-03-03T10:15:13+00:00	2025-04-09T17:27:27.582884+00:00
pysec-2025-25	Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle…	rembg	2025-03-03T17:15:14+00:00	2025-04-09T17:27:27.532849+00:00
pysec-2025-24	Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove…	rembg	2025-03-03T17:15:14+00:00	2025-04-09T17:27:27.486485+00:00
pysec-2025-23	Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform…	ray	2025-03-06T05:15:16+00:00	2025-04-09T17:27:27.434099+00:00
pysec-2022-43179	Poetry is a dependency manager for Python. To handle dependencies that come from a Git re…	poetry	2022-09-07T19:15:08+00:00	2025-04-09T17:27:27.255151+00:00
pysec-2025-22	A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot…	plotai	2025-03-10T14:15:24+00:00	2025-04-09T17:27:27.203714+00:00
pysec-2023-311	plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen…	plone-namedfile	2023-09-21T15:15:10+00:00	2025-04-09T17:27:27.153848+00:00
pysec-2025-21	picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch…	picklescan	2025-03-10T12:15:12+00:00	2025-04-09T17:27:27.016747+00:00
pysec-2025-20	picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i…	picklescan	2025-03-10T12:15:10+00:00	2025-04-09T17:27:26.966215+00:00
pysec-2025-19	picklescan before 0.0.22 only considers standard pickle file extensions in the scope for …	picklescan	2025-03-03T19:15:34+00:00	2025-04-09T17:27:26.916350+00:00
pysec-2025-18	picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf…	picklescan	2025-02-26T15:15:24+00:00	2025-04-09T17:27:26.867210+00:00
pysec-2023-310	Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO…	mobsf	2023-09-21T22:15:11+00:00	2025-04-09T17:27:26.663665+00:00
pysec-2025-17	In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett…	mlflow	2025-03-20T10:15:54+00:00	2025-04-09T17:27:26.322333+00:00
pysec-2023-309	Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.	mlflow	2023-12-13T00:15:07+00:00	2025-04-09T17:27:26.271200+00:00
pysec-2023-308	Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.	mlflow	2023-07-19T01:15:10+00:00	2025-04-09T17:27:26.223213+00:00
pysec-2025-16	LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu…	lnbits	2025-04-06T20:15:15+00:00	2025-04-09T17:27:25.872691+00:00
pysec-2025-15	Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilde…	flask-appbuilder	2025-03-03T16:15:41+00:00	2025-04-09T17:27:25.227116+00:00
pysec-2025-14	An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normal…	django	2025-04-02T13:15:44+00:00	2025-04-09T17:27:25.169049+00:00
pysec-2025-13	An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2…	django	2025-03-06T19:15:27+00:00	2025-04-09T17:27:25.095679+00:00
pysec-2022-43178	An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the cleo …	cleo	2022-11-09T20:15:10+00:00	2025-04-09T17:27:24.793038+00:00

ID	Description	Updated
gsd-2024-33855	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.741239Z
gsd-2024-33851	phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point…	2024-04-28T05:02:07.732559Z
gsd-2024-33879	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.727068Z
gsd-2024-4294	A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Ap…	2024-04-28T05:02:06.079201Z
gsd-2024-4292	A vulnerability classified as critical has been found in Contemporary Controls BASrouter …	2024-04-28T05:02:06.073286Z
gsd-2024-4295	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:06.068263Z
gsd-2024-4291	A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri…	2024-04-28T05:02:06.058388Z
gsd-2024-4293	A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana…	2024-04-28T05:02:06.052534Z
gsd-2023-52722	An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER …	2024-04-28T05:01:28.746814Z
gsd-2022-48685	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:00:27.870720Z
gsd-2022-48684	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:00:27.715598Z
gsd-2024-24777	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:24.547536Z
gsd-2024-28875	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:20.401696Z
gsd-2024-33786	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.606155Z
gsd-2024-33697	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-27T05:02:18.598872Z
gsd-2024-33722	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.598142Z
gsd-2024-33784	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.595808Z
gsd-2024-33788	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.591276Z
gsd-2024-33814	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.590797Z
gsd-2024-33701	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.589032Z
gsd-2024-33776	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.587852Z
gsd-2024-33712	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.587066Z
gsd-2024-33840	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.586722Z
gsd-2024-33838	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.585807Z
gsd-2024-33749	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.584613Z
gsd-2024-33839	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.579161Z
gsd-2024-33733	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.577869Z
gsd-2024-33845	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.569462Z
gsd-2024-33741	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.568527Z
gsd-2024-33738	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.562140Z

ID	Description	Published	Updated
