Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-5705 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
code-projects Online Hotel Booking Booking Endpoint boā¦ |
code-projects |
Online Hotel Booking |
2026-04-06T23:30:11.682Z | 2026-04-06T23:30:11.682Z |
| CVE-2026-5692 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setGameSpeedCfg os commanā¦ |
Totolink |
A7100RU |
2026-04-06T23:15:13.215Z | 2026-04-06T23:15:13.215Z |
| CVE-2026-5691 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setFirewallType os commanā¦ |
Totolink |
A7100RU |
2026-04-06T23:00:22.202Z | 2026-04-06T23:00:22.202Z |
| CVE-2026-5690 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setRemoteCfg os command iā¦ |
Totolink |
A7100RU |
2026-04-06T22:45:12.940Z | 2026-04-06T22:45:12.940Z |
| CVE-2026-5689 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setNtpCfg os command injection |
Totolink |
A7100RU |
2026-04-06T22:30:14.721Z | 2026-04-06T22:30:14.721Z |
| CVE-2026-5688 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setDdnsCfg os command injection |
Totolink |
A7100RU |
2026-04-06T22:15:15.502Z | 2026-04-06T22:15:15.502Z |
| CVE-2026-5687 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CX12L NatStaticSetting fromNatStaticSetting stacā¦ |
Tenda |
CX12L |
2026-04-06T22:00:20.576Z | 2026-04-06T22:00:20.576Z |
| CVE-2026-35454 |
8.7 (4.0)
|
Code Extension Marketplace has a Zip Slip Path Traversal |
coder |
code-marketplace |
2026-04-06T21:51:53.048Z | 2026-04-06T21:51:53.048Z |
| CVE-2026-35452 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated Information Disclosureā¦ |
WWBN |
AVideo |
2026-04-06T21:47:45.511Z | 2026-04-06T21:47:45.511Z |
| CVE-2026-35450 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated FFmpeg Remote Server Sā¦ |
WWBN |
AVideo |
2026-04-06T21:46:54.779Z | 2026-04-06T21:46:54.779Z |
| CVE-2026-35449 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated Information Disclosureā¦ |
WWBN |
AVideo |
2026-04-06T21:46:07.363Z | 2026-04-06T21:46:07.363Z |
| CVE-2026-5686 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CX12L RouteStatic fromRouteStatic stack-based overflow |
Tenda |
CX12L |
2026-04-06T21:45:12.358Z | 2026-04-06T21:45:12.358Z |
| CVE-2026-35448 |
3.7 (3.1)
|
WWBN AVideo Provides Unauthenticated Access to Paymentā¦ |
WWBN |
AVideo |
2026-04-06T21:45:01.877Z | 2026-04-06T21:45:01.877Z |
| CVE-2026-35444 |
7.1 (3.1)
|
SDL_image has a heap buffer overflow READ via uncheckeā¦ |
libsdl-org |
SDL_image |
2026-04-06T21:44:05.986Z | 2026-04-06T21:44:05.986Z |
| CVE-2026-35471 |
9.8 (3.0)
|
Improper Limitation of a Pathname to a Restricted Direā¦ |
patrickhener |
goshs |
2026-04-06T21:38:27.657Z | 2026-04-06T21:38:27.657Z |
| CVE-2026-35442 |
8.1 (3.1)
|
Directus: Authenticated Users Can Extract Concealed Fiā¦ |
directus |
directus |
2026-04-06T21:36:57.807Z | 2026-04-06T21:36:57.807Z |
| CVE-2026-35441 |
6.5 (3.1)
|
Directus Affected by GraphQL Alias Amplification Deniaā¦ |
directus |
directus |
2026-04-06T21:36:07.737Z | 2026-04-06T21:36:07.737Z |
| CVE-2026-35413 |
5.3 (3.1)
|
Directus GraphQL Schema SDL Disclosure Setting |
directus |
directus |
2026-04-06T21:34:32.683Z | 2026-04-06T21:34:32.683Z |
| CVE-2026-35412 |
7.1 (3.1)
|
Directus has a TUS Upload Authorization Bypass Allows ā¦ |
directus |
directus |
2026-04-06T21:33:44.867Z | 2026-04-06T21:33:44.867Z |
| CVE-2026-35411 |
4.3 (3.1)
|
Directus is an Open Redirect in Admin 2FA Setup Page |
directus |
directus |
2026-04-06T21:33:06.664Z | 2026-04-06T21:33:06.664Z |
| CVE-2026-35410 |
6.1 (3.1)
|
Directus has an Open Redirect via Parser Bypass in OAuā¦ |
directus |
directus |
2026-04-06T21:32:13.985Z | 2026-04-06T21:32:13.985Z |
| CVE-2026-5709 |
8.8 (3.1)
7.7 (4.0)
|
AWS Research and Engineering Studio (RES) FileBrowser ā¦ |
AWS |
Research and Engineering Studio (RES) |
2026-04-06T21:32:04.058Z | 2026-04-06T21:32:04.058Z |
| CVE-2026-35409 |
7.7 (3.1)
|
Directus has a SSRF Protection Bypass via IPv4-Mapped ā¦ |
directus |
directus |
2026-04-06T21:31:13.575Z | 2026-04-06T21:31:13.575Z |
| CVE-2026-35408 |
8.7 (3.1)
|
Directus is Missing Cross-Origin Opener Policy |
directus |
directus |
2026-04-06T21:30:22.824Z | 2026-04-06T21:30:22.824Z |
| CVE-2026-5685 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CX12L addressNat fromAddressNat stack-based overflow |
Tenda |
CX12L |
2026-04-06T21:30:16.732Z | 2026-04-06T21:30:16.732Z |
| CVE-2026-5708 |
8.8 (3.1)
8.7 (4.0)
|
Improper Control of User-Modifiable Attributes in RES ā¦ |
AWS |
Research and Engineering Studio (RES) |
2026-04-06T21:28:03.951Z | 2026-04-06T21:36:45.719Z |
| CVE-2026-5707 |
8.8 (3.1)
8.7 (4.0)
|
Command Injection via Virtual Desktop Session Name in ā¦ |
AWS |
Research and Engineering Studio (RES) |
2026-04-06T21:25:48.404Z | 2026-04-06T21:25:48.404Z |
| CVE-2026-35404 |
4.7 (3.1)
|
Open edX Platform has an Open Redirect in Survey Viewsā¦ |
openedx |
openedx-platform |
2026-04-06T21:22:29.562Z | 2026-04-06T21:22:29.562Z |
| CVE-2026-22675 |
5.1 (4.0)
5.4 (3.1)
|
OCS Inventory NG Server Stored XSS via User-Agent |
OCS Inventory |
OCS Inventory NG Server |
2026-04-06T21:19:59.435Z | 2026-04-06T21:19:59.435Z |
| CVE-2026-35475 |
5.1 (4.0)
|
WeGIA - Open Redirect - backup redirection ā Unvalidatā¦ |
LabRedesCefetRJ |
WeGIA |
2026-04-06T21:17:04.964Z | 2026-04-06T21:17:04.964Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-5705 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
code-projects Online Hotel Booking Booking Endpoint boā¦ |
code-projects |
Online Hotel Booking |
2026-04-06T23:30:11.682Z | 2026-04-06T23:30:11.682Z |
| CVE-2026-5692 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setGameSpeedCfg os commanā¦ |
Totolink |
A7100RU |
2026-04-06T23:15:13.215Z | 2026-04-06T23:15:13.215Z |
| CVE-2026-5691 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setFirewallType os commanā¦ |
Totolink |
A7100RU |
2026-04-06T23:00:22.202Z | 2026-04-06T23:00:22.202Z |
| CVE-2026-5690 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setRemoteCfg os command iā¦ |
Totolink |
A7100RU |
2026-04-06T22:45:12.940Z | 2026-04-06T22:45:12.940Z |
| CVE-2026-5689 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setNtpCfg os command injection |
Totolink |
A7100RU |
2026-04-06T22:30:14.721Z | 2026-04-06T22:30:14.721Z |
| CVE-2026-5688 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Totolink A7100RU cstecgi.cgi setDdnsCfg os command injection |
Totolink |
A7100RU |
2026-04-06T22:15:15.502Z | 2026-04-06T22:15:15.502Z |
| CVE-2026-5709 |
8.8 (3.1)
7.7 (4.0)
|
AWS Research and Engineering Studio (RES) FileBrowser ā¦ |
AWS |
Research and Engineering Studio (RES) |
2026-04-06T21:32:04.058Z | 2026-04-06T21:32:04.058Z |
| CVE-2026-5708 |
8.8 (3.1)
8.7 (4.0)
|
Improper Control of User-Modifiable Attributes in RES ā¦ |
AWS |
Research and Engineering Studio (RES) |
2026-04-06T21:28:03.951Z | 2026-04-06T21:36:45.719Z |
| CVE-2026-5707 |
8.8 (3.1)
8.7 (4.0)
|
Command Injection via Virtual Desktop Session Name in ā¦ |
AWS |
Research and Engineering Studio (RES) |
2026-04-06T21:25:48.404Z | 2026-04-06T21:25:48.404Z |
| CVE-2026-5687 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CX12L NatStaticSetting fromNatStaticSetting stacā¦ |
Tenda |
CX12L |
2026-04-06T22:00:20.576Z | 2026-04-06T22:00:20.576Z |
| CVE-2026-5686 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CX12L RouteStatic fromRouteStatic stack-based overflow |
Tenda |
CX12L |
2026-04-06T21:45:12.358Z | 2026-04-06T21:45:12.358Z |
| CVE-2026-5685 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
Tenda CX12L addressNat fromAddressNat stack-based overflow |
Tenda |
CX12L |
2026-04-06T21:30:16.732Z | 2026-04-06T21:30:16.732Z |
| CVE-2026-5684 |
8.6 (4.0)
8 (3.1)
8 (3.0)
|
Tenda CX12L webExcptypemanFilter fromwebExcptypemanFilā¦ |
Tenda |
CX12L |
2026-04-06T21:15:13.535Z | 2026-04-06T21:15:13.535Z |
| CVE-2026-35475 |
5.1 (4.0)
|
WeGIA - Open Redirect - backup redirection ā Unvalidatā¦ |
LabRedesCefetRJ |
WeGIA |
2026-04-06T21:17:04.964Z | 2026-04-06T21:17:04.964Z |
| CVE-2026-35474 |
5.1 (4.0)
|
WeGIA - Open Redirect - atualizacao redirection - Unvaā¦ |
LabRedesCefetRJ |
WeGIA |
2026-04-06T21:13:25.517Z | 2026-04-06T21:13:25.517Z |
| CVE-2026-35473 |
5.1 (4.0)
|
WeGIA - Open Redirect - IentradaControle - listarId() ā¦ |
LabRedesCefetRJ |
WeGIA |
2026-04-06T21:12:35.894Z | 2026-04-06T21:12:35.894Z |
| CVE-2026-35471 |
9.8 (3.0)
|
Improper Limitation of a Pathname to a Restricted Direā¦ |
patrickhener |
goshs |
2026-04-06T21:38:27.657Z | 2026-04-06T21:38:27.657Z |
| CVE-2026-35454 |
8.7 (4.0)
|
Code Extension Marketplace has a Zip Slip Path Traversal |
coder |
code-marketplace |
2026-04-06T21:51:53.048Z | 2026-04-06T21:51:53.048Z |
| CVE-2026-35452 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated Information Disclosureā¦ |
WWBN |
AVideo |
2026-04-06T21:47:45.511Z | 2026-04-06T21:47:45.511Z |
| CVE-2026-35450 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated FFmpeg Remote Server Sā¦ |
WWBN |
AVideo |
2026-04-06T21:46:54.779Z | 2026-04-06T21:46:54.779Z |
| CVE-2026-35449 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated Information Disclosureā¦ |
WWBN |
AVideo |
2026-04-06T21:46:07.363Z | 2026-04-06T21:46:07.363Z |
| CVE-2026-35448 |
3.7 (3.1)
|
WWBN AVideo Provides Unauthenticated Access to Paymentā¦ |
WWBN |
AVideo |
2026-04-06T21:45:01.877Z | 2026-04-06T21:45:01.877Z |
| CVE-2026-35444 |
7.1 (3.1)
|
SDL_image has a heap buffer overflow READ via uncheckeā¦ |
libsdl-org |
SDL_image |
2026-04-06T21:44:05.986Z | 2026-04-06T21:44:05.986Z |
| CVE-2026-35442 |
8.1 (3.1)
|
Directus: Authenticated Users Can Extract Concealed Fiā¦ |
directus |
directus |
2026-04-06T21:36:57.807Z | 2026-04-06T21:36:57.807Z |
| CVE-2026-35441 |
6.5 (3.1)
|
Directus Affected by GraphQL Alias Amplification Deniaā¦ |
directus |
directus |
2026-04-06T21:36:07.737Z | 2026-04-06T21:36:07.737Z |
| CVE-2026-35413 |
5.3 (3.1)
|
Directus GraphQL Schema SDL Disclosure Setting |
directus |
directus |
2026-04-06T21:34:32.683Z | 2026-04-06T21:34:32.683Z |
| CVE-2026-35412 |
7.1 (3.1)
|
Directus has a TUS Upload Authorization Bypass Allows ā¦ |
directus |
directus |
2026-04-06T21:33:44.867Z | 2026-04-06T21:33:44.867Z |
| CVE-2026-35411 |
4.3 (3.1)
|
Directus is an Open Redirect in Admin 2FA Setup Page |
directus |
directus |
2026-04-06T21:33:06.664Z | 2026-04-06T21:33:06.664Z |
| CVE-2026-35410 |
6.1 (3.1)
|
Directus has an Open Redirect via Parser Bypass in OAuā¦ |
directus |
directus |
2026-04-06T21:32:13.985Z | 2026-04-06T21:32:13.985Z |
| CVE-2026-35409 |
7.7 (3.1)
|
Directus has a SSRF Protection Bypass via IPv4-Mapped ā¦ |
directus |
directus |
2026-04-06T21:31:13.575Z | 2026-04-06T21:31:13.575Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-1657 | The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versionsā¦ | 2026-02-17T06:16:18.173 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2592 | The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control ā¦ | 2026-02-17T05:16:17.430 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2002 | The Forminator Forms ā Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulā¦ | 2026-02-17T05:16:17.080 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-26220 | LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in ā¦ | 2026-02-17T03:16:01.893 | 2026-02-18T17:52:22.253 |
| fkie_cve-2025-12062 | The WP Maps ā Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin forā¦ | 2026-02-17T00:16:17.080 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2439 | Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids. The geā¦ | 2026-02-16T22:22:41.470 | 2026-03-10T18:12:46.927 |
| fkie_cve-2025-15578 | Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id iā¦ | 2026-02-16T22:22:40.557 | 2026-03-10T15:07:31.793 |
| fkie_cve-2026-2474 | Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in tā¦ | 2026-02-16T21:22:18.107 | 2026-03-04T02:27:15.217 |
| fkie_cve-2026-2001 | The WowRevenue plugin for WordPress is vulnerable to unauthorized plugin installation due to a missā¦ | 2026-02-16T20:19:36.190 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2567 | A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the functioā¦ | 2026-02-16T18:19:45.217 | 2026-02-18T19:41:03.690 |
| fkie_cve-2026-2566 | A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the fuā¦ | 2026-02-16T18:19:45.017 | 2026-02-18T17:52:22.253 |
| fkie_cve-2019-25395 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulneā¦ | 2026-02-16T18:19:44.480 | 2026-02-20T16:31:49.890 |
| fkie_cve-2019-25394 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulneā¦ | 2026-02-16T18:19:44.313 | 2026-02-20T16:31:34.660 |
| fkie_cve-2019-25393 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:44.147 | 2026-02-20T16:31:23.993 |
| fkie_cve-2019-25392 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:43.980 | 2026-02-20T16:31:18.553 |
| fkie_cve-2019-25390 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā¦ | 2026-02-16T18:19:43.810 | 2026-02-20T16:31:10.263 |
| fkie_cve-2019-25389 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:43.643 | 2026-02-20T16:30:56.780 |
| fkie_cve-2019-25388 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:43.473 | 2026-02-20T16:27:01.120 |
| fkie_cve-2019-25387 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:43.303 | 2026-02-20T16:26:53.380 |
| fkie_cve-2019-25386 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā¦ | 2026-02-16T18:19:43.133 | 2026-02-20T16:26:47.313 |
| fkie_cve-2019-25385 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:42.967 | 2026-02-20T16:26:41.493 |
| fkie_cve-2019-25384 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā¦ | 2026-02-16T18:19:42.803 | 2026-02-20T16:26:36.247 |
| fkie_cve-2019-25383 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā¦ | 2026-02-16T18:19:42.640 | 2026-02-20T16:26:19.230 |
| fkie_cve-2019-25382 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā¦ | 2026-02-16T18:19:42.480 | 2026-02-20T19:12:29.937 |
| fkie_cve-2019-25381 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā¦ | 2026-02-16T18:19:42.317 | 2026-02-20T16:26:07.903 |
| fkie_cve-2019-25380 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā¦ | 2026-02-16T18:19:42.153 | 2026-02-20T16:25:48.847 |
| fkie_cve-2019-25379 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting ā¦ | 2026-02-16T18:19:41.987 | 2026-02-20T16:30:43.613 |
| fkie_cve-2019-25378 | Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple cross-site scripting vulnerabilitā¦ | 2026-02-16T18:19:41.430 | 2026-02-20T21:23:50.410 |
| fkie_cve-2026-2565 | A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the functiā¦ | 2026-02-16T17:18:09.360 | 2026-02-18T19:42:27.167 |
| fkie_cve-2026-2564 | A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this ā¦ | 2026-02-16T17:18:09.150 | 2026-02-18T17:52:22.253 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-x663-j3pw-658j |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGaā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-wvc4-2vwc-mwh2 |
7.3 (3.1)
5.5 (4.0)
|
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the functioā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-r8h7-vx32-9qj2 |
7.3 (3.1)
5.5 (4.0)
|
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is thā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-qchm-r69c-gh59 |
8.8 (3.1)
7.4 (4.0)
|
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatSā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-phcm-xmm8-7jpc |
8.0 (3.1)
7.3 (4.0)
|
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-jqvm-5g74-g525 |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the ā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-gxfh-rxpm-86pc |
8.8 (3.1)
8.7 (4.0)
|
Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research andā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-g7w2-v9m9-34xp |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function ā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-frp6-hv3g-9wcp |
8.8 (3.1)
7.4 (4.0)
|
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNatā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-fpff-pjfw-gfg7 |
8.8 (3.1)
8.7 (4.0)
|
Unsanitized control of user-modifiable attributes in the session creation component in AWS Researchā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-fc6j-rjwv-62c9 |
8.8 (3.1)
7.4 (4.0)
|
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the funcā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-6vq3-2fhj-j6wx |
8.8 (3.1)
7.7 (4.0)
|
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.ā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-2h66-4jhv-36vf |
4.3 (3.1)
2.1 (4.0)
|
A vulnerability was identified in code-projects Online Hotel Booking 1.0. Affected by this vulnerabā¦ | 2026-04-07T00:30:22Z | 2026-04-07T00:30:22Z |
| ghsa-xwcw-3qx7-8hxm |
5.4 (3.1)
5.1 (4.0)
|
OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerabilitā¦ | 2026-04-07T00:30:21Z | 2026-04-07T00:30:21Z |
| ghsa-693f-pf34-72c5 |
9.2 (4.0)
|
PraisonAI Has Path Traversal in FileTools | 2026-04-06T23:09:28Z | 2026-04-06T23:09:28Z |
| ghsa-r9x3-wx45-2v7f |
7.1 (3.1)
|
PraisonAI recipe registry publish path traversal allows out-of-root file write | 2026-04-06T23:09:19Z | 2026-04-06T23:09:19Z |
| ghsa-4rx4-4r3x-6534 |
7.3 (3.1)
|
PraisonAI recipe registry pull path traversal writes files outside the chosen output directory | 2026-04-06T23:09:12Z | 2026-04-06T23:09:12Z |
| ghsa-jfxc-v5g9-38xr |
9.0 (3.1)
|
PraisonAI Vulnerable to Arbitrary File Write / Path Traversal in Action Orchestrator | 2026-04-06T23:09:03Z | 2026-04-06T23:09:03Z |
| ghsa-4ph2-f6pf-79wv |
8.1 (3.1)
|
PraisonAI Has Arbitrary File Write (Zip Slip) in Templates Extraction | 2026-04-06T23:08:55Z | 2026-04-06T23:08:55Z |
| ghsa-378j-3jfj-8r9f |
6.2 (3.1)
|
go-ipld-prime: DAG-CBOR decoder unbounded memory allocation from CBOR headers | 2026-04-06T23:08:24Z | 2026-04-06T23:08:24Z |
| ghsa-f9jp-856v-8642 |
3.7 (3.1)
|
PocketMine-MP: Player entities can still die and drop items in flaggedForDespawn state | 2026-04-06T22:54:14Z | 2026-04-06T22:54:14Z |
| ghsa-7hmv-4j2j-pp6f |
4.3 (3.1)
|
PocketMine-MP: Network amplification vulnerability with `ActorEventPacket` | 2026-04-06T22:54:10Z | 2026-04-06T22:54:10Z |
| ghsa-788v-5pfp-93ff |
7.1 (4.0)
|
PocketMine-MP: JSON decoding of unlimited size large arrays/objects in ModalFormResponse Handling | 2026-04-06T22:54:07Z | 2026-04-06T22:54:07Z |
| ghsa-h6rj-3m53-887h |
7.5 (3.1)
|
PocketMine-MP: LogDoS by large complex unknown property logging in clientData in LoginPacket | 2026-04-06T22:54:03Z | 2026-04-06T22:54:03Z |
| ghsa-fvx6-pj3r-5q4q |
|
OpenClaw's complex interpreter pipelines could skip exec script preflight validation | 2026-04-06T22:53:48Z | 2026-04-06T22:53:48Z |
| ghsa-r6ph-fxqg-vg33 |
5.5 (3.1)
2.0 (4.0)
|
A vulnerability was found in Tenda CX12L 16.03.53.12. Affected by this vulnerability is the functioā¦ | 2026-04-06T21:31:35Z | 2026-04-06T21:31:35Z |
| ghsa-q6xr-vv6x-m5gj |
|
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor amd Wearable Processor Exynā¦ | 2026-04-06T21:31:35Z | 2026-04-06T21:31:35Z |
| ghsa-p8gg-wgph-qc82 |
6.3 (3.1)
2.1 (4.0)
|
A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown ā¦ | 2026-04-06T21:31:35Z | 2026-04-06T21:31:35Z |
| ghsa-cmq3-f6cg-p3p7 |
5.5 (3.1)
2.0 (4.0)
|
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_B20221024. The impacted ā¦ | 2026-04-06T21:31:35Z | 2026-04-06T21:31:35Z |
| ghsa-2j2r-9pgw-95hp |
3.7 (3.1)
2.9 (4.0)
|
A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an ā¦ | 2026-04-06T21:31:35Z | 2026-04-06T21:31:35Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2026-3 |
|
After an API token exposure from an exploited Trivy dependency, two new releases of `telnā¦ | telnyx | 2026-03-27T14:53:14Z | |
| pysec-2026-2 |
|
After an API Token exposure from an exploited Trivy dependency, two new releases of `liteā¦ | litellm | 2026-03-24T15:35:32Z | |
| pysec-2026-1 |
|
A PyPI user account compromised by an attacker and was able to upload a malicious versionā¦ | dydx-v4-client | 2026-01-28T21:09:02+00:00 | |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fasā¦ | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker temā¦ | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0ā¦ | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap ā¦ | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-51 |
|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vā¦ | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componenā¦ | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6ā¦ | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabilā¦ | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0ā¦ | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-47 |
|
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2ā¦ | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-44 |
|
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in modā¦ | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 uā¦ | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8ā¦ | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| pysec-2025-50 |
|
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expā¦ | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2025-53 |
|
vLLM is an inference and serving engine for large language models (LLMs). Prior to versioā¦ | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-43 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions staā¦ | vllm | 2025-05-29T17:15:21+00:00 | 2025-05-29T19:21:01.611587+00:00 |
| pysec-2025-46 |
5.5 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as criā¦ | pypickle | 2025-05-26T08:15:19+00:00 | 2025-06-03T17:36:58.579358+00:00 |
| pysec-2025-45 |
7.8 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.ā¦ | pypickle | 2025-05-26T07:15:26+00:00 | 2025-06-03T17:36:58.528116+00:00 |
| pysec-2025-40 |
7.5 (3.1)
|
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`ā¦ | transformers | 2025-05-19T12:15:19+00:00 | 2025-05-21T19:22:10.801823+00:00 |
| pysec-2025-49 |
8.8 (3.1)
|
setuptools is a package that allows users to download, build, install, upgrade, and uninsā¦ | setuptools | 2025-05-17T16:15:19+00:00 | 2025-06-12T22:23:11.115559+00:00 |
| pysec-2025-39 |
|
motionEye is an online interface for the software motion, a video surveillance program wiā¦ | motioneye | 2025-05-14T16:15:29+00:00 | 2025-05-14T17:22:51.050788+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Informā¦ | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attackā¦ | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2025-38 |
|
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during imā¦ | ironic | 2025-05-08T17:16:01Z | 2025-05-13T04:24:03.083929Z |
| pysec-2025-37 |
|
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2ā¦ | django | 2025-05-08T04:17:18+00:00 | 2025-05-08T05:23:16.210893+00:00 |
| pysec-2025-42 |
9.8 (3.1)
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Verā¦ | vllm | 2025-04-30T01:15:51+00:00 | 2025-05-28T21:23:12.396609+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-2499 | Malicious code in nerite-security-audit (npm) | 2026-04-06T09:23:07Z | 2026-04-06T09:23:07Z |
| mal-2026-2500 | Malicious code in totally-safe-util (npm) | 2026-04-06T09:20:39Z | 2026-04-06T09:20:39Z |
| mal-2026-2498 | Malicious code in df-sandbox-test (npm) | 2026-04-06T09:18:00Z | 2026-04-06T09:18:00Z |
| mal-2026-2497 | Malicious code in commerce-utils (npm) | 2026-04-06T09:11:24Z | 2026-04-06T09:11:24Z |
| mal-2026-2496 | Malicious code in chess-sec-ssrf1 (npm) | 2026-04-06T06:10:44Z | 2026-04-06T06:10:44Z |
| mal-2026-2495 | Malicious code in cloudera (npm) | 2026-04-05T20:05:37Z | 2026-04-05T20:05:37Z |
| mal-2026-2493 | Malicious code in cloudera-poc (npm) | 2026-04-05T19:40:31Z | 2026-04-05T19:40:31Z |
| mal-2026-2494 | Malicious code in databasetapes (PyPI) | 2026-04-05T19:35:23Z | 2026-04-05T19:35:23Z |
| mal-2026-2492 | Malicious code in admin0911 (npm) | 2026-04-05T15:30:57Z | 2026-04-06T23:48:49Z |
| mal-2026-2491 | Malicious code in @not-nemo/crypto-tracker (npm) | 2026-04-05T14:31:21Z | 2026-04-05T16:14:37Z |
| mal-2026-2489 | Malicious code in databaserobooms (PyPI) | 2026-04-04T22:24:16Z | 2026-04-05T09:20:21Z |
| mal-2026-2490 | Malicious code in databaserotacos (PyPI) | 2026-04-04T22:03:00Z | 2026-04-05T09:20:21Z |
| mal-2026-2488 | Malicious code in photo-extractor (PyPI) | 2026-04-04T16:41:48Z | 2026-04-04T16:41:48Z |
| mal-2026-2487 | Malicious code in discord-request (PyPI) | 2026-04-04T12:56:18Z | 2026-04-04T12:56:18Z |
| mal-2026-2486 | Malicious code in gangomodule (PyPI) | 2026-04-04T12:01:55Z | 2026-04-04T12:01:55Z |
| mal-2026-2452 | Malicious code in strapi-plugin-blurhash (npm) | 2026-04-03T19:10:29Z | 2026-04-03T19:10:29Z |
| mal-2026-2450 | Malicious code in strapi-plugin-advanced-uuid (npm) | 2026-04-03T19:10:26Z | 2026-04-03T19:10:26Z |
| mal-2026-2463 | Malicious code in strapi-plugin-guardarian-ext (npm) | 2026-04-03T19:10:23Z | 2026-04-03T19:10:23Z |
| mal-2026-2465 | Malicious code in strapi-plugin-health-check (npm) | 2026-04-03T19:10:19Z | 2026-04-03T19:10:19Z |
| mal-2026-2459 | Malicious code in strapi-plugin-debug-tools (npm) | 2026-04-03T19:10:16Z | 2026-04-03T19:10:16Z |
| mal-2026-2455 | Malicious code in strapi-plugin-content-sync (npm) | 2026-04-03T19:09:53Z | 2026-04-03T19:09:53Z |
| mal-2026-2453 | Malicious code in strapi-plugin-cms-tools (npm) | 2026-04-03T19:09:34Z | 2026-04-03T19:09:34Z |
| mal-2026-2466 | Malicious code in strapi-plugin-hextest (npm) | 2026-04-03T19:09:14Z | 2026-04-03T19:09:14Z |
| mal-2026-2461 | Malicious code in strapi-plugin-finseven (npm) | 2026-04-03T19:08:49Z | 2026-04-03T19:08:49Z |
| mal-2026-2471 | Malicious code in strapi-plugin-nordica (npm) | 2026-04-03T19:08:46Z | 2026-04-03T19:08:46Z |
| mal-2026-2474 | Malicious code in strapi-plugin-nordica-deep (npm) | 2026-04-03T19:06:00Z | 2026-04-03T19:06:00Z |
| mal-2026-2480 | Malicious code in strapi-plugin-nordica-vhost (npm) | 2026-04-03T19:05:57Z | 2026-04-03T19:05:57Z |
| mal-2026-2477 | Malicious code in strapi-plugin-nordica-stage (npm) | 2026-04-03T19:05:39Z | 2026-04-03T19:05:39Z |
| mal-2026-2476 | Malicious code in strapi-plugin-nordica-recon (npm) | 2026-04-03T19:05:26Z | 2026-04-03T19:05:26Z |
| mal-2026-2472 | Malicious code in strapi-plugin-nordica-api (npm) | 2026-04-03T19:05:08Z | 2026-04-03T19:05:08Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 7paa023732 | System 800xA affected by 3rd party component vulnerabilities | 2026-03-31T00:30:00.000Z | 2026-03-31T00:30:00.000Z |
| 4hzm000604 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) | 2026-03-26T00:30:00.000Z | 2026-03-26T00:30:00.000Z |
| 4jno000329 | AWIN Gateways Vulnerabilities in Embedded Webserver | 2026-03-13T00:30:00.000Z | 2026-03-13T00:30:00.000Z |
| 3adr011536 | AC500 V3 Stack buffer overflow in Cryptographic Message Syntax | 2026-03-12T00:30:00.000Z | 2026-03-12T00:30:00.000Z |
| 3adr011525 | ABB Automation Builder Gateway for Windows with insecure defaults | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| 3adr011524 | AC500 V3 Multiple vulnerabilities | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| sa25p007 | B&R Automation Studio Update of SQLite version | 2026-02-18T00:30:00.000Z | 2026-02-18T00:30:00.000Z |
| sa26p001 | āāPVIā āāInsertion of Sensitive Information into Logfile | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| sa24p003 | āB&R PCs vulnerable to PixieFail attackā | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| sa25p005 | B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| sa25p004 | Automation Studio Insufficient Server Certificate Validation | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| 9akk108472a1331 | ABB Abilityā¢ OPTIMAXĀ® Authentication Bypass in Single-Sign On with Azure Active Directory | 2026-01-16T00:30:00.000Z | 2026-01-16T00:30:00.000Z |
| 2crt000009 | WebPro SNMP Card PowerValue Multiple Vulnerabilities | 2026-01-07T00:30:00.000Z | 2026-01-07T00:30:00.000Z |
| 4hzm000603 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) | 2025-11-27T00:30:00.000Z | 2025-11-28T00:30:00.000Z |
| 7paa022088 | Edgenius Management Portal Authentication Bypass | 2025-11-20T00:30:00.000Z | 2025-11-20T00:30:00.000Z |
| 2nga002813 | PCM600 SharpZip library vulnerability | 2025-11-03T00:30:00.000Z | 2025-11-03T00:30:00.000Z |
| 9akk108471a8948 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-10-20T00:30:00.000Z | 2025-10-21T00:30:00.000Z |
| 4tz00000006007 | ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations | 2025-10-20T00:30:00.000Z | 2025-10-23T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a8107 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-09-16T00:30:00.000Z | 2025-11-28T08:00:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 3adr011432 | AC500 V2 Buffer overread on Modbus protocol | 2025-07-23T00:30:00.000Z | 2025-07-23T00:30:00.000Z |
| 9akk108471a4556 | Busch-WelcomeĀ® 2 wire Door opener actuator by default in compatibility mode. | 2025-07-21T00:30:00.000Z | 2025-07-21T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| 2crt000008 | Lite Panel Pro Vulnerability in Session Management | 2025-06-26T00:30:00.000Z | 2025-06-26T00:30:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-0909 | Tinyproxy: Schwachstelle ermƶglicht Denial of Service | 2026-03-29T22:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0904 | vim: Schwachstelle ermƶglicht CodeausfĆ¼hrung | 2026-03-29T22:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0892 | WatchGuard Firebox: Mehrere Schwachstellen | 2026-03-26T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0891 | Dovecot: Mehrere Schwachstellen | 2026-03-26T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0887 | Internet Systems Consortium Kea: Schwachstelle ermƶglicht Denial of Service | 2026-03-26T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0882 | GIMP: Schwachstelle ermƶglicht Denial of Service und Offenlegung von Informationen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0881 | IBM License Metric Tool: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0880 | FreeRDP: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0879 | Linux Kernel: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0878 | FreeBSD Project FreeBSD OS: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0875 | Red Hat Enterprise Linux (ncurses): Schwachstelle ermƶglicht CodeausfĆ¼hrung | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0873 | docker: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0870 | libpng: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0869 | SolarWinds Platform: Mehrere Schwachstellen ermƶglichen Cross-Site Scripting | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0865 | Keycloak: Schwachstelle ermƶglicht Offenlegung von Informationen | 2026-03-25T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0864 | OpenBao: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0861 | Linux Kernel: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0860 | NGINX und NGINX Plus: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0858 | NATS Server: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0856 | OpenClaw: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-01T22:00:00.000+00:00 |
| wid-sec-w-2026-0855 | Xen: Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0854 | Squid: Mehrere Schwachstellen ermƶglichen Denial of Service | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0851 | IBM InfoSphere Information Server: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0850 | Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0849 | ImageMagick: Mehrere Schwachstellen ermƶglichen Denial of Service | 2026-03-24T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| wid-sec-w-2026-0847 | GitLab: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0845 | IBM WebSphere Application Server Liberty: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0844 | Hitachi Ops Center: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-25T23:00:00.000+00:00 |
| wid-sec-w-2026-0843 | Node.js: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-03-30T22:00:00.000+00:00 |
| wid-sec-w-2026-0837 | Google Chrome: Mehrere Schwachstellen | 2026-03-23T23:00:00.000+00:00 | 2026-03-26T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| va-26-092-01 | Bentley Systems iTwin Platform exposed access token | 2026-04-02T17:11:43Z | 2026-04-02T17:11:43Z |
| va-26-092-02 | Zscaler Client Connector hard-coded proxy configuration domain | 2026-04-02T13:54:30Z | 2026-04-02T13:54:30Z |
| icsa-26-092-02 | Yokogawa CENTUM VP | 2026-04-02T06:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-090-02 | PX4 Autopilot | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-26-090-01 | Anritsu Remote Spectrum Monitor | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-26-092-01 | Siemens SICAM 8 Products | 2026-03-26T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| va-26-084-01 | Nanoleaf Lines unauthenticated firmware file store | 2026-03-25T00:00:00Z | 2026-04-02T00:00:00Z |
| icsma-26-083-01 | Grassroots DICOM (GDCM) | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-01 | Pharos Controls Mosaic Show Controller | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-078-08 | Automated Logic WebCTRL Premium Server | 2026-03-19T06:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-07 | IGL-Technologies eParking.fi | 2026-03-19T05:00:00.000000Z | 2026-03-19T05:00:00.000000Z |
| icsa-26-078-06 | CTEK Chargeportal | 2026-03-19T05:00:00.000000Z | 2026-03-19T05:00:00.000000Z |
| icsa-26-071-06 | Inductive Automation Ignition Software | 2026-03-12T06:00:00.000000Z | 2026-03-13T06:00:00.000000Z |
| icsa-26-071-01 | Trane Tracer SC, Tracer SC+, and Tracer Concierge | 2026-03-12T06:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-26-083-02 | Schneider Electric EcoStruxure Foxboro DCS | 2026-03-10T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-078-04 | Schneider Electric EcoStruxure PME and EPO | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-03 | Schneider Electric EcoStruxure Automation Expert | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-02 | Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-01 | Schneider Electric Modicon M241, M251, and M262 | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-076-03 | Schneider Electric EcoStruxure Data Center Expert | 2026-03-10T07:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-069-03 | Honeywell IQ4x BMS Controller | 2026-03-10T06:00:00.000000Z | 2026-03-10T06:00:00.000000Z |
| icsa-26-069-02 | Lantronix EDS3000PS and EDS5000 | 2026-03-10T06:00:00.000000Z | 2026-03-10T06:00:00.000000Z |
| icsa-26-069-01 | Apeman Cameras | 2026-03-10T06:00:00.000000Z | 2026-03-10T06:00:00.000000Z |
| icsa-26-069-04 | Ceragon Siklu MultiHaul and EtherHaul Series | 2026-03-10T05:00:00.000000Z | 2026-03-10T05:00:00.000000Z |
| icsa-26-078-05 | Mitsubishi Electric CNC Series | 2026-03-10T00:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-076-04 | Siemens SICAM SIAPP SDK | 2026-03-10T00:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-071-05 | Siemens Heliox EV Chargers | 2026-03-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-26-071-04 | Siemens SIMATIC | 2026-03-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-26-071-03 | Siemens SIDIS Prime | 2026-03-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-26-071-02 | Siemens RUGGEDCOM APE1808 Devices | 2026-03-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ssm-cli-execution-chucwunr | Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-ndi-afw-rjurc5dz | Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-nd-ssrf-naen4o7r | Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-nd-cbid-5yqkoshu | Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-epnm-improp-auth-muwfwuu3 | Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cssm-priv-esc-xranouo8 | Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cimc-cmd-inj-3hkn3bvt | Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cimc-auth-bypass-agg2bxtn | Cisco Integrated Management Controller Authentication Bypass Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-xe-secureboot-bypass-b6uyxysz | Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-wlc-dos-hnx5kgom | Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-vmanage-xss-zqkhp9w9 | Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-scp-dos-duadxtcg | Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iox-xss-lpgkzwtj | Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iox-crlf-nvgktkjz | Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe_infodis-6j847ueb | Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe-tls-dos-tvgldezl | Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe-mntc-dos-lzweqcyq | Cisco IOS XE Software Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-04-02T19:43:54+00:00 |
| cisco-sa-iosxe-lobby-privesc-kwxbqjy | Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-ios-http-dos-sbv8xrpl | Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-bootp-wubhnbxa | Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-asa-ftd-ios-dos-kpepqggk | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-xrncs-epni-int-dos-twmffusn | Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-isis-dos-kdmxpszk | Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-iosxr-privesc-bf8d5u4w | Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-cc-xss-mrnah5jh | Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-snort3-multi-dos-xfwkwswz | Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-onprem-fmc-authbypass-5jpp45v2 | Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftdfmc-dir-trav-wergjhwq | Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftd-tcp-dos-rhfqnwrg | Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftd-snort-bypass-rlggkzvf | Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-33107 | Azure Databricks Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-33105 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32213 | Azure AI Foundry Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32211 | Azure MCP Server Information Disclosure Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32186 | Microsoft Bing Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-32173 | Azure SRE Agent Information Disclosure Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-26135 | Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability | 2026-04-02T07:00:00.000Z | 2026-04-02T07:00:00.000Z |
| msrc_cve-2026-35549 | CVE-2026-35549 | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:53.000Z |
| msrc_cve-2026-35535 | CVE-2026-35535 | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:45.000Z |
| msrc_cve-2026-35414 | CVE-2026-35414 | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:37.000Z |
| msrc_cve-2026-35388 | CVE-2026-35388 | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:08.000Z |
| msrc_cve-2026-35387 | CVE-2026-35387 | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:26.000Z |
| msrc_cve-2026-35386 | CVE-2026-35386 | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:20.000Z |
| msrc_cve-2026-35385 | CVE-2026-35385 | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:32.000Z |
| msrc_cve-2026-34990 | OpenPrinting CUPS: Local print admin token disclosure using temporary printers | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:45.000Z |
| msrc_cve-2026-34980 | OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:28.000Z |
| msrc_cve-2026-34979 | OpenPrinting CUPS: Heap overflow in `get_options()` | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:23.000Z |
| msrc_cve-2026-34978 | OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:34.000Z |
| msrc_cve-2026-34743 | XZ Utils: Buffer overflow in lzma_index_append() | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:38.000Z |
| msrc_cve-2026-34601 | xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion | 2026-04-02T00:00:00.000Z | 2026-04-04T01:02:47.000Z |
| msrc_cve-2026-31394 | mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:02.000Z |
| msrc_cve-2026-27456 | util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:24.000Z |
| msrc_cve-2026-27447 | OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:39.000Z |
| msrc_cve-2026-23473 | io_uring/poll: fix multishot recv missing EOF on wakeup race | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:50.000Z |
| msrc_cve-2026-23472 | serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN | 2026-04-02T00:00:00.000Z | 2026-04-05T01:01:55.000Z |
| msrc_cve-2026-23468 | drm/amdgpu: Limit BO list entry count to prevent resource exhaustion | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:13.000Z |
| msrc_cve-2026-23444 | wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:07.000Z |
| msrc_cve-2026-23442 | ipv6: add NULL checks for idev in SRv6 paths | 2026-04-02T00:00:00.000Z | 2026-04-05T01:02:19.000Z |
| msrc_cve-2026-23401 | KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE | 2026-04-02T00:00:00.000Z | 2026-04-03T01:39:03.000Z |
| msrc_cve-2026-32194 | Microsoft Bing Images Remote Code Execution Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-19T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0107 | Kwetsbaarheid verholpen in FortiClient EMS van Fortinet | 2026-04-04T13:49:19.002116Z | 2026-04-04T13:49:19.002116Z |
| ncsc-2026-0106 | Kwetsbaarheden verholpen in Cisco Integrated Management Controller | 2026-04-03T10:34:46.145536Z | 2026-04-03T10:34:46.145536Z |
| ncsc-2026-0105 | Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights | 2026-04-03T08:20:48.187725Z | 2026-04-03T08:20:48.187725Z |
| ncsc-2026-0104 | Kwetsbaarheden verholpen in Cisco IOS XE Software | 2026-03-26T09:50:03.269095Z | 2026-03-26T09:50:03.269095Z |
| ncsc-2026-0103 | Kwetsbaarheden verholpen in GitLab | 2026-03-26T09:48:10.874427Z | 2026-03-26T09:48:10.874427Z |
| ncsc-2026-0102 | Kwetsbaarheden verholpen in Apple macOS | 2026-03-25T14:15:56.073353Z | 2026-03-25T14:15:56.073353Z |
| ncsc-2026-0101 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-03-25T14:02:07.392994Z | 2026-03-25T14:02:07.392994Z |
| ncsc-2026-0100 | Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway | 2026-03-23T13:43:30.957806Z | 2026-03-23T13:43:30.957806Z |
| ncsc-2026-0099 | Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager | 2026-03-20T15:56:12.716324Z | 2026-03-20T15:56:12.716324Z |
| ncsc-2026-0098 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-03-13T08:41:19.155490Z | 2026-03-13T08:41:19.155490Z |
| ncsc-2026-0097 | Kwetsbaarheden verholpen in Google Chrome | 2026-03-13T08:33:43.877125Z | 2026-03-13T08:33:43.877125Z |
| ncsc-2026-0096 | Kwetsbaarheden verholpen in Veeam Backup & Replication | 2026-03-12T14:54:08.200676Z | 2026-03-12T14:54:08.200676Z |
| ncsc-2026-0095 | Kwetsbaarheid verholpen in pac4j-jwt | 2026-03-12T14:45:51.156512Z | 2026-03-12T14:45:51.156512Z |
| ncsc-2026-0094 | Kwetsbaarheden verholpen in Cisco IOS XR | 2026-03-12T14:44:08.106602Z | 2026-03-12T14:44:08.106602Z |
| ncsc-2026-0093 | Kwetsbaarheden verholpen in GitLab | 2026-03-12T14:42:46.936248Z | 2026-03-12T14:42:46.936248Z |
| ncsc-2026-0092 | Kwetsbaarheden verholpen in Fortinet FortiWeb | 2026-03-12T07:46:15.529522Z | 2026-03-12T07:46:15.529522Z |
| ncsc-2026-0091 | Kwetsbaarheden verholpen in SAP-producten | 2026-03-12T07:24:16.575638Z | 2026-03-12T07:24:16.575638Z |
| ncsc-2026-0090 | Kwetsbaarheden verholpen in Adobe Experience Manager | 2026-03-12T07:12:51.952931Z | 2026-03-12T07:12:51.952931Z |
| ncsc-2026-0089 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2026-03-12T07:03:24.148324Z | 2026-03-12T07:03:24.148324Z |
| ncsc-2026-0088 | Kwetsbaarheden verholpen in Adobe Illustrator | 2026-03-12T06:55:39.712240Z | 2026-03-12T06:55:39.712240Z |
| ncsc-2026-0087 | Kwetsbaarheden verholpen in Adobe Commerce | 2026-03-12T06:49:56.459199Z | 2026-03-12T06:49:56.459199Z |
| ncsc-2026-0086 | Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer | 2026-03-11T09:19:38.777277Z | 2026-03-11T09:19:38.777277Z |
| ncsc-2026-0085 | Kwetsbaarheden verholpen in Microsoft Developer tools | 2026-03-10T20:35:10.478398Z | 2026-03-10T20:35:10.478398Z |
| ncsc-2026-0084 | Kwetsbaarheden verholpen in Microsoft Office | 2026-03-10T20:20:08.157658Z | 2026-03-10T20:20:08.157658Z |
| ncsc-2026-0083 | Kwetsbaarheid verholpen in Microsoft Authenticator app | 2026-03-10T20:18:35.792755Z | 2026-03-10T20:18:35.792755Z |
| ncsc-2026-0082 | Kwetsbaarheden verholpen in Microsoft Azure | 2026-03-10T20:15:41.528951Z | 2026-03-10T20:15:41.528951Z |
| ncsc-2026-0081 | Kwetsbaarheden verholpen in Microsoft SQL Server | 2026-03-10T20:12:56.032261Z | 2026-03-10T20:12:56.032261Z |
| ncsc-2026-0080 | Kwetsbaarheden verholpen in Microsoft Windows | 2026-03-10T20:07:55.976638Z | 2026-03-10T20:07:55.976638Z |
| ncsc-2026-0079 | Kwetsbaarheden verholpen in Siemens producten | 2026-03-10T12:39:14.474522Z | 2026-03-10T12:39:14.474522Z |
| ncsc-2026-0078 | Kwetsbaarheden verholpen in Kibana | 2026-03-05T09:36:49.056247Z | 2026-03-05T09:36:49.056247Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:18-01 | Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:17-01 | HTML injection in Sensor Map in CMC before 25.6.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:16-01 | HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2024_1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2023_17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2023_12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023_9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10493-1 | SDL3_image-devel-3.4.2-1.1 on GA media | 2026-04-05T00:00:00Z | 2026-04-05T00:00:00Z |
| opensuse-su-2026:10485-1 | python311-Flask-Cors-6.0.2-1.1 on GA media | 2026-04-03T00:00:00Z | 2026-04-03T00:00:00Z |
| opensuse-su-2026:10484-1 | k6-1.7.1-1.1 on GA media | 2026-04-03T00:00:00Z | 2026-04-03T00:00:00Z |
| opensuse-su-2026:10483-1 | himmelblau-2.3.9+git0.a9fd29b-1.1 on GA media | 2026-04-03T00:00:00Z | 2026-04-03T00:00:00Z |
| opensuse-su-2026:10481-1 | python314-3.14.3-4.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10480-1 | python313-3.13.12-3.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10479-1 | python312-3.12.13-4.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10478-1 | python311-3.11.15-4.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10477-1 | python310-3.10.20-3.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10476-1 | python311-Pygments-2.20.0-2.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10475-1 | opensc-0.27.1-1.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10474-1 | ignition-2.26.0-3.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10473-1 | dnsdist-2.0.3-1.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10472-1 | conftest-0.67.1-2.1 on GA media | 2026-04-01T00:00:00Z | 2026-04-01T00:00:00Z |
| opensuse-su-2026:10464-1 | python311-pypdf-6.9.2-1.1 on GA media | 2026-03-30T00:00:00Z | 2026-03-30T00:00:00Z |
| opensuse-su-2026:10463-1 | netty-4.1.132-1.1 on GA media | 2026-03-30T00:00:00Z | 2026-03-30T00:00:00Z |
| opensuse-su-2026:10462-1 | heroic-games-launcher-2.20.1-4.1 on GA media | 2026-03-30T00:00:00Z | 2026-03-30T00:00:00Z |
| opensuse-su-2026:10457-1 | xen-4.21.1_02-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10456-1 | tailscale-1.96.4-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10455-1 | python311-requests-2.33.0-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10454-1 | python311-cryptography-46.0.6-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10453-1 | libpolkit-agent-1-0-127-3.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10452-1 | libjavamapscript-8.6.1-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10451-1 | libpng16-16-1.6.56-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10450-1 | incus-6.23-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10449-1 | gsl-2.8-5.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10448-1 | bind-9.20.21-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10447-1 | MozillaThunderbird-140.9.0-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10446-1 | ImageMagick-7.1.2.18-1.1 on GA media | 2026-03-28T00:00:00Z | 2026-03-28T00:00:00Z |
| opensuse-su-2026:10441-1 | strongswan-6.0.5-1.1 on GA media | 2026-03-26T00:00:00Z | 2026-03-26T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2026-0001 | OX Dovecot Security Advisory OXDC-ADV-2026-0001 | 2026-03-27T00:00:00+00:00 | 2026-03-27T00:00:00+00:00 |
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:6713 | Red Hat Security Advisory: ImageMagick security update | 2026-04-06T18:57:01+00:00 | 2026-04-06T22:26:28+00:00 |
| rhsa-2026:6712 | Red Hat Security Advisory: freerdp security update | 2026-04-06T18:44:31+00:00 | 2026-04-06T22:26:37+00:00 |
| rhsa-2026:6692 | Red Hat Security Advisory: kernel security update | 2026-04-06T16:24:30+00:00 | 2026-04-06T22:26:20+00:00 |
| rhsa-2026:6665 | Red Hat Security Advisory: freerdp security update | 2026-04-06T14:51:20+00:00 | 2026-04-06T22:26:33+00:00 |
| rhsa-2026:6647 | Red Hat Security Advisory: libarchive security update | 2026-04-06T09:32:55+00:00 | 2026-04-06T10:31:27+00:00 |
| rhsa-2026:6632 | Red Hat Security Advisory: kernel security update | 2026-04-06T08:09:40+00:00 | 2026-04-06T22:26:23+00:00 |
| rhsa-2026:6635 | Red Hat Security Advisory: fontforge security update | 2026-04-06T07:50:34+00:00 | 2026-04-06T10:35:40+00:00 |
| rhsa-2026:6630 | Red Hat Security Advisory: gnutls security update | 2026-04-06T07:24:34+00:00 | 2026-04-06T10:30:10+00:00 |
| rhsa-2026:6631 | Red Hat Security Advisory: fontforge security update | 2026-04-06T06:36:19+00:00 | 2026-04-06T10:35:39+00:00 |
| rhsa-2026:6628 | Red Hat Security Advisory: fontforge security update | 2026-04-06T05:23:14+00:00 | 2026-04-06T10:31:26+00:00 |
| rhsa-2026:6620 | Red Hat Security Advisory: vim security update | 2026-04-06T03:44:03+00:00 | 2026-04-06T10:31:24+00:00 |
| rhsa-2026:6621 | Red Hat Security Advisory: crun security update | 2026-04-06T03:41:18+00:00 | 2026-04-06T10:31:25+00:00 |
| rhsa-2026:6617 | Red Hat Security Advisory: vim security update | 2026-04-06T03:34:58+00:00 | 2026-04-06T10:31:22+00:00 |
| rhsa-2026:6618 | Red Hat Security Advisory: gnutls security update | 2026-04-06T03:33:23+00:00 | 2026-04-06T10:33:50+00:00 |
| rhsa-2026:6616 | Red Hat Security Advisory: freerdp security update | 2026-04-06T03:31:33+00:00 | 2026-04-06T22:26:32+00:00 |
| rhsa-2026:6622 | Red Hat Security Advisory: crun security update | 2026-04-06T03:28:23+00:00 | 2026-04-06T10:30:54+00:00 |
| rhsa-2026:6619 | Red Hat Security Advisory: vim security update | 2026-04-06T03:27:33+00:00 | 2026-04-06T10:31:27+00:00 |
| rhsa-2026:6570 | Red Hat Security Advisory: kernel security update | 2026-04-06T02:26:53+00:00 | 2026-04-06T10:30:44+00:00 |
| rhsa-2026:6571 | Red Hat Security Advisory: kernel security update | 2026-04-06T02:01:44+00:00 | 2026-04-06T10:30:47+00:00 |
| rhsa-2026:6572 | Red Hat Security Advisory: kernel-rt security update | 2026-04-06T01:38:53+00:00 | 2026-04-06T10:30:50+00:00 |
| rhsa-2026:6568 | Red Hat Security Advisory: Red Hat Quay 3.15.4 | 2026-04-03T22:07:28+00:00 | 2026-04-06T17:02:02+00:00 |
| rhsa-2026:6567 | Red Hat Security Advisory: Red Hat Quay 3.16.3 | 2026-04-03T15:21:25+00:00 | 2026-04-06T17:02:07+00:00 |
| rhsa-2026:6539 | Red Hat Security Advisory: vim security update | 2026-04-02T22:31:40+00:00 | 2026-04-06T10:31:19+00:00 |
| rhsa-2026:6540 | Red Hat Security Advisory: vim security update | 2026-04-02T22:08:24+00:00 | 2026-04-06T10:31:21+00:00 |
| rhsa-2026:6502 | Red Hat Security Advisory: vim security update | 2026-04-02T16:54:54+00:00 | 2026-04-06T10:31:18+00:00 |
| rhsa-2026:6499 | Red Hat Security Advisory: libxslt security update | 2026-04-02T16:39:09+00:00 | 2026-04-02T23:41:25+00:00 |
| rhsa-2026:6503 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update | 2026-04-02T16:38:29+00:00 | 2026-04-04T17:00:16+00:00 |
| rhsa-2026:6481 | Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.8 | 2026-04-02T16:17:10+00:00 | 2026-04-06T10:29:16+00:00 |
| rhsa-2026:6497 | Red Hat Security Advisory: Red Hat Quay 3.16.3 | 2026-04-02T15:17:12+00:00 | 2026-04-06T17:02:01+00:00 |
| rhsa-2026:6473 | Red Hat Security Advisory: python3 security update | 2026-04-02T14:18:33+00:00 | 2026-04-02T23:41:26+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2026-069-06 | Deserialization of Untrusted Data vulnerability on Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-05 | Use of Hard-coded Credentials vulnerability in EcoStruxureā¢ IT Data Center Expert | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-04 | Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxureā¢ Automation Expert | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-03 | Deserialization of Untrusted Data vulnerability on EcoStruxureā¢ Foxboro DCS | 2026-03-10T07:00:00.000Z | 2026-03-13T07:00:00.000Z |
| sevd-2026-069-02 | Improper Neutralization vulnerability in Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-31T07:00:00.000Z |
| sevd-2026-069-01 | Improper Resource Shutdown or Release vulnerability in Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-31T07:00:00.000Z |
| sevd-2026-041-02 | Multiple Vulnerabilities on EcoStruxureā¢ Building Operation Workstation and EcoStruxureā¢ Building Operation Webstation | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-041-01 | Improper Check for Unusual or Exceptional Conditions on Multiple Products | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-013-04 | Multiple Vulnerabilities on EcoStruxure Power Build Rapsody | 2026-01-13T08:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-013-03 | Multiple Vulnerabilities on Zigbee Products | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-02 | Incorrect Default Permissions Vulnerability on EcoStruxureā¢ Process Expert | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-01 | Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx | 2026-01-13T08:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2025-343-02 | EcoStruxureā¢ Foxboro DCS Advisor | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2025-343-01 | EcoStruxureā¢ Foxboro DCS | 2025-12-09T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-315-02 | EcoStruxureā¢ Machine SCADA Expert & Pro-face BLUE Open Studio | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-315-01 | PowerChuteā¢ Serial Shutdown | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-287-01 | EcoStruxureā¢ OPC UA Server Expert and EcoStruxureā¢ Modicon Communication Server | 2025-10-14T07:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-252-02 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-09-09T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-252-01 | Multiple Altivar Process Drives and Communication Modules | 2025-09-09T04:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2025-224-05 | Modicon M340 Controller and Communication Modules | 2025-08-12T04:00:00.000Z | 2025-08-12T04:00:00.000Z |
| sevd-2025-224-04 | EcoStruxureā¢ Building Operation Enterprise Server, EcoStruxureā¢ Building Operation Enterprise Central, and EcoStruxureā¢ Workstation | 2025-08-12T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-224-03 | Schneider Electric Software Update | 2025-08-12T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-224-02 | EcoStruxureā¢ Power Monitoring Expert Software & EcoStruxureā¢ Power Operation (EPO) and EcoStruxureā¢ Power SCADA Operation (PSO) | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-01 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-189-04 | EcoStruxureā¢ Power Monitoring Expert (PME) and EcoStruxureā¢ Power Operation (EPO) with Advanced Reporting and Dashboards | 2025-07-08T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-189-03 | EcoStruxureā¢ Power Operation | 2025-07-08T04:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-189-02 | System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs | 2025-07-08T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-189-01 | EcoStruxureā¢ IT Data Center Expert | 2025-07-08T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-161-03 | EVLink WallBox | 2025-06-10T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-161-02 | Modicon Controllers M241/M251/M258/LMC058/M262 | 2025-06-10T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2026-0006 | Vulnerabilities affecting SICK Lector85x and SICK Lector83x | 2026-03-06T14:00:00.000Z | 2026-03-06T14:00:00.000Z |
| sca-2026-0005 | Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 | 2026-02-27T14:00:00.000Z | 2026-02-27T14:00:00.000Z |
| sca-2026-0004 | Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products | 2026-02-13T14:00:00.000Z | 2026-02-13T14:00:00.000Z |
| sca-2026-0003 | Vulnerability affecting SICK nanoScan3 and microScan3 | 2026-01-26T14:00:00.000Z | 2026-01-26T14:00:00.000Z |
| sca-2026-0002 | Vulnerabilities affecting SICK Incoming Goods Suite | 2026-01-15T14:00:00.000Z | 2026-01-22T19:00:00.000Z |
| sca-2026-0001 | Vulnerabilities affecting SICK TDC-X401GL | 2026-01-15T14:00:00.000Z | 2026-01-15T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-246443 | SSA-246443: Multiple Vulnerabilities in SICAM 8 Products | 2026-03-26T00:00:00.000Z | 2026-03-26T00:00:00.000Z |
| ssa-975644 | SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-903736 | SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-485750 | SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-452276 | SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 | 2026-03-10T00:00:00.000Z | 2026-03-19T00:00:00.000Z |
| ssa-126399 | SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-965753 | SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-625934 | SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-535115 | SSA-535115: Data Validation Vulnerability in NX Before V2512 | 2026-02-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-507364 | SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-445819 | SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-311973 | SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-035571 | SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-089022 | SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 | 2026-01-28T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-827968 | SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-674753 | SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices | 2026-01-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-192617 | SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-014678 | SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-001536 | SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:1179-1 | Security update for libsoup2 | 2026-04-02T15:08:33Z | 2026-04-02T15:08:33Z |
| suse-su-2026:1177-1 | Security update for tar | 2026-04-02T15:00:45Z | 2026-04-02T15:00:45Z |
| suse-su-2026:1174-1 | Security update for LibVNCServer | 2026-04-02T12:43:24Z | 2026-04-02T12:43:24Z |
| suse-su-2026:1173-1 | Security update for LibVNCServer | 2026-04-02T12:43:10Z | 2026-04-02T12:43:10Z |
| suse-su-2026:1171-1 | Security update for python-tornado | 2026-04-02T08:56:19Z | 2026-04-02T08:56:19Z |
| suse-su-2026:1170-1 | Security update for perl-Crypt-URandom | 2026-04-02T08:42:05Z | 2026-04-02T08:42:05Z |
| suse-su-2026:1169-1 | Security update for wireshark | 2026-04-02T08:29:30Z | 2026-04-02T08:29:30Z |
| suse-su-2026:1166-1 | Security update for expat | 2026-04-02T01:08:26Z | 2026-04-02T01:08:26Z |
| suse-su-2026:1165-1 | Security update for freerdp | 2026-04-01T13:40:57Z | 2026-04-01T13:40:57Z |
| suse-su-2026:1164-1 | Security update for freerdp2 | 2026-04-01T13:40:49Z | 2026-04-01T13:40:49Z |
| suse-su-2026:1163-1 | Security update for MozillaThunderbird | 2026-04-01T08:49:11Z | 2026-04-01T08:49:11Z |
| suse-su-2026:1162-1 | Security update for python-tornado | 2026-03-31T22:02:18Z | 2026-03-31T22:02:18Z |
| suse-su-2026:1160-1 | Security update for freerdp | 2026-03-31T15:03:59Z | 2026-03-31T15:03:59Z |
| suse-su-2026:1159-1 | Security update for expat | 2026-03-31T15:03:48Z | 2026-03-31T15:03:48Z |
| suse-su-2026:1158-1 | Security update for python-pyasn1 | 2026-03-31T11:55:53Z | 2026-03-31T11:55:53Z |
| suse-su-2026:1154-1 | Security update for libjxl | 2026-03-31T09:04:47Z | 2026-03-31T09:04:47Z |
| suse-su-2026:0227-2 | Security update for net-snmp | 2026-03-31T08:48:04Z | 2026-03-31T08:48:04Z |
| suse-su-2026:1153-1 | Security update for perl-XML-Parser | 2026-03-31T08:40:07Z | 2026-03-31T08:40:07Z |
| suse-su-2026:1152-1 | Security update for perl-XML-Parser | 2026-03-31T08:28:50Z | 2026-03-31T08:28:50Z |
| suse-su-2026:1150-1 | Security update for webkit2gtk3 | 2026-03-30T17:34:50Z | 2026-03-30T17:34:50Z |
| suse-su-2026:1149-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T13:44:05Z | 2026-03-30T13:44:05Z |
| suse-su-2026:1148-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T11:21:20Z | 2026-03-30T11:21:20Z |
| suse-su-2026:1146-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:17:48Z | 2026-03-30T09:17:48Z |
| suse-su-2026:1142-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:16:26Z | 2026-03-30T09:16:26Z |
| suse-su-2026:1141-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:16:08Z | 2026-03-30T09:16:08Z |
| suse-su-2026:1140-1 | Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools | 2026-03-30T09:15:49Z | 2026-03-30T09:15:49Z |
| suse-su-2026:1139-1 | Security update for webkit2gtk3 | 2026-03-30T09:13:58Z | 2026-03-30T09:13:58Z |
| suse-su-2026:1137-1 | Security update for expat | 2026-03-28T02:34:02Z | 2026-03-28T02:34:02Z |
| suse-su-2026:1136-1 | Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7) | 2026-03-27T18:04:04Z | 2026-03-27T18:04:04Z |
| suse-su-2026:1132-1 | Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) | 2026-03-27T16:04:11Z | 2026-03-27T16:04:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:6390 | Moderate: rsync security update | 2026-04-01T00:00:00Z | 2026-04-02T09:23:33Z |
| alsa-2026:6383 | Important: grafana-pcp security update | 2026-04-01T00:00:00Z | 2026-04-02T09:15:46Z |
| alsa-2026:6382 | Important: grafana security update | 2026-04-01T00:00:00Z | 2026-04-02T09:12:36Z |
| alsa-2026:6342 | Important: thunderbird security update | 2026-04-01T00:00:00Z | 2026-04-01T11:59:47Z |
| alsa-2026:6340 | Important: freerdp security update | 2026-04-01T00:00:00Z | 2026-04-02T09:09:13Z |
| alsa-2026:6301 | Important: squid security update | 2026-03-31T00:00:00Z | 2026-04-01T09:27:45Z |
| alsa-2026:6286 | Important: python3.11 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:15:24Z |
| alsa-2026:6285 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:07:09Z |
| alsa-2026:6283 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T08:56:58Z |
| alsa-2026:6281 | Important: python3.11 security update | 2026-03-31T00:00:00Z | 2026-04-01T08:52:26Z |
| alsa-2026:6266 | Moderate: libxslt security update | 2026-03-31T00:00:00Z | 2026-04-01T09:19:08Z |
| alsa-2026:6256 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:23:35Z |
| alsa-2026:6188 | Important: thunderbird security update | 2026-03-30T00:00:00Z | 2026-04-02T08:18:50Z |
| alsa-2026:6153 | Moderate: kernel security update | 2026-03-30T00:00:00Z | 2026-04-02T08:46:53Z |
| alsa-2026:6037 | Moderate: kernel security update | 2026-03-30T00:00:00Z | 2026-03-30T10:55:07Z |
| alsa-2026:6036 | Moderate: kernel-rt security update | 2026-03-30T00:00:00Z | 2026-03-30T10:51:16Z |
| alsa-2026:6004 | Important: freerdp security update | 2026-03-30T00:00:00Z | 2026-03-31T08:19:51Z |
| alsa-2026:5942 | Important: golang security update | 2026-03-26T00:00:00Z | 2026-03-27T10:17:44Z |
| alsa-2026:5941 | Important: golang security update | 2026-03-26T00:00:00Z | 2026-03-27T10:26:32Z |
| alsa-2026:5939 | Important: freerdp security update | 2026-03-26T00:00:00Z | 2026-03-27T10:28:32Z |
| alsa-2026:5932 | Important: firefox security update | 2026-03-26T00:00:00Z | 2026-03-30T10:46:04Z |
| alsa-2026:5931 | Important: firefox security update | 2026-03-26T00:00:00Z | 2026-03-30T10:43:43Z |
| alsa-2026:5930 | Important: firefox security update | 2026-03-26T00:00:00Z | 2026-03-30T11:00:48Z |
| alsa-2026:5913 | Moderate: ncurses security update | 2026-03-26T00:00:00Z | 2026-03-27T10:30:59Z |
| alsa-2026:5640 | Moderate: mysql:8.4 security update | 2026-03-24T00:00:00Z | 2026-03-26T11:56:07Z |
| alsa-2026:5603 | Moderate: opencryptoki security update | 2026-03-24T00:00:00Z | 2026-03-26T10:00:53Z |
| alsa-2026:5602 | Moderate: vim security update | 2026-03-24T00:00:00Z | 2026-03-26T10:18:47Z |
| alsa-2026:5599 | Moderate: nginx security update | 2026-03-24T00:00:00Z | 2026-03-26T13:22:57Z |
| alsa-2026:5588 | Moderate: python3 security update | 2026-03-24T00:00:00Z | 2026-03-26T10:36:35Z |
| alsa-2026:5587 | Moderate: opencryptoki security update | 2026-03-24T00:00:00Z | 2026-03-26T10:48:17Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2026-0004 | Hackage package metadata stored XSS vulnerability | 2026-03-28T16:05:12Z | 2026-03-28T16:05:12Z |
| hsec-2026-0002 | Hackage CSRF vulnerability | 2026-03-28T16:04:58Z | 2026-03-28T16:04:58Z |
| hsec-2024-0004 | Hackage package and doc upload stored XSS vulnerability | 2026-01-16T11:18:20Z | 2026-01-16T11:18:20Z |
| hsec-2025-0007 | cmark-gfm: resource exhaustion due to quadratic complexity in parser | 2025-12-27T08:58:56Z | 2025-12-27T08:58:56Z |
| hsec-2025-0006 | Private key leak via inherited file descriptor | 2025-11-17T02:22:38Z | 2025-11-17T02:22:38Z |
| hsec-2025-0005 | cabal-install dependency confusion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0004 | Broken Path Sanitization in spacecookie Library | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0003 | Use after free in multithreaded lzma (.xz) decoder | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0002 | Double Public Key Signing Function Oracle Attack on Ed25519 | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0001 | Subword division operations may produce incorrect results | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0009 | Public key confusion in third-party blocks | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0008 | Sign extension error in the PPC64le FFI | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0007 | Sign extension error in the AArch64 NCG | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0006 | fromIntegral: conversion error | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0003 | process: command injection via argument list on Windows | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0002 | out-of-bounds write when there are many bzip2 selectors | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0001 | Reflected XSS vulnerability in keter | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0015 | cabal-install uses expired key policies | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0014 | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0013 | git-annex plaintext storage of embedded credentials on encrypted remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0012 | git-annex checksum exposure to encrypted special remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0011 | git-annex GPG decryption attack via compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0010 | git-annex private data exfiltration to compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0009 | git-annex command injection via malicious SSH hostname | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0008 | Stored XSS in hledger-web | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0007 | readFloat: memory exhaustion with large exponent | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0006 | x509-validation does not enforce pathLenConstraint | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0005 | tls-extra: certificate validation does not check Basic Constraints | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0004 | xml-conduit unbounded entity expansion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0003 | code injection in xmonad-contrib | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osec-2026-02 | ARP unbounded memory usage | 2026-02-18T10:30:00Z | 2026-02-18T10:30:00Z |
| osec-2026-01 | Buffer Over-Read in OCaml Marshal Deserialization | 2026-02-17T13:30:00Z | 2026-02-27T09:30:00Z |
| osec-2025-01 | Albatross console out of memory | 2025-08-15T00:18:22Z | 2026-01-13T12:00:00Z |
| osec-2023-01 | Time of check time of use issue in opam's cache | 2023-05-25T12:00:00Z | 2026-01-09T12:00:00Z |
| osec-2022-01 | Infinite loop in console output on xen | 2022-12-07T00:00:00Z | 2026-02-18T09:30:00Z |
| osec-2019-02 | Grant unshare vulnerability in mirage-xen | 2019-04-26T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-01 | Memory disclosure in mirage-net-xen | 2019-03-21T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2018-01 | An integer overflow in the `bigarray` serialization module leads to arbitrary code execution | 2018-04-06T18:29:00Z | 2025-12-16T12:00:00Z |
| osec-2017-01 | Local privilege escalation issue with ocaml binaries | 2017-06-23T15:19:47Z | 2025-12-16T12:00:00Z |
| osec-2016-02 | Memory disclosure in mirage-net-xen | 2016-05-03T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2016-01 | Buffer overflow and information leak in OCaml < 4.03.0 | 2016-04-29T00:18:22Z | 2026-01-01T12:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2026-532 | Heap-buffer-overflow in regsub | 2026-04-05T00:06:36.291055Z | 2026-04-05T00:06:36.291504Z |
| osv-2026-518 | Use-of-uninitialized-value in ne_read_block | 2026-04-03T00:21:06.950773Z | 2026-04-03T00:21:06.951035Z |
| osv-2026-514 | Heap-buffer-overflow in format_expand1 | 2026-04-03T00:09:42.155641Z | 2026-04-03T00:09:42.155954Z |
| osv-2026-512 | Heap-buffer-overflow in g_utf8_get_char | 2026-04-03T00:07:59.707776Z | 2026-04-03T00:07:59.708039Z |
| osv-2026-504 | Heap-use-after-free in ObjectStream::getObject | 2026-04-02T00:16:28.228723Z | 2026-04-02T00:16:28.229037Z |
| osv-2026-461 | UNKNOWN READ in XRef::constructObjectEntry | 2026-03-26T00:17:47.551046Z | 2026-03-26T00:17:47.551361Z |
| osv-2026-455 | UNKNOWN READ in mkv::matroska_segment_c::TrackInit | 2026-03-25T00:20:51.448743Z | 2026-03-25T00:20:51.449185Z |
| osv-2026-437 | Heap-use-after-free in tf::Executor::_invoke | 2026-03-23T00:02:28.277984Z | 2026-03-23T14:25:41.819255Z |
| osv-2026-417 | Segv on unknown address in arrow::Array::IsNull | 2026-03-18T00:18:35.139866Z | 2026-03-18T00:18:35.140154Z |
| osv-2026-371 | Heap-buffer-overflow in tinyobj::tryParseDouble | 2026-03-09T00:09:41.689616Z | 2026-03-09T00:09:41.689926Z |
| osv-2026-359 | Segv on unknown address in gpsd_vlog | 2026-03-07T00:03:40.062221Z | 2026-03-07T00:03:40.062505Z |
| osv-2026-350 | UNKNOWN READ in bfd_getl32 | 2026-03-04T00:14:56.651284Z | 2026-03-14T18:43:19.427139Z |
| osv-2026-338 | Use-of-uninitialized-value in pjsip_auth_clt_init_req | 2026-03-03T00:09:55.520965Z | 2026-03-03T00:09:55.521245Z |
| osv-2026-311 | UNKNOWN READ in strncasecmp | 2026-02-26T00:16:50.091819Z | 2026-02-26T00:16:50.092121Z |
| osv-2026-308 | Heap-buffer-overflow in vcardstructured_new_from_string | 2026-02-25T00:19:49.963815Z | 2026-02-25T00:19:49.964188Z |
| osv-2026-307 | Global-buffer-overflow in navcom_parse | 2026-02-25T00:16:23.864362Z | 2026-02-25T00:16:23.864694Z |
| osv-2026-304 | Heap-use-after-free in tf::Executor::_invoke | 2026-02-25T00:09:10.290694Z | 2026-02-25T00:09:10.291030Z |
| osv-2026-300 | UNKNOWN WRITE in nmeaid_to_prn | 2026-02-25T00:06:00.225480Z | 2026-02-25T00:06:00.225972Z |
| osv-2026-297 | Security exception in org.apache.poi.util.IOUtils.safelyAllocate | 2026-02-24T00:02:29.789817Z | 2026-02-24T00:02:29.790144Z |
| osv-2026-292 | UNKNOWN WRITE in <wasmtime::runtime::func::Func>::call_unchecked_raw::< | 2026-02-23T00:19:15.717984Z | 2026-02-23T00:19:15.718280Z |
| osv-2026-272 | Heap-use-after-free in vcardproperty_get_value | 2026-02-21T00:20:10.455944Z | 2026-02-21T00:20:10.456357Z |
| osv-2026-261 | Segv on unknown address in ___interceptor_strtol | 2026-02-19T00:09:21.893775Z | 2026-02-19T00:09:21.894076Z |
| osv-2026-259 | Use-of-uninitialized-value in tsip_parse_input | 2026-02-18T00:14:29.378028Z | 2026-02-18T00:14:29.378341Z |
| osv-2026-255 | UNKNOWN WRITE in nmeaid_to_prn | 2026-02-17T00:17:19.574579Z | 2026-02-17T00:17:19.574905Z |
| osv-2026-244 | Use-of-uninitialized-value in ihevcd_fmt_conv | 2026-02-15T00:03:36.246033Z | 2026-02-15T00:03:36.246568Z |
| osv-2026-242 | Use-of-uninitialized-value in ntrip_parse_url | 2026-02-14T00:17:42.945923Z | 2026-02-14T00:17:42.946299Z |
| osv-2026-240 | Use-of-uninitialized-value in packet_get1 | 2026-02-14T00:09:50.559032Z | 2026-02-14T00:09:50.559326Z |
| osv-2026-229 | Segv on unknown address in aiAnimation::~aiAnimation | 2026-02-11T00:12:18.313233Z | 2026-02-11T00:12:18.313574Z |
| osv-2026-226 | UNKNOWN WRITE in decode_xa2_00 | 2026-02-11T00:10:08.757600Z | 2026-02-11T00:10:08.757920Z |
| osv-2026-216 | Heap-buffer-overflow in mg_mqtt_next_prop | 2026-02-10T00:08:51.349946Z | 2026-02-11T14:08:38.238200Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2026-0081 | `logtrace` was removed from crates.io for malicious code | 2026-04-05T12:00:00Z | 2026-04-05T23:52:05Z |
| rustsec-2026-0078 | Symbol confusion after hasher panic in `intaglio` interners | 2026-03-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2026-0065 | `tokio-signal` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0064 | `tokio-udp` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0063 | `tokio-executor` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0062 | `tokio-compat` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0061 | `tokio-fs` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0060 | `tokio-timer` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0059 | `tokio-tcp` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0058 | `tokio-io` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0057 | `tokio-reactor` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0056 | `tokio-codec` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0055 | `tokio-process` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0054 | `tokio-current-thread` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0053 | `tokio-tls` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0052 | `tokio-sync` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0051 | `tokio-threadpool` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0050 | `tokio-uds` is unmaintained | 2026-03-20T12:00:00Z | 2026-03-20T22:26:59Z |
| rustsec-2026-0049 | CRLs not considered authoritative by Distribution Point due to faulty matching logic | 2026-03-20T12:00:00Z | 2026-03-24T08:22:29Z |
| rustsec-2026-0068 | tar-rs incorrectly ignores PAX size headers if header size is nonzero | 2026-03-19T12:00:00Z | 2026-03-23T09:31:59Z |
| rustsec-2026-0067 | `unpack_in` can chmod arbitrary directories by following symlinks | 2026-03-19T12:00:00Z | 2026-03-23T09:31:59Z |
| rustsec-2026-0048 | CRL Distribution Point Scope Check Logic Error in AWS-LC | 2026-03-19T12:00:00Z | 2026-03-20T17:11:58Z |
| rustsec-2026-0044 | AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN | 2026-03-19T12:00:00Z | 2026-03-20T17:11:58Z |
| rustsec-2026-0042 | CRL Distribution Point Scope Check Logic Error in AWS-LC | 2026-03-19T12:00:00Z | 2026-03-20T17:11:58Z |
| rustsec-2026-0066 | Insufficient validation of PAX extensions during extraction | 2026-03-17T12:00:00Z | 2026-03-23T09:31:59Z |
| rustsec-2026-0041 | Decompressing invalid data can leak information from uninitialized memory or reused output buffer | 2026-03-17T12:00:00Z | 2026-03-17T16:08:45Z |
| rustsec-2026-0040 | `tracing-ethers` was removed from crates.io due to malicious code | 2026-03-14T12:00:00Z | 2026-03-17T22:31:38Z |
| rustsec-2026-0039 | `chrono_anchor` was removed from crates.io due to malicious code | 2026-03-10T12:00:00Z | 2026-03-17T22:31:38Z |
| rustsec-2026-0037 | Denial of service in Quinn endpoints | 2026-03-09T12:00:00Z | 2026-03-14T07:21:57Z |
| rustsec-2026-0038 | RustSec Advisory | 2026-03-08T12:00:00Z | 2026-03-11T06:21:51Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-parse-2026-34784 | Parse Server: Streaming file download bypasses afterFind file trigger authorization | 2026-04-06T14:49:38.726Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34595 | Parse Server: LiveQuery protected-field guard bypass via array-like logical operator value | 2026-04-06T14:49:36.710Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34574 | Parse Server: Session field immutability bypass via falsy-value guard | 2026-04-06T14:49:34.810Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34573 | Parse Server: GraphQL complexity validator exponential fragment traversal DoS | 2026-04-06T14:49:33.069Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34532 | Parse Server: Cloud function validator bypass via prototype chain traversal | 2026-04-06T14:49:31.298Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34373 | Parse Server: GraphQL API endpoint ignores CORS origin restriction | 2026-04-06T14:49:29.676Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34363 | Parse Server: LiveQuery protected field leak via shared mutable state across concurrent subscribers | 2026-04-06T14:49:27.983Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34224 | Parse Server: MFA single-use token bypass via concurrent authData login requests | 2026-04-06T14:49:26.245Z | 2026-04-06T15:13:09.641Z |
| bit-parse-2026-34215 | Parse Server: Auth data exposed via verify password endpoint | 2026-04-06T14:49:24.609Z | 2026-04-06T15:13:09.641Z |
| bit-minio-2026-34204 | MinIO is Vulnerable to SSE Metadata Injection via Replication Headers | 2026-04-06T09:26:13.602Z | 2026-04-06T11:34:08.453Z |
| bit-node-2026-21717 | 2026-04-06T07:58:47.295Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21716 | 2026-04-06T07:58:44.008Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21715 | 2026-04-06T07:58:41.424Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21714 | 2026-04-06T07:58:38.953Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21713 | 2026-04-06T07:58:36.353Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21712 | 2026-04-06T07:58:33.472Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21711 | 2026-04-06T07:58:30.648Z | 2026-04-06T08:26:41.107Z | |
| bit-node-2026-21710 | 2026-04-06T07:58:28.068Z | 2026-04-06T08:26:41.107Z | |
| bit-mongodb-2026-5170 | Users could trigger a crash of mongod primaries during promotion to sharded | 2026-04-06T07:54:20.562Z | 2026-04-06T08:26:41.107Z |
| bit-mongodb-2026-4358 | Memory safety issues in slot-based execution hash table spill | 2026-04-06T07:54:17.803Z | 2026-04-06T08:26:41.107Z |
| bit-grafana-2026-21724 | Missing Protected-field Authorization in Provisioning Contact Points API | 2026-04-06T07:50:18.770Z | 2026-04-06T08:26:41.107Z |
| bit-kyverno-2026-4789 | CVE-2026-4789 | 2026-04-06T07:49:20.364Z | 2026-04-06T08:26:41.107Z |
| bit-dotnet-2026-26131 | .NET Elevation of Privilege Vulnerability | 2026-04-06T07:48:26.731Z | 2026-04-06T08:26:41.107Z |
| bit-dotnet-2026-26127 | .NET Denial of Service Vulnerability | 2026-04-06T07:48:23.759Z | 2026-04-06T08:26:41.107Z |
| bit-cilium-2026-33726 | Cilium L7 proxy may bypass Kubernetes NetworkPolicy for same-node traffic | 2026-04-06T07:45:24.262Z | 2026-04-06T08:26:41.107Z |
| bit-grafana-2026-33375 | Grafana MSSQL Data Source Plugin: Restriction Bypass Leading to OOM DoS | 2026-04-01T08:41:17.463Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-28375 | Grafana Testdata datasource can issue unbounded memory allocations | 2026-04-01T08:41:15.363Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-27880 | OpenFeature evaluation API reads input data with no bounds | 2026-04-01T08:41:13.459Z | 2026-04-06T15:13:09.641Z |
| bit-grafana-2026-27879 | Query resampling can cause unbounded memory allocations | 2026-04-01T08:41:11.477Z | 2026-04-01T09:11:42.692Z |
| bit-grafana-2026-27877 | Public dashboards discloses all direct mode datasources | 2026-04-01T08:41:09.536Z | 2026-04-06T15:13:09.641Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-kf75900 | In libexpat before 2 | 2026-04-06T06:20:25.150640Z | 2026-04-06T04:56:02Z |
| cleanstart-2026-jl41223 | In libexpat before 2 | 2026-04-06T06:19:55.229801Z | 2026-04-06T04:56:02Z |
| cleanstart-2026-ob18608 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-06T06:19:25.639311Z | 2026-04-06T04:56:02Z |
| cleanstart-2026-jg79570 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-06T06:19:24.747052Z | 2026-04-06T04:56:02Z |
| cleanstart-2026-dz75075 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-06T06:19:24.775093Z | 2026-04-06T04:56:02Z |
| cleanstart-2026-mu54962 | Security fixes for ghsa-527x-5wrf-22m2, ghsa-g754-hx8w-x2g6, ghsa-jgfp-53c3-624w, ghsa-px8v-pp82-rcvr, ghsa-vv39-3w5q-974q applied in versions: 1.25.0-r0, 1.26.7-r0 | 2026-04-06T02:54:48.662994Z | 2026-04-01T11:32:34Z |
| cleanstart-2026-hj96712 | Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 | 2026-04-06T02:53:02.079256Z | 2026-04-01T11:32:34Z |
| cleanstart-2026-po55014 | Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 | 2026-04-06T02:53:00.589014Z | 2026-04-01T11:32:34Z |
| cleanstart-2026-bl95928 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-06T02:52:47.736498Z | 2026-04-01T11:32:34Z |
| cleanstart-2026-kc06018 | Security fixes for CVE-2017-12158, CVE-2017-12159, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-4cx2-fc23-5wg6, ghsa-5rfx-cp42-p624, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-9342-92gg-6v29, ghsa-cbdj-484d-3x9q, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.1.4-r1, 26.5.0-r0, 26.5.0-r1, 26.5.0-r2, 26.5.6-r3 | 2026-04-06T02:52:37.677608Z | 2026-04-01T11:37:49Z |
| cleanstart-2026-nb78893 | Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-64715, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33726 applied in versions: 0.13.3-r0, 0.13.3-r1 | 2026-04-06T02:52:24.792809Z | 2026-04-01T13:08:16Z |
| cleanstart-2026-mq18886 | Security fixes for CVE-2026-22735, CVE-2026-22737 applied in versions: 6.2.3-r0 | 2026-04-06T02:52:03.544300Z | 2026-04-01T11:39:45Z |
| cleanstart-2026-ip72442 | Security fixes for CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1 | 2026-04-06T02:52:00.185166Z | 2026-04-01T14:41:16Z |
| cleanstart-2026-ly39171 | Security fixes for CVE-2026-33186 applied in versions: 3.1.4-r0 | 2026-04-06T02:51:58.911697Z | 2026-04-01T11:39:45Z |
| cleanstart-2026-ag21538 | Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 | 2026-04-06T02:50:01.578746Z | 2026-04-02T04:45:04Z |
| cleanstart-2026-an95970 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-06T02:49:57.502118Z | 2026-04-02T04:45:04Z |
| cleanstart-2026-ny32236 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-06T02:49:48.749661Z | 2026-04-02T04:45:04Z |
| cleanstart-2026-io43826 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-06T02:49:47.698715Z | 2026-04-02T04:45:04Z |
| cleanstart-2026-gn22652 | Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 | 2026-04-06T02:48:55.605608Z | 2026-04-03T06:50:37Z |
| cleanstart-2026-lc01167 | Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2 | 2026-04-06T02:48:42.431061Z | 2026-04-03T06:52:41Z |
| cleanstart-2026-hl08143 | Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 | 2026-04-06T02:48:38.996528Z | 2026-04-03T06:50:37Z |
| cleanstart-2026-dm25112 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-06T02:48:32.316783Z | 2026-04-03T06:50:37Z |
| cleanstart-2026-gm09342 | Security fixes for CVE-2025-68121, CVE-2026-26958, ghsa-fw7p-63qq-7hpr, ghsa-mqqf-5wvp-8fh8 applied in versions: 0.29.0-r0, 0.29.0-r1 | 2026-04-06T02:48:25.848581Z | 2026-04-03T06:51:44Z |
| cleanstart-2026-dm62512 | Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.35.0-r0 | 2026-04-06T02:48:21.440386Z | 2026-04-03T06:57:54Z |
| cleanstart-2026-lr09759 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-06T02:46:06.138686Z | 2026-04-03T07:10:19Z |
| cleanstart-2026-li54613 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-06T02:45:58.881296Z | 2026-04-03T07:10:19Z |
| cleanstart-2026-nd57973 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-06T02:45:57.693609Z | 2026-04-03T07:10:19Z |
| cleanstart-2026-ml41879 | Security fixes for CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.0-r0, 1.14.0-r1, 1.14.1-r0 | 2026-04-06T02:45:36.057138Z | 2026-04-03T07:11:16Z |
| cleanstart-2026-dq17669 | Security fixes for CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.1-r1 | 2026-04-06T02:45:34.659600Z | 2026-04-03T07:13:53Z |
| cleanstart-2026-kt25851 | Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r1 | 2026-04-06T02:44:54.790204Z | 2026-04-03T08:04:33Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2026-031 | 2026-04-01T16:38:14.000Z | 2026-04-02T14:13:13.000Z | |
| drupal-contrib-2026-030 | 2026-03-18T16:10:00.000Z | 2026-03-18T16:10:00.000Z | |
| drupal-contrib-2026-029 | 2026-03-11T16:35:02.000Z | 2026-03-26T19:50:52.000Z | |
| drupal-contrib-2026-028 | 2026-03-11T16:33:14.000Z | 2026-03-26T19:43:59.000Z | |
| drupal-contrib-2026-027 | 2026-03-04T18:02:59.000Z | 2026-03-04T18:02:59.000Z | |
| drupal-contrib-2026-026 | 2026-03-04T18:02:14.000Z | 2026-03-04T18:02:14.000Z | |
| drupal-contrib-2026-025 | 2026-03-04T18:00:41.000Z | 2026-03-04T18:00:41.000Z | |
| drupal-contrib-2026-024 | 2026-03-04T17:59:51.000Z | 2026-03-05T14:03:05.000Z | |
| drupal-contrib-2026-023 | 2026-03-04T17:58:55.000Z | 2026-03-04T17:58:55.000Z | |
| drupal-contrib-2026-022 | 2026-03-04T17:57:58.000Z | 2026-03-04T17:57:58.000Z | |
| drupal-contrib-2026-021 | 2026-03-04T17:56:18.000Z | 2026-03-04T17:56:18.000Z | |
| drupal-contrib-2026-020 | 2026-03-04T17:54:27.000Z | 2026-03-04T17:54:27.000Z | |
| drupal-contrib-2026-019 | 2026-02-25T18:51:43.000Z | 2026-02-25T18:51:43.000Z | |
| drupal-contrib-2026-018 | 2026-02-25T18:51:26.000Z | 2026-02-25T18:51:26.000Z | |
| drupal-contrib-2026-017 | 2026-02-25T18:51:01.000Z | 2026-02-25T18:51:01.000Z | |
| drupal-contrib-2026-016 | 2026-02-25T18:49:59.000Z | 2026-02-25T19:30:03.000Z | |
| drupal-contrib-2026-015 | 2026-02-25T18:47:57.000Z | 2026-03-17T13:20:54.000Z | |
| drupal-contrib-2026-014 | 2026-02-25T18:46:10.000Z | 2026-02-25T18:46:10.000Z | |
| drupal-contrib-2026-013 | 2026-02-25T18:45:13.000Z | 2026-02-25T18:45:13.000Z | |
| drupal-contrib-2026-012 | 2026-02-25T18:44:38.000Z | 2026-02-25T18:44:38.000Z | |
| drupal-contrib-2026-011 | 2026-02-25T18:43:32.000Z | 2026-02-25T18:43:32.000Z | |
| drupal-contrib-2026-010 | 2026-02-11T16:54:18.000Z | 2026-02-25T17:17:46.000Z | |
| drupal-contrib-2026-009 | 2026-02-11T16:53:32.000Z | 2026-02-12T15:37:20.000Z | |
| drupal-contrib-2026-008 | 2026-02-04T17:23:40.000Z | 2026-02-04T17:23:40.000Z | |
| drupal-contrib-2025-110 | 2025-09-24T17:27:41.000Z | 2025-09-24T17:27:41.000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-ale-004 | VulnƩrabilitƩ dans F5 BIG-IP Access Policy Manager | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-ale-003 | Note dāalerte ā Ciblage des messageries instantanĆ©es | 2026-03-20T00:00:00.000000 | 2026-03-20T00:00:00.000000 |
| certfr-2026-ale-002 | [MĆ J] VulnĆ©rabilitĆ© dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-03-26T00:00:00.000000 |
| certfr-2026-ale-001 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| CERTFR-2026-ALE-001 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| certfr-2025-ale-014 | [MĆ J] VulnĆ©rabilitĆ© dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| CERTFR-2025-ALE-014 | [MĆ J] VulnĆ©rabilitĆ© dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2025-ale-013 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| CERTFR-2025-ALE-013 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-ale-012 | VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-ALE-012 | VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sƩcuritƩ dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| CERTFR-2025-ALE-011 | Incidents de sƩcuritƩ dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-010 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| CERTFR-2025-ALE-010 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| CERTFR-2025-ALE-009 | Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-008 | [MĆ J] VulnĆ©rabilitĆ© dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| CERTFR-2025-ALE-008 | [MĆ J] VulnĆ©rabilitĆ© dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-007 | Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | VulnƩrabilitƩ dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-006 | VulnƩrabilitƩ dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-002 | [MĆ J] VulnĆ©rabilitĆ© dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| CERTFR-2025-ALE-002 | [MĆ J] VulnĆ©rabilitĆ© dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| certfr-2025-ale-005 | VulnƩrabilitƩ dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-005 | VulnƩrabilitƩ dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-004 | ActivitƩs de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| CERTFR-2025-ALE-004 | ActivitƩs de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-003 | [MĆ J] VulnĆ©rabilitĆ© dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0398 | Multiples vulnƩrabilitƩs dans le noyau Linux de SUSE | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0397 | Multiples vulnƩrabilitƩs dans le noyau Linux d'Ubuntu | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0396 | Multiples vulnƩrabilitƩs dans le noyau Linux de Red Hat | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0395 | Multiples vulnƩrabilitƩs dans les produits IBM | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0394 | Multiples vulnƩrabilitƩs dans VMware Tanzu | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0393 | VulnƩrabilitƩ dans Synology Mail Station | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0392 | Multiples vulnƩrabilitƩs dans Microsoft Edge | 2026-04-03T00:00:00.000000 | 2026-04-03T00:00:00.000000 |
| certfr-2026-avi-0391 | Multiples vulnƩrabilitƩs dans OpenSSH | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0390 | Multiples vulnƩrabilitƩs dans Belden NetModule Router Software | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0389 | VulnƩrabilitƩ dans Microsoft Azure Linux | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0388 | Multiples vulnƩrabilitƩs dans les produits Cisco | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0387 | Multiples vulnƩrabilitƩs dans les produits Netgate | 2026-04-02T00:00:00.000000 | 2026-04-02T00:00:00.000000 |
| certfr-2026-avi-0386 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0385 | Multiples vulnƩrabilitƩs dans Google Chrome | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0384 | Multiples vulnƩrabilitƩs dans Joomla! | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0383 | Multiples vulnƩrabilitƩs dans Sonicwall Email Security | 2026-04-01T00:00:00.000000 | 2026-04-01T00:00:00.000000 |
| certfr-2026-avi-0382 | Multiples vulnƩrabilitƩs dans les produits FoxIT | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0381 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0380 | Multiples vulnƩrabilitƩs dans Microsoft Edge | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0379 | VulnƩrabilitƩ dans Elastic OpenTelemetry Java | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0378 | VulnƩrabilitƩ dans Symantec Data Loss Prevention (DLP) | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0377 | Multiples vulnƩrabilitƩs dans Papercut | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-avi-0376 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0375 | Multiples vulnƩrabilitƩs dans Microsoft Edge | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0374 | VulnƩrabilitƩ dans Docker Desktop | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0373 | VulnƩrabilitƩ dans Roundcube | 2026-03-30T00:00:00.000000 | 2026-03-30T00:00:00.000000 |
| certfr-2026-avi-0372 | Multiples vulnƩrabilitƩs dans les produits IBM | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| certfr-2026-avi-0371 | Multiples vulnƩrabilitƩs dans le noyau Linux d'Ubuntu | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| certfr-2026-avi-0370 | Multiples vulnƩrabilitƩs dans le noyau Linux de Red Hat | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| certfr-2026-avi-0369 | Multiples vulnƩrabilitƩs dans le noyau Linux de SUSE | 2026-03-27T00:00:00.000000 | 2026-03-27T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000049 | Multiple vulnerabilities in NEC Aterm series (NV26-001) | 2026-04-03T15:09+09:00 | 2026-04-03T15:09+09:00 |
| jvndb-2026-009720 | Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) | 2026-04-02T14:58+09:00 | 2026-04-03T15:50+09:00 |
| jvndb-2026-009412 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009411 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009410 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009409 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009408 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009406 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009147 | Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2026-03-27T18:18+09:00 | 2026-03-27T18:18+09:00 |
| jvndb-2026-009148 | Open Redirect Vulnerability in Hitachi Ops Center Administrator | 2026-03-27T18:17+09:00 | 2026-03-27T18:17+09:00 |
| jvndb-2026-000047 | Multiple vulnerabilities in baserCMS | 2026-03-27T18:00+09:00 | 2026-03-27T18:00+09:00 |
| jvndb-2026-000045 | WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting | 2026-03-27T17:34+09:00 | 2026-03-27T17:34+09:00 |
| jvndb-2026-000046 | Multiple vulnerabilities in BUFFALO Wi-Fi routers | 2026-03-27T17:18+09:00 | 2026-03-27T17:18+09:00 |
| jvndb-2026-000044 | Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000042 | Digital Photo Frame GH-WDF10A vulnerable to improper access restriction | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000043 | SHARP routers missing authentication for some web APIs | 2026-03-25T18:41+09:00 | 2026-03-25T18:41+09:00 |
| jvndb-2026-000040 | Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries | 2026-03-25T18:13+09:00 | 2026-03-25T18:13+09:00 |
| jvndb-2026-000041 | SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths | 2026-03-25T17:58+09:00 | 2026-03-25T17:58+09:00 |
| jvndb-2026-007973 | Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) | 2026-03-23T14:54+09:00 | 2026-03-23T14:54+09:00 |
| jvndb-2026-007524 | Vulnerability in Hitachi Command Suite | 2026-03-17T16:42+09:00 | 2026-03-17T16:42+09:00 |
| jvndb-2026-000038 | Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries | 2026-03-17T14:57+09:00 | 2026-03-17T14:57+09:00 |
| jvndb-2026-000039 | Missing authorization in the OpenAI thread/message API endpoints of GROWI | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-000037 | OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-006887 | Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 | 2026-03-12T17:22+09:00 | 2026-03-12T17:22+09:00 |
| jvndb-2026-000036 | Improper file access permission settings in multiple Digital Arts products | 2026-03-09T14:57+09:00 | 2026-03-09T16:23+09:00 |
| jvndb-2026-000035 | Installer for Qsee Client may insecurely load Dynamic Link Libraries | 2026-03-09T14:57+09:00 | 2026-03-09T14:57+09:00 |
| jvndb-2026-006102 | Security issues in ESC/POS | 2026-03-06T10:31+09:00 | 2026-03-06T10:31+09:00 |
| jvndb-2026-000034 | django-allauth vulnerable to open redirect | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000033 | EC-CUBE vulnerable to multi-factor authentication bypass | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000032 | Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) | 2026-03-04T12:20+09:00 | 2026-03-04T12:20+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-15152 | OpenClawęē»ęå”ę¼ę“ļ¼CNVD-2026-15152ļ¼ | 2026-03-26 | 2026-03-27 |
| cnvd-2026-15058 | OpenClawå½ä»¤ę³Øå „ę¼ę“ļ¼CNVD-2026-15058ļ¼ | 2026-03-26 | 2026-03-26 |
| cnvd-2026-15057 | OpenClawå åÆé®é¢ę¼ę“ļ¼CNVD-2026-15057ļ¼ | 2026-03-26 | 2026-03-26 |
| cnvd-2026-15061 | OpenClawęä½ē³»ē»å½ä»¤ę³Øå „ę¼ę“ | 2026-03-24 | 2026-03-26 |
| cnvd-2026-15060 | OpenClawęä½ē³»ē»å½ä»¤ę³Øå „ę¼ę“ļ¼CNVD-2026-15060ļ¼ | 2026-03-24 | 2026-03-26 |
| cnvd-2026-15059 | OpenClawęä½ē³»ē»å½ä»¤ę³Øå „ę¼ę“ļ¼CNVD-2026-15059ļ¼ | 2026-03-24 | 2026-03-26 |
| cnvd-2026-14861 | OpenClawåē½®é¾ę„ę¼ę“ļ¼CNVD-2026-14861ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14860 | OpenClaw代ē é®é¢ę¼ę“ļ¼CNVD-2026-14860ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14859 | OpenClawåē½®é¾ę„ę¼ę“ļ¼CNVD-2026-14859ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14858 | OpenClawåē½®é¾ę„ę¼ę“ļ¼CNVD-2026-14858ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14857 | OpenClawč·Æå¾éåę¼ę“ļ¼CNVD-2026-14857ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14856 | OpenClawč·Æå¾éåę¼ę“ļ¼CNVD-2026-14856ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14850 | OpenClawč·Æå¾éåę¼ę“ļ¼CNVD-2026-14850ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14849 | OpenClaw代ē é®é¢ę¼ę“ļ¼CNVD-2026-14849ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14848 | OpenClawč·Æå¾éåę¼ę“ļ¼CNVD-2026-14848ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14846 | OpenClawåē½®é¾ę„ę¼ę“ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14844 | OpenClaw代ē é®é¢ę¼ę“ļ¼CNVD-2026-14844ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14843 | OpenClawčŗ«ä»½éŖčÆå¼ŗåę¼ę“ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14842 | OpenClawč®æé®ę§å¶éčÆÆę¼ę“ļ¼CNVD-2026-14842ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14841 | OpenClawęęē»čæę¼ę“ļ¼CNVD-2026-14841ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14840 | OpenClawčŗ«ä»½éŖčÆē»čæę¼ę“ļ¼CNVD-2026-14840ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14839 | OpenClawčŗ«ä»½éŖčÆē»čæę¼ę“ļ¼CNVD-2026-14839ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14838 | OpenClawååØęŖęę¼ę“ļ¼CNVD-2026-14838ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14837 | OpenClawęęē»čæę¼ę“ļ¼CNVD-2026-14837ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14836 | OpenClawå ę°ę®ę¬ŗéŖę¼ę“ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14835 | OpenClawęęē»čæę¼ę“ļ¼CNVD-2026-14835ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14834 | OpenClawååØęŖęę¼ę“ļ¼CNVD-2026-14834ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14833 | OpenClawčŗ«ä»½éŖčÆē»čæę¼ę“ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14832 | OpenClawååØęŖęę¼ę“ļ¼CNVD-2026-14832ļ¼ | 2026-03-24 | 2026-03-25 |
| cnvd-2026-14831 | OpenClawęęē»čæę¼ę“ | 2026-03-24 | 2026-03-25 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01844 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃŠ²ŠøŃŠ° Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃŠø Advanced DNS Security (ADNS) Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½Š¾Š¹ ŃŠøŃŃŠµŠ¼Ń PAN-OS,ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01843 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø loadRLE() Š·Š°Š³ŃŃŠ·ŃŠøŠŗŠ° TGA-ŠøŠ·Š¾Š±ŃŠ°Š¶ŠµŠ½ŠøŠ¹ (PluginTARGA.cpp) Š³ŃŠ°ŃŠøŃŠµŃŠŗŠ¾Š¹ Š±ŠøŠ±ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01842 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø ws_user_gerList() ŃŃŠµŠ½Š°ŃŠøŃ pwg.users.php ŃŠøŃŃŠµŠ¼Ń ŃŠæŃŠ°Š²Š»ŠµŠ½ŠøŃ ŠŗŠ¾Š½ŃŠµŠ½ŃŠ¾Š¼ ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01841 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° Updater Š¾Š±Š»Š°ŃŠ½Š¾Š¹ ŠæŠ»Š°ŃŃŠ¾ŃŠ¼Ń ŃŠæŃŠ°Š²Š»ŠµŠ½ŠøŃ ŠŗŠ¾Š½ŃŠµŠ¹Š½ŠµŃŠ°Š¼Šø Arcane, ŠæŠ¾Š·Š²Š¾Š»ŃŃā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01840 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŠ-Š°Š³ŠµŠ½ŃŠ° OpenClaw (ŃŠ°Š½ŠµŠµ - ClawdBot ŠøŠ»Šø MoltBot), ŃŠ²ŃŠ·Š°Š½Š½Š°Ń Ń Š¾ŃŃŃŃŃŃŠ²ŠøŠµŠ¼ ŠæŃŠ¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01839 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø blocked_path() ŠæŠ°ŠŗŠµŃŠ° Python Š“Š»Ń ŃŠ¾Š·Š“Š°Š½ŠøŃ ŠæŃŠøŠ»Š¾Š¶ŠµŠ½ŠøŠ¹ Š“Š»Ń Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Š¼Š°ŃŠøŠ½ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01838 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š“ŃŠ°Š¹Š²ŠµŃŠ¾Š² Š³ŃŠ°ŃŠøŃŠµŃŠŗŠøŃ ŠæŃŠ¾ŃŠµŃŃŠ¾ŃŠ¾Š² NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, ŃŠ²Ńā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01837 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š³ŃŠ°ŃŠøŃŠµŃŠŗŠøŃ ŠæŃŠ¾ŃŠµŃŃŠ¾ŃŠ¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ńā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01836 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š³ŃŠ°ŃŠøŃŠµŃŠŗŠøŃ ŠæŃŠ¾ŃŠµŃŃŠ¾ŃŠ¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ńā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01835 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š“ŃŠ°Š¹Š²ŠµŃŠ° ESXi base Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ ŃŠµŃŠµŠ²ŃŃ ŠŗŠ¾Š½ŃŃŠ¾Š»Š»ŠµŃŠ¾Š² Intel 80ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01834 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ ŠŗŠ¾Š½ŃŃŠ¾Š»Š»ŠµŃŠ¾Š² Intel Ethernet ŃŠµŃŠøŠø E810, ŃŠ²ŃŠ·Š°Š½Š½Š°ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01833 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃ Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01832 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃ Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01831 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃ Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01830 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° File input Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š¾ŃŃŃŠµŃŃŠ²Šøā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01829 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° PictureInPicture Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š¾ŠŗŠ°ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01828 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° Animation Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š¾ŠŗŠ°Š·Š°ŃŃ Š²Š¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01827 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø ŠŗŠ¾Š½ŃŠøŠ“ŠµŠ½ŃŠøŠ°Š»ŃŠ½Š¾ŃŃŠø Fenced Frames Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01826 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° WebGPU Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š²ŃŠ·Š²Š°ŃŃ Š¾ŃŠŗŠ°Š·ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01825 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°ŃŃŠ¾ŃŠ¼Ń Š½Š° Š±Š°Š·Šµ git Š“Š»Ń ŃŠ¾Š²Š¼ŠµŃŃŠ½Š¾Š¹ ŃŠ°Š±Š¾ŃŃ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, ŃŠ²ŃŠ·ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01824 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°ŃŃŠ¾ŃŠ¼Ń Š½Š° Š±Š°Š·Šµ git Š“Š»Ń ŃŠ¾Š²Š¼ŠµŃŃŠ½Š¾Š¹ ŃŠ°Š±Š¾ŃŃ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, ŃŠ²ŃŠ·ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01823 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø Š¼ŠµŠ¶ŃŠµŃŠµŠ²ŃŃ ŃŠŗŃŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01822 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń Ń Š½ŠµŠ“Š¾ŃŃŠ°ŃŠ¾ŃŠ½Š¾Š¹ ŠæŃŠ¾Š²ŠµŃŠŗŠ¾Š¹ ŠøŃŃŠ¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01821 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø Š¼ŠµŠ¶ŃŠµŃŠµŠ²ŃŃ ŃŠŗŃŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01820 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠøŠ½ŃŠµŃŃŠµŠ¹ŃŠ° ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ ŃŃŃŠ¾ŠŗŠø Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01819 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š³ŃŠ°ŃŠøŃŠµŃŠŗŠ¾Š³Š¾ ŠæŠ¾Š»ŃŠ·Š¾Š²Š°ŃŠµŠ»ŃŃŠŗŠ¾Š³Š¾ ŠøŠ½ŃŠµŃŃŠµŠ¹ŃŠ° Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOSā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01818 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š“Š»Ń ŃŠ°Š·ŃŠ°Š±Š¾ŃŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01817 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š“Š»Ń ŃŠ°Š·ŃŠ°Š±Š¾ŃŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01816 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š“Š»Ń ŃŠ°Š·ŃŠ°Š±Š¾ŃŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01815 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Microsoft ACI Confidential Containers, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń Ń Š½Šµā¦ | 16.02.2026 | 16.02.2026 |
| ID | Description | Updated |
|---|---|---|
| var-202407-2188 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā¦ | 2024-07-23T22:46:32.699000Z |
| var-202406-3119 | Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-sā¦ | 2024-07-23T22:46:22.685000Z |
| var-202407-1740 | NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E haā¦ | 2024-07-23T22:46:18.378000Z |
| var-202407-1417 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā¦ | 2024-07-23T22:46:07.784000Z |
| var-202407-1103 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā¦ | 2024-07-23T22:46:01.992000Z |
| var-202407-0957 | WinCC is a SCADA system suitable for all walks of life. It can access devices from mobileā¦ | 2024-07-23T22:45:59.391000Z |
| var-202407-0819 | SIMATIC S7-1500 is a modular control system suitable for various automation applications ā¦ | 2024-07-23T22:45:56.958000Z |
| var-202407-0818 | NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6ā¦ | 2024-07-23T22:45:56.946000Z |
| var-202407-0779 | Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of ā¦ | 2024-07-23T22:45:56.150000Z |
| var-202407-0778 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā¦ | 2024-07-23T22:45:56.131000Z |
| var-202407-0745 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā¦ | 2024-07-23T22:45:55.498000Z |
| var-202305-1479 | D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution ā¦ | 2024-07-23T22:45:09.335000Z |
| var-202108-1158 | A race condition was addressed with improved locking. This issue is fixed in macOS Monterā¦ | 2024-07-23T22:44:06.976000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as usedā¦ | 2024-07-23T22:43:49.590000Z |
| var-200702-0378 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 ā¦ | 2024-07-23T22:43:25.614000Z |
| var-201011-0225 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent ā¦ | 2024-07-23T22:41:43.584000Z |
| var-201112-0297 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Neā¦ | 2024-07-23T22:41:20.004000Z |
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includā¦ | 2024-07-23T22:41:18.832000Z |
| var-201803-1810 | A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial ā¦ | 2024-07-23T22:41:17.171000Z |
| var-201809-0087 | WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulā¦ | 2024-07-23T22:41:16.554000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) bā¦ | 2024-07-23T22:41:04.279000Z |
| var-201702-0423 | An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoftā¦ | 2024-07-23T22:40:53.160000Z |
| var-202305-1588 | D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilitā¦ | 2024-07-23T22:40:05.297000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, ā¦ | 2024-07-23T22:39:32.535000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and dā¦ | 2024-07-23T22:39:32.874000Z |
| var-201706-0017 | In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClieā¦ | 2024-07-23T22:38:34.494000Z |
| var-202305-1520 | D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulā¦ | 2024-07-23T22:38:26.576000Z |
| var-202407-0490 | A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP ā¦ | 2024-07-23T22:38:24.768000Z |
| var-201810-0396 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabiliā¦ | 2024-07-23T22:37:44.850000Z |
| var-202001-0833 | A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe moā¦ | 2024-07-23T22:37:43.471000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-028 | Draeger: ICMHelper is vulnerable to a privilege escalation | 2025-08-05T10:00:00.000Z | 2026-01-06T11:00:00.000Z |
| vde-2019-012 | TECSON/GOK: Improper Authentication and Access Control on multiple devices | 2019-06-04T13:21:00.000Z | 2025-05-14T13:00:14.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-104 | Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware | 2026-03-18T08:00:00.000Z | 2026-03-18T08:00:00.000Z |
| vde-2025-109 | Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware | 2026-02-10T08:00:00.000Z | 2026-02-23T14:00:00.000Z |
| vde-2025-073 | Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| vde-2025-071 | Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware | 2025-12-09T08:00:00.000Z | 2026-01-12T08:00:00.000Z |
| vde-2025-074 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-10-14T10:00:00.000Z | 2025-10-15T10:00:00.000Z |
| vde-2025-072 | Phoenix Contact: Security Advisory for QUINT4-UPS EIP | 2025-10-14T06:00:00.000Z | 2025-10-14T06:00:00.000Z |
| vde-2025-077 | Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-064 | Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation | 2025-09-09T07:00:00.000Z | 2025-09-09T07:00:00.000Z |
| vde-2025-063 | Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation | 2025-08-12T10:00:00.000Z | 2025-08-12T10:00:00.000Z |
| vde-2025-054 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-053 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-019 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-07-08T10:00:00.000Z | 2025-07-22T08:00:00.000Z |
| vde-2025-014 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-029 | Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers | 2025-05-13T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2025-005 | Phoenix Contact: Security Advisory for ESL Stick USB-A | 2025-01-14T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-070 | Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers | 2025-01-14T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-073 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2024-12-09T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-071 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2024-12-09T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-067 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Engineer | 2024-10-08T12:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-052 | Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. | 2024-09-10T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-051 | Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH | 2024-09-10T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-039 | Phoenix Contact: Multiple Vulnerabilities in mGuard devices | 2024-09-10T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-022 | Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers | 2024-08-13T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-029 | Phoenix Contact: Unbounded growth of OpenSSL session cache in multiple FL MGUARD devices | 2024-06-11T06:00:00.000Z | 2024-06-11T06:00:00.000Z |
| vde-2024-019 | Phoenix Contact: Multiple vulnerabilities in the Firmware of CHARX SEC charge controllers | 2024-05-14T06:00:00.000Z | 2024-05-14T06:00:00.000Z |
| vde-2024-011 | PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers | 2024-03-12T07:00:00.000Z | 2024-03-12T07:00:00.000Z |
| vde-2023-058 | Phoenix Contact: PLCnext Control prone to download of code without integrity check | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-057 | Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC | 2023-12-12T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2023-056 | Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-055 | Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource | 2023-12-12T07:00:00.000Z | 2023-12-12T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-085 | Welotec: Path Traversal in SmartEMS Upload Handling | 2025-09-10T07:00:00.000Z | 2025-09-22T08:00:00.000Z |
| vde-2025-076 | Welotec: Hard-coded JWT secret in egOS WebGUI | 2025-08-26T07:00:00.000Z | 2025-08-26T07:00:00.000Z |
| vde-2024-043 | Welotec: Multiple products are vulnerable to regreSSHion | 2024-08-22T06:00:00.000Z | 2024-08-22T06:00:00.000Z |
| vde-2024-023 | Welotec: Clickjacking Vulnerability in WebUI | 2024-04-23T08:00:00.000Z | 2024-04-23T08:00:00.000Z |
| vde-2024-009 | Welotec: Two vulnerabilities in TK500v1 router series | 2024-04-09T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| advisory2026-03_vde-2026-018 | CODESYS Control V3 - Externally-controlled format string in Auditlog | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-02_vde-2026-011 | CODESYS Control V3 - Untrusted boot application | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-01_vde-2026-012 | CODESYS Installer - Possible Privilege Escalation | 2026-03-10T10:00:00.000Z | 2026-03-10T10:00:00.000Z |
| advisory2025-09_vde-2025-099 | CODESYS Control - Linux/QNX SysSocket flaw | 2025-12-01T11:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-11_vde-2025-101 | CODESYS Development System - Deserialization of Untrusted Data | 2025-12-01T10:00:00.000Z | 2025-12-01T10:00:00.000Z |
| advisory2025-10_vde-2025-100 | CODESYS Control - Invalid type usage in visualization | 2025-12-01T10:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-07_vde-2025-051 | CODESYS Control V3 - Exposed PKI folder | 2025-08-04T10:00:00.000Z | 2025-09-01T10:00:00.000Z |
| advisory2025-06_vde-2025-049 | CODESYS Control V3 - Insecure default permissions | 2025-08-04T10:00:00.000Z | 2025-08-04T10:00:00.000Z |
| advisory2025-08_vde-2025-070 | CODESYS Control V3 - NULL pointer dereference | 2025-08-04T08:00:00.000Z | 2025-10-14T08:00:00.000Z |
| advisory2025-05_vde-2025-027 | CODESYS Visualization user management bypass in WebVisu | 2025-04-23T10:00:00.000Z | 2025-04-23T10:00:00.000Z |
| advisory2025-04_vde-2025-022 | CODESYS Control V3 - OPC UA Server Authentication bypass | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-03_vde-2025-015 | CODESYS Control V3 removable media path traversal | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-02_vde-2025-013 | CODESYS (Edge) Gateway for Windows insecure default | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-01_vde-2025-001 | CODESYS Key physical side-channel vulnerability | 2025-01-21T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2024-05_vde-2024-057 | CODESYS: CODESYS web server vulnerable to DoS | 2024-09-25T21:59:00.000Z | 2025-04-03T10:00:00.000Z |
| vde-2024-046 | OSCAT: Out-of-bounds read in OSCAT Basic library | 2024-09-10T14:00:00.000Z | 2024-09-10T14:00:00.000Z |
| vde-2024-026 | CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products | 2024-06-04T08:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-027 | CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere | 2024-06-04T06:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-024 | CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files | 2024-05-06T08:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2023-066 | CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products | 2023-12-05T14:25:00.000Z | 2023-12-05T14:25:00.000Z |
| vde-2023-035 | CODESYS: Multiple products affected by WIBU Codemeter vulnerability | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-025 | CODESYS: Control runtime system memory and integrity check vulnerabilities | 2023-08-03T11:18:00.000Z | 2023-08-03T11:18:00.000Z |
| vde-2023-023 | CODESYS: Missing Brute-Force protection in CODESYS Development System | 2023-08-03T11:08:00.000Z | 2023-08-03T11:08:00.000Z |
| vde-2023-022 | CODESYS: Missing integrity check in CODESYS Development System | 2023-08-03T10:52:00.000Z | 2023-08-03T10:52:00.000Z |
| vde-2023-021 | CODESYS: Vulnerability in CODESYS Development System allows execution of binaries | 2023-08-03T10:48:00.000Z | 2023-08-03T10:48:00.000Z |
| vde-2023-019 | CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce | 2023-08-03T10:42:00.000Z | 2023-08-03T10:42:00.000Z |
| vde-2023-024 | CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting | 2023-07-28T07:45:00.000Z | 2023-07-28T07:45:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-067 | Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access | 2025-08-10T10:00:00.000Z | 2025-08-25T10:00:00.000Z |
| vde-2025-024 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version | 2025-05-13T10:00:00.000Z | 2025-05-13T10:00:00.000Z |
| vde-2025-032 | Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting | 2025-05-06T10:00:00.000Z | 2025-05-06T10:00:00.000Z |
| vde-2025-031 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| vde-2024-018 | Wiesemann & Theis: Multiple products prone to unquoted search path | 2024-02-28T07:00:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2022-057 | Wiesemann & Theis multiple products prone to web interface vulnerability | 2022-12-13T07:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-043 | Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family | 2022-11-07T11:43:00.000Z | 2022-11-07T12:14:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-030 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-04-02T11:00:00.000Z | 2026-04-02T11:00:00.000Z |
| vde-2026-024 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2025-065 | MB connect line: Sandbox escape in mbNET's LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2025-058 | MB connect line: Multiple vulnerabilities in mbNET.mini | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-035 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-034 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2024-010 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-03-18T11:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-068 | MB connect line: Multiple Vulnerabilities in MB connect line Products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2024-056 | MB connect line: Multiple Vulnerabilities in mbNET.mini Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-030 | MB connect line: mbNET.mini vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T09:00:00.000Z |
| vde-2023-041 | MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2024-042 | MB connect line: Multiple products are vulnerable to regreSSHion | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-012 | MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-002 | MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 | 2023-05-15T14:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-011 | MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 | 2022-09-07T12:50:00.000Z | 2022-09-07T12:50:00.000Z |
| vde-2021-030 | MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) | 2022-09-07T10:48:00.000Z | 2025-06-06T07:00:00.000Z |
| vde-2021-003 | MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) | 2022-09-07T10:46:00.000Z | 2022-09-07T10:46:00.000Z |
| vde-2021-037 | MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 | 2021-10-27T10:15:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-017 | MB connect line: Privilege escalation in mbDIALUP | 2021-07-22T11:35:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-031 | MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 | 2021-07-22T11:33:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-012 | MB connect line: multiple products partially affected by DNSpooq | 2021-04-26T08:04:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-035 | MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 | 2020-09-18T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-025 | Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2025-069 | Helmholz: Sandbox escape in REX200/250 LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2025-059 | Helmholz: Multiple vulnerabilities in REX 100 | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-038 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-037 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2024-031 | Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual | 2025-03-18T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-069 | Helmholz: Multiple Vulnerabilities in Helmholz products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2024-066 | Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-044 | Helmholz: Multiple products are vulnerable to regreSSHion | 2024-07-31T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-032 | Helmholz: REX 100 vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T13:33:00.000Z |
| vde-2023-043 | Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2023-029 | Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-008 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2023-05-15T12:06:00.000Z | 2023-05-15T12:06:00.000Z |
| vde-2022-017 | Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual | 2022-09-07T12:54:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-039 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2022-09-07T10:56:00.000Z | 2022-09-07T10:56:00.000Z |
| vde-2021-058 | Helmholz: Remote user enumeration in myREX24/myREX24-virtual | 2021-12-08T13:04:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-057 | Helmholz: Privilege Escalation in shDialup (Update A) | 2021-03-28T13:03:00.000Z | 2025-05-14T13:00:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fsa-202601 | Several CODESYS vulnerabilities in Festo Automation Suite | 2026-02-26T08:00:00.000Z | 2026-02-26T08:00:00.000Z |
| fsa-202406 | Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo | 2024-12-03T11:00:00.000Z | 2024-12-03T14:00:00.000Z |
| fsa-202405 | Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability | 2024-09-09T07:00:00.000Z | 2025-11-05T08:00:00.000Z |
| fsa-202402 | Several Vulnerabilities in MES PC (Windows 10) | 2024-02-27T12:00:00.000Z | 2025-12-08T07:00:00.000Z |
| fsa-202401 | Festo: Multiple products contain CoDe16 vulnerability | 2024-01-30T07:00:00.000Z | 2025-11-04T11:00:00.000Z |
| fsa-202305 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products | 2023-11-28T07:00:00.000Z | 2025-05-13T10:00:00.000Z |
| fsa-202303 | Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products | 2023-10-17T06:00:00.000Z | 2025-10-01T06:00:00.000Z |
| fsa-202304 | Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions | 2023-09-05T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202301 | Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance | 2023-08-29T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202302 | Festo: Several vulnerabilities in FactoryViews | 2023-07-10T10:00:00.000Z | 2026-02-02T08:00:00.000Z |
| fsa-202206 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products | 2022-12-13T11:50:00.000Z | 2025-10-01T10:50:00.000Z |
| fsa-202209 | Festo: Incomplete documentation of remote accessible functions and protocols in Festo products | 2022-11-29T11:49:00.000Z | 2025-11-03T10:00:00.000Z |
| fsa-202208 | Festo: Multiple Festo products contain an unsafe default Codesys configuration | 2022-11-29T11:41:00.000Z | 2025-10-28T11:00:00.000Z |
| fsa-202207 | Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function | 2022-09-20T10:00:00.000Z | 2025-07-28T10:00:00.000Z |
| fsa-202203 | Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-07-10T10:00:00.000Z |
| fsa-202202 | Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-11-03T11:00:00.000Z |
| fsa-202201 | Festo: CECC-X-M1 - command injection vulnerabilities | 2022-07-06T07:00:00.000Z | 2025-06-23T08:00:00.000Z |
| fsa-202101 | Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q | 2021-09-22T11:13:00.000Z | 2025-08-26T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-011 | PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL ā Device is affected by XSS vulnerability and information disclosure | 2025-05-26T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-002 | PEPPERL+FUCHS: HMI ā devices are affected by Windows RCE | 2025-02-25T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-065 | PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key | 2024-11-26T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-063 | PEPPERL+FUCHS: Multiple products are affected by regreSSHion | 2024-10-08T12:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-033 | PEPPERL+FUCHS: Device Master ICDM-RX/* ā Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service | 2024-08-13T12:00:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2024-038 | Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation | 2024-07-10T06:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-037 | Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 | 2024-07-10T06:00:00.000Z | 2024-07-10T06:00:00.000Z |
| vde-2024-017 | Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities | 2024-04-10T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-021 | Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities | 2022-05-16T14:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-012 | Pepperl+Fuchs: Vulnerability in multiple VisuNet devices | 2022-04-26T12:00:00.000Z | 2022-05-16T14:15:00.000Z |
| vde-2021-006 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-11-16T14:53:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-041 | Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability | 2021-10-26T13:35:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-027 | Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-10-16T12:00:00.001Z | 2025-05-14T13:00:14.000Z |
| vde-2021-028 | Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities | 2021-08-16T12:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-034 | Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices | 2021-07-30T07:55:00.000Z | 2021-07-30T07:55:00.000Z |
| vde-2021-018 | Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules | 2021-05-12T08:57:00.000Z | 2021-05-12T08:57:00.000Z |
| vde-2020-053 | Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities | 2021-03-08T13:44:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-007 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-16T14:53:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2020-050 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-15T13:33:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-001 | Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 | 2021-01-15T12:41:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-038 | Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master | 2021-01-04T13:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-040 | Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux | 2020-10-05T12:00:00.000Z | 2020-10-05T12:00:00.000Z |
| vde-2020-034 | Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components | 2020-09-10T13:22:00.000Z | 2020-09-10T13:22:00.000Z |
| vde-2020-017 | Pepperl+Fuchs, PACTware: Two password vulnerabilities found | 2020-05-29T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-014 | Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets | 2020-03-31T13:30:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2019-011 | Pepperl+Fuchs: Remote code execution vulnerability in HMI devices | 2019-05-29T07:35:00.000Z | 2019-10-07T10:00:00.000Z |
| vde-2019-004 | Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack | 2019-03-14T07:52:00.000Z | 2019-03-14T07:52:00.000Z |
| vde-2019-002 | Pepperl+Fuchs: Path traversal in WirelessHART Gateway | 2019-03-06T10:35:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2018-016 | Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability | 2018-10-19T10:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-009 | Pepperl+Fuchs: Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices | 2018-07-06T14:47:00.000Z | 2018-10-23T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ppsa-2026-001 | Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service | 2026-02-02T08:00:00.000Z | 2026-02-02T10:00:00.000Z |
| ppsa-2025-004 | Pilz: Vulnerability affecting PASvisu Runtime | 2025-10-20T10:00:00.000Z | 2025-10-20T10:00:00.000Z |
| ppsa-2025-003 | Pilz: Authentication Bypass in IndustrialPI Webstatus | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-002 | Pilz: Missing Authentication in Node-RED integration | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-001 | Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory | 2025-06-30T10:00:00.000Z | 2025-06-30T10:00:00.000Z |
| vde-2024-002 | Pilz: Multiple products affected by uC/HTTP vulnerability | 2024-02-06T07:00:00.000Z | 2024-02-06T07:00:00.000Z |
| vde-2023-050 | Pilz: Vulnerability in PASvisu and PMI v8xx | 2024-01-30T07:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2023-059 | Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx | 2023-12-05T07:06:00.000Z | 2023-12-05T07:06:00.000Z |
| vde-2023-048 | Pilz: Multiple products prone to libwebp vulnerability | 2023-12-05T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-033 | Pilz: WIBU Vulnerabilitiy in multiple Products | 2023-10-12T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-045 | Pilz: PAS 4000 prone to ZipSlip | 2022-11-24T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-044 | Pilz: Multiple products affected by ZipSlip | 2022-11-24T09:00:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2022-033 | Pilz: PASvisu and PMI affected by multiple vulnerabilities | 2022-11-24T09:00:00.000Z | 2022-11-24T09:00:00.000Z |
| vde-2021-061 | Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-055 | Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-054 | Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-009 | Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities | 2021-09-20T11:56:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-033 | Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-09-10T13:18:00.000Z | 2025-05-14T12:28:19.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-021 | WAGO: Multiple Vulnerabilities in WAGO VC Hub | 2026-03-30T07:00:00.000Z | 2026-03-30T07:00:00.000Z |
| vde-2026-010 | WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere | 2026-03-30T07:00:00.000Z | 2026-03-30T07:00:00.000Z |
| vde-2026-020 | WAGO: Vulnerability in managed switches | 2026-03-23T08:00:00.000Z | 2026-03-23T08:00:00.000Z |
| vde-2026-004 | WAGO: Vulnerabilities in Managed Switch | 2026-02-09T08:00:00.000Z | 2026-02-09T08:00:00.000Z |
| vde-2025-095 | WAGO: Vulnerabilities in WAGO Industrial-Managed Switches | 2025-12-10T10:00:00.000Z | 2026-01-19T08:00:00.000Z |
| vde-2025-062 | WAGO: Multiple Vulnerabilities in CODESYS components | 2025-11-03T11:00:00.000Z | 2025-11-03T11:00:00.000Z |
| vde-2025-087 | WAGO: Vulnerabilities in Device Sphere and Solution Builder | 2025-09-24T09:00:00.000Z | 2025-09-24T09:00:00.000Z |
| vde-2025-083 | WAGO: Vulnerability in hardware switch circuit | 2025-09-15T08:00:00.000Z | 2025-09-15T08:00:00.000Z |
| vde-2025-080 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-082 | WAGO: Critical sudo Vulnerability in Multiple Products | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-048 | WAGO: Escalation of Privileges in Coupler Firmware | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-057 | WAGO: Vulnerability in WAGO Device Sphere | 2025-06-23T10:00:00.000Z | 2025-07-07T06:15:00.000Z |
| vde-2025-040 | WAGO: Vulnerabilities in ctrlX OS app | 2025-06-16T10:00:00.000Z | 2025-06-16T10:00:00.000Z |
| vde-2025-018 | WAGO: Vulnerabilities in WAGO Device Manager | 2025-06-16T10:00:00.000Z | 2025-11-21T12:00:00.000Z |
| vde-2025-020 | WAGO: Switches affected by year 2k38 problem | 2025-06-02T06:00:00.000Z | 2025-06-02T06:00:00.000Z |
| vde-2025-007 | WAGO: Year 2038 problem | 2025-04-15T10:00:00.000Z | 2025-04-15T10:00:00.000Z |
| vde-2025-004 | Wago: Vulnerability in libwagosnmp | 2025-03-05T11:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2025-009 | WAGO: Vulnerabilities in CODESYS Control V3 - OPC UA Stack | 2025-02-04T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2025-008 | WAGO: Vulnerabilities in CODESYS Control | 2025-02-04T11:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2024-072 | WAGO: Vulnerabilities in CODESYS Control | 2024-12-03T11:00:00.000Z | 2024-12-03T11:00:00.000Z |
| vde-2024-047 | WAGO: Multiple vulnerabilities in docker configuration | 2024-11-18T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-021 | WAGO: Vulnerability in WAGO Navigator | 2024-05-21T06:00:00.000Z | 2024-05-21T06:00:00.000Z |
| vde-2023-068 | WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime | 2024-05-21T06:00:00.000Z | 2024-05-21T06:00:00.000Z |
| vde-2023-039 | Wago: Multiple vulnerabilities in web-based management of multiple products | 2024-03-13T08:30:00.000Z | 2024-03-13T08:30:00.000Z |
| vde-2024-014 | WAGO: Multiple products affected by Terrapin | 2024-02-22T07:00:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2024-007 | WAGO: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products | 2024-01-22T07:00:00.000Z | 2024-01-22T07:00:00.000Z |
| vde-2023-045 | Wago: Vulnerability in Smart Designer Web-Application | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-044 | Wago: Vulnerabilities in IEC61850 Server / Telecontrol | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-037 | WAGO: Remote Code execution vulnerability in managed Switches | 2023-11-21T07:00:00.000Z | 2023-11-21T07:00:00.000Z |
| vde-2023-015 | WAGO: Improper privilege management in web-based management | 2023-11-20T07:00:00.000Z | 2023-11-20T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-061 | ifm: Improper Access Control vulnerability | 2025-06-30T10:00:00.000Z | 2026-02-18T08:00:00.000Z |
| vde-2024-012 | ifm: Vulnerabilities in ifm AC14 firmware | 2024-07-09T07:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2024-028 | ifm moneo password reset can be exploited | 2024-05-06T10:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2022-050 | IFM: weak password recovery vulnerability in moneo appliance | 2022-12-12T11:00:00.000Z | 2026-01-06T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-092 | Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager | 2026-01-27T11:00:00.000Z | 2026-01-27T11:00:00.000Z |
| vde-2025-106 | Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server | 2026-01-26T10:00:00.000Z | 2026-02-12T09:00:00.000Z |
| vde-2025-075 | Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2024-064 | Beckhoff: Local command injection via TwinCAT Package Manager | 2024-10-31T11:00:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2021-008 | Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-050 | Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-049 | Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-048 | Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-045 | Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-067 | Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf | 2023-12-13T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-003 | BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology | 2022-03-01T12:34:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2021-051 | Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server | 2021-11-04T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-051 | Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server | 2021-04-27T08:08:00.000Z | 2021-05-11T10:00:00.000Z |
| vde-2020-037 | Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) | 2020-11-19T13:41:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-019 | Beckhoff: EtherLeak in TwinCAT RT network driver | 2020-06-16T08:31:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-005 | Beckhoff: BK9000 couplers - Denial of service inhibits function | 2020-03-10T13:17:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-019 | Beckhoff: TwinCAT Denial-of-Service in Profinet driver | 2019-10-09T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-007 | TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability | 2026-02-23T08:00:00.000Z | 2026-02-23T08:00:00.000Z |
| vde-2025-078 | TRUMPF: Remote support uses an outdated encryption algorithm | 2025-08-25T06:00:00.000Z | 2025-08-29T10:00:00.000Z |
| vde-2024-004 | TRUMPF: Multiple products affected by log4net vulnerability | 2025-04-22T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-040 | Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-034 | Multiple TRUMPF products prone to nftables server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-001 | TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities | 2024-01-29T07:00:00.000Z | 2024-01-29T07:00:00.000Z |
| vde-2024-006 | TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x | 2024-01-23T07:00:00.000Z | 2024-01-23T07:00:00.000Z |
| vde-2024-005 | TRUMPF: Multiple products contain vulnerable version of 7-zip | 2024-01-23T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2024-003 | TRUMPF: Multiple products include a vulnerable version of Notepad++ | 2024-01-23T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-031 | Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability | 2023-09-13T10:00:00.000Z | 2023-11-13T11:00:00.000Z |
| vde-2022-049 | TRUMPF: Multiple products prone to X.Org server vulnerabilities | 2022-11-07T11:43:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-023 | TRUMPF TruTops prone to improper access control | 2022-10-17T10:00:00.000Z | 2022-10-17T10:00:00.000Z |
| vde-2022-034 | TRUMPF: Products prone to Unified Automation vulnerabilities | 2022-08-15T10:00:00.000Z | 2022-08-15T10:00:00.000Z |
| vde-2022-016 | TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability | 2022-05-02T10:00:00.000Z | 2022-05-02T10:00:00.000Z |
| vde-2021-033 | TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities | 2021-08-12T13:02:00.001Z | 2021-08-12T13:02:00.001Z |
| vde-2021-011 | TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability | 2021-03-22T08:59:00.000Z | 2026-02-02T14:25:00.000Z |
| vde-2020-039 | TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T10:28:00.000Z | 2025-05-14T12:36:39.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-043 | Lenze: PLC Designer V4 with insecure storage of sensitive information | 2025-06-25T10:00:00.000Z | 2025-06-25T10:00:00.000Z |
| vde-2025-042 | Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway | 2025-05-27T09:00:00.000Z | 2025-05-27T09:00:00.000Z |
| vde-2024-053 | Lenze: Install Directory with insufficient permissions | 2024-09-03T08:00:00.000Z | 2025-03-13T11:30:00.000Z |
| vde-2022-030 | Lenze: Vulnerability in the OPC-UA authentification connection in the firmware | 2022-07-11T10:00:00.000Z | 2022-07-11T10:00:00.000Z |
| vde-2021-048 | Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication | 2021-10-04T12:33:00.000Z | 2021-10-04T12:33:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-029 | Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 | 2022-09-26T08:00:00.000Z | 2026-03-02T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-047 | AUMA: Incorrect delivery status of the Bluetooth configuration | 2025-06-10T10:00:00.000Z | 2025-06-10T10:00:00.000Z |
| vde-2025-026 | AUMA Riester: Buffer overflow in service telegram | 2025-05-12T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2023-028 | AUMA: SIMA Master Station affected by WRECK vulnerability | 2023-08-07T11:35:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2023-027 | AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations | 2023-08-07T09:35:00.000Z | 2023-08-07T09:35:00.000Z |
| vde-2022-032 | AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service | 2022-08-09T08:00:00.000Z | 2022-08-09T08:00:00.000Z |
| vde-2022-024 | Auma: SIMAĀ² Master Station Denial of Service Vulnerability on Automation Runtime Webserver | 2022-06-15T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-084 | Bender Charge Controller Vulnerability - Unsecure Communication | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-061 | Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2021-047 | Bender/ebee: Multiple Charge Controller Vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2020-043 | Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability | 2020-10-16T06:54:00.000Z | 2020-10-16T06:54:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-003 | Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime | 2026-03-31T08:00:00.000Z | 2026-04-01T11:00:00.000Z |
| vde-2026-002 | Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation | 2026-03-02T07:00:00.000Z | 2026-03-02T07:00:00.000Z |
| vde-2025-105 | Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability | 2025-12-08T09:00:00.000Z | 2025-12-08T09:00:00.000Z |
| vde-2025-107 | Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities | 2025-12-05T11:00:00.000Z | 2026-04-02T10:00:00.000Z |
| vde-2025-068 | Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions | 2025-09-02T10:00:00.000Z | 2026-02-20T09:00:00.000Z |
| vde-2025-036 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-03-06T14:00:00.000Z | 2025-03-06T14:00:00.000Z |
| vde-2024-054 | Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-041 | Endress+Hauser: Multiple products are vulnerable to code injection | 2024-09-10T08:00:00.000Z | 2024-09-10T08:00:00.000Z |
| vde-2022-019 | Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components | 2022-06-02T15:11:00.000Z | 2022-06-02T15:11:00.000Z |
| vde-2022-006 | Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware | 2022-03-24T10:48:00.000Z | 2022-03-24T10:48:00.000Z |
| vde-2021-044 | Endress+Hauser: Multiple products affected by log4net vulnerability | 2022-01-20T08:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-040 | Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow | 2021-10-04T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-010 | Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks | 2021-05-18T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-005 | Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability | 2021-03-01T06:39:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-022 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information | 2020-11-19T14:48:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-021 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management | 2020-11-19T14:48:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2020-031 | Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T13:10:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2019-005 | Endress+Hauser: WIFI enabled products utilising WPA2 | 2019-03-19T15:34:00.000Z | 2019-03-19T15:34:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-030 | Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability | 2025-07-07T10:00:00.000Z | 2025-07-29T10:00:00.000Z |
| vde-2023-049 | Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability | 2023-12-11T07:00:00.000Z | 2023-12-11T07:00:00.000Z |
| vde-2023-038 | Frauscher: Multiple Vulnerabilities in FDS101 | 2023-09-21T06:00:00.000Z | 2023-09-21T06:00:00.000Z |
| vde-2023-011 | Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability | 2023-07-05T08:00:00.000Z | 2023-07-05T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-052 | Miele: Vulnerability in ease2pay cloud service used by appWash | 2022-11-21T09:00:00.000Z | 2022-11-21T09:00:00.000Z |
| vde-2022-015 | Miele: Security vulnerability in Benchmark Programming Tool | 2022-04-27T12:00:00.000Z | 2022-04-27T12:00:00.000Z |
| vde-2020-024 | Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED | 2020-07-08T07:29:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-010 | Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway | 2019-05-20T06:58:00.000Z | 2025-05-14T13:00:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-096 | Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| vde-2025-052 | Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities | 2025-06-11T10:00:00.000Z | 2025-07-23T10:00:00.000Z |
| vde-2025-044 | Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities | 2025-05-27T09:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-041 | Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX | 2025-05-19T09:00:00.000Z | 2025-05-19T09:00:00.000Z |
| vde-2025-021 | Weidmueller: Authentication Vulnerability in PROCON-WIN 5 | 2025-03-05T09:00:00.000Z | 2025-05-14T13:26:53.000Z |
| vde-2025-023 | Weidmueller: OpenSSL vulnerability in industrial ethernet switches | 2025-03-05T08:00:00.000Z | 2025-03-05T11:00:00.000Z |
| vde-2023-032 | Weidmueller: WIBU Vulnerability in multiple Products | 2023-11-09T07:42:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-056 | Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability | 2022-12-14T07:00:00.000Z | 2022-12-14T07:00:00.000Z |
| vde-2021-004 | Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write | 2022-06-21T08:00:00.000Z | 2022-06-21T08:00:00.000Z |
| vde-2022-008 | WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways | 2022-04-07T06:00:00.000Z | 2022-04-07T06:00:00.000Z |
| vde-2021-042 | Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities | 2021-10-18T08:24:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-026 | Weidmueller: Multiple vulnerabilities in Industrial WLAN devices | 2021-06-23T11:04:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-016 | Weidmueller: Accidentally open network port in u-controls and IoT-Gateways | 2021-05-04T08:17:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-002 | Weidmueller: WI Manager affected by fdtContainer vulnerability | 2021-01-20T13:32:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-041 | Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-10-12T09:14:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-018 | Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches | 2019-12-05T12:03:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-066 | SMA: Directory Traversal in Sunny Boy | 2025-08-27T08:00:00.000Z | 2025-08-27T08:00:00.000Z |
| vde-2025-050 | SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user | 2025-08-19T10:00:00.000Z | 2025-08-19T10:00:00.000Z |
| vde-2025-010 | SMA: Sunny Portal demo system privilege escalation | 2025-05-13T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2025-012 | SMA: Sunny Portal Remote Code Execution | 2025-02-26T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-075 | SMA: Sunny Webbox clickjacking vulnerability | 2025-01-27T13:00:00.000Z | 2025-06-17T06:00:00.000Z |
| vde-2024-020 | SMA: Cluster Controller CSRF vulnerability | 2025-01-27T13:00:00.000Z | 2025-02-12T16:48:47.000Z |
| vde-2024-074 | SMA: SQL injection in Sunny Central UP | 2024-11-27T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-013 | HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing | 2024-02-13T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-059 | HIMA: unquoted path vulnerabilities in X-OPC and X-OTS | 2023-01-16T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-091 | Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro | 2025-10-14T10:00:00.000Z | 2025-10-14T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-016 | SWARCO: Critical Vulnerability in CPU LS4000 | 2020-05-28T13:00:00.000Z | 2020-05-28T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-033 | ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products | 2025-04-14T10:00:00.000Z | 2025-04-14T10:00:00.000Z |
| vde-2024-016 | ADS-TEC Industrial IT: Docker vulnerability affects multiple products | 2024-02-19T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-009 | ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 | 2023-05-08T13:37:00.000Z | 2023-05-08T13:37:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-061 | VARTA: Multiple devices prone to hard-coded credentials | 2023-03-15T09:00:00.000Z | 2023-03-15T09:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-060 | Sauter: Multiple vulnerabilities in SAUTER modulo 6 | 2025-10-21T10:00:00.000Z | 2025-10-27T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-079 | Janitza: Multiple vulnerabilities in UMG 96RM-E | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| vde-2025-094 | Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ | 2025-11-24T12:00:00.000Z | 2025-11-24T12:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-001 | METTLER TOLEDO: ASP.NET core vulnerability in LabX | 2026-03-04T07:00:00.000Z | 2026-03-04T07:00:00.000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0015 |
7.2 (4.0)
|
Threat actors use FortiCloud SSO bypass to collect LDAā¦ |
fortinet |
fortios |
2026-02-09T09:09:00.000Z | 2026-02-09T09:14:59.004089Z |
| GCVE-1-2026-0014 |
7.4 (4.0)
|
Missing Authorization Check Allows Unauthorized Modifiā¦ |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:32:14.341383Z | 2026-02-04T19:32:14.341383Z |
| GCVE-1-2026-0013 |
2.1 (4.0)
|
Flask Application Username Route Collision Allows Reseā¦ |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:27:00.000Z | 2026-02-04T19:32:49.787763Z |
| GCVE-1-2026-0012 |
2.1 (4.0)
|
Authentication Error Message Allows Email Address Enumā¦ |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:21:34.411344Z | 2026-02-04T19:21:34.411344Z |
| GCVE-1-2026-0011 |
8.7 (4.0)
|
Out-of-bounds memory write in the network packet ā¦ |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:37:00.000Z | 2026-01-29T14:39:17.728822Z |
| GCVE-1-2026-0010 |
9.3 (4.0)
|
Improper input validation in the file transfer haā¦ |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:33:18.822829Z | 2026-01-29T14:33:18.822829Z |
| GCVE-1-2026-0009 |
9.3 (4.0)
|
Stack-based buffer overflow in the multiplayer neā¦ |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:30:38.596928Z | 2026-01-29T14:30:38.596928Z |
| GCVE-1-2026-0008 |
10 (4.0)
|
gpg-agent stack buffer overflow in pkdecrypt using KEM |
gnupg |
gpg-agent |
2026-01-28T13:48:12.350509Z | 2026-01-28T13:48:12.350509Z |
| GCVE-1-2026-0007 |
10 (4.0)
|
GNU InetUtils Security Advisory: remote authenticationā¦ |
gnu |
InetUtils |
2026-01-20T20:57:00.000Z | 2026-01-26T16:32:40.831364Z |
| GCVE-1-2026-0006 |
8.5 (4.0)
|
Improper Access Control in Cerebrate AuthKey and Encryā¦ |
cerebrate |
cerebrate |
2026-01-13T15:37:17.337254Z | 2026-01-13T15:37:17.337254Z |
| GCVE-1-2026-0005 |
8.5 (4.0)
|
Improper Access Control in Cerebrate Alignment Model Aā¦ |
cerebrate |
cerebrate |
2026-01-13T15:31:00.000Z | 2026-01-13T15:38:02.888546Z |
| GCVE-1-2026-0004 |
8.5 (4.0)
|
Authorization Bypass in Cerebrate IndividualsControlleā¦ |
cerebrate |
cerebrate |
2026-01-13T15:28:00.000Z | 2026-01-13T15:38:37.744618Z |
| GCVE-1-2026-0003 |
6.3 (4.0)
|
Stored/Reflected XSS via Unsanitized Parameters in URLā¦ |
misp |
misp |
2026-01-13T10:50:00.000Z | 2026-01-13T10:54:13.659223Z |
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2026-0001 |
N/A
|
Bundle reference to gpg.fail |
gnupg |
gnupg |
2026-01-02T10:20:00.000Z | 2026-01-02T13:31:14.359346Z |
| GCVE-1-2025-0041 |
6.4 (4.0)
|
[online services] Reflected Cross-Site Scripting (XSS)ā¦ |
typo3 |
typo3 |
2025-12-19T14:25:00.000Z | 2025-12-19T14:54:51.594645Z |
| GCVE-1-2025-0040 |
7.2 (4.0)
|
A cross-site scripting (XSS) vulnerability was idā¦ |
misp |
misp |
2025-12-13T08:44:32.378924Z | 2025-12-13T08:44:32.378924Z |
| GCVE-1-2025-0039 |
8.5 (4.0)
|
XSS Reintroduced in MISP Dashboard World Map Widget Duā¦ |
misp |
misp |
2025-12-10T14:33:52.856734Z | 2025-12-10T14:33:52.856734Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Adā¦ |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |
| GCVE-1-2025-0037 |
7 (4.0)
|
Reflected XSS in MISP Dashboard Widgets via Unescaped ā¦ |
misp |
misp |
2025-12-10T14:01:03.200804Z | 2025-12-10T14:01:03.200804Z |
| GCVE-1-2025-0036 |
8.3 (4.0)
|
A reflected cross-site scripting (XSS) vulnerability wā¦ |
misp |
misp |
2025-12-10T13:46:07.170083Z | 2025-12-10T13:46:07.170083Z |
| GCVE-1-2025-0035 |
8.3 (4.0)
|
Insufficient sanitization of bundle metadata (availablā¦ |
CIRCL |
vulnerability-lookup |
2025-12-08T10:25:00.000Z | 2025-12-08T12:14:06.307298Z |
| GCVE-1-2025-0034 |
7 (4.0)
|
Missing CSRF protection on state-changing endpoints inā¦ |
CIRCL |
vulnerability-lookup |
2025-12-08T10:19:00.000Z | 2025-12-08T12:13:24.197294Z |
| GCVE-1-2025-0033 |
8.1 (4.0)
|
Vulnerability-lookup did not track or limit failed Oneā¦ |
CIRCL |
vulnerability-lookup |
2025-12-08T10:11:00.000Z | 2025-12-08T12:12:53.235996Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox deviceā¦ |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0031 |
7.1 (4.0)
|
A cross-site scripting (XSS) vulnerability was identifā¦ |
misp |
misp |
2025-12-03T10:58:00.000Z | 2025-12-16T09:36:09.594750Z |
| GCVE-1-2025-0030 |
6.2 (4.0)
|
A cross-site scripting (XSS) vulnerability in the MISPā¦ |
misp |
misp |
2025-12-03T10:53:00.000Z | 2025-12-03T10:58:55.845341Z |
| GCVE-1-2025-0029 |
6.3 (4.0)
|
Reflected cross-site scripting (XSS) vulnerabilities iā¦ |
misp |
misp |
2025-11-27T12:41:00.000Z | 2025-11-27T12:48:51.085860Z |
| GCVE-1-2025-0028 |
8.5 (4.0)
|
Information leakage vulnerability in the MISP Feed conā¦ |
misp |
misp |
2025-11-27T07:23:00.000Z | 2025-12-02T08:51:35.429494Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in ā¦ |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |