Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-43qf-qj5j-5r47 | V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability … | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-2gww-fh48-p92f | Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthentica… | 2025-12-24T21:30:33Z | 2025-12-24T21:30:33Z |
| ghsa-x8gg-ghxq-c254 | Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to e… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-r64v-2m5c-fmx7 | Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-m2m8-9ppp-q3c7 | Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to cha… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-jmmc-j836-r5v7 | Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-gpch-6qpg-rp8g | Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-g4f4-x2rq-h8g8 | Ecessa ShieldLink SL175EHQ 10.7.4 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-fv28-hc36-43g9 | GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allo… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-cm58-6j6x-c433 | Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows au… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-9wqg-38fc-34m9 | Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated atta… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-86rg-f667-jpq7 | Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to c… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-6r9g-7c8c-j56m | GNU Barcode 0.99 contains a memory leak vulnerability in the command line processing function withi… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-64rh-68mc-5mmx | Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attac… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-5cqx-px25-wv82 | Ecessa Edge EV150 10.7.4 contains a cross-site request forgery vulnerability that allows attackers … | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-3fjq-mm23-rr9w | Ecessa WANWorx WVR-30 versions before 10.7.4 contain a cross-site request forgery vulnerability tha… | 2025-12-24T21:30:32Z | 2025-12-24T21:30:32Z |
| ghsa-x747-j9vr-9hhj | Synaccess netBooter NP-0801DU 7.4 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-rjwj-m7w5-fr82 | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote atta… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-h2gq-4xqf-ccqf | FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their … | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-ghwc-hrr9-vj2w | NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE)… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-f9jj-8x8f-vvx3 | Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNew… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-cph6-mwmj-r2r8 | FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers … | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-c68w-pf33-46g8 | FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attack… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-8j6v-82x4-pg34 | FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be ch… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-8hvh-73q5-g7pg | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig RES… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-58r7-rx7j-5v4g | Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers t… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-x4fw-5929-5227 | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerabi… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-wx69-963x-88g9 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ghsa-wcqx-pwqh-x4mj | SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilitie… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-w77q-cf84-7mcq | Missing Authorization vulnerability in Trustindex Widgets for Social Photo Feed social-photo-feed-w… | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-25150 | 5.1 (v4.0) 5.3 (v3.1) | Ecessa ShieldLink SL175EHQ 10.7.4 Cross-Site Request F… |
Ecessa Corporation |
Ecessa ShieldLink SL175EHQ |
2025-12-24T19:27:51.814Z | 2025-12-24T20:24:59.684Z |
| cve-2018-25151 | 5.1 (v4.0) 4.3 (v3.1) | Ecessa WANWorx WVR-30 < 10.7.4 Cross-Site Request Forg… |
Ecessa Corporation |
WANWorx WVR-30 |
2025-12-24T19:27:52.222Z | 2025-12-24T20:24:53.133Z |
| cve-2018-25152 | 5.1 (v4.0) 5.3 (v3.1) | Ecessa Edge EV150 10.7.4 Cross-Site Request Forgery vi… |
Ecessa Corporation |
Ecessa Edge EV150 |
2025-12-24T19:27:52.680Z | 2025-12-24T20:24:45.919Z |
| cve-2018-25153 | 6.9 (v4.0) 7.5 (v3.1) | GNU Barcode 0.99 Memory Leak Vulnerability in Command … |
The GNU Project | Free Software Foundation, Inc. |
GNU Barcode |
2025-12-24T19:27:53.062Z | 2025-12-24T20:24:39.099Z |
| cve-2018-25154 | 8.5 (v4.0) 9.8 (v3.1) | GNU Barcode 0.99 Buffer Overflow in Code 93 Encoding M… |
The GNU Project | Free Software Foundation, Inc. |
GNU Barcode |
2025-12-24T19:27:53.486Z | 2025-12-24T20:24:32.336Z |
| cve-2018-25155 | 5.1 (v4.0) 5.3 (v3.1) | Teradek Slice 7.3.15 Cross-Site Request Forgery via Pa… |
Teradek, LLC |
Slice |
2025-12-24T19:27:53.919Z | 2025-12-24T20:24:25.555Z |
| cve-2018-25156 | 5.1 (v4.0) 5.3 (v3.1) | Teradek Cube 7.3.6 Cross-Site Request Forgery Password… |
Teradek, LLC |
Cube |
2025-12-24T19:27:54.324Z | 2025-12-24T20:24:19.107Z |
| cve-2019-25233 | 5.1 (v4.0) 5.3 (v3.1) | AVE DOMINAplus 1.10.x Cross-Site Request Forgery and X… |
AVE S.p.A. |
DOMINAplus |
2025-12-24T19:27:54.735Z | 2025-12-24T20:24:12.386Z |
| cve-2019-25234 | 5.1 (v4.0) 5.3 (v3.1) | Carlo Gavazzi SmartHouse Webapp 6.5.33 Cross-Site Requ… |
Carlo Gavazzi AB |
SmartHouse Webapp |
2025-12-24T19:27:55.152Z | 2025-12-24T20:24:05.780Z |
| cve-2019-25235 | 8.8 (v4.0) 9.8 (v3.1) | Smartwares HOME easy 1.0.9 Client-Side Authentication … |
Smartwares |
Smartwares HOME easy |
2025-12-24T19:27:55.565Z | 2025-12-24T20:23:58.323Z |
| cve-2019-25236 | 8.7 (v4.0) 9.8 (v3.1) | iSeeQ Hybrid DVR WH-H4 1.03R Unauthenticated Live Stre… |
iSeeQ |
Hybrid DVR WH-H4 |
2025-12-24T19:27:55.979Z | 2025-12-24T20:23:52.108Z |
| cve-2019-25237 | 8.7 (v4.0) 9.8 (v3.1) | V-SOL GPON/EPON OLT Platform 2.03 Privilege Escalation… |
Guangzhou V-SOLUTION Electronic Technology Co., Ltd. |
SOL GPON/EPON OLT Platform |
2025-12-24T19:27:56.411Z | 2025-12-24T20:23:45.916Z |
| cve-2019-25238 | 5.1 (v4.0) 4.3 (v3.1) | V-SOL GPON/EPON OLT Platform 2.03 Cross-Site Request F… |
Guangzhou V-SOLUTION Electronic Technology Co., Ltd. |
SOL GPON/EPON OLT Platform |
2025-12-24T19:27:56.801Z | 2025-12-24T20:23:38.963Z |
| cve-2019-25239 | 8.7 (v4.0) 7.5 (v3.1) | V-SOL GPON/EPON OLT Platform 2.03 Unauthenticated Conf… |
Guangzhou V-SOLUTION Electronic Technology |
GPON/EPON OLT Platform |
2025-12-24T19:27:57.201Z | 2025-12-24T20:23:32.107Z |
| cve-2019-25240 | 8.7 (v4.0) 9.8 (v3.1) | Rifatron 5brid DVR 5brid DVR (HD6-532/516, DX6-516/508… |
Rifatron Co., Ltd. |
DVR |
2025-12-24T19:27:57.698Z | 2025-12-24T20:23:25.132Z |
| cve-2019-25241 | 9.3 (v4.0) 7.5 (v3.1) | FaceSentry Access Control System 6.4.8 Remote SSH Root… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.126Z | 2025-12-24T20:23:18.700Z |
| cve-2019-25242 | 5.1 (v4.0) 4.3 (v3.1) | FaceSentry Access Control System 6.4.8 Cross-Site Requ… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.523Z | 2025-12-24T20:23:12.300Z |
| cve-2019-25243 | 8.7 (v4.0) 8.8 (v3.1) | FaceSentry 6.4.8 Authenticated Remote Command Injectio… |
iWT Ltd. |
FaceSentry Access Control System |
2025-12-24T19:27:58.965Z | 2025-12-24T20:23:05.664Z |
| cve-2019-25244 | 5.1 (v4.0) 5.3 (v3.1) | Legrand BTicino Driver Manager F454 1.0.51 CSRF and St… |