mal-2025-49668	Malicious code in yanti-rangi7-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49667	Malicious code in yanti-pisang18-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49666	Malicious code in yanti-papeda76-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49665	Malicious code in yanti-ongol-ongol16-riris (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49664	Malicious code in yanti-oblok54-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49663	Malicious code in yanti-nasiuduk44-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49662	Malicious code in yanti-nasi86-miaww (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49661	Malicious code in yanti-naget91-miaww (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49660	Malicious code in yanti-mie5-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49659	Malicious code in yanti-menjes75-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49658	Malicious code in yanti-menjes54-devapp (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49657	Malicious code in yanti-menjes32-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49656	Malicious code in yanti-menjes12-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49655	Malicious code in yanti-mendut80-miaww (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49654	Malicious code in yanti-martabak53-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49653	Malicious code in yanti-mangga91-remi (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49652	Malicious code in yanti-lumpur18-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49651	Malicious code in yanti-lontong53-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49650	Malicious code in yanti-lontong48-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49649	Malicious code in yanti-lepet55-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49648	Malicious code in yanti-lengko23-riris (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49647	Malicious code in yanti-lapis61-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49646	Malicious code in yanti-lapis43-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49645	Malicious code in yanti-kue90-riris (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49644	Malicious code in yanti-kue84-ruro (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49643	Malicious code in yanti-kue69-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49642	Malicious code in yanti-kue62-sumpek (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49641	Malicious code in yanti-kue1-sluey (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49640	Malicious code in yanti-kolak3-sukiwir (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z
mal-2025-49639	Malicious code in yanti-keripik28-breki (npm)	2025-11-09T18:30:25Z	2025-11-09T18:30:25Z

ID	Description	Published	Updated
wid-sec-w-2025-2390	PowerDNS Recursor: Mehrere Schwachstellen ermöglichen Manipulation von Dateien	2025-10-22T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2386	Unbound: Schwachstelle ermöglicht Manipulation von Dateien	2025-10-22T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2385	Drupal Module: Mehrere Schwachstellen	2025-10-22T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2365	Oracle Java SE: Mehrere Schwachstellen	2025-10-21T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2275	Mozilla Firefox: Mehrere Schwachstellen	2025-10-14T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2227	Golang Go: Mehrere Schwachstellen	2025-10-07T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2129	GIMP: Mehrere Schwachstellen ermöglichen Codeausführung	2025-09-24T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2126	Drupal Module: Mehrere Schwachstellen	2025-09-24T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2110	LibTiff: Schwachstelle ermöglicht Codeausführung	2025-09-22T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1954	Drupal: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-09-03T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1869	Linux Kernel: Mehrere Schwachstellen	2025-08-19T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1785	Intel Prozessoren: Mehrere Schwachstellen	2025-08-12T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1748	libarchive: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung	2025-08-07T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1656	Red Hat Enterprise Linux (unbound): Schwachstelle ermöglicht Manipulation von Daten	2025-07-27T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1646	Red Hat Enterprise Linux (nodejs, perl): Mehrere Schwachstellen	2025-07-27T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1569	Oracle Java SE: Mehrere Schwachstellen	2025-07-15T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1350	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-06-17T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1312	libxml2: Mehrere Schwachstellen ermöglichen Denial of Service	2025-06-11T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-1055	Node.js: Mehrere Schwachstellen	2025-05-14T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-0403	libxml2: Mehrere Schwachstellen	2025-02-18T23:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2024-3338	Red Hat OpenShift: Mehrere Schwachstelle	2024-11-05T23:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2024-1547	OpenSSH auf Red Hat Enterprise Linux 9: Schwachstelle ermöglicht Denial of Service	2024-07-08T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2023-3022	Apache ActiveMQ: Schwachstelle ermöglicht Codeausführung	2023-11-28T23:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2023-2119	Python: Mehrere Schwachstellen	2023-08-22T22:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2023-0611	Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service	2023-03-09T23:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2023-0433	Apache Commons und Apache Tomcat: Schwachstelle ermöglicht Denial of Service	2023-02-20T23:00:00.000+00:00	2025-10-29T23:00:00.000+00:00
