Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-9wqg-38fc-34m9 | Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated atta… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:32Z |
| ghsa-8j6v-82x4-pg34 | FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be ch… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-8hvh-73q5-g7pg | FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig RES… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-58r7-rx7j-5v4g | Anviz AIM CrossChex Standard 4.3.6.0 contains a CSV injection vulnerability that allows attackers t… | 2025-12-24T21:30:31Z | 2025-12-24T21:30:31Z |
| ghsa-x4fw-5929-5227 | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a stored cross-site scripting vulnerabi… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-wcqx-pwqh-x4mj | SOCA Access Control System 180612 contains multiple insecure direct object reference vulnerabilitie… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-r8pj-6rqm-3whh | IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker b… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-m662-6p96-4253 | SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows a… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-hjwr-h73m-h7pf | Beward Intercom 2.3.1 contains a credentials disclosure vulnerability that allows local attackers t… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-754f-6hrq-f5qh | SOCA Access Control System 180612 contains multiple SQL injection vulnerabilities that allow attack… | 2025-12-24T21:30:30Z | 2025-12-24T21:30:30Z |
| ghsa-x5xq-cwhv-jgjh | MyNET up to v26.08.316 was discovered to contain an Unauthenticated SQL Injection vulnerability via… | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-m9g9-rxjq-3p3h | MyNET up to v26.08 was discovered to contain a reflected cross-site scripting (XSS) vulnerability v… | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-hcr2-46j7-rjhp | A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This … | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-gc5g-jhc5-xh8h | A reflected cross-site scripting (XSS) vulnerability in MyNET up to v26.08 allows attackers to exec… | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-frq8-587v-8qcr | Under certain circumstances a successful exploitation could result in access to the device. | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-475m-mm7r-j479 | In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflo… | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-3vrr-x6c8-rfm2 | Under certain circumstances a successful exploitation could result in access to the device. | 2025-12-24T18:30:22Z | 2025-12-24T18:30:22Z |
| ghsa-wp6p-8vq9-pc32 | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race betw… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-vc2w-h9rc-mpxx | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds afte… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-rp3g-8hwh-4xwq | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-pgph-4c45-hj8g | Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade an… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-j5f2-m9hq-3w98 | Rejected reason: This CVE id was assigned but later discarded. | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-ghj7-pch2-m5m6 | In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeou… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-fc8g-5x2c-p65r | An open redirect vulnerability in the login endpoint of Blitz Panel v1.17.0 allows attackers to red… | 2025-12-24T15:30:44Z | 2025-12-24T18:30:22Z |
| ghsa-99pp-v74j-jmgv | In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when … | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-98rv-gpf2-fj42 | In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-8phj-p75x-7gv8 | In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-348v-47hf-22wr | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel… | 2025-12-24T15:30:44Z | 2025-12-24T15:30:44Z |
| ghsa-x3pg-6rrq-fcp9 | Missing Authorization vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget … | 2025-12-24T15:30:43Z | 2025-12-24T21:30:29Z |
| ghsa-wx69-963x-88g9 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2025-12-24T15:30:43Z | 2025-12-24T21:30:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-25138 | 9.3 (v4.0) 7.5 (v3.1) | FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials… |
FLIR Systems |
FLIR AX8 Thermal Camera |
2025-12-24T19:27:46.730Z | 2025-12-24T20:26:22.231Z |
| cve-2018-25137 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Conf… |
FLIR Systems, Inc. |
FLIR Brickstream 3D+ |
2025-12-24T19:27:46.300Z | 2025-12-24T20:26:28.490Z |
| cve-2018-25136 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated RTSP… |
FLIR Systems, Inc. |
Brickstream 3D+ |
2025-12-24T19:27:45.779Z | 2025-12-24T20:26:35.205Z |
| cve-2018-25135 | 9.3 (v4.0) 9.8 (v3.1) | Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via… |
Anviz Biometric Technology Co., Ltd. |
Anviz AIM CrossChex Standard |
2025-12-24T19:27:45.375Z | 2025-12-24T20:26:41.287Z |
| cve-2018-25134 | 9.3 (v4.0) 9.8 (v3.1) | Synaccess netBooter NP-02x/NP-08x 6.8 Authentication B… |
Synaccess Networks Inc. |
netBooter NP-02x/NP-08x |
2025-12-24T19:27:44.967Z | 2025-12-24T20:26:48.331Z |
| cve-2018-25133 | 5.1 (v4.0) 4.3 (v3.1) | Synaccess netBooter NP-0801DU 7.4 Cross-Site Request F… |
Synaccess Networks Inc. |
netBooter NP-0801DU |
2025-12-24T19:27:44.567Z | 2025-12-24T20:26:55.174Z |
| cve-2018-25131 | 5.1 (v4.0) 7.2 (v3.1) | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Sto… |
Leica Geosystems AG |
GR10/GR25/GR30/GR50 GNSS |
2025-12-24T19:27:44.162Z | 2025-12-24T20:27:01.726Z |
| cve-2018-25130 | 6.8 (v4.0) 6.2 (v3.1) | Beward Intercom 2.3.1 Local Credentials Disclosure via… |
Beward R&D Co., Ltd |
BEWARD Intercom |
2025-12-24T19:27:43.752Z | 2025-12-24T20:27:08.870Z |
| cve-2018-25129 | 7.1 (v4.0) 7.5 (v3.1) | SOCA Access Control System 180612 Information Disclosu… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:43.322Z | 2025-12-24T20:27:15.081Z |
| cve-2018-25128 | 9.3 (v4.0) 8.2 (v3.1) | SOCA Access Control System 180612 SQL Injection and Au… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.899Z | 2025-12-24T20:27:21.283Z |
| cve-2018-25127 | 5.1 (v4.0) 5.3 (v3.1) | SOCA Access Control System 180612 Cross-Site Request F… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.423Z | 2025-12-24T20:27:27.630Z |
| cve-2025-36154 | 6.2 (v3.1) | IBM Concert Software Cleartext Storage in a File or on Disk. |
IBM |
Concert |
2025-12-24T19:01:48.161Z | 2025-12-24T20:02:34.098Z |
| cve-2025-2515 | 7.2 (v3.1) | Bluechi: privilege escalation in bluechi via unrestric… |
Eclipse Foundation |
BlueChi |
2025-12-24T16:21:54.365Z | 2025-12-24T16:48:19.891Z |
| cve-2025-68750 | N/A | usb: potential integer overflow in usbg_make_tpg() |
Linux |
Linux |
2025-12-24T15:51:03.141Z | 2025-12-24T15:51:03.141Z |
| cve-2025-43876 | 8.7 (v4.0) | iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Ed… |
Johnson Controls |
iSTAR Ultra, iSTAR Ultra SE |
2025-12-24T15:27:06.898Z | 2025-12-24T16:20:55.776Z |
| cve-2025-43875 | 8.7 (v4.0) | iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Ed… |
Johnson Controls |
iSTAR Ultra, iSTAR Ultra SE |
2025-12-24T15:19:19.145Z | 2025-12-24T16:21:31.227Z |
| cve-2025-2155 | 8.8 (v3.1) | Arbitrary File Upload in EchoCCS's Specto CM |
Echo Call Center Services Trade and Industry Inc. |
Specto CM |
2025-12-24T14:31:07.708Z | 2025-12-24T16:22:27.231Z |
| cve-2025-2154 | 5.4 (v3.1) | Stored XSS in EchoCCS's Specto CM |
Echo Call Center Services Trade and Industry Inc. |
Specto CM |
2025-12-24T14:26:47.561Z | 2025-12-24T16:23:09.149Z |
| cve-2025-68606 | N/A | WordPress PostX plugin <= 5.0.3 - Sensitive Data Expos… |
WPXPO |
PostX |
2025-12-24T13:10:48.784Z | 2025-12-24T19:27:01.170Z |
| cve-2025-68605 | N/A | WordPress Post Grid and Gutenberg Blocks plugin <= 2.3… |
PickPlugins |
Post Grid and Gutenberg Blocks |
2025-12-24T13:10:48.261Z | 2025-12-24T19:27:09.736Z |
| cve-2025-68603 | N/A | WordPress Editorial Calendar plugin <= 3.8.8 - Broken … |
Marketing Fire |
Editorial Calendar |
2025-12-24T13:10:47.744Z | 2025-12-24T19:27:16.669Z |
| cve-2025-68602 | N/A | WordPress Accept Donations with PayPal plugin <= 1.5.1… |
Scott Paterson |
Accept Donations with PayPal |
2025-12-24T13:10:47.134Z | 2025-12-24T19:27:22.742Z |
| cve-2025-68601 | N/A | WordPress Five Star Restaurant Reservations plugin <= … |
Rustaurius |
Five Star Restaurant Reservations |
2025-12-24T13:10:46.860Z | 2025-12-24T19:27:28.517Z |
| cve-2025-68600 | N/A | WordPress Link Library plugin <= 7.8.4 - Server Side R… |
Yannick Lefebvre |
Link Library |
2025-12-24T13:10:46.548Z | 2025-12-24T19:27:33.977Z |
| cve-2025-68599 | N/A | WordPress YouTube Embed plugin <= 5.4 - Cross Site Scr… |
Embeds For YouTube Plugin Support |
YouTube Embed |
2025-12-24T13:10:46.247Z | 2025-12-24T19:27:39.427Z |
| cve-2025-68598 | N/A | WordPress Page Builder: Live Composer plugin <= 2.0.5 … |
LiveComposer |
Page Builder: Live Composer |
2025-12-24T13:10:45.982Z | 2025-12-24T19:27:44.859Z |
| cve-2025-68597 | N/A | WordPress Jobs for WordPress plugin <= 2.7.17 - Cross … |
BlueGlass Interactive AG |
Jobs for WordPress |
2025-12-24T13:10:45.718Z | 2025-12-24T19:27:50.540Z |
| cve-2025-68596 | N/A | WordPress Bit Assist plugin <= 1.5.11 - Broken Access … |
Bit Apps |
Bit Assist |
2025-12-24T13:10:45.364Z | 2025-12-24T19:27:55.686Z |
| cve-2025-68595 | N/A | WordPress Widgets for Social Photo Feed plugin <= 1.7.… |
Trustindex |
Widgets for Social Photo Feed |
2025-12-24T13:10:44.856Z | 2025-12-24T19:28:01.577Z |
| cve-2025-68594 | N/A | WordPress Poll, Survey & Quiz Maker Plugin by Opinion … |
Assaf Parag |
Poll, Survey & Quiz Maker Plugin by Opinion Stage |
2025-12-24T13:10:44.556Z | 2025-12-24T19:28:08.300Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2018-25138 | 9.3 (v4.0) 7.5 (v3.1) | FLIR AX8 Thermal Camera 1.32.16 Hard-Coded Credentials… |
FLIR Systems |
FLIR AX8 Thermal Camera |
2025-12-24T19:27:46.730Z | 2025-12-24T20:26:22.231Z |
| cve-2018-25137 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated Conf… |
FLIR Systems, Inc. |
FLIR Brickstream 3D+ |
2025-12-24T19:27:46.300Z | 2025-12-24T20:26:28.490Z |
| cve-2018-25136 | 8.7 (v4.0) 7.5 (v3.1) | FLIR Brickstream 3D+ 2.1.742.1842 Unauthenticated RTSP… |
FLIR Systems, Inc. |
Brickstream 3D+ |
2025-12-24T19:27:45.779Z | 2025-12-24T20:26:35.205Z |
| cve-2018-25135 | 9.3 (v4.0) 9.8 (v3.1) | Anviz AIM CrossChex Standard 4.3.6.0 CSV Injection via… |
Anviz Biometric Technology Co., Ltd. |
Anviz AIM CrossChex Standard |
2025-12-24T19:27:45.375Z | 2025-12-24T20:26:41.287Z |
| cve-2018-25134 | 9.3 (v4.0) 9.8 (v3.1) | Synaccess netBooter NP-02x/NP-08x 6.8 Authentication B… |
Synaccess Networks Inc. |
netBooter NP-02x/NP-08x |
2025-12-24T19:27:44.967Z | 2025-12-24T20:26:48.331Z |
| cve-2018-25133 | 5.1 (v4.0) 4.3 (v3.1) | Synaccess netBooter NP-0801DU 7.4 Cross-Site Request F… |
Synaccess Networks Inc. |
netBooter NP-0801DU |
2025-12-24T19:27:44.567Z | 2025-12-24T20:26:55.174Z |
| cve-2018-25131 | 5.1 (v4.0) 7.2 (v3.1) | Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 Sto… |
Leica Geosystems AG |
GR10/GR25/GR30/GR50 GNSS |
2025-12-24T19:27:44.162Z | 2025-12-24T20:27:01.726Z |
| cve-2018-25130 | 6.8 (v4.0) 6.2 (v3.1) | Beward Intercom 2.3.1 Local Credentials Disclosure via… |
Beward R&D Co., Ltd |
BEWARD Intercom |
2025-12-24T19:27:43.752Z | 2025-12-24T20:27:08.870Z |
| cve-2018-25129 | 7.1 (v4.0) 7.5 (v3.1) | SOCA Access Control System 180612 Information Disclosu… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:43.322Z | 2025-12-24T20:27:15.081Z |
| cve-2018-25128 | 9.3 (v4.0) 8.2 (v3.1) | SOCA Access Control System 180612 SQL Injection and Au… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.899Z | 2025-12-24T20:27:21.283Z |
| cve-2018-25127 | 5.1 (v4.0) 5.3 (v3.1) | SOCA Access Control System 180612 Cross-Site Request F… |
SOCA Technology Co., Ltd |
SOCA Access Control System |
2025-12-24T19:27:42.423Z | 2025-12-24T20:27:27.630Z |
| cve-2025-36154 | 6.2 (v3.1) | IBM Concert Software Cleartext Storage in a File or on Disk. |
IBM |
Concert |
2025-12-24T19:01:48.161Z | 2025-12-24T20:02:34.098Z |
| cve-2025-2515 | 7.2 (v3.1) | Bluechi: privilege escalation in bluechi via unrestric… |
Eclipse Foundation |
BlueChi |
2025-12-24T16:21:54.365Z | 2025-12-24T16:48:19.891Z |
| cve-2025-68750 | N/A | usb: potential integer overflow in usbg_make_tpg() |
Linux |
Linux |
2025-12-24T15:51:03.141Z | 2025-12-24T15:51:03.141Z |
| cve-2025-43876 | 8.7 (v4.0) | iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Ed… |
Johnson Controls |
iSTAR Ultra, iSTAR Ultra SE |
2025-12-24T15:27:06.898Z | 2025-12-24T16:20:55.776Z |
| cve-2025-43875 | 8.7 (v4.0) | iSTAR Ultra, Ultra SE, Ultra G2, Ultra G2 SE, iSTAR Ed… |
Johnson Controls |
iSTAR Ultra, iSTAR Ultra SE |
2025-12-24T15:19:19.145Z | 2025-12-24T16:21:31.227Z |
| cve-2024-40317 | N/A | A reflected cross-site scripting (XSS) vulnerabil… |
n/a |
n/a |
2025-12-24T00:00:00.000Z | 2025-12-24T21:47:08.435Z |
| cve-2024-39037 | N/A | MyNET up to v26.08.316 was discovered to contain … |
n/a |
n/a |
2025-12-24T00:00:00.000Z | 2025-12-24T21:48:23.875Z |
| cve-2024-35322 | N/A | MyNET up to v26.08 was discovered to contain a re… |
n/a |
n/a |
2025-12-24T00:00:00.000Z | 2025-12-24T16:45:02.195Z |
| cve-2025-60935 | N/A | An open redirect vulnerability in the login endpo… |
n/a |
n/a |
2025-12-24T00:00:00.000Z | 2025-12-24T16:46:21.881Z |
| cve-2025-2155 | 8.8 (v3.1) | Arbitrary File Upload in EchoCCS's Specto CM |
Echo Call Center Services Trade and Industry Inc. |
Specto CM |
2025-12-24T14:31:07.708Z | 2025-12-24T16:22:27.231Z |
| cve-2025-2154 | 5.4 (v3.1) | Stored XSS in EchoCCS's Specto CM |
Echo Call Center Services Trade and Industry Inc. |
Specto CM |
2025-12-24T14:26:47.561Z | 2025-12-24T16:23:09.149Z |
| cve-2025-5448 | N/A | {'providerMetadata': {'orgId': '53f830b8-0a3f-465b-8143-3b8a9948e749', 'shortName': 'redhat', 'dateUpdated': '2025-12-24T13:15:12.460Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE id was assigned but later discarded.'}]} | N/A | N/A | 2025-12-24T13:15:12.460Z | |
| cve-2025-68749 | N/A | accel/ivpu: Fix race condition when unbinding BOs |
Linux |
Linux |
2025-12-24T12:09:44.301Z | 2025-12-24T12:09:44.301Z |
| cve-2025-68748 | N/A | drm/panthor: Fix UAF race between device unplug and FW… |
Linux |
Linux |
2025-12-24T12:09:43.620Z | 2025-12-24T12:09:43.620Z |
| cve-2025-68747 | N/A | drm/panthor: Fix UAF on kernel BO VA nodes |
Linux |
Linux |
2025-12-24T12:09:42.925Z | 2025-12-24T12:09:42.925Z |
| cve-2025-68746 | N/A | spi: tegra210-quad: Fix timeout handling |
Linux |
Linux |
2025-12-24T12:09:42.213Z | 2025-12-24T12:09:42.213Z |
| cve-2025-68745 | N/A | scsi: qla2xxx: Clear cmds after chip reset |
Linux |
Linux |
2025-12-24T12:09:41.517Z | 2025-12-24T12:09:41.517Z |
| cve-2025-68744 | N/A | bpf: Free special fields when update [lru_,]percpu_hash maps |
Linux |
Linux |
2025-12-24T12:09:40.839Z | 2025-12-24T12:09:40.839Z |
| cve-2025-68743 | N/A | mshv: Fix create memory region overlap check |
Linux |
Linux |
2025-12-24T12:09:40.148Z | 2025-12-24T12:09:40.148Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192871 | Malicious code in sturdyfetch22 (npm) | 2025-12-23T08:31:49Z | 2025-12-23T08:31:49Z |
| mal-2025-192870 | Malicious code in sturdyfetch21 (npm) | 2025-12-23T08:31:48Z | 2025-12-23T08:31:48Z |
| mal-2025-192869 | Malicious code in sturdyfetch19 (npm) | 2025-12-23T08:31:47Z | 2025-12-23T08:31:47Z |
| mal-2025-192868 | Malicious code in sturdyfetch18 (npm) | 2025-12-23T08:31:47Z | 2025-12-23T08:31:47Z |
| mal-2025-192867 | Malicious code in sturdyfetch17 (npm) | 2025-12-23T08:31:46Z | 2025-12-23T08:31:46Z |
| mal-2025-192866 | Malicious code in sturdyfetch15 (npm) | 2025-12-23T08:31:45Z | 2025-12-23T08:31:45Z |
| mal-2025-192865 | Malicious code in streamlinear (npm) | 2025-12-23T08:31:32Z | 2025-12-23T08:31:32Z |
| mal-2025-192864 | Malicious code in stream-chain-xor (npm) | 2025-12-23T08:31:31Z | 2025-12-23T08:31:31Z |
| mal-2025-192863 | Malicious code in smart-parser (npm) | 2025-12-23T08:30:35Z | 2025-12-23T08:30:35Z |
| mal-2025-192862 | Malicious code in session-parse (npm) | 2025-12-23T08:30:06Z | 2025-12-23T08:30:06Z |
| mal-2025-192861 | Malicious code in session-keeper (npm) | 2025-12-23T08:30:05Z | 2025-12-23T08:30:05Z |
| mal-2025-192860 | Malicious code in security-testing-research99 (npm) | 2025-12-23T08:29:51Z | 2025-12-23T08:29:51Z |
| mal-2025-192859 | Malicious code in security-testing-research- (npm) | 2025-12-23T08:29:51Z | 2025-12-23T08:29:51Z |
| mal-2025-192858 | Malicious code in resethp (npm) | 2025-12-23T08:28:15Z | 2025-12-23T08:28:15Z |
| mal-2025-192857 | Malicious code in redux-motion (npm) | 2025-12-23T08:27:50Z | 2025-12-23T08:27:50Z |
| mal-2025-192856 | Malicious code in react-resizable-text (npm) | 2025-12-23T08:27:17Z | 2025-12-23T08:27:17Z |
| mal-2025-192855 | Malicious code in react-flex-tools (npm) | 2025-12-23T08:26:31Z | 2025-12-23T08:26:31Z |
| mal-2025-192854 | Malicious code in react-confetti-enhanced (npm) | 2025-12-23T08:26:19Z | 2025-12-23T08:26:19Z |
| mal-2025-192853 | Malicious code in portal-aes (npm) | 2025-12-23T08:24:49Z | 2025-12-23T08:24:49Z |
| mal-2025-192852 | Malicious code in polyfill-corejs2 (npm) | 2025-12-23T08:24:47Z | 2025-12-23T08:24:47Z |
| mal-2025-192851 | Malicious code in petco-test (npm) | 2025-12-23T08:24:29Z | 2025-12-23T08:24:29Z |
| mal-2025-192850 | Malicious code in pentestlyio-testpackage (npm) | 2025-12-23T08:24:20Z | 2025-12-23T08:24:20Z |
| mal-2025-192849 | Malicious code in oneday-worm-research (npm) | 2025-12-23T08:23:15Z | 2025-12-23T08:23:15Z |
| mal-2025-192848 | Malicious code in nokaca (npm) | 2025-12-23T08:22:46Z | 2025-12-23T08:22:46Z |
| mal-2025-192847 | Malicious code in node-calculator-x7k9-grabber (npm) | 2025-12-23T08:22:31Z | 2025-12-23T08:22:31Z |
| mal-2025-192846 | Malicious code in node-calculator-x7k9-evil (npm) | 2025-12-23T08:22:31Z | 2025-12-23T08:22:31Z |
| mal-2025-192845 | Malicious code in node-calculator-fe54 (npm) | 2025-12-23T08:22:30Z | 2025-12-23T08:22:30Z |
| mal-2025-192844 | Malicious code in node-calculator-f483 (npm) | 2025-12-23T08:22:29Z | 2025-12-23T08:22:29Z |
| mal-2025-192843 | Malicious code in node-calculator-f2af (npm) | 2025-12-23T08:22:22Z | 2025-12-23T08:22:22Z |
| mal-2025-192842 | Malicious code in node-calculator-e776 (npm) | 2025-12-23T08:22:21Z | 2025-12-23T08:22:21Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2485 | cURL (wcurl): Schwachstelle ermöglicht Manipulation von Dateien | 2025-11-03T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2481 | Apple Xcode: Mehrere Schwachstellen | 2025-11-03T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2480 | Apple Safari: Mehrere Schwachstellen | 2025-11-03T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2475 | Apple macOS: Mehrere Schwachstellen | 2025-11-03T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2474 | Android Patchday November 2025: Multiple Vulnerabilities | 2025-11-03T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2473 | Apple iOS: Mehrere Schwachstellen | 2025-11-03T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2472 | Samsung Android: Mehrere Schwachstellen | 2025-11-03T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2469 | Redis: Schwachstelle ermöglicht Codeausführung | 2025-11-02T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2468 | CPython: Schwachstelle ermöglicht Denial of Service | 2025-11-02T23:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2466 | QEMU e1000 Network Devices: Schwachstelle ermöglicht Denial of Service | 2025-11-02T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2464 | OpenSMTP: Schwachstelle ermöglicht Denial of Service | 2025-11-02T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2450 | Linux Kernel: Mehrere Schwachstellen | 2025-10-29T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2449 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-10-29T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2445 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-10-29T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2444 | Dell Secure Connect Gateway: Mehrere Schwachstellen | 2025-10-29T23:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2441 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-29T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2436 | Xwayland und X.Org X11: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-10-28T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2431 | Linux Kernel: Mehrere Schwachstellen | 2025-10-28T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2427 | strongSwan (eap-mschapv2 plugin): Schwachstelle ermöglicht Codeausführung und DoS | 2025-10-27T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2420 | Apache Tomcat: Mehrere Schwachstellen | 2025-10-27T23:00:00.000+00:00 | 2025-10-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2416 | Proxmox Backup Server: Mehrere Schwachstellen | 2025-10-26T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2409 | Xen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-10-26T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2407 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-26T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2404 | AMD “Zen 5” Prozessoren: Schwachstelle gefährdet Vertraulichkeit und Integrität | 2025-10-23T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| wid-sec-w-2025-2403 | Ubiquiti UniFi: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-10-23T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2398 | Moxa Switch: Mehrere Schwachstellen | 2025-10-23T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2396 | Hashicorp Vault: Mehrere Schwachstellen | 2025-10-23T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2395 | Rancher Manager: Mehrere Schwachstellen | 2025-10-23T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2394 | Linux Kernel: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2392 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-12-16T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-701627 | SSA-701627: XXE Injection Vulnerabilities in COMOS | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-645131 | SSA-645131: Multiple WRL File Parsing Vulnerabilities in Teamcenter Visualization | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-392859 | SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20 | 2024-12-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-384652 | SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-128393 | SSA-128393: Firmware Decryption Vulnerability in SICAM A8000 CP-8031 and CP-8050 | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-871035 | SSA-871035: Session-Memory Deserialization Vulnerability in Siemens Engineering Platforms Before V19 | 2024-11-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-583523 | SSA-583523: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation | 2024-10-08T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-773256 | SSA-773256: Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products | 2024-09-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-673996 | SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products | 2024-09-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-629254 | SSA-629254: Remote Code Execution Vulnerability in SIMATIC SCADA and PCS 7 systems | 2024-09-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-103653 | SSA-103653: Denial-of-Service Vulnerability in Automation License Manager | 2024-09-10T00:00:00Z | 2025-05-13T00:00:00Z |
| ssa-750499 | SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-723487 | SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products | 2024-07-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-698820 | SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-690517 | SSA-690517: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11ax Family | 2024-06-11T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-196737 | SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2 | 2024-06-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-962515 | SSA-962515: Out of Bounds Read Vulnerability in Industrial Products | 2024-05-14T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-822518 | SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices | 2024-04-09T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-730482 | SSA-730482: Denial of Service Vulnerability in SIMATIC WinCC | 2024-04-09T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-455250 | SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3 | 2024-04-09T00:00:00Z | 2025-05-13T00:00:00Z |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-999588 | SSA-999588: Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2 | 2023-12-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-892915 | SSA-892915: Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-887801 | SSA-887801: Information Disclosure Vulnerability in SIMATIC STEP 7 (TIA Portal) | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-118850 | SSA-118850: Denial of Service Vulnerability in the OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-077170 | SSA-077170: Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 2 | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-887122 | SSA-887122: X_T File Parsing Vulnerabilities in Simcenter Femap | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-478780 | SSA-478780: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-456933 | SSA-456933: Multiple Vulnerabilities in SIMATIC PCS neo before V4.1 | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-268517 | SSA-268517: Code Execution Vulnerability (libwebp CVE-2023-4863) in Mendix Studio Pro | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:21821 | Red Hat Security Advisory: idm:DL1 security update | 2025-11-20T08:05:06+00:00 | 2025-11-27T03:24:25+00:00 |
| rhsa-2025:21329 | Red Hat Security Advisory: OpenShift Container Platform 4.14.59 bug fix and security update | 2025-11-20T07:58:36+00:00 | 2025-11-27T17:37:54+00:00 |
| rhsa-2025:21328 | Red Hat Security Advisory: OpenShift Container Platform 4.14.59 packages and security update | 2025-11-20T07:57:21+00:00 | 2025-11-27T17:38:16+00:00 |
| rhsa-2025:21331 | Red Hat Security Advisory: OpenShift Container Platform 4.14.59 bug fix and security update | 2025-11-20T07:18:12+00:00 | 2025-11-25T21:54:53+00:00 |
| rhsa-2025:21816 | Red Hat Security Advisory: delve and golang security update | 2025-11-20T06:24:08+00:00 | 2025-11-27T23:59:20+00:00 |
| rhsa-2025:21806 | Red Hat Security Advisory: python-kdcproxy security update | 2025-11-20T05:58:44+00:00 | 2025-11-27T03:24:23+00:00 |
| rhsa-2025:21778 | Red Hat Security Advisory: golang security update | 2025-11-20T00:35:26+00:00 | 2025-11-27T23:59:18+00:00 |
| rhsa-2025:21779 | Red Hat Security Advisory: golang security update | 2025-11-20T00:22:25+00:00 | 2025-11-27T23:59:18+00:00 |
| rhsa-2025:21776 | Red Hat Security Advisory: expat security update | 2025-11-19T22:11:45+00:00 | 2025-11-26T15:30:36+00:00 |
| rhsa-2025:21775 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update | 2025-11-19T20:53:45+00:00 | 2025-11-25T17:53:06+00:00 |
| rhsa-2025:21773 | Red Hat Security Advisory: expat security update | 2025-11-19T20:10:25+00:00 | 2025-11-26T15:30:34+00:00 |
| rhsa-2025:21772 | Red Hat Security Advisory: libsoup security update | 2025-11-19T17:38:04+00:00 | 2025-11-25T10:22:47+00:00 |
| rhsa-2025:21768 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update | 2025-11-19T15:51:59+00:00 | 2025-11-25T17:53:05+00:00 |
| rhsa-2025:21760 | Red Hat Security Advisory: kernel security update | 2025-11-19T12:47:43+00:00 | 2025-11-25T21:29:38+00:00 |
| rhsa-2025:21748 | Red Hat Security Advisory: python-kdcproxy security update | 2025-11-19T08:16:29+00:00 | 2025-11-27T03:24:19+00:00 |
| rhsa-2025:21740 | Red Hat Security Advisory: bind security update | 2025-11-19T06:27:53+00:00 | 2025-11-27T03:24:35+00:00 |
| rhsa-2025:21741 | Red Hat Security Advisory: bind security update | 2025-11-19T06:20:03+00:00 | 2025-11-27T03:24:33+00:00 |
| rhsa-2025:21736 | Red Hat Security Advisory: bind security update | 2025-11-19T05:30:03+00:00 | 2025-11-27T03:24:35+00:00 |
| rhsa-2025:21735 | Red Hat Security Advisory: bind security update | 2025-11-19T04:04:48+00:00 | 2025-11-27T03:24:28+00:00 |
| rhsa-2025:21706 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2025-11-18T17:47:02+00:00 | 2025-11-25T17:53:04+00:00 |
| rhsa-2025:21702 | Red Hat Security Advisory: podman security update | 2025-11-18T15:34:16+00:00 | 2025-11-27T17:37:55+00:00 |
| rhsa-2025:21704 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update | 2025-11-18T15:13:35+00:00 | 2025-11-29T06:53:24+00:00 |
| rhsa-2025:21696 | Red Hat Security Advisory: pcs security update | 2025-11-18T14:42:26+00:00 | 2025-11-21T19:31:51+00:00 |
| rhsa-2025:21694 | Red Hat Security Advisory: haproxy security update | 2025-11-18T14:01:06+00:00 | 2025-11-21T19:31:50+00:00 |
| rhsa-2025:21693 | Red Hat Security Advisory: haproxy security update | 2025-11-18T13:56:41+00:00 | 2025-11-21T19:31:50+00:00 |
| rhsa-2025:21692 | Red Hat Security Advisory: haproxy security update | 2025-11-18T13:44:31+00:00 | 2025-11-21T19:31:49+00:00 |
| rhsa-2025:21691 | Red Hat Security Advisory: haproxy security update | 2025-11-18T13:44:12+00:00 | 2025-11-21T19:31:49+00:00 |
| rhsa-2025:21666 | Red Hat Security Advisory: libsoup security update | 2025-11-18T09:11:35+00:00 | 2025-11-25T10:22:54+00:00 |
| rhsa-2025:21665 | Red Hat Security Advisory: libsoup security update | 2025-11-18T09:07:43+00:00 | 2025-11-25T10:22:45+00:00 |
| rhsa-2025:21667 | Red Hat Security Advisory: kernel security update | 2025-11-18T09:02:45+00:00 | 2025-11-25T21:27:09+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-68371 | scsi: smartpqi: Fix device resources accessed after device removal | 2025-12-02T00:00:00.000Z | 2025-12-25T01:02:46.000Z |
| msrc_cve-2025-68367 | macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse | 2025-12-02T00:00:00.000Z | 2025-12-25T01:04:26.000Z |
| msrc_cve-2025-68366 | nbd: defer config unlock in nbd_genl_connect | 2025-12-02T00:00:00.000Z | 2025-12-25T01:03:34.000Z |
| msrc_cve-2025-68365 | fs/ntfs3: Initialize allocated memory before use | 2025-12-02T00:00:00.000Z | 2025-12-25T01:04:31.000Z |
| msrc_cve-2025-68364 | ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent() | 2025-12-02T00:00:00.000Z | 2025-12-25T01:05:24.000Z |
| msrc_cve-2025-68363 | bpf: Check skb->transport_header is set in bpf_skb_check_mtu | 2025-12-02T00:00:00.000Z | 2025-12-25T01:05:08.000Z |
| msrc_cve-2025-68362 | wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() | 2025-12-02T00:00:00.000Z | 2025-12-25T01:03:02.000Z |
| msrc_cve-2025-68358 | btrfs: fix racy bitfield write in btrfs_clear_space_info_full() | 2025-12-02T00:00:00.000Z | 2025-12-25T01:04:52.000Z |
| msrc_cve-2025-68357 | iomap: allocate s_dio_done_wq for async reads as well | 2025-12-02T00:00:00.000Z | 2025-12-25T01:03:28.000Z |
| msrc_cve-2025-68356 | gfs2: Prevent recursive memory reclaim | 2025-12-02T00:00:00.000Z | 2025-12-25T01:04:16.000Z |
| msrc_cve-2025-68354 | regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex | 2025-12-02T00:00:00.000Z | 2025-12-25T01:02:57.000Z |
| msrc_cve-2025-68349 | NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid | 2025-12-02T00:00:00.000Z | 2025-12-25T01:02:51.000Z |
| msrc_cve-2025-68347 | ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events | 2025-12-02T00:00:00.000Z | 2025-12-25T01:04:00.000Z |
| msrc_cve-2025-68346 | ALSA: dice: fix buffer overflow in detect_stream_formats() | 2025-12-02T00:00:00.000Z | 2025-12-25T01:05:19.000Z |
| msrc_cve-2025-68345 | ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() | 2025-12-02T00:00:00.000Z | 2025-12-25T01:03:07.000Z |
| msrc_cve-2025-68344 | ALSA: wavefront: Fix integer overflow in sample size validation | 2025-12-02T00:00:00.000Z | 2025-12-25T01:04:05.000Z |
| msrc_cve-2025-68343 | can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:56.000Z |
| msrc_cve-2025-68342 | can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:45.000Z |
| msrc_cve-2025-68340 | team: Move team device type change at the end of team_port_add | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:51.000Z |
| msrc_cve-2025-68339 | atm/fore200e: Fix possible data race in fore200e_open() | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:29.000Z |
| msrc_cve-2025-68338 | net: dsa: microchip: Don't free uninitialized ksz_irq | 2025-12-02T00:00:00.000Z | 2025-12-24T01:04:35.000Z |
| msrc_cve-2025-68337 | jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:30.000Z |
| msrc_cve-2025-68336 | locking/spinlock/debug: Fix data-race in do_raw_write_lock | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:57.000Z |
| msrc_cve-2025-68335 | comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:41.000Z |
| msrc_cve-2025-68334 | platform/x86/amd/pmc: Add support for Van Gogh SoC | 2025-12-02T00:00:00.000Z | 2025-12-24T01:02:13.000Z |
| msrc_cve-2025-68333 | sched_ext: Fix possible deadlock in the deferred_irq_workfn() | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:51.000Z |
| msrc_cve-2025-68332 | comedi: c6xdigio: Fix invalid PNP driver unregistration | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:35.000Z |
| msrc_cve-2025-68331 | usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer | 2025-12-02T00:00:00.000Z | 2025-12-24T01:01:24.000Z |
| msrc_cve-2025-68330 | iio: accel: bmc150: Fix irq assumption regression | 2025-12-02T00:00:00.000Z | 2025-12-24T01:02:02.000Z |
| msrc_cve-2025-68328 | firmware: stratix10-svc: fix bug in saving controller data | 2025-12-02T00:00:00.000Z | 2025-12-24T01:02:08.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsma-25-294-01 | Oxford Nanopore Technologies MinKNOW | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-06 | Raisecomm RAX701-GC Series | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-05 | CloudEdge Online Cameras and App | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-02 | Rockwell Automation Compact GuardLogix 5370 | 2025-10-21T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-294-01 | Rockwell Automation 1783-NATR | 2025-10-21T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-04 | Rockwell Automation ArmorStart AOP | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-289-03 | Rockwell Automation FactoryTalk ViewPoint | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-289-02 | Rockwell Automation FactoryTalk Linx | 2025-10-16T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-01 | Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7 | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-301-01 | Schneider Electric EcoStruxure | 2025-10-14T07:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-289-10 | Siemens HyperLynx and Industrial Edge App Publisher | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-09 | Siemens TeleControl Server Basic | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-08 | Siemens SINEC NMS | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-07 | Siemens SIMATIC ET 200SP Communication Processors | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-06 | Siemens SiPass | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-05 | Siemens Solid Edge | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-280-01 | Delta Electronics DIAScreen | 2025-10-07T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-11 | Hitachi Energy MACH GWS | 2025-09-30T12:50:29.000000Z | 2025-09-30T12:50:29.000000Z |
| icsa-25-282-01 | Hitachi Energy Asset Suite (Update A) | 2025-09-30T08:50:13.000000Z | 2025-10-28T09:50:00.000000Z |
| icsa-25-273-04 | Festo Controller CECC-S,-LK,-D Family Firmware (Update A) | 2025-09-30T06:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-259-01 | Schneider Electric Altivar products ATVdPAC module ILC992 InterLink Converter (Update A) | 2025-09-09T04:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-254-07 | Siemens User Management Component (UMC) | 2025-09-09T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-224-02 | Johnson Controls iSTAR Ultra, iSTAR Ultra SE, iSTAR Ultra G2, iSTAR Ultra G2 SE, iSTAR Edge G2 (Update A) | 2025-08-12T06:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-224-03 | Schneider Electric EcoStruxure Power Monitoring Expert | 2025-08-12T04:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-226-22 | Siemens Web Installer (SSA-282044) | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-18 | Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER | 2025-08-12T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-226-11 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-09 | Siemens RUGGEDCOM APE1808 | 2025-08-12T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-226-03 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-219-02 | Johnson Controls FX Server, FX80 and FX90 (Update A) | 2025-08-07T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2025-06-24T14:50+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| jvndb-2025-000038 | UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints | 2025-06-12T15:56+09:00 | 2025-06-12T15:56+09:00 |
| jvndb-2025-000037 | Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery | 2025-06-06T13:56+09:00 | 2025-06-06T13:56+09:00 |
| jvndb-2025-000036 | TimeWorks vulnerable to path traversal | 2025-06-03T15:35+09:00 | 2025-06-03T15:35+09:00 |
| jvndb-2025-000035 | Improper file access permission settings in PC Time Tracer | 2025-06-03T14:40+09:00 | 2025-06-03T14:40+09:00 |
| ID | Description | Updated |
|---|