BTicino S.p.A. |
Legrand BTicino Driver Manager F454 |
2025-12-24T19:27:59.384Z | 2025-12-24T20:22:58.420Z |
| cve-2019-25245 | 8.5 (v4.0) 8.8 (v3.1) | Ross Video DashBoard 8.5.1 Privilege Escalation via In… |
Ross Video Ltd. |
DashBoard |
2025-12-24T19:27:59.816Z | 2025-12-24T20:22:52.203Z |
| cve-2019-25246 | 7.1 (v4.0) 8.8 (v3.1) | Beward N100 H.264 VGA IP Camera M2.1.6 Authenticated F… |
Beward R&D Co., Ltd |
N100 H.264 VGA IP Camera |
2025-12-24T19:28:00.474Z | 2025-12-24T20:22:45.916Z |
| cve-2019-25247 | 5.1 (v4.0) 5.3 (v3.1) | Beward N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin … |
Beward R&D Co., Ltd |
N100 H.264 VGA IP Camera |
2025-12-24T19:28:00.994Z | 2025-12-24T20:22:39.710Z |
| cve-2019-25248 | 8.7 (v4.0) 7.5 (v3.1) | Beward N100 M2.1.6 Unauthenticated RTSP Video Stream D… |
Beward |
N100 H.264 VGA IP Camera |
2025-12-24T19:28:02.157Z | 2025-12-24T20:22:33.063Z |
| cve-2019-25249 | 8.7 (v4.0) 9.8 (v3.1) | devolo dLAN 500 AV Wireless+ 3.1.0-1 Remote Code Execu… |
devolo AG |
dLAN 550 duo+ Starter Kit |
2025-12-24T19:28:02.779Z | 2025-12-24T20:22:26.831Z |
| cve-2019-25250 | 5.1 (v4.0) 5.3 (v3.1) | Devolo dLAN 500 AV Wireless+ 3.1.0-1 Cross-Site Reques… |
devolo AG |
dLAN 550 duo+ Starter Kit |
2025-12-24T19:28:03.241Z | 2025-12-24T20:22:20.223Z |
| cve-2019-25251 | 6.9 (v4.0) 5.3 (v3.1) | Teradek VidiU Pro 3.0.3 Server-Side Request Forgery vi… |
Teradek, LLC |
VidiU Pro |
2025-12-24T19:28:03.642Z | 2025-12-24T20:22:13.312Z |
| cve-2019-25252 | 5.1 (v4.0) 5.3 (v3.1) | Teradek VidiU Pro 3.0.3 Cross-Site Request Forgery via… |
Teradek |
VidiU Pro |
2025-12-24T19:28:04.078Z | 2025-12-24T20:22:04.713Z |
| cve-2019-25253 | 7.1 (v4.0) 7.5 (v3.1) | KYOCERA Net Admin 3.4.0906 Unauthenticated XML Externa… |
KYOCERA Corporation |
KYOCERA Net Admin |
2025-12-24T19:28:04.490Z | 2025-12-24T20:21:56.818Z |
| cve-2019-25254 | 5.1 (v4.0) 5.3 (v3.1) | KYOCERA Net Admin 3.4.0906 Cross-Site Request Forgery … |
KYOCERA Corporation |
KYOCERA Net Admin |
2025-12-24T19:28:04.889Z | 2025-12-24T20:21:49.801Z |
| cve-2019-25255 | 8.7 (v4.0) 4.3 (v3.1) | VideoFlow Digital Video Protection DVP 2.10 Authentica… |
VideoFlow Ltd. |
VideoFlow Digital Video Protection DVP |
2025-12-24T19:28:05.284Z | 2025-12-24T20:21:43.515Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2019-25235 | 8.8 (v4.0) 9.8 (v3.1) | Smartwares HOME easy 1.0.9 Client-Side Authentication … |
Smartwares |
Smartwares HOME easy |
2025-12-24T19:27:55.565Z | 2025-12-24T20:23:58.323Z |
| cve-2019-25234 | 5.1 (v4.0) 5.3 (v3.1) | Carlo Gavazzi SmartHouse Webapp 6.5.33 Cross-Site Requ… |
Carlo Gavazzi AB |
SmartHouse Webapp |
2025-12-24T19:27:55.152Z | 2025-12-24T20:24:05.780Z |
| cve-2019-25233 | 5.1 (v4.0) 5.3 (v3.1) | AVE DOMINAplus 1.10.x Cross-Site Request Forgery and X… |
AVE S.p.A. |
DOMINAplus |
2025-12-24T19:27:54.735Z | 2025-12-24T20:24:12.386Z |
| cve-2018-25156 | 5.1 (v4.0) 5.3 (v3.1) | Teradek Cube 7.3.6 Cross-Site Request Forgery Password… |
Teradek, LLC |
Cube |
2025-12-24T19:27:54.324Z | 2025-12-24T20:24:19.107Z |
| cve-2018-25155 | 5.1 (v4.0) 5.3 (v3.1) | Teradek Slice 7.3.15 Cross-Site Request Forgery via Pa… |
Teradek, LLC |
Slice |
2025-12-24T19:27:53.919Z | 2025-12-24T20:24:25.555Z |
| cve-2018-25149 | 5.1 (v4.0) 4.3 (v3.1) | Microhard Systems IPn4G 1.1.0 Cross-Site Request Forge… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities |
2025-12-24T19:27:51.383Z | 2025-12-24T20:25:07.980Z |
| cve-2018-25148 | 8.7 (v4.0) 8.8 (v3.1) | Microhard Systems IPn4G 1.1.0 Remote Code Execution vi… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit |
2025-12-24T19:27:50.947Z | 2025-12-24T20:25:14.760Z |
| cve-2018-25147 | 9.3 (v4.0) 7.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Default Credentials Auth… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Credentials |
2025-12-24T19:27:50.490Z | 2025-12-24T20:25:21.195Z |
| cve-2018-25146 | 7.1 (v4.0) 6.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Service Control Denial o… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Service Control DoS |
2025-12-24T19:27:50.006Z | 2025-12-24T20:25:28.526Z |
| cve-2018-25145 | 7.1 (v4.0) 6.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Configuration Disclosure… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Configuration Download |
2025-12-24T19:27:49.597Z | 2025-12-24T20:25:35.251Z |
| cve-2018-25144 | 8.7 (v4.0) 5.5 (v3.1) | Microhard Systems IPn4G 1.1.0 Arbitrary File Access vi… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Arbitrary File Attacks |
2025-12-24T19:27:49.167Z | 2025-12-24T20:25:41.747Z |
| cve-2018-25143 | 8.7 (v4.0) 8.8 (v3.1) | Microhard Systems IPn4G 1.1.0 Backdoor Jailbreak via M… |
Microhard Systems |
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Backdoor Jailbreak |
2025-12-24T19:27:48.742Z | 2025-12-24T20:25:48.441Z |
| cve-2018-25142 | 7.1 (v4.0) 9.8 (v3.1) | NovaRad NovaPACS Diagnostics Viewer 8.5 XML External E… |
NovaRad Corporation |
NovaPACS Diagnostics Viewer |
2025-12-24T19:27:48.350Z | 2025-12-24T20:25:54.871Z |
| cve-2018-25141 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthentic… |
FLIR |
FLIR Thermal Traffic Cameras |
2025-12-24T19:27:47.928Z | 2025-12-24T20:26:01.745Z |
| cve-2018-25140 | 9.3 (v4.0) 7.5 (v3.1) | FLIR Thermal Traffic Cameras V1.01-0bb5b27 Unauthentic… |
FLIR Systems, Inc. |
Thermal Traffic Cameras |
2025-12-24T19:27:47.524Z | 2025-12-24T20:26:09.413Z |
| cve-2018-25139 | 8.7 (v4.0) 7.5 (v3.1) | FLIR AX8 Thermal Camera 1.32.16 Unauthenticated RTSP S… |
FLIR Systems, Inc. |
FLIR AX8 Thermal Camera |
2025-12-24T19:27:47.117Z | 2025-12-24T20:26:15.968Z |
| cve-2018-25138 | 9.3 (v4.0) 7.5 (v3.1) | FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials… |
FLIR Systems |
FLIR AX8 Thermal Camera |
2025-12-24T19:27:46.730Z | 2025-12-24T20:26:22.231Z |
| cve-2018-25137 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Conf… |
FLIR Systems, Inc. |
FLIR Brickstream 3D+ |
2025-12-24T19:27:46.300Z | 2025-12-24T20:26:28.490Z |
| cve-2018-25136 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated RTSP… |
FLIR Systems, Inc. |
Brickstream 3D+ |
2025-12-24T19:27:45.779Z | 2025-12-24T20:26:35.205Z |
| cve-2018-25135 | 9.3 (v4.0) 9.8 (v3.1) | Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via… |
Anviz Biometric Technology Co., Ltd. |
Anviz AIM CrossChex Standard |
2025-12-24T19:27:45.375Z | 2025-12-24T20:26:41.287Z |
| cve-2018-25134 | 9.3 (v4.0) 9.8 (v3.1) | Synaccess netBooter NP-02x/NP-08x 6.8 Authentication B… |
Synaccess Networks Inc. |
netBooter NP-02x/NP-08x |
2025-12-24T19:27:44.967Z | 2025-12-24T20:26:48.331Z |
| cve-2018-25133 | 5.1 (v4.0) 4.3 (v3.1) | Synaccess netBooter NP-0801DU 7.4 Cross-Site Request F… |
Synaccess Networks Inc. |
netBooter NP-0801DU |
2025-12-24T19:27:44.567Z | 2025-12-24T20:26:55.174Z |
| cve-2018-25131 | 5.1 (v4.0) 7.2 (v3.1) | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Sto… |
Leica Geosystems AG |
GR10/GR25/GR30/GR50 GNSS |
2025-12-24T19:27:44.162Z | 2025-12-24T20:27:01.726Z |
| cve-2018-25130 | 6.8 (v4.0) 6.2 (v3.1) | Beward Intercom 2.3.1 Local Credentials Disclosure via… |
Beward R&D Co., Ltd |
BEWARD Intercom |
2025-12-24T19:27:43.752Z | 2025-12-24T20:27:08.870Z |
| cve-2018-25129 | 7.1 (v4.0) 7.5 (v3.1) | SOCA Access Control System 180612 Information Disclosu… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:43.322Z | 2025-12-24T20:27:15.081Z |
| cve-2018-25128 | 9.3 (v4.0) 8.2 (v3.1) | SOCA Access Control System 180612 SQL Injection and Au… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.899Z | 2025-12-24T20:27:21.283Z |