wid-sec-w-2025-2420	Apache Tomcat: Mehrere Schwachstellen	2025-10-27T23:00:00.000+00:00	2025-10-28T23:00:00.000+00:00
wid-sec-w-2025-2407	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-10-26T23:00:00.000+00:00	2025-10-27T23:00:00.000+00:00
wid-sec-w-2025-2392	Internet Systems Consortium BIND: Mehrere Schwachstellen	2025-10-22T22:00:00.000+00:00	2025-10-26T23:00:00.000+00:00
wid-sec-w-2025-2391	OpenBao: Mehrere Schwachstellen	2025-10-22T22:00:00.000+00:00	2025-10-23T22:00:00.000+00:00

ID	Description	Published	Updated
ssa-517338	SSA-517338: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-493787	SSA-493787: Arbitrary Code Execution Vulnerability in SIMATIC RTLS Locating Manager Before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-460466	SSA-460466: Denial of Service Vulnerability in TIA Project-Server and TIA Portal	2025-07-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-446307	SSA-446307: Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A	2025-05-13T00:00:00Z	2025-08-12T00:00:00Z
ssa-400089	SSA-400089: Denial of Service Vulnerability in SIPROTEC 4 and SIPROTEC 4 Compact	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-398330	SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP >= V3.1.0 and < V3.1.5	2023-12-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-392859	SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-382999	SSA-382999: Multiple Vulnerabilities in Opcenter Quality Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-355557	SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-353002	SSA-353002: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family	2024-03-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-256353	SSA-256353: Third-Party Component Vulnerabilities in RUGGEDCOM ROS	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-177847	SSA-177847: Improper VNC Password Check Vulnerability in SINUMERIK Controllers	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-170375	SSA-170375: Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9	2024-07-09T00:00:00Z	2025-08-12T00:00:00Z
ssa-097435	SSA-097435: Usernames Disclosure Vulnerability in Mendix Runtime	2024-09-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-094954	SSA-094954: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-725549	SSA-725549: Denial of Service of ICMP in Industrial Devices	2025-04-08T00:00:00Z	2025-07-21T00:00:00Z
ssa-183963	SSA-183963: Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11	2025-07-08T00:00:00Z	2025-07-18T00:00:00Z
ssa-938066	SSA-938066: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-904646	SSA-904646: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-763427	SSA-763427: Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices	2015-11-27T00:00:00Z	2025-07-08T00:00:00Z
ssa-723487	SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products	2024-07-09T00:00:00Z	2025-07-08T00:00:00Z
ssa-698820	SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices	2024-07-09T00:00:00Z	2025-07-08T00:00:00Z
ssa-634640	SSA-634640: Weak Authentication Vulnerability in Siemens Industrial Edge Devices	2025-04-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-627195	SSA-627195: Zip Path Traversal Vulnerability in Mendix Studio Pro's Module Installation Process	2025-06-12T00:00:00Z	2025-07-08T00:00:00Z
ssa-626991	SSA-626991: Denial of Service Vulnerability in SIMATIC CN 4100 before V4.0	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-593272	SSA-593272: SegmentSmack in Interniche IP-Stack based Industrial Devices	2020-04-14T00:00:00Z	2025-07-08T00:00:00Z
ssa-573669	SSA-573669: Multiple Vulnerabilities in TIA Administrator Before V3.0.6	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-446545	SSA-446545: Impact of RegreSSHion (CVE-2024-6387) in Siemens Industrial Products	2024-09-10T00:00:00Z	2025-07-08T00:00:00Z
ssa-364175	SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1	2024-07-09T00:00:00Z	2025-07-08T00:00:00Z

ID	Description	Published	Updated
rhsa-2023:7662	Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 6.0.3 security update	2023-12-06T00:20:48+00:00	2025-11-09T18:42:04+00:00
rhsa-2023:7608	Red Hat Security Advisory: OpenShift Container Platform 4.12.45 bug fix and security update	2023-12-06T17:55:11+00:00	2025-11-09T18:42:03+00:00
rhsa-2023:7607	Red Hat Security Advisory: OpenShift Container Platform 4.12.45 security and extras update	2023-12-06T16:54:41+00:00	2025-11-09T18:42:02+00:00
rhsa-2023:7604	Red Hat Security Advisory: OpenShift Container Platform 4.13.25 bug fix and security update	2023-12-06T00:34:23+00:00	2025-11-09T18:42:02+00:00
rhsa-2023:7602	Red Hat Security Advisory: OpenShift Container Platform 4.13.25 security and extras update	2023-12-06T00:16:04+00:00	2025-11-09T18:42:02+00:00
rhsa-2023:7555	Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.0 security update	2023-11-28T18:50:01+00:00	2025-11-09T18:42:01+00:00
rhsa-2023:7522	Red Hat Security Advisory: OpenShift Virtualization 4.13.6 security and bug fix update	2023-11-28T13:45:02+00:00	2025-11-09T18:41:59+00:00
rhsa-2023:7521	Red Hat Security Advisory: OpenShift Virtualization 4.13.6 RPMs security and bug fix update	2023-11-28T13:17:06+00:00	2025-11-09T18:41:59+00:00
rhsa-2023:7515	Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 9.0.0 security update	2023-11-27T16:08:33+00:00	2025-11-09T18:41:59+00:00
rhsa-2023:7479	Red Hat Security Advisory: OpenShift Container Platform 4.11.54 bug fix and security update	2023-11-29T01:40:41+00:00	2025-11-09T18:41:58+00:00
rhsa-2023:7478	Red Hat Security Advisory: OpenShift Container Platform 4.11.54 security and extras update	2023-11-29T00:44:58+00:00	2025-11-09T18:41:58+00:00
rhsa-2023:7475	Red Hat Security Advisory: OpenShift Container Platform 4.13.24 bug fix and security update	2023-11-29T01:47:09+00:00	2025-11-09T18:41:56+00:00
rhsa-2023:7469	Red Hat Security Advisory: OpenShift Container Platform 4.14.4 security and extras update	2023-11-29T10:27:24+00:00	2025-11-09T18:41:56+00:00
rhsa-2023:7474	Red Hat Security Advisory: OpenShift Container Platform 4.13.24 security and extras update	2023-11-29T00:33:54+00:00	2025-11-09T18:41:55+00:00
rhsa-2023:7470	Red Hat Security Advisory: OpenShift Container Platform 4.14.4 bug fix and security update	2023-11-29T11:36:57+00:00	2025-11-09T18:41:55+00:00
rhsa-2023:7345	Red Hat Security Advisory: Red Hat OpenShift GitOps v1.9.3 security update	2023-11-20T08:34:18+00:00	2025-11-09T18:41:53+00:00
rhsa-2023:7344	Red Hat Security Advisory: openshift-gitops-kam security update	2023-11-20T07:53:42+00:00	2025-11-09T18:41:53+00:00
rhsa-2023:7342	Red Hat Security Advisory: OpenShift Container Platform 4.11 low-latency extras update	2023-11-16T20:48:36+00:00	2025-11-09T18:41:52+00:00
rhsa-2023:7323	Red Hat Security Advisory: OpenShift Container Platform 4.13.23 bug fix and security update	2023-11-21T11:27:12+00:00	2025-11-09T18:41:52+00:00
rhsa-2023:7322	Red Hat Security Advisory: OpenShift Container Platform 4.13.23 security and extras update	2023-11-21T11:27:54+00:00	2025-11-09T18:41:51+00:00
rhsa-2023:7315	Red Hat Security Advisory: OpenShift Container Platform 4.14.3 bug fix and security update	2023-11-21T11:26:31+00:00	2025-11-09T18:41:51+00:00
rhsa-2023:7288	Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 Openshift Jenkins security update	2023-11-16T05:58:26+00:00	2025-11-09T18:41:50+00:00
rhsa-2023:7200	Red Hat Security Advisory: OpenShift Container Platform 4.15.z security update	2024-02-27T22:49:18+00:00	2025-11-09T18:41:49+00:00
rhsa-2023:7215	Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.2.12	2023-11-15T00:16:31+00:00	2025-11-09T18:41:48+00:00
rhsa-2023:7201	Red Hat Security Advisory: OpenShift Container Platform 4.15.0 packages and security update	2024-02-27T22:34:13+00:00	2025-11-09T18:41:46+00:00
rhsa-2023:7198	Red Hat Security Advisory: OpenShift Container Platform 4.15.0 bug fix and security update	2024-02-27T20:49:10+00:00	2025-11-09T18:41:46+00:00
rhsa-2023:6894	Red Hat Security Advisory: OpenShift Container Platform 4.12.44 bug fix and security update	2023-11-21T12:36:12+00:00	2025-11-09T18:41:46+00:00
rhsa-2023:6893	Red Hat Security Advisory: OpenShift Container Platform 4.12.44 security and extras update	2023-11-21T12:20:30+00:00	2025-11-09T18:41:45+00:00
rhsa-2023:6846	Red Hat Security Advisory: OpenShift Container Platform 4.13.22 bug fix and security update	2023-11-15T01:45:54+00:00	2025-11-09T18:41:44+00:00
rhsa-2023:6845	Red Hat Security Advisory: OpenShift Container Platform 4.13.22 security and extras update	2023-11-15T00:43:04+00:00	2025-11-09T18:41:44+00:00

ID	Description	Published	Updated
msrc_cve-2025-40033	remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable()	2025-10-02T00:00:00.000Z	2025-10-29T01:03:37.000Z
msrc_cve-2025-40077	f2fs: fix to avoid overflow while left shift operation	2025-10-02T00:00:00.000Z	2025-10-29T01:03:32.000Z
msrc_cve-2025-40032	PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release	2025-10-02T00:00:00.000Z	2025-10-29T01:03:26.000Z
msrc_cve-2025-40080	nbd: restrict sockets to TCP and UDP	2025-10-02T00:00:00.000Z	2025-10-29T01:03:21.000Z
msrc_cve-2025-40060	coresight: trbe: Return NULL pointer for allocation failures	2025-10-02T00:00:00.000Z	2025-10-29T01:03:16.000Z
msrc_cve-2025-40026	KVM: x86: Don't (re)check L1 intercepts when completing userspace I/O	2025-10-02T00:00:00.000Z	2025-10-29T01:03:10.000Z
msrc_cve-2025-40040	mm/ksm: fix flag-dropping behavior in ksm_madvise	2025-10-02T00:00:00.000Z	2025-10-29T01:03:05.000Z
msrc_cve-2025-40056	vhost: vringh: Fix copy_to_iter return value check	2025-10-02T00:00:00.000Z	2025-10-29T01:02:59.000Z
msrc_cve-2025-40051	vhost: vringh: Modify the return value check	2025-10-02T00:00:00.000Z	2025-10-29T01:02:54.000Z
msrc_cve-2025-40055	ocfs2: fix double free in user_cluster_connect()	2025-10-02T00:00:00.000Z	2025-10-29T01:02:49.000Z
msrc_cve-2025-40025	f2fs: fix to do sanity check on node footer for non inode dnode	2025-10-02T00:00:00.000Z	2025-10-29T01:02:43.000Z
msrc_cve-2025-40053	net: dlink: handle copy_thresh allocation failure	2025-10-02T00:00:00.000Z	2025-10-29T01:02:38.000Z
msrc_cve-2025-40035	Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak	2025-10-02T00:00:00.000Z	2025-10-29T01:02:33.000Z
msrc_cve-2025-40030	pinctrl: check the return value of pinmux_ops::get_function_name()	2025-10-02T00:00:00.000Z	2025-10-29T01:02:27.000Z
msrc_cve-2025-40052	smb: client: fix crypto buffers in non-linear memory	2025-10-02T00:00:00.000Z	2025-10-29T01:02:22.000Z
msrc_cve-2025-40044	fs: udf: fix OOB read in lengthAllocDescs handling	2025-10-02T00:00:00.000Z	2025-10-29T01:02:16.000Z
msrc_cve-2025-40078	bpf: Explicitly check accesses to bpf_sock_addr	2025-10-02T00:00:00.000Z	2025-10-29T01:02:11.000Z
