Recent vulnerabilities

ID	Description	Published	Updated
ghsa-2h6j-3v9m-2v47	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Accept Donation…	2025-12-24T15:30:43Z	2025-12-24T21:30:30Z
ghsa-24q7-r72h-hcm2	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPXPO P…	2025-12-24T15:30:43Z	2025-12-24T21:30:30Z
ghsa-xv67-vhc4-3v47	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-xj42-657g-8r4w	Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured …	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-xf2c-7wv8-r3w2	Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectl…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-xccw-jx23-7862	Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Config…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-x3pg-6rrq-fcp9	Missing Authorization vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget …	2025-12-24T15:30:43Z	2025-12-24T21:30:29Z
ghsa-wvpq-qg53-mq6p	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-vw6w-8q8m-r52p	Missing Authorization vulnerability in Ben Balter WP Document Revisions wp-document-revisions allow…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-vpgr-c763-cmc3	Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploitin…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-vcxj-x7c6-w8mp	Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-v4vp-c74m-hxxm	Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exp…	2025-12-24T15:30:43Z	2025-12-24T21:30:29Z
ghsa-qhxw-mm7j-c9vj	Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-qhrp-fccp-2wcx	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-24T15:30:41Z	2025-12-24T21:30:29Z
ghsa-m9jp-fv72-2g3f	Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Inco…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-m682-f862-mm9w	Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-m4r2-2782-33hv	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-jwf4-j6c4-r563	Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management Fast User Switching fast-user-…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-j46w-p27m-x396	Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro my-auctions-allegro-…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-gc5r-vcqv-p3f2	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdi…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-ch8g-wmch-h352	Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-9f98-g8wg-4pcm	Missing Authorization vulnerability in Virusdie Virusdie virusdie allows Exploiting Incorrectly Con…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-95q9-4qh9-hr86	Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-all-in-one-seo-pack allows Exp…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-887g-3m9f-p55c	Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-82m7-4386-5w76	Missing Authorization vulnerability in Liton Arefin WP Adminify adminify allows Exploiting Incorrec…	2025-12-24T15:30:43Z	2025-12-24T21:30:29Z
ghsa-7pxg-x55c-fqhx	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-7jg2-vv9f-v97j	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-6r9j-fpr7-g9xg	Cross-Site Request Forgery (CSRF) vulnerability in Constantin Boiangiu Vimeotheque codeflavors-vime…	2025-12-24T15:30:42Z	2025-12-24T21:30:29Z
ghsa-6mmw-6jqx-8w6x	Missing Authorization vulnerability in Liton Arefin WP Adminify adminify allows Exploiting Incorrec…	2025-12-24T15:30:43Z	2025-12-24T21:30:29Z
ghsa-4m75-r4ww-r99j	Missing Authorization vulnerability in Assaf Parag Poll, Survey & Quiz Maker Plugin by Opinion Stag…	2025-12-24T15:30:43Z	2025-12-24T21:30:29Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-68508	N/A	WordPress Brave plugin <= 0.8.3 - Broken Access Contro…	Brave	Brave	2025-12-24T12:31:20.967Z	2025-12-24T19:35:06.869Z
cve-2025-68509	N/A	WordPress User Submitted Posts plugin <= 20251121 - Op…	Jeff Starr	User Submitted Posts	2025-12-24T12:31:21.266Z	2025-12-24T19:34:59.356Z
cve-2025-68511	N/A	WordPress Gutenverse Form plugin <= 2.3.1 - Broken Acc…	Jegstudio	Gutenverse Form	2025-12-24T12:31:21.523Z	2025-12-24T19:34:53.452Z
cve-2025-68512	N/A	WordPress Real 3D FlipBook plugin <= 4.11.4 - Cross Si…	creativeinteractivemedia	Real 3D FlipBook	2025-12-24T12:31:21.792Z	2025-12-24T19:34:47.922Z
cve-2025-68513	N/A	WordPress Bold Timeline Lite plugin <= 1.2.7 - Cross S…	boldthemes	Bold Timeline Lite	2025-12-24T12:31:22.085Z	2025-12-24T19:34:41.584Z
cve-2025-68516	N/A	WordPress Tablesome plugin <= 1.1.35.1 - Sensitive Dat…	Essekia	Tablesome	2025-12-24T12:31:22.368Z	2025-12-24T19:34:35.531Z
cve-2025-68517	N/A	WordPress Tablesome plugin <= 1.1.35.1 - Broken Access…	Essekia	Tablesome	2025-12-24T12:31:22.624Z	2025-12-24T19:34:29.179Z
cve-2025-68519	N/A	WordPress Brands for WooCommerce plugin <= 3.8.6.3 - S…	BeRocket	Brands for WooCommerce	2025-12-24T12:31:22.910Z	2025-12-24T19:34:23.198Z
cve-2025-68521	N/A	WordPress WpStream plugin <= 4.9.5 - Broken Access Con…	wpstream	WpStream	2025-12-24T12:31:23.159Z	2025-12-24T19:34:17.589Z
cve-2025-68522	N/A	WordPress WpStream plugin <= 4.9.5 - Broken Access Con…	wpstream	WpStream	2025-12-24T12:31:23.576Z	2025-12-24T19:34:11.231Z
cve-2025-68523	N/A	WordPress Spiffy Calendar plugin <= 5.0.7 - Broken Acc…	Spiffy Plugins	Spiffy Calendar	2025-12-24T12:31:24.167Z	2025-12-24T19:34:04.466Z
cve-2025-68525	N/A	WordPress Category Icon plugin <= 1.0.2 - Cross Site S…	pixelgrade	Category Icon	2025-12-24T12:31:24.777Z	2025-12-24T19:33:57.712Z
cve-2025-68527	N/A	WordPress Academy LMS plugin <= 3.4.0 - Cross Site Scr…	Kodezen LLC	Academy LMS	2025-12-24T12:31:25.030Z	2025-12-24T19:33:51.387Z
cve-2025-68528	N/A	WordPress Free Shipping Bar: Amount Left for Free Ship…	WPFactory	Free Shipping Bar: Amount Left for Free Shipping for WooCommerce	2025-12-24T12:31:25.572Z	2025-12-24T19:33:45.822Z
cve-2025-68529	N/A	WordPress WP Email Capture plugin <= 3.12.5 - Cross Si…	Rhys Wynne	WP Email Capture	2025-12-24T12:31:25.832Z	2025-12-24T19:33:39.814Z
cve-2025-68530	N/A	WordPress Bookory theme <= 2.2.7 - Local File Inclusio…	pavothemes	Bookory	2025-12-24T12:31:26.200Z	2025-12-24T19:33:33.446Z
cve-2025-68532	N/A	WordPress ModelTheme Addons for WPBakery and Elementor…	modeltheme	ModelTheme Addons for WPBakery and Elementor	2025-12-24T12:31:26.464Z	2025-12-24T19:33:27.734Z
cve-2025-68533	N/A	WordPress WC Builder plugin <= 1.2.0 - Cross Site Scri…	HasThemes	WC Builder	2025-12-24T12:31:26.717Z	2025-12-24T19:33:21.875Z
cve-2025-68535	N/A	WordPress Sunshine Photo Cart plugin <= 3.5.7.1 - Brok…	sunshinephotocart	Sunshine Photo Cart	2025-12-24T12:31:27.019Z	2025-12-24T19:33:16.139Z
cve-2025-68537	N/A	WordPress Zota theme <= 1.3.14 - Local File Inclusion …	thembay	Zota	2025-12-24T12:31:27.277Z	2025-12-24T19:33:09.770Z
cve-2025-68540	N/A	WordPress Fana theme <= 1.1.35 - Local File Inclusion …	thembay	Fana	2025-12-24T12:31:27.748Z	2025-12-24T19:33:03.430Z
cve-2025-68563	N/A	WordPress Subscribe to Unlock Lite plugin <= 1.3.0 - L…	WP Shuffle	Subscribe to Unlock Lite	2025-12-24T12:31:30.996Z	2025-12-24T19:32:56.561Z
cve-2025-68608	N/A	WordPress Userpro plugin <= 5.1.9 - Broken Access Cont…	DeluxeThemes	Userpro	2025-12-24T12:31:31.259Z	2025-12-24T19:32:50.765Z
