Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-7195	5.2 (3.1)	Operator-sdk: privilege escalation due to incorrect pe…	Red Hat	Compliance Operator 1	2025-08-07T19:05:08.756Z	2025-12-15T09:40:29.956Z
CVE-2025-5987	5 (3.1)	Libssh: invalid return code for chacha20 poly1305 with…			2025-07-07T14:24:12.576Z	2025-12-15T09:35:28.206Z
CVE-2025-14711	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	FantasticLBP Hotels Server hotelList.php sql injection	FantasticLBP	Hotels Server	2025-12-15T08:02:06.255Z	2025-12-15T08:02:06.255Z
CVE-2024-12087	6.5 (3.1)	Rsync: path traversal vulnerability in rsync			2025-01-14T17:57:33.927Z	2025-12-15T07:58:52.236Z
CVE-2025-14710	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	FantasticLBP Hotels Server OrderList.php sql injection	FantasticLBP	Hotels Server	2025-12-15T07:32:06.182Z	2025-12-15T07:32:06.182Z
CVE-2025-14709	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 WIRELESSCFGGET http_eshell_server…	Shiguangwu	sgwbox N3	2025-12-15T07:02:07.039Z	2025-12-15T07:02:07.039Z
CVE-2025-14021	4.3 (3.1)	The in-app browser in LINE client for iOS version…	LINE Corporation	LINE client for iOS	2025-12-15T06:41:37.992Z	2025-12-15T06:45:46.378Z
CVE-2025-14023	3.1 (3.1)	LINE client for iOS prior to 15.19 allows UI spoo…	LINE Corporation	LINE client for iOS	2025-12-15T06:45:23.025Z	2025-12-15T06:45:23.025Z
CVE-2025-14022	7.7 (3.1)	LINE client for iOS prior to 15.4 allows man-in-t…	LINE Corporation	LINE client for iOS	2025-12-15T06:43:47.276Z	2025-12-15T06:43:47.276Z
CVE-2025-14020	5.4 (3.1)	LINE client for Android versions prior to 14.20 c…	LINE Corporation	LINE client for Android	2025-12-15T06:39:51.980Z	2025-12-15T06:39:51.980Z
CVE-2025-14019	3.4 (3.1)	LINE client for Android versions from 13.8 to 15.…	LINE Corporation	LINE client for Android	2025-12-15T06:38:05.914Z	2025-12-15T06:38:05.914Z
CVE-2025-14708	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 WIREDCFGGET http_eshell_server bu…	Shiguangwu	sgwbox N3	2025-12-15T06:32:06.485Z	2025-12-15T06:32:06.485Z
CVE-2025-14707	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server…	Shiguangwu	sgwbox N3	2025-12-15T06:02:06.636Z	2025-12-15T06:02:06.636Z
CVE-2025-13355	N/A	URL Shortify < 1.11.4 - Reflected XSS	Unknown	URL Shortify	2025-12-15T06:00:08.135Z	2025-12-15T06:00:08.135Z
CVE-2025-12684	N/A	URL Shortify < 1.11.3 - Reflected XSS	Unknown	URL Shortify	2025-12-15T06:00:07.653Z	2025-12-15T06:00:07.653Z
CVE-2025-11363	N/A	Royal Elementor Addons and Templates < 1.7.1037 - Unau…	Unknown	Royal Addons for Elementor	2025-12-15T06:00:03.088Z	2025-12-15T06:00:03.088Z
CVE-2025-14712	8.7 (4.0) 7.5 (3.1)	JHENG GAO｜Student Learning Assessment and Support Syst…	JHENG GAO	Student Learning Assessment and Support System	2025-12-15T05:37:22.003Z	2025-12-15T05:37:22.003Z
CVE-2025-14549	6.9 (4.0)	OMR on Z processors Exposing a possible buffer over-re…	Eclipse OMR	Eclipse OMR	2025-12-15T05:32:22.095Z	2025-12-15T05:32:22.095Z
CVE-2025-14706	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 NETREBOOT http_eshell_server comm…	Shiguangwu	sgwbox N3	2025-12-15T05:32:05.553Z	2025-12-15T05:32:05.553Z
CVE-2025-14705	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 SHARESERVER Feature command injection	Shiguangwu	sgwbox N3	2025-12-15T05:02:06.394Z	2025-12-15T05:02:06.394Z
CVE-2025-14704	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Shiguangwu sgwbox N3 API eshell path traversal	Shiguangwu	sgwbox N3	2025-12-15T04:32:07.225Z	2025-12-15T04:32:07.225Z
CVE-2025-67897	5.3 (3.1)	In Sequoia before 2.1.0, aes_key_unwrap panics if…	sequoia-pgp	sequoia	2025-12-14T04:35:24.610Z	2025-12-15T04:27:58.389Z
CVE-2025-14703	6.9 (4.0) 5.3 (3.1) 5.3 (3.0)	Shiguangwu sgwbox N3 POST Message fsnotify improper au…	Shiguangwu	sgwbox N3	2025-12-15T04:02:07.047Z	2025-12-15T04:02:07.047Z
CVE-2025-67906	5.4 (3.1)	In MISP before 2.5.28, app/View/Elements/Workflow…	MISP	MISP	2025-12-15T03:25:46.324Z	2025-12-15T03:49:51.300Z
CVE-2025-67907	N/A	DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candidate is a reservation duplicate of CVE-2025-67906. Notes: All CVE users should reference CVE-2025-67906 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.	N/A	N/A	2025-12-15T03:33:33.794Z	2025-12-15T03:48:11.371Z
CVE-2025-14702	4.8 (4.0) 4.4 (3.1) 4.4 (3.0)	Smartbit CommV Smartschool App be.smartschool.mobile.S…	Smartbit CommV	Smartschool App	2025-12-15T03:32:06.970Z	2025-12-15T03:32:06.970Z
CVE-2025-13740	6.4 (3.1)	Lightweight Accordion <= 1.5.20 - Authenticated (Contr…	someguy9	Lightweight Accordion	2025-12-15T03:20:20.056Z	2025-12-15T03:20:20.056Z
CVE-2025-14699	4.8 (4.0) 5.3 (3.1) 5.3 (3.0)	Municorn FAX App biz.faxapp.app path traversal	Municorn	FAX App	2025-12-15T03:02:05.711Z	2025-12-15T03:02:05.711Z
CVE-2025-14698	4.8 (4.0) 4.4 (3.1) 4.4 (3.0)	atlaszz AI Photo Team Galleryit App gallery.photogalle…	atlaszz AI Photo Team	Galleryit App	2025-12-15T02:32:06.926Z	2025-12-15T02:32:06.926Z
CVE-2025-12377	4.3 (3.1)	Gallery Plugin for WordPress – Envira Photo Gallery <=…	smub	Gallery Plugin for WordPress – Envira Photo Gallery	2025-11-13T11:29:03.241Z	2025-12-15T02:21:32.994Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-14711	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	FantasticLBP Hotels Server hotelList.php sql injection	FantasticLBP	Hotels Server	2025-12-15T08:02:06.255Z	2025-12-15T08:02:06.255Z
CVE-2025-14710	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	FantasticLBP Hotels Server OrderList.php sql injection	FantasticLBP	Hotels Server	2025-12-15T07:32:06.182Z	2025-12-15T07:32:06.182Z
CVE-2024-12087	6.5 (3.1)	Rsync: path traversal vulnerability in rsync			2025-01-14T17:57:33.927Z	2025-12-15T07:58:52.236Z
CVE-2025-14709	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 WIRELESSCFGGET http_eshell_server…	Shiguangwu	sgwbox N3	2025-12-15T07:02:07.039Z	2025-12-15T07:02:07.039Z
CVE-2025-14708	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 WIREDCFGGET http_eshell_server bu…	Shiguangwu	sgwbox N3	2025-12-15T06:32:06.485Z	2025-12-15T06:32:06.485Z
CVE-2025-14023	3.1 (3.1)	LINE client for iOS prior to 15.19 allows UI spoo…	LINE Corporation	LINE client for iOS	2025-12-15T06:45:23.025Z	2025-12-15T06:45:23.025Z
CVE-2025-14022	7.7 (3.1)	LINE client for iOS prior to 15.4 allows man-in-t…	LINE Corporation	LINE client for iOS	2025-12-15T06:43:47.276Z	2025-12-15T06:43:47.276Z
CVE-2025-14021	4.3 (3.1)	The in-app browser in LINE client for iOS version…	LINE Corporation	LINE client for iOS	2025-12-15T06:41:37.992Z	2025-12-15T06:45:46.378Z
CVE-2025-14020	5.4 (3.1)	LINE client for Android versions prior to 14.20 c…	LINE Corporation	LINE client for Android	2025-12-15T06:39:51.980Z	2025-12-15T06:39:51.980Z
CVE-2025-14019	3.4 (3.1)	LINE client for Android versions from 13.8 to 15.…	LINE Corporation	LINE client for Android	2025-12-15T06:38:05.914Z	2025-12-15T06:38:05.914Z
CVE-2025-14712	8.7 (4.0) 7.5 (3.1)	JHENG GAO｜Student Learning Assessment and Support Syst…	JHENG GAO	Student Learning Assessment and Support System	2025-12-15T05:37:22.003Z	2025-12-15T05:37:22.003Z
CVE-2025-14707	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server…	Shiguangwu	sgwbox N3	2025-12-15T06:02:06.636Z	2025-12-15T06:02:06.636Z
CVE-2025-14706	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 NETREBOOT http_eshell_server comm…	Shiguangwu	sgwbox N3	2025-12-15T05:32:05.553Z	2025-12-15T05:32:05.553Z
CVE-2025-14549	6.9 (4.0)	OMR on Z processors Exposing a possible buffer over-re…	Eclipse OMR	Eclipse OMR	2025-12-15T05:32:22.095Z	2025-12-15T05:32:22.095Z
CVE-2025-13355	N/A	URL Shortify < 1.11.4 - Reflected XSS	Unknown	URL Shortify	2025-12-15T06:00:08.135Z	2025-12-15T06:00:08.135Z
CVE-2025-12684	N/A	URL Shortify < 1.11.3 - Reflected XSS	Unknown	URL Shortify	2025-12-15T06:00:07.653Z	2025-12-15T06:00:07.653Z
CVE-2025-11363	N/A	Royal Elementor Addons and Templates < 1.7.1037 - Unau…	Unknown	Royal Addons for Elementor	2025-12-15T06:00:03.088Z	2025-12-15T06:00:03.088Z
CVE-2025-14705	9.3 (4.0) 9.8 (3.1) 9.8 (3.0)	Shiguangwu sgwbox N3 SHARESERVER Feature command injection	Shiguangwu	sgwbox N3	2025-12-15T05:02:06.394Z	2025-12-15T05:02:06.394Z
CVE-2025-14704	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Shiguangwu sgwbox N3 API eshell path traversal	Shiguangwu	sgwbox N3	2025-12-15T04:32:07.225Z	2025-12-15T04:32:07.225Z
CVE-2025-67907	N/A	DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candidate is a reservation duplicate of CVE-2025-67906. Notes: All CVE users should reference CVE-2025-67906 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.	N/A	N/A	2025-12-15T03:33:33.794Z	2025-12-15T03:48:11.371Z
CVE-2025-67906	5.4 (3.1)	In MISP before 2.5.28, app/View/Elements/Workflow…	MISP	MISP	2025-12-15T03:25:46.324Z	2025-12-15T03:49:51.300Z
CVE-2025-14703	6.9 (4.0) 5.3 (3.1) 5.3 (3.0)	Shiguangwu sgwbox N3 POST Message fsnotify improper au…	Shiguangwu	sgwbox N3	2025-12-15T04:02:07.047Z	2025-12-15T04:02:07.047Z
CVE-2025-14702	4.8 (4.0) 4.4 (3.1) 4.4 (3.0)	Smartbit CommV Smartschool App be.smartschool.mobile.S…	Smartbit CommV	Smartschool App	2025-12-15T03:32:06.970Z	2025-12-15T03:32:06.970Z
CVE-2025-13740	6.4 (3.1)	Lightweight Accordion <= 1.5.20 - Authenticated (Contr…	someguy9	Lightweight Accordion	2025-12-15T03:20:20.056Z	2025-12-15T03:20:20.056Z
CVE-2025-14699	4.8 (4.0) 5.3 (3.1) 5.3 (3.0)	Municorn FAX App biz.faxapp.app path traversal	Municorn	FAX App	2025-12-15T03:02:05.711Z	2025-12-15T03:02:05.711Z
CVE-2025-14698	4.8 (4.0) 4.4 (3.1) 4.4 (3.0)	atlaszz AI Photo Team Galleryit App gallery.photogalle…	atlaszz AI Photo Team	Galleryit App	2025-12-15T02:32:06.926Z	2025-12-15T02:32:06.926Z
CVE-2025-14697	6.3 (4.0) 3.7 (3.1) 3.7 (3.0)	Shenzhen Sixun Software Sixun Shanghui Group Business …	Shenzhen Sixun Software	Sixun Shanghui Group Business Management System	2025-12-15T02:02:06.388Z	2025-12-15T02:02:06.388Z
CVE-2025-12377	4.3 (3.1)	Gallery Plugin for WordPress – Envira Photo Gallery <=…	smub	Gallery Plugin for WordPress – Envira Photo Gallery	2025-11-13T11:29:03.241Z	2025-12-15T02:21:32.994Z
CVE-2025-14696	6.9 (4.0) 5.3 (3.1) 5.3 (3.0)	Shenzhen Sixun Software Sixun Shanghui Group Business …	Shenzhen Sixun Software	Sixun Shanghui Group Business Management System	2025-12-15T01:32:06.512Z	2025-12-15T01:32:06.512Z
CVE-2025-43532	2.8 (3.1)	A memory corruption issue was addressed with impr…	Apple	macOS	2025-12-12T20:56:45.545Z	2025-12-15T00:59:37.427Z

ID	Description	Published	Updated
fkie_cve-2025-14711	A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0.…	2025-12-15T08:15:41.933	2025-12-15T08:15:41.933
fkie_cve-2025-14710	A vulnerability was detected in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fc…	2025-12-15T08:15:41.680	2025-12-15T08:15:41.680
fkie_cve-2024-12087	A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recurs…	2025-01-14T18:15:25.467	2025-12-15T08:15:40.650
fkie_cve-2025-14709	A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue i…	2025-12-15T07:15:51.520	2025-12-15T07:15:51.520
fkie_cve-2025-14708	A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an…	2025-12-15T07:15:51.230	2025-12-15T07:15:51.230
fkie_cve-2025-14023	LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation…	2025-12-15T07:15:51.110	2025-12-15T07:15:51.110
fkie_cve-2025-14022	LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certific…	2025-12-15T07:15:50.980	2025-12-15T07:15:50.980
fkie_cve-2025-14021	The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoo…	2025-12-15T07:15:50.850	2025-12-15T07:15:50.850
fkie_cve-2025-14020	LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app …	2025-12-15T07:15:50.720	2025-12-15T07:15:50.720
fkie_cve-2025-14019	LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app brows…	2025-12-15T07:15:49.437	2025-12-15T07:15:49.437
fkie_cve-2025-14712	Student Learning Assessment and Support System developed by JHENG GAO has a Exposure of Sensitive I…	2025-12-15T06:15:43.263	2025-12-15T06:15:43.263
fkie_cve-2025-14707	A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function…	2025-12-15T06:15:43.087	2025-12-15T06:15:43.087
fkie_cve-2025-14706	A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of …	2025-12-15T06:15:42.900	2025-12-15T06:15:42.900
fkie_cve-2025-14549	In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse Ope…	2025-12-15T06:15:42.733	2025-12-15T06:15:42.733
fkie_cve-2025-13355	The URL Shortify WordPress plugin before 1.11.4 does not sanitise and escape a parameter before ou…	2025-12-15T06:15:42.630	2025-12-15T06:15:42.630
fkie_cve-2025-12684	The URL Shortify WordPress plugin before 1.11.3 does not sanitize and escape a parameter before ou…	2025-12-15T06:15:42.530	2025-12-15T06:15:42.530
fkie_cve-2025-11363	The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation…	2025-12-15T06:15:42.383	2025-12-15T06:15:42.383
fkie_cve-2025-14705	A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of …	2025-12-15T05:15:51.350	2025-12-15T05:15:51.350
fkie_cve-2025-14704	A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted element is an unknown functi…	2025-12-15T05:15:43.967	2025-12-15T05:15:43.967
fkie_cve-2025-67907	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candida…	2025-12-15T04:15:37.267	2025-12-15T04:15:37.267
fkie_cve-2025-67906	In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow exe…	2025-12-15T04:15:37.110	2025-12-15T04:15:37.110
fkie_cve-2025-14703	A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The affected element is an unknown f…	2025-12-15T04:15:36.933	2025-12-15T04:15:36.933
fkie_cve-2025-14702	A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown functi…	2025-12-15T04:15:36.760	2025-12-15T04:15:36.760
fkie_cve-2025-13740	The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…	2025-12-15T04:15:36.577	2025-12-15T04:15:36.577
fkie_cve-2025-14699	A security vulnerability has been detected in Municorn FAX App 3.27.0 on Android. This vulnerabilit…	2025-12-15T03:15:45.060	2025-12-15T03:15:45.060
fkie_cve-2025-14698	A weakness has been identified in atlaszz AI Photo Team Galleryit App 1.3.8.2 on Android. This affe…	2025-12-15T03:15:44.870	2025-12-15T03:15:44.870
fkie_cve-2025-14697	A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Manage…	2025-12-15T03:15:44.683	2025-12-15T03:15:44.683
fkie_cve-2025-12377	The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unaut…	2025-11-13T12:15:48.903	2025-12-15T03:15:44.510
fkie_cve-2025-14696	A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management …	2025-12-15T02:15:36.320	2025-12-15T02:15:36.320
fkie_cve-2025-43532	A memory corruption issue was addressed with improved bounds checking. This issue is fixed in macOS…	2025-12-12T21:15:57.390	2025-12-15T01:15:38.840

ID	Severity	Description	Published	Updated
ghsa-gjj8-h4fr-jgwm	9.8 (3.1) 8.9 (4.0)	A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue i…	2025-12-15T09:31:29Z	2025-12-15T09:31:29Z
ghsa-5v8q-wxhj-q245	7.3 (3.1) 5.5 (4.0)	A flaw has been found in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fcbec1d0.…	2025-12-15T09:31:29Z	2025-12-15T09:31:29Z
ghsa-5gpc-pg4c-j9mr	7.3 (3.1) 5.5 (4.0)	A vulnerability was detected in FantasticLBP Hotels Server up to 67b44df162fab26df209bd5d5d542875fc…	2025-12-15T09:31:29Z	2025-12-15T09:31:29Z
ghsa-whq5-2m4p-xgmp	3.1 (3.1)	LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation…	2025-12-15T09:31:28Z	2025-12-15T09:31:28Z
ghsa-p444-369q-pjgr	5.4 (3.1)	LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app …	2025-12-15T09:31:28Z	2025-12-15T09:31:28Z
ghsa-h66v-gcx5-5fhw	4.3 (3.1)	The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoo…	2025-12-15T09:31:28Z	2025-12-15T09:31:28Z
ghsa-9x68-7qq6-v523	6.5 (3.1)	A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recurs…	2025-01-14T18:32:00Z	2025-12-15T09:31:28Z
ghsa-85v2-6j9h-fhq9	7.7 (3.1)	LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certific…	2025-12-15T09:31:28Z	2025-12-15T09:31:28Z
ghsa-7hpx-mgwg-xh9p	3.4 (3.1)	LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app brows…	2025-12-15T09:31:28Z	2025-12-15T09:31:28Z
ghsa-3r9j-whrx-qqrg	9.8 (3.1) 8.9 (4.0)	A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an…	2025-12-15T09:31:28Z	2025-12-15T09:31:28Z
ghsa-wm3j-77wq-prwp	9.8 (3.1) 8.9 (4.0)	A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function…	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-rw8m-hvvr-gqpp	6.9 (4.0)	In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse Ope…	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-p76h-gwg5-j85j	9.8 (3.1) 8.9 (4.0)	A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of …	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-jpjm-2g38-x396	7.5 (3.1) 8.7 (4.0)	Student Learning Assessment and Support System developed by JHENG GAO has a Exposure of Sensitive I…	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-f6cr-5vcg-p3cg		The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation…	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-9h3v-9qqv-822m	9.8 (3.1) 8.9 (4.0)	A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of …	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-88pj-m87f-2hv5		The URL Shortify WordPress plugin before 1.11.4 does not sanitise and escape a parameter before ou…	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-6hp6-j394-rmqr		The URL Shortify WordPress plugin before 1.11.3 does not sanitize and escape a parameter before ou…	2025-12-15T06:31:16Z	2025-12-15T06:31:16Z
ghsa-x84j-v2j2-g9v8	5.4 (3.1)	In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow exe…	2025-12-15T06:31:15Z	2025-12-15T06:31:15Z
ghsa-wpmx-929x-xv8j		Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candida…	2025-12-15T06:31:15Z	2025-12-15T06:31:15Z
ghsa-r3r3-89fv-rw6f	5.3 (3.1) 5.5 (4.0)	A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25. The affected element is an unknown f…	2025-12-15T06:31:15Z	2025-12-15T06:31:15Z
ghsa-9649-47r9-xcxc	4.4 (3.1) 1.9 (4.0)	A flaw has been found in Smartbit CommV Smartschool App up to 10.4.4. Impacted is an unknown functi…	2025-12-15T06:31:15Z	2025-12-15T06:31:15Z
ghsa-72v6-44v4-h4vc	7.3 (3.1) 5.5 (4.0)	A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The impacted element is an unknown functi…	2025-12-15T06:31:15Z	2025-12-15T06:31:15Z
ghsa-4jq4-pprp-6g43	6.4 (3.1)	The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…	2025-12-15T06:31:15Z	2025-12-15T06:31:15Z
ghsa-r975-qjvp-q43h	3.7 (3.1) 2.9 (4.0)	A security flaw has been discovered in Shenzhen Sixun Software Sixun Shanghui Group Business Manage…	2025-12-15T03:30:18Z	2025-12-15T03:30:18Z
ghsa-q6h9-jc46-5c2p	6.3 (3.1) 2.1 (4.0)	A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896d93eaaf9d5163a287dc9f267515b.…	2025-12-15T03:30:17Z	2025-12-15T03:30:18Z
ghsa-j2g7-5phj-jr4v	4.4 (3.1) 1.9 (4.0)	A weakness has been identified in atlaszz AI Photo Team Galleryit App 1.3.8.2 on Android. This affe…	2025-12-15T03:30:18Z	2025-12-15T03:30:18Z
ghsa-f3w6-r2g2-vx25	5.3 (3.1) 5.5 (4.0)	A vulnerability was identified in Shenzhen Sixun Software Sixun Shanghui Group Business Management …	2025-12-15T03:30:18Z	2025-12-15T03:30:18Z
ghsa-2348-qg6m-wv4j	5.3 (3.1) 1.9 (4.0)	A security vulnerability has been detected in Municorn FAX App 3.27.0 on Android. This vulnerabilit…	2025-12-15T03:30:18Z	2025-12-15T03:30:18Z
ghsa-v8cp-m2g2-whfj	3.3 (3.1)	An information disclosure issue was addressed with improved privacy controls. This issue is fixed i…	2025-12-12T21:31:39Z	2025-12-15T03:30:17Z

ID	Severity	Description	Package	Published	Updated
pysec-2024-84	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2025-12-09T17:23:14.975110Z
pysec-2024-82	8.8 (3.1)	Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB…	mindsdb	2024-09-12T13:15:00Z	2025-12-09T17:23:14.749401Z
pysec-2024-85	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2025-12-09T17:05:38.757067Z
pysec-2024-83	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2025-12-09T17:05:38.565488Z
pysec-2023-278	5.3 (3.1)	MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1…	mindsdb	2023-12-11T21:15:00Z	2025-12-09T17:05:38.354023Z
pysec-2025-52		gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.	mlflow	2025-06-23T15:15:29Z	2025-12-05T13:25:55.146081Z
pysec-2020-220		A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll…	ansible	2020-10-05T14:15:00Z	2025-10-31T04:43:53.616247Z
pysec-2025-72		The `num2words` project was compromised via a phishing attack and two new versions were u…	num2words		2025-07-31T14:34:47+00:00
pysec-2025-71		Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas…	cadwyn	2025-07-21T21:15:25+00:00	2025-07-23T15:24:03.825615+00:00
pysec-2025-70	10.0 (3.1)	A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen…	langchain-community	2025-06-23T21:15:25+00:00	2025-07-16T21:23:40.211079+00:00
pysec-2024-259	9.8 (3.1)	In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m…	torch	2024-10-29T21:15:04+00:00	2025-07-16T03:09:57.748865+00:00
pysec-2024-258		In scrapy/scrapy, an issue was identified where the Authorization header is not removed d…	scrapy	2024-05-20T08:15:08+00:00	2025-07-15T17:37:50.051730+00:00
pysec-2025-69		In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem…	roundup	2025-07-13T20:15:25+00:00	2025-07-13T21:23:01.161315+00:00
pysec-2025-68	8.0 (3.1)	A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.449399+00:00
pysec-2025-67	9.8 (3.1)	A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.385619+00:00
pysec-2025-66		Improper privilege management in a REST interface allowed registered users to access unau…	streampipes	2025-03-03T11:15:11+00:00	2025-07-08T15:23:46.628375+00:00
pysec-2025-65		A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0…	llama-index	2025-07-07T13:15:28+00:00	2025-07-07T15:23:42.730681+00:00
pysec-2025-61		Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap …	pillow	2025-07-01T19:15:27Z	2025-07-07T14:12:46.226030Z
pysec-2025-64	9.8 (3.1)	A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0…	python-a2a	2025-06-17T07:15:18+00:00	2025-07-02T21:23:13.806273+00:00
pysec-2025-63		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe…	vllm	2025-03-19T16:15:32+00:00	2025-07-01T23:22:49.176005+00:00
pysec-2025-62		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal…	vllm	2025-02-07T20:15:34+00:00	2025-07-01T23:22:49.083695+00:00
pysec-2025-60		Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform…	apache-iotdb	2025-05-14T11:16:28+00:00	2025-07-01T21:22:47.232036+00:00
pysec-2025-59		Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack…	apache-iotdb	2025-05-14T11:15:47+00:00	2025-07-01T21:22:47.177405+00:00
pysec-2024-257	7.5 (3.1)	Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-03-22T23:15:07+00:00	2025-06-30T15:23:50.085549+00:00
pysec-2025-58	8.8 (3.1)	vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl…	vllm	2025-01-27T18:15:41+00:00	2025-06-27T21:22:36.583615+00:00
pysec-2025-57		A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent…	zenml	2025-03-20T10:15:48+00:00	2025-06-27T17:22:55.175431+00:00
pysec-2025-56	4.3 (3.1)	OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t…	octoprint	2025-04-22T18:15:59+00:00	2025-06-27T17:22:53.513680+00:00
pysec-2024-256		Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-12-03T16:15:24+00:00	2025-06-27T17:22:53.325430+00:00
pysec-2025-55		vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u…	vllm	2025-05-30T19:15:30+00:00	2025-06-26T21:23:06.407481+00:00
pysec-2025-54		vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8…	vllm	2025-05-30T19:15:30+00:00	2025-06-26T21:23:06.319321+00:00

ID	Description	Updated
gsd-2024-33903	In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede…	2024-04-29T05:02:07.295775Z
gsd-2024-33902	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.486429Z
gsd-2024-33901	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.525896Z
gsd-2024-33900	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.290639Z
gsd-2024-33899	RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr…	2024-04-29T05:02:07.400574Z
gsd-2024-33898	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287632Z
gsd-2024-33897	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.283756Z
gsd-2024-33896	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.313250Z
gsd-2024-33895	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.493081Z
gsd-2024-33894	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.488420Z
gsd-2024-33893	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.381761Z
gsd-2024-33892	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.378170Z
gsd-2024-33891	Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th…	2024-04-29T05:02:07.412035Z
gsd-2024-33890	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.344384Z
gsd-2024-33889	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.392587Z
gsd-2024-33888	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.468423Z
gsd-2024-33887	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.503613Z
gsd-2024-33886	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287167Z
gsd-2024-33885	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.441746Z
gsd-2024-33884	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.534455Z
gsd-2024-33883	The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa…	2024-04-29T05:02:07.271727Z
gsd-2024-4303	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.716348Z
gsd-2024-4302	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.603637Z
gsd-2024-4301	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.678292Z
gsd-2024-4300	E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo…	2024-04-29T05:02:05.715239Z
gsd-2024-4299	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc…	2024-04-29T05:02:05.606402Z
gsd-2024-4298	The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit…	2024-04-29T05:02:05.598531Z
gsd-2024-4297	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo…	2024-04-29T05:02:05.700888Z
gsd-2024-4296	The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock…	2024-04-29T05:02:05.621428Z
gsd-2024-33882	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.803998Z

ID	Description	Published	Updated
mal-2025-191669	Malicious code in wfui-dsm-react-ui (npm)	2025-12-02T17:30:50Z	2025-12-15T08:26:49Z
mal-2025-191668	Malicious code in wfui-dbd-react-ui (npm)	2025-12-02T17:36:00Z	2025-12-15T08:26:49Z
mal-2025-191545	Malicious code in wfui-test-e2e (npm)	2025-12-02T05:10:24Z	2025-12-15T08:26:49Z
mal-2025-191951	Malicious code in @wb-drive/icons (npm)	2025-12-03T01:23:28Z	2025-12-15T08:26:44Z
mal-2025-192578	Malicious code in xboxlive-auth (npm)	2025-12-15T07:43:52Z	2025-12-15T07:43:58Z
mal-2025-192574	Malicious code in bignumex (npm)	2025-12-15T07:43:03Z	2025-12-15T07:43:03Z
mal-2025-192575	Malicious code in polygon-src (npm)	2025-12-15T07:40:32Z	2025-12-15T07:40:33Z
mal-2025-192573	Malicious code in @revvity-signals/chemdraw-js (npm)	2025-12-15T07:34:01Z	2025-12-15T07:34:02Z
mal-2025-192577	Malicious code in sd-skbms (npm)	2025-12-15T07:33:11Z	2025-12-15T07:33:12Z
mal-2025-192576	Malicious code in sd-security (npm)	2025-12-15T07:33:11Z	2025-12-15T07:33:11Z
mal-2025-192572	Malicious code in phx-core (npm)	2025-12-15T06:02:42Z	2025-12-15T06:02:42Z
mal-2025-192571	Malicious code in paypal-scripts-server-utils (npm)	2025-12-15T05:39:09Z	2025-12-15T05:39:10Z
mal-2025-192472	Malicious code in elf-stats-candlelit-nutcracker-184 (npm)	2025-12-11T19:46:09Z	2025-12-15T05:25:54Z
mal-2025-192083	Malicious code in elf-stats-marzipan-muffin-733 (npm)	2025-12-03T15:59:29Z	2025-12-15T05:25:54Z
mal-2025-192570	Malicious code in @mohamed1687/iut-encrypt (npm)	2025-12-15T04:50:36Z	2025-12-15T04:50:36Z
mal-2025-192171	Malicious code in elf-stats-sugarplum-fireplace-278 (npm)	2025-12-03T15:59:29Z	2025-12-15T04:31:46Z
mal-2025-192024	Malicious code in elf-stats-evergreen-muffin-867 (npm)	2025-12-03T11:42:10Z	2025-12-15T04:31:46Z
mal-2025-192392	Malicious code in ajenti-plugin-testing-pyld (PyPI)	2025-12-09T18:32:50Z	2025-12-15T03:33:46Z
mal-2024-3055	Malicious code in stitch-ui-toolbox (npm)	2024-06-25T13:02:06Z	2025-12-15T03:33:45Z
mal-2025-192569	Malicious code in @ikarem/telemetry (npm)	2025-12-14T05:03:06Z	2025-12-15T03:33:40Z
mal-0000-ossf-package-analysis-10cb4544e5ccc9bc	Malicious code in stitch-ui-toolbox (npm)	2025-12-15T01:26:07Z	2025-12-15T01:26:07Z
mal-0000-ossf-package-analysis-f77b546bc36b17b6	Malicious code in @ikarem/telemetry (npm)	2025-12-14T05:39:54Z	2025-12-14T05:39:54Z
mal-0000-ossf-package-analysis-0bdd063a8851ad4a	Malicious code in @ikarem/telemetry (npm)	2025-12-14T05:20:40Z	2025-12-14T05:20:40Z
mal-0000-ossf-package-analysis-c075254afb72ad18	Malicious code in @ikarem/telemetry (npm)	2025-12-14T05:15:54Z	2025-12-14T05:15:54Z
mal-0000-ossf-package-analysis-74f76e276cfff1c1	Malicious code in @ikarem/telemetry (npm)	2025-12-14T05:08:54Z	2025-12-14T05:08:54Z
mal-0000-ossf-package-analysis-43ab3fc889bb1c1c	Malicious code in @ikarem/telemetry (npm)	2025-12-14T05:03:06Z	2025-12-14T05:03:06Z
mal-0000-kam193-c9f06b3dac61d0ba	Pentesting or research code in ajenti-plugin-testing-pyld (PyPI)	2025-12-09T18:32:50Z	2025-12-12T22:42:32Z
mal-0000-kam193-d21d0d38383da324	Pentesting or research code in ajenti-plugin-testing-pyld (PyPI)	2025-12-09T18:32:50Z	2025-12-12T20:28:04Z
mal-0000-ghsa-malware-a4cb0b7561fc88b1	Malware in @8x8/fetlife-assets	2022-06-20T18:19:57Z	2025-12-12T19:25:28Z
mal-2024-12363	Malicious code in threading-assistant (PyPI)	2024-08-19T09:59:22Z	2025-12-12T12:13:06Z

ID	Description	Published	Updated
wid-sec-w-2025-2580	Google Chrome/Microsoft Edge: Schwachstelle ermöglicht nicht näher beschriebene Auswirkungen	2025-11-11T23:00:00.000+00:00	2025-12-14T23:00:00.000+00:00
wid-sec-w-2025-2814	Google Chrome/Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2025-12-10T23:00:00.000+00:00	2025-12-11T23:00:00.000+00:00
wid-sec-w-2025-2676	GeoServer: Mehrere Schwachstellen	2025-11-25T23:00:00.000+00:00	2025-12-11T23:00:00.000+00:00
wid-sec-w-2025-2789	Adobe Experience Manager: Mehrere Schwachstellen	2025-12-09T23:00:00.000+00:00	2025-12-10T23:00:00.000+00:00
wid-sec-w-2025-0104	Kubernetes: Schwachstelle ermöglicht Codeausführung	2025-01-15T23:00:00.000+00:00	2025-12-10T23:00:00.000+00:00
wid-sec-w-2025-1375	WinRAR: Schwachstelle ermöglicht Codeausführung	2025-06-23T22:00:00.000+00:00	2025-12-09T23:00:00.000+00:00
wid-sec-w-2025-2751	WebKitGTK: Mehrere Schwachstellen	2025-12-04T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2750	Apache HTTP Server: Mehrere Schwachstellen	2025-12-04T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2746	IBM InfoSphere Information Server: Schwachstelle ermöglicht Offenlegung von Informationen	2025-12-04T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2711	Android Patchday Dezember 2025: Mehrere Schwachstellen	2025-12-01T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2702	Red Hat Enterprise Linux (Developer Hub): Schwachstelle ermöglicht Manipulation von Dateien	2025-11-30T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2663	libpng: Mehrere Schwachstellen	2025-11-23T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2657	WebKitGTK: Mehrere Schwachstellen	2025-11-20T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2655	CUPS-Filters: Schwachstelle ermöglicht Codeausführung	2025-11-20T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2600	PostgreSQL: Mehrere Schwachstellen ermöglichen Denial of Service	2025-11-13T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2598	CUPS (Filters): Mehrere Schwachstellen	2025-11-13T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2595	Linux Kernel: Mehrere Schwachstellen	2025-11-12T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2586	Red Hat Enterprise Linux (python-kdcproxy): Mehrere Schwachstellen	2025-11-12T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2579	Linux Kernel: Mehrere Schwachstellen	2025-11-11T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2566	Mozilla Firefox und Firefox ESR: Mehrere Schwachstellen	2025-11-11T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2531	Linux Kernel: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen	2025-11-09T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2485	cURL (wcurl): Schwachstelle ermöglicht Manipulation von Dateien	2025-11-03T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2472	Samsung Android: Mehrere Schwachstellen	2025-11-03T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2468	CPython: Schwachstelle ermöglicht Denial of Service	2025-11-02T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2450	Linux Kernel: Mehrere Schwachstellen	2025-10-29T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2449	GIMP: Schwachstelle ermöglicht Codeausführung	2025-10-29T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2431	Linux Kernel: Mehrere Schwachstellen	2025-10-28T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2407	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-10-26T23:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2404	AMD “Zen 5” Prozessoren: Schwachstelle gefährdet Vertraulichkeit und Integrität	2025-10-23T22:00:00.000+00:00	2025-12-08T23:00:00.000+00:00
wid-sec-w-2025-2392	Internet Systems Consortium BIND: Mehrere Schwachstellen	2025-10-22T22:00:00.000+00:00	2025-12-08T23:00:00.000+00:00

ID	Description	Published	Updated
ncsc-2025-0397	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2025-12-15T09:08:39.804149Z	2025-12-15T09:08:39.804149Z
ncsc-2025-0396	Kwetsbaarheden verholpen in Apple macOS	2025-12-15T09:06:36.450655Z	2025-12-15T09:06:36.450655Z
ncsc-2025-0394	Kwetsbaarheden verholpen in React Server Components	2025-12-12T09:04:19.324080Z	2025-12-12T10:46:34.688189Z
ncsc-2025-0395	Kwetsbaarheden verholpen in SAP Software	2025-12-12T09:29:08.429888Z	2025-12-12T09:29:08.429888Z
ncsc-2025-0393	Kwetsbaarheid verholpen in GeoServer	2025-12-12T08:12:18.831044Z	2025-12-12T09:02:27.681292Z
ncsc-2025-0392	Kwetsbaarheid verholpen in Barracuda Service Center	2025-12-11T13:53:23.819008Z	2025-12-11T13:53:23.819008Z
ncsc-2025-0391	Kwetsbaarheden verholpen in Ivanti Endpoint Manager	2025-12-11T13:51:55.178462Z	2025-12-11T13:51:55.178462Z
ncsc-2025-0390	Kwetsbaarheden verholpen in GitLab CE/EE	2025-12-11T09:22:54.841848Z	2025-12-11T09:22:54.841848Z
ncsc-2025-0389	Kwetsbaarheden verholpen in Adobe Experience Manager	2025-12-10T14:59:57.911864Z	2025-12-10T14:59:57.911864Z
ncsc-2025-0388	Kwetsbaarheden verholpen in Adobe Acrobat Reader	2025-12-10T13:35:58.314547Z	2025-12-10T13:35:58.314547Z
ncsc-2025-0387	Kwetsbaarheden verholpen in Adobe ColdFusion	2025-12-10T13:34:08.908897Z	2025-12-10T13:34:08.908897Z
ncsc-2025-0386	Kwetsbaarheden verholpen in Fortinet producten	2025-12-10T09:51:34.918202Z	2025-12-10T09:51:34.918202Z
ncsc-2025-0385	Kwetsbaarheden verholpen in Microsoft Exchange	2025-12-09T18:42:32.332749Z	2025-12-09T18:42:32.332749Z
ncsc-2025-0384	Kwetsbaarheden verholpen in Microsoft Office	2025-12-09T18:40:33.839342Z	2025-12-09T18:40:33.839342Z
ncsc-2025-0383	Kwetsbaarheden verholpen in Microsoft Windows	2025-12-09T18:39:18.152251Z	2025-12-09T18:39:18.152251Z
ncsc-2025-0382	Kwetsbaarheden verholpen in Siemens producten	2025-12-09T13:15:05.391966Z	2025-12-09T13:15:05.391966Z
ncsc-2025-0381	Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform	2025-12-08T08:23:21.965599Z	2025-12-08T08:23:21.965599Z
ncsc-2025-0380	Kwetsbaarheden verholpen in React Server Components	2025-12-03T20:11:57.728117Z	2025-12-05T12:13:36.590522Z
ncsc-2025-0379	Kwetsbaarheden verholpen in Google Android en Samsung Mobile	2025-12-02T13:25:17.745981Z	2025-12-02T13:25:17.745981Z
ncsc-2025-0378	Kwetsbaarheden verholpen in Mattermost	2025-11-28T09:53:42.334621Z	2025-11-28T09:53:42.334621Z
ncsc-2025-0377	Kwetsbaarheden verholpen in GitLab	2025-11-27T13:35:09.121804Z	2025-11-27T13:35:09.121804Z
ncsc-2025-0376	Kwetsbaarheden verholpen in SonicWall Email Security appliances	2025-11-21T16:06:33.949861Z	2025-11-21T16:06:33.949861Z
ncsc-2025-0375	Kwetsbaarheid verholpen in Progress MOVEit Transfer	2025-11-21T16:06:14.387571Z	2025-11-21T16:06:14.387571Z
ncsc-2025-0334	Kwetsbaarheden verholpen in Oracle Fusion Middleware	2025-10-23T13:42:11.992643Z	2025-11-21T16:03:18.991100Z
ncsc-2025-0374	Kwetsbaarheden verholpen in Arista EOS	2025-11-20T11:48:20.126141Z	2025-11-20T11:48:20.126141Z
ncsc-2025-0373	Kwetsbaarheden verholpen in Fortinet FortiOS	2025-11-19T08:35:31.999400Z	2025-11-19T08:35:31.999400Z
ncsc-2025-0372	Kwetsbaarheid verholpen in Fortinet FortiWeb	2025-11-19T08:34:59.616354Z	2025-11-19T08:34:59.616354Z
ncsc-2025-0371	Kwetsbaarheden verholpen in Google Chrome	2025-11-18T09:01:31.984222Z	2025-11-18T09:01:31.984222Z
ncsc-2025-0370	Kwetsbaarheden verholpen in Cisco Unified Contact Center Express	2025-11-18T07:04:55.173157Z	2025-11-18T07:04:55.173157Z
ncsc-2025-0369	Kwetsbaarheden verholpen in IBM AIX	2025-11-18T07:03:55.766335Z	2025-11-18T07:03:55.766335Z

ID	Description	Published	Updated
ssa-512988	SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
ssa-915282	SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-912274	SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-882673	SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-868571	SSA-868571: Missing Server Certificate Validation in IAM Client	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-800126	SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-763474	SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-734261	SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-723487	SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products	2024-07-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-710408	SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-693808	SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms	2025-08-12T00:00:00Z	2025-12-09T00:00:00Z
ssa-673996	SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products	2024-09-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-626856	SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-493396	SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms	2025-08-12T00:00:00Z	2025-12-09T00:00:00Z
ssa-471761	SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-420375	SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP)	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-416652	SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-408105	SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products	2022-12-13T00:00:00Z	2025-12-09T00:00:00Z
ssa-392859	SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-356310	SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-282044	SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery	2025-08-12T00:00:00Z	2025-12-09T00:00:00Z
ssa-212953	SSA-212953: Multiple Vulnerabilities in COMOS	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-202008	SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-978177	SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices	2025-08-12T00:00:00Z	2025-11-17T00:00:00Z
ssa-241605	SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258	2025-11-17T00:00:00Z	2025-11-17T00:00:00Z
ssa-190588	SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget	2025-11-17T00:00:00Z	2025-11-17T00:00:00Z
ssa-864900	SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices	2025-05-13T00:00:00Z	2025-11-11T00:00:00Z
ssa-832273	SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices	2024-03-12T00:00:00Z	2025-11-11T00:00:00Z
ssa-794185	SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products	2025-05-13T00:00:00Z	2025-11-11T00:00:00Z
ssa-770770	SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices	2025-02-11T00:00:00Z	2025-11-11T00:00:00Z

ID	Description	Published	Updated
rhsa-2025:4664	Red Hat Security Advisory: Red Hat Ceph Storage 7.1 security, bug fix, and enhancement updates	2025-05-07T12:48:57+00:00	2025-12-15T08:25:56+00:00
rhsa-2025:22941	Red Hat Security Advisory: Kiali 2.17.2 for Red Hat OpenShift Service Mesh 3.2	2025-12-09T15:24:58+00:00	2025-12-15T08:25:56+00:00
rhsa-2025:22938	Red Hat Security Advisory: Kiali 2.11.5 for Red Hat OpenShift Service Mesh 3.1	2025-12-09T14:59:35+00:00	2025-12-15T08:25:55+00:00
rhsa-2025:22937	Red Hat Security Advisory: Kiali 2.4.11 for Red Hat OpenShift Service Mesh 3.0	2025-12-09T14:59:02+00:00	2025-12-15T08:25:55+00:00
rhsa-2025:22936	Red Hat Security Advisory: Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6	2025-12-09T14:58:58+00:00	2025-12-15T08:25:54+00:00
rhsa-2025:22905	Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.19.4	2025-12-09T10:09:13+00:00	2025-12-15T08:25:54+00:00
rhsa-2024:8235	Red Hat Security Advisory: OpenShift Container Platform 4.14.39 security update	2024-10-23T13:14:14+00:00	2025-12-15T08:25:53+00:00
rhsa-2024:6406	Red Hat Security Advisory: OpenShift Container Platform 4.14.36 security update	2024-09-11T18:33:56+00:00	2025-12-15T08:25:53+00:00
rhsa-2024:4959	Red Hat Security Advisory: OpenShift Container Platform 4.14.34 security update	2024-08-07T10:18:53+00:00	2025-12-15T08:25:53+00:00
rhsa-2024:5438	Red Hat Security Advisory: OpenShift Container Platform 4.15.28 packages and security update	2024-08-21T03:36:58+00:00	2025-12-15T08:25:51+00:00
rhsa-2024:5433	Red Hat Security Advisory: OpenShift Container Platform 4.14.35 security update	2024-08-22T11:41:29+00:00	2025-12-15T08:25:51+00:00
rhsa-2024:5432	Red Hat Security Advisory: OpenShift Container Platform 4.14.35 security update	2024-08-21T21:42:52+00:00	2025-12-15T08:25:51+00:00
rhsa-2024:5200	Red Hat Security Advisory: OpenShift Container Platform 4.12.63 bug fix and security update	2024-08-19T03:13:31+00:00	2025-12-15T08:25:51+00:00
rhsa-2024:4960	Red Hat Security Advisory: OpenShift Container Platform 4.14.34 bug fix and security update	2024-08-07T10:51:49+00:00	2025-12-15T08:25:51+00:00
rhsa-2024:4955	Red Hat Security Advisory: OpenShift Container Platform 4.15.25 bug fix and security update	2024-08-07T01:16:26+00:00	2025-12-15T08:25:49+00:00
rhsa-2024:4662	Red Hat Security Advisory: OpenShift Virtualization 4.15.3 Images security update	2024-07-18T19:25:23+00:00	2025-12-15T08:25:49+00:00
rhsa-2024:4613	Red Hat Security Advisory: OpenShift Container Platform 4.16.4 bug fix and security update	2024-07-24T18:53:12+00:00	2025-12-15T08:25:48+00:00
rhsa-2024:4597	Red Hat Security Advisory: Red Hat Product OCP Tools 4.15 OpenShift Jenkins security update	2024-07-17T18:49:17+00:00	2025-12-15T08:25:48+00:00
rhsa-2024:4484	Red Hat Security Advisory: OpenShift Container Platform 4.13.45 bug fix and security update	2024-07-17T01:35:44+00:00	2025-12-15T08:25:47+00:00
rhsa-2024:4479	Red Hat Security Advisory: OpenShift Container Platform 4.14.33 bug fix and security update	2024-07-17T00:37:52+00:00	2025-12-15T08:25:47+00:00
rhsa-2024:4329	Red Hat Security Advisory: OpenShift Container Platform 4.14.32 bug fix and security update	2024-07-11T11:54:20+00:00	2025-12-15T08:25:47+00:00
rhsa-2024:4151	Red Hat Security Advisory: OpenShift Container Platform 4.15.20 security update	2024-07-02T19:30:02+00:00	2025-12-15T08:25:44+00:00
rhsa-2024:4010	Red Hat Security Advisory: OpenShift Container Platform 4.14.31 security update	2024-06-26T02:06:07+00:00	2025-12-15T08:25:44+00:00
rhsa-2024:3918	Red Hat Security Advisory: OpenShift Container Platform 4.14.30 packages and security update	2024-06-19T15:04:02+00:00	2025-12-15T08:25:44+00:00
rhsa-2024:2735	Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (python-paramiko) security update	2024-05-22T20:37:24+00:00	2025-12-15T08:25:44+00:00
rhsa-2024:3718	Red Hat Security Advisory: OpenShift Container Platform 4.17.0 bug fix and security update	2024-10-01T17:30:03+00:00	2025-12-15T08:25:42+00:00
rhsa-2024:3636	Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update	2024-06-05T14:46:12+00:00	2025-12-15T08:25:42+00:00
rhsa-2024:3635	Red Hat Security Advisory: Red Hat Product OCP Tools 4.12 Openshift Jenkins security update	2024-06-05T14:47:22+00:00	2025-12-15T08:25:42+00:00
rhsa-2024:3634	Red Hat Security Advisory: Red Hat Product OCP Tools 4.14 OpenShift Jenkins security update	2024-06-05T14:47:02+00:00	2025-12-15T08:25:40+00:00
rhsa-2024:3479	Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 director Operator container images security update	2024-05-29T21:39:50+00:00	2025-12-15T08:25:40+00:00

ID	Description	Published	Updated
icsma-25-345-02	Varex Imaging Panoramic Dental Imaging Software	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsma-25-345-01	Grassroots DICOM (GDCM)	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-10	OpenPLC_V3	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-03	AzeoTech DAQFactory	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-02	Johnson Controls iSTAR Ultra	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
icsa-25-345-01	Johnson Controls iSTAR	2025-12-11T07:00:00.000000Z	2025-12-11T07:00:00.000000Z
va-25-343-01	Windscribe for Linux 'changeMTU' local privilege escalation	2025-12-10T16:46:41Z	2025-12-10T16:46:41Z
icsa-25-343-01	Universal Boot Loader (U-Boot)	2025-12-09T07:00:00.000000Z	2025-12-09T07:00:00.000000Z
icsa-25-343-03	Multiple India-based CCTV Cameras**	2025-12-09T05:00:00.000000Z	2025-12-09T05:00:00.000000Z
icsa-25-345-09	Siemens Gridscale X Prepay	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-345-08	Siemens Energy Services	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-345-07	Siemens Building X - Security Manager Edge Controller	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-345-06	Siemens SINEMA Remote Connect Server	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-345-05	Siemens Advanced Licensing (SALT) Toolkit	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-345-04	Siemens IAM Client	2025-12-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-226-22	Siemens Web Installer (SSA-282044)	2025-08-12T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-226-11	Siemens SIMATIC S7-PLCSIM	2025-08-12T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-226-03	Siemens SIMATIC S7-PLCSIM	2025-08-12T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-24-347-02	Siemens Engineering Platforms	2024-12-10T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-24-256-16	Siemens Third-Party Component in SICAM and SITIPE Products	2024-09-10T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-24-193-05	Siemens SCALANCE, RUGGEDCOM	2024-07-09T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-22-349-09	Siemens OpenSSL 3.0 Affecting Products	2022-12-13T00:00:00.000000Z	2025-12-09T00:00:00.000000Z
icsa-25-338-07	Advantech iView	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-338-06	SolisCloud Monitoring Platform	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-338-05	Sunbird DCIM dcTrack and Power IQ	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-338-04	Johnson Controls iSTAR	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-338-03	Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-338-02	MAXHUB Pivot	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-338-01	Mitsubishi Electric GX Works2	2025-12-04T07:00:00.000000Z	2025-12-04T07:00:00.000000Z
icsa-25-219-02	Johnson Controls FX Server, FX80 and FX90 (Update A)	2025-08-07T06:00:00.000000Z	2025-12-04T07:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-react-flight-tyw32ddb	Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025	2025-12-04T16:00:00+00:00	2025-12-11T22:12:34+00:00
cisco-sa-ise-multiple-vulns-o9beswjh	Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities	2025-11-05T16:00:00+00:00	2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn	Multiple Cisco Contact Center Products Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-18T14:49:09+00:00
cisco-sa-privesc-catc-ryjreelu	Cisco Catalyst Center Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59	Cisco Catalyst Center Cross-Site Scripting Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt	Cisco Catalyst Center REST API Command Injection Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux	Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je	Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-cc-unauth-rce-qen8h7mq	Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-13T12:48:42+00:00
cisco-sa-asaftd-webvpn-yrootuw	Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:55+00:00
cisco-sa-asaftd-webvpn-z5xp8eub	Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:54+00:00
cisco-sa-http-code-exec-wmfp3h3o	Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:51+00:00
cisco-sa-ise-radsupress-dos-8yf3jthh	Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability	2025-11-05T16:00:00+00:00	2025-11-05T16:00:00+00:00
cisco-sa-broadworks-xss-o696ymra	Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability	2025-07-02T16:00:00+00:00	2025-10-21T15:13:31+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh	Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-roomos-inf-disc-qggsbxam	Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-phone-dos-fpyjlv7a	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-secboot-uqfd8avc	Cisco IOS XE Software Secure Boot Bypass Vulnerabilities	2025-09-24T16:00:00+00:00	2025-10-15T15:57:29+00:00
cisco-sa-snmp-x4lphte	Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability	2025-09-24T16:00:00+00:00	2025-10-06T18:27:02+00:00
cisco-sa-ios-tacacs-hdb7thjw	Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability	2025-09-24T16:00:00+00:00	2025-10-01T16:39:50+00:00
cisco-sa-cv-xss-rwrakaj9	Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities	2025-10-01T16:00:00+00:00	2025-10-01T16:00:00+00:00
cisco-sa-cucm-stored-xss-fnj66yly	Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability	2025-10-01T16:00:00+00:00	2025-10-01T16:00:00+00:00
cisco-sa-cat9k-ptmd7bgy	Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-30T14:26:46+00:00
cisco-sa-ap-ipv6-gw-tuazpn9o	Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability	2025-09-24T16:00:00+00:00	2025-09-26T16:35:51+00:00
cisco-sa-webui-xss-vwydgjou	Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability	2025-09-24T16:00:00+00:00	2025-09-26T16:35:50+00:00
cisco-sa-snmpwred-x3mjyf5m	Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-nbar-dos-lavwtmet	Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-iosxe-arg-inject-eyddbh4e	Cisco IOS XE Software CLI Argument Injection Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-ios-xe-cmd-inject-rpjm8bgl	Cisco IOS XE Software HTTP API Command Injection Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00
cisco-sa-ios-invalid-url-dos-nvxszf6u	Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-24T16:00:00+00:00

ID	Description	Published	Updated
sca-2025-0013	Vulnerabilities affecting SICK TLOC100-100	2025-10-27T14:00:00.000Z	2025-11-11T14:00:00.000Z
sca-2025-0014	CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC	2025-11-03T11:00:00.000Z	2025-11-03T14:00:00.000Z
sca-2025-0012	Sudo vulnerability affects SICK SID products	2025-10-27T11:00:00.000Z	2025-10-27T14:00:00.000Z
sca-2025-0011	Vulnerabilities affecting Endress+Hauser SSG-E210GC	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0010	Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0009	Vulnerabilities affecting SICK TDC-E210GC	2025-08-01T13:00:00.000Z	2025-08-01T13:00:00.000Z
sca-2025-0008	Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4	2025-07-03T13:00:00.000Z	2025-07-03T13:00:00.000Z
sca-2025-0007	Multiple vulnerabilities in SICK Field Analytics and SICK Media Server	2025-06-12T13:00:00.000Z	2025-06-12T13:00:00.000Z
sca-2025-0003	FreeRTOS Vulnerabilities have no impact on SICK Products	2025-02-28T00:00:00.000Z	2025-05-20T11:00:00.000Z
sca-2025-0006	Vulnerability affecting picoScan and multiScan	2025-04-28T13:00:00.000Z	2025-04-28T13:00:00.000Z
sca-2025-0005	Vulnerabilities in SICK Flexi Compact	2025-04-28T10:00:00.000Z	2025-04-28T10:00:00.000Z
sca-2025-0004	Critical vulnerabilities in SICK DL100-2xxxxxxx	2025-03-14T11:00:00.000Z	2025-03-14T11:00:00.000Z
sca-2025-0001	Multiple vulnerabilities in SICK MEAC300	2025-02-14T14:00:00.000Z	2025-02-21T14:00:00.000Z
sca-2025-0002	Vulnerability in SICK Lector8xx and SICK InspectorP8xx	2025-02-14T10:19:00.000Z	2025-02-14T10:19:00.000Z
sca-2024-0007	Vulnerability in SICK OLM	2024-12-31T00:00:00.000Z	2024-12-31T00:00:00.000Z
sca-2024-0006	Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx	2024-12-06T00:00:00.000Z	2024-12-06T00:00:00.000Z
sca-2024-0005	Vulnerability in SICK Incoming Goods Suite	2024-11-19T00:00:00.000Z	2024-11-19T00:00:00.000Z
sca-2024-0004	Third party vulnerabilities in SICK CDE-100	2024-11-07T12:00:00.000Z	2024-11-07T12:00:00.000Z
sca-2024-0003	Critical vulnerability in multiple SICK products	2024-10-17T13:00:00.000Z	2024-10-17T13:00:00.000Z
sca-2024-0002	Vulnerability in SICK MSC800	2024-09-11T23:00:00.000Z	2024-09-11T23:00:00.000Z
sca-2024-0001	Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics	2024-01-29T00:00:00.000Z	2024-01-29T00:00:00.000Z
sca-2023-0011	Vulnerability in multiple SICK Flexi Soft Gateways	2023-10-23T11:00:00.000Z	2023-10-23T11:00:00.000Z
SCA-2023-0011	Vulnerability in multiple SICK Flexi Soft Gateways	2023-10-23T11:00:00.000Z	2023-10-23T11:00:00.000Z
sca-2023-0010	Vulnerabilities in SICK Application Processing Unit	2023-10-09T11:00:00.000Z	2023-10-09T11:00:00.000Z
SCA-2023-0010	Vulnerabilities in SICK Application Processing Unit	2023-10-09T11:00:00.000Z	2023-10-09T11:00:00.000Z
sca-2023-0008	Vulnerability in SICK SIM1012	2023-09-29T13:00:00.000Z	2023-09-29T13:00:00.000Z
SCA-2023-0008	Vulnerability in SICK SIM1012	2023-09-29T13:00:00.000Z	2023-09-29T13:00:00.000Z
sca-2023-0009	Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products	2023-09-29T10:00:00.000Z	2023-09-29T10:00:00.000Z
SCA-2023-0009	Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products	2023-09-29T10:00:00.000Z	2023-09-29T10:00:00.000Z
sca-2023-0007	Vulnerabilities in SICK LMS5xx	2023-08-25T11:00:00.000Z	2023-08-25T11:00:00.000Z

ID	Description	Published	Updated
nn-2025:11-01	Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0	2025-11-25T11:00:00.000Z	2025-11-26T11:00:00.000Z
nn-2025:9-01	Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:8-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:7-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:6-01	Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:5-01	Incorrect authorization for CLI in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:4-01	Client-side path traversal in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:10-01	Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:3-01	Incorrect authorization for traces request/download in CMC before 25.1.0	2025-08-26T11:00:00.000Z	2025-08-26T11:00:00.000Z
nn-2025:2-01	Privilege escalation in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2025:1-01	Authenticated RCE in update functionality in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2023_17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-04-11T11:00:00.000Z
nn-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-04-11T11:00:00.000Z
nn-2024_1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-04-10T11:00:00.000Z
nn-2024:1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-04-10T11:00:00.000Z
nn-2023_12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-01-16T11:00:00.000Z
nn-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-01-16T11:00:00.000Z
nn-2023_9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_7-01	DoS via SAML configuration in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_6-01	Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_5-01	Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_4-01	Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_3-01	Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_2-01	Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_11-01	SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_10-01	DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023_1-01	Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2	2023-05-03T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023:9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2023-11-16T11:00:00.000Z
nn-2023:8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2023-11-16T11:00:00.000Z

ID	Description	Published	Updated
oxdc-adv-2025-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001	2025-10-31T00:00:00+00:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0003	OX App Suite Security Advisory OXAS-ADV-2025-0003	2025-09-24T00:00:00+02:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0002	OX App Suite Security Advisory OXAS-ADV-2025-0002	2025-08-12T00:00:00+02:00	2025-10-31T00:00:00+00:00
oxas-adv-2025-0001	OX App Suite Security Advisory OXAS-ADV-2025-0001	2025-01-27T00:00:00+01:00	2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxas-adv-2024-0005	OX App Suite Security Advisory OXAS-ADV-2024-0005	2024-07-08T00:00:00+02:00	2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001	2024-09-02T00:00:00+02:00	2024-09-06T00:00:00+00:00
oxas-adv-2024-0004	OX App Suite Security Advisory OXAS-ADV-2024-0004	2024-06-13T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0003	OX App Suite Security Advisory OXAS-ADV-2024-0003	2024-04-24T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0002	OX App Suite Security Advisory OXAS-ADV-2024-0002	2024-03-06T00:00:00+01:00	2024-05-06T00:00:00+00:00
oxas-adv-2024-0001	OX App Suite Security Advisory OXAS-ADV-2024-0001	2024-02-08T00:00:00+01:00	2024-04-25T00:00:00+00:00
oxas-adv-2023-0007	OX App Suite Security Advisory OXAS-ADV-2023-0007	2023-12-11T00:00:00+01:00	2024-02-16T00:00:00+00:00
oxas-adv-2023-0006	OX App Suite Security Advisory OXAS-ADV-2023-0006	2023-09-25T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0005	OX App Suite Security Advisory OXAS-ADV-2023-0005	2023-09-19T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0004	OX App Suite Security Advisory OXAS-ADV-2023-0004	2023-08-01T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0003	OX App Suite Security Advisory OXAS-ADV-2023-0003	2023-05-02T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0002	OX App Suite Security Advisory OXAS-ADV-2023-0002	2023-03-20T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0001	OX App Suite Security Advisory OXAS-ADV-2023-0001	2023-02-06T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0002	OX App Suite Security Advisory OXAS-ADV-2022-0002	2022-11-02T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0001	OX App Suite Security Advisory OXAS-ADV-2022-0001	2022-08-10T00:00:00+02:00	2024-01-22T00:00:00+00:00

ID	Description	Published	Updated
msrc_cve-2025-39905	net: phylink: add lock for serializing concurrent pl->phydev writes with resolver	2025-10-02T00:00:00.000Z	2025-12-14T14:02:45.000Z
msrc_cve-2025-39901	i40e: remove read access to debugfs files	2025-10-02T00:00:00.000Z	2025-12-14T14:02:40.000Z
msrc_cve-2025-39886	bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()	2025-09-02T00:00:00.000Z	2025-12-14T14:02:35.000Z
msrc_cve-2025-39863	wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work	2025-09-02T00:00:00.000Z	2025-12-14T14:02:30.000Z
msrc_cve-2025-39859	ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog	2025-09-02T00:00:00.000Z	2025-12-14T14:02:25.000Z
msrc_cve-2025-39851	vxlan: Fix NPD when refreshing an FDB entry with a nexthop object	2025-09-02T00:00:00.000Z	2025-12-14T14:02:20.000Z
msrc_cve-2025-39850	vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects	2025-09-02T00:00:00.000Z	2025-12-14T14:02:15.000Z
msrc_cve-2024-58241	Bluetooth: hci_core: Disable works on hci_unregister_dev	2025-09-02T00:00:00.000Z	2025-12-14T14:02:10.000Z
msrc_cve-2023-53447	f2fs: don't reset unchangable mount option in f2fs_remount()	2025-09-02T00:00:00.000Z	2025-12-14T14:01:57.000Z
msrc_cve-2023-53376	scsi: mpi3mr: Use number of bits to manage bitmap sizes	2025-09-02T00:00:00.000Z	2025-12-14T14:01:52.000Z
msrc_cve-2023-53371	net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create	2025-09-02T00:00:00.000Z	2025-12-14T14:01:46.000Z
msrc_cve-2023-53370	drm/amdgpu: fix memory leak in mes self test	2025-09-02T00:00:00.000Z	2025-12-14T14:01:41.000Z
msrc_cve-2022-50418	wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()	2025-09-02T00:00:00.000Z	2025-12-14T14:01:36.000Z
msrc_cve-2022-50393	drm/amdgpu: SDMA update use unlocked iterator	2025-09-02T00:00:00.000Z	2025-12-14T14:01:30.000Z
msrc_cve-2022-50390	drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED	2025-09-02T00:00:00.000Z	2025-12-14T14:01:25.000Z
msrc_cve-2025-61727	Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509	2025-12-02T00:00:00.000Z	2025-12-13T01:39:00.000Z
msrc_cve-2025-61729	Excessive resource consumption when printing error string for host certificate validation in crypto/x509	2025-12-02T00:00:00.000Z	2025-12-13T01:38:50.000Z
msrc_cve-2025-61664	Grub2: missing unregister call for normal_exit command may lead to use-after-free	2025-11-02T00:00:00.000Z	2025-12-13T01:38:41.000Z
msrc_cve-2025-61661	Grub2: grub2: out-of-bounds write via malicious usb device	2025-11-02T00:00:00.000Z	2025-12-13T01:38:34.000Z
msrc_cve-2025-61663	Grub2: missing unregister call for normal commands may lead to use-after-free	2025-11-02T00:00:00.000Z	2025-12-13T01:38:28.000Z
msrc_cve-2025-61662	Grub2: missing unregister call for gettext command may lead to use-after-free	2025-11-02T00:00:00.000Z	2025-12-13T01:38:22.000Z
msrc_cve-2025-61725	Excessive CPU consumption in ParseAddress in net/mail	2025-10-02T00:00:00.000Z	2025-12-13T01:37:56.000Z
msrc_cve-2025-47912	Insufficient validation of bracketed IPv6 hostnames in net/url	2025-10-02T00:00:00.000Z	2025-12-13T01:37:52.000Z
msrc_cve-2025-58188	Panic when validating certificates with DSA public keys in crypto/x509	2025-10-02T00:00:00.000Z	2025-12-13T01:37:47.000Z
msrc_cve-2025-58185	Parsing DER payload can cause memory exhaustion in encoding/asn1	2025-10-02T00:00:00.000Z	2025-12-13T01:37:42.000Z
msrc_cve-2025-61723	Quadratic complexity when parsing some invalid inputs in encoding/pem	2025-10-02T00:00:00.000Z	2025-12-13T01:37:37.000Z
msrc_cve-2025-58187	Quadratic complexity when checking name constraints in crypto/x509	2025-10-02T00:00:00.000Z	2025-12-13T01:37:32.000Z
msrc_cve-2025-61724	Excessive CPU consumption in Reader.ReadResponse in net/textproto	2025-10-02T00:00:00.000Z	2025-12-13T01:37:27.000Z
msrc_cve-2025-58186	Lack of limit when parsing cookies can cause memory exhaustion in net/http	2025-10-02T00:00:00.000Z	2025-12-13T01:37:22.000Z
msrc_cve-2025-58183	Unbounded allocation when parsing GNU sparse map in archive/tar	2025-10-02T00:00:00.000Z	2025-12-13T01:37:17.000Z

ID	Description	Published	Updated
9akk108471a8107	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-09-16T00:30:00.000Z	2025-11-28T08:00:00.000Z
4hzm000603	ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC)	2025-11-27T00:30:00.000Z	2025-11-28T00:30:00.000Z
7paa022088	Edgenius Management Portal Authentication Bypass	2025-11-20T00:30:00.000Z	2025-11-20T00:30:00.000Z
2nga002813	PCM600 SharpZip library vulnerability	2025-11-03T00:30:00.000Z	2025-11-03T00:30:00.000Z
4tz00000006007	ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations	2025-10-20T00:30:00.000Z	2025-10-23T00:30:00.000Z
9akk108471a8948	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-10-20T00:30:00.000Z	2025-10-21T00:30:00.000Z
3kxg200000r4801	CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability	2025-04-16T00:30:00.000Z	2025-10-20T00:30:00.000Z
sa25p003	B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-14T00:30:00.000Z
4tz00000006008	LVS MConfig Insecure memory handling	2025-10-08T00:30:00.000Z	2025-10-08T00:30:00.000Z
sa25p002	B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7808	EIBPORT Reflected XSS	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7121	FLXeon Controllers Multiple vulnerabilities	2025-09-09T00:30:00.000Z	2025-09-18T00:30:00.000Z
9akk108471a4462	ELSB/BLBA ASPECT advisory several CVEs	2025-08-11T00:30:00.000Z	2025-09-04T00:30:00.000Z
9akk108471a3623	RMC - 100 Vulnerabilities in web UI (REST Interface)	2025-07-03T00:30:00.000Z	2025-08-18T00:30:00.000Z
2nga002743	ABB AbilityTM zenon Remote Transport Vulnerability	2025-08-12T00:30:00.000Z	2025-08-12T00:30:00.000Z
3adr011407	ABB Automation Builder Vulnerabilities in user management and access control	2025-04-30T00:00:00.000Z	2025-07-25T00:00:00.000Z
3adr011432	AC500 V2 Buffer overread on Modbus protocol	2025-07-23T00:30:00.000Z	2025-07-23T00:30:00.000Z
9akk108471a4556	Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode.	2025-07-21T00:30:00.000Z	2025-07-21T00:30:00.000Z
2crt000008	Lite Panel Pro Vulnerability in Session Management	2025-06-26T00:30:00.000Z	2025-06-26T00:30:00.000Z
9akk108470a8948	ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway.	2025-05-29T00:30:00.000Z	2025-06-05T00:30:00.000Z
9akk108471a1621	EIBPORT Session Management Fail	2025-06-02T00:30:00.000Z	2025-06-04T00:30:00.000Z
9akk108471a0021	ELSB/BLBA ASPECT advisory several CVEs	2025-05-22T00:30:00.000Z	2025-05-23T10:30:00.000Z
2crt000006	ANC – ABB Network Card Multiple vulnerabilities in ANC	2025-04-30T00:30:00.000Z	2025-04-30T00:30:00.000Z
2crt000007	Ekip Com IEC61850 Vulnerability in 3rd Party Library	2025-04-29T00:30:00.000Z	2025-04-29T00:30:00.000Z
9akk108470a9989	ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities	2025-04-10T08:30:00.000Z	2025-04-10T08:30:00.000Z
2nga002579	ABB Arctic communication solution ARM600 Vulnerabilities	2025-04-07T10:30:00.000Z	2025-04-07T10:30:00.000Z
2nga002427	ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities	2025-04-07T10:30:00.000Z	2025-04-07T10:30:00.000Z
9akk108470a9494	Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities	2025-03-26T00:30:00.000Z	2025-03-27T00:30:00.000Z
9akk108470a9491	ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities	2025-03-26T00:30:00.000Z	2025-03-27T00:30:00.000Z
sa24p015	B&R APROL Potential Privilege Escalation and Information Disclosure	2025-03-24T00:30:00.000Z	2025-03-24T00:30:00.000Z

ID	Description	Updated
var-202407-2188	Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita…	2024-07-23T22:46:32.699000Z
var-202406-3119	Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s…	2024-07-23T22:46:22.685000Z
var-202407-1740	NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha…	2024-07-23T22:46:18.378000Z
var-202407-1417	Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita…	2024-07-23T22:46:07.784000Z
var-202407-1103	Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita…	2024-07-23T22:46:01.992000Z
var-202407-0957	WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile…	2024-07-23T22:45:59.391000Z
var-202407-0819	SIMATIC S7-1500 is a modular control system suitable for various automation applications …	2024-07-23T22:45:56.958000Z
var-202407-0818	NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6…	2024-07-23T22:45:56.946000Z
var-202407-0779	Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of …	2024-07-23T22:45:56.150000Z
var-202407-0778	Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera…	2024-07-23T22:45:56.131000Z
var-202407-0745	Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera…	2024-07-23T22:45:55.498000Z
var-202305-1479	D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution …	2024-07-23T22:45:09.335000Z
var-202108-1158	A race condition was addressed with improved locking. This issue is fixed in macOS Monter…	2024-07-23T22:44:06.976000Z
var-201109-0089	Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used…	2024-07-23T22:43:49.590000Z
var-200702-0378	Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 …	2024-07-23T22:43:25.614000Z
var-201011-0225	Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent …	2024-07-23T22:41:43.584000Z
var-201112-0297	Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne…	2024-07-23T22:41:20.004000Z
var-201507-0645	D-Link is an internationally renowned provider of network equipment and solutions, includ…	2024-07-23T22:41:18.832000Z
var-201803-1810	A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial …	2024-07-23T22:41:17.171000Z
var-201809-0087	WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul…	2024-07-23T22:41:16.554000Z
var-200607-0396	Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b…	2024-07-23T22:41:04.279000Z
var-201702-0423	An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft…	2024-07-23T22:40:53.160000Z
var-202305-1588	D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit…	2024-07-23T22:40:05.297000Z
var-201112-0173	The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, …	2024-07-23T22:39:32.535000Z
var-201103-0371	SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d…	2024-07-23T22:39:32.874000Z
var-201706-0017	In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie…	2024-07-23T22:38:34.494000Z
var-202305-1520	D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul…	2024-07-23T22:38:26.576000Z
var-202407-0490	A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP …	2024-07-23T22:38:24.768000Z
var-201810-0396	Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili…	2024-07-23T22:37:44.850000Z
var-202001-0833	A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo…	2024-07-23T22:37:43.471000Z

ID	Description	Published	Updated
jvndb-2025-000115	QND vulnerable to privilege escalation	2025-12-11T14:33+09:00	2025-12-11T14:33+09:00
jvndb-2025-000113	Multiple vulnerabilities in GroupSession	2025-12-08T17:48+09:00	2025-12-11T11:30+09:00
jvndb-2025-000091	Multiple I-O DATA NAS management applications register Windows services with unquoted file paths	2025-10-22T15:04+09:00	2025-12-10T16:20+09:00
jvndb-2021-000081	Multiple vulnerabilities in Sharp NEC Display Solutions' public displays	2021-09-17T15:13+09:00	2025-12-10T10:24+09:00
jvndb-2025-021305	Android App "Brother iPrint&Scan" improper use of an external cache directory	2025-12-09T17:25+09:00	2025-12-09T17:25+09:00
jvndb-2025-000114	ELECOM Clone for Windows registers a Windows service with an unquoted file path	2025-12-09T17:16+09:00	2025-12-09T17:16+09:00
jvndb-2025-000116	GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths	2025-12-08T14:06+09:00	2025-12-08T14:06+09:00
jvndb-2025-000094	Multiple vulnerabilities in ABB Terra AC Wallbox	2025-12-05T14:12+09:00	2025-12-05T14:12+09:00
jvndb-2025-000112	Installer of INZONE Hub may insecurely load Dynamic Link Libraries	2025-11-28T13:36+09:00	2025-11-28T13:36+09:00
jvndb-2025-000111	SwitchBot Smart Video Doorbell vulnerable to active debug code	2025-11-26T14:35+09:00	2025-11-26T14:35+09:00
jvndb-2025-000110	Multiple vulnerabilities in Security Point (Windows) of MaLion	2025-11-25T17:17+09:00	2025-11-25T17:17+09:00
jvndb-2025-000109	Multiple vulnerabilities in SNC-CX600W	2025-11-25T14:59+09:00	2025-11-25T14:59+09:00
jvndb-2025-000108	"FOD" App uses hard-coded cryptographic keys	2025-11-25T14:15+09:00	2025-11-25T14:15+09:00
jvndb-2025-000106	Multiple vulnerabilities in LogStare Collector	2025-11-21T16:27+09:00	2025-11-21T16:27+09:00
jvndb-2025-019621	EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts	2025-11-21T15:31+09:00	2025-11-21T15:31+09:00
jvndb-2025-000107	Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries	2025-11-19T16:22+09:00	2025-11-19T16:22+09:00
jvndb-2025-000097	"Dejira" App for iOS vulnerable to improper server certificate verification	2025-11-17T14:09+09:00	2025-11-17T14:09+09:00
jvndb-2025-000105	NCP-HG100 vulnerable to OS command injection	2025-11-14T15:26+09:00	2025-11-14T15:26+09:00
jvndb-2025-000104	Multiple vulnerabilities in GNU Libmicrohttpd	2025-11-10T15:07+09:00	2025-11-10T15:07+09:00
jvndb-2025-000103	Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series"	2025-11-07T15:39+09:00	2025-11-07T15:39+09:00
jvndb-2025-000102	CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection	2025-11-07T14:55+09:00	2025-11-07T14:55+09:00
jvndb-2025-000101	GROWI vulnerable to stored cross-site scripting	2025-11-06T13:45+09:00	2025-11-06T13:45+09:00
jvndb-2024-013260	Multiple vulnerabilities in Edgecross Basic Software for Windows	2024-11-22T10:59+09:00	2025-11-04T16:41+09:00
jvndb-2025-017972	Multiple vulnerabilities in Century Systems FutureNet MA and IP-K series	2025-11-04T16:37+09:00	2025-11-04T16:37+09:00
jvndb-2025-000100	Multiple Roboticsware products register Windows services with unquoted file paths	2025-11-04T14:17+09:00	2025-11-04T14:17+09:00
jvndb-2025-000098	Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path	2025-11-04T13:51+09:00	2025-11-04T13:51+09:00
jvndb-2025-000099	Progress Flowmon vulnerable to authenticated OS command injection	2025-11-04T12:47+09:00	2025-11-04T12:47+09:00
jvndb-2025-000096	Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries	2025-10-29T14:17+09:00	2025-10-29T14:17+09:00
jvndb-2025-000095	MZK-DP300N uses hard-coded credentials	2025-10-28T14:04+09:00	2025-10-28T14:04+09:00
jvndb-2025-014793	NIHON KOHDEN Central Monitor CNS-6201 vulnerable to NULL pointer dereference	2025-10-01T11:35+09:00	2025-10-27T12:28+09:00

ID	Description	Updated
ts-2025-008	TS-2025-008	2025-11-19T00:00
ts-2025-007	TS-2025-007	2025-11-07T00:00
ts-2025-006	TS-2025-006	2025-10-28T00:00
ts-2025-005	TS-2025-005	2025-08-07T00:00
ts-2025-004	TS-2025-004	2025-05-27T00:00
ts-2025-003	TS-2025-003	2025-05-21T00:00
ts-2025-002	TS-2025-002	2025-05-15T00:00
ts-2025-001	TS-2025-001	2025-03-07T00:00
ts-2024-013	TS-2024-013	2024-12-04T00:00
ts-2024-012	TS-2024-012	2024-10-02T00:00
ts-2024-011	TS-2024-011	2024-07-22T00:00
ts-2024-010	TS-2024-010	2024-07-19T00:00
ts-2024-009	TS-2024-009	2024-06-27T00:00
ts-2024-008	TS-2024-008	2024-06-14T00:00
ts-2024-007	TS-2024-007	2024-06-12T00:00
ts-2024-006	TS-2024-006	2024-05-22T00:00
ts-2024-005	TS-2024-005	2024-05-08T00:00
ts-2024-004	TS-2024-004	2024-05-06T00:00
ts-2024-003	TS-2024-003	2024-04-23T00:00
ts-2024-002	TS-2024-002	2024-01-30T00:00
ts-2024-001	TS-2024-001	2024-01-08T00:00
ts-2023-009	TS-2023-009	2023-12-22T00:00
ts-2023-008	TS-2023-008	2023-11-01T00:00
ts-2023-007	TS-2023-007	2023-10-26T00:00
ts-2023-006	TS-2023-006	2023-08-22T00:00
ts-2023-005	TS-2023-005	2023-04-28T00:00
ts-2023-004	TS-2023-004	2023-04-04T00:00
ts-2023-003	TS-2023-003	2023-03-22T00:00
ts-2023-002	TS-2023-002	2023-01-24T00:00
ts-2023-001	TS-2023-001	2023-01-17T00:00

ID	Description	Published	Updated
suse-su-2025:4390-1	Security update for rhino	2025-12-12T16:18:03Z	2025-12-12T16:18:03Z
suse-su-2025:4389-1	Security update for python	2025-12-12T13:49:14Z	2025-12-12T13:49:14Z
suse-su-2025:4388-1	Security update for postgresql16	2025-12-12T13:36:29Z	2025-12-12T13:36:29Z
suse-su-2025:4387-1	Security update for postgresql16	2025-12-12T13:35:46Z	2025-12-12T13:35:46Z
suse-su-2025:4386-1	Security update for postgresql16	2025-12-12T13:34:19Z	2025-12-12T13:34:19Z
suse-su-2025:4384-1	Security update for python-Django	2025-12-12T13:28:27Z	2025-12-12T13:28:27Z
suse-su-2025:4383-1	Security update for libpng12	2025-12-12T13:13:47Z	2025-12-12T13:13:47Z
suse-su-2025:4382-1	Security update for gegl	2025-12-12T13:06:54Z	2025-12-12T13:06:54Z
suse-su-2025:4381-1	Security update for kubernetes-client	2025-12-12T10:19:11Z	2025-12-12T10:19:11Z
suse-su-2025:4380-1	Security update for kubernetes-client	2025-12-12T10:18:54Z	2025-12-12T10:18:54Z
suse-su-2025:4373-1	Security update for container-suseconnect	2025-12-12T09:05:38Z	2025-12-12T09:05:38Z
suse-su-2025:4372-1	Security update for postgresql15	2025-12-11T19:06:38Z	2025-12-11T19:06:38Z
suse-su-2025:4371-1	Security update for postgresql14	2025-12-11T19:04:45Z	2025-12-11T19:04:45Z
suse-su-2025:4370-1	Security update for postgresql14	2025-12-11T19:03:37Z	2025-12-11T19:03:37Z
suse-su-2025:4368-1	Security update for python3	2025-12-11T15:12:31Z	2025-12-11T15:12:31Z
suse-su-2025:4364-1	Security update for postgresql17, postgresql18	2025-12-11T10:12:26Z	2025-12-11T10:12:26Z
suse-su-2025:4363-1	Security update for postgresql17, postgresql18	2025-12-11T10:10:24Z	2025-12-11T10:10:24Z
suse-su-2025:4353-1	Security update for fontforge	2025-12-10T18:03:31Z	2025-12-10T18:03:31Z
suse-su-2025:4352-1	Security update for python310	2025-12-10T17:18:21Z	2025-12-10T17:18:21Z
suse-su-2025:4347-1	Security update for glib2	2025-12-10T13:02:34Z	2025-12-10T13:02:34Z
suse-su-2025:4346-1	Security update for gnutls	2025-12-10T10:39:49Z	2025-12-10T10:39:49Z
suse-su-2025:1004-2	Security update for python-Jinja2	2025-12-10T10:34:31Z	2025-12-10T10:34:31Z
suse-su-2025:4337-1	Security update for go1.24	2025-12-09T23:51:31Z	2025-12-09T23:51:31Z
suse-su-2025:4336-1	Security update for go1.25	2025-12-09T23:50:12Z	2025-12-09T23:50:12Z
suse-su-2025:4335-1	Security update for gegl	2025-12-09T18:19:44Z	2025-12-09T18:19:44Z
suse-su-2025:4334-1	Security update for postgresql13	2025-12-09T18:17:22Z	2025-12-09T18:17:22Z
suse-su-2025:4333-1	Security update for gegl	2025-12-09T14:42:10Z	2025-12-09T14:42:10Z
suse-su-2025:4330-1	Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container, virt-pr-helper-container	2025-12-09T11:33:55Z	2025-12-09T11:33:55Z
suse-su-2025:4325-1	Security update for postgresql13	2025-12-08T18:19:54Z	2025-12-08T18:19:54Z
suse-su-2025:4324-1	Security update for gimp	2025-12-08T18:18:01Z	2025-12-08T18:18:01Z

ID	Description	Published	Updated
opensuse-su-2025:15819-1	libruby4_0-4_0-4.0.0~preview2-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15818-1	pgadmin4-9.11-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15817-1	buildpacks-cli-0.39.1-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15816-1	ImageMagick-7.1.2.10-1.1 on GA media	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
opensuse-su-2025:15812-1	libpoppler-cpp2-25.09.1-4.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15811-1	keylime-config-7.13.0+40-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15810-1	gio-branding-upstream-2.86.3-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15809-1	firefox-esr-140.6.0-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15808-1	apache2-2.4.66-1.1 on GA media	2025-12-10T00:00:00Z	2025-12-10T00:00:00Z
opensuse-su-2025:15802-1	corepack24-24.11.1-2.1 on GA media	2025-12-08T00:00:00Z	2025-12-08T00:00:00Z
opensuse-su-2025:15801-1	libpng16-16-1.6.52-1.1 on GA media	2025-12-08T00:00:00Z	2025-12-08T00:00:00Z
opensuse-su-2025:15800-1	kdeconnect-kde-25.11.90-1.1 on GA media	2025-12-08T00:00:00Z	2025-12-08T00:00:00Z
opensuse-su-2025:15797-1	libpng12-0-1.2.59-4.1 on GA media	2025-12-04T00:00:00Z	2025-12-04T00:00:00Z
opensuse-su-2025:15796-1	go1.24-1.24.11-1.1 on GA media	2025-12-04T00:00:00Z	2025-12-04T00:00:00Z
opensuse-su-2025-20135-1	Security update for mozjs128	2025-12-03T20:41:04Z	2025-12-03T20:41:04Z
opensuse-su-2025:15795-1	go1.25-1.25.5-1.1 on GA media	2025-12-03T00:00:00Z	2025-12-03T00:00:00Z
opensuse-su-2025:15794-1	chromedriver-143.0.7499.40-2.1 on GA media	2025-12-03T00:00:00Z	2025-12-03T00:00:00Z
opensuse-su-2025-20133-1	Security update for python-cbor2	2025-12-02T13:51:41Z	2025-12-02T13:51:41Z
opensuse-su-2025-20132-1	Security update for strongswan	2025-12-02T13:11:59Z	2025-12-02T13:11:59Z
opensuse-su-2025:15793-1	gegl-0.4.64-3.1 on GA media	2025-12-02T00:00:00Z	2025-12-02T00:00:00Z
opensuse-su-2025:15792-1	python39-3.9.24-2.1 on GA media	2025-12-01T00:00:00Z	2025-12-01T00:00:00Z
opensuse-su-2025:15791-1	python315-3.15.0~a1-2.1 on GA media	2025-12-01T00:00:00Z	2025-12-01T00:00:00Z
opensuse-su-2025:15790-1	python-mistralclient-doc-6.1.0-1.1 on GA media	2025-12-01T00:00:00Z	2025-12-01T00:00:00Z
opensuse-su-2025:15789-1	libecpg6-18.1-1.1 on GA media	2025-12-01T00:00:00Z	2025-12-01T00:00:00Z
opensuse-su-2025:15788-1	lightdm-kde-greeter-6.0.5-1.1 on GA media	2025-12-01T00:00:00Z	2025-12-01T00:00:00Z
opensuse-su-2025-20130-1	Security update for bash-git-prompt	2025-11-28T13:38:03Z	2025-11-28T13:38:03Z
opensuse-su-2025-20128-1	Security update for shadowsocks-v2ray-plugin, v2ray-core	2025-11-28T13:38:03Z	2025-11-28T13:38:03Z
opensuse-su-2025-20125-1	Security update for java-17-openjdk	2025-11-28T10:27:02Z	2025-11-28T10:27:02Z
opensuse-su-2025-20123-1	Security update for java-21-openjdk	2025-11-28T09:35:08Z	2025-11-28T09:35:08Z
opensuse-su-2025-20122-1	Security update for openssh	2025-11-28T07:46:24Z	2025-11-28T07:46:24Z

ID	Description	Published	Updated
cnvd-2025-30213	NVIDIA TAO资源加载漏洞	2025-12-04	2025-12-05
cnvd-2025-30212	Courier Management System search-edit.php文件SQL注入漏洞	2025-11-20	2025-12-05
cnvd-2025-30211	Courier Management System add-new-officer.php文件SQL注入漏洞	2025-11-20	2025-12-05
cnvd-2025-30210	Nero Social Networking Site profilefriends.php文件SQL注入漏洞	2025-11-20	2025-12-05
cnvd-2025-30209	Nero Social Networking Site friendsphoto.php文件SQL注入漏洞	2025-11-20	2025-12-05
cnvd-2025-30208	Blog Site admin.php文件授权不当漏洞	2025-11-27	2025-12-05
cnvd-2025-30207	Blog Site blog.php文件SQL注入漏洞	2025-11-27	2025-12-05
cnvd-2025-30206	Devolutions Server证书验证不当漏洞	2025-10-21	2025-12-05
cnvd-2025-30171	WordPress Import WP plugin信息泄露漏洞	2025-11-25	2025-12-05
cnvd-2025-30170	WordPress I Order Terms plugin跨站请求伪造漏洞	2025-11-25	2025-12-05
cnvd-2025-30169	WordPress HT Mega plugin跨站脚本漏洞	2025-11-25	2025-12-05
cnvd-2025-30168	WordPress Gutenverse plugin缺少授权漏洞	2025-11-25	2025-12-05
cnvd-2025-30167	WordPress Gutenverse Form plugin缺少授权漏洞	2025-11-25	2025-12-05
cnvd-2025-30166	WordPress EchBay Admin Security plugin跨站脚本漏洞	2025-11-25	2025-12-05
cnvd-2025-30165	WordPress Display Pages Shortcode plugin跨站脚本漏洞	2025-11-25	2025-12-05
cnvd-2025-30164	WordPress Custom Post Type plugin跨站请求伪造漏洞	2025-11-25	2025-12-05
cnvd-2025-30163	WordPress Custom Order Numbers for WooCommerce plugin缺少授权漏洞	2025-11-25	2025-12-05
cnvd-2025-30162	WordPress Checkbox plugin未经授权的数据丢失漏洞	2025-11-25	2025-12-05
cnvd-2025-30161	WordPress Chat Help plugin缺失授权漏洞	2025-11-25	2025-12-05
cnvd-2025-30160	WordPress Cart Weight for WooCommerce plugin缺失授权漏洞	2025-11-25	2025-12-05
cnvd-2025-30159	WordPress Bulma Shortcodes plugin跨站脚本漏洞	2025-11-25	2025-12-05
cnvd-2025-30158	WordPress Accordion Slider plugin跨站脚本漏洞	2025-11-25	2025-12-05
cnvd-2025-30134	WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin不安全的直接对象引用漏洞	2025-11-25	2025-12-05
cnvd-2025-30133	WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin未经授权的数据修改漏洞（CNVD-2025…	2025-11-25	2025-12-05
cnvd-2025-30132	WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin未经授权的数据修改漏洞（CNVD-2025…	2025-11-25	2025-12-05
cnvd-2025-30131	WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin未经授权的数据修改漏洞（CNVD-2025…	2025-11-25	2025-12-05
cnvd-2025-30130	WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin未经授权的数据修改漏洞	2025-11-25	2025-12-05
cnvd-2025-30129	WordPress ELEX WordPress HelpDesk&Customer Ticketing System plugin缺少权限检查漏洞	2025-11-25	2025-12-05
cnvd-2025-30128	Devolutions Server输入验证不当漏洞	2025-10-31	2025-12-05
cnvd-2025-30127	Devolutions Server未经授权的访问漏洞	2025-10-31	2025-12-05

ID	Description	Published	Updated
certfr-2025-avi-1108	Multiples vulnérabilités dans les produits IBM	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1107	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1106	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1105	Multiples vulnérabilités dans le noyau Linux de Red Hat	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1104	Vulnérabilité dans Microsoft Windows Admin Center	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1103	Multiples vulnérabilités dans Microsoft Edge	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1102	Multiples vulnérabilités dans les produits NetApp	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1101	Multiples vulnérabilités dans les produits Netgate	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1100	Multiples vulnérabilités dans les produits Atlassian	2025-12-12T00:00:00.000000	2025-12-12T00:00:00.000000
certfr-2025-avi-1099	Multiples vulnérabilités dans les produits Mozilla	2025-12-11T00:00:00.000000	2025-12-11T00:00:00.000000
certfr-2025-avi-1098	Vulnérabilité dans Broadcom Carbon Black Cloud	2025-12-11T00:00:00.000000	2025-12-11T00:00:00.000000
certfr-2025-avi-1097	Multiples vulnérabilités dans les produits Mitel	2025-12-11T00:00:00.000000	2025-12-11T00:00:00.000000
certfr-2025-avi-1096	Multiples vulnérabilités dans Google Chrome	2025-12-11T00:00:00.000000	2025-12-11T00:00:00.000000
certfr-2025-avi-1095	Multiples vulnérabilités dans GitLab	2025-12-11T00:00:00.000000	2025-12-11T00:00:00.000000
certfr-2025-avi-1094	Multiples vulnérabilités dans les produits Microsoft	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1093	Vulnérabilité dans Microsoft Azure Monitor Agent	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1092	Multiples vulnérabilités dans Microsoft Windows	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1091	Multiples vulnérabilités dans Microsoft Office	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1090	Vulnérabilité dans les produits Moxa	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1089	Vulnérabilité dans les produits Bitdefender	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1088	Multiples vulnérabilités dans Ivanti Endpoint Manager (EPM)	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1087	Multiples vulnérabilités dans les produits Mozilla	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1086	Multiples vulnérabilités dans les produits Intel	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1085	Multiples vulnérabilités dans les produits Adobe	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1084	Multiples vulnérabilités dans les produits Fortinet	2025-12-10T00:00:00.000000	2025-12-10T00:00:00.000000
certfr-2025-avi-1083	Multiples vulnérabilités dans les produits Siemens	2025-12-09T00:00:00.000000	2025-12-09T00:00:00.000000
certfr-2025-avi-1082	Multiples vulnérabilités dans les produits Microsoft	2025-12-09T00:00:00.000000	2025-12-09T00:00:00.000000
certfr-2025-avi-1081	Vulnérabilité dans Citrix XenServer	2025-12-09T00:00:00.000000	2025-12-09T00:00:00.000000
certfr-2025-avi-1080	Multiples vulnérabilités dans VMware Tanzu RabbitMQ	2025-12-09T00:00:00.000000	2025-12-09T00:00:00.000000
certfr-2025-avi-1079	Multiples vulnérabilités dans les produits SAP	2025-12-09T00:00:00.000000	2025-12-09T00:00:00.000000

ID	Description	Published	Updated
certfr-2025-ale-014	[MàJ] Vulnérabilité dans React Server Components	2025-12-05T00:00:00.000000	2025-12-08T00:00:00.000000
certfr-2025-ale-013	[MàJ] Multiples vulnérabilités dans Cisco ASA et FTD	2025-09-25T00:00:00.000000	2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013	[MàJ] Multiples vulnérabilités dans Cisco ASA et FTD	2025-09-25T00:00:00.000000	2025-10-06T00:00:00.000000
CERTFR-2025-ALE-014	[MàJ] Vulnérabilité dans React Server Components	2025-12-05T00:00:00.000000	2025-12-08T00:00:00.000000
certfr-2025-ale-012	Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012	Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-09-26T00:00:00.000000
certfr-2025-ale-010	[MàJ] Multiples vulnérabilités dans Microsoft SharePoint	2025-07-21T00:00:00.000000	2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010	[MàJ] Multiples vulnérabilités dans Microsoft SharePoint	2025-07-21T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-ale-011	Incidents de sécurité dans les pare-feux SonicWall	2025-08-05T00:00:00.000000	2025-08-18T00:00:00.000000
certfr-2025-ale-009	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-07-01T00:00:00.000000	2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011	Incidents de sécurité dans les pare-feux SonicWall	2025-08-05T00:00:00.000000	2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-07-01T00:00:00.000000	2025-07-17T00:00:00.000000
certfr-2025-ale-004	Activités de post-exploitation dans Fortinet FortiGate	2025-04-11T00:00:00.000000	2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004	Activités de post-exploitation dans Fortinet FortiGate	2025-04-11T00:00:00.000000	2025-08-07T00:00:00.000000
certfr-2025-ale-008	[MàJ] Vulnérabilité dans Roundcube	2025-06-05T00:00:00.000000	2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008	[MàJ] Vulnérabilité dans Roundcube	2025-06-05T00:00:00.000000	2025-07-21T00:00:00.000000
certfr-2025-ale-007	Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM)	2025-05-14T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-006	Vulnérabilité dans les produits Fortinet	2025-05-13T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-005	Vulnérabilité dans SAP NetWeaver	2025-04-28T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-003	[MàJ] Vulnérabilité dans les produits Ivanti	2025-04-04T00:00:00.000000	2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007	Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM)	2025-05-14T00:00:00.000000	2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006	Vulnérabilité dans les produits Fortinet	2025-05-13T00:00:00.000000	2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005	Vulnérabilité dans SAP NetWeaver	2025-04-28T00:00:00.000000	2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003	[MàJ] Vulnérabilité dans les produits Ivanti	2025-04-04T00:00:00.000000	2025-04-11T00:00:00.000000
certfr-2025-ale-002	[MàJ] Vulnérabilité dans les produits Fortinet	2025-05-07T00:00:00.000000	2025-01-14T00:00:00.000000
certfr-2025-ale-001	[MàJ] Vulnérabilité dans les produits Ivanti	2025-01-09T00:00:00.000000	2025-04-01T00:00:00.000000
CERTFR-2025-ALE-002	[MàJ] Vulnérabilité dans les produits Fortinet	2025-05-07T00:00:00.000000	2025-01-14T00:00:00.000000
CERTFR-2025-ALE-001	[MàJ] Vulnérabilité dans les produits Ivanti	2025-01-09T00:00:00.000000	2025-04-01T00:00:00.000000
certfr-2024-ale-014	[MàJ] Multiples vulnérabilités dans Fortinet FortiManager	2024-10-30T00:00:00.000000	2024-10-23T00:00:00.000000
certfr-2024-ale-013	Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA)	2025-03-31T00:00:00.000000	2024-10-25T00:00:00.000000

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1-2025-0040	7.2 (4.0)	A cross-site scripting (XSS) vulnerability was id…	misp	misp	2025-12-13T08:44:32.378924Z	2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039	8.5 (4.0)	XSS Reintroduced in MISP Dashboard World Map Widget Du…	misp	misp	2025-12-10T14:33:52.856734Z	2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038	5 (4.0)	Reflected XSS in MISP Template Tag Removal and MISP Ad…	misp	misp	2025-12-10T14:10:00.000Z	2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037	7 (4.0)	Reflected XSS in MISP Dashboard Widgets via Unescaped …	misp	misp	2025-12-10T14:01:03.200804Z	2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036	8.3 (4.0)	A reflected cross-site scripting (XSS) vulnerability w…	misp	misp	2025-12-10T13:46:07.170083Z	2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035	8.3 (4.0)	Insufficient sanitization of bundle metadata (availabl…	CIRCL	vulnerability-lookup	2025-12-08T10:25:00.000Z	2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034	7 (4.0)	Missing CSRF protection on state-changing endpoints in…	CIRCL	vulnerability-lookup	2025-12-08T10:19:00.000Z	2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033	8.1 (4.0)	Vulnerability-lookup did not track or limit failed One…	CIRCL	vulnerability-lookup	2025-12-08T10:11:00.000Z	2025-12-08T12:12:53.235996Z
GCVE-1-2025-0032	10 (4.0)	The default configuration of WatchGuard Firebox device…	watchguard	firebox	2025-12-03T16:25:00.000Z	2025-12-03T16:27:36.683434Z
GCVE-1-2025-0031	6.3 (4.0)	A cross-site scripting (XSS) vulnerability was identif…	misp	misp	2025-12-03T10:58:19.835041Z	2025-12-03T10:58:19.835041Z
GCVE-1-2025-0030	6.2 (4.0)	A cross-site scripting (XSS) vulnerability in the MISP…	misp	misp	2025-12-03T10:53:00.000Z	2025-12-03T10:58:55.845341Z
GCVE-1-2025-0019	4 (4.0)	Path traversal vulnerability in EventReport for site-admin	misp	misp	2025-11-26T14:47:00.000Z	2025-11-28T07:27:42.721350Z
GCVE-1-2025-0017	9.4 (4.0)	Privilege escalation in Cerebrate allows an authentica…	cerebrate	cerebrate	2025-11-12T08:15:00.000Z	2025-11-28T07:22:08.205835Z
GCVE-1-2025-0029	6.3 (4.0)	Reflected cross-site scripting (XSS) vulnerabilities i…	misp	misp	2025-11-27T12:41:00.000Z	2025-11-27T12:48:51.085860Z
GCVE-1-2025-0027	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-27T07:17:00.000Z	2025-12-02T08:51:04.323899Z
GCVE-1-2025-0028	8.5 (4.0)	Information leakage vulnerability in the MISP Feed con…	misp	misp	2025-11-27T07:23:00.000Z	2025-12-02T08:51:35.429494Z
GCVE-1-2025-0026	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:35:00.000Z	2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:27:00.000Z	2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024	9.4 (4.0)	cross-site scripting (XSS) vulnerability in the MISP s…	misp	misp	2025-11-26T16:14:00.000Z	2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023	9.4 (4.0)	XSS in MISP server comparison tool	misp	misp	2025-11-26T16:10:00.000Z	2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022	9.4 (4.0)	Clarified setting's impact on download_attachments_on_load	misp	misp	2025-11-26T16:04:00.000Z	2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021	9.4 (4.0)	XSS in MISP ReST client in HTML view	misp	misp	2025-11-26T15:55:00.000Z	2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020	9.4 (4.0)	cross-site scripting (XSS) in Galaxy element JSON view	misp	misp	2025-11-26T15:49:00.000Z	2025-12-02T08:47:41.151429Z
GCVE-1-2025-0018	9.4 (4.0)	HTML injection issue was identified in Lookyloo’s web …	lookyloo	lookyloo	2025-11-18T15:33:00.000Z	2025-11-18T20:39:45.579295Z
GCVE-1-2025-0016	6 (4.0)	Local file inclusion in [ImportFromUrl() URL hand…	misp	misp	2025-11-04T09:20:00.000Z	2025-11-04T09:56:38.383646Z
GCVE-1-2025-0015	9 (4.0)	Potential XSS in decaying simulation tool	misp	misp	2025-11-04T09:06:00.000Z	2025-11-04T09:06:59.216121Z
GCVE-1-2025-0014	9.4 (4.0)	XSS in event report via Mermaid diagram	misp	misp	2025-11-04T08:58:00.024516Z	2025-11-04T08:58:00.024516Z
GCVE-1-2025-0013	9.4 (4.0)	Vulnerability in sharing group blueprints allowing sha…	misp	misp	2025-11-04T08:49:21.558087Z	2025-11-04T08:49:21.558087Z

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011	9.1 (3.1)	HexStrike AI MCP Server Command Injection	0x4m4	HexStrike AI	2025-11-30T21:27:56.057Z	2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100	6.5 (3.1)	Abilis CPX Fallback Shell Connection Relay	Abilis	CPX	2025-11-04T00:23:23.924Z	2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010	7.3 (3.1)	Unitree Multiple Robotic Products Command Injection	Unitree	Go2	2025-09-26T06:53:49.585Z	2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001	4.3 (3.1)	Unauthenticated leak of sensitive information affectin…	Brother Industries, Ltd	HL-L8260CDN	2025-08-12T15:23:00.577Z	2025-08-15T05:53:23.017Z