msrc_cve-2025-40061	RDMA/rxe: Fix race in do_task() when draining	2025-10-02T00:00:00.000Z	2025-10-29T01:02:05.000Z
msrc_cve-2025-40029	bus: fsl-mc: Check return value of platform_get_resource()	2025-10-02T00:00:00.000Z	2025-10-29T01:02:00.000Z
msrc_cve-2025-40042	tracing: Fix race condition in kprobe initialization causing NULL pointer dereference	2025-10-02T00:00:00.000Z	2025-10-29T01:01:54.000Z
msrc_cve-2025-40038	KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid	2025-10-02T00:00:00.000Z	2025-10-29T01:01:49.000Z
msrc_cve-2025-59503	Azure Compute Resource Provider Elevation of Privilege Vulnerability	2025-10-14T07:00:00.000Z	2025-10-28T07:00:00.000Z
msrc_cve-2025-40021	tracing: dynevent: Add a missing lockdown check on dynevent	2025-10-02T00:00:00.000Z	2025-10-26T01:01:36.000Z
msrc_cve-2025-40020	can: peak_usb: fix shift-out-of-bounds issue	2025-10-02T00:00:00.000Z	2025-10-26T01:01:30.000Z
msrc_cve-2025-40024	vhost: Take a reference on the task in struct vhost_task.	2025-10-02T00:00:00.000Z	2025-10-26T01:01:14.000Z
msrc_cve-2025-62518	astral-tokio-tar Vulnerable to PAX Header Desynchronization	2025-10-02T00:00:00.000Z	2025-10-25T14:01:53.000Z
msrc_cve-2025-59530	quic-go has Client Crash Due to Premature HANDSHAKE_DONE Frame	2025-10-02T00:00:00.000Z	2025-10-25T14:01:47.000Z
msrc_cve-2025-11839	GNU Binutils prdbg.c tg_tag_type return value	2025-10-02T00:00:00.000Z	2025-10-25T14:01:37.000Z
msrc_cve-2025-40018	ipvs: Defer ip_vs_ftp unregister during netns cleanup	2025-10-02T00:00:00.000Z	2025-10-25T14:01:29.000Z
msrc_cve-2025-40019	crypto: essiv - Check ssize for decryption and in-place encryption	2025-10-02T00:00:00.000Z	2025-10-25T14:01:24.000Z

ID	Description	Published	Updated
icsa-25-282-03	Rockwell Automation Stratix	2025-10-09T06:00:00.000000Z	2025-10-09T06:00:00.000000Z
icsa-25-282-02	Rockwell Automation Lifecycle Services with Cisco	2025-10-09T06:00:00.000000Z	2025-10-09T06:00:00.000000Z
icsa-25-282-01	Hitachi Energy Asset Suite	2025-10-09T06:00:00.000000Z	2025-10-09T06:00:00.000000Z
icsa-25-128-03	Mitsubishi Electric Multiple FA Products (Update A)	2025-05-08T06:00:00.000000Z	2025-10-09T06:00:00.000000Z
va-25-280-01	OPEXUS FOIAXpress stored XSS	2025-10-07T22:50:29Z	2025-10-07T22:50:29Z
icsa-25-226-31	Rockwell Automation 1756-EN4TR, 1756-EN4TRXT (Update B)	2025-08-14T06:00:00.000000Z	2025-10-07T06:00:00.000000Z
icsa-25-275-01	Raise3D Pro2 Series 3D Printers**	2025-10-02T05:00:00.000000Z	2025-10-02T05:00:00.000000Z
icsa-25-289-11	Hitachi Energy MACH GWS	2025-09-30T12:50:29.000000Z	2025-09-30T12:50:29.000000Z
icsa-24-116-02	Hitachi Energy MACH SCM (Update A)	2024-03-26T11:32:43.000000Z	2025-09-30T11:32:43.000000Z
icsa-25-275-02	Hitachi Energy MSM	2025-09-30T09:02:31.000000Z	2025-09-30T09:02:31.000000Z
icsa-25-273-06	National Instruments Circuit Design Suite	2025-09-30T06:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-273-05	OpenPLC_V3	2025-09-30T06:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-273-04	Festo Controller CECC-S,-LK,-D Family Firmware	2025-09-30T06:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-273-01	MegaSys Enterprises Telenium Online Web Application	2025-09-30T06:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-226-26	Rockwell Automation FLEX 5000 I/O (Update A)	2025-08-14T06:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-063-02	Keysight Ixia Vision Product Family (Update A)	2025-03-04T07:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-22-298-02	HEIDENHAIN Controller TNC (Update A)	2022-10-25T06:00:00.000000Z	2025-09-30T06:00:00.000000Z
icsa-25-273-07	LG Innotek Camera Multiple Models	2025-09-30T05:00:00.000000Z	2025-09-30T05:00:00.000000Z
va-25-273-01	Microsoft Windows inconsistent driver blocking	2025-09-30T00:00:00Z	2025-09-30T00:00:00Z
va-25-272-01	Medical Informatics Engineering Enterprise Health multiple vulnerabilities	2025-09-29T00:00:00Z	2025-09-29T00:00:00Z
icsa-25-268-01	Dingtian DT-R002	2025-09-25T06:00:00.000000Z	2025-09-25T06:00:00.000000Z
icsa-25-140-07	Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL (Update A)	2025-05-13T04:00:00.000000Z	2025-09-24T04:00:00.000000Z
icsa-25-266-04	Viessmann Vitogate 300	2025-09-23T06:00:00.000000Z	2025-09-23T06:00:00.000000Z
icsa-25-266-02	Mitsubishi Electric MELSEC-Q Series CPU Module	2025-09-23T06:00:00.000000Z	2025-09-23T06:00:00.000000Z
icsa-25-266-01	AutomationDirect CLICK PLUS	2025-09-23T06:00:00.000000Z	2025-09-23T06:00:00.000000Z
va-25-265-01	Airship AI MFA bypass and default credentials vulnerabilities	2025-09-22T14:06:13Z	2025-09-22T14:06:13Z
icsa-25-261-07	Dover Fueling Solutions ProGauge MagLink LX4 Devices	2025-09-18T06:00:00.000000Z	2025-09-18T06:00:00.000000Z
icsa-25-261-06	Cognex In-Sight Explorer and In-Sight Camera Firmware	2025-09-18T06:00:00.000000Z	2025-09-18T06:00:00.000000Z
icsa-25-261-03	Schneider Electric Saitel DR & Saitel DP Remote Terminal Unit	2025-09-18T06:00:00.000000Z	2025-09-18T06:00:00.000000Z
icsa-25-261-02	Westermo Network Technologies WeOS 5	2025-09-18T06:00:00.000000Z	2025-09-18T06:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-fmc-xss-jtnmcusp	Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-fmc-xpathinj-corthdmb	Cisco Secure Firewall Management Center Software XPATH Injection Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-fmc-radius-rce-tnbkf79	Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-fmc-html-inj-mqjrzrny	Cisco Secure Firewall Management Center Software HTML Injection Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-fmc-ftd-cmdinj-phe7kmt	Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Command Injection Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-fmc-cmd-inj-hcrlpfyn	Cisco Secure Firewall Management Center Software Command Injection Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-fmc-authz-bypass-m7xhnau	Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerabilities	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asaftd-vpnwebs-dos-hjbhmbsx	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asaftd-vpn-dos-mfpeka6e	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asaftd-nat-dns-dos-bqhynhtm	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asaftd-http-file-huyx2jl4	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asaftd-dhcp-qj7ngs4n	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software DHCP Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asaftd-cmdinj-vehfezq3	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asa-ftd-ios-dos-doeshwhy	Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asa-ftd-acl-bypass-mtpze9yh	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Rules Bypass Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-asa-buffer-overflow-pyruhwbc	Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Web Services Denial of Service Vulnerability	2025-08-14T16:00:00+00:00	2025-08-14T16:00:00+00:00
cisco-sa-webex-join-ynxfqhk4	Cisco Webex Meeting Client Join Certificate Validation Vulnerability	2025-08-06T16:00:00+00:00	2025-08-06T16:00:00+00:00
cisco-sa-ise_xss_acc_cont-ysr4ut4u	Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities	2025-08-06T16:00:00+00:00	2025-08-06T16:00:00+00:00
cisco-sa-20170629-snmp	SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software	2017-06-29T16:00:00+00:00	2025-07-30T16:27:06+00:00
cisco-sa-ise-unauth-rce-zad2gnj6	Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities	2025-06-25T16:00:00+00:00	2025-07-24T23:30:31+00:00
cisco-sa-piepnm-bsi-25jjqsbb	Cisco Prime Infrastructure and Evolved Programmable Network Manager Blind SQL Injection Vulnerability	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-ise-multi-3vpsxoxo	Cisco Identity Services Engine Authenticated Remote Code Execution and Authorization Bypass Vulnerabilities	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-cuis-ssrf-jsudjev	Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-cuis-file-upload-uhnetstm	Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-spaces-conn-privesc-kgd2ccdu	Cisco Spaces Connector Privilege Escalation Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ece-xss-cbtkteyc	Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-cucm-ssh-m4ubdpe7	Cisco Unified Communications Manager Static SSH Credentials Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ise-stored-xss-yff54m73	Cisco Identity Services Stored Cross-Site Scripting Vulnerability	2025-05-21T16:00:00+00:00	2025-06-30T15:08:59+00:00
cisco-sa-ise-auth-bypass-mvfkvqau	Cisco Identity Services Engine Authorization Bypass Vulnerability	2025-06-25T16:00:00+00:00	2025-06-25T16:00:00+00:00
cisco-sa-ise-file-upload-p4m8vwxy	Cisco Identity Services Engine Arbitrary File Upload Vulnerability	2025-06-04T16:00:00+00:00	2025-06-23T19:16:21+00:00

ID	Description	Published	Updated
sca-2022-0007	Vulnerabilities in SICK MARSIC300	2022-04-21T15:00:00.000Z	2022-04-21T15:00:00.000Z
SCA-2022-0007	Vulnerabilities in SICK MARSIC300	2022-04-21T15:00:00.000Z	2022-04-21T15:00:00.000Z
sca-2022-0006	Vulnerability in SICK MSC800	2022-04-11T15:00:00.000Z	2022-04-11T15:00:00.000Z
sca-2022-0005	Vulnerability in SICK Overall Equipment Effectiveness (OEE)	2022-04-11T15:00:00.000Z	2022-04-11T15:00:00.000Z
SCA-2022-0006	Vulnerability in SICK MSC800	2022-04-11T15:00:00.000Z	2022-04-11T15:00:00.000Z
SCA-2022-0005	Vulnerability in SICK Overall Equipment Effectiveness (OEE)	2022-04-11T15:00:00.000Z	2022-04-11T15:00:00.000Z
sca-2022-0004	Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC	2022-04-11T15:00:00.000Z	2022-03-31T15:00:00.000Z
sca-2022-0003	Vulnerabilities in SICK FTMg	2022-03-31T15:00:00.000Z	2022-03-31T15:00:00.000Z
SCA-2022-0004	Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC	2022-04-11T15:00:00.000Z	2022-03-31T15:00:00.000Z
SCA-2022-0003	Vulnerabilities in SICK FTMg	2022-03-31T15:00:00.000Z	2022-03-31T15:00:00.000Z
sca-2022-0002	PwnKit vulnerability affects multiple SICK IPCs	2022-02-23T16:00:00.000Z	2022-02-23T16:00:00.000Z
SCA-2022-0002	PwnKit vulnerability affects multiple SICK IPCs	2022-02-23T16:00:00.000Z	2022-02-23T16:00:00.000Z
sca-2022-0001	Vulnerability in SICK FieldEcho	2022-02-17T16:00:00.000Z	2022-02-17T16:00:00.000Z
SCA-2022-0001	Vulnerability in SICK FieldEcho	2022-02-17T16:00:00.000Z	2022-02-17T16:00:00.000Z
sca-2021-0003	SICK Security Advisory for Apache Log4j (CVE-2021-44228)	2021-12-14T17:00:00.000Z	2021-12-17T12:00:00.000Z
SCA-2021-0003	SICK Security Advisory for Apache Log4j (CVE-2021-44228)	2021-12-14T17:00:00.000Z	2021-12-17T12:00:00.000Z
sca-2021-0004	Vulnerabilities in SICK SOPAS ET	2021-12-16T08:00:00.000Z	2021-12-17T08:00:00.000Z
SCA-2021-0004	Vulnerabilities in SICK SOPAS ET	2021-12-16T08:00:00.000Z	2021-12-17T08:00:00.000Z
sca-2021-0002	MEAC affected by Windows SMBv1 vulnerability	2021-08-04T10:00:00.000Z	2021-08-04T10:00:00.000Z
SCA-2021-0002	MEAC affected by Windows SMBv1 vulnerability	2021-08-04T10:00:00.000Z	2021-08-04T10:00:00.000Z
sca-2021-0001	Inadequate SSH configuration in SICK Visionary-S CX	2021-06-25T10:00:00.000Z	2021-06-25T10:00:00.000Z
SCA-2021-0001	Inadequate SSH configuration in SICK Visionary-S CX	2021-06-25T10:00:00.000Z	2021-06-25T10:00:00.000Z
