Recent vulnerabilities

ID CVSS Description Vendor Product Published Updated
CVE-2026-4182
9.3 (4.0)
9.8 (3.1)
9.8 (3.0)
D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack… D-Link
 DIR-816
 2026-03-15T16:02:15.731Z 2026-03-15T16:02:15.731Z
CVE-2026-4181
9.3 (4.0)
9.8 (3.1)
9.8 (3.0)
D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-ba… D-Link
 DIR-816
 2026-03-15T16:02:10.609Z 2026-03-15T16:02:10.609Z
CVE-2026-28522
7.1 (4.0)
6.5 (3.1)
arduino-TuyaOpen WiFiUDP Null Pointer Dereference Deni… Tuya
 arduino-TuyaOpen
 2026-03-15T13:36:52.798Z 2026-03-15T13:36:52.798Z
CVE-2026-28519
8.7 (4.0)
8.8 (3.1)
arduino-TuyaOpen DnsServer Heap-Based Buffer Overflow … Tuya
 arduino-TuyaOpen
 2026-03-15T13:36:47.991Z 2026-03-15T13:36:47.991Z
CVE-2026-28521
7 (4.0)
7.7 (3.1)
arduino-TuyaOpen TuyaIoT Out-of-Bounds Memory Read Inf… Tuya
 arduino-TuyaOpen
 2026-03-15T13:35:46.217Z 2026-03-15T13:35:46.217Z
CVE-2026-28520
8.6 (4.0)
8.4 (3.1)
arduino-TuyaOpen WiFiMulti Single-Byte Buffer Overflow… Tuya
 arduino-TuyaOpen
 2026-03-15T13:35:42.482Z 2026-03-15T13:35:42.482Z
CVE-2016-20032
5.1 (4.0)
7.2 (3.1)
ZKTeco ZKAccess Security System 5.3.1 Stored XSS ZKTeco Inc.
 ZKTeco ZKAccess Security System
 2026-03-15T13:35:36.942Z 2026-03-15T13:35:36.942Z
CVE-2016-20031
6.8 (4.0)
5.5 (3.1)
ZKTeco ZKBioSecurity 3.0 Local Authorization Bypass vi… ZKTeco Inc.
 ZKTeco ZKBioSecurity
 2026-03-15T13:35:35.350Z 2026-03-15T13:35:35.350Z
CVE-2016-20030
9.3 (4.0)
9.8 (3.1)
ZKTeco ZKBioSecurity 3.0 User Enumeration via authLogi… ZKTeco Inc.
 ZKTeco ZKBioSecurity
 2026-03-15T13:35:32.348Z 2026-03-15T13:35:32.348Z
CVE-2016-20029
6.9 (4.0)
6.2 (3.1)
ZKTeco ZKBioSecurity 3.0 File Path Manipulation Vulner… ZKTeco Inc.
 ZKTeco ZKBioSecurity
 2026-03-15T13:35:26.328Z 2026-03-15T13:35:26.328Z
CVE-2016-20028
5.3 (4.0)
4.3 (3.1)
ZKTeco ZKBioSecurity 3.0 Cross-Site Request Forgery Su… ZKTeco Inc.
 ZKTeco ZKBioSecurity
 2026-03-15T13:35:23.779Z 2026-03-15T13:35:23.779Z
CVE-2016-20027
5.1 (4.0)
6.1 (3.1)
ZKTeco ZKBioSecurity 3.0 Multiple Reflected XSS Vulner… ZKTeco Inc.
 ZKTeco ZKBioSecurity
 2026-03-15T13:35:21.111Z 2026-03-15T13:35:21.111Z
CVE-2016-20026
9.3 (4.0)
9.8 (3.1)
ZKTeco ZKBioSecurity 3.0 Hardcoded Credentials Remote … ZKTeco Inc.
 ZKTeco ZKBioSecurity
 2026-03-15T13:35:16.754Z 2026-03-15T13:35:16.754Z
CVE-2016-20025
8.7 (4.0)
8.8 (3.1)
ZKTeco ZKAccess Professional 3.5.3 Privilege Escalatio… ZKTeco Inc.
 ZKTeco ZKAccess Professional
 2026-03-15T13:35:13.072Z 2026-03-15T13:35:13.072Z
CVE-2016-20024
9.3 (4.0)
9.8 (3.1)
ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Pr… ZKTeco Inc.
 ZKTeco ZKTime.Net
 2026-03-15T13:35:11.360Z 2026-03-15T13:35:11.360Z
CVE-2026-4180
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
D-Link DIR-816 goahead redirect.asp access control D-Link
 DIR-816
 2026-03-15T13:32:10.207Z 2026-03-15T13:32:10.207Z
CVE-2026-4175
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
Aureus ERP Chatter Message content-text-entry.blade.ph… Aureus
 ERP
 2026-03-15T10:32:14.092Z 2026-03-15T10:32:14.092Z
CVE-2026-4174
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
Radare2 Mach-O File mach0.c walk_exports_trie resource… n/a
 Radare2
 2026-03-15T10:32:10.553Z 2026-03-15T10:32:10.553Z
CVE-2025-14287
7.5 (3.0)
Command Injection in mlflow/mlflow mlflow
 mlflow/mlflow
 2026-03-15T09:27:36.706Z 2026-03-15T09:27:36.706Z
CVE-2026-4173
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
CodePhiliaX Chat2DB Database Export DMDBManage.java up… CodePhiliaX
 Chat2DB
 2026-03-15T09:02:08.163Z 2026-03-15T09:02:08.163Z
CVE-2026-4172
8.6 (4.0)
7.2 (3.1)
7.2 (3.0)
TRENDnet TEW-632BRP HTTP POST Request ping_response.cg… TRENDnet
 TEW-632BRP
 2026-03-15T08:32:08.113Z 2026-03-15T08:32:08.113Z
CVE-2026-4171
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
CodeGenieApp serverless-express API Endpoint TodoList.… CodeGenieApp
 serverless-express
 2026-03-15T08:02:07.894Z 2026-03-15T08:02:07.894Z
CVE-2026-4170
9.3 (4.0)
9.8 (3.1)
9.8 (3.0)
Topsec TopACM HTTP Request nmc_sync.php os command injection Topsec
 TopACM
 2026-03-15T07:02:43.789Z 2026-03-15T07:02:43.789Z
CVE-2026-4169
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
Tecnick TCExam XML Export tce_xml_users.php F_xml_expo… Tecnick
 TCExam
 2026-03-15T06:02:09.933Z 2026-03-15T06:02:09.933Z
CVE-2026-4168
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
Tecnick TCExam Group tce_edit_group.php cross site scripting Tecnick
 TCExam
 2026-03-15T06:02:07.600Z 2026-03-15T06:02:07.600Z
CVE-2026-4167
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Belkin F9K1122 formReboot stack-based overflow Belkin
 F9K1122
 2026-03-15T05:32:10.557Z 2026-03-15T05:32:10.557Z
CVE-2026-4166
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
Wavlink WL-NU516U1 login.cgi sub_404F68 cross site scripting Wavlink
 WL-NU516U1
 2026-03-15T05:32:08.404Z 2026-03-15T05:32:08.404Z
CVE-2026-4165
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
Worksuite HR, CRM and Project Management create cross … Worksuite
 HR, CRM and Project Management
 2026-03-15T05:02:07.832Z 2026-03-15T05:02:07.832Z
CVE-2026-4164
9.3 (4.0)
9.8 (3.1)
9.8 (3.0)
Wavlink WL-WN578W2 POST Request wireless.cgi GuestWifi… Wavlink
 WL-WN578W2
 2026-03-15T03:02:10.413Z 2026-03-15T03:02:10.413Z
CVE-2026-2233
5.3 (3.1)
User Frontend: AI Powered Frontend Posting, User Direc… wedevs
 User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration
 2026-03-15T02:19:14.723Z 2026-03-15T02:19:14.723Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-3910
8.8 (3.1)
Inappropriate implementation in V8 in Google Chro… Google
 Chrome
 2026-03-12T21:30:51.861Z 2026-03-14T03:55:26.662Z
CVE-2023-29385
7.1 (3.1)
WordPress WP Abstracts Plugin <= 2.6.2 is vulnerable t… Kevon Adonis
 WP Abstracts
 2023-06-12T15:14:35.661Z 2025-02-19T21:29:43.608Z
CVE-2023-36517
4.3 (3.1)
WordPress WP Abstracts Plugin <= 2.6.2 is vulnerable t… Kevon Adonis
 WP Abstracts
 2023-07-11T08:02:47.433Z 2024-10-11T15:06:42.475Z
CVE-2023-46640
5.4 (3.1)
WordPress Medialist Plugin <= 1.3.9 is vulnerable to C… D. Relton
 Medialist
 2023-11-08T16:06:30.722Z 2024-10-29T18:39:49.929Z
CVE-2026-3798
5.1 (4.0)
4.7 (3.1)
4.7 (3.0)
Comfast CF-AC100 Request Path mbox-config sub_44AC14 c… Comfast
 CF-AC100
 2026-03-09T03:02:07.611Z 2026-03-10T16:05:35.790Z
CVE-2026-31894
6.9 (4.0)
WeGIA affected by arbitrary file read via symlink in b… LabRedesCefetRJ
 WeGIA
 2026-03-11T19:05:51.687Z 2026-03-12T20:03:42.724Z
CVE-2024-6539
5.3 (4.0)
3.5 (3.1)
3.5 (3.0)
heyewei SpringBootCMS Guestbook guestbook cross site s… heyewei
 SpringBootCMS
 2024-07-07T22:31:07.456Z 2024-08-01T21:41:03.714Z
CVE-2026-26115
8.8 (3.1)
SQL Server Elevation of Privilege Vulnerability Microsoft
 Microsoft SQL Server 2016 Service Pack 3 (GDR)
 2026-03-10T17:05:07.320Z 2026-03-13T22:25:18.463Z
CVE-2026-32133
7.8 (4.0)
2FAuth has Blind SSRF in image parameter allows intern… Bubka
 2FAuth
 2026-03-11T21:45:09.034Z 2026-03-12T16:17:42.667Z
CVE-2026-32136
9.8 (3.1)
AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentic… AdguardTeam
 AdGuardHome
 2026-03-11T21:42:31.422Z 2026-03-12T16:17:48.461Z
CVE-2026-3925
4.3 (3.1)
Incorrect security UI in LookalikeChecks in Googl… Google
 Chrome
 2026-03-11T22:04:08.693Z 2026-03-12T14:41:23.770Z