cve-2023-28619	4.3 (v3.1)	WordPress Resoto theme <= 1.0.8 - Broken Access Contro…	bnayawpguy	Resoto	2025-12-24T12:43:50.413Z	2025-12-24T19:32:45.265Z
cve-2023-32120	5.9 (v3.1)	WordPress Hostel plugin <= 1.1.5.1 - Cross Site Script…	Bob	Hostel	2025-12-24T12:45:48.073Z	2025-12-24T19:32:39.074Z
cve-2023-36525	8.6 (v3.1)	WordPress WPJobBoard plugin <= 5.9.0 - Unauth. Blind S…	WPJobBoard	WPJobBoard	2025-12-24T12:49:35.813Z	2025-12-24T19:32:33.083Z
cve-2023-40679	6.5 (v3.1)	WordPress Master Elementor Addons plugin <= 2.0.5.3 - …	Jewel Theme	Master Addons for Elementor	2025-12-24T12:51:55.976Z	2025-12-24T19:32:27.404Z
cve-2025-67621	N/A	WordPress Eight Day Week Print Workflow plugin <= 1.2.…	10up	Eight Day Week Print Workflow	2025-12-24T13:10:20.740Z	2025-12-24T19:32:21.672Z
cve-2025-67622	N/A	WordPress Evergreen Post Tweeter plugin <= 1.8.9 - Cro…	titopandub	Evergreen Post Tweeter	2025-12-24T13:10:21.161Z	2025-12-24T19:32:16.023Z
cve-2025-67623	N/A	WordPress 6Storage Rentals plugin <= 2.19.9 - Server S…	6Storage	6Storage Rentals	2025-12-24T13:10:22.188Z	2025-12-24T19:32:10.048Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-68591	N/A	WordPress Simple File List plugin <= 6.1.15 - Broken A…	Mitchell Bennis	Simple File List	2025-12-24T13:10:43.716Z	2025-12-24T19:28:25.578Z
cve-2025-68590	N/A	WordPress Integration for Contact Form 7 HubSpot plugi…	CRM Perks	Integration for Contact Form 7 HubSpot	2025-12-24T13:10:43.422Z	2025-12-24T19:28:30.139Z
cve-2025-68589	N/A	WordPress WP Telegram Widget and Join Link plugin <= 2…	WP Socio	WP Telegram Widget and Join Link	2025-12-24T13:10:43.150Z	2025-12-24T19:28:35.116Z
cve-2025-68588	N/A	WordPress TS Poll plugin <= 2.5.3 - Broken Access Cont…	totalsoft	TS Poll	2025-12-24T13:10:42.857Z	2025-12-24T19:28:40.371Z
cve-2025-68587	N/A	WordPress Watu Quiz plugin <= 3.4.5 - Broken Access Co…	Bob	Watu Quiz	2025-12-24T13:10:42.440Z	2025-12-24T19:28:45.997Z
cve-2025-68586	N/A	WordPress Cooked plugin <= 1.11.2 - Broken Access Cont…	Gora Tech	Cooked	2025-12-24T13:10:42.037Z	2025-12-24T19:28:51.677Z
cve-2025-68585	N/A	WordPress WP Document Revisions plugin <= 3.7.2 - Brok…	Ben Balter	WP Document Revisions	2025-12-24T13:10:41.715Z	2025-12-24T19:28:57.679Z
cve-2025-68584	N/A	WordPress Vimeotheque plugin <= 2.3.5.2 - Cross Site R…	Constantin Boiangiu	Vimeotheque	2025-12-24T13:10:41.424Z	2025-12-24T19:29:04.076Z
cve-2025-68583	N/A	WordPress Fast User Switching plugin <= 1.4.10 - Cross…	Tikweb Management	Fast User Switching	2025-12-24T13:10:41.121Z	2025-12-24T19:29:09.323Z
cve-2025-68582	N/A	WordPress Funnelforms Free plugin <= 3.8 - Broken Acce…	Funnelforms	Funnelforms Free	2025-12-24T13:10:40.817Z	2025-12-24T19:29:14.885Z
cve-2025-68581	N/A	WordPress YITH Slider for page builders plugin <= 1.0.…	YITHEMES	YITH Slider for page builders	2025-12-24T13:10:40.513Z	2025-12-24T19:29:20.723Z
cve-2025-68580	N/A	WordPress Advanced Classifieds & Directory Pro plugin …	pluginsware	Advanced Classifieds & Directory Pro	2025-12-24T13:10:40.193Z	2025-12-24T19:29:27.270Z
cve-2025-68579	N/A	WordPress FV Simpler SEO plugin <= 1.9.6 - Broken Acce…	FolioVision	FV Simpler SEO	2025-12-24T13:10:39.669Z	2025-12-24T19:29:33.249Z
cve-2025-68578	N/A	WordPress Addonify plugin <= 2.0.4 - Broken Access Con…	Addonify	Addonify	2025-12-24T13:10:39.343Z	2025-12-24T19:29:38.853Z
cve-2025-68577	N/A	WordPress Virusdie plugin <= 1.1.6 - Broken Access Con…	Virusdie	Virusdie	2025-12-24T13:10:38.980Z	2025-12-24T19:29:44.994Z
cve-2025-68576	N/A	WordPress Virusdie plugin <= 1.1.6 - Sensitive Data Ex…	Virusdie	Virusdie	2025-12-24T13:10:38.690Z	2025-12-24T19:29:50.810Z
cve-2025-68575	N/A	WordPress Wappointment plugin <=2.7.2 - Broken Access …	Wappointment team	Wappointment	2025-12-24T13:10:38.366Z	2025-12-24T19:29:56.848Z
cve-2025-68574	N/A	WordPress WPBakery Visual Composer WHMCS Elements plug…	voidcoders	WPBakery Visual Composer WHMCS Elements	2025-12-24T13:10:38.100Z	2025-12-24T19:30:04.744Z
cve-2025-68573	N/A	WordPress Simple Keyword to Link plugin <= 1.5 - Cross…	Alessandro Piconi	Simple Keyword to Link	2025-12-24T13:10:37.793Z	2025-12-24T19:30:12.847Z
cve-2025-68572	N/A	WordPress BBP Core plugin <= 1.4.1 - Broken Access Con…	Spider Themes	BBP Core	2025-12-24T13:10:37.515Z	2025-12-24T19:30:18.794Z
cve-2025-68571	N/A	WordPress SALESmanago plugin <= 3.9.0 - Broken Access …	SALESmanago	SALESmanago	2025-12-24T13:10:37.254Z	2025-12-24T19:30:24.422Z
cve-2025-68570	N/A	WordPress Captivate Sync plugin <= 3.2.2 - SQL Injecti…	captivateaudio	Captivate Sync	2025-12-24T13:10:36.970Z	2025-12-24T19:30:29.515Z
cve-2025-68569	N/A	WordPress WP Time Slots Booking Form plugin <= 1.2.38 …	codepeople	WP Time Slots Booking Form	2025-12-24T13:10:36.669Z	2025-12-24T19:30:34.949Z
cve-2025-68568	N/A	WordPress Popup Builder: Exit-Intent pop-up, Spin the …	integrationclaspo	Popup Builder: Exit-Intent pop-up, Spin the Wheel, Newsletter signup, Email Capture & Lead Generation forms maker	2025-12-24T13:10:36.357Z	2025-12-24T19:30:40.727Z
cve-2025-68567	N/A	WordPress My auctions allegro plugin <= 3.6.32 - Cross…	wphocus	My auctions allegro	2025-12-24T13:10:36.094Z	2025-12-24T19:30:46.741Z
cve-2025-68566	N/A	WordPress My auctions allegro plugin <= 3.6.32 - Cross…	wphocus	My auctions allegro	2025-12-24T13:10:35.820Z	2025-12-24T19:30:51.874Z
cve-2025-68565	N/A	WordPress Twitch Player plugin <= 2.1.3 - Broken Acces…	JayBee	Twitch Player	2025-12-24T13:10:35.534Z	2025-12-24T19:30:57.378Z
cve-2025-68563	N/A	WordPress Subscribe to Unlock Lite plugin <= 1.3.0 - L…	WP Shuffle	Subscribe to Unlock Lite	2025-12-24T12:31:30.996Z	2025-12-24T19:32:56.561Z
cve-2025-68540	N/A	WordPress Fana theme <= 1.1.35 - Local File Inclusion …	thembay	Fana	2025-12-24T12:31:27.748Z	2025-12-24T19:33:03.430Z
cve-2025-68537	N/A	WordPress Zota theme <= 1.3.14 - Local File Inclusion …	thembay	Zota	2025-12-24T12:31:27.277Z	2025-12-24T19:33:09.770Z

ID	Description	Published	Updated
fkie_cve-2025-68591	Missing Authorization vulnerability in Mitchell Bennis Simple File List simple-file-list allows Exp…	2025-12-24T13:16:26.457	2025-12-24T20:16:05.813
fkie_cve-2025-68590	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-24T13:16:26.337	2025-12-24T20:16:05.660
fkie_cve-2025-68589	Missing Authorization vulnerability in WP Socio WP Telegram Widget and Join Link wptelegram-widget …	2025-12-24T13:16:26.220	2025-12-24T20:16:05.517
fkie_cve-2025-68588	Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Conf…	2025-12-24T13:16:26.100	2025-12-24T20:16:05.360
fkie_cve-2025-68587	Missing Authorization vulnerability in Bob Watu Quiz watu allows Exploiting Incorrectly Configured …	2025-12-24T13:16:25.980	2025-12-24T20:16:05.213
fkie_cve-2025-68586	Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Config…	2025-12-24T13:16:25.860	2025-12-24T20:16:05.053
fkie_cve-2025-68585	Missing Authorization vulnerability in Ben Balter WP Document Revisions wp-document-revisions allow…	2025-12-24T13:16:25.740	2025-12-24T20:16:04.903
fkie_cve-2025-68584	Cross-Site Request Forgery (CSRF) vulnerability in Constantin Boiangiu Vimeotheque codeflavors-vime…	2025-12-24T13:16:25.620	2025-12-24T20:16:04.750
fkie_cve-2025-68583	Cross-Site Request Forgery (CSRF) vulnerability in Tikweb Management Fast User Switching fast-user-…	2025-12-24T13:16:25.507	2025-12-24T20:16:04.607
fkie_cve-2025-68582	Missing Authorization vulnerability in Funnelforms Funnelforms Free funnelforms-free allows Exploit…	2025-12-24T13:16:25.387	2025-12-24T20:16:04.460
fkie_cve-2025-68581	Missing Authorization vulnerability in YITHEMES YITH Slider for page builders yith-slider-for-page-…	2025-12-24T13:16:25.267	2025-12-24T20:16:04.307
fkie_cve-2025-68580	Cross-Site Request Forgery (CSRF) vulnerability in pluginsware Advanced Classifieds & Directory Pro…	2025-12-24T13:16:25.140	2025-12-24T20:16:04.160
fkie_cve-2025-68579	Missing Authorization vulnerability in FolioVision FV Simpler SEO fv-all-in-one-seo-pack allows Exp…	2025-12-24T13:16:25.020	2025-12-24T20:16:04.000
fkie_cve-2025-68578	Missing Authorization vulnerability in Addonify Addonify addonify-quick-view allows Exploiting Inco…	2025-12-24T13:16:24.893	2025-12-24T20:16:03.847
fkie_cve-2025-68577	Missing Authorization vulnerability in Virusdie Virusdie virusdie allows Exploiting Incorrectly Con…	2025-12-24T13:16:24.777	2025-12-24T20:16:03.693
fkie_cve-2025-68576	Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Virusdi…	2025-12-24T13:16:24.660	2025-12-24T20:16:03.540
fkie_cve-2025-68575	Missing Authorization vulnerability in Wappointment team Wappointment wappointment allows Exploitin…	2025-12-24T13:16:24.540	2025-12-24T20:16:03.363
fkie_cve-2025-68574	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-24T13:16:24.423	2025-12-24T20:16:03.213
fkie_cve-2025-68573	Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi Simple Keyword to Link simple-…	2025-12-24T13:16:24.300	2025-12-24T20:16:03.050
fkie_cve-2025-68572	Missing Authorization vulnerability in Spider Themes BBP Core bbp-core allows Exploiting Incorrectl…	2025-12-24T13:16:24.183	2025-12-24T20:16:02.893
fkie_cve-2025-68571	Missing Authorization vulnerability in SALESmanago SALESmanago salesmanago allows Exploiting Incorr…	2025-12-24T13:16:24.070	2025-12-24T20:16:02.740
fkie_cve-2025-68570	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability …	2025-12-24T13:16:23.953	2025-12-24T20:16:02.580
fkie_cve-2025-68569	Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-…	2025-12-24T13:16:23.833	2025-12-24T20:16:02.430
fkie_cve-2025-68568	Missing Authorization vulnerability in integrationclaspo Popup Builder: Exit-Intent pop-up, Spin th…	2025-12-24T13:16:23.710	2025-12-24T20:16:02.277
fkie_cve-2025-68567	Cross-Site Request Forgery (CSRF) vulnerability in wphocus My auctions allegro my-auctions-allegro-…	2025-12-24T13:16:23.593	2025-12-24T20:16:02.117
fkie_cve-2025-68566	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-24T13:16:23.470	2025-12-24T20:16:01.963
fkie_cve-2025-68565	Missing Authorization vulnerability in JayBee Twitch Player ttv-easy-embed-player allows Exploiting…	2025-12-24T13:16:23.340	2025-12-24T20:16:01.817
fkie_cve-2025-68563	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-24T13:16:23.223	2025-12-24T20:16:01.657
fkie_cve-2025-68540	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-24T13:16:23.093	2025-12-24T20:16:01.497
fkie_cve-2025-68537	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-24T13:16:22.970	2025-12-24T20:16:01.340

ID	Description	Package	Published	Updated
pysec-2022-43177	Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40…	azure-cli	2022-10-25T17:15:56+00:00	2025-04-09T17:27:24.642962+00:00
pysec-2024-244	A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a by…	mlflow	2024-05-16T09:15:14+00:00	2025-04-08T10:23:25.092581+00:00
pysec-2024-243	mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs…	mlflow	2024-04-16T00:15:12+00:00	2025-04-08T10:23:25.044416+00:00
pysec-2024-242	A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically …	mlflow	2024-06-06T19:15:55+00:00	2025-04-08T10:23:24.995743+00:00
pysec-2024-241	Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untru…	mlflow	2024-02-23T22:15:55+00:00	2025-04-08T10:23:24.946136+00:00
pysec-2024-240	Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This …	mlflow	2024-02-23T22:15:55+00:00	2025-04-08T10:23:24.900947+00:00
pysec-2024-239	A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im…	mlflow	2024-06-06T19:15:51+00:00	2025-04-08T10:23:24.852109+00:00
pysec-2025-12	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St…	codechecker	2025-01-21T15:15:13+00:00	2025-04-08T10:23:23.899726+00:00
pysec-2024-238	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St…	codechecker	2024-11-06T15:15:11+00:00	2025-04-08T10:23:23.857960+00:00
pysec-2025-11	A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi…	llama-index	2025-03-20T10:15:31+00:00	2025-04-01T23:22:47.294256+00:00
pysec-2025-10	A vulnerability in the `download_model` function of the onnx/onnx framework, before and i…	onnx	2025-03-20T10:15:37+00:00	2025-03-26T19:21:38.843396+00:00
pysec-2025-9	A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through…	invokeai	2025-03-20T10:15:26+00:00	2025-03-20T11:21:37.872971+00:00
pysec-2025-8	The `pygments-style-solarized` project was removed from PyPI by its owner on 2021-08-26. …	pygments-style-solarized		2025-03-17T16:35:37+00:00
pysec-2024-237	OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio…	octoprint	2024-05-14T16:17:12+00:00	2025-03-05T17:22:29.121263+00:00
pysec-2024-236	Jupyter Server Proxy allows users to run arbitrary external processes alongside their not…	jupyter-server-proxy	2024-06-11T22:15:09+00:00	2025-02-26T23:22:41.524251+00:00
pysec-2025-7	Published in 2021, the imblog package is a Python library that scrapes data from a blog p…	imblog		2025-02-26T21:19:19+00:00
pysec-2025-6	Published in 2021, the colabrun package is a Python library that exfiltrates user cookies…	colabrun		2025-02-26T20:59:48+00:00
pysec-2025-5	Published in 2020, the autodzee package is a Python library that bypasses Deezer API rest…	browsercmdhbt2		2025-02-26T20:57:11+00:00
pysec-2025-3	Published in 2019, the autodzee package is a Python library that bypasses Deezer API rest…	autodzee		2025-02-26T20:54:20+00:00
pysec-2025-4	Published in 2019, the automslc package is a Python library that bypasses Deezer API rest…	automslc		2025-02-26T19:26:49+00:00
pysec-2024-235	With the following crawler configuration: ```python from bs4 import BeautifulSoup as Sou…	langchain-exa	2024-02-26T16:27:49+00:00	2025-02-26T02:48:56.937312+00:00
pysec-2023-194	langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe…	langchain-experimental	2023-10-09T20:15:00Z	2025-02-23T07:46:11Z
pysec-2024-234	Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jup…	jupyter-server-proxy	2024-03-20T20:15:08+00:00	2025-02-21T18:23:35.992501+00:00
pysec-2023-163	An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary…	numexpr	2023-09-01T16:15:00Z	2025-02-20T09:11:38.521949Z
pysec-2024-233	python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump…	python-jose	2024-04-26T00:15:09+00:00	2025-02-18T19:20:15.511369+00:00
pysec-2024-232	python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f…	python-jose	2024-04-26T00:15:09+00:00	2025-02-18T19:20:15.468012+00:00
pysec-2024-231	LightGBM Remote Code Execution Vulnerability	lightgbm	2024-11-12T18:15:28+00:00	2025-02-15T07:20:34.246161+00:00
pysec-2024-230	Certifi is a curated collection of Root Certificates for validating the trustworthiness o…	certifi	2024-07-05T19:15:10+00:00	2025-02-12T21:21:51.559667+00:00
pysec-2024-229	Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execut…	transformers	2024-11-22T22:15:07+00:00	2025-02-10T23:22:41.499413+00:00
pysec-2024-228	Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code …	transformers	2024-11-22T22:15:07+00:00	2025-02-10T23:22:41.449105+00:00

ID	Description	Updated
gsd-2024-33822	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.561810Z
gsd-2024-33773	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.560326Z
gsd-2024-33769	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.558897Z
gsd-2024-33794	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.557396Z
gsd-2024-33818	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.556720Z
gsd-2024-33793	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.552273Z
gsd-2024-33833	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.551960Z
gsd-2024-33835	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.550838Z
gsd-2024-33744	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.543395Z
gsd-2024-33789	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.534336Z
gsd-2024-33760	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.533361Z
gsd-2024-33702	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.530768Z
gsd-2024-33797	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.530297Z
gsd-2024-33684	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.529859Z
gsd-2024-33827	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.528643Z
gsd-2024-33810	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.527741Z
gsd-2024-33729	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.527542Z
gsd-2024-33807	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.526483Z
gsd-2024-33688	Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affect…	2024-04-27T05:02:18.524420Z
gsd-2024-33685	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.523707Z
gsd-2024-33713	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.522989Z
gsd-2024-33768	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.521409Z
gsd-2024-33720	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.519711Z
gsd-2024-33809	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.516352Z
gsd-2024-33727	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.514916Z
gsd-2024-33770	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.514460Z
gsd-2024-33732	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.513959Z
gsd-2024-33829	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.511177Z
gsd-2024-33714	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.510684Z
gsd-2024-33693	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-27T05:02:18.509326Z

ID	Description	Published	Updated
mal-2025-49368	Malicious code in react-tmedia (npm)	2025-11-05T23:18:22Z	2025-12-24T10:09:30Z
mal-2025-48551	Malicious code in react-medias (npm)	2025-10-22T02:05:10Z	2025-12-24T10:09:30Z
mal-2025-48536	Malicious code in reactify-utils (npm)	2025-10-21T06:21:28Z	2025-12-24T10:09:30Z
mal-2025-192639	Malicious code in smm-youtube (npm)	2025-12-19T08:41:06Z	2025-12-24T10:09:30Z
mal-2025-192595	Malicious code in smart-utils-alice (npm)	2025-12-16T07:05:11Z	2025-12-24T10:09:30Z
mal-2025-192583	Malicious code in swissid-common (npm)	2025-12-16T06:23:05Z	2025-12-24T10:09:30Z
mal-2025-192577	Malicious code in sd-skbms (npm)	2025-12-15T07:33:11Z	2025-12-24T10:09:30Z
mal-2025-192576	Malicious code in sd-security (npm)	2025-12-15T07:33:11Z	2025-12-24T10:09:30Z
mal-2025-192566	Malicious code in shopify-monorail (npm)	2025-12-12T06:31:00Z	2025-12-24T10:09:30Z
mal-2025-192565	Malicious code in sdbao-content-sems (npm)	2025-12-12T06:34:05Z	2025-12-24T10:09:30Z
mal-2025-192564	Malicious code in sdbao-content-report (npm)	2025-12-12T06:34:05Z	2025-12-24T10:09:30Z
mal-2025-192563	Malicious code in sd-pay-ts (npm)	2025-12-12T06:34:06Z	2025-12-24T10:09:30Z
mal-2025-192562	Malicious code in sd-pay (npm)	2025-12-12T06:34:06Z	2025-12-24T10:09:30Z
mal-2025-192417	Malicious code in rum-events-format (npm)	2025-12-10T01:57:45Z	2025-12-24T10:09:30Z
mal-2025-192401	Malicious code in serval-integrations-common-frontend (npm)	2025-12-10T01:43:51Z	2025-12-24T10:09:30Z
mal-2025-192315	Malicious code in seeds-random (npm)	2025-12-05T03:03:24Z	2025-12-24T10:09:30Z
mal-2025-191595	Malicious code in tailwindcss-forms (npm)	2025-12-01T13:26:48Z	2025-12-24T10:09:30Z
mal-2025-191594	Malicious code in tailwind-style-override (npm)	2025-12-01T13:26:47Z	2025-12-24T10:09:30Z
mal-2025-191593	Malicious code in tailwind-state (npm)	2025-12-01T13:26:43Z	2025-12-24T10:09:30Z
mal-2025-191588	Malicious code in stringify-coder (npm)	2025-12-01T13:26:20Z	2025-12-24T10:09:30Z
mal-2025-191586	Malicious code in session-validate (npm)	2025-12-01T13:25:08Z	2025-12-24T10:09:30Z
mal-2025-191582	Malicious code in react-mandes (npm)	2025-12-01T13:22:29Z	2025-12-24T10:09:30Z
mal-2025-191581	Malicious code in react-adparser (npm)	2025-12-01T13:22:08Z	2025-12-24T10:09:30Z
mal-2025-191503	Malicious code in start-internal (npm)	2025-12-01T16:00:47Z	2025-12-24T10:09:30Z
mal-2025-191428	Malicious code in solomon-v3-stories (npm)	2025-11-24T23:41:58Z	2025-12-24T10:09:30Z
mal-2025-191423	Malicious code in shelf-jwt-sessions (npm)	2025-11-25T00:16:49Z	2025-12-24T10:09:30Z
mal-2025-191422	Malicious code in selenium-session-client (npm)	2025-11-25T00:16:49Z	2025-12-24T10:09:30Z
mal-2025-191421	Malicious code in selenium-session (npm)	2025-11-25T00:16:49Z	2025-12-24T10:09:30Z
mal-2025-191403	Malicious code in prompt-eng-server (npm)	2025-11-25T00:16:49Z	2025-12-24T10:09:30Z
mal-2025-855	Malicious code in mongodb-chatbot-verified-answers (npm)	2025-02-03T16:56:51Z	2025-12-24T10:09:29Z

ID	Description	Published	Updated
wid-sec-w-2025-1334	Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service	2025-06-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1169	Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-05-29T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1144	GIMP: Mehrere Schwachstellen ermöglichen Codeausführung	2025-05-25T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1114	Linux Kernel: Mehrere Schwachstellen	2025-05-20T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0944	GIMP: Schwachstelle ermöglicht Codeausführung	2025-05-05T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0879	BusyBox: Mehrere Schwachstellen	2025-04-23T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0813	Oracle MySQL: Mehrere Schwachstellen	2025-04-15T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0562	expat: Schwachstelle ermöglicht Denial of Service	2025-03-13T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0545	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-11T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0524	Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung	2025-03-11T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0507	MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-09T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0233	Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-02-02T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3762	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-12-29T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3528	Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-11-21T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3376	Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-11-07T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3339	Linux Kernel: Mehrere Schwachstellen	2024-11-05T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3283	Linux-Kernel: Schwachstelle ermöglicht Codeausführung	2024-10-27T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3251	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-10-21T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-1504	Apache HTTP Server: Mehrere Schwachstellen	2024-07-01T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-0801	Apache HTTP Server: Mehrere Schwachstellen ermöglichen Manipulation von Daten	2024-04-04T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2023-2024	Node.js: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen	2023-08-09T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2022-1354	Red Hat Enterprise Linux: Mehrere Schwachstellen	2021-05-04T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2860	JetBrains TeamCity: Mehrere Schwachstellen	2025-12-16T23:00:00.000+00:00	2025-12-17T23:00:00.000+00:00
wid-sec-w-2025-2857	Apache Commons Text: Schwachstelle ermöglicht Codeausführung	2025-12-16T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2846	strongSwan (NetworkManager-Plugin): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-12-14T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2730	Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service	2025-12-02T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2729	WebKitGTK: Schwachstelle ermöglicht Offenlegung von Informationen	2025-12-02T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2666	vllm und PyTorch: Schwachstelle ermöglicht DoS und potenzielle Codeausführung	2025-11-23T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2651	GnuTLS: Schwachstelle ermöglicht nicht spezifizierten Angriff	2025-11-19T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00
wid-sec-w-2025-2643	Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service	2025-11-19T23:00:00.000+00:00	2025-12-16T23:00:00.000+00:00

ID	Description	Published	Updated
ssa-787941	SSA-787941: Denial of Service Vulnerability in RUGGEDCOM ROS devices	2022-11-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-770902	SSA-770902: Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices	2023-08-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-769791	SSA-769791: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-767615	SSA-767615: Information Disclosure Vulnerability in SIPROTEC 5 Devices	2025-02-11T00:00:00Z	2025-08-12T00:00:00Z
ssa-764417	SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-674084	SSA-674084: File Parsing Vulnerabilities in Simcenter Femap Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-665108	SSA-665108: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-613116	SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-529291	SSA-529291: Information Disclosure Vulnerabilities in SICAM Q100/Q200	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-517338	SSA-517338: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-493787	SSA-493787: Arbitrary Code Execution Vulnerability in SIMATIC RTLS Locating Manager Before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-460466	SSA-460466: Denial of Service Vulnerability in TIA Project-Server and TIA Portal	2025-07-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-446307	SSA-446307: Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A	2025-05-13T00:00:00Z	2025-08-12T00:00:00Z
ssa-400089	SSA-400089: Denial of Service Vulnerability in SIPROTEC 4 and SIPROTEC 4 Compact	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-398330	SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP >= V3.1.0 and < V3.1.5	2023-12-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-382999	SSA-382999: Multiple Vulnerabilities in Opcenter Quality Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-355557	SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-353002	SSA-353002: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family	2024-03-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-256353	SSA-256353: Third-Party Component Vulnerabilities in RUGGEDCOM ROS	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-177847	SSA-177847: Improper VNC Password Check Vulnerability in SINUMERIK Controllers	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-170375	SSA-170375: Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9	2024-07-09T00:00:00Z	2025-08-12T00:00:00Z
ssa-097435	SSA-097435: Usernames Disclosure Vulnerability in Mendix Runtime	2024-09-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-094954	SSA-094954: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-725549	SSA-725549: Denial of Service of ICMP in Industrial Devices	2025-04-08T00:00:00Z	2025-07-21T00:00:00Z
ssa-183963	SSA-183963: Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11	2025-07-08T00:00:00Z	2025-07-18T00:00:00Z
ssa-938066	SSA-938066: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-904646	SSA-904646: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-763427	SSA-763427: Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices	2015-11-27T00:00:00Z	2025-07-08T00:00:00Z
ssa-634640	SSA-634640: Weak Authentication Vulnerability in Siemens Industrial Edge Devices	2025-04-08T00:00:00Z	2025-07-08T00:00:00Z

ID	Description	Published	Updated
rhsa-2025:3813	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:56:45+00:00	2025-11-29T06:54:09+00:00
rhsa-2025:3811	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:32:08+00:00	2025-11-29T06:54:09+00:00
rhsa-2025:3775	Red Hat Security Advisory: OpenShift Container Platform 4.18.9 bug fix and security update	2025-04-16T06:12:24+00:00	2025-11-29T06:54:08+00:00
rhsa-2025:3763	Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.13.2 container image updates	2025-04-09T16:37:37+00:00	2025-11-29T06:54:07+00:00
rhsa-2025:3808	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:26:28+00:00	2025-11-29T06:54:04+00:00
rhsa-2025:3798	Red Hat Security Advisory: OpenShift Container Platform 4.17.25 bug fix and security update	2025-04-16T17:46:00+00:00	2025-11-29T06:54:04+00:00
rhsa-2025:3743	Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.5.1 release	2025-04-09T09:53:12+00:00	2025-11-29T06:54:02+00:00
rhsa-2025:3740	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release	2025-04-09T08:52:08+00:00	2025-11-29T06:54:02+00:00
rhsa-2025:3720	Red Hat Security Advisory: multicluster engine for Kubernetes 2.8.1 container image updates	2025-04-08T23:25:49+00:00	2025-11-29T06:54:01+00:00
rhsa-2025:3698	Red Hat Security Advisory: opentelemetry-collector security update	2025-04-08T15:23:59+00:00	2025-11-29T06:54:01+00:00
rhsa-2025:3685	Red Hat Security Advisory: Red Hat Edge Manager Version 0.5.1 (Technology Preview) security fixes	2025-04-08T13:01:54+00:00	2025-11-29T06:54:00+00:00
rhsa-2025:3618	Red Hat Security Advisory: grafana security update	2025-04-07T02:07:30+00:00	2025-11-29T06:53:59+00:00
rhsa-2025:3616	Red Hat Security Advisory: grafana security update	2025-04-07T01:59:15+00:00	2025-11-29T06:53:59+00:00
rhsa-2025:3607	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release	2025-04-04T13:38:55+00:00	2025-11-29T06:53:58+00:00
rhsa-2025:3593	Red Hat Security Advisory: opentelemetry-collector security update	2025-04-03T13:38:52+00:00	2025-11-29T06:53:57+00:00
rhsa-2025:3577	Red Hat Security Advisory: OpenShift Container Platform 4.18.8 bug fix and security update	2025-04-10T11:37:31+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3565	Red Hat Security Advisory: OpenShift Container Platform 4.17.24 bug fix and security update	2025-04-09T04:47:09+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3560	Red Hat Security Advisory: RHODF-4.14-RHEL-9 security update	2025-04-03T05:09:02+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3542	Red Hat Security Advisory: RHODF-4.15-RHEL-9 security update	2025-04-02T19:51:02+00:00	2025-11-29T06:53:55+00:00
rhsa-2025:3503	Red Hat Security Advisory: Red Hat build of Cryostat security update	2025-04-02T04:03:14+00:00	2025-11-29T06:53:54+00:00
rhsa-2025:3501	Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update	2025-04-01T20:50:35+00:00	2025-11-29T06:53:54+00:00
rhsa-2025:3439	Red Hat Security Advisory: ACS 4.6 enhancement and security update	2025-04-01T04:55:49+00:00	2025-11-29T06:53:53+00:00
rhsa-2025:3438	Red Hat Security Advisory: ACS 4.7 enhancement and security update	2025-04-01T04:50:23+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3437	Red Hat Security Advisory: ACS 4.5 enhancement and security update	2025-04-01T04:50:24+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3411	Red Hat Security Advisory: opentelemetry-collector security update	2025-03-31T14:36:15+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3344	Red Hat Security Advisory: grafana security update	2025-03-27T15:46:43+00:00	2025-11-29T06:53:50+00:00
rhsa-2025:3336	Red Hat Security Advisory: podman security update	2025-03-27T15:01:22+00:00	2025-11-29T06:53:50+00:00
rhsa-2025:3335	Red Hat Security Advisory: opentelemetry-collector security update	2025-03-27T15:00:22+00:00	2025-11-29T06:53:48+00:00
rhsa-2025:3301	Red Hat Security Advisory: OpenShift Container Platform 4.16.38 bug fix and security update	2025-04-03T00:21:28+00:00	2025-11-29T06:53:47+00:00
rhsa-2025:3268	Red Hat Security Advisory: container-tools:rhel8 security update	2025-03-26T14:31:13+00:00	2025-11-29T06:53:47+00:00

ID	Description	Published	Updated
msrc_cve-2025-64680	Windows DWM Core Library Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-23T08:00:00.000Z
msrc_cve-2025-55319	Agentic AI and Visual Studio Code Remote Code Execution Vulnerability	2025-09-09T07:00:00.000Z	2025-12-23T08:00:00.000Z
msrc_cve-2025-66471	urllib3 Streaming API improperly handles highly compressed data	2025-12-02T00:00:00.000Z	2025-12-23T01:38:16.000Z
msrc_cve-2025-66418	urllib3 allows an unbounded number of links in the decompression chain	2025-12-02T00:00:00.000Z	2025-12-23T01:38:10.000Z
msrc_cve-2025-65637	A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.	2025-12-02T00:00:00.000Z	2025-12-23T01:37:58.000Z
msrc_cve-2025-12819	Untrusted search path in auth_query connection in PgBouncer	2025-12-02T00:00:00.000Z	2025-12-23T01:37:37.000Z
msrc_cve-2025-68114	Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow	2025-12-02T00:00:00.000Z	2025-12-23T01:37:34.000Z
msrc_cve-2025-68161	Apache Log4j Core: Missing TLS hostname verification in Socket appender	2025-12-02T00:00:00.000Z	2025-12-23T01:37:29.000Z
msrc_cve-2025-59529	simple protocol server ignores accepts unlimited connections and logs failures without limit	2025-12-02T00:00:00.000Z	2025-12-23T01:37:23.000Z
msrc_cve-2025-64437	KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes	2025-11-02T00:00:00.000Z	2025-12-23T01:37:16.000Z
msrc_cve-2025-68390	Elasticsearch Allocation of Resources Without Limits or Throttling	2025-12-02T00:00:00.000Z	2025-12-23T01:37:15.000Z
msrc_cve-2025-68384	Elasticsearch Allocation of Resources Without Limits or Throttling	2025-12-02T00:00:00.000Z	2025-12-23T01:37:09.000Z
msrc_cve-2025-64435	KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation	2025-11-02T00:00:00.000Z	2025-12-23T01:37:09.000Z
msrc_cve-2025-64433	KubeVirt Arbitrary Container File Read	2025-11-02T00:00:00.000Z	2025-12-23T01:37:02.000Z
msrc_cve-2025-38347	f2fs: fix to do sanity check on ino and xnid	2025-07-02T00:00:00.000Z	2025-12-23T01:37:01.000Z
msrc_cve-2025-38331	net: ethernet: cortina: Use TOE/TSO on all TCP	2025-07-02T00:00:00.000Z	2025-12-23T01:36:56.000Z
msrc_cve-2025-64432	KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer	2025-11-02T00:00:00.000Z	2025-12-23T01:36:55.000Z
msrc_cve-2025-38300	crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()	2025-07-02T00:00:00.000Z	2025-12-23T01:36:50.000Z
msrc_cve-2025-37938	tracing: Verify event formats that have "%*p.."	2025-05-02T00:00:00.000Z	2025-12-23T01:36:45.000Z
msrc_cve-2025-37932	sch_htb: make htb_qlen_notify() idempotent	2025-05-02T00:00:00.000Z	2025-12-23T01:36:40.000Z
msrc_cve-2025-37931	btrfs: adjust subpage bit start based on sectorsize	2025-05-02T00:00:00.000Z	2025-12-23T01:36:34.000Z
msrc_cve-2025-66382	In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.	2025-11-02T00:00:00.000Z	2025-12-23T01:36:29.000Z
msrc_cve-2025-2296	Un-verified kernel bypass Secure Boot mechanism in direct boot mode	2025-12-02T00:00:00.000Z	2025-12-23T01:35:11.000Z
msrc_cve-2025-7424	Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes	2025-07-02T00:00:00.000Z	2025-12-22T14:35:05.000Z
msrc_cve-2025-55753	Apache HTTP Server: mod_md (ACME), unintended retry intervals	2025-12-02T00:00:00.000Z	2025-12-20T14:35:58.000Z
msrc_cve-2025-58098	Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...	2025-12-02T00:00:00.000Z	2025-12-20T14:35:52.000Z
msrc_cve-2025-66200	Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo	2025-12-02T00:00:00.000Z	2025-12-20T14:35:45.000Z
msrc_cve-2025-65082	Apache HTTP Server: CGI environment variable override	2025-12-02T00:00:00.000Z	2025-12-20T14:35:39.000Z
msrc_cve-2025-14512	Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow	2025-12-02T00:00:00.000Z	2025-12-20T01:40:40.000Z
msrc_cve-2025-14087	Glib: glib: buffer underflow in gvariant parser leads to heap corruption	2025-12-02T00:00:00.000Z	2025-12-20T01:40:29.000Z

ID	Description	Published	Updated
icsa-25-135-05	Siemens SIPROTEC and SICAM	2025-05-13T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-072-11	Siemens SIMATIC IPC Family, ITP1000, and Field PGs	2025-03-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-044-06	Siemens RUGGEDCOM APE1808 Devices	2025-02-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-044-04	Siemens SIPROTEC 5	2025-02-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-016-04	Siemens SIPROTEC 5 Products	2025-01-14T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-193-14	Siemens SIPROTEC	2024-07-09T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-193-02	Siemens RUGGEDCOM APE 1808	2024-07-09T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-074-05	Siemens RUGGEDCOM APE1808	2024-03-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-23-257-01	Siemens SIMATIC, SIPLUS Products	2023-09-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-23-103-06	Siemens SIPROTEC 5 Devices	2023-04-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-349-11	Siemens SIPROTEC 5 Devices	2022-12-13T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-195-02	Siemens SICAM GridEdge	2022-07-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-167-08	Siemens SICAM GridEdge	2022-06-14T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-310-03	ABB FLXeon Controllers	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-310-02	Ubia Ubox	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-310-01	Advantech DeviceOn/iEdge	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-308-05	IDIS ICM Viewer	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-04	Radiometrics VizAir	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-03	Delta Electronics CNCSoft-G2	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-02	Survision License Plate Recognition Camera	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
va-25-304-02	Restaurant Brands International assistant platform multiple vulnerabilities	2025-10-31T17:02:13Z	2025-10-31T17:02:13Z
va-25-304-01	ELOG multiple vulnerabilities	2025-10-31T16:57:24Z	2025-10-31T16:57:24Z
icsa-25-303-02	Hitachi Energy TropOS	2025-10-30T06:00:00.000000Z	2025-10-30T06:00:00.000000Z
icsa-25-303-01	International Standards Organization ISO 15118	2025-10-30T05:00:00.000000Z	2025-10-30T05:00:00.000000Z
icsa-25-282-01	Hitachi Energy Asset Suite (Update A)	2025-09-30T08:50:13.000000Z	2025-10-28T09:50:00.000000Z
icsma-25-301-01	Vertikal Systems Hospital Manager Backend Services	2025-10-28T06:00:00.000000Z	2025-10-28T06:00:00.000000Z
icsma-25-296-01	NIHON KOHDEN Central Monitor CNS-6201	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-04	Delta Electronics ASDA-Soft	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-03	Veeder-Root TLS4B Automatic Tank Gauge System	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-02	ASKI Energy ALS-Mini-S8 and ALS-Mini-S4	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-cuis-file-upload-uhnetstm	Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-spaces-conn-privesc-kgd2ccdu	Cisco Spaces Connector Privilege Escalation Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ece-xss-cbtkteyc	Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-cucm-ssh-m4ubdpe7	Cisco Unified Communications Manager Static SSH Credentials Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ise-stored-xss-yff54m73	Cisco Identity Services Stored Cross-Site Scripting Vulnerability	2025-05-21T16:00:00+00:00	2025-06-30T15:08:59+00:00
cisco-sa-ise-auth-bypass-mvfkvqau	Cisco Identity Services Engine Authorization Bypass Vulnerability	2025-06-25T16:00:00+00:00	2025-06-25T16:00:00+00:00
cisco-sa-ise-file-upload-p4m8vwxy	Cisco Identity Services Engine Arbitrary File Upload Vulnerability	2025-06-04T16:00:00+00:00	2025-06-23T19:16:21+00:00
cisco-sa-meraki-mx-vpn-dos-sm5gcfm7	Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability	2025-06-18T16:00:00+00:00	2025-06-18T16:00:00+00:00
cisco-sa-clamav-udf-hmwd9ndy	ClamAV UDF File Parsing Out-of-Bounds Read Information Disclosure Vulnerability	2025-06-18T16:00:00+00:00	2025-06-18T16:00:00+00:00
cisco-sa-erlang-otp-ssh-xyzzy	Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server: April 2025	2025-04-22T21:45:00+00:00	2025-06-11T14:40:37+00:00
cisco-sa-wlc-file-uplpd-rhzg9ufc	Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability	2025-05-07T16:00:00+00:00	2025-06-06T20:02:48+00:00
cisco-sa-ise-aws-static-cred-fpmjucm7	Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability	2025-06-04T16:00:00+00:00	2025-06-05T17:26:25+00:00
cisco-sa-vos-command-inject-65s2ucyy	Cisco Unified Communications Products Command Injection Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ucs-ssh-priv-esc-2mzdtdjm	Cisco Integrated Management Controller Privilege Escalation Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-uccx-multi-uhotvpgl	Cisco Unified Contact Center Express Vulnerabilities	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-uccx-editor-rce-ezyyzte8	Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-te-endagent-filewrt-zncdqnrj	Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Delete Vulnerabilities	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ndfc-shkv-snqjtjrp	Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-icm-xss-cfcqhxag	Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ccp-info-disc-zygerqpd	Cisco Customer Collaboration Platform Information Disclosure Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-meraki-mx-vpn-dos-qtrhzg2	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities	2024-10-02T16:00:00+00:00	2025-06-02T14:22:28+00:00
cisco-sa-meraki-mx-vpn-dos-by-qwukqv7x	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability	2024-10-02T16:00:00+00:00	2025-06-02T14:22:27+00:00
cisco-sa-webex-xss-7teqtfn8	Cisco Webex Services Cross-Site Scripting Vulnerabilities	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-webex-cache-q4xbkqbg	Cisco Webex Meetings Services HTTP Cache Poisoning Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-sna-ssti-dpulqsmz	Cisco Secure Network Analytics Manager Privilege Escalation Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-sna-apiacv-4b6x5ysw	Cisco Secure Network Analytics Manager API Authorization Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-ise-restart-ss-uf986g2q	Cisco Identity Services Engine RADIUS Denial of Service Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-duo-ssp-cmd-inj-rcmyrna	Cisco Duo Self-Service Portal Command Injection Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-cuis-priv-esc-3pk96su4	Cisco Unified Intelligence Center Privilege Escalation Vulnerabilities	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-cucm-kkhzbhr5	Cisco Unified Communications Products Privilege Escalation Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00

ID	Description	Published	Updated
SCA-2020-0002	Vulnerabilities in SICK Package Analytics	2020-08-07T10:00:00.000Z	2020-07-28T10:00:00.000Z
sca-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
SCA-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
sca-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
SCA-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
sca-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z
SCA-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z

ID	Description	Published	Updated
NN-2021:2-01	Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2021:1-01	Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:3-01	Angular template injection on custom report name field	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:2-01	Cross-site request forgery attack on change password form	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:2-01	CSV Injection on node label	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:1-01	Stored XSS in field name data model	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-201912-0636	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:41.849000Z
var-201302-0303	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on …	2024-11-29T22:36:41.699000Z
var-200106-0168	Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows lo…	2024-11-29T22:36:38.066000Z
var-202105-1461	A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in fun…	2024-11-29T22:36:05.822000Z
var-201904-0745	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:04.982000Z
var-200501-0287	Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a…	2024-11-29T22:36:04.792000Z
var-202010-1511	A use after free issue was addressed with improved memory management. This issue is fixed…	2024-11-29T22:36:04.718000Z
var-202206-1961	When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification fa…	2024-11-29T22:36:04.578000Z
var-200901-0466	The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for co…	2024-11-29T22:35:53.826000Z
var-202001-1433	When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data sm…	2024-11-29T22:35:51.750000Z
var-202109-1804	A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocate…	2024-11-29T22:35:51.033000Z
var-201609-0597	The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other pr…	2024-11-29T22:35:49.265000Z
var-201011-0178	The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and poss…	2024-11-29T22:35:48.998000Z
var-201310-0370	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 an…	2024-11-29T22:35:48.557000Z
var-201901-1586	In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 1…	2024-11-29T22:35:46.547000Z
var-201006-0051	Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4…	2024-11-29T22:35:44.571000Z
var-201908-0421	Some HTTP/2 implementations are vulnerable to window size manipulation and stream priorit…	2024-11-29T22:35:38.045000Z
var-202112-0562	It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete…	2024-11-29T22:35:35.830000Z
var-200102-0007	WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood…	2024-11-29T22:35:30.307000Z
var-201404-0374	Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an…	2024-11-29T22:35:28.945000Z
var-201412-0516	The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apach…	2024-11-29T22:34:53.956000Z
var-201310-0355	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, a…	2024-11-29T22:34:53.303000Z
var-201912-0592	An input validation issue was addressed with improved memory handling. This issue is fixe…	2024-11-29T22:34:47.182000Z
var-201910-1485	The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdum…	2024-11-29T22:34:46.805000Z
var-201410-1319	Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attack…	2024-11-29T22:34:46.272000Z
var-200906-0598	Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in…	2024-11-29T22:34:44.074000Z
var-200608-0038	Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers …	2024-11-29T22:34:43.959000Z
var-201007-0949	WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before…	2024-11-29T22:34:42.765000Z
var-201906-1176	Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragme…	2024-11-29T22:34:41.605000Z
var-202201-0104	In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtt…	2024-11-29T22:34:09.849000Z

ID	Description	Published	Updated
jvndb-2025-000054	Apache Jena Fuseki vulnerable to path traversal	2025-07-30T14:17+09:00	2025-07-30T14:17+09:00
jvndb-2025-000053	"SwitchBot" App vulnerable to insertion of sensitive information into log file	2025-07-29T13:44+09:00	2025-07-29T13:44+09:00
jvndb-2025-010056	TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection	2025-07-28T17:53+09:00	2025-07-28T17:53+09:00
jvndb-2025-000052	TP-Link Archer C1200 vulnerable to clickjacking	2025-07-24T14:16+09:00	2025-07-24T14:16+09:00
jvndb-2025-000051	Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input	2025-07-23T13:54+09:00	2025-07-23T13:54+09:00
jvndb-2025-009576	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-07-23T11:13+09:00	2025-07-23T11:13+09:00
jvndb-2025-000050	"region PAY" App for Android vulnerable to insertion of sensitive information into log file	2025-07-22T13:33+09:00	2025-07-22T13:33+09:00
jvndb-2025-009150	Security updates for Trend Micro products (June 2025)	2025-07-17T17:03+09:00	2025-07-17T17:03+09:00
jvndb-2025-000030	Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor	2025-05-12T18:00+09:00	2025-07-17T10:06+09:00
jvndb-2025-000049	ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials	2025-07-16T13:54+09:00	2025-07-16T13:54+09:00
jvndb-2025-008881	Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers	2025-07-15T15:54+09:00	2025-07-15T15:54+09:00
jvndb-2025-008783	Firebox T15 contains an issue with hidden functionality	2025-07-14T17:22+09:00	2025-07-14T17:22+09:00
jvndb-2025-008145	Epson Web Installer for Mac vulnerable to missing authentication for critical function	2025-07-08T14:08+09:00	2025-07-08T14:08+09:00
jvndb-2025-008106	Heap-based buffer overflow vulnerability in V-SFT and TELLUS	2025-07-07T16:26+09:00	2025-07-07T16:26+09:00
jvndb-2025-008105	Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)	2025-07-07T16:04+09:00	2025-07-07T16:04+09:00
jvndb-2025-000047	Multiple vulnerabilities in Nimesa Backup and Recovery	2025-07-07T15:26+09:00	2025-07-07T15:26+09:00
jvndb-2025-007978	Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)	2025-07-04T13:28+09:00	2025-07-04T13:28+09:00
jvndb-2025-000045	Multiple vulnerabilities in Active! mail	2025-07-02T14:13+09:00	2025-07-02T14:13+09:00
jvndb-2025-007754	Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)	2025-07-02T11:31+09:00	2025-07-02T11:31+09:00
jvndb-2025-007607	Pass-Back Attack vulnerability in Konica Minorta bizhub series	2025-07-01T14:09+09:00	2025-07-01T14:09+09:00
jvndb-2025-007595	Multiple vulnerabilities in Web Connection of Konica Minolta MFPs	2025-07-01T14:02+09:00	2025-07-01T14:02+09:00
jvndb-2025-000046	SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting	2025-06-30T15:45+09:00	2025-06-30T15:45+09:00
jvndb-2025-007552	Multiple vulnerabilities in TB-eye network recorders and AHD recorders	2025-06-30T14:45+09:00	2025-06-30T14:45+09:00
jvndb-2024-004595	Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series	2024-07-29T17:51+09:00	2025-06-30T09:56+09:00
jvndb-2025-000043	Multiple vulnerabilities in iroha Board	2025-06-26T15:13+09:00	2025-06-26T15:13+09:00
jvndb-2025-000042	Inefficient regular expressions in GROWI	2025-06-24T15:25+09:00	2025-06-24T15:25+09:00
jvndb-2025-000041	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-06-24T14:50+09:00	2025-06-24T14:50+09:00
jvndb-2025-007390	Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)	2025-06-24T11:18+09:00	2025-06-24T11:18+09:00
jvndb-2025-000040	KCM3100 vulnerable to authentication bypass using an alternate path or channel	2025-06-18T13:42+09:00	2025-06-18T13:42+09:00
jvndb-2025-000039	Multiple vulnerabilities in RICOH Streamline NX PC Client	2025-06-13T16:09+09:00	2025-06-13T16:09+09:00

ID	Description	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated