Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-22738
9.8 (3.1)
SpEL Injection via Unescaped Filter Key in SimpleVecto… Spring
 Spring AI
 2026-03-27T05:21:07.168Z 2026-03-27T05:21:07.168Z
CVE-2026-34353
5.9 (3.1)
In OCaml through 4.14.3, Bigarray.reshape allows … OCaml
 OCaml
 2026-03-27T04:55:58.294Z 2026-03-27T05:03:46.214Z
CVE-2024-7341
7.1 (3.1)
Wildfly-elytron: org.keycloak/keycloak-services: sessi…

2024-09-09T18:51:13.537Z 2026-03-27T05:01:21.989Z
CVE-2026-33559
5.4 (3.0)
5.1 (4.0)
WordPress Plugin "OpenStreetMap" provided by MiKa… MiKa
 OpenStreetMap
 2026-03-27T04:56:41.153Z 2026-03-27T04:56:41.153Z
CVE-2024-8883
6.1 (3.1)
Keycloak: vulnerable redirect uri validation results i…

2024-09-19T15:48:28.468Z 2026-03-27T04:25:26.292Z
CVE-2024-8698
7.7 (3.1)
Keycloak-saml-core: improper verification of saml resp…

2024-09-19T15:48:18.464Z 2026-03-27T04:25:20.423Z
CVE-2026-26830
9.8 (3.1)
pdf-image (npm package) through version 2.0.0 all… n/a
 n/a
 2026-03-25T00:00:00.000Z 2026-03-27T03:58:17.377Z
CVE-2025-59707
9.8 (3.1)
In N2W before 4.3.2 and 4.4.x before 4.4.1, there… n/a
 n/a
 2026-03-25T00:00:00.000Z 2026-03-27T03:57:12.342Z
CVE-2025-59706
9.8 (3.1)
In N2W before 4.3.2 and 4.4.0 before 4.4.1, impro… n/a
 n/a
 2026-03-25T00:00:00.000Z 2026-03-27T03:55:43.288Z
CVE-2026-3108
8 (3.1)
Terminal Escape Injection in mmctl Report Posts Command Mattermost
 Mattermost
 2026-03-26T16:16:49.790Z 2026-03-27T03:55:41.498Z
CVE-2026-33154
7.5 (3.1)
dynaconf Affected by Remote Code Execution (RCE) via I… dynaconf
 dynaconf
 2026-03-20T20:22:59.090Z 2026-03-27T03:55:40.943Z
CVE-2026-33150
7.8 (3.1)
Use After Free in libfuse libfuse
 libfuse
 2026-03-20T20:20:29.963Z 2026-03-27T03:55:40.426Z
CVE-2026-33491
7.8 (3.1)
Zen-C has Stack-Based Buffer Overflow in Identifier Mangling zenc-lang
 zenc
 2026-03-26T18:39:55.093Z 2026-03-27T03:55:39.895Z
CVE-2026-22898
9.3 (4.0)
QVR Pro QNAP Systems Inc.
 QVR Pro
 2026-03-20T16:21:30.440Z 2026-03-27T03:55:39.294Z
CVE-2026-32710
8.6 (3.1)
Heap-based Buffer Overflow in MariaDB MariaDB
 server
 2026-03-20T18:31:48.870Z 2026-03-27T03:55:38.121Z
CVE-2026-32309
8.7 (4.0)
Cryptomator: Hub unlocking accepts plaintext HTTP and … cryptomator
 cryptomator
 2026-03-20T18:19:09.746Z 2026-03-27T03:55:38.700Z
CVE-2026-33156
7.8 (3.1)
DLL Sideloading in ScreenToGif NickeManarin
 ScreenToGif
 2026-03-20T20:29:13.939Z 2026-03-27T03:55:37.536Z
CVE-2025-14917
6.7 (3.1)
IBM WebSphere Application Server Liberty could provide… IBM
 WebSphere Application Server - Liberty
 2026-03-25T20:13:55.049Z 2026-03-27T03:55:36.998Z
CVE-2025-14915
6.5 (3.1)
IBM WebSphere Application Server Liberty is affected b… IBM
 WebSphere Application Server - Liberty
 2026-03-25T20:12:27.207Z 2026-03-27T03:55:36.433Z
CVE-2026-28298
5.9 (3.1)
SolarWinds Observability Self-Hosted Stored Cross-Site… SolarWinds
 SolarWinds Observability Self-Hosted
 2026-03-26T14:08:49.449Z 2026-03-27T03:55:35.745Z
CVE-2026-28297
6.1 (3.1)
SolarWinds Observability Self-Hosted Stored Cross-Site… SolarWinds
 SolarWinds Observability Self-Hosted
 2026-03-26T14:01:37.526Z 2026-03-27T03:55:35.217Z
CVE-2025-15101
8.5 (4.0)
A Cross-Site Request Forgery (CSRF) vulnerability… ASUS
 Router
 2026-03-26T02:01:26.642Z 2026-03-27T03:55:34.490Z
CVE-2026-4747
8.8 (3.1)
Remote code execution via RPCSEC_GSS packet validation FreeBSD
 FreeBSD
 2026-03-26T06:21:12.735Z 2026-03-27T03:55:33.408Z
CVE-2026-28827
9.3 (3.1)
A parsing issue in the handling of directory path… Apple
 macOS
 2026-03-25T00:31:49.295Z 2026-03-27T03:55:33.950Z
CVE-2026-20688
9.3 (3.1)
A path handling issue was addressed with improved… Apple
 iOS and iPadOS
 2026-03-25T00:31:39.949Z 2026-03-27T03:55:32.883Z
CVE-2026-1712
5.8 (4.0)
Incorrect privilege assignment vulnerability in H… HYPR
 Server
 2026-03-25T16:56:05.927Z 2026-03-27T03:55:32.320Z
CVE-2026-33634
9.4 (4.0)
Trivy ecosystem supply chain briefly compromised aquasecurity
 setup-trivy
 2026-03-23T21:47:29.636Z 2026-03-27T03:55:31.422Z
CVE-2026-4779
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
SourceCodester Sales and Inventory System HTTP GET Par… SourceCodester
 Sales and Inventory System
 2026-03-24T22:22:13.117Z 2026-03-27T03:53:05.642Z
CVE-2026-32854
6.3 (4.0)
LibVNCServer httpd proxy NULL Pointer Dereference LibVNC
 LibVNCServer
 2026-03-24T17:31:32.011Z 2026-03-27T03:52:19.164Z
CVE-2026-3098
6.5 (3.1)
Smart Slider 3 <= 3.5.1.33 - Authenticated (Subscriber… nextendweb
 Smart Slider 3
 2026-03-27T03:37:07.618Z 2026-03-27T03:37:07.618Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-26830
9.8 (3.1)
pdf-image (npm package) through version 2.0.0 all… n/a
 n/a
 2026-03-25T00:00:00.000Z 2026-03-27T03:58:17.377Z
CVE-2025-59707
9.8 (3.1)
In N2W before 4.3.2 and 4.4.x before 4.4.1, there… n/a
 n/a
 2026-03-25T00:00:00.000Z 2026-03-27T03:57:12.342Z
CVE-2025-59706
9.8 (3.1)
In N2W before 4.3.2 and 4.4.0 before 4.4.1, impro… n/a
 n/a
 2026-03-25T00:00:00.000Z 2026-03-27T03:55:43.288Z
CVE-2026-4910
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
Shenzhen Ruiming Technology Streamax Crocus Endpoint R… Shenzhen Ruiming Technology
 Streamax Crocus
 2026-03-27T03:01:03.856Z 2026-03-27T03:01:03.856Z
CVE-2026-3098
6.5 (3.1)
Smart Slider 3 <= 3.5.1.33 - Authenticated (Subscriber… nextendweb
 Smart Slider 3
 2026-03-27T03:37:07.618Z 2026-03-27T03:37:07.618Z
CVE-2026-4909
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
code-projects Exam Form Submission update_s7.php cross… code-projects
 Exam Form Submission
 2026-03-27T02:25:24.360Z 2026-03-27T02:25:24.360Z
CVE-2026-4908
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
code-projects Simple Laundry System Parameter modstaff… code-projects
 Simple Laundry System
 2026-03-27T02:25:22.037Z 2026-03-27T02:25:22.037Z
CVE-2026-4907
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Page-Replica Page Replica Endpoint sitemap sitemap.fet… Page-Replica
 Page Replica
 2026-03-27T01:33:14.205Z 2026-03-27T01:33:14.205Z
CVE-2026-4906
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda AC5 POST Request WizardHandle decodePwd stack-ba… Tenda
 AC5
 2026-03-27T00:53:09.317Z 2026-03-27T00:53:09.317Z
CVE-2026-33935
7.7 (4.0)
MyTube has Unauthenticated Account Lockout via Shared … franklioxygen
 MyTube
 2026-03-27T00:43:49.590Z 2026-03-27T00:43:49.590Z
CVE-2026-33890
8.9 (4.0)
MyTube has an Unauthenticated Admin Privilege Escalati… franklioxygen
 MyTube
 2026-03-27T00:38:50.089Z 2026-03-27T00:38:50.089Z
CVE-2026-33747
8.4 (3.1)
BuildKit vulnerable to malicious frontend causing file… moby
 buildkit
 2026-03-27T00:49:06.165Z 2026-03-27T00:49:06.165Z
CVE-2026-33745
7.4 (3.1)
cpp-httplib Client Leaks Authentication Credentials to… yhirose
 cpp-httplib
 2026-03-27T00:46:48.941Z 2026-03-27T00:46:48.941Z
CVE-2026-33744
7.8 (3.1)
BentoML has Dockerfile Command Injection via system_pa… bentoml
 BentoML
 2026-03-27T00:45:08.108Z 2026-03-27T00:45:08.108Z
CVE-2026-33735
7.4 (4.0)
MyTube has an Improper Access Control that Allows Comp… franklioxygen
 MyTube
 2026-03-27T00:36:31.489Z 2026-03-27T00:39:04.151Z
CVE-2026-33730
6.5 (3.1)
Open Source Point of Sale has an IDOR in Password Chan… opensourcepos
 opensourcepos
 2026-03-27T00:30:02.069Z 2026-03-27T00:30:02.069Z
CVE-2026-33729
5.8 (4.0)
OpenFGA has an Authorization Bypass through cached keys openfga
 openfga
 2026-03-27T00:27:40.726Z 2026-03-27T00:27:40.726Z
CVE-2026-33728
9.3 (4.0)
dd-trace-java: Unsafe deserialization in RMI instrumen… DataDog
 dd-trace-java
 2026-03-27T00:25:56.444Z 2026-03-27T00:25:56.444Z
CVE-2026-33726
5.4 (3.1)
Cilium L7 proxy may bypass Kubernetes NetworkPolicy fo… cilium
 cilium
 2026-03-27T00:23:21.795Z 2026-03-27T00:23:21.795Z
CVE-2026-33725
7.2 (3.1)
Metabase vulnerable to RCE and Arbitrary File Read via… metabase
 metabase
 2026-03-27T00:19:39.397Z 2026-03-27T00:19:39.397Z
CVE-2026-33721
5.3 (3.1)
MapServer has heap buffer overflow in SLD `Categorize`… MapServer
 MapServer
 2026-03-27T00:15:00.360Z 2026-03-27T00:15:00.360Z
CVE-2026-33718
7.6 (3.1)
OpenHands is Vulnerable to Command Injection through i… OpenHands
 OpenHands
 2026-03-27T00:12:24.752Z 2026-03-27T00:12:24.752Z
CVE-2026-33701
9.3 (4.0)
OpenTelemetry: Unsafe Deserialization in RMI Instrumen… open-telemetry
 opentelemetry-java-instrumentation
 2026-03-27T00:01:12.327Z 2026-03-27T00:01:12.327Z
CVE-2026-33699
4.6 (4.0)
pypdf: Possible infinite loop during recovery attempts… py-pdf
 pypdf
 2026-03-26T23:58:42.776Z 2026-03-26T23:58:42.776Z
CVE-2026-33693
6.5 (3.1)
Lemmy's Activitypub-Federation has SSRF via 0.0.0.0 by… LemmyNet
 lemmy
 2026-03-27T00:03:35.946Z 2026-03-27T00:03:35.946Z
CVE-2026-33634
9.4 (4.0)
Trivy ecosystem supply chain briefly compromised aquasecurity
 setup-trivy
 2026-03-23T21:47:29.636Z 2026-03-27T03:55:31.422Z
CVE-2026-4905
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda AC5 POST Request WifiWpsOOB formWifiWpsOOB stack… Tenda
 AC5
 2026-03-26T23:11:11.087Z 2026-03-26T23:11:11.087Z
CVE-2026-4904
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda AC5 POST Request setcfm formSetCfm stack-based o… Tenda
 AC5
 2026-03-26T23:11:07.350Z 2026-03-26T23:11:07.350Z
CVE-2026-4324
5.4 (3.1)
Rubygem-katello: katello: denial of service and potent… Red Hat
 Red Hat Satellite 6.17 for RHEL 9
 2026-03-17T13:52:14.756Z 2026-03-26T23:10:28.361Z
CVE-2026-33945
10 (3.1)
Abitrary file write through systemd-creds option lxc
 incus
 2026-03-26T23:27:45.711Z 2026-03-26T23:27:45.711Z
ID Description Published Updated
fkie_cve-2026-4910 A security vulnerability has been detected in Shenzhen Ruiming Technology Streamax Crocus bis 1.3.4… 2026-03-27T04:16:08.043 2026-03-27T04:16:08.043
fkie_cve-2026-3098 The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,… 2026-03-27T04:16:03.570 2026-03-27T04:16:03.570
fkie_cve-2026-4909 A weakness has been identified in code-projects Exam Form Submission 1.0/7.php. This impacts an unk… 2026-03-27T03:16:02.763 2026-03-27T03:16:02.763
fkie_cve-2026-4908 A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unk… 2026-03-27T03:16:01.670 2026-03-27T03:16:01.670
fkie_cve-2026-4907 A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db67510… 2026-03-27T02:16:00.330 2026-03-27T02:16:00.330
fkie_cve-2026-4906 A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decod… 2026-03-27T01:16:21.807 2026-03-27T01:16:21.807
fkie_cve-2026-33935 MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.72, a… 2026-03-27T01:16:21.647 2026-03-27T01:16:21.647
fkie_cve-2026-33890 MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.71, a… 2026-03-27T01:16:21.493 2026-03-27T01:16:21.493
fkie_cve-2026-33747 BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and… 2026-03-27T01:16:21.330 2026-03-27T01:16:21.330
fkie_cve-2026-33745 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, … 2026-03-27T01:16:21.167 2026-03-27T01:16:21.167
fkie_cve-2026-33744 BentoML is a Python library for building online serving systems optimized for AI apps and model inf… 2026-03-27T01:16:21.007 2026-03-27T01:16:21.007
fkie_cve-2026-33735 MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, a… 2026-03-27T01:16:20.840 2026-03-27T01:16:20.840
fkie_cve-2026-33730 Open Source Point of Sale (opensourcepos) is a web based point of sale application written in PHP u… 2026-03-27T01:16:20.577 2026-03-27T01:16:20.577
fkie_cve-2026-33729 OpenFGA is a high-performance and flexible authorization/permission engine built for developers and… 2026-03-27T01:16:20.367 2026-03-27T01:16:20.367
fkie_cve-2026-33728 dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior t… 2026-03-27T01:16:20.203 2026-03-27T01:16:20.203
fkie_cve-2026-33726 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to… 2026-03-27T01:16:20.007 2026-03-27T01:16:20.007
fkie_cve-2026-33725 Metabase is an open source business intelligence and embedded analytics tool. In Metabase Enterpris… 2026-03-27T01:16:19.837 2026-03-27T01:16:19.837
fkie_cve-2026-33721 MapServer is a system for developing web-based GIS applications. Starting in version 4.2 and prior … 2026-03-27T01:16:19.670 2026-03-27T01:16:19.670
fkie_cve-2026-33718 OpenHands is software for AI-driven development. Starting in version 1.5.0, a Command Injection vul… 2026-03-27T01:16:19.483 2026-03-27T01:16:19.483
fkie_cve-2026-33701 OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation … 2026-03-27T01:16:19.313 2026-03-27T01:16:19.313
fkie_cve-2026-33699 pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerabili… 2026-03-27T01:16:19.147 2026-03-27T01:16:19.147
fkie_cve-2026-33693 Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.7.0-beta.9, the `v4_is_i… 2026-03-27T01:16:18.983 2026-03-27T01:16:18.983
fkie_cve-2026-33634 Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publ… 2026-03-23T22:16:31.290 2026-03-27T01:16:18.750
fkie_cve-2026-4905 A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the … 2026-03-27T00:16:24.393 2026-03-27T00:16:24.393
fkie_cve-2026-4904 A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm… 2026-03-27T00:16:24.170 2026-03-27T00:16:24.170
fkie_cve-2026-4324 A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by imprope… 2026-03-17T14:16:19.777 2026-03-27T00:16:23.800
fkie_cve-2026-33945 Incus is a system container and virtual machine manager. Incus instances have an option to provide … 2026-03-27T00:16:23.633 2026-03-27T00:16:23.633
fkie_cve-2026-33898 Incus is a system container and virtual machine manager. Prior to version 6.23.0, the web server sp… 2026-03-27T00:16:23.333 2026-03-27T00:16:23.333
fkie_cve-2026-33697 Cocos AI is a confidential computing system for AI. The current implementation of attested TLS (aTL… 2026-03-27T00:16:23.133 2026-03-27T00:16:23.133
fkie_cve-2026-29071 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. … 2026-03-27T00:16:22.983 2026-03-27T00:16:22.983
ID Severity Description Published Updated
ghsa-pvv2-hpmf-pmxf
2.4 (3.1)
1.9 (4.0)
A weakness has been identified in code-projects Exam Form Submission 1.0/7.php. This impacts an unk… 2026-03-27T03:31:32Z 2026-03-27T03:31:32Z
ghsa-gpj8-f2j5-f6j2
7.3 (3.1)
5.5 (4.0)
A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unk… 2026-03-27T03:31:32Z 2026-03-27T03:31:32Z
ghsa-cfmp-f27r-2qg4
8.8 (3.1)
7.4 (4.0)
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decod… 2026-03-27T03:31:32Z 2026-03-27T03:31:32Z
ghsa-5j4w-5v7w-7fvv
6.3 (3.1)
2.1 (4.0)
A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db67510… 2026-03-27T03:31:32Z 2026-03-27T03:31:32Z
ghsa-5mg7-485q-xm76
Two LiteLLM versions published containing credential harvesting malware 2026-03-25T14:25:42Z 2026-03-27T00:32:11Z
ghsa-j2f5-7fm8-m5q7
5.1 (4.0)
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi crede… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-hpg8-x2mf-jw6x
8.8 (3.1)
7.4 (4.0)
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of … 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-g25q-4m65-m6g5
8.8 (3.1)
7.4 (4.0)
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the … 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-9vmx-7mc4-v47m
8.8 (3.1)
7.4 (4.0)
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-8j9j-w3w5-2667
4.3 (3.1)
2.1 (4.0)
A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this v… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-7jcq-m3gg-2pwx
2.4 (3.1)
1.9 (4.0)
A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by t… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-597g-qjqv-f858
5.3 (3.1)
5.5 (4.0)
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an un… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-4vj5-vh2w-8g5j
8.5 (3.1)
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-42p8-rv8p-8h4j
7.5 (3.1)
8.7 (4.0)
A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed … 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-39fw-r4pr-87rj
8.8 (3.1)
7.4 (4.0)
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIn… 2026-03-27T00:31:21Z 2026-03-27T00:31:21Z
ghsa-wcqf-w94x-4wg2
6.5 (3.1)
The API function `ssh_get_hexa()` is vulnerable, when 0-lenght input is provided to this function. … 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-rfjg-8j24-w8q7
6.9 (4.0)
Information disclosure in the file URI processing of File (Field) Paths in Drupal File (Field) Path… 2026-03-27T00:31:20Z 2026-03-27T00:31:20Z
ghsa-qwjq-cprg-rrcp
5.3 (4.0)
In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both… 2026-03-27T00:31:20Z 2026-03-27T00:31:20Z
ghsa-pjv8-58qr-6mxx
2.8 (3.1)
A flaw was found in GIMP. Heap-buffer-overflow vulnerability exists in the fread_pascal_string func… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-hq85-3f6c-jx84
5.3 (3.1)
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_De… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-hfcp-477w-3wjw
8.3 (3.1)
rubyipmi is vulnerable to OS Command Injection through malicious usernames 2026-02-27T09:30:29Z 2026-03-27T00:31:20Z
ghsa-fwj4-6wgp-mpxm
5.4 (3.1)
Katello: Denial of Service and potential information disclosure via SQL injection 2026-03-17T15:36:23Z 2026-03-27T00:31:20Z
ghsa-fh2w-2c26-vpg5
8.0 (3.1)
A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in F… 2026-03-26T15:30:39Z 2026-03-27T00:31:20Z
ghsa-ffqx-q65f-36jf
7.5 (3.1)
A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /stat… 2026-03-27T00:31:20Z 2026-03-27T00:31:20Z
ghsa-cq3g-qvxc-ghr5
8.1 (3.1)
A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows un… 2026-03-27T00:31:20Z 2026-03-27T00:31:20Z
ghsa-9p3w-rm2q-9gxc
5.0 (3.1)
A malicious SCP server can send unexpected paths that could make the client application override lo… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-8g7q-m2xj-67ch
4.3 (3.1)
A flaw was found in GIMP. An integer overflow vulnerability exists when processing ICO image files,… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-6w3m-r3qq-cr2h
3.1 (3.1)
A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploi… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-6jpg-fr24-wpvf
2.2 (3.1)
A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_h… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ghsa-688g-4qr3-6q47
3.3 (3.1)
A flaw was found in GIMP's PSP (Paint Shop Pro) file parser. A remote attacker could exploit an int… 2026-03-26T21:31:27Z 2026-03-27T00:31:20Z
ID Severity Description Package Published Updated
pysec-2026-2
After an API Token exposure from an exploited Trivy dependency, two new releases of `lite… litellm 2026-03-24T15:35:32Z
pysec-2024-85
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.848846Z
pysec-2024-84
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.756762Z
pysec-2024-83
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.662671Z
pysec-2024-82
8.8 (3.1)
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.563380Z
pysec-2023-278
5.3 (3.1)
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… mindsdb 2023-12-11T21:15:00Z 2026-03-03T16:29:37.448520Z
pysec-2023-121
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… zstd 2023-03-31T20:15:00+00:00 2026-02-25T19:20:58+00:00
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious version… dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2020-220
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… ansible 2020-10-05T14:15:00Z 2025-10-31T04:43:53.616247Z
pysec-2025-72
The `num2words` project was compromised via a phishing attack and two new versions were u… num2words 2025-07-31T14:34:47+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2024-259
9.8 (3.1)
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… torch 2024-10-29T21:15:04+00:00 2025-07-16T03:09:57.748865+00:00
pysec-2024-258
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… scrapy 2024-05-20T08:15:08+00:00 2025-07-15T17:37:50.051730+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2024-257
7.5 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-03-22T23:15:07+00:00 2025-06-30T15:23:50.085549+00:00
pysec-2025-58
8.8 (3.1)
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… vllm 2025-01-27T18:15:41+00:00 2025-06-27T21:22:36.583615+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
pysec-2025-56
4.3 (3.1)
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… octoprint 2025-04-22T18:15:59+00:00 2025-06-27T17:22:53.513680+00:00
ID Description Updated
gsd-2024-33903 In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… 2024-04-29T05:02:07.295775Z
gsd-2024-33902 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.486429Z
gsd-2024-33901 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.525896Z
gsd-2024-33900 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.290639Z
gsd-2024-33899 RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… 2024-04-29T05:02:07.400574Z
gsd-2024-33898 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287632Z
gsd-2024-33897 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.283756Z
gsd-2024-33896 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.313250Z
gsd-2024-33895 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.493081Z
gsd-2024-33894 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.488420Z
gsd-2024-33893 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.381761Z
gsd-2024-33892 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.378170Z
gsd-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… 2024-04-29T05:02:07.412035Z
gsd-2024-33890 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.344384Z
gsd-2024-33889 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.392587Z
gsd-2024-33888 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.468423Z
gsd-2024-33887 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.503613Z
gsd-2024-33886 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287167Z
gsd-2024-33885 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.441746Z
gsd-2024-33884 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.534455Z
gsd-2024-33883 The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… 2024-04-29T05:02:07.271727Z
gsd-2024-4303 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.716348Z
gsd-2024-4302 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.603637Z
gsd-2024-4301 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.678292Z
gsd-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… 2024-04-29T05:02:05.715239Z
gsd-2024-4299 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… 2024-04-29T05:02:05.606402Z
gsd-2024-4298 The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… 2024-04-29T05:02:05.598531Z
gsd-2024-4297 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… 2024-04-29T05:02:05.700888Z
gsd-2024-4296 The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… 2024-04-29T05:02:05.621428Z
gsd-2024-33882 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.803998Z
ID Description Published Updated
mal-2026-2085 Malicious code in uipagain (npm) 2026-03-23T12:10:52Z 2026-03-27T05:01:26Z
mal-2025-5063 Malicious code in universal-media-player (npm) 2025-06-13T01:40:04Z 2026-03-27T05:01:26Z
mal-2025-5060 Malicious code in sitewidesearch-client (npm) 2025-06-13T00:55:54Z 2026-03-27T05:01:25Z
mal-2025-5058 Malicious code in secure-lib (npm) 2025-06-13T02:06:14Z 2026-03-27T05:01:25Z
mal-2025-5051 Malicious code in react-expiry-date (npm) 2025-06-13T01:31:54Z 2026-03-27T05:01:25Z
mal-2025-5050 Malicious code in react-card-security-code (npm) 2025-06-13T01:39:08Z 2026-03-27T05:01:25Z
mal-2026-2253 Malicious code in dgxeon-soket-buttonx (npm) 2026-03-27T03:24:37Z 2026-03-27T03:24:39Z
mal-2026-2252 Malicious code in dgxeon-baileys (npm) 2026-03-27T03:24:37Z 2026-03-27T03:24:38Z
mal-2026-2249 Malicious code in chai-as-added (npm) 2026-03-27T03:12:35Z 2026-03-27T03:12:36Z
mal-2026-2251 Malicious code in testtestsharp (npm) 2026-03-27T03:07:31Z 2026-03-27T03:07:31Z
mal-2026-2250 Malicious code in test1sharp (npm) 2026-03-27T03:07:31Z 2026-03-27T03:07:31Z
mal-2026-188 Malicious code in shopping-cart-service (npm) 2026-01-10T08:14:10Z 2026-03-27T00:59:36Z
mal-2025-2895 Malicious code in shopmacher-mollie-application (npm) 2025-03-28T12:58:40Z 2026-03-27T00:59:36Z
mal-2026-1455 Malicious code in native_dep (npm) 2026-03-14T06:20:46Z 2026-03-27T00:59:35Z
mal-2026-2246 Malicious code in @ev-tech/eva-container-api (npm) 2026-03-27T00:51:36Z 2026-03-27T00:51:37Z
mal-2026-2248 Malicious code in shop-republik-ch (npm) 2026-03-27T00:51:35Z 2026-03-27T00:51:36Z
mal-2026-2247 Malicious code in cua-primitives-server (npm) 2026-03-27T00:51:36Z 2026-03-27T00:51:36Z
mal-2026-2241 Malicious code in pacbot (PyPI) 2026-03-26T16:21:00Z 2026-03-26T23:47:09Z
mal-2026-2240 Malicious code in magtape (PyPI) 2026-03-26T16:21:03Z 2026-03-26T23:47:09Z
mal-2026-2239 Malicious code in chaostoolkit-turbulence (PyPI) 2026-03-26T16:32:17Z 2026-03-26T23:47:08Z
mal-2026-2244 Malicious code in fluxhttp (PyPI) 2026-03-26T20:49:03Z 2026-03-26T21:46:40Z
mal-2026-2120 Malicious code in logutilkit (PyPI) 2026-03-23T22:53:57Z 2026-03-26T21:46:40Z
mal-2026-2084 Malicious code in license-utils-kit (PyPI) 2026-03-23T09:41:24Z 2026-03-26T21:46:40Z
mal-2026-2119 Malicious code in apachelicense (PyPI) 2026-03-23T20:41:45Z 2026-03-26T21:46:39Z
mal-2026-2245 Malicious code in requests-testik111 (PyPI) 2026-03-26T21:35:07Z 2026-03-26T21:35:07Z
mal-2026-2243 Malicious code in browserstack-electron-forge-include-package-plugin (npm) 2026-03-26T20:45:39Z 2026-03-26T20:45:39Z
mal-2026-2242 Malicious code in somepentest-test-package (PyPI) 2026-03-26T20:06:44Z 2026-03-26T20:06:44Z
mal-2026-2238 Malicious code in spr-i18n-labels (npm) 2026-03-26T16:40:45Z 2026-03-26T16:58:07Z
mal-2026-2237 Malicious code in jsonify-builder (npm) 2026-03-26T14:45:36Z 2026-03-26T14:45:37Z
mal-2026-2236 Malicious code in onboarding-server (npm) 2026-03-26T14:15:47Z 2026-03-26T14:15:47Z
ID Description Published Updated
4hzm000604 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) 2026-03-26T00:30:00.000Z 2026-03-26T00:30:00.000Z
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ​​PVI​ ​​Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ​B&R PCs vulnerable to PixieFail attack​ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
3adr011432 AC500 V2 Buffer overread on Modbus protocol 2025-07-23T00:30:00.000Z 2025-07-23T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-0861 Linux Kernel: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0860 NGINX und NGINX Plus: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0858 NATS Server: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0855 Xen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0854 Squid: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0851 IBM InfoSphere Information Server: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0850 Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0847 GitLab: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0845 IBM WebSphere Application Server Liberty: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0844 Hitachi Ops Center: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0831 systemd: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0826 Znuny: Schwachstelle ermöglicht Cross-Site Scripting 2026-03-23T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0790 Linux Kernel: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0720 systemd: Mehrere Schwachstellen 2026-03-12T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0641 NATS Server: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-09T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0554 Red Hat Enterprise Linux (udisks): Mehrere Schwachstellen 2026-03-01T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0544 IBM QRadar SIEM: Mehrere Schwachstellen 2026-02-26T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0530 Drupal Extensions: Mehrere Schwachstellen 2026-02-25T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0504 Mattermost Server und Plugins: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2026-02-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0497 Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen 2026-02-24T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0480 Red Hat Enterprise Linux (Python Protobuf): Schwachstelle ermöglicht Denial of Service 2026-02-23T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0479 Red Hat OpenShift Service Mesh (Kiali): Schwachstelle ermöglicht Denial of Service 2026-02-23T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0462 Linux Kernel: Mehrere Schwachstellen 2026-02-18T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0443 Apache Tomcat und Tomcat Native: Mehrere Schwachstellen 2026-02-17T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0421 Linux Kernel: Mehrere Schwachstellen 2026-02-15T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0409 PostgreSQL: Mehrere Schwachstellen 2026-02-12T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0405 Grafana: Mehrere Schwachstellen 2026-02-11T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0397 Drupal Module (UI Icons, Quick Edit): Mehrere Schwachstellen ermöglichen Cross-Site Scripting 2026-02-11T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0353 libpng: Schwachstelle ermöglicht Codeausführung 2026-02-09T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
wid-sec-w-2026-0324 Linux Kernel: Mehrere Schwachstellen 2026-02-04T23:00:00.000+00:00 2026-03-25T23:00:00.000+00:00
ID Description Published Updated
va-26-084-01 Nanoleaf Lines unauthenticated firmware file store vulnerability 2026-03-25T00:00:00Z 2026-03-25T00:00:00Z
icsma-26-083-01 Grassroots DICOM (GDCM) 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsma-25-364-01 WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) 2025-12-30T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-03 "Schneider Electric Plant iT/Brewmaxx" 2026-01-13T08:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-02 Schneider Electric EcoStruxure Foxboro DCS 2026-03-10T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-01 Pharos Controls Mosaic Show Controller 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-05 Mitsubishi Electric CNC Series 2026-03-10T00:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-02 Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-01 Schneider Electric Modicon M241, M251, and M262 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-07 IGL-Technologies eParking.fi 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-078-06 CTEK Chargeportal 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-076-04 Siemens SICAM SIAPP SDK 2026-03-10T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-03 Schneider Electric EcoStruxure Data Center Expert 2026-03-10T07:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-02 Schneider Electric SCADAPack and RemoteConnect 2026-02-10T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-01 CODESYS in Festo Automation Suite 2026-02-26T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-015-10 Schneider Electric EcoStruxure Power Build Rapsody (Update A) 2026-01-13T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-25-160-02 Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A) 2023-06-27T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-25-303-01 International Standards Organization ISO 15118-2 (Update A) 2025-10-30T05:00:00.000000Z 2026-03-17T05:00:00.000000Z
icsa-26-071-06 Inductive Automation Ignition Software 2026-03-12T06:00:00.000000Z 2026-03-13T06:00:00.000000Z
icsa-26-071-05 Siemens Heliox EV Chargers 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-04 Siemens SIMATIC 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-03 Siemens SIDIS Prime 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-02 Siemens RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-01 Trane Tracer SC, Tracer SC+, and Tracer Concierge 2026-03-12T06:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-048-04 Honeywell HIB2PI CCTV Camera (Update B) 2026-02-17T07:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-08 Siemens NX 2026-02-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-03 Siemens COMOS 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
ID Description Published Updated
cisco-sa-xe-secureboot-bypass-b6uyxysz Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-scp-dos-duadxtcg Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-xss-lpgkzwtj Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-crlf-nvgktkjz Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-tls-dos-tvgldezl Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-mntc-dos-lzweqcyq Cisco IOS XE Software Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-lobby-privesc-kwxbqjy Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-bootp-wubhnbxa Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-fmc-rce-nkhnuljh Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 2026-03-04T16:00:00+00:00 2026-03-25T14:21:24+00:00
cisco-sa-sdwan-authbp-qwcx8d4v Cisco Catalyst SD-WAN Vulnerabilities 2026-02-25T16:00:00+00:00 2026-03-18T01:06:38+00:00
cisco-sa-xrncs-epni-int-dos-twmffusn Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-isis-dos-kdmxpszk Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-iosxr-privesc-bf8d5u4w Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-cc-xss-mrnah5jh Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-fmc-sql-inject-2enmtc8v Cisco Secure Firewall Management Center Software SQL Injection Vulnerability 2024-10-23T16:00:00+00:00 2026-03-04T16:11:01+00:00
cisco-sa-asaftd-cmd-inj-zjv8wysm Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability 2024-04-24T16:00:00+00:00 2026-03-04T16:10:59+00:00
cisco-sa-snort3-multi-dos-xfwkwswz Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-onprem-fmc-authbypass-5jpp45v2 Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftdfmc-dir-trav-wergjhwq Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-tcp-dos-rhfqnwrg Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-snort-bypass-rlggkzvf Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-dnd-dos-bpecg7b7 Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-cmd-inj-mtzgzexf Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-sql-injection-2qh6ccjd Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-vpn-m9sx6mbc Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-saml-lkttrwzp Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ospf-zh8phbsw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-luainject-vescqgms Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ikev2-dos-ebuegdeg Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-desync-n5avzeqw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-26137 Microsoft Exchange Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-26T07:00:00.000Z
msrc_cve-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib 2026-03-02T00:00:00.000Z 2026-03-26T01:39:38.000Z
msrc_cve-2025-66413 Git for Windows leaks NTLM hash when cloning from an attacker-controlled server 2026-03-02T00:00:00.000Z 2026-03-26T01:38:11.000Z
msrc_cve-2026-3805 use after free in SMB connection reuse 2026-03-02T00:00:00.000Z 2026-03-26T01:38:04.000Z
msrc_cve-2026-23239 espintcp: Fix race condition in espintcp_close() 2026-03-02T00:00:00.000Z 2026-03-26T01:37:49.000Z
msrc_cve-2026-25679 Incorrect parsing of IPv6 host literals in net/url 2026-03-02T00:00:00.000Z 2026-03-26T01:37:44.000Z
msrc_cve-2026-27142 URLs in meta content attribute actions are not escaped in html/template 2026-03-02T00:00:00.000Z 2026-03-26T01:37:39.000Z
msrc_cve-2026-2297 SourcelessFileLoader does not use io.open_code() 2026-03-02T00:00:00.000Z 2026-03-26T01:37:29.000Z
msrc_cve-2025-68357 iomap: allocate s_dio_done_wq for async reads as well 2025-12-02T00:00:00.000Z 2026-03-26T01:37:02.000Z
msrc_cve-2024-45336 Sensitive headers incorrectly sent after cross-domain redirect in net/http 2025-01-02T00:00:00.000Z 2026-03-26T01:36:04.000Z
msrc_cve-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 2025-01-02T00:00:00.000Z 2026-03-26T01:35:59.000Z
msrc_cve-2026-23393 bridge: cfm: Fix race condition in peer_mep deletion 2026-03-02T00:00:00.000Z 2026-03-26T01:08:00.000Z
msrc_cve-2026-23284 net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() 2026-03-02T00:00:00.000Z 2026-03-26T01:07:54.000Z
msrc_cve-2026-23365 net: usb: kalmia: validate USB endpoints 2026-03-02T00:00:00.000Z 2026-03-26T01:07:49.000Z
msrc_cve-2026-23379 net/sched: ets: fix divide by zero in the offload path 2026-03-02T00:00:00.000Z 2026-03-26T01:07:43.000Z
msrc_cve-2026-23279 wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() 2026-03-02T00:00:00.000Z 2026-03-26T01:07:38.000Z
msrc_cve-2026-23324 can: usb: etas_es58x: correctly anchor the urb in the read bulk callback 2026-03-02T00:00:00.000Z 2026-03-26T01:07:32.000Z
msrc_cve-2026-23367 wifi: radiotap: reject radiotap with unknown bits 2026-03-02T00:00:00.000Z 2026-03-26T01:07:26.000Z
msrc_cve-2026-23389 ice: Fix memory leak in ice_set_ringparam() 2026-03-02T00:00:00.000Z 2026-03-26T01:07:21.000Z
msrc_cve-2026-23327 cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() 2026-03-02T00:00:00.000Z 2026-03-26T01:07:16.000Z
msrc_cve-2026-23343 xdp: produce a warning when calculated tailroom is negative 2026-03-02T00:00:00.000Z 2026-03-26T01:07:10.000Z
msrc_cve-2026-23356 drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock() 2026-03-02T00:00:00.000Z 2026-03-26T01:07:04.000Z
msrc_cve-2026-23293 net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled 2026-03-02T00:00:00.000Z 2026-03-26T01:06:59.000Z
msrc_cve-2026-23310 bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded 2026-03-02T00:00:00.000Z 2026-03-26T01:06:53.000Z
msrc_cve-2026-23347 can: usb: f81604: correctly anchor the urb in the read bulk callback 2026-03-02T00:00:00.000Z 2026-03-26T01:06:48.000Z
msrc_cve-2026-23317 drm/vmwgfx: Return the correct value in vmw_translate_ptr functions 2026-03-02T00:00:00.000Z 2026-03-26T01:06:43.000Z
msrc_cve-2026-23289 IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() 2026-03-02T00:00:00.000Z 2026-03-26T01:06:37.000Z
msrc_cve-2026-23374 blktrace: fix __this_cpu_read/write in preemptible context 2026-03-02T00:00:00.000Z 2026-03-26T01:06:32.000Z
msrc_cve-2026-23395 Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ 2026-03-02T00:00:00.000Z 2026-03-26T01:06:26.000Z
msrc_cve-2026-23381 net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled 2026-03-02T00:00:00.000Z 2026-03-26T01:06:21.000Z
ID Description Published Updated
ncsc-2026-0104 Kwetsbaarheden verholpen in Cisco IOS XE Software 2026-03-26T09:50:03.269095Z 2026-03-26T09:50:03.269095Z
ncsc-2026-0103 Kwetsbaarheden verholpen in GitLab 2026-03-26T09:48:10.874427Z 2026-03-26T09:48:10.874427Z
ncsc-2026-0102 Kwetsbaarheden verholpen in Apple macOS 2026-03-25T14:15:56.073353Z 2026-03-25T14:15:56.073353Z
ncsc-2026-0101 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-25T14:02:07.392994Z 2026-03-25T14:02:07.392994Z
ncsc-2026-0100 Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway 2026-03-23T13:43:30.957806Z 2026-03-23T13:43:30.957806Z
ncsc-2026-0099 Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager 2026-03-20T15:56:12.716324Z 2026-03-20T15:56:12.716324Z
ncsc-2026-0010 Kwetsbaarheden verholpen in Microsoft Office 2026-01-13T19:18:45.984019Z 2026-03-20T14:03:59.225773Z
ncsc-2026-0076 Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center 2026-03-04T20:49:12.211658Z 2026-03-19T11:48:18.917205Z
ncsc-2026-0098 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-13T08:41:19.155490Z 2026-03-13T08:41:19.155490Z
ncsc-2026-0097 Kwetsbaarheden verholpen in Google Chrome 2026-03-13T08:33:43.877125Z 2026-03-13T08:33:43.877125Z
ncsc-2026-0096 Kwetsbaarheden verholpen in Veeam Backup & Replication 2026-03-12T14:54:08.200676Z 2026-03-12T14:54:08.200676Z
ncsc-2026-0095 Kwetsbaarheid verholpen in pac4j-jwt 2026-03-12T14:45:51.156512Z 2026-03-12T14:45:51.156512Z
ncsc-2026-0094 Kwetsbaarheden verholpen in Cisco IOS XR 2026-03-12T14:44:08.106602Z 2026-03-12T14:44:08.106602Z
ncsc-2026-0093 Kwetsbaarheden verholpen in GitLab 2026-03-12T14:42:46.936248Z 2026-03-12T14:42:46.936248Z
ncsc-2026-0092 Kwetsbaarheden verholpen in Fortinet FortiWeb 2026-03-12T07:46:15.529522Z 2026-03-12T07:46:15.529522Z
ncsc-2026-0091 Kwetsbaarheden verholpen in SAP-producten 2026-03-12T07:24:16.575638Z 2026-03-12T07:24:16.575638Z
ncsc-2026-0090 Kwetsbaarheden verholpen in Adobe Experience Manager 2026-03-12T07:12:51.952931Z 2026-03-12T07:12:51.952931Z
ncsc-2026-0089 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2026-03-12T07:03:24.148324Z 2026-03-12T07:03:24.148324Z
ncsc-2026-0088 Kwetsbaarheden verholpen in Adobe Illustrator 2026-03-12T06:55:39.712240Z 2026-03-12T06:55:39.712240Z
ncsc-2026-0087 Kwetsbaarheden verholpen in Adobe Commerce 2026-03-12T06:49:56.459199Z 2026-03-12T06:49:56.459199Z
ncsc-2026-0086 Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer 2026-03-11T09:19:38.777277Z 2026-03-11T09:19:38.777277Z
ncsc-2026-0085 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-03-10T20:35:10.478398Z 2026-03-10T20:35:10.478398Z
ncsc-2026-0084 Kwetsbaarheden verholpen in Microsoft Office 2026-03-10T20:20:08.157658Z 2026-03-10T20:20:08.157658Z
ncsc-2026-0083 Kwetsbaarheid verholpen in Microsoft Authenticator app 2026-03-10T20:18:35.792755Z 2026-03-10T20:18:35.792755Z
ncsc-2026-0082 Kwetsbaarheden verholpen in Microsoft Azure 2026-03-10T20:15:41.528951Z 2026-03-10T20:15:41.528951Z
ncsc-2026-0081 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-03-10T20:12:56.032261Z 2026-03-10T20:12:56.032261Z
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0059 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2026-02-11T08:16:27.583936Z 2026-03-10T14:20:48.176282Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ncsc-2026-0071 Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager 2026-02-25T17:11:09.013125Z 2026-03-06T12:07:02.595940Z
ID Description Published Updated
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10419-1 rclone-1.73.3-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10418-1 python311-jsonpath-ng-1.8.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10417-1 python311-deepdiff-8.6.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10416-1 python313-PyMuPDF-1.27.2.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10415-1 glances-common-4.5.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10414-1 perl-Crypt-URandom-0.550.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10413-1 firefox-esr-140.9.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10406-1 lemon-3.51.3-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10405-1 python314-3.14.3-3.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10404-1 python310-3.10.20-2.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10403-1 python311-pypdf-6.9.1-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10402-1 python311-PyPDF2-2.11.1-8.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10401-1 freeciv-3.2.4-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10400-1 chromedriver-146.0.7680.153-2.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10399-1 GraphicsMagick-1.3.46-4.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10398-1 python311-3.11.15-3.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10397-1 python311-PyJWT-2.12.1-1.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10396-1 openbao-2.5.1-1.1 on GA media 2026-03-20T00:00:00Z 2026-03-20T00:00:00Z
opensuse-su-2026:10390-1 tempo-cli-2.10.3-1.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10389-1 python311-salt-3006.0-56.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10388-1 mumble-1.5.857-2.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10387-1 kernel-devel-6.19.8-1.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10386-1 ImageMagick-7.1.2.17-1.1 on GA media 2026-03-18T00:00:00Z 2026-03-18T00:00:00Z
opensuse-su-2026:10377-1 python312-3.12.13-2.1 on GA media 2026-03-16T00:00:00Z 2026-03-16T00:00:00Z
opensuse-su-2026:10376-1 chromedriver-146.0.7680.80-1.1 on GA media 2026-03-16T00:00:00Z 2026-03-16T00:00:00Z
opensuse-su-2026:10375-1 coturn-4.9.0-1.1 on GA media 2026-03-15T00:00:00Z 2026-03-15T00:00:00Z
opensuse-su-2026:10374-1 python311-tornado6-6.5.5-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:10373-1 python311-simpleeval-1.0.5-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:10372-1 python311-black-26.3.1-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
opensuse-su-2026:10371-1 curl-8.19.0-1.1 on GA media 2026-03-14T00:00:00Z 2026-03-14T00:00:00Z
ID Description Published Updated
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2022:6407 Red Hat Security Advisory: Red Hat Integration Camel-K 1.8 security update 2022-09-09T07:12:07+00:00 2026-03-27T06:00:31+00:00
rhsa-2024:0193 Red Hat Security Advisory: OpenShift Container Platform 4.13.29 bug fix and security update 2024-01-17T09:48:09+00:00 2026-03-27T05:45:04+00:00
rhsa-2023:6817 Red Hat Security Advisory: OpenShift Virtualization 4.14.0 Images security and bug fix update 2023-11-08T14:03:27+00:00 2026-03-27T05:45:04+00:00
rhsa-2023:5007 Red Hat Security Advisory: OpenShift Container Platform 4.14.0 security update 2023-10-31T13:31:47+00:00 2026-03-27T05:45:02+00:00
rhsa-2023:5006 Red Hat Security Advisory: OpenShift Container Platform 4.14.0 bug fix and security update 2023-10-31T12:54:17+00:00 2026-03-27T05:45:02+00:00
rhsa-2023:4730 Red Hat Security Advisory: OpenShift Container Platform 4.13.10 security update 2023-08-30T17:55:36+00:00 2026-03-27T05:45:00+00:00
rhsa-2023:3645 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.2.7 security update 2023-06-15T20:55:50+00:00 2026-03-27T05:44:59+00:00
rhsa-2023:1656 Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update 2023-04-12T11:42:14+00:00 2026-03-27T05:44:56+00:00
rhsa-2023:1328 Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update 2023-05-18T00:20:42+00:00 2026-03-27T05:44:56+00:00
rhsa-2023:1525 Red Hat Security Advisory: OpenShift Container Platform 4.9.59 security update 2023-04-05T23:06:58+00:00 2026-03-27T05:44:55+00:00
rhsa-2023:1504 Red Hat Security Advisory: OpenShift Container Platform 4.11.34 bug fix and security update 2023-04-04T11:27:11+00:00 2026-03-27T05:44:53+00:00
rhsa-2023:1409 Red Hat Security Advisory: OpenShift Container Platform 4.12.9 security update 2023-03-27T11:59:48+00:00 2026-03-27T05:44:53+00:00
rhsa-2023:1392 Red Hat Security Advisory: OpenShift Container Platform 4.10.55 security update 2023-03-29T02:46:01+00:00 2026-03-27T05:44:53+00:00
rhsa-2023:1326 Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update 2023-05-17T22:30:51+00:00 2026-03-27T05:44:51+00:00
rhsa-2021:4918 Red Hat Security Advisory: Red Hat Integration Camel-K 1.6 release and security update 2021-12-02T16:17:17+00:00 2026-03-27T05:44:32+00:00
rhsa-2021:0871 Red Hat Security Advisory: Red Hat Integration Debezium 1.4.2 security update 2021-03-16T11:57:46+00:00 2026-03-27T05:44:30+00:00
rhsa-2021:4767 Red Hat Security Advisory: Red Hat Integration Camel Extensions for Quarkus GA security update 2021-11-23T10:34:10+00:00 2026-03-27T05:44:28+00:00
rhsa-2021:5134 Red Hat Security Advisory: Red Hat Fuse 7.10.0 release and security update 2021-12-14T21:31:33+00:00 2026-03-27T05:40:14+00:00
rhsa-2021:2476 Red Hat Security Advisory: Red Hat Decision Manager 7.11.0 security update 2021-06-17T13:15:14+00:00 2026-03-27T05:40:13+00:00
rhsa-2021:2475 Red Hat Security Advisory: Red Hat Process Automation Manager 7.11.0 security update 2021-06-17T13:14:44+00:00 2026-03-27T05:40:13+00:00
rhsa-2021:2139 Red Hat Security Advisory: Red Hat Data Grid 8.2.0 security update 2021-05-26T21:49:45+00:00 2026-03-27T05:40:12+00:00
rhsa-2021:1354 Red Hat Security Advisory: xstream security update 2021-04-26T05:52:30+00:00 2026-03-27T05:40:12+00:00
rhsa-2022:1029 Red Hat Security Advisory: Red Hat Integration Camel-K 1.6.4 release and security update 2022-03-23T08:22:19+00:00 2026-03-27T05:39:53+00:00
rhsa-2022:0856 Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes 2022-03-14T13:54:34+00:00 2026-03-27T05:33:30+00:00
rhsa-2021:3925 Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.3.3 bug fix, security, and image updates 2021-10-20T03:54:29+00:00 2026-03-27T05:33:28+00:00
rhsa-2021:3873 Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.2.9 security, bug, and container updates 2021-10-14T22:38:09+00:00 2026-03-27T05:33:26+00:00
rhsa-2021:1560 Red Hat Security Advisory: Red Hat AMQ Streams 1.6.4 release and security update 2021-05-13T15:15:57+00:00 2026-03-27T05:26:04+00:00
rhsa-2021:3700 Red Hat Security Advisory: Red Hat AMQ Broker 7.9.0 release and security update 2021-09-30T09:57:35+00:00 2026-03-27T05:26:01+00:00
rhsa-2021:3225 Red Hat Security Advisory: Red Hat AMQ Streams 1.8.0 release and security update 2021-08-19T07:17:54+00:00 2026-03-27T05:26:01+00:00
rhsa-2021:3140 Red Hat Security Advisory: Red Hat Fuse 7.9.0 release and security update 2021-08-11T18:21:58+00:00 2026-03-27T05:26:01+00:00
ID Description Published Updated
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-343-01 EcoStruxure™ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-03 EcoStruxure™ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-343-02 EcoStruxure™ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2023-192-04 CODESYS Runtime Vulnerabilities 2023-07-11T07:15:18.000Z 2025-12-09T08:00:00.000Z
sevd-2021-159-04 ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools 2021-06-08T04:36:25.000Z 2025-11-15T00:00:00.000Z
sevd-2022-284-03 ISaGRAF Workbench for SAGE RTU 2022-10-10T22:13:16.000Z 2025-11-14T06:30:00.000Z
sevd-2025-315-02 EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-01 PowerChute™ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-02 EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-287-01 EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
ID Description Published Updated
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2025-05-20T11:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
SCA-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
ID Description Published Updated
ssa-246443 SSA-246443: Multiple Vulnerabilities in SICAM 8 Products 2026-03-26T00:00:00.000Z 2026-03-26T00:00:00.000Z
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-770770 SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices 2025-02-11T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-513708 SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-485750 SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-430425 SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0 2024-10-08T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-282044 SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery 2025-08-12T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-201595 SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2025-08-14T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-126399 SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-082556 SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-027652 SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives 2025-09-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-613116 SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-355557 SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-089022 SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 2026-01-28T00:00:00Z 2026-02-24T00:00:00Z
ssa-965753 SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-864900 SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2025-05-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-783261 SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 2012-12-12T00:00:00Z 2026-02-10T00:00:00Z
ssa-674753 SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices 2026-01-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-625934 SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-599451 SSA-599451: Multiple Vulnerabilities in SiPass integrated 2025-10-14T00:00:00Z 2026-02-10T00:00:00Z
ssa-507364 SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-445819 SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-265688 SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 2024-04-09T00:00:00Z 2026-02-10T00:00:00Z
ID Description Published Updated
suse-su-2026:1041-1 Security update for the Linux Kernel 2026-03-25T14:13:20Z 2026-03-25T14:13:20Z
suse-su-2026:1039-1 Security update for the Linux Kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5) 2026-03-25T12:34:25Z 2026-03-25T12:34:25Z
suse-su-2026:1037-1 Security update for grafana 2026-03-25T10:31:04Z 2026-03-25T10:31:04Z
suse-su-2026:1030-1 Security update for salt 2026-03-25T10:17:20Z 2026-03-25T10:17:20Z
suse-su-2026:1029-1 Security update for salt 2026-03-25T10:16:49Z 2026-03-25T10:16:49Z
suse-su-2026:1028-1 Security update for salt 2026-03-25T10:16:17Z 2026-03-25T10:16:17Z
suse-su-2026:1027-1 Security update for salt 2026-03-25T10:15:43Z 2026-03-25T10:15:43Z
suse-su-2026:1026-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle 2026-03-25T10:15:30Z 2026-03-25T10:15:30Z
suse-su-2026:1014-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle 2026-03-25T10:12:32Z 2026-03-25T10:12:32Z
suse-su-2026:1013-1 Security update 5.0.7 for Multi-Linux Manager Client Tools 2026-03-25T10:11:52Z 2026-03-25T10:11:52Z
suse-su-2026:1012-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle 2026-03-25T10:10:54Z 2026-03-25T10:10:54Z
suse-su-2026:1011-1 Security update 5.0.7 for Multi-Linux Manager Client Tools 2026-03-25T10:10:31Z 2026-03-25T10:10:31Z
suse-su-2026:1010-1 Security update 5.0.7 for Multi-Linux Manager Server 2026-03-25T10:10:02Z 2026-03-25T10:10:02Z
suse-su-2026:1008-1 Security update for Prometheus 2026-03-25T10:07:27Z 2026-03-25T10:07:27Z
suse-su-2026:1002-1 Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5) 2026-03-25T09:34:30Z 2026-03-25T09:34:30Z
suse-su-2026:1005-1 Security update for giflib 2026-03-25T09:32:48Z 2026-03-25T09:32:48Z
suse-su-2026:1004-1 Security update for libsoup 2026-03-25T09:32:40Z 2026-03-25T09:32:40Z
suse-su-2026:1003-1 Security update for the Linux Kernel 2026-03-25T09:25:47Z 2026-03-25T09:25:47Z
suse-su-2026:1000-1 Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5) 2026-03-25T07:08:02Z 2026-03-25T07:08:02Z
suse-su-2026:0998-1 Security update for gstreamer-plugins-ugly 2026-03-24T14:56:39Z 2026-03-24T14:56:39Z
suse-su-2026:0997-1 Security update for the Linux Kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) 2026-03-24T14:34:37Z 2026-03-24T14:34:37Z
suse-su-2026:20822-1 Security update for systemd 2026-03-24T09:27:18Z 2026-03-24T09:27:18Z
suse-su-2026:0992-1 Security update for the Linux Kernel (Live Patch 44 for SUSE Linux Enterprise 15 SP4) 2026-03-24T09:11:21Z 2026-03-24T09:11:21Z
suse-su-2026:20821-1 Security update for python-pyasn1 2026-03-24T09:09:54Z 2026-03-24T09:09:54Z
suse-su-2026:0993-1 Security update for go1.26-openssl 2026-03-24T08:54:50Z 2026-03-24T08:54:50Z
suse-su-2026:0991-1 Security update for systemd 2026-03-24T07:23:00Z 2026-03-24T07:23:00Z
suse-su-2026:0990-1 Security update for systemd 2026-03-24T07:22:51Z 2026-03-24T07:22:51Z
suse-su-2026:20820-1 Security update for salt 2026-03-24T05:49:23Z 2026-03-24T05:49:23Z
suse-su-2026:0987-1 Security update for util-linux 2026-03-24T03:11:26Z 2026-03-24T03:11:26Z
suse-su-2026:0985-1 Security update for the Linux Kernel (Live Patch 38 for SUSE Linux Enterprise 15 SP4) 2026-03-23T23:24:41Z 2026-03-23T23:24:41Z
ID Description Published Updated
alsa-2026:5113 Important: gimp:2.8 security update 2026-03-19T00:00:00Z 2026-03-20T13:31:59Z
alsa-2026:5145 Important: yggdrasil-worker-package-manager security update 2026-03-19T00:00:00Z 2026-03-20T07:40:23Z
alsa-2026:5146 Important: yggdrasil security update 2026-03-19T00:00:00Z 2026-03-20T07:36:24Z
alsa-2026:4759 Moderate: kernel security update 2026-03-17T00:00:00Z 2026-03-20T07:32:09Z
alsa-2026:5063 Important: libarchive security update 2026-03-19T00:00:00Z 2026-03-20T07:26:23Z
alsa-2026:5080 Important: libarchive security update 2026-03-19T00:00:00Z 2026-03-20T07:21:56Z
alsa-2026:4715 Moderate: vim security update 2026-03-17T00:00:00Z 2026-03-20T07:17:19Z
alsa-2026:4898 Important: capstone security update 2026-03-18T00:00:00Z 2026-03-19T15:08:06Z
alsa-2026:4828 Moderate: mysql security update 2026-03-17T00:00:00Z 2026-03-19T15:05:35Z
alsa-2026:4717 Moderate: opencryptoki security update 2026-03-17T00:00:00Z 2026-03-19T15:03:25Z
alsa-2026:4649 Moderate: grub2 security update 2026-03-16T00:00:00Z 2026-03-19T15:01:35Z
alsa-2026:4713 Moderate: python3.12 security update 2026-03-17T00:00:00Z 2026-03-19T14:56:58Z
alsa-2026:4723 Moderate: kernel security update 2026-03-17T00:00:00Z 2026-03-19T14:50:26Z
alsa-2026:4760 Moderate: grub2 security update 2026-03-17T00:00:00Z 2026-03-19T14:40:59Z
alsa-2026:4705 Moderate: nginx security update 2026-03-17T00:00:00Z 2026-03-19T12:47:53Z
alsa-2026:4629 Important: libvpx security update 2026-03-16T00:00:00Z 2026-03-19T12:45:22Z
alsa-2026:4772 Moderate: glibc security update 2026-03-17T00:00:00Z 2026-03-19T12:43:04Z
alsa-2026:4728 Important: libpng security update 2026-03-17T00:00:00Z 2026-03-19T12:37:34Z
alsa-2026:4473 Moderate: python3.11 security update 2026-03-12T00:00:00Z 2026-03-19T12:33:18Z
alsa-2026:4648 Moderate: grub2 security update 2026-03-16T00:00:00Z 2026-03-17T10:24:06Z
alsa-2026:4672 Important: container-tools:rhel8 security update 2026-03-17T00:00:00Z 2026-03-17T10:17:22Z
alsa-2026:4445 Important: .NET 10.0 security update 2026-03-12T00:00:00Z 2026-03-16T16:52:17Z
alsa-2026:4472 Moderate: compat-openssl11 security update 2026-03-12T00:00:00Z 2026-03-16T16:49:36Z
alsa-2026:4447 Important: libvpx security update 2026-03-12T00:00:00Z 2026-03-16T16:46:00Z
alsa-2026:4456 Important: .NET 9.0 security update 2026-03-12T00:00:00Z 2026-03-16T16:41:08Z
alsa-2026:3985 Important: git-lfs security update 2026-03-09T00:00:00Z 2026-03-13T12:38:07Z
alsa-2026:4306 Important: mingw-libpng security update 2026-03-11T00:00:00Z 2026-03-13T12:35:26Z
alsa-2026:4012 Moderate: kernel security update 2026-03-09T00:00:00Z 2026-03-13T09:42:02Z
alsa-2026:4450 Important: .NET 9.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:36:54Z
alsa-2026:4451 Important: .NET 8.0 security update 2026-03-12T00:00:00Z 2026-03-13T09:34:29Z
ID Description Published Updated
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0003 code injection in xmonad-contrib 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0002 Improper Verification of Cryptographic Signature 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0001 Hash flooding vulnerability in aeson 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
ID Description Published Updated
osv-2023-390 Heap-buffer-overflow in sdhci_write 2023-05-12T14:00:08.854823Z 2026-03-25T14:36:40.217425Z
osv-2022-581 Heap-buffer-overflow in megasas_map_sgl 2022-07-14T00:00:45.644503Z 2026-03-25T14:34:54.340377Z
osv-2021-820 UNKNOWN READ in virtio_gpu_disable_scanout 2021-06-02T00:00:31.619765Z 2026-03-25T14:31:38.431905Z
osv-2023-307 Heap-buffer-overflow in bit_read_BB 2023-04-13T14:02:09.774988Z 2026-03-25T14:17:33.376407Z
osv-2022-714 Heap-buffer-overflow in dynapi_set_helper 2022-08-15T00:00:47.794062Z 2026-03-25T14:17:05.251827Z
osv-2022-653 Heap-double-free in dwg_free_common_entity_data 2022-07-30T00:01:52.491112Z 2026-03-25T14:16:46.423937Z
osv-2022-834 Heap-use-after-free in mk_event_timeout_destroy 2022-09-04T00:00:31.605787Z 2026-03-25T14:14:57.538276Z
osv-2022-400 Heap-double-free in dwg_free_XRECORD_private 2022-05-08T00:00:40.782520Z 2026-03-25T14:14:32.184438Z
osv-2022-388 Segv on unknown address in dwg_ref_get_object 2022-05-01T00:01:54.904711Z 2026-03-25T14:14:19.812118Z
osv-2022-379 Segv on unknown address in bit_write_TV 2022-04-27T00:00:44.539231Z 2026-03-25T14:14:17.013211Z
osv-2022-372 Heap-buffer-overflow in dwg_encode_VERTEX_2D 2022-04-26T00:00:09.352798Z 2026-03-25T14:14:11.816518Z
osv-2022-1259 Heap-buffer-overflow in dwg_decode_INSERT_private 2022-12-13T13:00:46.870838Z 2026-03-25T14:13:34.337642Z
osv-2022-1198 Heap-buffer-overflow in dwg_json_LTYPE 2022-11-23T13:02:06.623044Z 2026-03-25T14:13:24.908407Z
osv-2021-1343 Heap-buffer-overflow in get_next_owned_entity 2021-09-21T00:01:33.177403Z 2026-03-25T14:12:09.042316Z
osv-2021-1086 Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 2021-08-02T00:00:31.888461Z 2026-03-25T14:12:05.342253Z
osv-2022-1277 Heap-use-after-free in mk_event_timeout_destroy 2023-06-26T14:01:01.876870Z 2026-03-25T14:11:32.468786Z
osv-2022-1176 Heap-double-free in dwg_free 2022-11-18T13:00:26.857477Z 2026-03-25T14:07:21.507920Z
osv-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit 2026-03-25T00:20:51.448743Z 2026-03-25T00:20:51.449185Z
osv-2023-216 Heap-buffer-overflow in H5G__node_cmp3 2023-03-23T13:00:48.081705Z 2026-03-24T16:17:49.377032Z
osv-2023-76 Heap-buffer-overflow in H5SM_delete 2023-02-18T13:00:50.471845Z 2026-03-24T15:56:21.323480Z
osv-2023-359 Heap-buffer-overflow in H5MM_memcpy 2023-05-01T14:02:33.841821Z 2026-03-24T15:52:15.056909Z
osv-2023-392 Negative-size-param in H5MM_memcpy 2023-05-13T14:00:26.093088Z 2026-03-24T15:13:27.688997Z
osv-2023-370 Heap-buffer-overflow in H5FS__sect_link 2023-05-06T14:01:04.165113Z 2026-03-24T15:11:55.539963Z
osv-2024-387 Heap-buffer-overflow in H5F_addr_encode 2024-04-30T00:13:39.184262Z 2026-03-24T15:11:37.246096Z
osv-2023-381 UNKNOWN READ in H5FL__blk_gc_list 2023-05-08T14:02:04.934252Z 2026-03-24T15:11:28.111319Z
osv-2023-133 Heap-buffer-overflow in H5L__extern_traverse 2023-03-02T13:02:08.499899Z 2026-03-24T15:07:47.335644Z
osv-2023-89 Heap-buffer-overflow in H5O__mtime_new_encode 2023-02-21T13:00:30.347876Z 2026-03-24T14:48:44.199364Z
osv-2023-430 Heap-buffer-overflow in H5MM_xstrdup 2023-05-26T14:00:26.078002Z 2026-03-24T14:48:04.919113Z
osv-2024-719 Heap-buffer-overflow in hevc_ref_pic_lists_modification 2024-08-07T00:05:22.699506Z 2026-03-23T14:31:33.332438Z
osv-2024-695 Stack-buffer-overflow in gf_vvc_parse_nalu_bs 2024-07-31T00:02:35.217594Z 2026-03-23T14:31:09.829004Z
ID Description Published Updated
rustsec-2025-0155 `rands` was removed from crates.io for malicious code 2025-02-10T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0124 `bit-flags` was removed from crates.io for malicious code 2023-12-22T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0123 `hann-rs-service` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0122 `winx-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0121 `libusb1-main` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0120 `windows-service-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0119 `openvpn-plugin-rs` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0118 `win_run_rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0117 `tauri-winrt-notifications` was removed from crates.io for malicious code 2023-11-20T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0116 `registry-win` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0115 `acceptxmr-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0114 `tiny-server` was removed from crates.io for malicious code 2023-11-06T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0113 `win-base64-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0112 `monero-rpc-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0111 `monero-api` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0110 `postgresderive` was removed from crates.io for malicious code 2023-08-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0109 `win-crypto` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0108 `tauri-win-rt-notification` was removed from crates.io for malicious code 2023-11-20T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0107 `lasso-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0106 `lfest-main` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0105 `windowsservice` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0104 `littest` was removed from crates.io for malicious code 2023-11-06T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2025-0154 `replit_ruspty` was removed from crates.io for malicious code 2025-11-04T12:00:00Z 2026-03-25T08:37:19Z
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0077 Incorrect Check of Signer Response Norm During Verification 2026-03-04T12:00:00Z 2026-03-24T08:21:09Z
rustsec-2026-0076 Panic in Signature Hint Decoding During Verification 2026-03-04T12:00:00Z 2026-03-24T08:21:09Z
rustsec-2026-0075 All-Zero Key Generation on Catastrophic RNG Failure 2026-03-04T12:00:00Z 2026-03-24T08:21:09Z
rustsec-2026-0074 Incorrect Output of Incremental Portable SHAKE API 2026-03-04T12:00:00Z 2026-03-24T08:21:09Z
rustsec-2026-0073 Panic in Standalone MAC Operations 2026-03-04T12:00:00Z 2026-03-24T08:21:09Z
rustsec-2026-0072 Missing Check for All-Zero X25519 Shared Secret 2026-02-04T12:00:00Z 2026-03-24T08:16:07Z
ID Description Published Updated
bit-discourse-2023-28112 Discourse's SSRF protection missing for some FastImage requests 2024-03-06T10:58:19.088Z 2026-03-25T18:30:22.404Z
bit-discourse-2023-38706 Discourse vulnerable to DoS via drafts 2024-03-06T10:54:51.089Z 2026-03-25T17:48:21.059Z
bit-python-2026-4519 webbrowser.open() allows leading dashes in URLs 2026-03-25T08:52:23.976Z 2026-03-25T09:15:17.567Z
bit-mariadb-2026-32710 Heap-based Buffer Overflow in MariaDB 2026-03-25T08:46:04.911Z 2026-03-25T09:15:17.567Z
bit-libpython-2026-4519 webbrowser.open() allows leading dashes in URLs 2026-03-25T08:44:11.251Z 2026-03-25T09:15:17.567Z
bit-discourse-2025-64528 Users are able to find users by name even when `enable_names` is off 2026-01-08T11:40:33.666Z 2026-03-25T09:15:17.567Z
bit-discourse-2024-56197 Users can see other user's tagged PMs in Discourse 2025-02-20T10:31:38.504Z 2026-03-25T09:15:17.567Z
bit-ceph-2024-48916 Ceph is vulnerable to authentication bypass through RadosGW 2026-03-20T09:05:50.770Z 2026-03-24T15:24:05.672Z
bit-ceph-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy 2026-03-20T09:05:48.271Z 2026-03-24T15:24:05.672Z
bit-tomcat-2023-28709 Apache Tomcat: Fix for CVE-2023-24998 is incomplete 2026-03-24T10:21:40.054Z 2026-03-24T10:46:38.869Z
bit-tomcat-2023-28708 Apache Tomcat: JSESSIONID Cookie missing secure attribute in some configurations 2026-03-24T10:21:38.576Z 2026-03-24T10:46:38.869Z
bit-mlflow-2025-15031 Path Traversal Vulnerability in mlflow/mlflow 2026-03-24T08:47:14.572Z 2026-03-24T09:15:40.398Z
bit-valkey-2025-49844 Redis Lua Use-After-Free may lead to remote code execution 2025-10-16T09:19:55.260Z 2026-03-21T09:12:01.983Z
bit-redis-2025-49844 Redis Lua Use-After-Free may lead to remote code execution 2025-10-16T09:18:53.323Z 2026-03-21T09:12:01.983Z
bit-keydb-2025-49844 Redis Lua Use-After-Free may lead to remote code execution 2025-10-16T09:12:52.562Z 2026-03-21T09:12:01.983Z
bit-tomcat-2026-24734 Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass 2026-02-20T09:53:00.269Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled 2025-11-06T13:00:31.694Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-49125 Apache Tomcat: Security constraint bypass for pre/post-resources 2025-07-10T10:47:18.953Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-24813 Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT 2025-07-10T10:46:47.051Z 2026-03-20T13:43:29.174Z
bit-tomcat-2025-53506 Apache Tomcat: DoS via excessive h2 streams at connection start 2025-07-16T08:19:04.361Z 2026-03-20T12:05:40.000Z
bit-tomcat-2025-49124 Apache Tomcat: exe side-loading via icalcs.exe in Tomcat installer for Windows 2025-06-20T06:04:24.795Z 2026-03-20T12:05:40.000Z
bit-tomcat-2025-31651 Apache Tomcat: Bypass of rules in Rewrite Valve 2025-07-10T10:46:54.240Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-56337 Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete 2025-07-10T10:46:39.151Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-52317 Apache Tomcat: Request/response mix-up with HTTP/2 2024-11-20T07:20:06.896Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-52316 Apache Tomcat: Authentication bypass when using Jakarta Authentication API 2025-07-10T10:46:05.150Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-38286 Apache Tomcat: Denial of Service 2024-11-09T07:20:25.873Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-34750 Apache Tomcat: HTTP/2 excess header handling DoS 2025-07-29T14:30:29.115Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-24549 Apache Tomcat: HTTP/2 header handling DoS 2025-07-17T08:09:49.355Z 2026-03-20T12:05:40.000Z
bit-tomcat-2024-21733 Apache Tomcat: Leaking of unrelated request bodies in default error page 2024-03-06T11:07:26.980Z 2026-03-20T12:05:40.000Z
bit-tomcat-2023-46589 Apache Tomcat: HTTP request smuggling via malformed trailer headers 2024-03-06T11:07:35.204Z 2026-03-20T12:05:40.000Z
ID Description Published Updated
cleanstart-2026-zv38826 Within HostnameError 2026-03-10T01:00:05.764793Z 2026-03-09T13:15:34Z
cleanstart-2026-xh31600 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:58:05.974960Z 2026-03-09T13:15:34Z
cleanstart-2026-ra63757 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:56:05.142237Z 2026-03-09T13:15:34Z
cleanstart-2026-qk48981 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:00:35.988532Z 2026-03-09T13:15:34Z
cleanstart-2026-oh74241 Security fixes for GHSA-mqqf-5wvp-8fh8 applied in versions: 0.122-r0 2026-03-10T00:58:07.551022Z 2026-03-09T13:15:34Z
cleanstart-2026-od98869 Within HostnameError 2026-03-10T00:59:05.580952Z 2026-03-09T13:15:34Z
cleanstart-2026-mo83449 Within HostnameError 2026-03-10T00:59:35.550450Z 2026-03-09T13:15:34Z
cleanstart-2026-jz91219 Within HostnameError 2026-03-10T00:59:35.590693Z 2026-03-09T13:15:34Z
cleanstart-2026-ir62391 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:48:33.059735Z 2026-03-09T13:15:34Z
cleanstart-2026-gj95666 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:04:41.222114Z 2026-03-09T13:15:34Z
cleanstart-2026-dt66006 Within HostnameError 2026-03-10T00:58:35.493841Z 2026-03-09T13:15:34Z
cleanstart-2026-av02020 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:58:05.928030Z 2026-03-09T13:15:34Z
cleanstart-2026-af35851 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:02:37.708854Z 2026-03-09T13:15:34Z
cleanstart-2026-ab04032 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-10T00:58:35.570783Z 2026-03-09T13:15:34Z
cleanstart-2026-qy24299 @octokit/endpoint turns REST API endpoints into generic request options 2026-03-07T00:39:47.646997Z 2026-03-06T13:08:41Z
cleanstart-2026-pp62083 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-07T00:39:46.558367Z 2026-03-06T13:08:41Z
cleanstart-2026-gi57625 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-07T00:39:46.578400Z 2026-03-06T13:08:41Z
cleanstart-2026-yp32652 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:42:01.150900Z 2026-03-03T12:59:01Z
cleanstart-2026-xj84245 Rack is a modular Ruby web server interface 2026-03-04T00:43:02.364521Z 2026-03-03T12:59:01Z
cleanstart-2026-wy43835 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access 2026-03-04T00:41:31.079681Z 2026-03-03T12:59:01Z
cleanstart-2026-vc01496 Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 0.8.4-r0 2026-03-04T00:39:30.734261Z 2026-03-03T12:59:01Z
cleanstart-2026-sm37781 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic 2026-03-04T00:45:05.719125Z 2026-03-03T12:59:01Z
cleanstart-2026-na21773 GNU patch through 2 2026-03-04T00:42:01.122309Z 2026-03-03T12:59:01Z
cleanstart-2026-ew93264 Security fixes for GHSA-4cx2-fc23-5wg6, GHSA-6xw4-3v39-52mm, GHSA-72qj-48g4-5xgx, GHSA-mr3q-g2mv-mr4q, GHSA-p543-xpfm-54cp, GHSA-vc5p-v9hr-52mj, GHSA-vqg5-3255-v292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2 2026-03-04T00:39:32.590174Z 2026-03-03T12:59:01Z
cleanstart-2026-cq83284 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:43:01.818359Z 2026-03-03T12:59:01Z
cleanstart-2026-bz70876 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:42:00.996564Z 2026-03-03T12:59:01Z
cleanstart-2026-ay29369 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:43:31.868035Z 2026-03-03T12:59:01Z
cleanstart-2026-mw73882 filippo 2026-03-03T00:39:03.237072Z 2026-03-02T17:13:50Z
cleanstart-2026-by85815 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-03T00:39:03.275022Z 2026-03-02T17:13:50Z
cleanstart-2026-zn32454 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers 2026-02-27T00:50:08.716833Z 2026-02-26T12:09:56Z
ID Description Published Updated
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-11T16:35:02.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-11T16:33:14.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ts-2026-001 TS-2026-001 2026-01-15T00:00
ts-2025-008 TS-2025-008 2025-11-19T00:00
ts-2025-007 TS-2025-007 2025-11-07T00:00
ts-2025-006 TS-2025-006 2025-10-28T00:00
ts-2025-005 TS-2025-005 2025-08-07T00:00
ts-2025-004 TS-2025-004 2025-05-27T00:00
ts-2025-003 TS-2025-003 2025-05-21T00:00
ts-2025-002 TS-2025-002 2025-05-15T00:00
ts-2025-001 TS-2025-001 2025-03-07T00:00
ts-2024-013 TS-2024-013 2024-12-04T00:00
ts-2024-012 TS-2024-012 2024-10-02T00:00
ts-2024-011 TS-2024-011 2024-07-22T00:00
ts-2024-010 TS-2024-010 2024-07-19T00:00
ts-2024-009 TS-2024-009 2024-06-27T00:00
ts-2024-008 TS-2024-008 2024-06-14T00:00
ts-2024-007 TS-2024-007 2024-06-12T00:00
ts-2024-006 TS-2024-006 2024-05-22T00:00
ts-2024-005 TS-2024-005 2024-05-08T00:00
ts-2024-004 TS-2024-004 2024-05-06T00:00
ts-2024-003 TS-2024-003 2024-04-23T00:00
ts-2024-002 TS-2024-002 2024-01-30T00:00
ts-2024-001 TS-2024-001 2024-01-08T00:00
ts-2023-009 TS-2023-009 2023-12-22T00:00
ts-2023-008 TS-2023-008 2023-11-01T00:00
ts-2023-007 TS-2023-007 2023-10-26T00:00
ts-2023-006 TS-2023-006 2023-08-22T00:00
ts-2023-005 TS-2023-005 2023-04-28T00:00
ts-2023-004 TS-2023-004 2023-04-04T00:00
ts-2023-003 TS-2023-003 2023-03-22T00:00
ts-2023-002 TS-2023-002 2023-01-24T00:00
ID Description Published Updated
certfr-2026-ale-002 [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-ale-003 Note d’alerte – Ciblage des messageries instantanées 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2025-ale-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2026-ale-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2025-ale-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
certfr-2025-ale-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0362 Multiples vulnérabilités dans les produits Microsoft 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0361 Multiples vulnérabilités dans Cisco IOS et IOS XE 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0360 Multiples vulnérabilités dans ISC BIND 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0359 Multiples vulnérabilités dans Grafana 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0201 Multiples vulnérabilités dans Mattermost Server 2026-02-24T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0358 Vulnérabilité dans Citrix XenServer 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0357 Multiples vulnérabilités dans GitLab 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0356 Vulnérabilité dans ISC Kea 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0355 Multiples vulnérabilités dans les produits Apple 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0354 Multiples vulnérabilités dans les produits Mozilla 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0353 Multiples vulnérabilités dans Zabbix 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0352 Multiples vulnérabilités dans les produits F5 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0351 Vulnérabilité dans Tenable OT Platform 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0350 Multiples vulnérabilités dans Squid 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0349 Multiples vulnérabilités dans Ruby on Rails 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0348 Vulnérabilité dans Trend Micro Deep Discovery Inspector 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0347 Vulnérabilité dans Xen 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0346 Vulnérabilité dans VMware Tanzu pour Postgres 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0345 Vulnérabilité dans LibreNMS 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0344 Vulnérabilité dans strongSwan 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0343 Vulnérabilité dans Spring Cloud Config 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0342 Multiples vulnérabilités dans Google Chrome 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0341 Multiples vulnérabilités dans les produits Microsoft 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0340 Multiples vulnérabilités dans Microsoft Edge 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0339 Multiples vulnérabilités dans les produits VMware 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0338 Vulnérabilité dans les produits Synology 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0337 Multiples vulnérabilités dans les produits Citrix 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0336 Multiples vulnérabilités dans les produits Qnap 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0335 Vulnérabilité dans CPython 2026-03-23T00:00:00.000000 2026-03-23T00:00:00.000000
certfr-2026-avi-0334 Vulnérabilité dans les produits Microsoft 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
ID Description Published Updated
jvndb-2026-000044 Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000042 Digital Photo Frame GH-WDF10A vulnerable to improper access restriction 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000043 SHARP routers missing authentication for some web APIs 2026-03-25T18:41+09:00 2026-03-25T18:41+09:00
jvndb-2026-000040 Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries 2026-03-25T18:13+09:00 2026-03-25T18:13+09:00
jvndb-2026-000041 SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths 2026-03-25T17:58+09:00 2026-03-25T17:58+09:00
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-03-23T14:54+09:00
jvndb-2026-007524 Vulnerability in Hitachi Command Suite 2026-03-17T16:42+09:00 2026-03-17T16:42+09:00
jvndb-2026-000038 Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries 2026-03-17T14:57+09:00 2026-03-17T14:57+09:00
jvndb-2026-000039 Missing authorization in the OpenAI thread/message API endpoints of GROWI 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-000037 OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-006887 Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 2026-03-12T17:22+09:00 2026-03-12T17:22+09:00
jvndb-2026-000036 Improper file access permission settings in multiple Digital Arts products 2026-03-09T14:57+09:00 2026-03-09T16:23+09:00
jvndb-2026-000035 Installer for Qsee Client may insecurely load Dynamic Link Libraries 2026-03-09T14:57+09:00 2026-03-09T14:57+09:00
jvndb-2026-006102 Security issues in ESC/POS 2026-03-06T10:31+09:00 2026-03-06T10:31+09:00
jvndb-2026-000034 django-allauth vulnerable to open redirect 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000033 EC-CUBE vulnerable to multi-factor authentication bypass 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000032 Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) 2026-03-04T12:20+09:00 2026-03-04T12:20+09:00
jvndb-2026-005746 Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005744 Canon IJ Scan Utility registers Windows services with unquoted file paths 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-000030 IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization 2026-02-27T15:41+09:00 2026-03-03T10:06+09:00
jvndb-2026-005259 Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) 2026-03-02T11:46+09:00 2026-03-02T11:46+09:00
jvndb-2026-000031 Improper file access permission settings in the installers for multiple Soliton Systems products 2026-02-27T15:41+09:00 2026-02-27T15:41+09:00
jvndb-2026-000029 Multiple vulnerabilities in the installer of FinalCode Client 2026-02-26T14:24+09:00 2026-02-26T14:24+09:00
jvndb-2026-004811 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-004810 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-000026 Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal 2026-02-25T15:14+09:00 2026-02-25T15:14+09:00
jvndb-2026-004359 Security information for Hitachi Disk Array Systems 2026-02-20T18:35+09:00 2026-02-20T18:35+09:00
jvndb-2026-000027 WordPress Plugin "Survey Maker" vulnerable to cross-site scripting 2026-02-20T12:32+09:00 2026-02-20T12:32+09:00
jvndb-2026-000028 Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries 2026-02-20T12:31+09:00 2026-02-20T12:31+09:00
jvndb-2026-003912 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
ID Description Published Updated
cnvd-2026-11369 厦门熵基科技有限公司人证魔方身份认证管理系统存在SQL注入漏洞 2026-02-05 2026-03-22
cnvd-2026-11389 用友网络科技股份有限公司U8 Cloud存在SQL注入漏洞(CNVD-C-2026-72551) 2026-02-04 2026-03-21
cnvd-2026-14410 Microsoft Exchange Server欺骗漏洞(CNVD-2026-14410) 2025-12-12 2026-03-20
cnvd-2026-14409 UTT 520W goform/formIpGroupConfig文件缓冲区溢出漏洞 2026-02-11 2026-03-20
cnvd-2026-14408 Microsoft Excel代码执行漏洞(CNVD-2026-14408) 2026-03-17 2026-03-20
cnvd-2026-14407 TeamViewer DEX Client权限提升漏洞 2025-12-18 2026-03-20
cnvd-2026-14406 MailEnable不安全DLL加载漏洞(CNVD-2026-14406) 2025-12-18 2026-03-20
cnvd-2026-14405 MailEnableMailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14405) 2025-12-18 2026-03-20
cnvd-2026-14404 MailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14404) 2025-12-18 2026-03-20
cnvd-2026-14403 MailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14403) 2025-12-18 2026-03-20
cnvd-2026-14402 MailEnable不安全DLL加载漏洞(CNVD-2026-14402) 2025-12-18 2026-03-20
cnvd-2026-14401 MailEnable不安全DLL加载漏洞(CNVD-2026-14401) 2025-12-18 2026-03-20
cnvd-2026-14400 MailEnable不安全DLL加载漏洞(CNVD-2026-14400) 2025-12-18 2026-03-20
cnvd-2026-14399 MailEnable不安全DLL加载漏洞(CNVD-2026-14399) 2025-12-18 2026-03-20
cnvd-2026-14398 MailEnable不安全DLL加载漏洞 2025-12-18 2026-03-20
cnvd-2026-14397 OpenClaw安全绕过漏洞 2026-03-12 2026-03-20
cnvd-2026-14396 OpenClaw文件包含漏洞 2026-03-12 2026-03-20
cnvd-2026-14395 OpenClaw访问控制错误漏洞(CNVD-2026-14395) 2026-03-12 2026-03-20
cnvd-2026-14394 OpenClaw目录遍历漏洞(CNVD-2026-14394) 2026-03-17 2026-03-20
cnvd-2026-14393 OpenClaw远程代码执行漏洞(CNVD-2026-14393) 2026-03-17 2026-03-20
cnvd-2026-14392 OpenClaw目录遍历漏洞(CNVD-2026-14392) 2026-03-17 2026-03-20
cnvd-2026-14391 OpenClaw代码注入漏洞(CNVD-2026-14391) 2026-03-17 2026-03-20
cnvd-2026-14390 OpenClaw访问控制错误漏洞(CNVD-2026-14390) 2026-03-19 2026-03-20
cnvd-2026-14389 OpenClaw信息泄露漏洞(CNVD-2026-14389) 2026-03-19 2026-03-20
cnvd-2026-14388 OpenClaw目录遍历漏洞 2026-03-17 2026-03-20
cnvd-2026-14387 WordPress插件Calculated Fields Form跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14386 WordPress插件Avada Core跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14385 WordPress插件Astra Bulk Edit跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14384 WordPress插件Active Products Tables for WooCommerce跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14383 WordPress插件Aardvark跨站脚本漏洞 2026-03-02 2026-03-20
ID Description Published Updated
bdu:2026-01844 Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… 16.02.2026 16.02.2026
bdu:2026-01843 Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… 16.02.2026 16.02.2026
bdu:2026-01842 Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … 16.02.2026 16.02.2026
bdu:2026-01841 Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… 16.02.2026 16.02.2026
bdu:2026-01840 Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… 16.02.2026 16.02.2026
bdu:2026-01839 Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… 16.02.2026 16.02.2026
bdu:2026-01838 Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… 16.02.2026 16.02.2026
bdu:2026-01837 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01836 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01835 Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… 16.02.2026 16.02.2026
bdu:2026-01834 Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… 16.02.2026 16.02.2026
bdu:2026-01833 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01832 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01831 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01830 Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… 16.02.2026 16.02.2026
bdu:2026-01829 Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… 16.02.2026 16.02.2026
bdu:2026-01828 Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… 16.02.2026 16.02.2026
bdu:2026-01827 Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… 16.02.2026 16.02.2026
bdu:2026-01826 Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… 16.02.2026 16.02.2026
bdu:2026-01825 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01824 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01823 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01822 Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… 16.02.2026 16.02.2026
bdu:2026-01821 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01820 Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … 16.02.2026 16.02.2026
bdu:2026-01819 Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… 16.02.2026 16.02.2026
bdu:2026-01818 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01817 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01816 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01815 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications … 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monter… 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includ… 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2018-003 PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities 2018-03-23T09:43:00.000Z 2025-10-01T08:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2019-015 PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers 2019-08-07T00:00:00.000Z 2025-07-11T07:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2020-002 PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks 2020-02-25T09:07:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-051 PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family 2022-11-15T09:27:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
ID Description Published Updated
advisory2026-03_vde-2026-018 CODESYS Control V3 - Externally-controlled format string in Auditlog 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-02_vde-2026-011 CODESYS Control V3 - Untrusted boot application 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
ID Description Published Updated
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI – devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
ID Description Published Updated
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
ID Description Published Updated
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2018-013 WAGO: 750-8xx Controller Denial of Service 2018-08-17T09:45:00.000Z 2025-09-22T10:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-011 WAGO: Multiple Vulnerabilities in I/O-Check Service 2020-03-09T09:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-009 WAGO: e!Cockpit Two Update Package Vulnerabilities 2020-03-09T09:18:00.000Z 2025-05-22T13:03:10.000Z
vde-2018-010 WAGO: Multiple vulnerabilities in e!DISPLAY products 2018-07-10T09:50:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-036 WAGO: Multiple Vulnerabilities in I/O-Check Service 2021-06-29T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-044 WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX 2021-08-31T07:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-042 WAGO: PLC families 750-88x and 750-352 prone to DoS attack, versions < FW10 (Update A) 2020-10-27T10:28:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-024 Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2025-12-05T11:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0021
10 (4.0)
Critical RCE Vulnerability reported in Windchill windchill
 FlexPLM
 2026-03-23T12:30:40.249187Z 2026-03-23T12:30:40.249187Z
GCVE-1-2026-0020
10 (4.0)
Remote Code Execution Attack Against Eircom D1000 Router Eir
 D1000
 2026-03-11T14:12:00.000Z 2026-03-11T14:23:24.609831Z
GCVE-1-2026-0019
6.4 (4.0)
Improper URL validation in MISP dashboard button widge… misp
 misp
 2026-02-27T14:55:00.000Z 2026-02-27T15:44:29.998063Z
GCVE-1-2026-0018
6.5 (4.0)
Improper access control in MISP user contact form allo… misp
 misp
 2026-02-27T13:25:32.632362Z 2026-02-27T13:25:32.632362Z
GCVE-1-2026-0017
7.2 (4.0)
Improper Neutralization of Raw HTML in MISP modules Ma… misp
 misp-modules
 2026-02-27T13:10:24.641948Z 2026-02-27T13:10:24.641948Z
GCVE-1-2026-0016
7 (4.0)
Server-Side Request Forgery via Event Report Import Fr… misp
 misp
 2026-02-27T10:56:32.745676Z 2026-02-27T10:56:32.745676Z
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDA… fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifi… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Rese… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enum… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet … EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer ha… EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer ne… EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authentication… gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encry… cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model A… cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlle… cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URL… misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)… typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identif… misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was id… misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Du… misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped … misp
 misp
 2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036
8.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability w… misp
 misp
 2025-12-10T13:46:07.170083Z 2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035
8.3 (4.0)
Insufficient sanitization of bundle metadata (availabl… CIRCL
 vulnerability-lookup
 2025-12-08T10:25:00.000Z 2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034
7 (4.0)
Missing CSRF protection on state-changing endpoints in… CIRCL
 vulnerability-lookup
 2025-12-08T10:19:00.000Z 2025-12-08T12:13:24.197294Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectin… Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z