| cve-2018-25127 | 5.1 (v4.0) 5.3 (v3.1) | SOCA Access Control System 180612 Cross-Site Request F… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.423Z | 2025-12-24T20:27:27.630Z |
| cve-2025-68916 | 9.1 (v3.1) | Riello UPS NetMan 208 Application before 1.12 all… |
Riello |
NetMan |
2025-12-24T19:43:25.350Z | 2025-12-24T20:05:20.432Z |
| cve-2025-68915 | 5.5 (v3.1) | Riello UPS NetMan 208 Application before 1.12 all… |
Riello |
NetMan |
2025-12-24T19:40:06.720Z | 2025-12-24T20:04:37.368Z |
| cve-2025-68914 | 6.5 (v3.1) | Riello UPS NetMan 208 Application before 1.12 all… |
Riello |
NetMan |
2025-12-24T19:37:14.535Z | 2025-12-24T20:03:44.090Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2018-25156 | Teradek Cube 7.3.6 contains a cross-site request forgery vulnerability that allows attackers to cha… | 2025-12-24T20:15:50.587 | 2025-12-24T21:16:00.973 |
| fkie_cve-2018-25155 | Teradek Slice 7.3.15 contains a cross-site request forgery vulnerability that allows attackers to c… | 2025-12-24T20:15:50.430 | 2025-12-24T21:16:00.873 |
| fkie_cve-2018-25149 | Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attac… | 2025-12-24T20:15:49.517 | 2025-12-24T21:16:00.500 |
| fkie_cve-2018-25148 | Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities… | 2025-12-24T20:15:49.367 | 2025-12-24T21:16:00.397 |
| fkie_cve-2018-25147 | Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through… | 2025-12-24T20:15:49.210 | 2025-12-24T21:16:00.280 |
| fkie_cve-2018-25146 | Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated atta… | 2025-12-24T20:15:49.057 | 2025-12-24T21:16:00.167 |
| fkie_cve-2018-25145 | Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows au… | 2025-12-24T20:15:48.903 | 2025-12-24T21:16:00.053 |
| fkie_cve-2018-25144 | Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-… | 2025-12-24T20:15:48.750 | 2025-12-24T21:15:59.947 |
| fkie_cve-2018-25143 | Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to e… | 2025-12-24T20:15:48.590 | 2025-12-24T21:15:59.823 |
| fkie_cve-2018-25142 | NovaRad NovaPACS Diagnostics Viewer 8.5.19.75 contains an unauthenticated XML External Entity (XXE)… | 2025-12-24T20:15:48.430 | 2025-12-24T21:15:59.720 |
| fkie_cve-2018-25141 | FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote attackers … | 2025-12-24T20:15:48.270 | 2025-12-24T21:15:59.607 |
| fkie_cve-2018-25140 | FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their … | 2025-12-24T20:15:48.113 | 2025-12-24T21:15:59.497 |
| fkie_cve-2018-25139 | FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote attack… | 2025-12-24T20:15:47.957 | 2025-12-24T21:15:59.390 |
| fkie_cve-2018-25138 | FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be ch… | 2025-12-24T20:15:47.807 | 2025-12-24T21:15:59.280 |
| fkie_cve-2018-25137 | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig RES… | 2025-12-24T20:15:47.657 | 2025-12-24T21:15:59.173 |
| fkie_cve-2018-25136 | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote atta… | 2025-12-24T20:15:47.500 | 2025-12-24T21:15:59.063 |
| fkie_cve-2018-25135 | Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers t… | 2025-12-24T20:15:47.353 | 2025-12-24T21:15:58.957 |
| fkie_cve-2018-25134 | Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNew… | 2025-12-24T20:15:47.200 | 2025-12-24T21:15:58.857 |
| fkie_cve-2018-25133 | Synaccess netBooter NP-0801DU 7.4 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T20:15:47.043 | 2025-12-24T21:15:58.750 |
| fkie_cve-2018-25131 | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerabi… | 2025-12-24T20:15:46.890 | 2025-12-24T21:15:58.637 |
| fkie_cve-2018-25130 | Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers t… | 2025-12-24T20:15:46.707 | 2025-12-24T21:15:58.527 |
| fkie_cve-2018-25129 | SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilitie… | 2025-12-24T20:15:46.537 | 2025-12-24T21:15:58.417 |
| fkie_cve-2018-25128 | SOCA Access Control System 180612 contains multiple SQL injection vulnerabilities that allow attack… | 2025-12-24T20:15:46.383 | 2025-12-24T21:15:58.310 |
| fkie_cve-2018-25127 | SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T20:15:46.193 | 2025-12-24T21:15:57.400 |
| fkie_cve-2025-68916 | Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/certsupload.cgi /../ directory travers… | 2025-12-24T20:16:08.667 | 2025-12-24T20:16:08.667 |
| fkie_cve-2025-68915 | Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/loginbanner_w.cgi XSS via a crafted banner. | 2025-12-24T20:16:08.503 | 2025-12-24T20:16:08.503 |
| fkie_cve-2025-68914 | Riello UPS NetMan 208 Application before 1.12 allows cgi-bin/login.cgi username SQL Injection. For … | 2025-12-24T20:16:08.347 | 2025-12-24T20:16:08.347 |
| fkie_cve-2025-68608 | Missing Authorization vulnerability in DeluxeThemes Userpro userpro allows Exploiting Incorrectly C… | 2025-12-24T13:16:28.313 | 2025-12-24T20:16:08.197 |
| fkie_cve-2025-68606 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPXPO P… | 2025-12-24T13:16:28.197 | 2025-12-24T20:16:08.053 |
| fkie_cve-2025-68605 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-24T13:16:28.060 | 2025-12-24T20:16:07.900 |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2022-43177 | Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40… | azure-cli | 2022-10-25T17:15:56+00:00 | 2025-04-09T17:27:24.642962+00:00 |
| pysec-2024-244 | A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a by… | mlflow | 2024-05-16T09:15:14+00:00 | 2025-04-08T10:23:25.092581+00:00 |
| pysec-2024-243 | mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs… | mlflow | 2024-04-16T00:15:12+00:00 | 2025-04-08T10:23:25.044416+00:00 |
| pysec-2024-242 | A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically … | mlflow | 2024-06-06T19:15:55+00:00 | 2025-04-08T10:23:24.995743+00:00 |
| pysec-2024-241 | Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untru… | mlflow | 2024-02-23T22:15:55+00:00 | 2025-04-08T10:23:24.946136+00:00 |
| pysec-2024-240 | Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This … | mlflow | 2024-02-23T22:15:55+00:00 | 2025-04-08T10:23:24.900947+00:00 |
| pysec-2024-239 | A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im… | mlflow | 2024-06-06T19:15:51+00:00 | 2025-04-08T10:23:24.852109+00:00 |
| pysec-2025-12 | CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2025-01-21T15:15:13+00:00 | 2025-04-08T10:23:23.899726+00:00 |
| pysec-2024-238 | CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St… | codechecker | 2024-11-06T15:15:11+00:00 | 2025-04-08T10:23:23.857960+00:00 |
| pysec-2025-11 | A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi… | llama-index | 2025-03-20T10:15:31+00:00 | 2025-04-01T23:22:47.294256+00:00 |
| pysec-2025-10 | A vulnerability in the `download_model` function of the onnx/onnx framework, before and i… | onnx | 2025-03-20T10:15:37+00:00 | 2025-03-26T19:21:38.843396+00:00 |
| pysec-2025-9 | A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through… | invokeai | 2025-03-20T10:15:26+00:00 | 2025-03-20T11:21:37.872971+00:00 |
| pysec-2025-8 | The `pygments-style-solarized` project was removed from PyPI by its owner on 2021-08-26. … | pygments-style-solarized | 2025-03-17T16:35:37+00:00 | |
| pysec-2024-237 | OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio… | octoprint | 2024-05-14T16:17:12+00:00 | 2025-03-05T17:22:29.121263+00:00 |
| pysec-2024-236 | Jupyter Server Proxy allows users to run arbitrary external processes alongside their not… | jupyter-server-proxy | 2024-06-11T22:15:09+00:00 | 2025-02-26T23:22:41.524251+00:00 |
| pysec-2025-7 | Published in 2021, the imblog package is a Python library that scrapes data from a blog p… | imblog | 2025-02-26T21:19:19+00:00 | |
| pysec-2025-6 | Published in 2021, the colabrun package is a Python library that exfiltrates user cookies… | colabrun | 2025-02-26T20:59:48+00:00 | |
| pysec-2025-5 | Published in 2020, the autodzee package is a Python library that bypasses Deezer API rest… | browsercmdhbt2 | 2025-02-26T20:57:11+00:00 | |
| pysec-2025-3 | Published in 2019, the autodzee package is a Python library that bypasses Deezer API rest… | autodzee | 2025-02-26T20:54:20+00:00 | |
| pysec-2025-4 | Published in 2019, the automslc package is a Python library that bypasses Deezer API rest… | automslc | 2025-02-26T19:26:49+00:00 | |
| pysec-2024-235 | With the following crawler configuration: ```python from bs4 import BeautifulSoup as Sou… | langchain-exa | 2024-02-26T16:27:49+00:00 | 2025-02-26T02:48:56.937312+00:00 |
| pysec-2023-194 | langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe… | langchain-experimental | 2023-10-09T20:15:00Z | 2025-02-23T07:46:11Z |
| pysec-2024-234 | Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jup… | jupyter-server-proxy | 2024-03-20T20:15:08+00:00 | 2025-02-21T18:23:35.992501+00:00 |
| pysec-2023-163 | An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary… | numexpr | 2023-09-01T16:15:00Z | 2025-02-20T09:11:38.521949Z |
| pysec-2024-233 | python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump… | python-jose | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.511369+00:00 |
| pysec-2024-232 | python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f… | python-jose | 2024-04-26T00:15:09+00:00 | 2025-02-18T19:20:15.468012+00:00 |
| pysec-2024-231 | LightGBM Remote Code Execution Vulnerability | lightgbm | 2024-11-12T18:15:28+00:00 | 2025-02-15T07:20:34.246161+00:00 |
| pysec-2024-230 | Certifi is a curated collection of Root Certificates for validating the trustworthiness o… | certifi | 2024-07-05T19:15:10+00:00 | 2025-02-12T21:21:51.559667+00:00 |
| pysec-2024-229 | Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execut… | transformers | 2024-11-22T22:15:07+00:00 | 2025-02-10T23:22:41.499413+00:00 |
| pysec-2024-228 | Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code … | transformers | 2024-11-22T22:15:07+00:00 | 2025-02-10T23:22:41.449105+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33822 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.561810Z |
| gsd-2024-33773 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.560326Z |
| gsd-2024-33769 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.558897Z |
| gsd-2024-33794 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.557396Z |
| gsd-2024-33818 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.556720Z |
| gsd-2024-33793 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.552273Z |
| gsd-2024-33833 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.551960Z |
| gsd-2024-33835 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.550838Z |
| gsd-2024-33744 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.543395Z |
| gsd-2024-33789 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.534336Z |
| gsd-2024-33760 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.533361Z |
| gsd-2024-33702 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.530768Z |
| gsd-2024-33797 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.530297Z |
| gsd-2024-33684 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.529859Z |
| gsd-2024-33827 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.528643Z |
| gsd-2024-33810 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.527741Z |
| gsd-2024-33729 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.527542Z |
| gsd-2024-33807 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.526483Z |
| gsd-2024-33688 | Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affect… | 2024-04-27T05:02:18.524420Z |
| gsd-2024-33685 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.523707Z |
| gsd-2024-33713 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.522989Z |
| gsd-2024-33768 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.521409Z |
| gsd-2024-33720 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.519711Z |
| gsd-2024-33809 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.516352Z |
| gsd-2024-33727 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.514916Z |
| gsd-2024-33770 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.514460Z |
| gsd-2024-33732 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.513959Z |
| gsd-2024-33829 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.511177Z |
| gsd-2024-33714 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-27T05:02:18.510684Z |
| gsd-2024-33693 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln… | 2024-04-27T05:02:18.509326Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-191474 | Malicious code in vite-dynachunk (npm) | 2025-11-26T04:53:42Z | 2025-12-24T10:09:31Z |
| mal-2025-191447 | Malicious code in vf-oss-template (npm) | 2025-11-25T00:16:49Z | 2025-12-24T10:09:31Z |
| mal-2025-190498 | Malicious code in validator-node (npm) | 2025-11-14T03:35:19Z | 2025-12-24T10:09:31Z |
| mal-2025-66550 | Malicious code in szsec-infos-report (npm) | 2025-11-11T00:02:04Z | 2025-12-24T10:09:30Z |
| mal-2025-49446 | Malicious code in supxmlparser (npm) | 2025-11-09T00:17:09Z | 2025-12-24T10:09:30Z |
| mal-2025-49441 | Malicious code in superbankxmlparser (npm) | 2025-11-09T00:17:09Z | 2025-12-24T10:09:30Z |
| mal-2025-49439 | Malicious code in study-lab-npm-test (npm) | 2025-11-09T00:17:09Z | 2025-12-24T10:09:30Z |
| mal-2025-49435 | Malicious code in something-not-in-cache (npm) | 2025-11-09T00:17:09Z | 2025-12-24T10:09:30Z |
| mal-2025-49383 | Malicious code in rce-poc-test-honor-mcp (npm) | 2025-11-07T04:05:52Z | 2025-12-24T10:09:30Z |
| mal-2025-49382 | Malicious code in rce-poc-test-honor-dev (npm) | 2025-11-07T04:05:52Z | 2025-12-24T10:09:30Z |
| mal-2025-49376 | Malicious code in solara-websocket-dll (npm) | 2025-11-05T23:23:27Z | 2025-12-24T10:09:30Z |
| mal-2025-49368 | Malicious code in react-tmedia (npm) | 2025-11-05T23:18:22Z | 2025-12-24T10:09:30Z |
| mal-2025-48551 | Malicious code in react-medias (npm) | 2025-10-22T02:05:10Z | 2025-12-24T10:09:30Z |
| mal-2025-48536 | Malicious code in reactify-utils (npm) | 2025-10-21T06:21:28Z | 2025-12-24T10:09:30Z |
| mal-2025-192639 | Malicious code in smm-youtube (npm) | 2025-12-19T08:41:06Z | 2025-12-24T10:09:30Z |
| mal-2025-192595 | Malicious code in smart-utils-alice (npm) | 2025-12-16T07:05:11Z | 2025-12-24T10:09:30Z |
| mal-2025-192583 | Malicious code in swissid-common (npm) | 2025-12-16T06:23:05Z | 2025-12-24T10:09:30Z |
| mal-2025-192577 | Malicious code in sd-skbms (npm) | 2025-12-15T07:33:11Z | 2025-12-24T10:09:30Z |
| mal-2025-192576 | Malicious code in sd-security (npm) | 2025-12-15T07:33:11Z | 2025-12-24T10:09:30Z |
| mal-2025-192566 | Malicious code in shopify-monorail (npm) | 2025-12-12T06:31:00Z | 2025-12-24T10:09:30Z |
| mal-2025-192565 | Malicious code in sdbao-content-sems (npm) | 2025-12-12T06:34:05Z | 2025-12-24T10:09:30Z |
| mal-2025-192564 | Malicious code in sdbao-content-report (npm) | 2025-12-12T06:34:05Z | 2025-12-24T10:09:30Z |
| mal-2025-192563 | Malicious code in sd-pay-ts (npm) | 2025-12-12T06:34:06Z | 2025-12-24T10:09:30Z |
| mal-2025-192562 | Malicious code in sd-pay (npm) | 2025-12-12T06:34:06Z | 2025-12-24T10:09:30Z |
| mal-2025-192417 | Malicious code in rum-events-format (npm) | 2025-12-10T01:57:45Z | 2025-12-24T10:09:30Z |
| mal-2025-192401 | Malicious code in serval-integrations-common-frontend (npm) | 2025-12-10T01:43:51Z | 2025-12-24T10:09:30Z |
| mal-2025-192315 | Malicious code in seeds-random (npm) | 2025-12-05T03:03:24Z | 2025-12-24T10:09:30Z |
| mal-2025-191595 | Malicious code in tailwindcss-forms (npm) | 2025-12-01T13:26:48Z | 2025-12-24T10:09:30Z |
| mal-2025-191594 | Malicious code in tailwind-style-override (npm) | 2025-12-01T13:26:47Z | 2025-12-24T10:09:30Z |
| mal-2025-191593 | Malicious code in tailwind-state (npm) | 2025-12-01T13:26:43Z | 2025-12-24T10:09:30Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-1334 | Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service | 2025-06-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1169 | Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-05-29T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1144 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-05-25T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1114 | Linux Kernel: Mehrere Schwachstellen | 2025-05-20T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0944 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-05-05T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0879 | BusyBox: Mehrere Schwachstellen | 2025-04-23T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0813 | Oracle MySQL: Mehrere Schwachstellen | 2025-04-15T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0562 | expat: Schwachstelle ermöglicht Denial of Service | 2025-03-13T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0545 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-03-11T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0524 | Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung | 2025-03-11T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0507 | MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-03-09T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0233 | Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-02-02T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3762 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-12-29T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3528 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-11-21T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3376 | Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2024-11-07T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3339 | Linux Kernel: Mehrere Schwachstellen | 2024-11-05T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3283 | Linux-Kernel: Schwachstelle ermöglicht Codeausführung | 2024-10-27T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-3251 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-10-21T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-1504 | Apache HTTP Server: Mehrere Schwachstellen | 2024-07-01T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2024-0801 | Apache HTTP Server: Mehrere Schwachstellen ermöglichen Manipulation von Daten | 2024-04-04T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2023-2024 | Node.js: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2023-08-09T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2022-1354 | Red Hat Enterprise Linux: Mehrere Schwachstellen | 2021-05-04T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2860 | JetBrains TeamCity: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2857 | Apache Commons Text: Schwachstelle ermöglicht Codeausführung | 2025-12-16T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2846 | strongSwan (NetworkManager-Plugin): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-14T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2730 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-02T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2729 | WebKitGTK: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-02T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2666 | vllm und PyTorch: Schwachstelle ermöglicht DoS und potenzielle Codeausführung | 2025-11-23T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2651 | GnuTLS: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-11-19T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2643 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-11-19T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-787941 | SSA-787941: Denial of Service Vulnerability in RUGGEDCOM ROS devices | 2022-11-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-770902 | SSA-770902: Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices | 2023-08-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-769791 | SSA-769791: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-767615 | SSA-767615: Information Disclosure Vulnerability in SIPROTEC 5 Devices | 2025-02-11T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-764417 | SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices | 2022-03-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-674084 | SSA-674084: File Parsing Vulnerabilities in Simcenter Femap Before V2506 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-665108 | SSA-665108: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-613116 | SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-529291 | SSA-529291: Information Disclosure Vulnerabilities in SICAM Q100/Q200 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-517338 | SSA-517338: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-493787 | SSA-493787: Arbitrary Code Execution Vulnerability in SIMATIC RTLS Locating Manager Before V3.2 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-460466 | SSA-460466: Denial of Service Vulnerability in TIA Project-Server and TIA Portal | 2025-07-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-446307 | SSA-446307: Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A | 2025-05-13T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-400089 | SSA-400089: Denial of Service Vulnerability in SIPROTEC 4 and SIPROTEC 4 Compact | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-398330 | SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP >= V3.1.0 and < V3.1.5 | 2023-12-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-382999 | SSA-382999: Multiple Vulnerabilities in Opcenter Quality Before V2506 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-355557 | SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-353002 | SSA-353002: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family | 2024-03-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-256353 | SSA-256353: Third-Party Component Vulnerabilities in RUGGEDCOM ROS | 2022-03-08T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-177847 | SSA-177847: Improper VNC Password Check Vulnerability in SINUMERIK Controllers | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-170375 | SSA-170375: Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9 | 2024-07-09T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-097435 | SSA-097435: Usernames Disclosure Vulnerability in Mendix Runtime | 2024-09-10T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-094954 | SSA-094954: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-082556 | SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 | 2025-06-10T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-725549 | SSA-725549: Denial of Service of ICMP in Industrial Devices | 2025-04-08T00:00:00Z | 2025-07-21T00:00:00Z |
| ssa-183963 | SSA-183963: Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11 | 2025-07-08T00:00:00Z | 2025-07-18T00:00:00Z |
| ssa-938066 | SSA-938066: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC | 2025-07-08T00:00:00Z | 2025-07-08T00:00:00Z |
| ssa-904646 | SSA-904646: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices | 2025-07-08T00:00:00Z | 2025-07-08T00:00:00Z |
| ssa-763427 | SSA-763427: Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices | 2015-11-27T00:00:00Z | 2025-07-08T00:00:00Z |
| ssa-634640 | SSA-634640: Weak Authentication Vulnerability in Siemens Industrial Edge Devices | 2025-04-08T00:00:00Z | 2025-07-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:3813 | Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release | 2025-04-10T14:56:45+00:00 | 2025-11-29T06:54:09+00:00 |
| rhsa-2025:3811 | Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release | 2025-04-10T14:32:08+00:00 | 2025-11-29T06:54:09+00:00 |
| rhsa-2025:3775 | Red Hat Security Advisory: OpenShift Container Platform 4.18.9 bug fix and security update | 2025-04-16T06:12:24+00:00 | 2025-11-29T06:54:08+00:00 |
| rhsa-2025:3763 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.13.2 container image updates | 2025-04-09T16:37:37+00:00 | 2025-11-29T06:54:07+00:00 |
| rhsa-2025:3808 | Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release | 2025-04-10T14:26:28+00:00 | 2025-11-29T06:54:04+00:00 |
| rhsa-2025:3798 | Red Hat Security Advisory: OpenShift Container Platform 4.17.25 bug fix and security update | 2025-04-16T17:46:00+00:00 | 2025-11-29T06:54:04+00:00 |
| rhsa-2025:3743 | Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.5.1 release | 2025-04-09T09:53:12+00:00 | 2025-11-29T06:54:02+00:00 |
| rhsa-2025:3740 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release | 2025-04-09T08:52:08+00:00 | 2025-11-29T06:54:02+00:00 |
| rhsa-2025:3720 | Red Hat Security Advisory: multicluster engine for Kubernetes 2.8.1 container image updates | 2025-04-08T23:25:49+00:00 | 2025-11-29T06:54:01+00:00 |
| rhsa-2025:3698 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-04-08T15:23:59+00:00 | 2025-11-29T06:54:01+00:00 |
| rhsa-2025:3685 | Red Hat Security Advisory: Red Hat Edge Manager Version 0.5.1 (Technology Preview) security fixes | 2025-04-08T13:01:54+00:00 | 2025-11-29T06:54:00+00:00 |
| rhsa-2025:3618 | Red Hat Security Advisory: grafana security update | 2025-04-07T02:07:30+00:00 | 2025-11-29T06:53:59+00:00 |
| rhsa-2025:3616 | Red Hat Security Advisory: grafana security update | 2025-04-07T01:59:15+00:00 | 2025-11-29T06:53:59+00:00 |
| rhsa-2025:3607 | Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release | 2025-04-04T13:38:55+00:00 | 2025-11-29T06:53:58+00:00 |
| rhsa-2025:3593 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-04-03T13:38:52+00:00 | 2025-11-29T06:53:57+00:00 |
| rhsa-2025:3577 | Red Hat Security Advisory: OpenShift Container Platform 4.18.8 bug fix and security update | 2025-04-10T11:37:31+00:00 | 2025-11-29T06:53:56+00:00 |
| rhsa-2025:3565 | Red Hat Security Advisory: OpenShift Container Platform 4.17.24 bug fix and security update | 2025-04-09T04:47:09+00:00 | 2025-11-29T06:53:56+00:00 |
| rhsa-2025:3560 | Red Hat Security Advisory: RHODF-4.14-RHEL-9 security update | 2025-04-03T05:09:02+00:00 | 2025-11-29T06:53:56+00:00 |
| rhsa-2025:3542 | Red Hat Security Advisory: RHODF-4.15-RHEL-9 security update | 2025-04-02T19:51:02+00:00 | 2025-11-29T06:53:55+00:00 |
| rhsa-2025:3503 | Red Hat Security Advisory: Red Hat build of Cryostat security update | 2025-04-02T04:03:14+00:00 | 2025-11-29T06:53:54+00:00 |
| rhsa-2025:3501 | Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update | 2025-04-01T20:50:35+00:00 | 2025-11-29T06:53:54+00:00 |
| rhsa-2025:3439 | Red Hat Security Advisory: ACS 4.6 enhancement and security update | 2025-04-01T04:55:49+00:00 | 2025-11-29T06:53:53+00:00 |
| rhsa-2025:3438 | Red Hat Security Advisory: ACS 4.7 enhancement and security update | 2025-04-01T04:50:23+00:00 | 2025-11-29T06:53:52+00:00 |
| rhsa-2025:3437 | Red Hat Security Advisory: ACS 4.5 enhancement and security update | 2025-04-01T04:50:24+00:00 | 2025-11-29T06:53:52+00:00 |
| rhsa-2025:3411 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-03-31T14:36:15+00:00 | 2025-11-29T06:53:52+00:00 |
| rhsa-2025:3344 | Red Hat Security Advisory: grafana security update | 2025-03-27T15:46:43+00:00 | 2025-11-29T06:53:50+00:00 |
| rhsa-2025:3336 | Red Hat Security Advisory: podman security update | 2025-03-27T15:01:22+00:00 | 2025-11-29T06:53:50+00:00 |
| rhsa-2025:3335 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-03-27T15:00:22+00:00 | 2025-11-29T06:53:48+00:00 |
| rhsa-2025:3301 | Red Hat Security Advisory: OpenShift Container Platform 4.16.38 bug fix and security update | 2025-04-03T00:21:28+00:00 | 2025-11-29T06:53:47+00:00 |
| rhsa-2025:3268 | Red Hat Security Advisory: container-tools:rhel8 security update | 2025-03-26T14:31:13+00:00 | 2025-11-29T06:53:47+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-62229 | Xorg: xmayland: use-after-free in xpresentnotify structure creation | 2025-10-02T00:00:00.000Z | 2025-12-24T01:02:23.000Z |
| msrc_cve-2025-68334 | platform/x86/amd/pmc: Add support for Van Gogh SoC | 2025-12-02T00:00:00.000Z | 2025-12-24T01:02:13.000Z |
| msrc_cve-2025-68328 | firmware: stratix10-svc: fix bug in saving controller data | 2025-12-02T00:00:00.000Z | 2025-12-24T01:02:08.000Z |
| msrc_cve-2025-68330 | iio: accel: bmc150: Fix irq assumption regression | 2025-12-02T00:00:00.000Z | 2025-12-24T01:02:02.000Z |
| msrc_cve-2025-68336 | locking/spinlock/debug: Fix data-race in do_raw_write_lock | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:57.000Z |
| msrc_cve-2025-68333 | sched_ext: Fix possible deadlock in the deferred_irq_workfn() | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:51.000Z |
| msrc_cve-2025-68327 | usb: renesas_usbhs: Fix synchronous external abort on unbind | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:46.000Z |
| msrc_cve-2025-68335 | comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:41.000Z |
| msrc_cve-2025-68332 | comedi: c6xdigio: Fix invalid PNP driver unregistration | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:35.000Z |
| msrc_cve-2025-68337 | jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:30.000Z |
| msrc_cve-2025-68331 | usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:24.000Z |
| msrc_cve-2025-64680 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-23T08:00:00.000Z |
| msrc_cve-2025-55319 | Agentic AI and Visual Studio Code Remote Code Execution Vulnerability | 2025-09-09T07:00:00.000Z | 2025-12-23T08:00:00.000Z |
| msrc_cve-2025-66471 | urllib3 Streaming API improperly handles highly compressed data | 2025-12-02T00:00:00.000Z | 2025-12-23T01:38:16.000Z |
| msrc_cve-2025-66418 | urllib3 allows an unbounded number of links in the decompression chain | 2025-12-02T00:00:00.000Z | 2025-12-23T01:38:10.000Z |
| msrc_cve-2025-65637 | A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:58.000Z |
| msrc_cve-2025-12819 | Untrusted search path in auth_query connection in PgBouncer | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:37.000Z |
| msrc_cve-2025-68114 | Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:34.000Z |
| msrc_cve-2025-68161 | Apache Log4j Core: Missing TLS hostname verification in Socket appender | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:29.000Z |
| msrc_cve-2025-59529 | simple protocol server ignores accepts unlimited connections and logs failures without limit | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:23.000Z |
| msrc_cve-2025-64437 | KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes | 2025-11-02T00:00:00.000Z | 2025-12-23T01:37:16.000Z |
| msrc_cve-2025-68390 | Elasticsearch Allocation of Resources Without Limits or Throttling | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:15.000Z |
| msrc_cve-2025-68384 | Elasticsearch Allocation of Resources Without Limits or Throttling | 2025-12-02T00:00:00.000Z | 2025-12-23T01:37:09.000Z |
| msrc_cve-2025-64435 | KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation | 2025-11-02T00:00:00.000Z | 2025-12-23T01:37:09.000Z |
| msrc_cve-2025-64433 | KubeVirt Arbitrary Container File Read | 2025-11-02T00:00:00.000Z | 2025-12-23T01:37:02.000Z |
| msrc_cve-2025-38347 | f2fs: fix to do sanity check on ino and xnid | 2025-07-02T00:00:00.000Z | 2025-12-23T01:37:01.000Z |
| msrc_cve-2025-38331 | net: ethernet: cortina: Use TOE/TSO on all TCP | 2025-07-02T00:00:00.000Z | 2025-12-23T01:36:56.000Z |
| msrc_cve-2025-64432 | KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer | 2025-11-02T00:00:00.000Z | 2025-12-23T01:36:55.000Z |
| msrc_cve-2025-38300 | crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() | 2025-07-02T00:00:00.000Z | 2025-12-23T01:36:50.000Z |
| msrc_cve-2025-37938 | tracing: Verify event formats that have "%*p.." | 2025-05-02T00:00:00.000Z | 2025-12-23T01:36:45.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-135-05 | Siemens SIPROTEC and SICAM | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-072-11 | Siemens SIMATIC IPC Family, ITP1000, and Field PGs | 2025-03-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-044-06 | Siemens RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-044-04 | Siemens SIPROTEC 5 | 2025-02-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-016-04 | Siemens SIPROTEC 5 Products | 2025-01-14T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-193-14 | Siemens SIPROTEC | 2024-07-09T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-193-02 | Siemens RUGGEDCOM APE 1808 | 2024-07-09T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-074-05 | Siemens RUGGEDCOM APE1808 | 2024-03-12T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-23-257-01 | Siemens SIMATIC, SIPLUS Products | 2023-09-12T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-23-103-06 | Siemens SIPROTEC 5 Devices | 2023-04-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-22-349-11 | Siemens SIPROTEC 5 Devices | 2022-12-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-22-195-02 | Siemens SICAM GridEdge | 2022-07-12T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-22-167-08 | Siemens SICAM GridEdge | 2022-06-14T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-310-03 | ABB FLXeon Controllers | 2025-11-06T07:00:00.000000Z | 2025-11-06T07:00:00.000000Z |
| icsa-25-310-02 | Ubia Ubox | 2025-11-06T07:00:00.000000Z | 2025-11-06T07:00:00.000000Z |
| icsa-25-310-01 | Advantech DeviceOn/iEdge | 2025-11-06T07:00:00.000000Z | 2025-11-06T07:00:00.000000Z |
| icsa-25-308-05 | IDIS ICM Viewer | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-04 | Radiometrics VizAir | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-03 | Delta Electronics CNCSoft-G2 | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-02 | Survision License Plate Recognition Camera | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| va-25-304-02 | Restaurant Brands International assistant platform multiple vulnerabilities | 2025-10-31T17:02:13Z | 2025-10-31T17:02:13Z |
| va-25-304-01 | ELOG multiple vulnerabilities | 2025-10-31T16:57:24Z | 2025-10-31T16:57:24Z |
| icsa-25-303-02 | Hitachi Energy TropOS | 2025-10-30T06:00:00.000000Z | 2025-10-30T06:00:00.000000Z |
| icsa-25-303-01 | International Standards Organization ISO 15118 | 2025-10-30T05:00:00.000000Z | 2025-10-30T05:00:00.000000Z |
| icsa-25-282-01 | Hitachi Energy Asset Suite (Update A) | 2025-09-30T08:50:13.000000Z | 2025-10-28T09:50:00.000000Z |
| icsma-25-301-01 | Vertikal Systems Hospital Manager Backend Services | 2025-10-28T06:00:00.000000Z | 2025-10-28T06:00:00.000000Z |
| icsma-25-296-01 | NIHON KOHDEN Central Monitor CNS-6201 | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-04 | Delta Electronics ASDA-Soft | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-03 | Veeder-Root TLS4B Automatic Tank Gauge System | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-02 | ASKI Energy ALS-Mini-S8 and ALS-Mini-S4 | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-cuis-file-upload-uhnetstm | Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability | 2025-07-16T16:00:00+00:00 | 2025-07-16T16:00:00+00:00 |
| cisco-sa-spaces-conn-privesc-kgd2ccdu | Cisco Spaces Connector Privilege Escalation Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-07-02T16:00:00+00:00 |
| cisco-sa-ece-xss-cbtkteyc | Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-07-02T16:00:00+00:00 |
| cisco-sa-cucm-ssh-m4ubdpe7 | Cisco Unified Communications Manager Static SSH Credentials Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-07-02T16:00:00+00:00 |
| cisco-sa-ise-stored-xss-yff54m73 | Cisco Identity Services Stored Cross-Site Scripting Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-06-30T15:08:59+00:00 |
| cisco-sa-ise-auth-bypass-mvfkvqau | Cisco Identity Services Engine Authorization Bypass Vulnerability | 2025-06-25T16:00:00+00:00 | 2025-06-25T16:00:00+00:00 |
| cisco-sa-ise-file-upload-p4m8vwxy | Cisco Identity Services Engine Arbitrary File Upload Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-23T19:16:21+00:00 |
| cisco-sa-meraki-mx-vpn-dos-sm5gcfm7 | Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability | 2025-06-18T16:00:00+00:00 | 2025-06-18T16:00:00+00:00 |
| cisco-sa-clamav-udf-hmwd9ndy | ClamAV UDF File Parsing Out-of-Bounds Read Information Disclosure Vulnerability | 2025-06-18T16:00:00+00:00 | 2025-06-18T16:00:00+00:00 |
| cisco-sa-erlang-otp-ssh-xyzzy | Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server: April 2025 | 2025-04-22T21:45:00+00:00 | 2025-06-11T14:40:37+00:00 |
| cisco-sa-wlc-file-uplpd-rhzg9ufc | Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability | 2025-05-07T16:00:00+00:00 | 2025-06-06T20:02:48+00:00 |
| cisco-sa-ise-aws-static-cred-fpmjucm7 | Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-05T17:26:25+00:00 |
| cisco-sa-vos-command-inject-65s2ucyy | Cisco Unified Communications Products Command Injection Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-ucs-ssh-priv-esc-2mzdtdjm | Cisco Integrated Management Controller Privilege Escalation Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-uccx-multi-uhotvpgl | Cisco Unified Contact Center Express Vulnerabilities | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-uccx-editor-rce-ezyyzte8 | Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-te-endagent-filewrt-zncdqnrj | Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Delete Vulnerabilities | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-ndfc-shkv-snqjtjrp | Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-icm-xss-cfcqhxag | Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-ccp-info-disc-zygerqpd | Cisco Customer Collaboration Platform Information Disclosure Vulnerability | 2025-06-04T16:00:00+00:00 | 2025-06-04T16:00:00+00:00 |
| cisco-sa-meraki-mx-vpn-dos-qtrhzg2 | Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities | 2024-10-02T16:00:00+00:00 | 2025-06-02T14:22:28+00:00 |
| cisco-sa-meraki-mx-vpn-dos-by-qwukqv7x | Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability | 2024-10-02T16:00:00+00:00 | 2025-06-02T14:22:27+00:00 |
| cisco-sa-webex-xss-7teqtfn8 | Cisco Webex Services Cross-Site Scripting Vulnerabilities | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-webex-cache-q4xbkqbg | Cisco Webex Meetings Services HTTP Cache Poisoning Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-sna-ssti-dpulqsmz | Cisco Secure Network Analytics Manager Privilege Escalation Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-sna-apiacv-4b6x5ysw | Cisco Secure Network Analytics Manager API Authorization Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-ise-restart-ss-uf986g2q | Cisco Identity Services Engine RADIUS Denial of Service Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-duo-ssp-cmd-inj-rcmyrna | Cisco Duo Self-Service Portal Command Injection Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-cuis-priv-esc-3pk96su4 | Cisco Unified Intelligence Center Privilege Escalation Vulnerabilities | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| cisco-sa-cucm-kkhzbhr5 | Cisco Unified Communications Products Privilege Escalation Vulnerability | 2025-05-21T16:00:00+00:00 | 2025-05-21T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| SCA-2020-0002 | Vulnerabilities in SICK Package Analytics | 2020-08-07T10:00:00.000Z | 2020-07-28T10:00:00.000Z |
| sca-2020-0001 | Security Information Regarding "Profile Programming" | 2020-05-31T10:00:00.000Z | 2020-05-31T10:00:00.000Z |
| SCA-2020-0001 | Security Information Regarding "Profile Programming" | 2020-05-31T10:00:00.000Z | 2020-05-31T10:00:00.000Z |
| sca-2019-0002 | Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000 | 2019-09-20T10:00:00.000Z | 2019-09-20T10:00:00.000Z |
| SCA-2019-0002 | Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000 | 2019-09-20T10:00:00.000Z | 2019-09-20T10:00:00.000Z |
| sca-2019-0001 | MSC800 affected by hard-coded credentials vulnerability | 2019-06-21T10:00:00.000Z | 2019-06-21T10:00:00.000Z |
| SCA-2019-0001 | MSC800 affected by hard-coded credentials vulnerability | 2019-06-21T10:00:00.000Z | 2019-06-21T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| NN-2021:2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2021:1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2020:3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2020:2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2019:2-01 | CSV Injection on node label | 2019-11-11T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| NN-2019:1-01 | Stored XSS in field name data model | 2019-11-11T11:00:00.000Z | 2024-05-20T11:00:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-201912-0636 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T22:36:41.849000Z |
| var-201302-0303 | Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on … | 2024-11-29T22:36:41.699000Z |
| var-200106-0168 | Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows lo… | 2024-11-29T22:36:38.066000Z |
| var-202105-1461 | A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in fun… | 2024-11-29T22:36:05.822000Z |
| var-201904-0745 | Multiple memory corruption issues were addressed with improved memory handling. This issu… | 2024-11-29T22:36:04.982000Z |
| var-200501-0287 | Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a… | 2024-11-29T22:36:04.792000Z |
| var-202010-1511 | A use after free issue was addressed with improved memory management. This issue is fixed… | 2024-11-29T22:36:04.718000Z |
| var-202206-1961 | When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification fa… | 2024-11-29T22:36:04.578000Z |
| var-200901-0466 | The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for co… | 2024-11-29T22:35:53.826000Z |
| var-202001-1433 | When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data sm… | 2024-11-29T22:35:51.750000Z |
| var-202109-1804 | A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocate… | 2024-11-29T22:35:51.033000Z |
| var-201609-0597 | The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other pr… | 2024-11-29T22:35:49.265000Z |
| var-201011-0178 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and poss… | 2024-11-29T22:35:48.998000Z |
| var-201310-0370 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 an… | 2024-11-29T22:35:48.557000Z |
| var-201901-1586 | In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 1… | 2024-11-29T22:35:46.547000Z |
| var-201006-0051 | Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4… | 2024-11-29T22:35:44.571000Z |
| var-201908-0421 | Some HTTP/2 implementations are vulnerable to window size manipulation and stream priorit… | 2024-11-29T22:35:38.045000Z |
| var-202112-0562 | It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete… | 2024-11-29T22:35:35.830000Z |
| var-200102-0007 | WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood… | 2024-11-29T22:35:30.307000Z |
| var-201404-0374 | Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an… | 2024-11-29T22:35:28.945000Z |
| var-201412-0516 | The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apach… | 2024-11-29T22:34:53.956000Z |
| var-201310-0355 | Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, a… | 2024-11-29T22:34:53.303000Z |
| var-201912-0592 | An input validation issue was addressed with improved memory handling. This issue is fixe… | 2024-11-29T22:34:47.182000Z |
| var-201910-1485 | The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdum… | 2024-11-29T22:34:46.805000Z |
| var-201410-1319 | Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attack… | 2024-11-29T22:34:46.272000Z |
| var-200906-0598 | Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in… | 2024-11-29T22:34:44.074000Z |
| var-200608-0038 | Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers … | 2024-11-29T22:34:43.959000Z |
| var-201007-0949 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before… | 2024-11-29T22:34:42.765000Z |
| var-201906-1176 | Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragme… | 2024-11-29T22:34:41.605000Z |
| var-202201-0104 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtt… | 2024-11-29T22:34:09.849000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000054 | Apache Jena Fuseki vulnerable to path traversal | 2025-07-30T14:17+09:00 | 2025-07-30T14:17+09:00 |
| jvndb-2025-000053 | "SwitchBot" App vulnerable to insertion of sensitive information into log file | 2025-07-29T13:44+09:00 | 2025-07-29T13:44+09:00 |
| jvndb-2025-010056 | TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection | 2025-07-28T17:53+09:00 | 2025-07-28T17:53+09:00 |
| jvndb-2025-000052 | TP-Link Archer C1200 vulnerable to clickjacking | 2025-07-24T14:16+09:00 | 2025-07-24T14:16+09:00 |
| jvndb-2025-000051 | Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input | 2025-07-23T13:54+09:00 | 2025-07-23T13:54+09:00 |
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000030 | Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor | 2025-05-12T18:00+09:00 | 2025-07-17T10:06+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2024-004595 | Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series | 2024-07-29T17:51+09:00 | 2025-06-30T09:56+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2025-06-24T14:50+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| ID | Description | Updated |
|---|