sca-2020-0005	Package Analytics affected by Windows TCP/IP vulnerability	2020-10-29T11:00:00.000Z	2020-10-29T11:00:00.000Z
SCA-2020-0005	Package Analytics affected by Windows TCP/IP vulnerability	2020-10-29T11:00:00.000Z	2020-10-29T11:00:00.000Z
sca-2020-0004	Vulnerability in Platform Mechanism AutoIP	2020-08-31T10:00:00.000Z	2020-08-31T10:00:00.000Z
SCA-2020-0004	Vulnerability in Platform Mechanism AutoIP	2020-08-31T10:00:00.000Z	2020-08-31T10:00:00.000Z
sca-2020-0003	MEAC affected by Windows SMBv3 vulnerability	2020-08-07T10:00:00.000Z	2020-08-07T10:00:00.000Z
SCA-2020-0003	MEAC affected by Windows SMBv3 vulnerability	2020-08-07T10:00:00.000Z	2020-08-07T10:00:00.000Z
sca-2020-0002	Vulnerabilities in SICK Package Analytics	2020-08-07T10:00:00.000Z	2020-07-28T10:00:00.000Z
SCA-2020-0002	Vulnerabilities in SICK Package Analytics	2020-08-07T10:00:00.000Z	2020-07-28T10:00:00.000Z

ID	Description	Published	Updated
nn-2023_14-01	Unsafe temporary data privileges on Unix systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023_13-01	Missing authentication for local web interface in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023_1-01	Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2	2023-05-03T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:5-01	Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:16-01	Path traversal via 'zip slip' in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:14-01	Unsafe temporary data privileges on Unix systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:13-01	Missing authentication for local web interface in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2023:1-01	Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2	2023-05-03T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2021_2-01	Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2021_1-01	Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2021:2-01	Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2021:1-01	Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2020_3-01	Angular template injection on custom report name field	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2020_2-01	Cross-site request forgery attack on change password form	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2020:3-01	Angular template injection on custom report name field	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2020:2-01	Cross-site request forgery attack on change password form	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2019_2-01	CSV Injection on node label	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2019_1-01	Stored XSS in field name data model	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2019:2-01	CSV Injection on node label	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
nn-2019:1-01	Stored XSS in field name data model	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2023:5-01	Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2023:16-01	Path traversal via 'zip slip' in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2023:14-01	Unsafe temporary data privileges on Unix systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2023:13-01	Missing authentication for local web interface in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2023:1-01	Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2	2023-05-03T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2021:2-01	Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2021:1-01	Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:3-01	Angular template injection on custom report name field	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:2-01	Cross-site request forgery attack on change password form	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:2-01	CSV Injection on node label	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-202106-0541	A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists i…	2024-11-29T22:41:05.395000Z
var-201404-0398	Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an…	2024-11-29T22:40:03.814000Z
var-201512-0325	The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml…	2024-11-29T22:39:27.935000Z
var-201110-0442	ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial…	2024-11-29T22:39:20.695000Z
var-202108-1249	A buffer overflow issue was addressed with improved memory handling. This issue is fixed …	2024-11-29T22:39:20.492000Z
var-201908-0266	Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a den…	2024-11-29T22:39:19.970000Z
var-201401-0010	The get_free_port function in Xen allows local authenticated DomU users to cause a denial…	2024-11-29T22:39:13.941000Z
var-201903-0441	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:39:13.461000Z
var-202205-1313	A memory corruption issue was addressed with improved state management. This issue is fix…	2024-11-29T22:39:12.582000Z
var-202104-0160	An out-of-bounds write issue was addressed with improved bounds checking. This issue is f…	2024-11-29T22:39:12.341000Z
var-201912-0584	A memory corruption issue was addressed with improved input validation. This issue is fix…	2024-11-29T22:39:12.042000Z
var-202010-1294	A use after free issue was addressed with improved memory management. This issue is fixed…	2024-11-29T22:39:02.841000Z
var-201505-0337	The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorit…	2024-11-29T22:38:58.066000Z
var-202206-1157	Incomplete cleanup in specific special register write operations for some Intel(R) Proces…	2024-11-29T22:38:27.104000Z
var-201912-0589	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:38:26.505000Z
var-202201-0304	A logic issue was addressed with improved state management. This issue is fixed in iOS 15…	2024-11-29T22:38:25.432000Z
var-202203-0129	A cookie management issue was addressed with improved state management. This issue is fix…	2024-11-29T22:38:19.652000Z
var-201103-0294	Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800…	2024-11-29T22:38:19.331000Z
var-202210-0997	An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML docum…	2024-11-29T22:38:18.877000Z
var-202105-0131	A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packe…	2024-11-29T22:37:42.279000Z
var-201210-0272	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java …	2024-11-29T22:37:41.281000Z
var-201904-1323	A memory corruption issue was addressed with improved memory handling. This issue affecte…	2024-11-29T22:37:41.181000Z
var-200604-0209	Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 6 allows remote att…	2024-11-29T22:37:40.335000Z
var-200809-0184	Race condition in Login Window in Apple Mac OS X 10.5 through 10.5.4, when a blank-passwo…	2024-11-29T22:37:38.416000Z
var-200110-0170	The Legion of the Bouncy Castle Java Cryptography API before release 1.38, as used in Cry…	2024-11-29T22:37:36.551000Z
var-201509-0438	Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C L…	2024-11-29T22:37:33.901000Z
var-202003-1785	FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between seriali…	2024-11-29T22:37:30.055000Z
var-201912-0593	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:43.180000Z
var-201009-0241	Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10…	2024-11-29T22:36:42.881000Z
var-201912-0605	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:42.789000Z

ID	Description	Published	Updated
jvndb-2025-000058	WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection	2025-08-08T15:29+09:00	2025-08-08T15:29+09:00
jvndb-2025-010972	Multiple SEIKO EPSON products use weak initial passwords	2025-08-08T14:50+09:00	2025-08-08T14:50+09:00
jvndb-2025-000057	Multiple vulnerabilities in Mubit Powered BLUE 870	2025-08-08T14:47+09:00	2025-08-08T14:47+09:00
jvndb-2025-000056	Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series	2025-08-06T16:38+09:00	2025-08-06T16:38+09:00
jvndb-2025-010603	Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs	2025-08-05T11:29+09:00	2025-08-05T11:29+09:00
jvndb-2025-010408	Multiple vulnerabilities in PowerCMS	2025-08-01T12:05+09:00	2025-08-01T12:05+09:00
jvndb-2025-000055	ZXHN-F660T and ZXHN-F660A use a common credential for all installations	2025-07-31T15:12+09:00	2025-07-31T15:12+09:00
jvndb-2025-000054	Apache Jena Fuseki vulnerable to path traversal	2025-07-30T14:17+09:00	2025-07-30T14:17+09:00
jvndb-2025-000053	"SwitchBot" App vulnerable to insertion of sensitive information into log file	2025-07-29T13:44+09:00	2025-07-29T13:44+09:00
jvndb-2025-010056	TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection	2025-07-28T17:53+09:00	2025-07-28T17:53+09:00
jvndb-2025-000052	TP-Link Archer C1200 vulnerable to clickjacking	2025-07-24T14:16+09:00	2025-07-24T14:16+09:00
jvndb-2025-000051	Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input	2025-07-23T13:54+09:00	2025-07-23T13:54+09:00
jvndb-2025-009576	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-07-23T11:13+09:00	2025-07-23T11:13+09:00
jvndb-2025-000050	"region PAY" App for Android vulnerable to insertion of sensitive information into log file	2025-07-22T13:33+09:00	2025-07-22T13:33+09:00
jvndb-2025-009150	Security updates for Trend Micro products (June 2025)	2025-07-17T17:03+09:00	2025-07-17T17:03+09:00
jvndb-2025-000030	Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor	2025-05-12T18:00+09:00	2025-07-17T10:06+09:00
jvndb-2025-000049	ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials	2025-07-16T13:54+09:00	2025-07-16T13:54+09:00
jvndb-2025-008881	Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers	2025-07-15T15:54+09:00	2025-07-15T15:54+09:00
jvndb-2025-008783	Firebox T15 contains an issue with hidden functionality	2025-07-14T17:22+09:00	2025-07-14T17:22+09:00
jvndb-2025-008145	Epson Web Installer for Mac vulnerable to missing authentication for critical function	2025-07-08T14:08+09:00	2025-07-08T14:08+09:00
jvndb-2025-008106	Heap-based buffer overflow vulnerability in V-SFT and TELLUS	2025-07-07T16:26+09:00	2025-07-07T16:26+09:00
jvndb-2025-008105	Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)	2025-07-07T16:04+09:00	2025-07-07T16:04+09:00
jvndb-2025-000047	Multiple vulnerabilities in Nimesa Backup and Recovery	2025-07-07T15:26+09:00	2025-07-07T15:26+09:00
jvndb-2025-007978	Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)	2025-07-04T13:28+09:00	2025-07-04T13:28+09:00
jvndb-2025-000045	Multiple vulnerabilities in Active! mail	2025-07-02T14:13+09:00	2025-07-02T14:13+09:00
jvndb-2025-007754	Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)	2025-07-02T11:31+09:00	2025-07-02T11:31+09:00
jvndb-2025-007607	Pass-Back Attack vulnerability in Konica Minorta bizhub series	2025-07-01T14:09+09:00	2025-07-01T14:09+09:00
jvndb-2025-007595	Multiple vulnerabilities in Web Connection of Konica Minolta MFPs	2025-07-01T14:02+09:00	2025-07-01T14:02+09:00
jvndb-2025-000046	SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting	2025-06-30T15:45+09:00	2025-06-30T15:45+09:00
jvndb-2025-007552	Multiple vulnerabilities in TB-eye network recorders and AHD recorders	2025-06-30T14:45+09:00	2025-06-30T14:45+09:00

ID	Description	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated