Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-35485
7.5 (3.1)
text-generation-webui has a Path Traversal in load_graā€¦ oobabooga
 text-generation-webui
 2026-04-07T14:47:37.593Z 2026-04-07T14:47:37.593Z
CVE-2026-35484
5.3 (3.1)
text-generation-webui has a Path Traversal in load_preā€¦ oobabooga
 text-generation-webui
 2026-04-07T14:46:42.351Z 2026-04-07T14:47:58.668Z
CVE-2026-35483
5.3 (3.1)
text-generation-webui has a Path Traversal in load_temā€¦ oobabooga
 text-generation-webui
 2026-04-07T14:45:07.141Z 2026-04-07T14:45:07.141Z
CVE-2026-35480
6.2 (3.1)
go-ipld-prime's DAG-CBOR decoder unbounded memory alloā€¦ ipld
 go-ipld-prime
 2026-04-07T14:43:24.781Z 2026-04-07T14:43:24.781Z
CVE-2026-35464
7.5 (3.1)
pyLoad has an incomplete fix for CVE-2026-33509: unproā€¦ pyload
 pyload
 2026-04-07T14:38:02.480Z 2026-04-07T14:38:02.480Z
CVE-2026-35463
8.8 (3.1)
pyLoad has Improper Neutralization of Special Elementsā€¦ pyload
 pyload
 2026-04-07T14:32:44.149Z 2026-04-07T14:32:44.149Z
CVE-2026-4740
8.2 (3.1)
Rhacm: open cluster management (ocm): cross-cluster prā€¦ Red Hat
 Multicluster Engine for Kubernetes
 2026-04-07T14:30:36.396Z 2026-04-07T14:30:36.396Z
CVE-2026-35462
4.3 (3.1)
Papra Does Not Reject Expired API Keys papra-hq
 papra
 2026-04-07T14:30:17.479Z 2026-04-07T14:30:17.479Z
CVE-2026-35461
5 (3.1)
Papra has a Blind Server-Side Request Forgery (SSRF) vā€¦ papra-hq
 papra
 2026-04-07T14:28:42.063Z 2026-04-07T14:28:42.063Z
CVE-2026-35460
4.3 (3.1)
Papra has an HTML Injection in Transactional Emails viā€¦ papra-hq
 papra
 2026-04-07T14:26:52.943Z 2026-04-07T14:26:52.943Z
CVE-2026-35458
8.7 (4.0)
Gotenberg has a ReDoS via extraHttpHeaders scope feature gotenberg
 gotenberg
 2026-04-07T14:24:21.651Z 2026-04-07T14:24:21.651Z
CVE-2026-33034
N/A
Potential denial-of-service vulnerability in ASGI requā€¦ djangoproject
 Django
 2026-04-07T14:22:59.942Z 2026-04-07T14:22:59.942Z
CVE-2026-33033
N/A
Potential denial-of-service vulnerability in MultiPartā€¦ djangoproject
 Django
 2026-04-07T14:22:48.624Z 2026-04-07T14:22:48.624Z
CVE-2026-4292
N/A
Privilege abuse in ModelAdmin.list_editable djangoproject
 Django
 2026-04-07T14:22:38.254Z 2026-04-07T14:22:38.254Z
CVE-2026-4277
N/A
Privilege abuse in GenericInlineModelAdmin djangoproject
 Django
 2026-04-07T14:22:25.547Z 2026-04-07T14:22:25.547Z
CVE-2026-35457
8.2 (3.1)
libp2p-rust has unbounded rendezvous DISCOVER cookies ā€¦ libp2p
 rust-libp2p
 2026-04-07T14:22:19.941Z 2026-04-07T14:22:19.941Z
CVE-2026-3902
N/A
ASGI header spoofing via underscore/hyphen conflation djangoproject
 Django
 2026-04-07T14:22:07.190Z 2026-04-07T14:22:07.190Z
CVE-2026-35405
7.5 (3.1)
libp2p-rendezvous: Unlimited namespace registrations pā€¦ libp2p
 rust-libp2p
 2026-04-07T14:21:15.377Z 2026-04-07T14:21:15.377Z
CVE-2026-5384
5.8 (3.1)
runZero Platform incorrect credential scope runZero
 Platform
 2026-04-07T14:12:42.547Z 2026-04-07T14:12:42.547Z
CVE-2026-5383
4.4 (3.1)
runZero Explorer missing authorization check runZero
 Explorer
 2026-04-07T14:12:32.422Z 2026-04-07T14:12:32.422Z
CVE-2026-5382
3 (3.1)
runZero Platform MCP endpoint information leak runZero
 Platform
 2026-04-07T14:12:23.331Z 2026-04-07T14:12:23.331Z
CVE-2026-5381
2.2 (3.1)
runZero Platform task information leak runZero
 Platform
 2026-04-07T14:12:15.851Z 2026-04-07T14:12:15.851Z
CVE-2026-5380
5.3 (3.1)
runZero Platform cleartext secret exposure runZero
 Platform
 2026-04-07T14:12:05.649Z 2026-04-07T14:12:05.649Z
CVE-2026-5379
3 (3.1)
runZero Platform MCP certification information leak runZero
 Platform
 2026-04-07T14:11:53.619Z 2026-04-07T14:11:53.619Z
CVE-2026-5378
5.8 (3.1)
runZero Platform user creation leak runZero
 Platform
 2026-04-07T14:11:42.793Z 2026-04-07T14:11:42.793Z
CVE-2026-5376
5.9 (3.1)
runZero Platform session timeout failure runZero
 Platform
 2026-04-07T14:11:30.204Z 2026-04-07T14:11:30.204Z
CVE-2026-5375
2.7 (3.1)
runZero Platform API credential information leak runZero
 Platform
 2026-04-07T14:11:14.172Z 2026-04-07T14:11:14.172Z
CVE-2026-5374
5.8 (3.1)
runZero Platform MCP information leak runZero
 Platform
 2026-04-07T14:10:36.244Z 2026-04-07T14:10:36.244Z
CVE-2026-5373
8.1 (3.1)
runZero Platform superuser privilege escalation runZero
 Platform
 2026-04-07T14:10:18.634Z 2026-04-07T14:10:25.380Z
CVE-2026-5372
6.4 (3.1)
runZero Platform SQL injection in saved queries runZero
 Platform
 2026-04-07T14:10:08.773Z 2026-04-07T14:10:08.773Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-5627
9.1 (3.0)
Path Traversal in mintplex-labs/anything-llm mintplex-labs
 mintplex-labs/anything-llm
 2026-04-07T13:06:38.503Z 2026-04-07T13:52:59.055Z
CVE-2026-35554
N/A
Apache Kafka Clients: Kafka Producer Message Corruptioā€¦ Apache Software Foundation
 Apache Kafka Clients
 2026-04-07T13:07:08.679Z 2026-04-07T13:58:08.252Z
CVE-2026-5735
N/A
Memory safety bugs fixed in Firefox 149.0.2 and Thundeā€¦ Mozilla
 Firefox
 2026-04-07T12:43:15.857Z 2026-04-07T12:43:15.857Z
CVE-2026-5734
N/A
Memory safety bugs fixed in Firefox ESR 140.9.1, Thundā€¦ Mozilla
 Firefox
 2026-04-07T12:43:14.833Z 2026-04-07T12:43:14.833Z
CVE-2026-5733
8.8 (3.1)
Incorrect boundary conditions in the Graphics: WebGPU ā€¦ Mozilla
 Firefox
 2026-04-07T12:43:13.804Z 2026-04-07T14:34:53.720Z
CVE-2026-5732
8.8 (3.1)
Incorrect boundary conditions, integer overflow in theā€¦ Mozilla
 Firefox
 2026-04-07T12:43:12.829Z 2026-04-07T14:29:05.339Z
CVE-2026-5731
9.8 (3.1)
Memory safety bugs fixed in Firefox ESR 115.34.1, Fireā€¦ Mozilla
 Firefox
 2026-04-07T12:43:11.895Z 2026-04-07T14:13:29.548Z
CVE-2026-3466
8.5 (4.0)
Cross-site scripting in dashlet title Checkmk GmbH
 Checkmk
 2026-04-07T12:08:50.132Z 2026-04-07T13:18:48.034Z
CVE-2026-33866
5.3 (4.0)
Authorization Bypass in MLflow AJAX Endpoint Mlflow
 Mlflow
 2026-04-07T12:57:44.380Z 2026-04-07T13:05:47.658Z
CVE-2026-33865
5.1 (4.0)
Stored XSS via unsafe YAML parsing in MLflow Mlflow
 Mlflow
 2026-04-07T12:57:38.525Z 2026-04-07T13:10:14.041Z
CVE-2026-32144
7.6 (4.0)
OCSP designated-responder authorization bypass via misā€¦ Erlang
 OTP
 2026-04-07T12:28:00.767Z 2026-04-07T14:38:03.763Z
CVE-2026-28808
8.3 (4.0)
ScriptAlias CGI targets bypass directory auth in inetsā€¦ Erlang
 OTP
 2026-04-07T12:28:16.056Z 2026-04-07T14:38:09.190Z
CVE-2026-23818
8.8 (3.1)
Open Redirect Vulnerability in HPE Aruba Networking Prā€¦ Hewlett Packard Enterprise (HPE)
 Private 5G Core
 2026-04-07T12:18:11.753Z 2026-04-07T13:17:32.192Z
CVE-2026-22679
9.3 (4.0)
9.8 (3.1)
Weaver E-cology 10.0 Unauthenticated RCE via dubboApi ā€¦ Weaver Network Co., Ltd.
 E-cology
 2026-04-07T12:51:22.789Z 2026-04-07T13:31:03.676Z
CVE-2026-22666
8.6 (4.0)
7.2 (3.1)
Dolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_evā€¦ Dolibarr
 Dolibarr ERP/CRM
 2026-04-07T12:41:31.280Z 2026-04-07T13:43:14.034Z
CVE-2025-39666
9.3 (4.0)
omd: Local privilege escalation when executing omd comā€¦ Checkmk GmbH
 Checkmk
 2026-04-07T12:09:07.609Z 2026-04-07T13:18:19.609Z
CVE-2021-4473
9.3 (4.0)
9.8 (3.1)
Tianxin Internet Behavior Management System Command Inā€¦ Beijing Topsec Network Security Technology Co., Ltd.
 Tianxin Internet Behavior Management System
 2026-04-07T12:50:58.200Z 2026-04-07T12:54:01.503Z
CVE-2026-31842
8.7 (4.0)
7.5 (3.1)
Tinyproxy HTTP request parsing desynchronization via cā€¦ Tinyproxy Project
 Tinyproxy
 2026-04-07T11:17:33.621Z 2026-04-07T11:17:33.621Z
CVE-2026-4420
5.1 (4.0)
Stored XSS via Page Creating functionality in Bludit Bludit
 Bludit
 2026-04-07T10:46:19.052Z 2026-04-07T10:46:19.052Z
CVE-2026-34904
7.5 (3.1)
WordPress Simple Social Media Share Buttons plugin <= ā€¦ Analytify
 Simple Social Media Share Buttons
 2026-04-07T08:22:26.209Z 2026-04-07T13:35:08.146Z
CVE-2026-34903
5.4 (3.1)
WordPress Ocean Extra plugin <= 2.5.3 - Broken Access ā€¦ OceanWP
 Ocean Extra
 2026-04-07T08:57:51.189Z 2026-04-07T12:59:24.495Z
CVE-2026-34899
5.3 (3.1)
WordPress LTL Freight Quotes ā€“ Worldwide Express Editiā€¦ Eniture technology
 LTL Freight Quotes ā€“ Worldwide Express Edition
 2026-04-07T08:31:37.373Z 2026-04-07T13:11:05.535Z
CVE-2026-34896
7.5 (3.1)
WordPress Under Construction, Coming Soon & Maintenancā€¦ Analytify
 Under Construction, Coming Soon & Maintenance Mode
 2026-04-07T08:20:42.775Z 2026-04-07T13:37:48.429Z
CVE-2026-34197
N/A
Apache ActiveMQ Broker, Apache ActiveMQ: Authenticatedā€¦ Apache Software Foundation
 Apache ActiveMQ Broker
 2026-04-07T07:50:10.958Z 2026-04-07T13:30:11.885Z
CVE-2026-33227
N/A
Apache ActiveMQ Client, Apache ActiveMQ Broker, Apacheā€¦ Apache Software Foundation
 Apache ActiveMQ Client
 2026-04-07T07:50:58.897Z 2026-04-07T14:05:29.211Z
CVE-2026-28810
6.3 (4.0)
Predictable DNS Transaction IDs Enable Cache Poisoningā€¦ Erlang
 OTP
 2026-04-07T07:50:11.072Z 2026-04-07T14:38:06.115Z
CVE-2026-3177
5.3 (3.1)
Charitable ā€“ Donation Plugin for WordPress ā€“ Fundraisiā€¦ smub
 Charitable ā€“ Donation Plugin for WordPress ā€“ Fundraising with Recurring Donations & More
 2026-04-07T07:40:13.519Z 2026-04-07T13:19:24.638Z
CVE-2026-5465
8.8 (3.1)
Amelia <= 2.1.3 - Insecure Direct Object Reference to ā€¦ ameliabooking
 Booking for Appointments and Events Calendar ā€“ Amelia
 2026-04-07T06:43:41.045Z 2026-04-07T13:13:24.738Z
CVE-2026-4079
N/A
SQL Chart Builder < 2.3.8 - Unauthenticated SQL Injection Unknown
 SQL Chart Builder
 2026-04-07T06:00:11.585Z 2026-04-07T06:00:11.585Z
CVE-2026-1900
N/A
Link Whisper Free < 0.9.1 - Unauthenticated Settings aā€¦ Unknown
 Link Whisper Free
 2026-04-07T06:00:11.155Z 2026-04-07T06:00:11.155Z
ID Description Published Updated
fkie_cve-2026-1657 The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versionsā€¦ 2026-02-17T06:16:18.173 2026-02-18T17:52:22.253
fkie_cve-2026-2592 The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control ā€¦ 2026-02-17T05:16:17.430 2026-02-18T17:52:22.253
fkie_cve-2026-2002 The Forminator Forms ā€“ Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulā€¦ 2026-02-17T05:16:17.080 2026-02-18T17:52:22.253
fkie_cve-2026-26220 LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in ā€¦ 2026-02-17T03:16:01.893 2026-02-18T17:52:22.253
fkie_cve-2025-12062 The WP Maps ā€“ Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin forā€¦ 2026-02-17T00:16:17.080 2026-02-18T17:52:22.253
fkie_cve-2026-2439 Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids. The geā€¦ 2026-02-16T22:22:41.470 2026-03-10T18:12:46.927
fkie_cve-2025-15578 Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id iā€¦ 2026-02-16T22:22:40.557 2026-03-10T15:07:31.793
fkie_cve-2026-2474 Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in tā€¦ 2026-02-16T21:22:18.107 2026-03-04T02:27:15.217
fkie_cve-2026-2001 The WowRevenue plugin for WordPress is vulnerable to unauthorized plugin installation due to a missā€¦ 2026-02-16T20:19:36.190 2026-02-18T17:52:22.253
fkie_cve-2026-2567 A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the functioā€¦ 2026-02-16T18:19:45.217 2026-02-18T19:41:03.690
fkie_cve-2026-2566 A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the fuā€¦ 2026-02-16T18:19:45.017 2026-02-18T17:52:22.253
fkie_cve-2019-25395 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulneā€¦ 2026-02-16T18:19:44.480 2026-02-20T16:31:49.890
fkie_cve-2019-25394 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulneā€¦ 2026-02-16T18:19:44.313 2026-02-20T16:31:34.660
fkie_cve-2019-25393 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:44.147 2026-02-20T16:31:23.993
fkie_cve-2019-25392 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.980 2026-02-20T16:31:18.553
fkie_cve-2019-25390 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:43.810 2026-02-20T16:31:10.263
fkie_cve-2019-25389 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.643 2026-02-20T16:30:56.780
fkie_cve-2019-25388 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.473 2026-02-20T16:27:01.120
fkie_cve-2019-25387 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.303 2026-02-20T16:26:53.380
fkie_cve-2019-25386 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:43.133 2026-02-20T16:26:47.313
fkie_cve-2019-25385 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:42.967 2026-02-20T16:26:41.493
fkie_cve-2019-25384 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.803 2026-02-20T16:26:36.247
fkie_cve-2019-25383 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.640 2026-02-20T16:26:19.230
fkie_cve-2019-25382 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:42.480 2026-02-20T19:12:29.937
fkie_cve-2019-25381 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.317 2026-02-20T16:26:07.903
fkie_cve-2019-25380 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.153 2026-02-20T16:25:48.847
fkie_cve-2019-25379 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting ā€¦ 2026-02-16T18:19:41.987 2026-02-20T16:30:43.613
fkie_cve-2019-25378 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple cross-site scripting vulnerabilitā€¦ 2026-02-16T18:19:41.430 2026-02-20T21:23:50.410
fkie_cve-2026-2565 A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the functiā€¦ 2026-02-16T17:18:09.360 2026-02-18T19:42:27.167
fkie_cve-2026-2564 A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this ā€¦ 2026-02-16T17:18:09.150 2026-02-18T17:52:22.253
ID Severity Description Published Updated
ghsa-w5x8-257x-9rv5
5.1 (4.0)
Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An auā€¦ 2026-04-07T12:31:15Z 2026-04-07T12:31:15Z
ghsa-mh87-c4c3-cgwf
7.5 (3.1)
8.7 (4.0)
Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensā€¦ 2026-04-07T12:31:15Z 2026-04-07T12:31:15Z
ghsa-vqf2-5h8g-fv6r
5.3 (3.1)
The Charitable ā€“ Donation Plugin for WordPress ā€“ Fundraising with Recurring Donations & More pluginā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-rxpj-7qvf-xv32
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability ā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-q26f-fvh3-5p4h
7.5 (3.1)
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Under Construction, Coming Soon & Mainā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-mhqr-7m5g-wj8v
5.4 (3.1)
Missing Authorization vulnerability in OceanWP Ocean Extra allows Exploiting Incorrectly Configuredā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-m38f-j4wj-5268
The SQL Chart Builder WordPress plugin before 2.3.8 does not properly escape user input as it is coā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-jp4w-vjf8-5c76
7.5 (3.1)
Cross-Site Request Forgery (CSRF) vulnerability in Analytify Simple Social Media Share Buttons alloā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-h2h4-5m64-m273
Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Clienā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-9w5f-xhp2-5782
The Link Whisper Free WordPress plugin before 0.9.1 has a publicly accessible REST endpoint that alā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-9296-v3fr-j92j
9.8 (3.1)
In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper acā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-86pc-m9xh-3jg9
The Popup Box WordPress plugin before 5.5.0 does not properly validate nonces in the add_or_edit_pā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-3wcx-px3j-79f4
8.8 (3.1)
The Booking for Appointments and Events Calendar ā€“ Amelia plugin for WordPress is vulnerable to Insā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-37g5-xxx3-2p4q
5.3 (3.1)
Missing Authorization vulnerability in Eniture technology LTL Freight Quotes ā€“ Worldwide Express Edā€¦ 2026-04-07T09:31:22Z 2026-04-07T09:31:22Z
ghsa-69w3-r845-3855
6.5 (3.1)
A vulnerability in the HuggingFace Transformers library, specifically in the `Trainer` class, allowā€¦ 2026-04-07T06:30:28Z 2026-04-07T06:30:28Z
ghsa-xv4p-823r-9vr8
In sec boot, there is a possible out of bounds write due to an integer overflow. This could lead toā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-v8wq-rjpf-669f
9.8 (3.1)
The Ninja Forms - File Uploads plugin for WordPress is vulnerable to arbitrary file uploads due to ā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-qr22-6jgj-x8qh
5.5 (3.1)
Buffer Overflow Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Mā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-h2gf-w3wm-8xqj
8.8 (3.1)
Remote Code Execution VulnerabilityĀ in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-86mw-26q3-c8pr
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead toā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-6pq9-8556-qr3w
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial oā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-5h6h-2wjp-jc72
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead toā€¦ 2026-04-07T06:30:27Z 2026-04-07T06:30:27Z
ghsa-cc3v-3rj7-x9cm
6.3 (3.1)
2.1 (4.0)
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown fā€¦ 2026-04-07T03:30:24Z 2026-04-07T03:30:24Z
ghsa-32vv-mwc8-ch6p
6.2 (3.1)
IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local ā€¦ 2026-04-07T03:30:24Z 2026-04-07T03:30:24Z
ghsa-x663-j3pw-658j
7.3 (3.1)
5.5 (4.0)
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setGaā€¦ 2026-04-07T00:30:22Z 2026-04-07T00:30:22Z
ghsa-wvc4-2vwc-mwh2
7.3 (3.1)
5.5 (4.0)
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the functioā€¦ 2026-04-07T00:30:22Z 2026-04-07T00:30:22Z
ghsa-r8h7-vx32-9qj2
7.3 (3.1)
5.5 (4.0)
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is thā€¦ 2026-04-07T00:30:22Z 2026-04-07T00:30:22Z
ghsa-qchm-r69c-gh59
8.8 (3.1)
7.4 (4.0)
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatSā€¦ 2026-04-07T00:30:22Z 2026-04-07T00:30:22Z
ghsa-phcm-xmm8-7jpc
8.0 (3.1)
7.3 (4.0)
A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fā€¦ 2026-04-07T00:30:22Z 2026-04-07T00:30:22Z
ghsa-jqvm-5g74-g525
7.3 (3.1)
5.5 (4.0)
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the ā€¦ 2026-04-07T00:30:22Z 2026-04-07T00:30:22Z
ID Severity Description Package Published Updated
pysec-2026-3
After an API token exposure from an exploited Trivy dependency, two new releases of `telnā€¦ telnyx 2026-03-27T14:53:14Z
pysec-2026-2
After an API Token exposure from an exploited Trivy dependency, two new releases of `liteā€¦ litellm 2026-03-24T15:35:32Z
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious versionā€¦ dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fasā€¦ cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker temā€¦ roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0ā€¦ llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap ā€¦ pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-51
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vā€¦ apache-airflow-providers-snowflake 2025-06-24T08:15:24+00:00 2025-06-26T21:23:03.132527+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componenā€¦ langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6ā€¦ upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabilā€¦ upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0ā€¦ python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-47
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2ā€¦ django 2025-06-05T03:15:25+00:00 2025-06-05T05:23:28.296596+00:00
pysec-2025-44
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in modā€¦ django-helpdesk 2025-05-31T01:15:19+00:00 2025-05-31T03:09:35.357757+00:00
pysec-2025-55
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 uā€¦ vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.407481+00:00
pysec-2025-54
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8ā€¦ vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.319321+00:00
pysec-2025-50
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expā€¦ vllm 2025-05-30T18:15:32+00:00 2025-06-19T03:02:28.572160+00:00
pysec-2025-53
vLLM is an inference and serving engine for large language models (LLMs). Prior to versioā€¦ vllm 2025-05-29T17:15:21+00:00 2025-06-26T21:23:06.231251+00:00
pysec-2025-43
vLLM is an inference and serving engine for large language models (LLMs). In versions staā€¦ vllm 2025-05-29T17:15:21+00:00 2025-05-29T19:21:01.611587+00:00
pysec-2025-46
5.5 (3.1)
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as criā€¦ pypickle 2025-05-26T08:15:19+00:00 2025-06-03T17:36:58.579358+00:00
pysec-2025-45
7.8 (3.1)
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.ā€¦ pypickle 2025-05-26T07:15:26+00:00 2025-06-03T17:36:58.528116+00:00
pysec-2025-40
7.5 (3.1)
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`ā€¦ transformers 2025-05-19T12:15:19+00:00 2025-05-21T19:22:10.801823+00:00
pysec-2025-49
8.8 (3.1)
setuptools is a package that allows users to download, build, install, upgrade, and uninsā€¦ setuptools 2025-05-17T16:15:19+00:00 2025-06-12T22:23:11.115559+00:00
pysec-2025-39
motionEye is an online interface for the software motion, a video surveillance program wiā€¦ motioneye 2025-05-14T16:15:29+00:00 2025-05-14T17:22:51.050788+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Informā€¦ apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attackā€¦ apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2025-38
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during imā€¦ ironic 2025-05-08T17:16:01Z 2025-05-13T04:24:03.083929Z
pysec-2025-37
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2ā€¦ django 2025-05-08T04:17:18+00:00 2025-05-08T05:23:16.210893+00:00
pysec-2025-42
9.8 (3.1)
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Verā€¦ vllm 2025-04-30T01:15:51+00:00 2025-05-28T21:23:12.396609+00:00
ID Description Updated
ID Description Published Updated
mal-2026-2503 Malicious code in genesis-1p-tools-rpm-bundle (PyPI) 2026-04-07T09:41:03Z 2026-04-07T09:41:03Z
mal-2026-2502 Malicious code in databasenaps (PyPI) 2026-04-07T04:39:13Z 2026-04-07T06:06:00Z
mal-2026-2501 Malicious code in databaselooks (PyPI) 2026-04-07T04:00:02Z 2026-04-07T04:00:02Z
mal-2026-2499 Malicious code in nerite-security-audit (npm) 2026-04-06T09:23:07Z 2026-04-07T14:41:23Z
mal-2026-2500 Malicious code in totally-safe-util (npm) 2026-04-06T09:20:39Z 2026-04-07T14:41:25Z
mal-2026-2498 Malicious code in df-sandbox-test (npm) 2026-04-06T09:18:00Z 2026-04-07T14:41:21Z
mal-2026-2497 Malicious code in commerce-utils (npm) 2026-04-06T09:11:24Z 2026-04-07T14:41:21Z
mal-2026-2496 Malicious code in chess-sec-ssrf1 (npm) 2026-04-06T06:10:44Z 2026-04-07T14:41:21Z
mal-2026-2495 Malicious code in cloudera (npm) 2026-04-05T20:05:37Z 2026-04-07T14:41:21Z
mal-2026-2493 Malicious code in cloudera-poc (npm) 2026-04-05T19:40:31Z 2026-04-07T14:41:21Z
mal-2026-2494 Malicious code in databasetapes (PyPI) 2026-04-05T19:35:23Z 2026-04-05T19:35:23Z
mal-2026-2492 Malicious code in admin0911 (npm) 2026-04-05T15:30:57Z 2026-04-07T14:41:20Z
mal-2026-2491 Malicious code in @not-nemo/crypto-tracker (npm) 2026-04-05T14:31:21Z 2026-04-07T14:41:20Z
mal-2026-2489 Malicious code in databaserobooms (PyPI) 2026-04-04T22:24:16Z 2026-04-05T09:20:21Z
mal-2026-2490 Malicious code in databaserotacos (PyPI) 2026-04-04T22:03:00Z 2026-04-05T09:20:21Z
mal-2026-2488 Malicious code in photo-extractor (PyPI) 2026-04-04T16:41:48Z 2026-04-04T16:41:48Z
mal-2026-2487 Malicious code in discord-request (PyPI) 2026-04-04T12:56:18Z 2026-04-04T12:56:18Z
mal-2026-2486 Malicious code in gangomodule (PyPI) 2026-04-04T12:01:55Z 2026-04-04T12:01:55Z
mal-2026-2452 Malicious code in strapi-plugin-blurhash (npm) 2026-04-03T19:10:29Z 2026-04-07T14:41:25Z
mal-2026-2450 Malicious code in strapi-plugin-advanced-uuid (npm) 2026-04-03T19:10:26Z 2026-04-07T14:41:25Z
mal-2026-2463 Malicious code in strapi-plugin-guardarian-ext (npm) 2026-04-03T19:10:23Z 2026-04-07T14:41:25Z
mal-2026-2465 Malicious code in strapi-plugin-health-check (npm) 2026-04-03T19:10:19Z 2026-04-07T14:41:25Z
mal-2026-2459 Malicious code in strapi-plugin-debug-tools (npm) 2026-04-03T19:10:16Z 2026-04-07T14:41:25Z
mal-2026-2455 Malicious code in strapi-plugin-content-sync (npm) 2026-04-03T19:09:53Z 2026-04-07T14:41:25Z
mal-2026-2453 Malicious code in strapi-plugin-cms-tools (npm) 2026-04-03T19:09:34Z 2026-04-07T14:41:25Z
mal-2026-2466 Malicious code in strapi-plugin-hextest (npm) 2026-04-03T19:09:14Z 2026-04-07T14:41:25Z
mal-2026-2461 Malicious code in strapi-plugin-finseven (npm) 2026-04-03T19:08:49Z 2026-04-07T14:41:25Z
mal-2026-2471 Malicious code in strapi-plugin-nordica (npm) 2026-04-03T19:08:46Z 2026-04-07T14:41:25Z
mal-2026-2474 Malicious code in strapi-plugin-nordica-deep (npm) 2026-04-03T19:06:00Z 2026-04-07T14:41:25Z
mal-2026-2480 Malicious code in strapi-plugin-nordica-vhost (npm) 2026-04-03T19:05:57Z 2026-04-07T14:41:25Z
ID Description Published Updated
7paa023732 System 800xA affected by 3rd party component vulnerabilities 2026-03-31T00:30:00.000Z 2026-03-31T00:30:00.000Z
4hzm000604 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) 2026-03-26T00:30:00.000Z 2026-03-26T00:30:00.000Z
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ā€‹ā€‹PVIā€‹ ā€‹ā€‹Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ā€‹B&R PCs vulnerable to PixieFail attackā€‹ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Abilityā„¢ OPTIMAXĀ® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
3adr011432 AC500 V2 Buffer overread on Modbus protocol 2025-07-23T00:30:00.000Z 2025-07-23T00:30:00.000Z
9akk108471a4556 Busch-WelcomeĀ® 2 wire Door opener actuator by default in compatibility mode. 2025-07-21T00:30:00.000Z 2025-07-21T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2crt000008 Lite Panel Pro Vulnerability in Session Management 2025-06-26T00:30:00.000Z 2025-06-26T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-0937 Google Chrome und Microsoft Edge: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-06T22:00:00.000+00:00
wid-sec-w-2026-0909 Tinyproxy: Schwachstelle ermƶglicht Denial of Service 2026-03-29T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0904 vim: Schwachstelle ermƶglicht CodeausfĆ¼hrung 2026-03-29T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0892 WatchGuard Firebox: Mehrere Schwachstellen 2026-03-26T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0891 Dovecot: Mehrere Schwachstellen 2026-03-26T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0887 Internet Systems Consortium Kea: Schwachstelle ermƶglicht Denial of Service 2026-03-26T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0882 GIMP: Schwachstelle ermƶglicht Denial of Service und Offenlegung von Informationen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0881 IBM License Metric Tool: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0880 FreeRDP: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0879 Linux Kernel: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0878 FreeBSD Project FreeBSD OS: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0875 Red Hat Enterprise Linux (ncurses): Schwachstelle ermƶglicht CodeausfĆ¼hrung 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0873 docker: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0870 libpng: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0869 SolarWinds Platform: Mehrere Schwachstellen ermƶglichen Cross-Site Scripting 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0865 Keycloak: Schwachstelle ermƶglicht Offenlegung von Informationen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0864 OpenBao: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0861 Linux Kernel: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0860 NGINX und NGINX Plus: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0858 NATS Server: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0856 OpenClaw: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-01T22:00:00.000+00:00
wid-sec-w-2026-0855 Xen: Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0854 Squid: Mehrere Schwachstellen ermƶglichen Denial of Service 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0851 IBM InfoSphere Information Server: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0850 Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0849 ImageMagick: Mehrere Schwachstellen ermƶglichen Denial of Service 2026-03-24T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0847 GitLab: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0845 IBM WebSphere Application Server Liberty: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0844 Hitachi Ops Center: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0843 Node.js: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
ID Description Published Updated
va-26-092-01 Bentley Systems iTwin Platform exposed access token 2026-04-02T17:11:43Z 2026-04-02T17:11:43Z
va-26-092-02 Zscaler Client Connector hard-coded proxy configuration domain 2026-04-02T13:54:30Z 2026-04-02T13:54:30Z
icsa-26-092-02 Yokogawa CENTUM VP 2026-04-02T06:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-090-02 PX4 Autopilot 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-26-090-01 Anritsu Remote Spectrum Monitor 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-26-092-01 Siemens SICAM 8 Products 2026-03-26T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
va-26-084-01 Nanoleaf Lines unauthenticated firmware file store 2026-03-25T00:00:00Z 2026-04-02T00:00:00Z
icsma-26-083-01 Grassroots DICOM (GDCM) 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-01 Pharos Controls Mosaic Show Controller 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-07 IGL-Technologies eParking.fi 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-078-06 CTEK Chargeportal 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-071-06 Inductive Automation Ignition Software 2026-03-12T06:00:00.000000Z 2026-03-13T06:00:00.000000Z
icsa-26-071-01 Trane Tracer SC, Tracer SC+, and Tracer Concierge 2026-03-12T06:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-083-02 Schneider Electric EcoStruxure Foxboro DCS 2026-03-10T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-02 Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-01 Schneider Electric Modicon M241, M251, and M262 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-076-03 Schneider Electric EcoStruxure Data Center Expert 2026-03-10T07:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-069-03 Honeywell IQ4x BMS Controller 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-02 Lantronix EDS3000PS and EDS5000 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-01 Apeman Cameras 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-04 Ceragon Siklu MultiHaul and EtherHaul Series 2026-03-10T05:00:00.000000Z 2026-03-10T05:00:00.000000Z
icsa-26-078-05 Mitsubishi Electric CNC Series 2026-03-10T00:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-076-04 Siemens SICAM SIAPP SDK 2026-03-10T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-071-05 Siemens Heliox EV Chargers 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-04 Siemens SIMATIC 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-03 Siemens SIDIS Prime 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-02 Siemens RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
ID Description Published Updated
cisco-sa-ssm-cli-execution-chucwunr Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-ndi-afw-rjurc5dz Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-ssrf-naen4o7r Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-cbid-5yqkoshu Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-epnm-improp-auth-muwfwuu3 Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cssm-priv-esc-xranouo8 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cimc-cmd-inj-3hkn3bvt Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cimc-auth-bypass-agg2bxtn Cisco Integrated Management Controller Authentication Bypass Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-xe-secureboot-bypass-b6uyxysz Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-wlc-dos-hnx5kgom Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-vmanage-xss-zqkhp9w9 Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-scp-dos-duadxtcg Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-xss-lpgkzwtj Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-crlf-nvgktkjz Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe_infodis-6j847ueb Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-tls-dos-tvgldezl Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-mntc-dos-lzweqcyq Cisco IOS XE Software Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-04-02T19:43:54+00:00
cisco-sa-iosxe-lobby-privesc-kwxbqjy Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-ios-http-dos-sbv8xrpl Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-bootp-wubhnbxa Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-asa-ftd-ios-dos-kpepqggk Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-xrncs-epni-int-dos-twmffusn Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-isis-dos-kdmxpszk Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-iosxr-privesc-bf8d5u4w Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-cc-xss-mrnah5jh Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-snort3-multi-dos-xfwkwswz Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-onprem-fmc-authbypass-5jpp45v2 Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftdfmc-dir-trav-wergjhwq Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-tcp-dos-rhfqnwrg Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-snort-bypass-rlggkzvf Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-33107 Azure Databricks Elevation of Privilege Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-33105 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-32211 Azure MCP Server Information Disclosure Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-32186 Microsoft Bing Elevation of Privilege Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-32173 Azure SRE Agent Information Disclosure Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-26135 Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability 2026-04-02T07:00:00.000Z 2026-04-02T07:00:00.000Z
msrc_cve-2026-35549 CVE-2026-35549 2026-04-02T00:00:00.000Z 2026-04-04T01:02:53.000Z
msrc_cve-2026-35535 CVE-2026-35535 2026-04-02T00:00:00.000Z 2026-04-06T14:38:26.000Z
msrc_cve-2026-35414 CVE-2026-35414 2026-04-02T00:00:00.000Z 2026-04-07T01:41:35.000Z
msrc_cve-2026-35388 CVE-2026-35388 2026-04-02T00:00:00.000Z 2026-04-07T01:01:55.000Z
msrc_cve-2026-35387 CVE-2026-35387 2026-04-02T00:00:00.000Z 2026-04-07T01:02:00.000Z
msrc_cve-2026-35386 CVE-2026-35386 2026-04-02T00:00:00.000Z 2026-04-07T01:02:11.000Z
msrc_cve-2026-35385 CVE-2026-35385 2026-04-02T00:00:00.000Z 2026-04-07T01:02:05.000Z
msrc_cve-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printers 2026-04-02T00:00:00.000Z 2026-04-07T01:41:00.000Z
msrc_cve-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network 2026-04-02T00:00:00.000Z 2026-04-07T01:40:44.000Z
msrc_cve-2026-34979 OpenPrinting CUPS: Heap overflow in `get_options()` 2026-04-02T00:00:00.000Z 2026-04-07T01:40:39.000Z
msrc_cve-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) 2026-04-02T00:00:00.000Z 2026-04-07T01:40:49.000Z
msrc_cve-2026-34743 XZ Utils: Buffer overflow in lzma_index_append() 2026-04-02T00:00:00.000Z 2026-04-07T01:01:44.000Z
msrc_cve-2026-34601 xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion 2026-04-02T00:00:00.000Z 2026-04-04T01:02:47.000Z
msrc_cve-2026-34591 Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write 2026-04-02T00:00:00.000Z 2026-04-07T01:02:30.000Z
msrc_cve-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization 2026-04-02T00:00:00.000Z 2026-04-07T01:02:25.000Z
msrc_cve-2026-31410 ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION 2026-04-02T00:00:00.000Z 2026-04-07T01:01:16.000Z
msrc_cve-2026-31408 Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold 2026-04-02T00:00:00.000Z 2026-04-07T01:01:28.000Z
msrc_cve-2026-31407 netfilter: conntrack: add missing netlink policy validations 2026-04-02T00:00:00.000Z 2026-04-07T01:01:22.000Z
msrc_cve-2026-31394 mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations 2026-04-02T00:00:00.000Z 2026-04-05T01:02:02.000Z
msrc_cve-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup 2026-04-02T00:00:00.000Z 2026-04-07T01:41:30.000Z
msrc_cve-2026-27447 OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup 2026-04-02T00:00:00.000Z 2026-04-07T01:40:54.000Z
msrc_cve-2026-23473 io_uring/poll: fix multishot recv missing EOF on wakeup race 2026-04-02T00:00:00.000Z 2026-04-07T01:41:05.000Z
msrc_cve-2026-23472 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN 2026-04-02T00:00:00.000Z 2026-04-07T01:41:10.000Z
ID Description Published Updated
ncsc-2026-0107 Kwetsbaarheid verholpen in FortiClient EMS van Fortinet 2026-04-04T13:49:19.002116Z 2026-04-04T13:49:19.002116Z
ncsc-2026-0106 Kwetsbaarheden verholpen in Cisco Integrated Management Controller 2026-04-03T10:34:46.145536Z 2026-04-03T10:34:46.145536Z
ncsc-2026-0105 Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights 2026-04-03T08:20:48.187725Z 2026-04-03T08:20:48.187725Z
ncsc-2026-0104 Kwetsbaarheden verholpen in Cisco IOS XE Software 2026-03-26T09:50:03.269095Z 2026-03-26T09:50:03.269095Z
ncsc-2026-0103 Kwetsbaarheden verholpen in GitLab 2026-03-26T09:48:10.874427Z 2026-03-26T09:48:10.874427Z
ncsc-2026-0102 Kwetsbaarheden verholpen in Apple macOS 2026-03-25T14:15:56.073353Z 2026-03-25T14:15:56.073353Z
ncsc-2026-0101 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-25T14:02:07.392994Z 2026-03-25T14:02:07.392994Z
ncsc-2026-0100 Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway 2026-03-23T13:43:30.957806Z 2026-03-23T13:43:30.957806Z
ncsc-2026-0099 Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager 2026-03-20T15:56:12.716324Z 2026-03-20T15:56:12.716324Z
ncsc-2026-0098 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-13T08:41:19.155490Z 2026-03-13T08:41:19.155490Z
ncsc-2026-0097 Kwetsbaarheden verholpen in Google Chrome 2026-03-13T08:33:43.877125Z 2026-03-13T08:33:43.877125Z
ncsc-2026-0096 Kwetsbaarheden verholpen in Veeam Backup & Replication 2026-03-12T14:54:08.200676Z 2026-03-12T14:54:08.200676Z
ncsc-2026-0095 Kwetsbaarheid verholpen in pac4j-jwt 2026-03-12T14:45:51.156512Z 2026-03-12T14:45:51.156512Z
ncsc-2026-0094 Kwetsbaarheden verholpen in Cisco IOS XR 2026-03-12T14:44:08.106602Z 2026-03-12T14:44:08.106602Z
ncsc-2026-0093 Kwetsbaarheden verholpen in GitLab 2026-03-12T14:42:46.936248Z 2026-03-12T14:42:46.936248Z
ncsc-2026-0092 Kwetsbaarheden verholpen in Fortinet FortiWeb 2026-03-12T07:46:15.529522Z 2026-03-12T07:46:15.529522Z
ncsc-2026-0091 Kwetsbaarheden verholpen in SAP-producten 2026-03-12T07:24:16.575638Z 2026-03-12T07:24:16.575638Z
ncsc-2026-0090 Kwetsbaarheden verholpen in Adobe Experience Manager 2026-03-12T07:12:51.952931Z 2026-03-12T07:12:51.952931Z
ncsc-2026-0089 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2026-03-12T07:03:24.148324Z 2026-03-12T07:03:24.148324Z
ncsc-2026-0088 Kwetsbaarheden verholpen in Adobe Illustrator 2026-03-12T06:55:39.712240Z 2026-03-12T06:55:39.712240Z
ncsc-2026-0087 Kwetsbaarheden verholpen in Adobe Commerce 2026-03-12T06:49:56.459199Z 2026-03-12T06:49:56.459199Z
ncsc-2026-0086 Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer 2026-03-11T09:19:38.777277Z 2026-03-11T09:19:38.777277Z
ncsc-2026-0085 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-03-10T20:35:10.478398Z 2026-03-10T20:35:10.478398Z
ncsc-2026-0084 Kwetsbaarheden verholpen in Microsoft Office 2026-03-10T20:20:08.157658Z 2026-03-10T20:20:08.157658Z
ncsc-2026-0083 Kwetsbaarheid verholpen in Microsoft Authenticator app 2026-03-10T20:18:35.792755Z 2026-03-10T20:18:35.792755Z
ncsc-2026-0082 Kwetsbaarheden verholpen in Microsoft Azure 2026-03-10T20:15:41.528951Z 2026-03-10T20:15:41.528951Z
ncsc-2026-0081 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-03-10T20:12:56.032261Z 2026-03-10T20:12:56.032261Z
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ncsc-2026-0078 Kwetsbaarheden verholpen in Kibana 2026-03-05T09:36:49.056247Z 2026-03-05T09:36:49.056247Z
ID Description Published Updated
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_10-01 DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:10-01 DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10493-1 SDL3_image-devel-3.4.2-1.1 on GA media 2026-04-05T00:00:00Z 2026-04-05T00:00:00Z
opensuse-su-2026:10485-1 python311-Flask-Cors-6.0.2-1.1 on GA media 2026-04-03T00:00:00Z 2026-04-03T00:00:00Z
opensuse-su-2026:10484-1 k6-1.7.1-1.1 on GA media 2026-04-03T00:00:00Z 2026-04-03T00:00:00Z
opensuse-su-2026:10483-1 himmelblau-2.3.9+git0.a9fd29b-1.1 on GA media 2026-04-03T00:00:00Z 2026-04-03T00:00:00Z
opensuse-su-2026:10481-1 python314-3.14.3-4.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10480-1 python313-3.13.12-3.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10479-1 python312-3.12.13-4.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10478-1 python311-3.11.15-4.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10477-1 python310-3.10.20-3.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10476-1 python311-Pygments-2.20.0-2.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10475-1 opensc-0.27.1-1.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10474-1 ignition-2.26.0-3.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10473-1 dnsdist-2.0.3-1.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10472-1 conftest-0.67.1-2.1 on GA media 2026-04-01T00:00:00Z 2026-04-01T00:00:00Z
opensuse-su-2026:10464-1 python311-pypdf-6.9.2-1.1 on GA media 2026-03-30T00:00:00Z 2026-03-30T00:00:00Z
opensuse-su-2026:10463-1 netty-4.1.132-1.1 on GA media 2026-03-30T00:00:00Z 2026-03-30T00:00:00Z
opensuse-su-2026:10462-1 heroic-games-launcher-2.20.1-4.1 on GA media 2026-03-30T00:00:00Z 2026-03-30T00:00:00Z
opensuse-su-2026:10457-1 xen-4.21.1_02-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10456-1 tailscale-1.96.4-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10455-1 python311-requests-2.33.0-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10454-1 python311-cryptography-46.0.6-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10453-1 libpolkit-agent-1-0-127-3.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10452-1 libjavamapscript-8.6.1-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10451-1 libpng16-16-1.6.56-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10450-1 incus-6.23-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10449-1 gsl-2.8-5.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10448-1 bind-9.20.21-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10447-1 MozillaThunderbird-140.9.0-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10446-1 ImageMagick-7.1.2.18-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10441-1 strongswan-6.0.5-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
ID Description Published Updated
oxdc-adv-2026-0001 OX Dovecot Security Advisory OXDC-ADV-2026-0001 2026-03-27T00:00:00+00:00 2026-03-27T00:00:00+00:00
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2026:6802 Red Hat Security Advisory: Red Hat Developer Hub 1.9.3 release. 2026-04-07T13:22:11+00:00 2026-04-07T13:25:51+00:00
rhsa-2026:6766 Red Hat Security Advisory: python3.9 security update 2026-04-07T11:27:43+00:00 2026-04-07T11:28:07+00:00
rhsa-2026:6764 Red Hat Security Advisory: freerdp security update 2026-04-07T09:50:18+00:00 2026-04-07T11:10:01+00:00
rhsa-2026:6762 Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (ROCm) 2026-04-07T08:45:04+00:00 2026-04-07T11:10:15+00:00
rhsa-2026:6761 Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA) 2026-04-07T08:44:07+00:00 2026-04-07T11:10:15+00:00
rhsa-2026:6750 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update 2026-04-07T08:25:32+00:00 2026-04-07T11:09:21+00:00
rhsa-2026:6738 Red Hat Security Advisory: gnutls security update 2026-04-07T08:14:17+00:00 2026-04-07T11:09:19+00:00
rhsa-2026:6737 Red Hat Security Advisory: gnutls security update 2026-04-07T08:03:13+00:00 2026-04-07T11:09:19+00:00
rhsa-2026:6743 Red Hat Security Advisory: freerdp security update 2026-04-07T07:47:22+00:00 2026-04-07T13:28:26+00:00
rhsa-2026:6736 Red Hat Security Advisory: vim security update 2026-04-07T07:05:02+00:00 2026-04-07T11:10:14+00:00
rhsa-2026:6731 Red Hat Security Advisory: vim security update 2026-04-07T06:48:02+00:00 2026-04-07T11:10:13+00:00
rhsa-2026:6729 Red Hat Security Advisory: vim security update 2026-04-07T06:25:37+00:00 2026-04-07T11:10:13+00:00
rhsa-2026:6727 Red Hat Security Advisory: freerdp security update 2026-04-07T06:25:32+00:00 2026-04-07T11:09:57+00:00
rhsa-2026:6730 Red Hat Security Advisory: vim security update 2026-04-07T06:20:17+00:00 2026-04-07T11:10:12+00:00
rhsa-2026:6725 Red Hat Security Advisory: vim security update 2026-04-07T01:58:27+00:00 2026-04-07T11:09:25+00:00
rhsa-2026:6720 Red Hat Security Advisory: Red Hat Quay 3.12.16 2026-04-06T22:57:46+00:00 2026-04-07T13:25:50+00:00
rhsa-2026:6713 Red Hat Security Advisory: ImageMagick security update 2026-04-06T18:57:01+00:00 2026-04-06T22:26:28+00:00
rhsa-2026:6712 Red Hat Security Advisory: freerdp security update 2026-04-06T18:44:31+00:00 2026-04-07T11:09:59+00:00
rhsa-2026:6692 Red Hat Security Advisory: kernel security update 2026-04-06T16:24:30+00:00 2026-04-06T22:26:20+00:00
rhsa-2026:6665 Red Hat Security Advisory: freerdp security update 2026-04-06T14:51:20+00:00 2026-04-07T11:09:26+00:00
rhsa-2026:6647 Red Hat Security Advisory: libarchive security update 2026-04-06T09:32:55+00:00 2026-04-06T10:31:27+00:00
rhsa-2026:6632 Red Hat Security Advisory: kernel security update 2026-04-06T08:09:40+00:00 2026-04-06T22:26:23+00:00
rhsa-2026:6635 Red Hat Security Advisory: fontforge security update 2026-04-06T07:50:34+00:00 2026-04-06T10:35:40+00:00
rhsa-2026:6630 Red Hat Security Advisory: gnutls security update 2026-04-06T07:24:34+00:00 2026-04-07T11:09:14+00:00
rhsa-2026:6631 Red Hat Security Advisory: fontforge security update 2026-04-06T06:36:19+00:00 2026-04-06T10:35:39+00:00
rhsa-2026:6628 Red Hat Security Advisory: fontforge security update 2026-04-06T05:23:14+00:00 2026-04-06T10:31:26+00:00
rhsa-2026:6620 Red Hat Security Advisory: vim security update 2026-04-06T03:44:03+00:00 2026-04-07T11:09:20+00:00
rhsa-2026:6621 Red Hat Security Advisory: crun security update 2026-04-06T03:41:18+00:00 2026-04-06T10:31:25+00:00
rhsa-2026:6617 Red Hat Security Advisory: vim security update 2026-04-06T03:34:58+00:00 2026-04-07T11:09:28+00:00
rhsa-2026:6618 Red Hat Security Advisory: gnutls security update 2026-04-06T03:33:23+00:00 2026-04-07T11:09:18+00:00
ID Description Published Updated
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxureā„¢ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxureā„¢ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxureā„¢ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxureā„¢ Building Operation Workstation and EcoStruxureā„¢ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxureā„¢ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-343-02 EcoStruxureā„¢ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-343-01 EcoStruxureā„¢ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-315-02 EcoStruxureā„¢ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-01 PowerChuteā„¢ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-287-01 EcoStruxureā„¢ OPC UA Server Expert and EcoStruxureā„¢ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-252-02 Saitel DR & Saitel DP Remote Terminal Unit 2025-09-09T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-224-05 Modicon M340 Controller and Communication Modules 2025-08-12T04:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-224-04 EcoStruxureā„¢ Building Operation Enterprise Server, EcoStruxureā„¢ Building Operation Enterprise Central, and EcoStruxureā„¢ Workstation 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-03 Schneider Electric Software Update 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-02 EcoStruxureā„¢ Power Monitoring Expert Software & EcoStruxureā„¢ Power Operation (EPO) and EcoStruxureā„¢ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-189-04 EcoStruxureā„¢ Power Monitoring Expert (PME) and EcoStruxureā„¢ Power Operation (EPO) with Advanced Reporting and Dashboards 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-03 EcoStruxureā„¢ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-02 System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-01 EcoStruxureā„¢ IT Data Center Expert 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-03 EVLink WallBox 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-02 Modicon Controllers M241/M251/M258/LMC058/M262 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
ID Description Published Updated
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2025-05-20T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
sca-2023-0008 Vulnerability in SICK SIM1012 2023-09-29T13:00:00.000Z 2023-09-29T13:00:00.000Z
ID Description Published Updated
ssa-246443 SSA-246443: Multiple Vulnerabilities in SICAM 8 Products 2026-03-26T00:00:00.000Z 2026-03-26T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-485750 SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-126399 SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-965753 SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-625934 SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-507364 SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-445819 SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-035571 SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-089022 SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 2026-01-28T00:00:00Z 2026-02-24T00:00:00Z
ssa-827968 SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-674753 SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices 2026-01-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-192617 SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-014678 SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-001536 SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-512988 SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 2025-12-12T00:00:00Z 2025-12-12T00:00:00Z
ssa-915282 SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-912274 SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 2025-12-09T00:00:00Z 2026-01-13T00:00:00Z
ssa-882673 SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-763474 SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-734261 SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-626856 SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-471761 SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-420375 SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ID Description Published Updated
suse-su-2026:1191-1 Security update for avahi 2026-04-06T10:53:58Z 2026-04-06T10:53:58Z
suse-su-2026:1189-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7) 2026-04-05T10:34:20Z 2026-04-05T10:34:20Z
suse-su-2026:1188-1 Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 15 SP7) 2026-04-05T10:34:17Z 2026-04-05T10:34:17Z
suse-su-2026:1187-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) 2026-04-05T10:04:24Z 2026-04-05T10:04:24Z
suse-su-2026:1185-1 Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 15 SP7) 2026-04-03T16:41:59Z 2026-04-03T16:41:59Z
suse-su-2026:1180-1 Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 15 SP7) 2026-04-03T16:41:43Z 2026-04-03T16:41:43Z
suse-su-2026:1179-1 Security update for libsoup2 2026-04-02T15:08:33Z 2026-04-02T15:08:33Z
suse-su-2026:1177-1 Security update for tar 2026-04-02T15:00:45Z 2026-04-02T15:00:45Z
suse-su-2026:1174-1 Security update for LibVNCServer 2026-04-02T12:43:24Z 2026-04-02T12:43:24Z
suse-su-2026:1173-1 Security update for LibVNCServer 2026-04-02T12:43:10Z 2026-04-02T12:43:10Z
suse-su-2026:1171-1 Security update for python-tornado 2026-04-02T08:56:19Z 2026-04-02T08:56:19Z
suse-su-2026:1170-1 Security update for perl-Crypt-URandom 2026-04-02T08:42:05Z 2026-04-02T08:42:05Z
suse-su-2026:1169-1 Security update for wireshark 2026-04-02T08:29:30Z 2026-04-02T08:29:30Z
suse-su-2026:1166-1 Security update for expat 2026-04-02T01:08:26Z 2026-04-02T01:08:26Z
suse-su-2026:1165-1 Security update for freerdp 2026-04-01T13:40:57Z 2026-04-01T13:40:57Z
suse-su-2026:1164-1 Security update for freerdp2 2026-04-01T13:40:49Z 2026-04-01T13:40:49Z
suse-su-2026:1163-1 Security update for MozillaThunderbird 2026-04-01T08:49:11Z 2026-04-01T08:49:11Z
suse-su-2026:1162-1 Security update for python-tornado 2026-03-31T22:02:18Z 2026-03-31T22:02:18Z
suse-su-2026:1160-1 Security update for freerdp 2026-03-31T15:03:59Z 2026-03-31T15:03:59Z
suse-su-2026:1159-1 Security update for expat 2026-03-31T15:03:48Z 2026-03-31T15:03:48Z
suse-su-2026:1158-1 Security update for python-pyasn1 2026-03-31T11:55:53Z 2026-03-31T11:55:53Z
suse-su-2026:1154-1 Security update for libjxl 2026-03-31T09:04:47Z 2026-03-31T09:04:47Z
suse-su-2026:0227-2 Security update for net-snmp 2026-03-31T08:48:04Z 2026-03-31T08:48:04Z
suse-su-2026:1153-1 Security update for perl-XML-Parser 2026-03-31T08:40:07Z 2026-03-31T08:40:07Z
suse-su-2026:1152-1 Security update for perl-XML-Parser 2026-03-31T08:28:50Z 2026-03-31T08:28:50Z
suse-su-2026:1150-1 Security update for webkit2gtk3 2026-03-30T17:34:50Z 2026-03-30T17:34:50Z
suse-su-2026:1149-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools 2026-03-30T13:44:05Z 2026-03-30T13:44:05Z
suse-su-2026:1148-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools 2026-03-30T11:21:20Z 2026-03-30T11:21:20Z
suse-su-2026:1146-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools 2026-03-30T09:17:48Z 2026-03-30T09:17:48Z
suse-su-2026:1142-1 Security Beta update 5.2.0 Beta1 for Multi-Linux Manager Client Tools 2026-03-30T09:16:26Z 2026-03-30T09:16:26Z
ID Description Published Updated
alsa-2026:6622 Moderate: crun security update 2026-04-06T00:00:00Z 2026-04-06T08:36:15Z
alsa-2026:6621 Moderate: crun security update 2026-04-06T00:00:00Z 2026-04-06T08:42:59Z
alsa-2026:6572 Moderate: kernel-rt security update 2026-04-06T00:00:00Z 2026-04-06T09:38:16Z
alsa-2026:6571 Moderate: kernel security update 2026-04-06T00:00:00Z 2026-04-06T09:27:57Z
alsa-2026:6473 Important: python3 security update 2026-04-02T00:00:00Z 2026-04-03T12:02:03Z
alsa-2026:6470 Important: perl-YAML-Syck security update 2026-04-02T00:00:00Z 2026-04-03T12:07:59Z
alsa-2026:6445 Important: libpng12 security update 2026-04-02T00:00:00Z 2026-04-03T12:13:28Z
alsa-2026:6439 Important: libpng15 security update 2026-04-02T00:00:00Z 2026-04-03T12:19:53Z
alsa-2026:6436 Moderate: rsync security update 2026-04-02T00:00:00Z 2026-04-03T12:29:15Z
alsa-2026:6390 Moderate: rsync security update 2026-04-01T00:00:00Z 2026-04-02T09:23:33Z
alsa-2026:6388 Important: grafana-pcp security update 2026-04-01T00:00:00Z 2026-04-03T10:02:10Z
alsa-2026:6383 Important: grafana-pcp security update 2026-04-01T00:00:00Z 2026-04-02T09:15:46Z
alsa-2026:6382 Important: grafana security update 2026-04-01T00:00:00Z 2026-04-02T09:12:36Z
alsa-2026:6344 Important: grafana security update 2026-04-01T00:00:00Z 2026-04-03T09:56:37Z
alsa-2026:6342 Important: thunderbird security update 2026-04-01T00:00:00Z 2026-04-01T11:59:47Z
alsa-2026:6340 Important: freerdp security update 2026-04-01T00:00:00Z 2026-04-02T09:09:13Z
alsa-2026:6301 Important: squid security update 2026-03-31T00:00:00Z 2026-04-01T09:27:45Z
alsa-2026:6300 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update 2026-03-31T00:00:00Z 2026-04-03T17:13:38Z
alsa-2026:6286 Important: python3.11 security update 2026-03-31T00:00:00Z 2026-04-01T09:15:24Z
alsa-2026:6285 Important: python3.12 security update 2026-03-31T00:00:00Z 2026-04-01T09:07:09Z
alsa-2026:6283 Important: python3.12 security update 2026-03-31T00:00:00Z 2026-04-01T08:56:58Z
alsa-2026:6281 Important: python3.11 security update 2026-03-31T00:00:00Z 2026-04-01T08:52:26Z
alsa-2026:6266 Moderate: libxslt security update 2026-03-31T00:00:00Z 2026-04-01T09:19:08Z
alsa-2026:6259 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update 2026-03-31T00:00:00Z 2026-04-03T09:45:31Z
alsa-2026:6256 Important: python3.12 security update 2026-03-31T00:00:00Z 2026-04-01T09:23:35Z
alsa-2026:6188 Important: thunderbird security update 2026-03-30T00:00:00Z 2026-04-02T08:18:50Z
alsa-2026:6153 Moderate: kernel security update 2026-03-30T00:00:00Z 2026-04-02T08:46:53Z
alsa-2026:6053 Moderate: kernel security update 2026-03-30T00:00:00Z 2026-04-03T09:23:17Z
alsa-2026:6037 Moderate: kernel security update 2026-03-30T00:00:00Z 2026-03-30T10:55:07Z
alsa-2026:6036 Moderate: kernel-rt security update 2026-03-30T00:00:00Z 2026-03-30T10:51:16Z
ID Description Published Updated
hsec-2026-0004 Hackage package metadata stored XSS vulnerability 2026-03-28T16:05:12Z 2026-03-28T16:05:12Z
hsec-2026-0002 Hackage CSRF vulnerability 2026-03-28T16:04:58Z 2026-03-28T16:04:58Z
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0003 code injection in xmonad-contrib 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
ID Description Published Updated
osv-2026-532 Heap-buffer-overflow in regsub 2026-04-05T00:06:36.291055Z 2026-04-05T00:06:36.291504Z
osv-2026-518 Use-of-uninitialized-value in ne_read_block 2026-04-03T00:21:06.950773Z 2026-04-03T00:21:06.951035Z
osv-2026-514 Heap-buffer-overflow in format_expand1 2026-04-03T00:09:42.155641Z 2026-04-03T00:09:42.155954Z
osv-2026-512 Heap-buffer-overflow in g_utf8_get_char 2026-04-03T00:07:59.707776Z 2026-04-03T00:07:59.708039Z
osv-2026-504 Heap-use-after-free in ObjectStream::getObject 2026-04-02T00:16:28.228723Z 2026-04-02T00:16:28.229037Z
osv-2026-461 UNKNOWN READ in XRef::constructObjectEntry 2026-03-26T00:17:47.551046Z 2026-03-26T00:17:47.551361Z
osv-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit 2026-03-25T00:20:51.448743Z 2026-03-25T00:20:51.449185Z
osv-2026-437 Heap-use-after-free in tf::Executor::_invoke 2026-03-23T00:02:28.277984Z 2026-03-23T14:25:41.819255Z
osv-2026-417 Segv on unknown address in arrow::Array::IsNull 2026-03-18T00:18:35.139866Z 2026-03-18T00:18:35.140154Z
osv-2026-371 Heap-buffer-overflow in tinyobj::tryParseDouble 2026-03-09T00:09:41.689616Z 2026-03-09T00:09:41.689926Z
osv-2026-359 Segv on unknown address in gpsd_vlog 2026-03-07T00:03:40.062221Z 2026-03-07T00:03:40.062505Z
osv-2026-350 UNKNOWN READ in bfd_getl32 2026-03-04T00:14:56.651284Z 2026-03-14T18:43:19.427139Z
osv-2026-338 Use-of-uninitialized-value in pjsip_auth_clt_init_req 2026-03-03T00:09:55.520965Z 2026-03-03T00:09:55.521245Z
osv-2026-311 UNKNOWN READ in strncasecmp 2026-02-26T00:16:50.091819Z 2026-02-26T00:16:50.092121Z
osv-2026-308 Heap-buffer-overflow in vcardstructured_new_from_string 2026-02-25T00:19:49.963815Z 2026-02-25T00:19:49.964188Z
osv-2026-307 Global-buffer-overflow in navcom_parse 2026-02-25T00:16:23.864362Z 2026-02-25T00:16:23.864694Z
osv-2026-304 Heap-use-after-free in tf::Executor::_invoke 2026-02-25T00:09:10.290694Z 2026-02-25T00:09:10.291030Z
osv-2026-300 UNKNOWN WRITE in nmeaid_to_prn 2026-02-25T00:06:00.225480Z 2026-02-25T00:06:00.225972Z
osv-2026-297 Security exception in org.apache.poi.util.IOUtils.safelyAllocate 2026-02-24T00:02:29.789817Z 2026-02-24T00:02:29.790144Z
osv-2026-292 UNKNOWN WRITE in <wasmtime::runtime::func::Func>::call_unchecked_raw::< 2026-02-23T00:19:15.717984Z 2026-02-23T00:19:15.718280Z
osv-2026-272 Heap-use-after-free in vcardproperty_get_value 2026-02-21T00:20:10.455944Z 2026-02-21T00:20:10.456357Z
osv-2026-261 Segv on unknown address in ___interceptor_strtol 2026-02-19T00:09:21.893775Z 2026-02-19T00:09:21.894076Z
osv-2026-259 Use-of-uninitialized-value in tsip_parse_input 2026-02-18T00:14:29.378028Z 2026-02-18T00:14:29.378341Z
osv-2026-255 UNKNOWN WRITE in nmeaid_to_prn 2026-02-17T00:17:19.574579Z 2026-02-17T00:17:19.574905Z
osv-2026-244 Use-of-uninitialized-value in ihevcd_fmt_conv 2026-02-15T00:03:36.246033Z 2026-02-15T00:03:36.246568Z
osv-2026-242 Use-of-uninitialized-value in ntrip_parse_url 2026-02-14T00:17:42.945923Z 2026-02-14T00:17:42.946299Z
osv-2026-240 Use-of-uninitialized-value in packet_get1 2026-02-14T00:09:50.559032Z 2026-02-14T00:09:50.559326Z
osv-2026-229 Segv on unknown address in aiAnimation::~aiAnimation 2026-02-11T00:12:18.313233Z 2026-02-11T00:12:18.313574Z
osv-2026-226 UNKNOWN WRITE in decode_xa2_00 2026-02-11T00:10:08.757600Z 2026-02-11T00:10:08.757920Z
osv-2026-216 Heap-buffer-overflow in mg_mqtt_next_prop 2026-02-10T00:08:51.349946Z 2026-02-11T14:08:38.238200Z
ID Description Published Updated
rustsec-2026-0081 `logtrace` was removed from crates.io for malicious code 2026-04-05T12:00:00Z 2026-04-05T23:52:05Z
rustsec-2026-0078 Symbol confusion after hasher panic in `intaglio` interners 2026-03-30T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2026-0065 `tokio-signal` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0064 `tokio-udp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0063 `tokio-executor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0062 `tokio-compat` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0061 `tokio-fs` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0060 `tokio-timer` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0059 `tokio-tcp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0058 `tokio-io` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0057 `tokio-reactor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0056 `tokio-codec` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0055 `tokio-process` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0054 `tokio-current-thread` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0053 `tokio-tls` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0052 `tokio-sync` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0051 `tokio-threadpool` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0050 `tokio-uds` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0067 `unpack_in` can chmod arbitrary directories by following symlinks 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0048 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0044 AWS-LC X.509 Name Constraints Bypass via Wildcard/Unicode CN 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0042 CRL Distribution Point Scope Check Logic Error in AWS-LC 2026-03-19T12:00:00Z 2026-03-20T17:11:58Z
rustsec-2026-0066 Insufficient validation of PAX extensions during extraction 2026-03-17T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0041 Decompressing invalid data can leak information from uninitialized memory or reused output buffer 2026-03-17T12:00:00Z 2026-03-17T16:08:45Z
rustsec-2026-0040 `tracing-ethers` was removed from crates.io due to malicious code 2026-03-14T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0039 `chrono_anchor` was removed from crates.io due to malicious code 2026-03-10T12:00:00Z 2026-03-17T22:31:38Z
rustsec-2026-0037 Denial of service in Quinn endpoints 2026-03-09T12:00:00Z 2026-03-14T07:21:57Z
rustsec-2026-0038 RustSec Advisory 2026-03-08T12:00:00Z 2026-03-11T06:21:51Z
ID Description Published Updated
bit-discourse-2026-33415 Discourse: Improper Access Control in discourse-ai Allows Unauthorized Category Content Exposure 2026-04-07T08:44:29.473Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-33300 Discourse: Hidden group names and access metadata are exposed to moderators through the `category-chatables` endpoint 2026-04-07T08:44:13.358Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-33185 Discourse: Group SMTP test endpoint susceptible to SSRF 2026-04-07T08:44:07.641Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-33074 Discourse: Vulnerability in discourse-subscriptions plugin allowing users to self-grant to higher tier subscriptions 2026-04-07T08:44:05.677Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-33073 discourse-subscriptions plugin leaking stripe API key in multisite environment 2026-04-07T08:44:03.688Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32951 Discourse: Authorization bypass in oneboxer via user-controlled category id 2026-04-07T08:44:01.614Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32620 Discourse: Missing post-level authorization allows whisper metadata disclosure 2026-04-07T08:43:59.465Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32619 Discourse: Insufficient topic visibility check allows unauthorized poll manipulation in private categories 2026-04-07T08:43:57.232Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32618 Discourse: Unauthorized channel membership inference via excluded_memberships_channel_id 2026-04-07T08:43:55.159Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32615 Discourse: Category group moderators can perform actions on topics in restricted categories without read access 2026-04-07T08:43:53.093Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32607 Discourse: Stored XSS via unescaped assignee name 2026-04-07T08:43:50.897Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32273 Discourse: XSS on category description update via API 2026-04-07T08:43:48.997Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32243 Discourse: Stored XSS in discourse-ai shared conversations onebox 2026-04-07T08:43:46.857Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32143 Discourse: Admin-only report can be exported by moderators 2026-04-07T08:43:44.810Z 2026-04-07T09:14:25.218Z
bit-discourse-2026-32113 Discourse: Open redirect via `sso_destination_url` cookie in `enter` 2026-04-07T08:43:40.581Z 2026-04-07T09:14:25.218Z
bit-parse-2026-34784 Parse Server: Streaming file download bypasses afterFind file trigger authorization 2026-04-06T14:49:38.726Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34595 Parse Server: LiveQuery protected-field guard bypass via array-like logical operator value 2026-04-06T14:49:36.710Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34574 Parse Server: Session field immutability bypass via falsy-value guard 2026-04-06T14:49:34.810Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34573 Parse Server: GraphQL complexity validator exponential fragment traversal DoS 2026-04-06T14:49:33.069Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34532 Parse Server: Cloud function validator bypass via prototype chain traversal 2026-04-06T14:49:31.298Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34373 Parse Server: GraphQL API endpoint ignores CORS origin restriction 2026-04-06T14:49:29.676Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34363 Parse Server: LiveQuery protected field leak via shared mutable state across concurrent subscribers 2026-04-06T14:49:27.983Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34224 Parse Server: MFA single-use token bypass via concurrent authData login requests 2026-04-06T14:49:26.245Z 2026-04-06T15:13:09.641Z
bit-parse-2026-34215 Parse Server: Auth data exposed via verify password endpoint 2026-04-06T14:49:24.609Z 2026-04-06T15:13:09.641Z
bit-minio-2026-34204 MinIO is Vulnerable to SSE Metadata Injection via Replication Headers 2026-04-06T09:26:13.602Z 2026-04-06T11:34:08.453Z
bit-node-2026-21717 2026-04-06T07:58:47.295Z 2026-04-06T08:26:41.107Z
bit-node-2026-21716 2026-04-06T07:58:44.008Z 2026-04-06T08:26:41.107Z
bit-node-2026-21715 2026-04-06T07:58:41.424Z 2026-04-06T08:26:41.107Z
bit-node-2026-21714 2026-04-06T07:58:38.953Z 2026-04-06T08:26:41.107Z
bit-node-2026-21713 2026-04-06T07:58:36.353Z 2026-04-06T08:26:41.107Z
ID Description Published Updated
cleanstart-2026-kf75900 In libexpat before 2 2026-04-06T06:20:25.150640Z 2026-04-06T04:56:02Z
cleanstart-2026-jl41223 In libexpat before 2 2026-04-06T06:19:55.229801Z 2026-04-06T04:56:02Z
cleanstart-2026-ob18608 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T06:19:25.639311Z 2026-04-06T04:56:02Z
cleanstart-2026-jg79570 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T06:19:24.747052Z 2026-04-06T04:56:02Z
cleanstart-2026-dz75075 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T06:19:24.775093Z 2026-04-06T04:56:02Z
cleanstart-2026-mu54962 Security fixes for ghsa-527x-5wrf-22m2, ghsa-g754-hx8w-x2g6, ghsa-jgfp-53c3-624w, ghsa-px8v-pp82-rcvr, ghsa-vv39-3w5q-974q applied in versions: 1.25.0-r0, 1.26.7-r0 2026-04-06T02:54:48.662994Z 2026-04-01T11:32:34Z
cleanstart-2026-hj96712 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 2026-04-06T02:53:02.079256Z 2026-04-01T11:32:34Z
cleanstart-2026-po55014 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:53:00.589014Z 2026-04-01T11:32:34Z
cleanstart-2026-bl95928 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:52:47.736498Z 2026-04-01T11:32:34Z
cleanstart-2026-kc06018 Security fixes for CVE-2017-12158, CVE-2017-12159, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-4cx2-fc23-5wg6, ghsa-5rfx-cp42-p624, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-9342-92gg-6v29, ghsa-cbdj-484d-3x9q, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.1.4-r1, 26.5.0-r0, 26.5.0-r1, 26.5.0-r2, 26.5.6-r3 2026-04-06T02:52:37.677608Z 2026-04-01T11:37:49Z
cleanstart-2026-nb78893 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-64715, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-33726 applied in versions: 0.13.3-r0, 0.13.3-r1 2026-04-06T02:52:24.792809Z 2026-04-01T13:08:16Z
cleanstart-2026-mq18886 Security fixes for CVE-2026-22735, CVE-2026-22737 applied in versions: 6.2.3-r0 2026-04-06T02:52:03.544300Z 2026-04-01T11:39:45Z
cleanstart-2026-ip72442 Security fixes for CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1 2026-04-06T02:52:00.185166Z 2026-04-01T14:41:16Z
cleanstart-2026-ly39171 Security fixes for CVE-2026-33186 applied in versions: 3.1.4-r0 2026-04-06T02:51:58.911697Z 2026-04-01T11:39:45Z
cleanstart-2026-ag21538 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:50:01.578746Z 2026-04-02T04:45:04Z
cleanstart-2026-an95970 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T02:49:57.502118Z 2026-04-02T04:45:04Z
cleanstart-2026-ny32236 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:49:48.749661Z 2026-04-02T04:45:04Z
cleanstart-2026-io43826 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:49:47.698715Z 2026-04-02T04:45:04Z
cleanstart-2026-gn22652 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq applied in versions: 3.7.2-r4, 3.7.2-r5 2026-04-06T02:48:55.605608Z 2026-04-03T06:50:37Z
cleanstart-2026-lc01167 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 8.4.0-r0, 8.4.0-r1, 8.4.0-r2 2026-04-06T02:48:42.431061Z 2026-04-03T06:52:41Z
cleanstart-2026-hl08143 Security fixes for CVE-2025-13151, CVE-2026-22695, CVE-2026-22801, CVE-2026-24515, CVE-2026-25210, ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r5, 3.9.4-r6, 3.9.5-r0 2026-04-06T02:48:38.996528Z 2026-04-03T06:50:37Z
cleanstart-2026-dm25112 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:48:32.316783Z 2026-04-03T06:50:37Z
cleanstart-2026-gm09342 Security fixes for CVE-2025-68121, CVE-2026-26958, ghsa-fw7p-63qq-7hpr, ghsa-mqqf-5wvp-8fh8 applied in versions: 0.29.0-r0, 0.29.0-r1 2026-04-06T02:48:25.848581Z 2026-04-03T06:51:44Z
cleanstart-2026-dm62512 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.35.0-r0 2026-04-06T02:48:21.440386Z 2026-04-03T06:57:54Z
cleanstart-2026-lr09759 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-06T02:46:06.138686Z 2026-04-03T07:10:19Z
cleanstart-2026-li54613 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-06T02:45:58.881296Z 2026-04-03T07:10:19Z
cleanstart-2026-nd57973 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-06T02:45:57.693609Z 2026-04-03T07:10:19Z
cleanstart-2026-ml41879 Security fixes for CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.0-r0, 1.14.0-r1, 1.14.1-r0 2026-04-06T02:45:36.057138Z 2026-04-03T07:11:16Z
cleanstart-2026-dq17669 Security fixes for CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.1-r1 2026-04-06T02:45:34.659600Z 2026-04-03T07:13:53Z
cleanstart-2026-kt25851 Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r1 2026-04-06T02:44:54.790204Z 2026-04-03T08:04:33Z
ID Description Published Updated
drupal-contrib-2026-031 2026-04-01T16:38:14.000Z 2026-04-02T14:13:13.000Z
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-26T19:50:52.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-26T19:43:59.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ID Description Published Updated
certfr-2026-ale-004 VulnƩrabilitƩ dans F5 BIG-IP Access Policy Manager 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-ale-003 Note dā€™alerte ā€“ Ciblage des messageries instantanĆ©es 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2026-ale-002 [MƠJ] VulnƩrabilitƩ dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-ale-001 [MƠJ] Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MƠJ] Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-014 [MƠJ] VulnƩrabilitƩ dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MƠJ] VulnƩrabilitƩ dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2025-ale-013 [MƠJ] Multiples vulnƩrabilitƩs dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MƠJ] Multiples vulnƩrabilitƩs dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sƩcuritƩ dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sƩcuritƩ dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-010 [MƠJ] Multiples vulnƩrabilitƩs dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MƠJ] Multiples vulnƩrabilitƩs dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-009 Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-008 [MƠJ] VulnƩrabilitƩ dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MƠJ] VulnƩrabilitƩ dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 VulnƩrabilitƩ dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 VulnƩrabilitƩ dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-002 [MƠJ] VulnƩrabilitƩ dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
CERTFR-2025-ALE-002 [MƠJ] VulnƩrabilitƩ dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
certfr-2025-ale-005 VulnƩrabilitƩ dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 VulnƩrabilitƩ dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-004 ActivitƩs de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 ActivitƩs de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-003 [MƠJ] VulnƩrabilitƩ dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0401 Multiples vulnƩrabilitƩs dans GLPI 2026-04-07T00:00:00.000000 2026-04-07T00:00:00.000000
certfr-2026-avi-0400 VulnƩrabilitƩ dans Fortinet FortiClientEMS 2026-04-07T00:00:00.000000 2026-04-07T00:00:00.000000
certfr-2026-avi-0399 Multiples vulnƩrabilitƩs dans Google Android 2026-04-07T00:00:00.000000 2026-04-07T00:00:00.000000
certfr-2026-avi-0398 Multiples vulnƩrabilitƩs dans le noyau Linux de SUSE 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0397 Multiples vulnƩrabilitƩs dans le noyau Linux d'Ubuntu 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0396 Multiples vulnƩrabilitƩs dans le noyau Linux de Red Hat 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0395 Multiples vulnƩrabilitƩs dans les produits IBM 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0394 Multiples vulnƩrabilitƩs dans VMware Tanzu 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0393 VulnƩrabilitƩ dans Synology Mail Station 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0392 Multiples vulnƩrabilitƩs dans Microsoft Edge 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0391 Multiples vulnƩrabilitƩs dans OpenSSH 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0390 Multiples vulnƩrabilitƩs dans Belden NetModule Router Software 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0389 VulnƩrabilitƩ dans Microsoft Azure Linux 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0388 Multiples vulnƩrabilitƩs dans les produits Cisco 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0387 Multiples vulnƩrabilitƩs dans les produits Netgate 2026-04-02T00:00:00.000000 2026-04-02T00:00:00.000000
certfr-2026-avi-0386 Multiples vulnƩrabilitƩs dans les produits Microsoft 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0385 Multiples vulnƩrabilitƩs dans Google Chrome 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0384 Multiples vulnƩrabilitƩs dans Joomla! 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0383 Multiples vulnƩrabilitƩs dans Sonicwall Email Security 2026-04-01T00:00:00.000000 2026-04-01T00:00:00.000000
certfr-2026-avi-0382 Multiples vulnƩrabilitƩs dans les produits FoxIT 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0381 Multiples vulnƩrabilitƩs dans les produits Microsoft 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0380 Multiples vulnƩrabilitƩs dans Microsoft Edge 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0379 VulnƩrabilitƩ dans Elastic OpenTelemetry Java 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0378 VulnƩrabilitƩ dans Symantec Data Loss Prevention (DLP) 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0377 Multiples vulnƩrabilitƩs dans Papercut 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-avi-0376 Multiples vulnƩrabilitƩs dans les produits Microsoft 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0375 Multiples vulnƩrabilitƩs dans Microsoft Edge 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0374 VulnƩrabilitƩ dans Docker Desktop 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0373 VulnƩrabilitƩ dans Roundcube 2026-03-30T00:00:00.000000 2026-03-30T00:00:00.000000
certfr-2026-avi-0372 Multiples vulnƩrabilitƩs dans les produits IBM 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
ID Description Published Updated
jvndb-2026-000049 Multiple vulnerabilities in NEC Aterm series (NV26-001) 2026-04-03T15:09+09:00 2026-04-03T15:09+09:00
jvndb-2026-009720 Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) 2026-04-02T14:58+09:00 2026-04-03T15:50+09:00
jvndb-2026-009412 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009411 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009410 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009409 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009408 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009406 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009147 Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2026-03-27T18:18+09:00 2026-03-27T18:18+09:00
jvndb-2026-009148 Open Redirect Vulnerability in Hitachi Ops Center Administrator 2026-03-27T18:17+09:00 2026-03-27T18:17+09:00
jvndb-2026-000047 Multiple vulnerabilities in baserCMS 2026-03-27T18:00+09:00 2026-03-27T18:00+09:00
jvndb-2026-000045 WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting 2026-03-27T17:34+09:00 2026-03-27T17:34+09:00
jvndb-2026-000046 Multiple vulnerabilities in BUFFALO Wi-Fi routers 2026-03-27T17:18+09:00 2026-03-27T17:18+09:00
jvndb-2026-000044 Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000042 Digital Photo Frame GH-WDF10A vulnerable to improper access restriction 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000043 SHARP routers missing authentication for some web APIs 2026-03-25T18:41+09:00 2026-03-25T18:41+09:00
jvndb-2026-000040 Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries 2026-03-25T18:13+09:00 2026-03-25T18:13+09:00
jvndb-2026-000041 SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths 2026-03-25T17:58+09:00 2026-03-25T17:58+09:00
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-03-23T14:54+09:00
jvndb-2026-007524 Vulnerability in Hitachi Command Suite 2026-03-17T16:42+09:00 2026-03-17T16:42+09:00
jvndb-2026-000038 Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries 2026-03-17T14:57+09:00 2026-03-17T14:57+09:00
jvndb-2026-000039 Missing authorization in the OpenAI thread/message API endpoints of GROWI 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-000037 OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-006887 Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 2026-03-12T17:22+09:00 2026-03-12T17:22+09:00
jvndb-2026-000036 Improper file access permission settings in multiple Digital Arts products 2026-03-09T14:57+09:00 2026-03-09T16:23+09:00
jvndb-2026-000035 Installer for Qsee Client may insecurely load Dynamic Link Libraries 2026-03-09T14:57+09:00 2026-03-09T14:57+09:00
jvndb-2026-006102 Security issues in ESC/POS 2026-03-06T10:31+09:00 2026-03-06T10:31+09:00
jvndb-2026-000034 django-allauth vulnerable to open redirect 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000033 EC-CUBE vulnerable to multi-factor authentication bypass 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000032 Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) 2026-03-04T12:20+09:00 2026-03-04T12:20+09:00
ID Description Published Updated
cnvd-2026-15152 OpenClawꋒē»ęœåŠ”ę¼ę“žļ¼ˆCNVD-2026-15152ļ¼‰ 2026-03-26 2026-03-27
cnvd-2026-15058 OpenClaw命令ę³Øå…„ę¼ę“žļ¼ˆCNVD-2026-15058ļ¼‰ 2026-03-26 2026-03-26
cnvd-2026-15057 OpenClaw加åÆ†é—®é¢˜ę¼ę“žļ¼ˆCNVD-2026-15057ļ¼‰ 2026-03-26 2026-03-26
cnvd-2026-15061 OpenClawę“ä½œē³»ē»Ÿå‘½ä»¤ę³Øå…„ę¼ę“ž 2026-03-24 2026-03-26
cnvd-2026-15060 OpenClawę“ä½œē³»ē»Ÿå‘½ä»¤ę³Øå…„ę¼ę“žļ¼ˆCNVD-2026-15060ļ¼‰ 2026-03-24 2026-03-26
cnvd-2026-15059 OpenClawę“ä½œē³»ē»Ÿå‘½ä»¤ę³Øå…„ę¼ę“žļ¼ˆCNVD-2026-15059ļ¼‰ 2026-03-24 2026-03-26
cnvd-2026-14861 OpenClaw后ē½®é“¾ęŽ„ę¼ę“žļ¼ˆCNVD-2026-14861ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14860 OpenClaw代ē é—®é¢˜ę¼ę“žļ¼ˆCNVD-2026-14860ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14859 OpenClaw后ē½®é“¾ęŽ„ę¼ę“žļ¼ˆCNVD-2026-14859ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14858 OpenClaw后ē½®é“¾ęŽ„ę¼ę“žļ¼ˆCNVD-2026-14858ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14857 OpenClawč·Æå¾„éåŽ†ę¼ę“žļ¼ˆCNVD-2026-14857ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14856 OpenClawč·Æå¾„éåŽ†ę¼ę“žļ¼ˆCNVD-2026-14856ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14850 OpenClawč·Æå¾„éåŽ†ę¼ę“žļ¼ˆCNVD-2026-14850ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14849 OpenClaw代ē é—®é¢˜ę¼ę“žļ¼ˆCNVD-2026-14849ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14848 OpenClawč·Æå¾„éåŽ†ę¼ę“žļ¼ˆCNVD-2026-14848ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14846 OpenClaw后ē½®é“¾ęŽ„ę¼ę“ž 2026-03-24 2026-03-25
cnvd-2026-14844 OpenClaw代ē é—®é¢˜ę¼ę“žļ¼ˆCNVD-2026-14844ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14843 OpenClawčŗ«ä»½éŖŒčƁå¼ŗåŒ–ę¼ę“ž 2026-03-24 2026-03-25
cnvd-2026-14842 OpenClawč®æé—®ęŽ§åˆ¶é”™čÆÆę¼ę“žļ¼ˆCNVD-2026-14842ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14841 OpenClawꎈꝃē»•čæ‡ę¼ę“žļ¼ˆCNVD-2026-14841ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14840 OpenClawčŗ«ä»½éŖŒčƁē»•čæ‡ę¼ę“žļ¼ˆCNVD-2026-14840ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14839 OpenClawčŗ«ä»½éŖŒčƁē»•čæ‡ę¼ę“žļ¼ˆCNVD-2026-14839ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14838 OpenClaw存åœØęœŖę˜Žę¼ę“žļ¼ˆCNVD-2026-14838ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14837 OpenClawꎈꝃē»•čæ‡ę¼ę“žļ¼ˆCNVD-2026-14837ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14836 OpenClawå…ƒę•°ę®ę¬ŗéŖ—ę¼ę“ž 2026-03-24 2026-03-25
cnvd-2026-14835 OpenClawꎈꝃē»•čæ‡ę¼ę“žļ¼ˆCNVD-2026-14835ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14834 OpenClaw存åœØęœŖę˜Žę¼ę“žļ¼ˆCNVD-2026-14834ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14833 OpenClawčŗ«ä»½éŖŒčƁē»•čæ‡ę¼ę“ž 2026-03-24 2026-03-25
cnvd-2026-14832 OpenClaw存åœØęœŖę˜Žę¼ę“žļ¼ˆCNVD-2026-14832ļ¼‰ 2026-03-24 2026-03-25
cnvd-2026-14831 OpenClawꎈꝃē»•čæ‡ę¼ę“ž 2026-03-24 2026-03-25
ID Description Published Updated
bdu:2026-01844 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ сŠµŃ€Š²ŠøсŠ° Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚Šø Advanced DNS Security (ADNS) Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Š¾Š¹ сŠøстŠµŠ¼Ń‹ PAN-OS,ā€¦ 16.02.2026 16.02.2026
bdu:2026-01843 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø loadRLE() Š·Š°Š³Ń€ŃƒŠ·Ń‡ŠøŠŗŠ° TGA-ŠøŠ·Š¾Š±Ń€Š°Š¶ŠµŠ½ŠøŠ¹ (PluginTARGA.cpp) Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠ¾Š¹ Š±ŠøŠ±ā€¦ 16.02.2026 16.02.2026
bdu:2026-01842 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø ws_user_gerList() сцŠµŠ½Š°Ń€Šøя pwg.users.php сŠøстŠµŠ¼Ń‹ уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠŗŠ¾Š½Ń‚ŠµŠ½Ń‚Š¾Š¼ ā€¦ 16.02.2026 16.02.2026
bdu:2026-01841 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° Updater Š¾Š±Š»Š°Ń‡Š½Š¾Š¹ ŠæŠ»Š°Ń‚Ń„Š¾Ń€Š¼Ń‹ уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠŗŠ¾Š½Ń‚ŠµŠ¹Š½ŠµŃ€Š°Š¼Šø Arcane, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽā€¦ 16.02.2026 16.02.2026
bdu:2026-01840 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š˜Š˜-Š°Š³ŠµŠ½Ń‚Š° OpenClaw (рŠ°Š½ŠµŠµ - ClawdBot ŠøŠ»Šø MoltBot), сŠ²ŃŠ·Š°Š½Š½Š°Ń с Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŠøŠµŠ¼ ŠæрŠ¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01839 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø blocked_path() ŠæŠ°ŠŗŠµŃ‚Š° Python Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя ŠæрŠøŠ»Š¾Š¶ŠµŠ½ŠøŠ¹ Š“Š»Ń Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Š¼Š°ŃˆŠøŠ½ā€¦ 16.02.2026 16.02.2026
bdu:2026-01838 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š“рŠ°Š¹Š²ŠµŃ€Š¾Š² Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š¾Š² NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, сŠ²Ńā€¦ 16.02.2026 16.02.2026
bdu:2026-01837 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ńā€¦ 16.02.2026 16.02.2026
bdu:2026-01836 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ńā€¦ 16.02.2026 16.02.2026
bdu:2026-01835 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š“рŠ°Š¹Š²ŠµŃ€Š° ESXi base Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя сŠµŃ‚ŠµŠ²Ń‹Ń… ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Š»ŠµŃ€Š¾Š² Intel 80ā€¦ 16.02.2026 16.02.2026
bdu:2026-01834 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Š»ŠµŃ€Š¾Š² Intel Ethernet сŠµŃ€ŠøŠø E810, сŠ²ŃŠ·Š°Š½Š½Š°ā€¦ 16.02.2026 16.02.2026
bdu:2026-01833 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ тŠµŃ…Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā€¦ 16.02.2026 16.02.2026
bdu:2026-01832 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ тŠµŃ…Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā€¦ 16.02.2026 16.02.2026
bdu:2026-01831 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ тŠµŃ…Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā€¦ 16.02.2026 16.02.2026
bdu:2026-01830 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° File input Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š¾ŃŃƒŃ‰ŠµŃŃ‚Š²Šøā€¦ 16.02.2026 16.02.2026
bdu:2026-01829 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° PictureInPicture Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š¾ŠŗŠ°ā€¦ 16.02.2026 16.02.2026
bdu:2026-01828 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° Animation Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š²Š¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01827 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø ŠŗŠ¾Š½Ń„ŠøŠ“ŠµŠ½Ń†ŠøŠ°Š»ŃŒŠ½Š¾ŃŃ‚Šø Fenced Frames Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½ā€¦ 16.02.2026 16.02.2026
bdu:2026-01826 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° WebGPU Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š²Ń‹Š·Š²Š°Ń‚ŃŒ Š¾Ń‚ŠŗŠ°Š·ā€¦ 16.02.2026 16.02.2026
bdu:2026-01825 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°Ń‚Ń„Š¾Ń€Š¼Ń‹ Š½Š° Š±Š°Š·Šµ git Š“Š»Ń сŠ¾Š²Š¼ŠµŃŃ‚Š½Š¾Š¹ рŠ°Š±Š¾Ń‚Ń‹ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, сŠ²ŃŠ·ā€¦ 16.02.2026 16.02.2026
bdu:2026-01824 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°Ń‚Ń„Š¾Ń€Š¼Ń‹ Š½Š° Š±Š°Š·Šµ git Š“Š»Ń сŠ¾Š²Š¼ŠµŃŃ‚Š½Š¾Š¹ рŠ°Š±Š¾Ń‚Ń‹ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, сŠ²ŃŠ·ā€¦ 16.02.2026 16.02.2026
bdu:2026-01823 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø Š¼ŠµŠ¶ŃŠµŃ‚ŠµŠ²Ń‹Ń… эŠŗрŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01822 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, сŠ²ŃŠ·Š°Š½Š½Š°Ń с Š½ŠµŠ“Š¾ŃŃ‚Š°Ń‚Š¾Ń‡Š½Š¾Š¹ ŠæрŠ¾Š²ŠµŃ€ŠŗŠ¾Š¹ ŠøстŠ¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01821 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø Š¼ŠµŠ¶ŃŠµŃ‚ŠµŠ²Ń‹Ń… эŠŗрŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01820 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠøŠ½Ń‚ŠµŃ€Ń„ŠµŠ¹ŃŠ° ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01819 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠ¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š³Š¾ ŠøŠ½Ń‚ŠµŃ€Ń„ŠµŠ¹ŃŠ° Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOSā€¦ 16.02.2026 16.02.2026
bdu:2026-01818 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š“Š»Ń рŠ°Š·Ń€Š°Š±Š¾Ń‚ŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, сŠ²ŃŠ·Š°Š½Š½Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01817 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š“Š»Ń рŠ°Š·Ń€Š°Š±Š¾Ń‚ŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, сŠ²ŃŠ·Š°Š½Š½Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01816 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š“Š»Ń рŠ°Š·Ń€Š°Š±Š¾Ń‚ŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, сŠ²ŃŠ·Š°Š½Š½Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01815 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Microsoft ACI Confidential Containers, сŠ²ŃŠ·Š°Š½Š½Š°Ń с Š½Šµā€¦ 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā€¦ 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-sā€¦ 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E haā€¦ 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā€¦ 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā€¦ 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobileā€¦ 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications ā€¦ 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6ā€¦ 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of ā€¦ 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā€¦ 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā€¦ 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution ā€¦ 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monterā€¦ 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as usedā€¦ 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 ā€¦ 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent ā€¦ 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Neā€¦ 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includā€¦ 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial ā€¦ 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulā€¦ 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) bā€¦ 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoftā€¦ 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilitā€¦ 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, ā€¦ 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and dā€¦ 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClieā€¦ 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulā€¦ 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP ā€¦ 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabiliā€¦ 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe moā€¦ 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-029 Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers 2025-05-13T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-005 Phoenix Contact: Security Advisory for ESL Stick USB-A 2025-01-14T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-070 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2025-01-14T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-067 Phoenix Contact: Multiple Vulnerabilities in PLCnext Engineer 2024-10-08T12:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-052 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-051 Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-029 Phoenix Contact: Unbounded growth of OpenSSL session cache in multiple FL MGUARD devices 2024-06-11T06:00:00.000Z 2024-06-11T06:00:00.000Z
vde-2024-019 Phoenix Contact: Multiple vulnerabilities in the Firmware of CHARX SEC charge controllers 2024-05-14T06:00:00.000Z 2024-05-14T06:00:00.000Z
vde-2024-011 PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers 2024-03-12T07:00:00.000Z 2024-03-12T07:00:00.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-055 Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2023-12-12T07:00:00.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
advisory2026-03_vde-2026-018 CODESYS Control V3 - Externally-controlled format string in Auditlog 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-02_vde-2026-011 CODESYS Control V3 - Untrusted boot application 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-030 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-04-02T11:00:00.000Z 2026-04-02T11:00:00.000Z
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2026-013 Helmholz: Use of a Broken or Risky Cryptographic Algorithm 2026-04-07T08:00:00.000Z 2026-04-07T08:00:00.000Z
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL ā€“ Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI ā€“ devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* ā€“ Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-009 Pepperl+Fuchs: Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices 2018-07-06T14:47:00.000Z 2018-10-23T10:00:00.000Z
ID Description Published Updated
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2026-021 WAGO: Multiple Vulnerabilities in WAGO VC Hub 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-010 WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2025-007 WAGO: Year 2038 problem 2025-04-15T10:00:00.000Z 2025-04-15T10:00:00.000Z
vde-2025-004 Wago: Vulnerability in libwagosnmp 2025-03-05T11:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2025-009 WAGO: Vulnerabilities in CODESYS Control V3 - OPC UA Stack 2025-02-04T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-072 WAGO: Vulnerabilities in CODESYS Control 2024-12-03T11:00:00.000Z 2024-12-03T11:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-021 WAGO: Vulnerability in WAGO Navigator 2024-05-21T06:00:00.000Z 2024-05-21T06:00:00.000Z
vde-2023-068 WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime 2024-05-21T06:00:00.000Z 2024-05-21T06:00:00.000Z
vde-2023-039 Wago: Multiple vulnerabilities in web-based management of multiple products 2024-03-13T08:30:00.000Z 2024-03-13T08:30:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-007 WAGO: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products 2024-01-22T07:00:00.000Z 2024-01-22T07:00:00.000Z
vde-2023-045 Wago: Vulnerability in Smart Designer Web-Application 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-044 Wago: Vulnerabilities in IEC61850 Server / Telecontrol 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-037 WAGO: Remote Code execution vulnerability in managed Switches 2023-11-21T07:00:00.000Z 2023-11-21T07:00:00.000Z
vde-2023-015 WAGO: Improper privilege management in web-based management 2023-11-20T07:00:00.000Z 2023-11-20T07:00:00.000Z
ID Description Published Updated
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
vde-2022-024 Auma: SIMAĀ² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2026-003 Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime 2026-03-31T08:00:00.000Z 2026-04-01T11:00:00.000Z
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2026-04-02T10:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDAā€¦ fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifiā€¦ vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Reseā€¦ vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enumā€¦ vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet ā€¦ EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer haā€¦ EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer neā€¦ EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authenticationā€¦ gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encryā€¦ cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model Aā€¦ cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlleā€¦ cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URLā€¦ misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)ā€¦ typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was idā€¦ misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Duā€¦ misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Adā€¦ misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped ā€¦ misp
 misp
 2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036
8.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability wā€¦ misp
 misp
 2025-12-10T13:46:07.170083Z 2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035
8.3 (4.0)
Insufficient sanitization of bundle metadata (availablā€¦ CIRCL
 vulnerability-lookup
 2025-12-08T10:25:00.000Z 2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034
7 (4.0)
Missing CSRF protection on state-changing endpoints inā€¦ CIRCL
 vulnerability-lookup
 2025-12-08T10:19:00.000Z 2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033
8.1 (4.0)
Vulnerability-lookup did not track or limit failed Oneā€¦ CIRCL
 vulnerability-lookup
 2025-12-08T10:11:00.000Z 2025-12-08T12:12:53.235996Z
GCVE-1-2025-0032
10 (4.0)
The default configuration of WatchGuard Firebox deviceā€¦ watchguard
 firebox
 2025-12-03T16:25:00.000Z 2025-12-19T13:48:34.570799Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identifā€¦ misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0030
6.2 (4.0)
A cross-site scripting (XSS) vulnerability in the MISPā€¦ misp
 misp
 2025-12-03T10:53:00.000Z 2025-12-03T10:58:55.845341Z
GCVE-1-2025-0029
6.3 (4.0)
Reflected cross-site scripting (XSS) vulnerabilities iā€¦ misp
 misp
 2025-11-27T12:41:00.000Z 2025-11-27T12:48:51.085860Z
GCVE-1-2025-0028
8.5 (4.0)
Information leakage vulnerability in the MISP Feed conā€¦ misp
 misp
 2025-11-27T07:23:00.000Z 2025-12-02T08:51:35.429494Z
GCVE-1-2025-0027
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in ā€¦ misp
 misp
 2025-11-27T07:17:00.000Z 2025-12-02T08:51:04.323899Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectinā€¦ Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z