Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-j346-h5wc-rw2m | Incorrect Authorization in Apache Solr | 2022-02-09T23:19:26Z | 2025-11-10T15:24:29Z |
| ghsa-r854-85qm-m3f9 | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-219… | 2022-02-10T00:00:22Z | 2025-10-22T00:32:29Z |
| ghsa-9cr3-63pg-942x | Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-219… | 2022-02-10T00:00:23Z | 2025-10-22T00:32:28Z |
| ghsa-58gj-2v59-wxcq | Windows Runtime Remote Code Execution Vulnerability. | 2022-02-10T00:00:25Z | 2025-10-22T00:32:28Z |
| ghsa-fh88-2p7h-7g9h | An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 p… | 2022-02-10T00:00:32Z | 2025-10-22T00:32:28Z |
| ghsa-9hwg-wq94-95pr | SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data… | 2022-02-10T00:00:57Z | 2025-11-04T21:30:27Z |
| ghsa-h4c9-5784-r394 | SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running i… | 2022-02-10T00:00:57Z | 2025-11-04T21:30:27Z |
| ghsa-q4h6-g8v7-rxfv | SMM memory corruption vulnerability allowing a possible attacker to write fixed or predictable data… | 2022-02-10T00:00:57Z | 2025-11-04T21:30:27Z |
| ghsa-27rf-x255-jv68 | Stack overflow vulnerability that allows a local root user to access UEFI DXE driver and execute ar… | 2022-02-10T00:00:58Z | 2025-11-04T21:30:26Z |
| ghsa-2m37-rjqx-pvcg | SMM callout vulnerability allowing a possible attacker to hijack execution flow of a code running i… | 2022-02-10T00:00:58Z | 2025-11-04T21:30:26Z |
| ghsa-pfm8-cf33-8rhf | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that d… | 2022-02-10T00:00:58Z | 2025-11-04T21:30:26Z |
| ghsa-928c-mw7v-gxfh | An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSM… | 2022-02-10T00:00:59Z | 2025-11-04T21:30:26Z |
| ghsa-9fr3-m8v5-v6g9 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that d… | 2022-02-10T00:00:59Z | 2025-11-04T21:30:26Z |
| ghsa-grj6-95wm-6gmg | An unsafe pointer vulnerability exists in SMM (System Management Mode) branch that registers a SWSM… | 2022-02-10T00:00:59Z | 2025-11-04T21:30:26Z |
| ghsa-g6pg-5762-5mq6 | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that d… | 2022-02-10T00:01:00Z | 2025-11-04T21:30:26Z |
| ghsa-xg99-57hh-rfjv | A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that d… | 2022-02-10T00:01:00Z | 2025-11-04T21:30:26Z |
| ghsa-f8pw-77pg-8gv6 | A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware co… | 2022-02-10T00:01:02Z | 2025-11-04T21:30:26Z |
| ghsa-pjmr-mr6j-2v2f | An issue was discovered in AhciBusDxe in Insyde InsydeH2O with kernel 5.0 before 05.08.41, 5.1 befo… | 2022-02-10T00:01:02Z | 2025-11-04T21:30:26Z |
| ghsa-gfqr-73mw-r2gj | An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 2021-11-08, 5.2 through 2021-11… | 2022-02-10T00:01:03Z | 2025-11-04T21:30:26Z |
| ghsa-3p59-3fgj-3hg8 | An issue was discovered in IdeBusDxe in Insyde InsydeH2O with kernel 5.1 before 05.16.25, 5.2 befor… | 2022-02-10T00:01:19Z | 2025-11-04T21:30:26Z |
| ghsa-5r96-55w4-xch3 | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers coul… | 2022-02-11T00:00:43Z | 2025-10-22T00:32:29Z |
| ghsa-9358-2j57-j7hg | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers coul… | 2022-02-11T00:00:44Z | 2025-10-22T00:32:29Z |
| ghsa-jpxp-6rp5-3wg3 | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers coul… | 2022-02-11T00:00:44Z | 2025-10-22T00:32:29Z |
| ghsa-vchr-42h7-32xh | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers coul… | 2022-02-11T00:00:44Z | 2025-10-22T00:32:29Z |
| ghsa-4jrj-gxg8-2frj | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers coul… | 2022-02-11T00:00:45Z | 2025-10-22T00:32:29Z |
| ghsa-6hc3-539h-6xc6 | SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Co… | 2022-02-11T00:00:50Z | 2025-10-22T00:32:29Z |
| ghsa-95v7-jv4x-23ww | VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credenti… | 2022-02-11T00:01:16Z | 2025-10-31T12:30:20Z |
| ghsa-v6h3-3hh9-32cf | An issue was discovered in UsbCoreDxe in Insyde InsydeH2O with kernel 5.5 before 05.51.45, 5.4 befo… | 2022-02-11T00:01:34Z | 2025-11-04T21:30:27Z |
| ghsa-2vc7-6w39-6rh2 | An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Ad… | 2022-02-12T00:00:48Z | 2025-10-22T00:32:29Z |
| ghsa-cj93-q2w3-fjxc | Heap-based Buffer Overflow in Conda vim prior to 8.2. | 2022-02-12T00:01:19Z | 2025-11-03T21:30:37Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2014-1761 | N/A | Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and S… |
n/a |
n/a |
2014-03-24T19:00:00.000Z | 2025-10-22T00:05:38.376Z |
| cve-2014-0160 | N/A | The (1) TLS and (2) DTLS implementations in OpenS… |
n/a |
n/a |
2014-04-07T00:00:00.000Z | 2025-10-22T00:05:38.217Z |
| cve-2014-0780 | 7.5 (v2.0) | InduSoft Web Studio Path Traversal |
InduSoft |
Web Studio |
2014-04-25T01:00:00.000Z | 2025-10-22T00:05:38.084Z |
| cve-2014-1776 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2014-04-27T10:00:00.000Z | 2025-10-22T00:05:37.934Z |
| cve-2014-0130 | N/A | Directory traversal vulnerability in actionpack/l… |
n/a |
n/a |
2014-05-07T10:00:00.000Z | 2025-10-22T00:05:37.800Z |
| cve-2014-0196 | N/A | The n_tty_write function in drivers/tty/n_tty.c i… |
n/a |
n/a |
2014-05-07T10:00:00.000Z | 2025-10-22T00:05:37.666Z |
| cve-2014-1812 | N/A | The Group Policy implementation in Microsoft Wind… |
n/a |
n/a |
2014-05-14T10:00:00.000Z | 2025-10-22T00:05:37.525Z |
| cve-2014-3146 | N/A | Incomplete blacklist vulnerability in the lxml.ht… |
n/a |
n/a |
2014-05-14T19:00:00.000Z | 2025-12-17T21:03:02.761Z |
| cve-2014-2349 | 6.2 (v2.0) | Emerson DeltaV Use of Improper Authorization |
Emerson |
DeltaV |
2014-05-22T20:00:00 | 2025-10-31T22:56:34.809Z |
| cve-2014-2350 | 2.4 (v2.0) | Emerson DeltaV Use of Hard-coded Credentials |
Emerson |
DeltaV |
2014-05-22T20:00:00 | 2025-10-31T22:55:07.498Z |
| cve-2014-3153 | N/A | The futex_requeue function in kernel/futex.c in t… |
n/a |
n/a |
2014-06-07T14:00:00.000Z | 2025-10-22T00:05:37.360Z |
| cve-2013-3993 | N/A | IBM InfoSphere BigInsights before 2.1.0.3 allows … |
n/a |
n/a |
2014-07-07T10:00:00.000Z | 2025-12-20T04:56:07.295Z |
| cve-2014-0207 | N/A | The cdf_read_short_sector function in cdf.c in fi… |
n/a |
n/a |
2014-07-09T10:00:00.000Z | 2025-12-04T20:29:06.728Z |
| cve-2014-3478 | N/A | Buffer overflow in the mconvert function in softm… |
n/a |
n/a |
2014-07-09T10:00:00.000Z | 2025-12-04T20:26:53.242Z |
| cve-2014-3480 | N/A | The cdf_count_chain function in cdf.c in file bef… |
n/a |
n/a |
2014-07-09T10:00:00.000Z | 2025-12-04T20:25:29.415Z |
| cve-2014-3120 | N/A | The default configuration in Elasticsearch before… |
n/a |
n/a |
2014-07-28T19:00:00.000Z | 2025-10-22T00:05:37.084Z |
| cve-2014-0546 | N/A | Adobe Reader and Acrobat 10.x before 10.1.11 and … |
n/a |
n/a |
2014-08-12T21:00:00.000Z | 2025-11-21T15:46:42.425Z |
| cve-2014-2817 | N/A | Microsoft Internet Explorer 6 through 11 allows r… |
n/a |
n/a |
2014-08-12T21:00:00.000Z | 2025-10-22T00:05:36.812Z |
| cve-2014-2380 | 7.8 (v2.0) | Schneider Electric Wonderware Inadequate Encryption Strength |
Schneider Electric |
Wonderware Information Server Portal |
2014-08-28T01:00:00 | 2025-10-31T23:11:04.615Z |
| cve-2014-2381 | 2.1 (v2.0) | Schneider Electric Wonderware Inadequate Encryption Strength |
Schneider Electric |
Wonderware Information Server Portal |
2014-08-28T01:00:00 | 2025-10-31T23:19:54.894Z |
| cve-2014-5397 | 7.5 (v2.0) | Schneider Electric Wonderware Cross-site Scripting |
Schneider Electric |
Wonderware Information Server Portal |
2014-08-28T01:00:00 | 2025-10-31T23:14:04.849Z |
| cve-2014-5398 | 2.1 (v2.0) | Schneider Electric Wonderware Input Validation |
Schneider Electric |
Wonderware Information Server Portal |
2014-08-28T01:00:00 | 2025-10-31T23:16:04.348Z |
| cve-2014-5399 | 7.5 (v2.0) | Schneider Electric Wonderware SQL Injection |
Schneider Electric |
Wonderware Information Server Portal |
2014-08-28T01:00:00 | 2025-10-31T23:17:37.919Z |
| cve-2013-2597 | N/A | Stack-based buffer overflow in the acdb_ioctl fun… |
n/a |
n/a |
2014-08-31T10:00:00.000Z | 2025-10-22T00:05:36.666Z |
| cve-2014-5407 | 4.1 (v2.0) | Schneider Electric VAMPSET Stack-based Buffer Overflow |
Schneider Electric |
VAMPSET |
2014-09-15T14:00:00 | 2025-11-03T18:52:21.206Z |
| cve-2014-4404 | N/A | Heap-based buffer overflow in IOHIDFamily in Appl… |
n/a |
n/a |
2014-09-18T10:00:00.000Z | 2025-10-22T00:05:36.521Z |
| cve-2014-5411 | 4.9 (v2.0) | Schneider Electric SCADA Expert ClearSCADA Cross-site … |
Schneider Electric |
ClearSCADA |
2014-09-18T10:00:00 | 2025-11-04T22:53:17.900Z |
| cve-2014-5412 | 6.4 (v2.0) | Schneider Electric SCADA Expert ClearSCADA Improper Au… |
Schneider Electric |
ClearSCADA |
2014-09-18T10:00:00 | 2025-11-04T22:56:12.970Z |
| cve-2014-5413 | 6.4 (v2.0) | Schneider Electric SCADA Expert ClearSCADA Cryptograph… |
Schneider Electric |
ClearSCADA |
2014-09-18T10:00:00 | 2025-11-04T22:59:00.297Z |
| cve-2014-6271 | N/A | GNU Bash through 4.3 processes trailing strings a… |
n/a |
n/a |
2014-09-24T18:00:00.000Z | 2025-10-22T00:05:36.342Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2013-3896 | N/A | Microsoft Silverlight 5 before 5.1.20913.0 does n… |
n/a |
n/a |
2013-10-09T14:44:00.000Z | 2025-10-22T00:05:40.641Z |
| cve-2013-3897 | N/A | Use-after-free vulnerability in the CDisplayPoint… |
n/a |
n/a |
2013-10-09T14:44:00.000Z | 2025-10-22T00:05:40.468Z |
| cve-2013-5590 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.675Z |
| cve-2013-5591 | N/A | Unspecified vulnerability in the browser engine i… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.464Z |
| cve-2013-5593 | N/A | The SELECT element implementation in Mozilla Fire… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.516Z |
| cve-2013-5595 | N/A | The JavaScript engine in Mozilla Firefox before 2… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.440Z |
| cve-2013-5596 | N/A | The cycle collection (CC) implementation in Mozil… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.420Z |
| cve-2013-5597 | N/A | Use-after-free vulnerability in the nsDocLoader::… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.584Z |
| cve-2013-5598 | N/A | PDF.js in Mozilla Firefox before 25.0 and Firefox… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.427Z |
| cve-2013-5599 | N/A | Use-after-free vulnerability in the nsIPresShell:… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.453Z |
| cve-2013-5600 | N/A | Use-after-free vulnerability in the nsIOService::… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.438Z |
| cve-2013-5601 | N/A | Use-after-free vulnerability in the nsEventListen… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.550Z |
| cve-2013-5602 | N/A | The Worker::SetEventListener function in the Web … |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.408Z |
| cve-2013-5603 | N/A | Use-after-free vulnerability in the nsContentUtil… |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.512Z |
| cve-2013-5604 | N/A | The txXPathNodeUtils::getBaseURI function in the … |
n/a |
n/a |
2013-10-30T10:00:00 | 2024-08-06T17:15:21.510Z |
| cve-2013-3906 | N/A | GDI+ in Microsoft Windows Vista SP2 and Server 20… |
n/a |
n/a |
2013-11-06T11:00:00.000Z | 2025-10-22T00:05:40.307Z |
| cve-2013-3918 | N/A | The InformationCardSigninHelper Class ActiveX con… |
n/a |
n/a |
2013-11-12T01:00:00.000Z | 2025-10-22T00:05:40.129Z |
| cve-2013-5223 | N/A | Multiple cross-site scripting (XSS) vulnerabiliti… |
n/a |
n/a |
2013-11-15T20:00:00.000Z | 2025-10-22T00:05:39.961Z |
| cve-2013-6629 | N/A | The get_sos function in jdmarker.c in (1) libjpeg… |
n/a |
n/a |
2013-11-15T20:00:00 | 2024-08-06T17:46:22.170Z |
| cve-2013-6282 | N/A | The (1) get_user and (2) put_user API functions i… |
n/a |
n/a |
2013-11-19T15:00:00.000Z | 2025-10-22T00:05:39.816Z |
| cve-2013-5607 | N/A | Integer overflow in the PL_ArenaAllocate function… |
n/a |
n/a |
2013-11-20T11:00:00 | 2024-08-06T17:15:21.405Z |
| cve-2013-5065 | N/A | NDProxy.sys in the kernel in Microsoft Windows XP… |
n/a |
n/a |
2013-11-27T23:00:00.000Z | 2025-10-22T00:05:39.667Z |
| cve-2013-3900 | 5.5 (v3.1) | WinVerifyTrust Signature Validation Vulnerability |
Microsoft |
Windows 10 Version 1809 |
2013-12-11T00:00:00.000Z | 2025-10-22T00:05:39.513Z |
| cve-2013-5609 | N/A | Multiple unspecified vulnerabilities in the brows… |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:15:21.492Z |
| cve-2013-5613 | N/A | Use-after-free vulnerability in the PresShell::Di… |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:15:21.465Z |
| cve-2013-5615 | N/A | The JavaScript implementation in Mozilla Firefox … |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:15:21.503Z |
| cve-2013-5616 | N/A | Use-after-free vulnerability in the nsEventListen… |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:15:21.432Z |
| cve-2013-5618 | N/A | Use-after-free vulnerability in the nsNodeUtils::… |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:15:21.442Z |
| cve-2013-6671 | N/A | The nsGfxScrollFrameInner::IsLTR function in Mozi… |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:46:22.682Z |
| cve-2013-6673 | N/A | Mozilla Firefox before 26.0, Firefox ESR 24.x bef… |
n/a |
n/a |
2013-12-11T15:00:00 | 2024-08-06T17:46:22.836Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-2983 | Malicious code in sapling-output-plugin (npm) | 2024-06-25T12:59:50Z | 2025-08-29T06:43:17Z |
| mal-2024-2992 | Malicious code in sdg-indicators-usa (npm) | 2024-06-25T13:00:19Z | 2025-03-31T07:07:49Z |
| mal-2024-3018 | Malicious code in signingroom-app (npm) | 2024-06-25T13:00:51Z | 2025-05-22T14:07:47Z |
| mal-2024-3022 | Malicious code in skud-client-base (npm) | 2024-06-25T13:00:55Z | 2025-08-29T06:43:17Z |
| mal-2024-3054 | Malicious code in starter-assets-sass (npm) | 2024-06-25T13:02:01Z | 2025-02-03T18:38:40Z |
| mal-2024-3055 | Malicious code in stitch-ui-toolbox (npm) | 2024-06-25T13:02:06Z | 2025-12-15T03:33:45Z |
| mal-2024-3089 | Malicious code in techtrans (npm) | 2024-06-25T13:03:04Z | 2024-12-09T14:39:22Z |
| mal-2024-3130 | Malicious code in tml-language-picker (npm) | 2024-06-25T13:04:11Z | 2025-10-27T18:09:49Z |
| mal-2024-3253 | Malicious code in ufo-rocks2 (npm) | 2024-06-25T13:06:56Z | 2025-07-25T00:40:55Z |
| mal-2024-3949 | Malicious code in wf-dbd-react-ui (npm) | 2024-06-25T13:21:51Z | 2024-12-09T14:39:22Z |
| mal-2024-3950 | Malicious code in wfui-digital-core (npm) | 2024-06-25T13:21:52Z | 2024-12-09T14:39:22Z |
| mal-2024-3964 | Malicious code in wwc22docker (npm) | 2024-06-25T13:22:19Z | 2025-10-27T18:09:49Z |
| mal-2024-4551 | Malicious code in Modern.WinForm.UI (NuGet) | 2024-06-25T13:30:09Z | 2025-03-31T07:07:50Z |
| mal-2024-4834 | Malicious code in brrerrere (PyPI) | 2024-06-25T13:32:57Z | 2025-12-11T09:27:52Z |
| mal-2024-5078 | Malicious code in discordpy-bypass (PyPI) | 2024-06-25T13:34:55Z | 2024-12-09T14:39:23Z |
| mal-2024-5101 | Malicious code in easyhttprequest (PyPI) | 2024-06-25T13:35:06Z | 2025-12-24T10:09:32Z |
| mal-2024-5134 | Malicious code in fef3434334dwrg (PyPI) | 2024-06-25T13:35:22Z | 2025-12-11T09:27:53Z |
| mal-2024-5135 | Malicious code in fefeefrrg (PyPI) | 2024-06-25T13:35:22Z | 2025-12-11T09:27:53Z |
| mal-2024-5181 | Malicious code in glovo-data-platform-declarative (PyPI) | 2024-06-25T13:35:45Z | 2024-12-09T14:39:23Z |
| mal-2024-5203 | Malicious code in hlokty (PyPI) | 2024-06-25T13:35:57Z | 2025-12-11T09:27:53Z |
| mal-2024-5221 | Malicious code in httprequesthub (PyPI) | 2024-06-25T13:36:05Z | 2025-12-24T10:09:32Z |
| mal-2024-5323 | Malicious code in libproxy (PyPI) | 2024-06-25T13:36:55Z | 2025-12-24T10:09:32Z |
| mal-2024-5325 | Malicious code in libsock (PyPI) | 2024-06-25T13:36:56Z | 2025-12-24T10:09:32Z |
| mal-2024-5326 | Malicious code in libsocks5 (PyPI) | 2024-06-25T13:36:56Z | 2025-12-24T10:09:32Z |
| mal-2024-5357 | Malicious code in me-dheeraj-moye-moye (PyPI) | 2024-06-25T13:37:11Z | 2025-12-11T09:27:53Z |
| mal-2024-5371 | Malicious code in mlp-data-product-producer (PyPI) | 2024-06-25T13:37:18Z | 2024-12-09T14:39:23Z |
| mal-2024-5479 | Malicious code in pingdomv3 (PyPI) | 2024-06-25T13:38:09Z | 2025-12-11T09:27:53Z |
| mal-2024-5721 | Malicious code in pyhttpproxifier (PyPI) | 2024-06-25T13:40:09Z | 2025-12-24T10:09:32Z |
| mal-2024-6051 | Malicious code in styler (PyPI) | 2024-06-25T13:42:55Z | 2024-12-09T14:39:23Z |
| mal-2024-6103 | Malicious code in termcolour (PyPI) | 2024-06-25T13:43:19Z | 2025-12-24T10:09:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-0935 | Red Hat Enterprise Linux (libsoup): Mehrere Schwachstellen | 2025-05-04T22:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0944 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-05-05T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-0987 | Eclipse Jetty: Mehrere Schwachstellen | 2025-05-08T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0991 | Linux Kernel: Mehrere Schwachstellen | 2025-05-08T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-1007 | Apple macOS: Mehrere Schwachstellen | 2025-05-12T22:00:00.000+00:00 | 2025-11-23T23:00:00.000+00:00 |
| wid-sec-w-2025-1055 | Node.js: Mehrere Schwachstellen | 2025-05-14T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1114 | Linux Kernel: Mehrere Schwachstellen | 2025-05-20T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1134 | Ghostscript: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-05-22T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1140 | Red Hat Enterprise Linux (libsoup): Mehrere Schwachstellen | 2025-05-25T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1144 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-05-25T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1169 | Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-05-29T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1201 | Linux Kernel: Mehrere Schwachstellen | 2025-05-29T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1205 | Golang Go: Mehrere Schwachstellen | 2025-06-01T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1221 | Samba: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-06-02T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1245 | Django: Schwachstelle ermöglicht Manipulation von Dateien | 2025-06-04T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1261 | CoreDNS: Schwachstelle ermöglicht Denial of Service | 2025-06-09T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-1277 | Microsoft Windows: Mehrere Schwachstellen | 2025-06-10T22:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2025-1312 | libxml2: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-11T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1333 | Erlang/OTP: Schwachstelle ermöglicht Manipulation von Dateien | 2025-06-16T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1334 | Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service | 2025-06-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1335 | Apache Tomcat: Mehrere Schwachstellen | 2025-06-16T22:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-1339 | PAM: Schwachstelle ermöglicht Privilegieneskalation | 2025-06-17T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-1350 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-06-17T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-1352 | X.Org X11 und Xwayland: Mehrere Schwachstellen | 2025-06-17T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1372 | Linux Kernel: Schwachstelle ermöglicht Manipulation von Daten und Denial of Service | 2025-06-22T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1375 | WinRAR: Schwachstelle ermöglicht Codeausführung | 2025-06-23T22:00:00.000+00:00 | 2025-12-09T23:00:00.000+00:00 |
| wid-sec-w-2025-1385 | libssh: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-06-24T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1389 | Podman: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-06-24T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| wid-sec-w-2025-1395 | Mozilla Firefox: Mehrere Schwachstellen | 2025-06-24T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-1417 | Linux Kernel: Mehrere Schwachstellen | 2025-06-29T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-133772 | SSA-133772: Zip Path Traversal Vulnerability in Teamcenter Active Workspace | 2021-12-14T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-160202 | SSA-160202: Multiple Access Control Vulnerabilities in SiPass Integrated | 2021-12-14T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-161331 | SSA-161331: Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer before V2021.3.1 | 2021-12-14T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-199605 | SSA-199605: Arbitrary File Download Vulnerability in SIMATIC eaSie PCS 7 Skill Package | 2021-12-14T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-352143 | SSA-352143: Multiple File Parsing Vulnerabilities in JTTK before V11.0.3.0 and JT Utilities before V13.0.3.0 | 2021-12-14T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-390195 | SSA-390195: LibVNC Vulnerabilities in SIMATIC ITC Products | 2021-12-14T00:00:00Z | 2021-12-14T00:00:00Z |
| ssa-620288 | SSA-620288: Multiple Vulnerabilities (NUCLEUS:13) in Capital Embedded AR Classic | 2021-12-14T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-714170 | SSA-714170: Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to SPPA-T3000 | 2021-12-16T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-501673 | SSA-501673: Apache Log4j Denial of Service Vulnerability (CVE-2021-45105) - Impact to Siemens Products | 2021-12-19T00:00:00Z | 2021-12-19T00:00:00Z |
| ssa-397453 | SSA-397453: Apache Log4j Vulnerabilities (Log4Shell, CVE-2021-44228, CVE-2021-45046) - Impact to Siemens Energy TraceAlertServerPLUS | 2021-12-20T00:00:00Z | 2021-12-20T00:00:00Z |
| ssa-479842 | SSA-479842: Apache Log4j Vulnerabilities - Impact to Siemens Energy Sensformer / Sensgear (Platform, Basic and Advanced) | 2021-12-21T00:00:00Z | 2021-12-23T00:00:00Z |
| ssa-784507 | SSA-784507: Apache Log4j Vulnerability (CVE-2021-44832) via JDBC Appender - Impact to Siemens Products | 2021-12-28T00:00:00Z | 2021-12-28T00:00:00Z |
| ssa-173318 | SSA-173318: Unquoted Search Path Vulnerability in SICAM PQ Analyzer | 2022-01-11T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-324998 | SSA-324998: Multiple Vulnerabilities in SICAM A8000 | 2022-01-11T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-439673 | SSA-439673: Information Disclosure Vulnerability in SIPROTEC 5 Devices | 2022-01-11T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-845392 | SSA-845392: Multiple Vulnerabilities in Nucleus RTOS based Siemens Energy PLUSCONTROL 1st Gen Devices | 2022-01-11T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-995338 | SSA-995338: Multiple Vulnerabilities in COMOS Web | 2022-01-11T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-301589 | SSA-301589: Multiple File Parsing Vulnerabilities in Solid Edge, JT2Go and Teamcenter Visualization | 2022-02-08T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-609880 | SSA-609880: File Parsing Vulnerabilities in Simcenter Femap before V2022.1 | 2022-02-08T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-654775 | SSA-654775: Open Redirect Vulnerability in SINEMA Remote Connect Server | 2022-02-08T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-669737 | SSA-669737: Improper Access Control Vulnerability in SICAM TOOLBOX II | 2022-02-08T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-831168 | SSA-831168: Cross-Site Scripting Vulnerability in Spectrum Power 4 | 2022-02-08T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-838121 | SSA-838121: Multiple Denial of Service Vulnerabilities in Industrial Products | 2022-02-08T00:00:00Z | 2023-04-11T00:00:00Z |
| ssa-914168 | SSA-914168: Multiple Vulnerabilities in SIMATIC WinCC Affecting Other SIMATIC Software Products | 2022-02-08T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-949188 | SSA-949188: File Parsing Vulnerabilities in Simcenter Femap before V2022.1.1 | 2022-02-17T00:00:00Z | 2022-02-17T00:00:00Z |
| ssa-306654 | SSA-306654: Insyde BIOS Vulnerabilities in Siemens Industrial Products | 2022-02-22T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-134279 | SSA-134279: Vulnerability in Mendix Forgot Password Appstore module | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-155599 | SSA-155599: File Parsing Vulnerabilities in COMOS | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-166747 | SSA-166747: Scene File Parsing Vulnerability in Simcenter STAR-CCM+ Viewer before V2022.1 | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-223353 | SSA-223353: Multiple Vulnerabilities in Nucleus RTOS based SIMOTICS CONNECT 400 | 2022-03-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2003:001 | Red Hat Security Advisory: : Updated PostgreSQL packages fix security issues and bugs | 2003-01-14T22:22:00+00:00 | 2025-11-21T17:25:20+00:00 |
| rhsa-2003:010 | Red Hat Security Advisory: : Updated PostgreSQL packages fix buffer overrun vulnerabilities | 2003-01-14T22:40:00+00:00 | 2025-11-21T17:25:22+00:00 |
| rhsa-2002:312 | Red Hat Security Advisory: openldap security update | 2003-01-15T08:35:00+00:00 | 2025-11-21T17:25:20+00:00 |
| rhsa-2002:288 | Red Hat Security Advisory: : Updated MySQL packages fix various security issues | 2003-01-15T19:23:00+00:00 | 2025-11-21T17:25:16+00:00 |
| rhsa-2002:297 | Red Hat Security Advisory: : : : Updated vim packages fix modeline vulnerability | 2003-01-16T14:32:00+00:00 | 2025-11-21T17:25:18+00:00 |
| rhsa-2002:287 | Red Hat Security Advisory: vnc security update | 2003-01-16T15:46:00+00:00 | 2025-11-21T17:25:15+00:00 |
| rhsa-2003:013 | Red Hat Security Advisory: cvs security update | 2003-01-20T21:19:00+00:00 | 2025-11-21T17:25:24+00:00 |
| rhsa-2003:012 | Red Hat Security Advisory: : : : Updated CVS packages available | 2003-01-20T21:24:00+00:00 | 2025-11-21T17:25:23+00:00 |
| rhsa-2002:301 | Red Hat Security Advisory: postgresql security update | 2003-01-22T18:36:00+00:00 | 2025-11-21T17:25:19+00:00 |
| rhsa-2003:021 | Red Hat Security Advisory: krb5 security update | 2003-01-28T13:12:00+00:00 | 2025-11-21T17:25:25+00:00 |
| rhsa-2003:007 | Red Hat Security Advisory: libpng security update | 2003-01-29T15:31:00+00:00 | 2025-11-21T17:25:22+00:00 |
| rhsa-2002:291 | Red Hat Security Advisory: ethereal security update | 2003-01-29T15:32:00+00:00 | 2025-11-21T17:25:17+00:00 |
| rhsa-2002:302 | Red Hat Security Advisory: vim security update | 2003-01-29T15:33:00+00:00 | 2025-11-21T17:25:19+00:00 |
| rhsa-2002:259 | Red Hat Security Advisory: sendmail security update | 2003-01-30T19:28:00+00:00 | 2025-11-21T17:25:14+00:00 |
| rhsa-2002:307 | Red Hat Security Advisory: xpdf security update | 2003-01-30T19:29:00+00:00 | 2025-11-21T17:25:19+00:00 |
| rhsa-2003:022 | Red Hat Security Advisory: glibc security update | 2003-01-30T19:35:00+00:00 | 2025-11-21T17:25:25+00:00 |
| rhsa-2003:020 | Red Hat Security Advisory: : Updated kerberos packages fix vulnerability in ftp client | 2003-01-31T08:38:00+00:00 | 2025-11-21T17:25:27+00:00 |
| rhsa-2003:040 | Red Hat Security Advisory: : Updated openldap packages available | 2003-02-06T08:44:00+00:00 | 2025-11-21T17:25:29+00:00 |
| rhsa-2003:043 | Red Hat Security Advisory: : : : Updated WindowMaker packages fix vulnerability in theme-loading | 2003-02-06T09:11:00+00:00 | 2025-11-21T17:25:30+00:00 |
| rhsa-2003:037 | Red Hat Security Advisory: : : : Updated Xpdf packages fix security vulnerability | 2003-02-06T15:03:00+00:00 | 2025-11-21T17:25:34+00:00 |
| rhsa-2003:045 | Red Hat Security Advisory: w3m security update | 2003-02-06T17:19:00+00:00 | 2025-11-21T17:25:32+00:00 |
| rhsa-2003:044 | Red Hat Security Advisory: : Updated w3m packages fix cross-site scripting issues | 2003-02-07T07:09:00+00:00 | 2025-11-21T17:25:31+00:00 |
| rhsa-2003:008 | Red Hat Security Advisory: mgetty security update | 2003-02-11T16:46:00+00:00 | 2025-11-21T17:25:22+00:00 |
| rhsa-2003:048 | Red Hat Security Advisory: python security update | 2003-02-12T14:39:00+00:00 | 2025-11-21T17:25:37+00:00 |
| rhsa-2003:046 | Red Hat Security Advisory: mozilla security update | 2003-02-12T14:42:00+00:00 | 2025-11-21T17:25:33+00:00 |
| rhsa-2003:029 | Red Hat Security Advisory: : : : Updated lynx packages fix CRLF injection vulnerability | 2003-02-12T19:22:00+00:00 | 2025-11-21T17:25:27+00:00 |
| rhsa-2003:035 | Red Hat Security Advisory: : : : Updated PAM packages fix bug in pam_xauth module | 2003-02-13T08:34:00+00:00 | 2025-11-21T17:25:28+00:00 |
| rhsa-2003:015 | Red Hat Security Advisory: : : : Updated fileutils package fixes race condition in recursive operations | 2003-02-13T08:35:00+00:00 | 2025-11-21T17:25:24+00:00 |
| rhsa-2003:003 | Red Hat Security Advisory: kdelibs security update | 2003-02-17T09:53:00+00:00 | 2025-11-21T17:25:21+00:00 |
| rhsa-2003:016 | Red Hat Security Advisory: fileutils security update | 2003-02-20T18:37:00+00:00 | 2025-11-21T17:25:24+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2015-7511 | Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations. | 2016-04-02T00:00:00.000Z | 2025-09-04T00:25:12.000Z |
| msrc_cve-2015-8863 | Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a denial of service (crash) via a long JSON-encoded number which triggers a heap-based buffer overflow. | 2016-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2016-3959 | The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries. | 2016-05-02T00:00:00.000Z | 2025-09-03T21:31:16.000Z |
| msrc_cve-2016-4074 | The jv_dump_term function in jq 1.5 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted JSON file. This issue has been fixed in jq 1.6_rc1-r0. | 2016-05-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2016-3189 | Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file related to block ends set to before the start of the block. | 2016-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-3697 | libcontainer/user/user.go in runC before 0.1.0 as used in Docker before 1.11.2 improperly treats a numeric UID as a potential username which allows local users to gain privileges via a numeric username in the password file in a container. | 2016-06-02T00:00:00.000Z | 2021-07-16T00:00:00.000Z |
| msrc_cve-2015-5738 | The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS) makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. | 2016-07-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2016-5386 | The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | 2016-07-02T00:00:00.000Z | 2025-09-03T23:29:37.000Z |
| msrc_cve-2016-7161 | Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet. | 2016-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2016-9296 | A null pointer dereference bug affects the 16.02 and many old versions of p7zip. A lack of null pointer check for the variable folders.PackPositions in function CInArchive::ReadAndDecodePackedStreams in CPP/7zip/Archive/7z/7zIn.cpp as used in the 7z.so library and in 7z applications will cause a crash and a denial of service when decoding malformed 7z files. | 2016-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2016-6664 | mysqld_safe in Oracle MySQL through 5.5.51 5.6.x through 5.6.32 and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2 5.6.x before 5.6.32-78-1 and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0 5.6.x before 5.6.32-25.17 and 5.7.x before 5.7.14-26.17 when using file-based logging allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. | 2016-12-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2016-9179 | It was found that Lynx doesn't parse the authority component of the URL correctly | 2016-12-02T00:00:00.000Z | 2025-09-03T19:35:59.000Z |
| msrc_cve-2014-9913 | Buffer overflow in the list_files function in list.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via vectors related to the compression method. | 2017-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2016-10087 | The libpng 0.71 allows context-dependent attackers to cause a NULL pointer dereference vectors | 2017-01-02T00:00:00.000Z | 2025-03-14T00:00:00.000Z |
| msrc_cve-2016-7567 | Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string. | 2017-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2016-7798 | The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. | 2017-01-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2016-9795 | The casrvc program in CA Common Services as used in CA Client Automation 12.8 12.9 and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11 11.3 11.3.5 and 11.3.6 on AIX HP-UX Linux and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation. | 2017-01-02T00:00:00.000Z | 2023-03-10T00:00:00.000Z |
| msrc_cve-2016-9844 | Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header. | 2017-01-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2016-2568 | pkexec, when used with --user nonpriv, allows local users to escape to the parent session | 2017-02-02T00:00:00.000Z | 2025-10-01T23:10:54.000Z |
| msrc_cve-2016-2781 | chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer. | 2017-02-02T00:00:00.000Z | 2025-06-13T00:00:00.000Z |
| msrc_cve-2016-6210 | sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided. | 2017-02-02T00:00:00.000Z | 2025-09-04T00:05:57.000Z |
| msrc_cve-2016-8681 | The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file. | 2017-02-02T00:00:00.000Z | 2025-09-03T20:19:35.000Z |
| msrc_cve-2015-4645 | Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input which triggers a stack-based buffer overflow. | 2017-03-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2016-4912 | The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service | 2017-03-02T00:00:00.000Z | 2025-10-01T23:10:54.000Z |
| msrc_cve-2017-5834 | The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service | 2017-03-02T00:00:00.000Z | 2025-10-01T23:10:56.000Z |
| msrc_cve-2017-5835 | libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero. | 2017-03-02T00:00:00.000Z | 2025-10-01T23:10:56.000Z |
| msrc_cve-2017-5836 | The plist_free_data function libplist allows attackers to cause a denial of service | 2017-03-02T00:00:00.000Z | 2025-10-01T23:10:56.000Z |
| msrc_cve-2017-5931 | Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request which triggers a heap-based buffer overflow. | 2017-03-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2017-5974 | Heap-based buffer overflow in the __zzip_get32 function in fetch.c in zziplib 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57, 0.13.56 allows remote attackers to cause a denial of service (crash) via a crafted ZIP file. | 2017-03-02T00:00:00.000Z | 2025-05-15T00:00:00.000Z |
| msrc_cve-2017-6827 | Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact via a crafted audio file | 2017-03-02T00:00:00.000Z | 2025-10-01T23:10:56.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-322-03 | Shelly Pro 3EM | 2025-11-18T07:00:00.000000Z | 2025-11-18T07:00:00.000000Z |
| icsa-25-322-05 | METZ CONNECT EWIO2 | 2025-11-18T12:00:00.000000Z | 2025-11-18T12:00:00.000000Z |
| icsa-25-324-02 | ICAM365 CCTV Camera Multiple Models | 2025-11-20T06:00:00.000000Z | 2025-11-20T06:00:00.000000Z |
| icsa-25-324-03 | Opto 22 GRV-EPIC and groov RIO | 2025-11-20T06:00:00.000000Z | 2025-11-20T06:00:00.000000Z |
| icsa-25-324-01 | Automated Logic WebCTRL Premium Server | 2025-11-20T07:00:00.000000Z | 2025-11-20T07:00:00.000000Z |
| icsa-25-324-06 | Emerson Appleton UPSMON-PRO | 2025-11-20T07:00:00.000000Z | 2025-11-20T07:00:00.000000Z |
| icsa-25-329-04 | Opto 22 groov View | 2025-11-25T06:00:00.000000Z | 2025-11-25T06:00:00.000000Z |
| icsa-25-329-01 | Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-02 | Rockwell Automation Arena Simulation | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-03 | Zenitel TCIV-3+ | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-05 | Festo Compact Vision System, Control Block, Controller, and Operator Unit products | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-06 | SiRcom SMART Alert (SiSA) | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-336-01 | Industrial Video & Control Longwatch | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-02 | Iskra iHUB and iHUB Lite | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsma-25-336-01 | Mirion Medical EC2 Software NMIS BioDose | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-338-01 | Mitsubishi Electric GX Works2 | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-02 | MAXHUB Pivot | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-03 | Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-04 | Johnson Controls iSTAR | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-05 | Sunbird DCIM dcTrack and Power IQ | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-06 | SolisCloud Monitoring Platform | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-07 | Advantech iView | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-345-04 | Siemens IAM Client | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-05 | Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-06 | Siemens SINEMA Remote Connect Server | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-07 | Siemens Building X - Security Manager Edge Controller | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-08 | Siemens Energy Services | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-09 | Siemens Gridscale X Prepay | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-352-05 | Siemens Interniche IP-Stack | 2025-12-09T00:00:00.000000Z | 2025-12-18T18:13:59.515670Z |
| icsa-25-343-03 | Multiple India-based CCTV Cameras** | 2025-12-09T05:00:00.000000Z | 2025-12-09T05:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2006-000626 | dotProject cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000627 | Phorum cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000628 | Wiki clone products vulnerable to denial of service attacks | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000629 | Wiki clone products vulnerable to denial of service attacks | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000630 | Wiki clone products vulnerable to denial of service attacks | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000631 | ACollab SQL injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000632 | ATutor cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000633 | ServerView cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000634 | ServerView directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000635 | Geeklog cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000636 | Loudblog cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000637 | QwikiWiki cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000638 | Dokeos cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000640 | Drupal cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000641 | Kiri directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000642 | 04WebServer cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000643 | 04WebServer directory traversal vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000644 | NetCommons cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000646 | Owl SQL injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000647 | Owl cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000648 | mail f/w system vulnerable to allow unauthorized email transmissionk | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000649 | Cybozu Office 6 information disclosure vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000650 | Cybozu products vulnerable to directory traversal | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000651 | Cybozu products vulnerable to directory traversal | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000652 | MDPro cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000653 | Movable Type vulnerabile to cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000654 | SugarCRM cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000665 | TeraStation HD-HTGL series cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000695 | Kmail CGI authentication bypass vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2006-000734 | Ichitaro buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|