Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-cwfw-4gq5-mrqx | Regular Expression Denial of Service (ReDoS) in braces | 2022-01-06T20:42:03Z | 2025-11-26T16:25:50Z |
| ghsa-x8rq-rc7x-5fg5 | uppy's companion module is vulnerable to Server-Side Request Forgery (SSRF) | 2022-01-06T22:24:35Z | 2025-12-22T17:42:04Z |
| ghsa-vc89-hccf-rq55 | Hash collision in typelevel jawn | 2022-01-06T23:48:35Z | 2025-12-16T22:29:13Z |
| ghsa-9fvj-4grr-mv9j | An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release… | 2022-01-11T00:00:57Z | 2025-10-22T00:32:27Z |
| ghsa-fq89-6j7c-j6fv | Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem. | 2022-01-11T00:01:02Z | 2025-12-19T21:30:14Z |
| ghsa-jqwj-9jvg-583v | Serv-U web login screen was allowing characters that were not sanitized by the authentication mecha… | 2022-01-11T00:01:34Z | 2025-10-22T00:32:27Z |
| ghsa-wmfg-rc3x-58v3 | Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2… | 2022-01-12T00:00:30Z | 2025-10-22T00:32:27Z |
| ghsa-m3vx-53cf-jqv4 | Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887. | 2022-01-12T00:00:52Z | 2025-10-22T00:32:27Z |
| ghsa-2r84-x97c-3ch4 | An authenticated user can create a hosts group from the configuration with XSS payload, which will … | 2022-01-14T00:02:17Z | 2025-11-04T00:30:30Z |
| ghsa-4g73-3mxf-j47w | In the case of instances where the SAML SSO authentication is enabled (non-default), session data c… | 2022-01-14T00:02:17Z | 2025-10-22T00:32:28Z |
| ghsa-qqcg-7f79-v65c | During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files … | 2022-01-14T00:02:17Z | 2025-11-04T00:30:30Z |
| ghsa-5f63-p3w5-jphc | NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, w… | 2022-01-15T00:01:39Z | 2025-10-22T00:32:28Z |
| ghsa-grc7-v4rv-gq58 | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | 2022-01-19T00:01:16Z | 2025-11-03T21:30:37Z |
| ghsa-x3jv-936g-xqj4 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: OpenSSO … | 2022-01-20T00:01:49Z | 2025-10-22T00:32:28Z |
| ghsa-qrpm-p2h7-hrv2 | Exposure of Sensitive Information to an Unauthorized Actor in nanoid | 2022-01-21T23:57:06Z | 2025-11-04T16:35:00Z |
| ghsa-pqrf-2rwm-hmh7 | SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to e… | 2022-01-25T00:01:05Z | 2025-12-16T21:30:48Z |
| ghsa-vq66-5g5m-5rgg | Access of Memory Location Before Start of Buffer in Conda vim prior to 8.2. | 2022-01-26T00:01:09Z | 2025-11-03T21:30:37Z |
| ghsa-6rrc-7vqp-364c | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user t… | 2022-01-27T00:01:13Z | 2025-10-22T00:32:28Z |
| ghsa-rc63-cqjr-f5m4 | Heap-based Buffer Overflow in Conda vim prior to 8.2. | 2022-01-27T00:01:16Z | 2025-11-03T21:30:37Z |
| ghsa-6c3r-q65g-rjqx | Heap-based Buffer Overflow in Conda vim prior to 8.2. | 2022-01-27T00:01:20Z | 2025-11-03T21:30:37Z |
| ghsa-qgr2-xgqv-24x8 | A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec applica… | 2022-01-29T00:00:42Z | 2025-10-22T00:32:28Z |
| ghsa-3w42-xvwv-qc2q | An OS command injection vulnerability exists in the device network settings functionality of reolin… | 2022-01-29T00:00:43Z | 2025-10-22T00:32:28Z |
| ghsa-rmr5-cpv2-vgjf | Denial of Service by injecting highly recursive collections or maps in XStream | 2022-02-01T00:48:15Z | 2025-11-04T16:34:34Z |
| ghsa-2r3f-c2cg-qfw6 | An issue was discovered in NvmExpressDxe in Insyde InsydeH2O with kernel 5.1 through 5.5. An SMM me… | 2022-02-09T00:00:47Z | 2025-11-04T21:30:27Z |
| ghsa-ghv4-pw8v-9g7q | SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running i… | 2022-02-09T00:00:47Z | 2025-11-04T21:30:27Z |
| ghsa-mxqq-8hhr-mqww | An issue was discovered in Kernel 5.x (starting from 5.1) in Insyde InsydeH2O, has a SMM memory cor… | 2022-02-09T00:00:49Z | 2025-11-04T21:30:26Z |
| ghsa-mv97-qj5h-25f3 | After the initial setup process, some steps of setup.php file are reachable not only by super-admin… | 2022-02-09T00:01:05Z | 2025-10-22T00:32:28Z |
| ghsa-3fxw-xghg-85m2 | An issue was discovered in SdHostDriver in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 be… | 2022-02-09T00:01:06Z | 2025-11-04T21:30:26Z |
| ghsa-q5q3-5crw-rm96 | An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 befo… | 2022-02-09T00:01:07Z | 2025-11-04T21:30:26Z |
| ghsa-jc35-q369-45pv | Remote code execution in Apache Struts | 2022-02-09T22:51:56Z | 2025-10-22T17:57:43Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2013-2596 | N/A | Integer overflow in the fb_mmap function in drive… |
n/a |
n/a |
2013-04-13T01:00:00.000Z | 2025-10-22T00:05:43.277Z |
| cve-2013-2423 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2013-04-17T15:00:00.000Z | 2025-10-22T00:05:43.126Z |
| cve-2013-1347 | N/A | Microsoft Internet Explorer 8 does not properly h… |
n/a |
n/a |
2013-05-05T10:00:00.000Z | 2025-10-22T00:05:42.978Z |
| cve-2013-2094 | N/A | The perf_swevent_init function in kernel/events/c… |
n/a |
n/a |
2013-05-14T20:00:00.000Z | 2025-10-22T00:05:42.816Z |
| cve-2013-1675 | N/A | Mozilla Firefox before 21.0, Firefox ESR 17.x bef… |
n/a |
n/a |
2013-05-16T10:00:00.000Z | 2025-10-22T00:05:42.585Z |
| cve-2013-2729 | N/A | Integer overflow in Adobe Reader and Acrobat 9.x … |
n/a |
n/a |
2013-05-16T10:00:00.000Z | 2025-11-21T15:54:37.154Z |
| cve-2013-3660 | N/A | The EPATHOBJ::pprFlattenRec function in win32k.sy… |
n/a |
n/a |
2013-05-24T20:00:00.000Z | 2025-10-22T00:05:42.100Z |
| cve-2013-1331 | N/A | Buffer overflow in Microsoft Office 2003 SP3 and … |
n/a |
n/a |
2013-06-12T01:00:00.000Z | 2025-10-22T00:05:41.935Z |
| cve-2013-2465 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2013-06-18T22:00:00.000Z | 2025-10-22T00:05:41.755Z |
| cve-2013-1690 | N/A | Mozilla Firefox before 22.0, Firefox ESR 17.x bef… |
n/a |
n/a |
2013-06-26T01:00:00.000Z | 2025-10-22T00:05:41.588Z |
| cve-2013-3163 | N/A | Microsoft Internet Explorer 8 through 10 allows r… |
n/a |
n/a |
2013-07-10T01:00:00.000Z | 2025-10-22T00:05:41.417Z |
| cve-2013-2251 | N/A | Apache Struts 2.0.0 through 2.3.15 allows remote … |
n/a |
n/a |
2013-07-18T01:00:00.000Z | 2025-10-22T00:05:41.250Z |
| cve-2013-3346 | N/A | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x b… |
n/a |
n/a |
2013-08-30T20:00:00.000Z | 2025-11-21T15:52:39.068Z |
| cve-2013-4810 | N/A | HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20… |
n/a |
n/a |
2013-09-13T18:00:00.000Z | 2025-10-22T00:05:40.935Z |
| cve-2013-3893 | N/A | Use-after-free vulnerability in the SetMouseCaptu… |
n/a |
n/a |
2013-09-18T10:00:00.000Z | 2025-10-22T00:05:40.792Z |
| cve-2013-3896 | N/A | Microsoft Silverlight 5 before 5.1.20913.0 does n… |
n/a |
n/a |
2013-10-09T14:44:00.000Z | 2025-10-22T00:05:40.641Z |
| cve-2013-3897 | N/A | Use-after-free vulnerability in the CDisplayPoint… |
n/a |
n/a |
2013-10-09T14:44:00.000Z | 2025-10-22T00:05:40.468Z |
| cve-2013-3906 | N/A | GDI+ in Microsoft Windows Vista SP2 and Server 20… |
n/a |
n/a |
2013-11-06T11:00:00.000Z | 2025-10-22T00:05:40.307Z |
| cve-2013-3918 | N/A | The InformationCardSigninHelper Class ActiveX con… |
n/a |
n/a |
2013-11-12T01:00:00.000Z | 2025-10-22T00:05:40.129Z |
| cve-2013-5223 | N/A | Multiple cross-site scripting (XSS) vulnerabiliti… |
n/a |
n/a |
2013-11-15T20:00:00.000Z | 2025-10-22T00:05:39.961Z |
| cve-2013-6282 | N/A | The (1) get_user and (2) put_user API functions i… |
n/a |
n/a |
2013-11-19T15:00:00.000Z | 2025-10-22T00:05:39.816Z |
| cve-2013-5065 | N/A | NDProxy.sys in the kernel in Microsoft Windows XP… |
n/a |
n/a |
2013-11-27T23:00:00.000Z | 2025-10-22T00:05:39.667Z |
| cve-2013-3900 | 5.5 (v3.1) | WinVerifyTrust Signature Validation Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2013-12-11T00:00:00.000Z | 2025-10-22T00:05:39.513Z |
| cve-2014-0496 | N/A | Use-after-free vulnerability in Adobe Reader and … |
n/a |
n/a |
2014-01-15T02:00:00.000Z | 2025-11-21T15:49:18.476Z |
| cve-2013-0340 | N/A | expat before version 2.4.0 does not properly hand… |
|
|
2014-01-21T18:00:00 | 2025-11-25T16:27:56.273Z |
| cve-2014-0497 | N/A | Integer underflow in Adobe Flash Player before 11… |
n/a |
n/a |
2014-02-05T02:00:00.000Z | 2025-10-22T00:05:39.174Z |
| cve-2014-0322 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2014-02-14T16:00:00.000Z | 2025-10-22T00:05:39.021Z |
| cve-2014-0502 | N/A | Double free vulnerability in Adobe Flash Player b… |
n/a |
n/a |
2014-02-21T02:00:00.000Z | 2025-10-22T00:05:38.853Z |
| cve-2013-7331 | N/A | The Microsoft.XMLDOM ActiveX control in Microsoft… |
n/a |
n/a |
2014-02-26T11:00:00.000Z | 2025-10-22T00:05:38.705Z |
| cve-2014-2120 | N/A | Cross-site scripting (XSS) vulnerability in the W… |
n/a |
n/a |
2014-03-19T01:00:00.000Z | 2025-10-22T00:05:38.543Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2013-0625 | N/A | Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a pa… |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:45.325Z |
| cve-2013-0629 | N/A | Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when … |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:45.146Z |
| cve-2013-0631 | N/A | Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows att… |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:44.936Z |
| cve-2013-0422 | N/A | Multiple vulnerabilities in Oracle Java 7 before … |
n/a |
n/a |
2013-01-10T21:23:00.000Z | 2025-10-22T00:05:44.798Z |
| cve-2013-0632 | N/A | administrator.cfc in Adobe ColdFusion 9.0, 9.0.1,… |
n/a |
n/a |
2013-01-17T00:00:00.000Z | 2025-10-22T00:05:44.628Z |
| cve-2013-0431 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2013-01-31T14:10:00.000Z | 2025-10-22T00:05:44.308Z |
| cve-2013-0640 | N/A | Adobe Reader and Acrobat 9.x before 9.5.4, 10.x b… |
n/a |
n/a |
2013-02-14T01:00:00.000Z | 2025-10-22T00:05:44.167Z |
| cve-2013-0641 | N/A | Buffer overflow in Adobe Reader and Acrobat 9.x b… |
n/a |
n/a |
2013-02-14T01:00:00.000Z | 2025-10-22T00:05:44.030Z |
| cve-2013-0643 | N/A | The Firefox sandbox in Adobe Flash Player before … |
n/a |
n/a |
2013-02-27T00:00:00.000Z | 2025-10-22T00:05:43.876Z |
| cve-2013-0648 | N/A | Unspecified vulnerability in the ExternalInterfac… |
n/a |
n/a |
2013-02-27T00:00:00.000Z | 2025-10-22T00:05:43.736Z |
| cve-2013-2551 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2013-03-11T10:00:00.000Z | 2025-10-22T00:05:43.584Z |
| cve-2013-0074 | N/A | Microsoft Silverlight 5, and 5 Developer Runtime,… |
n/a |
n/a |
2013-03-13T00:00:00.000Z | 2025-10-22T00:05:43.423Z |
| cve-2013-2596 | N/A | Integer overflow in the fb_mmap function in drive… |
n/a |
n/a |
2013-04-13T01:00:00.000Z | 2025-10-22T00:05:43.277Z |
| cve-2013-2423 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2013-04-17T15:00:00.000Z | 2025-10-22T00:05:43.126Z |
| cve-2013-1347 | N/A | Microsoft Internet Explorer 8 does not properly h… |
n/a |
n/a |
2013-05-05T10:00:00.000Z | 2025-10-22T00:05:42.978Z |
| cve-2013-2094 | N/A | The perf_swevent_init function in kernel/events/c… |
n/a |
n/a |
2013-05-14T20:00:00.000Z | 2025-10-22T00:05:42.816Z |
| cve-2013-1675 | N/A | Mozilla Firefox before 21.0, Firefox ESR 17.x bef… |
n/a |
n/a |
2013-05-16T10:00:00.000Z | 2025-10-22T00:05:42.585Z |
| cve-2013-2729 | N/A | Integer overflow in Adobe Reader and Acrobat 9.x … |
n/a |
n/a |
2013-05-16T10:00:00.000Z | 2025-11-21T15:54:37.154Z |
| cve-2013-3660 | N/A | The EPATHOBJ::pprFlattenRec function in win32k.sy… |
n/a |
n/a |
2013-05-24T20:00:00.000Z | 2025-10-22T00:05:42.100Z |
| cve-2013-1331 | N/A | Buffer overflow in Microsoft Office 2003 SP3 and … |
n/a |
n/a |
2013-06-12T01:00:00.000Z | 2025-10-22T00:05:41.935Z |
| cve-2013-2465 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2013-06-18T22:00:00.000Z | 2025-10-22T00:05:41.755Z |
| cve-2013-1690 | N/A | Mozilla Firefox before 22.0, Firefox ESR 17.x bef… |
n/a |
n/a |
2013-06-26T01:00:00.000Z | 2025-10-22T00:05:41.588Z |
| cve-2013-4660 | N/A | The JS-YAML module before 2.0.5 for Node.js parse… |
n/a |
n/a |
2013-06-28T14:00:00Z | 2024-09-17T02:11:39.386Z |
| cve-2013-3163 | N/A | Microsoft Internet Explorer 8 through 10 allows r… |
n/a |
n/a |
2013-07-10T01:00:00.000Z | 2025-10-22T00:05:41.417Z |
| cve-2013-2251 | N/A | Apache Struts 2.0.0 through 2.3.15 allows remote … |
n/a |
n/a |
2013-07-18T01:00:00.000Z | 2025-10-22T00:05:41.250Z |
| cve-2013-3346 | N/A | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x b… |
n/a |
n/a |
2013-08-30T20:00:00.000Z | 2025-11-21T15:52:39.068Z |
| cve-2013-5714 | N/A | Multiple cross-site scripting (XSS) vulnerabiliti… |
n/a |
n/a |
2013-09-09T17:00:00Z | 2024-09-17T01:41:10.859Z |
| cve-2013-4810 | N/A | HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20… |
n/a |
n/a |
2013-09-13T18:00:00.000Z | 2025-10-22T00:05:40.935Z |
| cve-2013-3893 | N/A | Use-after-free vulnerability in the SetMouseCaptu… |
n/a |
n/a |
2013-09-18T10:00:00.000Z | 2025-10-22T00:05:40.792Z |
| cve-2013-5979 | N/A | Directory traversal vulnerability in Spring Signa… |
n/a |
n/a |
2013-10-02T22:00:00Z | 2024-09-16T16:32:55.588Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-2377 | Malicious code in flipper-plugins (npm) | 2024-06-25T12:43:10Z | 2025-06-18T15:07:35Z |
| mal-2024-2379 | Malicious code in float-kit (npm) | 2024-06-25T12:43:12Z | 2025-02-03T18:38:40Z |
| mal-2024-2393 | Malicious code in fq-ui (npm) | 2024-06-25T12:43:36Z | 2025-12-02T09:12:14Z |
| mal-2024-2425 | Malicious code in google-build-slack (npm) | 2024-06-25T12:44:27Z | 2025-08-01T10:42:05Z |
| mal-2024-2426 | Malicious code in google.fhir.stu3.google (npm) | 2024-06-25T12:44:28Z | 2025-08-01T10:42:05Z |
| mal-2024-2451 | Malicious code in harvest-strategy-arbitrum (npm) | 2024-06-25T12:45:06Z | 2025-06-18T15:07:35Z |
| mal-2024-2478 | Malicious code in hilton_cms (npm) | 2024-06-25T12:45:44Z | 2025-03-03T15:08:01Z |
| mal-2024-2502 | Malicious code in identity-web (npm) | 2024-06-25T12:46:23Z | 2025-04-28T05:47:09Z |
| mal-2024-2506 | Malicious code in importlib-metadata (npm) | 2024-06-25T12:46:31Z | 2025-12-02T09:12:14Z |
| mal-2024-2529 | Malicious code in internal-logger (npm) | 2024-06-25T12:47:05Z | 2025-08-01T10:42:05Z |
| mal-2024-2543 | Malicious code in jewel-case (npm) | 2024-06-25T12:47:34Z | 2025-08-29T06:43:16Z |
| mal-2024-2565 | Malicious code in jquery-dragster (npm) | 2024-06-25T12:48:03Z | 2025-08-29T06:43:16Z |
| mal-2024-2595 | Malicious code in launchdarkly-cpp-internal (npm) | 2024-06-25T12:48:48Z | 2025-12-24T10:09:28Z |
| mal-2024-2596 | Malicious code in launchdarkly-cpp-server (npm) | 2024-06-25T12:48:49Z | 2025-03-03T15:08:01Z |
| mal-2024-2628 | Malicious code in lldb-dap (npm) | 2024-06-25T12:49:22Z | 2025-03-31T07:07:49Z |
| mal-2024-2631 | Malicious code in load-secrets-action (npm) | 2024-06-25T12:49:25Z | 2025-02-03T18:38:40Z |
| mal-2024-2638 | Malicious code in lookerbot (npm) | 2024-06-25T12:49:37Z | 2025-04-28T05:47:09Z |
| mal-2024-2649 | Malicious code in malpostinstall-tst (npm) | 2024-06-25T12:49:55Z | 2024-12-09T14:39:22Z |
| mal-2024-2651 | Malicious code in mdx-linter-devdocs (npm) | 2024-06-25T12:50:03Z | 2025-12-02T09:12:15Z |
| mal-2024-2672 | Malicious code in mozilla-central (npm) | 2024-06-25T12:50:40Z | 2024-12-17T22:37:07Z |
| mal-2024-2685 | Malicious code in mypy-extensions (npm) | 2024-06-25T12:51:08Z | 2025-12-02T09:12:15Z |
| mal-2024-2798 | Malicious code in ontology-starter-react-app (npm) | 2024-06-25T12:54:11Z | 2025-03-31T07:07:49Z |
| mal-2024-2803 | Malicious code in operaextensions.js (npm) | 2024-06-25T12:54:20Z | 2025-03-31T07:07:49Z |
| mal-2024-2815 | Malicious code in owasp-aasvs (npm) | 2024-06-25T12:54:37Z | 2025-06-18T15:07:35Z |
| mal-2024-2826 | Malicious code in package-inherit (npm) | 2024-06-25T12:54:52Z | 2025-03-31T07:07:49Z |
| mal-2024-2888 | Malicious code in powpeg-details (npm) | 2024-06-25T12:56:25Z | 2025-08-29T06:43:17Z |
| mal-2024-2899 | Malicious code in prod-env-variables (npm) | 2024-06-25T12:56:36Z | 2025-08-01T10:42:05Z |
| mal-2024-2903 | Malicious code in protect-and-track (npm) | 2024-06-25T12:56:38Z | 2025-08-29T06:43:17Z |
| mal-2024-2944 | Malicious code in realtimeboard (npm) | 2024-06-25T12:57:56Z | 2025-03-31T07:07:49Z |
| mal-2024-2954 | Malicious code in relay-github-root (npm) | 2024-06-25T12:58:26Z | 2024-12-09T14:39:22Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-0503 | Apache Cassandra: Schwachstelle ermöglicht Codeausführung | 2025-03-06T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0507 | MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-03-09T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0524 | Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung | 2025-03-11T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0542 | Webkit/Apple : Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen | 2025-03-11T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0545 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-03-11T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0562 | expat: Schwachstelle ermöglicht Denial of Service | 2025-03-13T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0572 | X.Org X11: Schwachstelle ermöglicht Denial of Service | 2025-03-16T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0600 | GnuPG: Schwachstelle ermöglicht Denial of Service | 2025-03-19T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0606 | Red Hat Enterprise Linux (Gatekeeper): Mehrere Schwachstellen ermöglichen Denial of Service | 2025-03-19T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0607 | WebKitGTK and WPE WebKit: Mehrere Schwachstellen | 2025-03-20T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0625 | Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Denial of Service | 2025-03-24T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0627 | Vercel Next.js: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-03-24T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0633 | Gitea: Mehrere Schwachstellen | 2025-03-25T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0649 | Linux Kernel: Mehrere Schwachstellen | 2025-03-27T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0683 | Linux Kernel: Mehrere Schwachstellen | 2025-04-01T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0708 | pgAdmin: Mehrere Schwachstellen | 2025-04-03T22:00:00.000+00:00 | 2025-11-11T23:00:00.000+00:00 |
| wid-sec-w-2025-0712 | GNU libc: Schwachstelle ermöglicht Denial of Service | 2025-04-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0713 | poppler: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-04-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0718 | Red Hat Enterprise Linux (libxslt): Schwachstelle ermöglicht DoS und Codeausführung | 2025-04-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0728 | WebKitGTK und WPE WebKit: Mehrere Schwachstellen | 2025-04-07T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0730 | libxml2: Schwachstelle ermöglicht Manipulation von Dateien | 2025-04-07T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0754 | Red Hat Enterprise Linux (opentelemetry-collector): Schwachstelle ermöglicht Denial of Service | 2025-04-08T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0813 | Oracle MySQL: Mehrere Schwachstellen | 2025-04-15T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0831 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-04-15T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0837 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-04-15T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0844 | Linux Kernel: Mehrere Schwachstellen | 2025-04-16T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0861 | Linux Kernel: Mehrere Schwachstellen | 2025-04-21T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0877 | Redis: Schwachstelle ermöglicht Denial of Service | 2025-04-23T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0879 | BusyBox: Mehrere Schwachstellen | 2025-04-23T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0922 | Linux Kernel: Mehrere Schwachstellen | 2025-05-01T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-756744 | SSA-756744: OS Command Injection Vulnerability in SINEC NMS | 2021-08-10T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-818688 | SSA-818688: Multiple Vulnerabilities in Solid Edge before SE2021MP7 | 2021-08-10T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-830194 | SSA-830194: Missing Authentication Vulnerability in S7-1200 Devices | 2021-08-10T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-938030 | SSA-938030: DGN and PAR File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.2 | 2021-08-10T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-816035 | SSA-816035: Code Execution Vulnerability in SINEMA Remote Connect Client | 2021-08-19T00:00:00Z | 2021-08-19T00:00:00Z |
| ssa-109294 | SSA-109294: Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-208530 | SSA-208530: File parsing vulnerabilities in IFC adapter in NX | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-288459 | SSA-288459: Heap Overflow Vulnerability in RFID terminals | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-316383 | SSA-316383: NumberJack Vulnerability in LOGO! CMR and SIMATIC RTU 3000 devices | 2021-09-14T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-330339 | SSA-330339: Web Vulnerabilities in SINEC NMS | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-334944 | SSA-334944: Vulnerability in SINEMA Remote Connect Server | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-413407 | SSA-413407: Path Traversal Vulnerability in Teamcenter Active Workspace | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-453715 | SSA-453715: Deserialization Vulnerability in CCOM Communication Component of Desigo CC Family | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-500748 | SSA-500748: Denial-of-Service Vulnerabilities in SIPROTEC 5 Devices | 2021-09-14T00:00:00Z | 2021-10-12T00:00:00Z |
| ssa-535380 | SSA-535380: Command Injection Vulnerability in Siveillance OIS Affecting Several Building Management Systems | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-535997 | SSA-535997: Cleartext Storage of Sensitive Information in Multiple SIMATIC Products | 2021-09-14T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-676336 | SSA-676336: OpenSSH Vulnerabilities in SCALANCE X-200 and X-300/X408 Switches | 2021-09-14T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-692317 | SSA-692317: Authorization Bypass Vulnerability in Industrial Edge | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-756638 | SSA-756638: Vulnerabilities in Third-Party Component Mbed TLS of LOGO! CMR Family and SIMATIC RTU 3000 Family | 2021-09-14T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-847986 | SSA-847986: Denial-of-Service Vulnerabilities in SIPROTEC 5 relays | 2021-09-14T00:00:00Z | 2021-10-12T00:00:00Z |
| ssa-944498 | SSA-944498: Buffer Overflow Vulnerability in Web Server of APOGEE and TALON Automation Devices | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-987403 | SSA-987403: Multiple Vulnerabilities in Teamcenter | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-997732 | SSA-997732: Modfem File Parsing Vulnerability in Simcenter Femap before V2021.2 | 2021-09-14T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-728618 | SSA-728618: Multiple Vulnerabilities in Solid Edge before SE2021MP8 | 2021-09-28T00:00:00Z | 2021-09-28T00:00:00Z |
| ssa-280624 | SSA-280624: Multiple Vulnerabilities in SCALANCE W1750D | 2021-10-12T00:00:00Z | 2022-10-11T00:00:00Z |
| ssa-766247 | SSA-766247: Authentication Vulnerability in SIMATIC Process Historian | 2021-10-12T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-044112 | SSA-044112: Multiple Vulnerabilities (NUCLEUS:13) in the TCP/IP Stack of Nucleus RTOS | 2021-11-09T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-114589 | SSA-114589: Multiple Vulnerabilities in Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products | 2021-11-09T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-703715 | SSA-703715: Information Disclosure Vulnerability in Climatix POL909 (AWM and AWB) | 2021-11-09T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-840188 | SSA-840188: Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products | 2021-11-09T00:00:00Z | 2023-04-11T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2002:211 | Red Hat Security Advisory: ggv security update | 2002-10-10T20:23:00+00:00 | 2025-11-21T17:25:07+00:00 |
| rhsa-2002:195 | Red Hat Security Advisory: tetex security update | 2002-10-14T13:36:00+00:00 | 2025-11-21T17:25:06+00:00 |
| rhsa-2002:196 | Red Hat Security Advisory: : Updated xinetd packages fix denial of service vulnerability | 2002-10-15T17:07:00+00:00 | 2025-11-21T17:25:06+00:00 |
| rhsa-2002:192 | Red Hat Security Advisory: : Updated Mozilla packages fix security vulnerabilities | 2002-10-18T09:15:00+00:00 | 2025-11-21T17:25:05+00:00 |
| rhsa-2002:223 | Red Hat Security Advisory: : Updated ypserv packages fixes memory leak | 2002-10-24T12:13:00+00:00 | 2025-11-21T17:25:09+00:00 |
| rhsa-2002:224 | Red Hat Security Advisory: ypserv security update | 2002-10-25T12:24:00+00:00 | 2025-11-21T17:25:10+00:00 |
| rhsa-2002:227 | Red Hat Security Advisory: kernel security update | 2002-10-28T22:32:00+00:00 | 2025-11-21T17:25:10+00:00 |
| rhsa-2002:218 | Red Hat Security Advisory: tomcat security update for Stronghold | 2002-11-05T00:00:00+00:00 | 2025-11-21T17:25:08+00:00 |
| rhsa-2002:242 | Red Hat Security Advisory: : Updated kerberos packages available | 2002-11-07T16:26:00+00:00 | 2025-11-21T17:25:10+00:00 |
| rhsa-2002:250 | Red Hat Security Advisory: krb5 security update | 2002-11-07T17:35:00+00:00 | 2025-11-21T17:25:12+00:00 |
| rhsa-2002:248 | Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold | 2002-11-07T17:42:00+00:00 | 2025-11-21T17:25:12+00:00 |
| rhsa-2002:243 | Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold | 2002-11-08T11:15:00+00:00 | 2025-11-21T17:25:11+00:00 |
| rhsa-2002:244 | Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold | 2002-11-08T11:15:00+00:00 | 2025-11-21T17:25:12+00:00 |
| rhsa-2002:217 | Red Hat Security Advisory: tomcat security update for Stronghold | 2002-11-08T11:16:00+00:00 | 2025-11-21T17:25:08+00:00 |
| rhsa-2002:263 | Red Hat Security Advisory: kernel security update | 2002-11-22T16:39:00+00:00 | 2025-11-21T17:25:15+00:00 |
| rhsa-2002:254 | Red Hat Security Advisory: : Updated Webalizer packages fix vulnerability | 2002-12-04T08:33:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002:255 | Red Hat Security Advisory: webalizer security update | 2002-12-04T15:21:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002:261 | Red Hat Security Advisory: Canna security update | 2002-12-10T15:15:00+00:00 | 2025-11-21T17:25:14+00:00 |
| rhsa-2002:256 | Red Hat Security Advisory: wget security update | 2002-12-10T15:16:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2002:229 | Red Hat Security Advisory: : : : Updated wget packages fix directory traversal bug | 2002-12-10T15:23:00+00:00 | 2025-11-21T17:25:10+00:00 |
| rhsa-2002:293 | Red Hat Security Advisory: : Updated Fetchmail packages fix security vulnerability | 2002-12-17T09:20:00+00:00 | 2025-11-21T17:25:17+00:00 |
| rhsa-2002:294 | Red Hat Security Advisory: fetchmail security update | 2002-12-17T19:04:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002:271 | Red Hat Security Advisory: pine security update | 2003-01-03T19:15:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002:270 | Red Hat Security Advisory: : : : Updated pine packages available | 2003-01-03T19:33:00+00:00 | 2025-11-21T17:25:15+00:00 |
| rhsa-2002:289 | Red Hat Security Advisory: mysql security update | 2003-01-06T15:27:00+00:00 | 2025-11-21T17:25:16+00:00 |
| rhsa-2002:290 | Red Hat Security Advisory: : Updated Ethereal packages are available | 2003-01-09T16:15:00+00:00 | 2025-11-21T17:25:16+00:00 |
| rhsa-2002:251 | Red Hat Security Advisory: apache security update | 2003-01-09T20:10:00+00:00 | 2025-11-21T17:25:13+00:00 |
| rhsa-2003:006 | Red Hat Security Advisory: : : : Updated libpng packages fix buffer overflow | 2003-01-13T15:28:00+00:00 | 2025-11-21T17:25:21+00:00 |
| rhsa-2002:295 | Red Hat Security Advisory: : Updated CUPS packages fix various vulnerabilities | 2003-01-13T15:34:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2003:009 | Red Hat Security Advisory: WindowMaker security update | 2003-01-14T13:43:00+00:00 | 2025-11-21T17:25:22+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2014-5277 | Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. | 2014-11-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2014-8991 | pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user. | 2014-11-02T00:00:00.000Z | 2025-09-03T21:14:33.000Z |
| msrc_cve-2004-2771 | The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address. | 2014-12-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2014-6407 | Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. | 2014-12-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2014-9358 | Docker before 1.3.3 does not properly validate image IDs which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications." | 2014-12-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2014-9638 | oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. | 2015-01-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2014-9639 | Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file which triggers an out-of-bounds memory access. | 2015-01-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2015-1029 | The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by prepopulating the fact cache. | 2015-01-02T00:00:00.000Z | 2025-02-11T00:00:00.000Z |
| msrc_cve-2012-6687 | FastCGI (aka fcgi and libfcgi) 2.4.0 allows remote attackers to cause a denial of service (segmentation fault and crash) via a large number of connections. | 2015-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2014-9636 | unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression. | 2015-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2015-1473 | The GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service | 2015-04-02T00:00:00.000Z | 2025-04-12T00:00:00.000Z |
| msrc_cve-2015-3416 | The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement. | 2015-04-02T00:00:00.000Z | 2025-09-03T23:33:38.000Z |
| msrc_cve-2015-2704 | realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf | 2015-05-02T00:00:00.000Z | 2025-10-01T23:10:53.000Z |
| msrc_cve-2015-3627 | Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot which allows local users to gain privileges via a symlink attack in an image. | 2015-05-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2015-3630 | Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound (2) /proc/timer_stats (3) /proc/latency_stats and (4) /proc/fs which allows local users to modify the host obtain sensitive information and perform protocol downgrade attacks via a crafted image. | 2015-05-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2015-3631 | Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc. | 2015-05-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2015-3717 | Multiple buffer overflows in the printf functionality in SQLite as used in Apple iOS before 8.4 and OS X before 10.10.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. | 2015-07-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2015-2987 | Type74 ED before 4.0 misuses 128-bit ECB encryption for small files which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits. | 2015-08-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2015-5157 | arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution which might allow local users to gain privileges by triggering an NMI. | 2015-08-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2015-6749 | Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file. | 2015-09-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2015-7309 | The theme editor in Bolt allows remote authenticated users to execute arbitrary code by renaming a crafted file | 2015-09-02T00:00:00.000Z | 2025-10-01T23:10:53.000Z |
| msrc_cve-2015-7696 | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive possibly related to an Extra-Field size value. | 2015-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2015-7697 | Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive. | 2015-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2015-7981 | The png_convert_to_rfc1123 function in png.c allows remote attackers to obtain sensitive process memory information | 2015-11-02T00:00:00.000Z | 2025-04-16T00:00:00.000Z |
| msrc_cve-2015-8100 | The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf which allows local users to obtain sensitive community information by reading this file. | 2015-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2015-8126 | Multiple buffer overflows in libpng allow remote attackers to cause a denial of service | 2015-11-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2015-3276 | The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors. | 2015-12-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication obtain sensitive information or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c which trigger an "Off-by-two" or "Out of bounds overwrite" memory error. | 2015-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2015-8472 | Buffer overflow in libpng allows remote attackers to cause a denial of service | 2016-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-1494 | The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack. | 2016-01-02T00:00:00.000Z | 2025-09-03T22:43:53.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-303-02 | Hitachi Energy TropOS | 2025-10-30T06:00:00.000000Z | 2025-10-30T06:00:00.000000Z |
| va-25-304-01 | ELOG multiple vulnerabilities | 2025-10-31T16:57:24Z | 2025-10-31T16:57:24Z |
| va-25-304-02 | Restaurant Brands International assistant platform multiple vulnerabilities | 2025-10-31T17:02:13Z | 2025-10-31T17:02:13Z |
| icsa-25-308-01 | Fuji Electric Monitouch V-SFT-6 (Update A) | 2025-11-04T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-308-02 | Survision License Plate Recognition Camera | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-03 | Delta Electronics CNCSoft-G2 | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-04 | Radiometrics VizAir | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-05 | IDIS ICM Viewer | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-310-01 | Advantech DeviceOn/iEdge | 2025-11-06T07:00:00.000000Z | 2025-11-06T07:00:00.000000Z |
| icsa-25-310-02 | Ubia Ubox | 2025-11-06T07:00:00.000000Z | 2025-11-06T07:00:00.000000Z |
| icsa-25-310-03 | ABB FLXeon Controllers | 2025-11-06T07:00:00.000000Z | 2025-11-06T07:00:00.000000Z |
| icsa-25-317-13 | Siemens LOGO! 8 BM Devices | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-14 | Siemens Solid Edge | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-15 | Siemens COMOS | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-16 | Siemens Altair Grid Engine | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-317-17 | Siemens Software Center and Solid Edge | 2025-11-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-322-01 | Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio | 2025-11-11T08:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-322-04 | Schneider Electric PowerChute Serial Shutdown | 2025-11-11T08:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-317-01 | Mitsubishi Electric MELSEC iQ-F Series | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-02 | AVEVA Application Server IDE | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-03 | AVEVA Edge | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-04 | Brightpick Mission Control / Internal Logic Control | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-05 | Rockwell Automation Verve Asset Manager | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-06 | Rockwell Automation Studio 5000 Simulation Interface | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-07 | Rockwell Automation FactoryTalk DataMosaix Private Cloud | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-09 | Rockwell Automation FactoryTalk Policy Manager | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-10 | *Rockwell Automation AADvance-Trusted SIS Workstation * | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-11 | Siemens SICAM P850 family and SICAM P855 family | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-12 | Siemens Spectrum Power 4 | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-322-02 | Shelly Pro 4PM | 2025-11-18T07:00:00.000000Z | 2025-11-18T07:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2006-000251 | SquirrelMail cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000293 | Sun Java System Web Server cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000326 | Mozilla Firefox vulnerable to HTTP response splitting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000345 | Microsoft Internet Explorer address bar spoofing vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000392 | Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox. | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000540 | Microsoft Windows Indexing Service cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000599 | Nagasaki Electronic Prefectural Office System vulnerable to bypass authentication | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000600 | Nagasaki Electronic Prefectural Office System authentication information vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000601 | Eudora Japanese version stops working after the application crashes | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000602 | Multiple email clients vulnerable in handling an attachement inapropriately | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000603 | Hatena Toolbar sends URL information unecnrypted | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000604 | Nagasaki Electronic Prefectural Office System SQL injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000605 | Hyper NIKKI System allows unauthorized email submission | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000606 | Minnu's filer2 vulnerable in allowing arbitrary Ruby script execution | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000609 | CAFEMILK Shopping Cart CGI cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000610 | QUICK CART OS command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000611 | QUICK CART cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000612 | FreeStyleWiki cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000613 | Trac cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000614 | Winny buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000615 | Apache Struts Validator allows to bypass input data validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000616 | DonutP and UnDonut confirmation dialog display vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000617 | Multiple email clients vulnerable to directory traversal due to inappropriate unicode handling | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000619 | MyWeb SQL injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000620 | RWiki arbitrary Ruby script execution vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000621 | RWiki cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000622 | dotProject cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000623 | Joomla! cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000624 | CGI RESCUE WebFORM allows unauthorized email transmission | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000625 | CGI RESCUE WebFORM allows unauthorized email transmission | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|