CVE-2026-3927
4.3 (3.1)
Incorrect security UI in PictureInPicture in Goog… Google
 Chrome
 2026-03-11T22:04:09.852Z 2026-03-13T12:50:13.977Z
CVE-2026-3936
8.8 (3.1)
Use after free in WebView in Google Chrome on And… Google
 Chrome
 2026-03-11T22:04:14.376Z 2026-03-13T03:55:40.613Z
CVE-2026-30974
4.6 (3.1)
Copyparty volflag `nohtml` did not block javascript in… 9001
 copyparty
 2026-03-10T17:37:26.214Z 2026-03-11T14:45:33.773Z
CVE-2026-26116
8.8 (3.1)
SQL Server Elevation of Privilege Vulnerability Microsoft
 Microsoft SQL Server 2025 (CU 2)
 2026-03-10T17:05:07.935Z 2026-03-13T22:25:19.051Z
CVE-2026-26117
7.8 (3.1)
Arc Enabled Servers - Azure Connected Machine Agent El… Microsoft
 Arc Enabled Servers - Azure Connected Machine Agent
 2026-03-10T17:05:20.543Z 2026-03-13T22:25:32.698Z
CVE-2026-4014
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
itsourcecode Cafe Reservation System Registration sign… itsourcecode
 Cafe Reservation System
 2026-03-12T08:02:11.036Z 2026-03-12T13:34:08.332Z
CVE-2026-26118
8.8 (3.1)
Azure MCP Server Tools Elevation of Privilege Vulnerability Microsoft
 Azure MCP Server Tools
 2026-03-10T17:05:21.115Z 2026-03-13T22:25:33.204Z
CVE-2023-25164
8.6 (3.1)
Sensitive Information leak via Script File in TinaCMS tinacms
 tinacms
 2023-02-08T19:26:18.956Z 2025-03-10T21:14:46.127Z
CVE-2026-3720
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
1024-lab/lab1024 SmartAdmin Notice notice-form-drawer.… 1024-lab
 SmartAdmin
 2026-03-08T07:02:13.355Z 2026-03-11T14:47:11.911Z
CVE-2026-3611
10 (4.0)
10 (3.1)
Honeywell IQ4x BMS Controller Missing authentication f… Honeywell
 IQ4E
 2026-03-12T20:06:05.753Z 2026-03-13T18:03:02.081Z
CVE-2026-2581
5.9 (3.1)
undici is vulnerable to Unbounded Memory Consumption i… undici
 undici
 2026-03-12T20:13:19.571Z 2026-03-13T18:04:58.799Z
CVE-2026-2229
7.5 (3.1)
undici is vulnerable to Unhandled Exception in undici … undici
 undici
 2026-03-12T20:27:05.600Z 2026-03-13T13:06:46.814Z
CVE-2026-1528
7.5 (3.1)
undici is vulnerable to Malicious WebSocket 64-bit len… undici
 undici
 2026-03-12T20:21:57.775Z 2026-03-13T13:04:57.048Z
CVE-2026-1527
4.6 (3.1)
undici is vulnerable to CRLF Injection via upgrade option undici
 undici
 2026-03-12T20:17:18.984Z 2026-03-13T18:06:03.794Z
CVE-2026-1526
7.5 (3.1)
undici is vulnerable to Unbounded Memory Consumption i… undici
 undici
 2026-03-12T20:08:05.950Z 2026-03-13T18:04:20.683Z
CVE-2026-31895
8.8 (3.1)
WeGIA has a SQL Injection via Direct Query Interpolati… LabRedesCefetRJ
 WeGIA
 2026-03-11T19:08:18.763Z 2026-03-11T20:27:50.897Z
CVE-2026-31896
9.8 (3.1)
WeGIA has a Time-Based Blind SQL Injection in remover… LabRedesCefetRJ
 WeGIA
 2026-03-11T19:10:32.383Z 2026-03-12T20:03:11.859Z
CVE-2025-70046
9.8 (3.1)
An issue pertaining to CWE-829: Inclusion of Func… n/a
 n/a
 2026-03-09T00:00:00.000Z 2026-03-11T14:08:34.876Z
CVE-2026-28793
8.4 (3.1)
Path Traversal Leading to Arbitrary File Read, Write a… @tinacms
 cli
 2026-03-12T16:50:20.132Z 2026-03-13T16:28:33.184Z
ID Description Published Updated
fkie_cve-2026-3910 Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacke… 2026-03-13T19:55:11.363 2026-03-13T20:24:29.740
fkie_cve-2023-29385 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kevon Adonis WP Abstracts plugin <= 2… 2023-06-12T16:15:09.860 2026-03-13T20:23:16.403
fkie_cve-2023-36517 Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts plugin <= 2.6.2 versions. 2023-07-11T09:15:09.913 2026-03-13T20:23:05.223
fkie_cve-2023-46640 Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin … 2023-11-08T16:15:10.763 2026-03-13T20:22:53.420
fkie_cve-2026-3798 A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub_44AC14 of t… 2026-03-09T04:16:02.397 2026-03-13T20:22:30.500
fkie_cve-2026-31894 WeGIA is a web manager for charitable institutions. In 3.6.5, The patched loadBackupDB() extracts t… 2026-03-11T20:16:15.460 2026-03-13T20:22:24.810
fkie_cve-2024-6539 A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28.… 2024-07-07T23:15:10.003 2026-03-13T20:22:02.110
fkie_cve-2026-26115 Improper validation of specified type of input in SQL Server allows an authorized attacker to eleva… 2026-03-10T18:18:40.590 2026-03-13T20:21:13.257
fkie_cve-2026-32133 2FAuth is a web app to manage Two-Factor Authentication (2FA) accounts and generate their security … 2026-03-11T22:16:33.273 2026-03-13T20:20:31.943
fkie_cve-2026-32136 AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.73, an unauth… 2026-03-11T22:16:33.423 2026-03-13T20:19:00.987
fkie_cve-2026-3925 Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed… 2026-03-11T22:16:35.120 2026-03-13T20:15:58.443
fkie_cve-2026-3927 Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote … 2026-03-11T22:16:35.357 2026-03-13T20:15:11.997
fkie_cve-2026-3936 Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attac… 2026-03-11T22:16:36.250 2026-03-13T20:14:58.717
fkie_cve-2026-30974 Copyparty is a portable file server. Prior to v1.20.11., the nohtml config option, intended to prev… 2026-03-10T18:18:56.220 2026-03-13T20:14:44.720
fkie_cve-2026-26116 Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server … 2026-03-10T18:18:40.827 2026-03-13T20:14:30.767
fkie_cve-2026-26117 Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent all… 2026-03-10T18:18:41.017 2026-03-13T20:14:21.453
fkie_cve-2026-4014 A security flaw has been discovered in itsourcecode Cafe Reservation System 1.0. This impacts an un… 2026-03-12T08:16:12.030 2026-03-13T20:14:07.583
fkie_cve-2026-26118 Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate pri… 2026-03-10T18:18:41.180 2026-03-13T20:12:47.740
fkie_cve-2023-25164 Tinacms is a Git-backed headless content management system with support for visual editing. Sites b… 2023-02-08T20:15:24.847 2026-03-13T20:11:31.400
fkie_cve-2026-3720 A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unkno… 2026-03-08T08:15:59.943 2026-03-13T20:08:15.060
fkie_cve-2026-3611 The Honeywell IQ4x building management controller, exposes its full web-based HMI without authentic… 2026-03-12T21:16:27.693 2026-03-13T20:06:54.667
fkie_cve-2026-2581 This is an uncontrolled resource consumption vulnerability (CWE-400) that can lead to Denial of Ser… 2026-03-12T21:16:25.930 2026-03-13T20:06:54.667
fkie_cve-2026-2229 ImpactThe undici WebSocket client is vulnerable to a denial-of-service attack due to improper valid… 2026-03-12T21:16:25.573 2026-03-13T20:06:54.667
fkie_cve-2026-1528 ImpactA server can reply with a WebSocket frame using the 64-bit length form and an extremely large… 2026-03-12T21:16:25.330 2026-03-13T20:06:54.667
fkie_cve-2026-1527 ImpactWhen an application passes user-controlled input to the upgrade option of client.request(), a… 2026-03-12T21:16:25.137 2026-03-13T20:06:54.667
fkie_cve-2026-1526 The undici WebSocket client is vulnerable to a denial-of-service attack via unbounded memory consum… 2026-03-12T21:16:23.933 2026-03-13T20:06:54.667
fkie_cve-2026-31895 WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA (Web gerenciador … 2026-03-11T20:16:15.633 2026-03-13T20:06:31.840
fkie_cve-2026-31896 WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, a critical SQL injectio… 2026-03-11T20:16:15.797 2026-03-13T20:05:49.723
fkie_cve-2025-70046 An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discov… 2026-03-09T16:16:15.597 2026-03-13T20:02:51.930
fkie_cve-2026-28793 Tina is a headless content management system. Prior to 2.1.8, the TinaCMS CLI development server ex… 2026-03-12T17:16:50.543 2026-03-13T19:58:55.173
ID Severity Description Published Updated
ghsa-jmhc-6q49-9x2g
7.6 (3.1)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … 2026-03-13T21:31:49Z 2026-03-13T21:31:50Z
ghsa-jcph-9xhx-47p8
5.3 (3.1)
Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorre… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-j25f-52qh-vv7j
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-hv2q-78pj-8c72
5.4 (3.1)
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancemen… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-hqpr-9vfh-4vgr
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-hfxj-xgvq-fqxv
4.3 (3.1)
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploit… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-gm36-gp26-9m6w
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-ghv5-43g7-224w
7.5 (3.1)
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-g53r-489w-p2mf
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-fv25-wjjf-q2wr
5.3 (3.1)
Missing Authorization vulnerability in WebGeniusLab BigHearts bighearts allows Exploiting Incorrect… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-fcmh-8r9j-5762
2.7 (3.1)
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploit… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-f3qh-mx42-8m58
4.3 (3.1)
Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Expl… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-cgh7-7jvj-846c
8.5 (3.1)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-9ww5-h4wh-qq2j
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-9w23-wxvg-hw8g
5.3 (3.1)
Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorre… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-7q9c-72v7-cvhg
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-73rg-h54g-x9w7
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-6v38-q3q9-62pv
5.3 (3.1)
Missing Authorization vulnerability in vowelweb VW School Education vw-school-education allows Expl… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-5962-78vp-wh3j
5.3 (3.1)
Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Conf… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-576x-8q98-gh4m
5.3 (3.1)
Missing Authorization vulnerability in vowelweb VW Pet Shop vw-pet-shop allows Exploiting Incorrect… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-4cgf-g8j7-xw5c
5.3 (3.1)
Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment-gateway-… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-3phx-j4jx-m3fr
5.3 (3.1)
Missing Authorization vulnerability in vowelweb VW Photography vw-photography allows Exploiting Inc… 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-37jf-ph38-h4vx
6.3 (3.1)
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-29xj-6jjp-m927
8.5 (3.1)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … 2026-03-13T21:31:50Z 2026-03-13T21:31:50Z
ghsa-wrqm-wwq5-qcrm
5.3 (3.1)
Missing Authorization vulnerability in raratheme Digital Download digital-download allows Exploitin… 2026-03-13T21:31:48Z 2026-03-13T21:31:49Z
ghsa-whpv-3r4p-274m
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… 2026-03-13T21:31:49Z 2026-03-13T21:31:49Z
ghsa-wgwq-p9vf-fm4g
5.3 (3.1)
Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrec… 2026-03-13T21:31:48Z 2026-03-13T21:31:49Z
ghsa-w9p9-xcrg-c8jv
Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-en… 2026-03-13T21:31:49Z 2026-03-13T21:31:49Z
ghsa-w59g-5675-pp8h
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos … 2026-03-13T21:31:49Z 2026-03-13T21:31:49Z
ghsa-w48h-3qp2-pxm9
6.5 (3.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … 2026-03-13T21:31:49Z 2026-03-13T21:31:49Z
ID Severity Description Package Published Updated
pysec-2025-55
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.407481+00:00
pysec-2025-54
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.319321+00:00
pysec-2025-53
vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… vllm 2025-05-29T17:15:21+00:00 2025-06-26T21:23:06.231251+00:00
pysec-2025-51
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… apache-airflow-providers-snowflake 2025-06-24T08:15:24+00:00 2025-06-26T21:23:03.132527+00:00
pysec-2025-50
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… vllm 2025-05-30T18:15:32+00:00 2025-06-19T03:02:28.572160+00:00
pysec-2024-255
Gradio before 4.20 allows credential leakage on Windows. gradio 2024-05-05T20:15:07+00:00 2025-06-17T19:21:48.983901+00:00
pysec-2024-254
4.2 (3.1)
A session fixation vulnerability exists in the zenml-io/zenml application, where JWT toke… zenml 2024-04-16T00:15:11+00:00 2025-06-13T00:48:41.806476+00:00
pysec-2025-49
8.8 (3.1)
setuptools is a package that allows users to download, build, install, upgrade, and unins… setuptools 2025-05-17T16:15:19+00:00 2025-06-12T22:23:11.115559+00:00
pysec-2025-48
9.8 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2025-03-31T17:15:42+00:00 2025-06-12T22:23:10.476087+00:00
pysec-2024-253
pretix before 2024.1.1 mishandles file validation. pretix 2024-02-26T16:28:00+00:00 2025-06-11T15:23:51.683422+00:00
pysec-2024-252
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in t… torch 2024-04-17T19:15:07+00:00 2025-06-10T19:22:08.948962+00:00
pysec-2024-251
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in… torch 2024-04-17T19:15:07+00:00 2025-06-10T03:12:59.077932+00:00
pysec-2025-47
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… django 2025-06-05T03:15:25+00:00 2025-06-05T05:23:28.296596+00:00
pysec-2025-46
5.5 (3.1)
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri… pypickle 2025-05-26T08:15:19+00:00 2025-06-03T17:36:58.579358+00:00
pysec-2025-45
7.8 (3.1)
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.… pypickle 2025-05-26T07:15:26+00:00 2025-06-03T17:36:58.528116+00:00
pysec-2024-250
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csr… torch 2024-04-19T21:15:08+00:00 2025-06-03T15:23:56.072490+00:00
pysec-2023-312
5.9 (3.1)
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b… redis 2023-07-15T23:15:09Z 2025-06-02T11:48:06.372423Z
pysec-2025-44
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… django-helpdesk 2025-05-31T01:15:19+00:00 2025-05-31T03:09:35.357757+00:00
pysec-2025-43
vLLM is an inference and serving engine for large language models (LLMs). In versions sta… vllm 2025-05-29T17:15:21+00:00 2025-05-29T19:21:01.611587+00:00
pysec-2025-42
9.8 (3.1)
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver… vllm 2025-04-30T01:15:51+00:00 2025-05-28T21:23:12.396609+00:00
pysec-2025-41
9.8 (3.1)
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… torch 2025-04-18T16:15:23+00:00 2025-05-28T15:23:37.843138+00:00
pysec-2025-40
7.5 (3.1)
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`… transformers 2025-05-19T12:15:19+00:00 2025-05-21T19:22:10.801823+00:00
pysec-2024-249
6.1 (3.1)
### Summary On all Label Studio versions prior to 1.11.0, data imported via file upload f… label-studio 2024-02-22T22:15:47+00:00 2025-05-19T11:22:35.312280+00:00
pysec-2024-248
7.8 (3.1)
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its … opencanary 2024-10-14T21:15:12+00:00 2025-05-16T14:23:05.150356+00:00
pysec-2025-39
motionEye is an online interface for the software motion, a video surveillance program wi… motioneye 2025-05-14T16:15:29+00:00 2025-05-14T17:22:51.050788+00:00
pysec-2025-38
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im… ironic 2025-05-08T17:16:01Z 2025-05-13T04:24:03.083929Z
pysec-2024-247
9.9 (3.1)
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically… zenml 2024-04-16T00:15:11+00:00 2025-05-12T15:23:53.861001+00:00
pysec-2025-37
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2… django 2025-05-08T04:17:18+00:00 2025-05-08T05:23:16.210893+00:00
pysec-2025-36
9.8 (3.1)
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… langflow 2025-04-07T15:15:44+00:00 2025-05-07T19:22:44.993642+00:00
pysec-2024-246
5.3 (3.1)
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in… vyper 2024-04-25T17:15:50+00:00 2025-05-05T19:21:20.899426+00:00
ID Description Updated
gsd-2024-33881 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.886591Z
gsd-2024-33880 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.882744Z
gsd-2024-33879 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.727068Z
gsd-2024-33878 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.850311Z
gsd-2024-33877 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.871220Z
gsd-2024-33876 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.990196Z
gsd-2024-33875 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.862083Z
gsd-2024-33874 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.959238Z
gsd-2024-33873 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.870402Z
gsd-2024-33872 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.839468Z
gsd-2024-33871 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.800751Z
gsd-2024-33870 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.943118Z
gsd-2024-33869 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.784255Z
gsd-2024-33868 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.896638Z
gsd-2024-33867 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.808129Z
gsd-2024-33866 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.819755Z
gsd-2024-33865 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.790923Z
gsd-2024-33864 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.792101Z
gsd-2024-33863 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.824810Z
gsd-2024-33862 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.799465Z
gsd-2024-33861 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.958057Z
gsd-2024-33860 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.777612Z
gsd-2024-33859 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.867340Z
gsd-2024-33858 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.848478Z
gsd-2024-33857 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.834866Z
gsd-2024-33856 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.944669Z
gsd-2024-33855 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.741239Z
gsd-2024-33854 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.916266Z
gsd-2024-33853 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.825026Z
gsd-2024-33852 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.824312Z
ID Description Published Updated
mal-2026-1409 Malicious code in darkig (PyPI) 2026-03-13T10:50:53Z 2026-03-13T10:50:53Z
mal-2026-1410 Malicious code in ighack (PyPI) 2026-03-13T10:47:01Z 2026-03-13T10:47:01Z
mal-2026-1411 Malicious code in nfd (PyPI) 2026-03-13T10:41:13Z 2026-03-13T10:41:13Z
mal-2026-1417 Malicious code in twitch.dashboard-v2.core (npm) 2026-03-13T10:37:20Z 2026-03-13T10:37:27Z
mal-2026-1416 Malicious code in twitch-security (npm) 2026-03-13T10:37:20Z 2026-03-13T10:37:20Z
mal-2026-1415 Malicious code in pulsard-utils (npm) 2026-03-13T10:37:20Z 2026-03-13T10:37:20Z
mal-2026-1414 Malicious code in hardhat2-config (npm) 2026-03-13T10:37:20Z 2026-03-13T10:37:20Z
mal-2026-1413 Malicious code in brlc-base (npm) 2026-03-13T10:37:19Z 2026-03-13T10:37:20Z
mal-2026-1408 Malicious code in nai (PyPI) 2026-03-13T10:31:39Z 2026-03-13T10:31:39Z
mal-2026-1407 Malicious code in thief-utils (PyPI) 2026-03-13T08:43:52Z 2026-03-13T08:43:52Z
mal-2026-1406 Malicious code in makenotion-ppetest (PyPI) 2026-03-13T08:13:53Z 2026-03-13T08:13:53Z
mal-2026-1400 Malicious code in solana-pumpfun-sdk (npm) 2026-03-13T06:55:58Z 2026-03-13T06:55:58Z
mal-2026-1399 Malicious code in pino-sdk (npm) 2026-03-13T06:55:58Z 2026-03-13T06:55:58Z
mal-2026-1392 Malicious code in @dinzid04/libsignal-node (npm) 2026-03-13T06:54:12Z 2026-03-13T06:54:13Z
mal-2026-1391 Malicious code in @dinzid04/baileys (npm) 2026-03-13T06:54:12Z 2026-03-13T06:54:13Z
mal-2026-1401 Malicious code in tailwindcss-animation-advanced (npm) 2026-03-13T06:51:42Z 2026-03-13T06:51:42Z
mal-2026-1393 Malicious code in cortana-md-bot (npm) 2026-03-13T06:48:27Z 2026-03-13T06:48:28Z
mal-2026-1390 Malicious code in @depro-tech/cortana-md (npm) 2026-03-13T06:48:27Z 2026-03-13T06:48:28Z
mal-2026-1404 Malicious code in whatsapp-core-auth-drzak (npm) 2026-03-13T06:47:07Z 2026-03-13T06:47:14Z
mal-2026-1398 Malicious code in meta-internal-logger-drzak (npm) 2026-03-13T06:47:07Z 2026-03-13T06:47:14Z
mal-2026-1396 Malicious code in dell-internal-auth-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:14Z
mal-2026-1395 Malicious code in dell-fusion-core-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:14Z
mal-2026-1394 Malicious code in dell-emc-internal-api-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:13Z
mal-2026-1405 Malicious code in whatsapp-fastdesk-utils-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:07Z
mal-2026-1403 Malicious code in tradepmr-fusion-core-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:07Z
mal-2026-1402 Malicious code in tradepmr-api-utils-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:06Z
mal-2026-1397 Malicious code in fusion-internal-common-drzak (npm) 2026-03-13T06:47:06Z 2026-03-13T06:47:06Z
mal-2026-1382 Malicious code in @immuta/flag-providers-web (npm) 2026-03-13T05:53:14Z 2026-03-13T05:53:14Z
mal-2026-1384 Malicious code in @lux2/ssr-catalogue-sfcc (npm) 2026-03-13T05:37:08Z 2026-03-13T05:37:08Z
mal-2026-1381 Malicious code in @immuta/feature-flags-core (npm) 2026-03-13T05:34:26Z 2026-03-13T05:34:26Z
ID Description Published Updated
2crt000008 Lite Panel Pro Vulnerability in Session Management 2025-06-26T00:30:00.000Z 2025-06-26T00:30:00.000Z
9akk108470a8948 ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. 2025-05-29T00:30:00.000Z 2025-06-05T00:30:00.000Z
9akk108471a1621 EIBPORT Session Management Fail 2025-06-02T00:30:00.000Z 2025-06-04T00:30:00.000Z
9akk108471a0021 ELSB/BLBA ASPECT advisory several CVEs 2025-05-22T00:30:00.000Z 2025-05-23T10:30:00.000Z
2crt000006 ANC – ABB Network Card Multiple vulnerabilities in ANC 2025-04-30T00:30:00.000Z 2025-04-30T00:30:00.000Z
2crt000007 Ekip Com IEC61850 Vulnerability in 3rd Party Library 2025-04-29T00:30:00.000Z 2025-04-29T00:30:00.000Z
9akk108470a9989 ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities 2025-04-10T08:30:00.000Z 2025-04-10T08:30:00.000Z
2nga002579 ABB Arctic communication solution ARM600 Vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
2nga002427 ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
9akk108470a9494 Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
9akk108470a9491 ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
sa24p015 B&R APROL Potential Privilege Escalation and Information Disclosure 2025-03-24T00:30:00.000Z 2025-03-24T00:30:00.000Z
9akk108470a8565 RMC-100 Vulnerability in the Web UI (REST Interface) 2025-03-11T00:30:00.000Z 2025-03-11T00:30:00.000Z
9akk108470a5684 FLXeon Controllers Cyber Security Advisory 2025-01-20T00:30:00.000Z 2025-02-14T00:30:00.000Z
7paa012159 System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text 2025-02-10T00:30:00.000Z 2025-02-10T00:30:00.000Z
9akk108470a6775 Hardcoded credentials in ASPECT Energy Management System 2025-02-05T00:30:00.000Z 2025-02-06T00:30:00.000Z
sa25p001 Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates 2025-01-15T00:30:00.000Z 2025-01-16T00:30:00.000Z
9akk108470a5466 Drive Composer Path Traversal Vulnerability 2025-02-05T00:30:00.000Z 2025-01-10T00:30:00.000Z
3adr011377 AC500 V3 Multiple vulnerabilities 2025-01-07T00:30:00.000Z 2025-01-07T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-0353 libpng: Schwachstelle ermöglicht Codeausführung 2026-02-09T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0345 Golang Go: Mehrere Schwachstellen 2026-02-08T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0326 Red Hat Self-service automation portal for Ansible Automation Platform: Schwachstelle ermöglicht Manipulation von Dateien 2026-02-05T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0297 Django: Mehrere Schwachstellen 2026-02-03T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0284 libxml2 (xmllint): Schwachstelle ermöglicht Denial of Service 2026-02-02T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0265 expat: Schwachstelle ermöglicht Codeausführung 2026-01-29T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0215 Linux Kernel: Mehrere Schwachstellen 2026-01-25T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0213 expat: Schwachstelle ermöglicht Denial of Service 2026-01-25T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0164 Oracle Java SE: Mehrere Schwachstellen 2026-01-20T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0129 Golang Go: Mehrere Schwachstellen 2026-01-15T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0126 libxml2: Mehrere Schwachstellen ermöglichen Denial of Service 2026-01-15T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2026-0086 Linux Kernel: Mehrere Schwachstellen 2026-01-13T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2854 Roundcube: Mehrere Schwachstellen 2025-12-15T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2846 strongSwan (NetworkManager-Plugin): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2025-12-14T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2750 Apache HTTP Server: Mehrere Schwachstellen 2025-12-04T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2747 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-12-04T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2741 cPython: Schwachstelle ermöglicht Denial of Service 2025-12-03T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2724 Golang Go: Mehrere Schwachstellen 2025-12-02T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2703 Zabbix: Mehrere Schwachstellen 2025-11-30T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2595 Linux Kernel: Mehrere Schwachstellen 2025-11-12T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2579 Linux Kernel: Mehrere Schwachstellen 2025-11-11T23:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2365 Oracle Java SE: Mehrere Schwachstellen 2025-10-21T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2227 Golang Go: Mehrere Schwachstellen 2025-10-07T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2166 OpenSSL und LibreSSL: Mehrere Schwachstellen 2025-09-30T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-2040 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-09-11T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-1988 Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service 2025-09-07T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-1974 Podman: Schwachstelle ermöglicht Manipulation von Dateien 2025-09-04T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-1620 Linux Kernel: Schwachstelle ermöglicht Denial of Service 2025-07-21T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-1569 Oracle Java SE: Mehrere Schwachstellen 2025-07-15T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
wid-sec-w-2025-1452 Linux Kernel: Mehrere Schwachstellen 2025-07-02T22:00:00.000+00:00 2026-03-08T23:00:00.000+00:00
ID Description Published Updated
icsa-26-062-03 Hitachi Energy RTU500 Product 2026-02-24T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-02 Hitachi Energy Relion REB500 Product 2026-02-24T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-01 Mitsubishi Electric MELSEC iQ-F Series EtherNet/IP module and Ethernet module 2026-03-03T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-25-023-02 Hitachi Energy RTU500 Series Product (Update B) 2024-04-30T00:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-24-184-03 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C) 2024-07-02T06:00:00.000000Z 2026-03-03T07:00:00.000000Z
icsa-26-062-08 Everon OCPP Backends 2026-03-03T06:00:00.000000Z 2026-03-03T06:00:00.000000Z
icsa-26-062-07 ePower epower.ie 2026-03-03T06:00:00.000000Z 2026-03-03T06:00:00.000000Z
icsa-26-062-06 Mobiliti e-mobi.hu 2026-03-03T06:00:00.000000Z 2026-03-03T06:00:00.000000Z
icsa-26-057-10 Copeland XWEB and XWEB Pro 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-09 Yokogawa CENTUM VP R6, R7 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-08 Mobility46 mobility46.se 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-07 EV Energy ev.energy 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-06 SWITCH EV swtchenergy.com 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-05 Chargemap chargemap.com 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-04 EV2GO ev2go.io 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-03 CloudCharge cloudcharge.se 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-02 Pelco, Inc. Sarix Pro 3 Series IP Cameras 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-057-01 Johnson Controls, Inc. Frick Controls Quantum HD 2026-02-26T07:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-25-133-02 Hitachi Energy Relion 670/650/SAM600-IO Series (Update C) 2023-11-28T00:00:00.000000Z 2026-02-26T07:00:00.000000Z
icsa-26-043-06 Siemens SINEC OS 2026-01-28T00:00:00.000000Z 2026-02-25T07:00:00.000000Z
icsa-26-027-01 iba Systems ibaPDA 2026-01-27T07:00:00.000000Z 2026-02-25T07:00:00.000000Z
icsa-25-226-15 Siemens SINEC OS 2025-08-12T00:00:00.000000Z 2026-02-25T07:00:00.000000Z
icsa-25-226-07 Siemens Third-Party Components in SINEC OS 2025-08-12T00:00:00.000000Z 2026-02-25T07:00:00.000000Z
icsa-25-203-04 Schneider Electric EcoStruxure Power Operation (Update A) 2025-07-22T06:00:00.000000Z 2026-02-25T07:00:00.000000Z
icsa-26-055-02 Schneider Electric EcoStruxure Building Operation Workstation 2026-02-10T08:00:00.000000Z 2026-02-24T07:00:00.000000Z
icsa-26-055-01 InSAT MasterSCADA BUK-TS 2026-02-24T07:00:00.000000Z 2026-02-24T07:00:00.000000Z
icsa-25-070-01 Schneider Electric Uni-Telway Driver (Update C) 2025-02-11T05:00:00.000000Z 2026-02-24T07:00:00.000000Z
icsa-24-296-01 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C) 2024-10-22T06:00:00.000000Z 2026-02-24T07:00:00.000000Z
icsa-22-202-04 ICONICS Suite and Mitsubishi Electric MC Works64 Products (Update C) 2022-07-26T06:00:00.000000Z 2026-02-24T07:00:00.000000Z
icsa-26-055-03 Gardyn Home Kit 2026-02-24T06:00:00.000000Z 2026-02-24T06:00:00.000000Z
ID Description Published Updated
cisco-sa-nxos-cpdos-qlsv6pfd Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3 Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability 2026-02-04T16:00:00+00:00 2026-02-20T21:08:47+00:00
cisco-sa-voice-rce-morhqy4b Cisco Unified Communications Products Remote Code Execution Vulnerability 2026-01-21T16:00:00+00:00 2026-02-13T15:21:01+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities 2025-10-15T16:00:00+00:00 2026-02-12T18:38:13+00:00
cisco-sa-tce-roomos-dos-9v9jrc2q Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability 2026-02-04T16:00:00+00:00 2026-02-12T17:37:39+00:00
cisco-sa-snort3-dcerpc-vulns-j9hnf4th Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities 2026-01-07T16:00:00+00:00 2026-02-10T20:42:07+00:00
cisco-sa-pi-xss-byevkcd Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-epnm-pi-redirect-6sx82dn Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-cmm-file-up-ky47n8kk Cisco Meeting Management Arbitrary File Upload Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-ucce-pcce-xss-2jvyg3ud Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-intersight-privesc-p6tbm6jk Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-iec6400-pem5uq7v Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-sma-attack-n9bf4 Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager 2025-12-17T16:00:00+00:00 2026-01-15T16:01:43+00:00
cisco-sa-ise-xss-9tdh2kx Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability 2026-01-15T16:00:00+00:00 2026-01-15T16:00:00+00:00
cisco-sa-ise-xss-964cdxw5 Cisco Identity Services Engine Cross-Site Scripting Vulnerability 2026-01-15T16:00:00+00:00 2026-01-15T16:00:00+00:00
cisco-sa-epnm-pi-stored-xss-gekx8ywk Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability 2026-01-15T16:00:00+00:00 2026-01-15T16:00:00+00:00
cisco-sa-ise-xxe-jwsbsdkt Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability 2026-01-07T16:00:00+00:00 2026-01-07T16:00:00+00:00
cisco-sa-react-flight-tyw32ddb Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 2025-12-04T16:00:00+00:00 2025-12-17T22:37:17+00:00
cisco-sa-ise-multiple-vulns-o9beswjh Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities 2025-11-05T16:00:00+00:00 2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn Multiple Cisco Contact Center Products Vulnerabilities 2025-11-05T16:00:00+00:00 2025-11-18T14:49:09+00:00
cisco-sa-privesc-catc-ryjreelu Cisco Catalyst Center Privilege Escalation Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59 Cisco Catalyst Center Cross-Site Scripting Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt Cisco Catalyst Center REST API Command Injection Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability 2025-11-13T16:00:00+00:00 2025-11-13T16:00:00+00:00
cisco-sa-cc-unauth-rce-qen8h7mq Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities 2025-11-05T16:00:00+00:00 2025-11-13T12:48:42+00:00
cisco-sa-asaftd-webvpn-yrootuw Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability 2025-09-25T16:00:00+00:00 2025-11-06T15:50:55+00:00
cisco-sa-asaftd-webvpn-z5xp8eub Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability 2025-09-25T16:00:00+00:00 2025-11-06T15:50:54+00:00
ID Description Published Updated
msrc_cve-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http 2025-10-02T00:00:00.000Z 2026-03-12T01:36:37.000Z
msrc_cve-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar 2025-10-02T00:00:00.000Z 2026-03-12T01:36:32.000Z
msrc_cve-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509 2025-10-02T00:00:00.000Z 2026-03-12T01:36:27.000Z
msrc_cve-2026-23240 tls: Fix race condition in tls_sw_cancel_work_tx() 2026-03-02T00:00:00.000Z 2026-03-12T01:01:42.000Z
msrc_cve-2026-23239 espintcp: Fix race condition in espintcp_close() 2026-03-02T00:00:00.000Z 2026-03-12T01:01:37.000Z
msrc_cve-2024-14027 xattr: switch to CLASS(fd) 2026-03-02T00:00:00.000Z 2026-03-11T14:36:33.000Z
msrc_cve-2026-27965 Vitess users with backup storage access can gain unauthorized access to production deployment environments 2026-02-02T00:00:00.000Z 2026-03-11T14:36:03.000Z
msrc_cve-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore 2026-02-02T00:00:00.000Z 2026-03-11T14:35:56.000Z
msrc_cve-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data. 2026-02-02T00:00:00.000Z 2026-03-11T14:35:49.000Z
msrc_cve-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-11T07:00:00.000Z
msrc_cve-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-11T07:00:00.000Z
msrc_cve-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. 2026-03-02T00:00:00.000Z 2026-03-11T01:40:19.000Z
msrc_cve-2026-3713 pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow 2026-03-02T00:00:00.000Z 2026-03-11T01:03:59.000Z
msrc_cve-2026-27142 URLs in meta content attribute actions are not escaped in html/template 2026-03-02T00:00:00.000Z 2026-03-11T01:03:28.000Z
msrc_cve-2025-69644 An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless output until manually interrupted. This issue affects versions prior to the upstream fix and allows a local attacker to cause excessive resource consumption by supplying a malicious input file. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:56.000Z
msrc_cve-2025-69651 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. Later, process_got_section_contents() may attempt to free an invalid r_symbol pointer, triggering memory corruption checks in glibc and causing the program to terminate with SIGABRT. No evidence of further memory corruption or code execution was observed; the impact is limited to denial of service. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:49.000Z
msrc_cve-2025-69649 GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:41.000Z
msrc_cve-2025-69645 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:32.000Z
msrc_cve-2025-69652 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:25.000Z
msrc_cve-2025-69650 GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:17.000Z
msrc_cve-2025-69646 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis. 2026-03-02T00:00:00.000Z 2026-03-11T01:02:09.000Z
msrc_cve-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath 2026-03-02T00:00:00.000Z 2026-03-11T01:02:00.000Z
msrc_cve-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds 2026-03-02T00:00:00.000Z 2026-03-11T01:01:46.000Z
msrc_cve-2026-26144 Microsoft Excel Information Disclosure Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
msrc_cve-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
msrc_cve-2026-26134 Microsoft Office Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
msrc_cve-2026-26132 Windows Kernel Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
msrc_cve-2026-26131 .NET Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
msrc_cve-2026-26130 ASP.NET Core Denial of Service Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
msrc_cve-2026-26128 Windows SMB Server Elevation of Privilege Vulnerability 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
ID Description Published Updated
ncsc-2026-0069 Kwetsbaarheden verholpen in SolarWinds Serv-U 2026-02-25T10:39:38.154815Z 2026-02-25T10:39:38.154815Z
ncsc-2026-0068 Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform 2026-02-23T14:27:28.865278Z 2026-02-23T14:27:28.865278Z
ncsc-2026-0043 Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile 2026-01-29T19:15:04.575371Z 2026-02-20T14:47:02.047999Z
ncsc-2026-0067 Kwetsbaarheden verholpen in GitHub Enterprise Server 2026-02-20T10:13:39.540778Z 2026-02-20T10:13:39.540778Z
ncsc-2026-0066 Kwetsbaarheid verholpen in Google Chrome 2026-02-19T08:29:30.712590Z 2026-02-19T08:29:30.712590Z
ncsc-2026-0065 Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines 2026-02-18T13:18:23.815384Z 2026-02-18T13:18:23.815384Z
ncsc-2026-0064 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-02-13T13:35:03.870920Z 2026-02-13T13:35:03.870920Z
ncsc-2026-0063 Kwetsbaarheden verholpen in Apple macOS 2026-02-13T13:24:06.433550Z 2026-02-13T13:24:06.433550Z
ncsc-2026-0048 Kwetsbaarheid verholpen in BeyondTrust Remote Support 2026-02-09T10:27:57.867529Z 2026-02-13T12:54:32.614217Z
ncsc-2026-0062 Kwetsbaarheden verholpen in GitLab CE/EE 2026-02-11T11:45:05.986313Z 2026-02-11T11:45:05.986313Z
ncsc-2026-0061 Kwetsbaarheden verholpen in Fortinet FortiOS 2026-02-11T11:34:50.888067Z 2026-02-11T11:34:50.888067Z
ncsc-2026-0060 Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient 2026-02-11T11:34:36.684955Z 2026-02-11T11:34:36.684955Z
ncsc-2026-0058 Kwetsbaarheden verholpen in Microsoft Office 2026-02-10T19:11:42.825147Z 2026-02-10T19:11:42.825147Z
ncsc-2026-0057 Kwetsbaarheden verholpen in Microsoft Azure 2026-02-10T19:08:27.878305Z 2026-02-10T19:08:27.878305Z
ncsc-2026-0056 Kwetsbaarheden verholpen in Microsoft Developer Tools 2026-02-10T19:07:16.028511Z 2026-02-10T19:07:16.028511Z
ncsc-2026-0055 Kwetsbaarheid verholpen in Microsoft SQL Server 2026-02-10T19:05:45.729972Z 2026-02-10T19:05:45.729972Z
ncsc-2026-0054 Kwetsbaarheid verholpen in Microsoft Exchange 2026-02-10T19:04:51.366294Z 2026-02-10T19:04:51.366294Z
ncsc-2026-0053 Kwetsbaarheden verholpen in Microsoft Windows 2026-02-10T19:01:45.561771Z 2026-02-10T19:01:45.561771Z
ncsc-2026-0052 Kwetsbaarheden verholpen in SAP producten 2026-02-10T12:28:40.531069Z 2026-02-10T12:28:40.531069Z
ncsc-2026-0051 Kwetsbaarheden verholpen in Siemens producten 2026-02-10T12:27:40.637581Z 2026-02-10T12:27:40.637581Z
ncsc-2026-0050 Kwetsbaarheid verholpen in PEAR 2026-02-09T10:41:43.856342Z 2026-02-09T10:41:43.856342Z
ncsc-2026-0049 Kwetsbaarheden verholpen in n8n 2026-02-09T10:39:40.792744Z 2026-02-09T10:39:40.792744Z
ncsc-2026-0047 Kwetsbaarheid verholpen in Fortinet FortiClient EMS 2026-02-09T10:16:18.048622Z 2026-02-09T10:16:18.048622Z
ncsc-2026-0046 Kwetsbaarheden verholpen in Samsung mobile 2026-02-09T07:48:28.751473Z 2026-02-09T07:48:28.751473Z
ncsc-2026-0040 Kwetsbaarheid verholpen in SmarterTools SmarterMail 2026-01-27T10:51:39.476320Z 2026-02-06T09:25:57.008166Z
ncsc-2026-0045 Kwetsbaarheid verholpen in Cisco Meeting Management 2026-02-06T09:22:16.831778Z 2026-02-06T09:22:16.831778Z
ncsc-2026-0044 Kwetsbaarheid verholpen in Cisco TelePresence Collaboration Endpoint 2026-02-06T09:20:11.629058Z 2026-02-06T09:20:11.629058Z
ncsc-2026-0042 Kwetsbaarheden verholpen in SolarWinds Web Help Desk 2026-01-28T16:37:21.114054Z 2026-02-02T09:47:54.857445Z
ncsc-2025-0386 Kwetsbaarheden verholpen in Fortinet producten 2025-12-10T09:51:34.918202Z 2026-01-28T15:46:10.814803Z
ncsc-2026-0041 Kwetsbaarheid verholpen in Fortinet producten 2026-01-28T09:32:41.752905Z 2026-01-28T09:32:41.752905Z
ID Description Published Updated
nn-2023_3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_10-01 DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_1-01 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 2023-05-03T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:10-01 DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:1-01 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 2023-05-03T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022_2-02 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022_2-01 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022:2-02 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022:2-01 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021_2-01 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021_1-01 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021:2-01 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021:1-01 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020_3-01 Angular template injection on custom report name field 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020_2-01 Cross-site request forgery attack on change password form 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020:3-01 Angular template injection on custom report name field 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020:2-01 Cross-site request forgery attack on change password form 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019_2-01 CSV Injection on node label 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019_1-01 Stored XSS in field name data model 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10298-1 exiv2-0.28.8-1.1 on GA media 2026-03-07T00:00:00Z 2026-03-07T00:00:00Z
opensuse-su-2026:10297-1 coredns-1.14.2-1.1 on GA media 2026-03-07T00:00:00Z 2026-03-07T00:00:00Z
opensuse-su-2026:10296-1 chromedriver-145.0.7632.159-1.1 on GA media 2026-03-07T00:00:00Z 2026-03-07T00:00:00Z
opensuse-su-2026:10295-1 NetworkManager-applet-strongswan-1.6.4-1.1 on GA media 2026-03-07T00:00:00Z 2026-03-07T00:00:00Z
opensuse-su-2026:20333-1 Security update for python-PyPDF2 2026-03-06T21:01:39Z 2026-03-06T21:01:39Z
opensuse-su-2026:20330-1 Security update for python-uv 2026-03-06T14:43:28Z 2026-03-06T14:43:28Z
opensuse-su-2026:10288-1 libblkid-devel-2.41.3-4.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10287-1 sdbootutil-1+git20260303.90d816d-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10286-1 ruby4.0-rubygem-rack-2.2-2.2.22-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10285-1 python311-pillow-heif-1.3.0-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10284-1 python311-PyPDF2-2.11.1-5.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10283-1 python313-Django6-6.0.3-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10282-1 python311-Django4-4.2.29-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10281-1 mchange-commons-0.4.0-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10280-1 incus-6.22-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10279-1 c3p0-0.12.0-1.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10278-1 ImageMagick-7.1.2.15-2.1 on GA media 2026-03-04T00:00:00Z 2026-03-04T00:00:00Z
opensuse-su-2026:10276-1 libsoup-3_0-0-3.6.6-2.1 on GA media 2026-03-01T00:00:00Z 2026-03-01T00:00:00Z
opensuse-su-2026:10275-1 gvfs-1.58.2-1.1 on GA media 2026-03-01T00:00:00Z 2026-03-01T00:00:00Z
opensuse-su-2026:20273-1 Security update for 7zip 2026-02-26T11:53:30Z 2026-02-26T11:53:30Z
opensuse-su-2026:20277-1 Security update for chromium 2026-02-26T11:50:46Z 2026-02-26T11:50:46Z
opensuse-su-2026:20271-1 Security update for python-urllib3_1 2026-02-26T09:45:23Z 2026-02-26T09:45:23Z
opensuse-su-2026:20270-1 Security update for autogen 2026-02-26T09:10:10Z 2026-02-26T09:10:10Z
opensuse-su-2026:10266-1 valkey-9.0.3-1.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
opensuse-su-2026:10265-1 qemu-10.2.1-1.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
opensuse-su-2026:10264-1 python311-Flask-3.1.3-1.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
opensuse-su-2026:10263-1 heroic-games-launcher-2.20.0-2.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
opensuse-su-2026:10262-1 evolution-data-server-3.58.3-2.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
opensuse-su-2026:10261-1 docker-29.2.1_ce-37.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
opensuse-su-2026:10260-1 digger-cli-0.6.143-1.1 on GA media 2026-02-26T00:00:00Z 2026-02-26T00:00:00Z
ID Description Published Updated
ID Description Published Updated
rhsa-2026:0530 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.12 2026-01-13T20:48:49+00:00 2026-03-15T18:38:35+00:00
rhsa-2026:0527 Red Hat Security Advisory: VolSync v0.14 security fixes and container updates 2026-01-13T16:52:50+00:00 2026-03-15T18:38:35+00:00
rhsa-2026:0477 Red Hat Security Advisory: skopeo security update 2026-01-12T20:03:23+00:00 2026-03-15T18:38:35+00:00
rhsa-2026:0470 Red Hat Security Advisory: podman security update 2026-01-12T17:35:15+00:00 2026-03-15T18:38:34+00:00
rhsa-2026:0436 Red Hat Security Advisory: buildah security update 2026-01-12T02:06:04+00:00 2026-03-15T18:38:34+00:00
rhsa-2026:0426 Red Hat Security Advisory: buildah security update 2026-01-12T03:32:03+00:00 2026-03-15T18:38:33+00:00
rhsa-2026:0424 Red Hat Security Advisory: podman security update 2026-01-12T02:26:08+00:00 2026-03-15T18:38:33+00:00
rhsa-2026:0425 Red Hat Security Advisory: runc security update 2026-01-12T03:43:04+00:00 2026-03-15T18:38:32+00:00
rhsa-2026:0245 Red Hat Security Advisory: grafana security update 2026-01-07T14:45:51+00:00 2026-03-15T18:38:32+00:00
rhsa-2026:0418 Red Hat Security Advisory: OpenShift Container Platform 4.16.55 packages and security update 2026-01-15T19:15:31+00:00 2026-03-15T18:38:31+00:00
rhsa-2026:0414 Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage 2026-01-08T22:34:17+00:00 2026-03-15T18:38:31+00:00
rhsa-2026:0331 Red Hat Security Advisory: OpenShift Container Platform 4.18.31 packages and security update 2026-01-15T19:11:50+00:00 2026-03-15T18:38:30+00:00
rhsa-2026:0316 Red Hat Security Advisory: OpenShift Container Platform 4.12.84 bug fix and security update 2026-01-15T05:12:28+00:00 2026-03-15T18:38:29+00:00
rhsa-2026:0315 Red Hat Security Advisory: OpenShift Container Platform 4.12.84 packages and security update 2026-01-15T00:25:18+00:00 2026-03-15T18:38:29+00:00
rhsa-2026:0314 Red Hat Security Advisory: osbuild-composer security update 2026-01-08T11:35:59+00:00 2026-03-15T18:38:29+00:00
rhsa-2026:0261 Red Hat Security Advisory: Red Hat Developer Hub 1.7.4 release. 2026-01-07T18:34:52+00:00 2026-03-15T18:38:28+00:00
rhsa-2026:0246 Red Hat Security Advisory: grafana security update 2026-01-07T14:46:41+00:00 2026-03-15T18:38:28+00:00
rhsa-2026:0244 Red Hat Security Advisory: grafana security update 2026-01-07T14:38:56+00:00 2026-03-15T18:38:28+00:00
rhsa-2026:0243 Red Hat Security Advisory: grafana security update 2026-01-07T14:43:26+00:00 2026-03-15T18:38:27+00:00
rhsa-2026:0227 Red Hat Security Advisory: osbuild-composer security update 2026-01-07T11:32:40+00:00 2026-03-15T18:38:27+00:00
rhsa-2026:0226 Red Hat Security Advisory: osbuild-composer security update 2026-01-07T12:46:50+00:00 2026-03-15T18:38:26+00:00
rhsa-2026:0050 Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.2 2026-01-05T08:04:03+00:00 2026-03-15T18:38:26+00:00
rhsa-2025:9986 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update 2025-06-30T21:23:51+00:00 2026-03-15T18:38:25+00:00
rhsa-2025:9975 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update 2025-06-30T17:50:04+00:00 2026-03-15T18:38:25+00:00
rhsa-2025:9845 Red Hat Security Advisory: weldr-client security update 2025-06-26T16:57:30+00:00 2026-03-15T18:38:24+00:00
rhsa-2025:9844 Red Hat Security Advisory: osbuild-composer security update 2025-06-26T16:57:43+00:00 2026-03-15T18:38:24+00:00
rhsa-2025:9759 Red Hat Security Advisory: OpenShift Container Platform 4.14.53 bug fix and security update 2025-07-02T17:25:30+00:00 2026-03-15T18:38:23+00:00
rhsa-2025:9756 Red Hat Security Advisory: opentelemetry-collector security update 2025-06-26T07:53:59+00:00 2026-03-15T18:38:23+00:00
rhsa-2025:9715 Red Hat Security Advisory: osbuild-composer security update 2025-06-26T00:19:58+00:00 2026-03-15T18:38:23+00:00
rhsa-2025:9714 Red Hat Security Advisory: weldr-client security update 2025-06-26T00:29:48+00:00 2026-03-15T18:38:23+00:00
ID Description Published Updated
sevd-2024-191-04 Modicon Controllers M241/ M251, M258 / LMC058 and M262 2024-07-09T00:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-133-05 Galaxy VS, Galaxy VL, Galaxy VXL 2025-05-13T04:00:00.000Z 2025-09-24T04:00:00.000Z
sevd-2025-252-02 Saitel DR & Saitel DP Remote Terminal Unit 2025-09-09T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-04 EcoStruxure™ Building Operation Enterprise Server, EcoStruxure™ Building Operation Enterprise Central, and EcoStruxure™ Workstation 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-03 Schneider Electric Software Update 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-014-02 Pro-face GP-Pro EX and Remote HMI 2025-01-14T00:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2021-313-05 BadAlloc Vulnerabilities 2021-11-09T05:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-05 Modicon M340 Controller and Communication Modules 2025-08-12T04:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-014-05 Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules 2025-01-14T00:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-014-03 Wind River VxWorks DHCP Server Vulnerability 2025-01-14T05:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2024-163-01 Modicon M340, Modbus/TCP Ethernet Modicon M340 module, and Modbus/TCP Ethernet Modicon M340 FactoryCast module 2024-06-11T00:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-189-04 EcoStruxure™ Power Monitoring Expert (PME) and EcoStruxure™ Power Operation (EPO) with Advanced Reporting and Dashboards 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-02 System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-01 EcoStruxure™ IT Data Center Expert 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-03 EVLink WallBox 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-02 Modicon Controllers M241/M251/M258/LMC058/M262 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2024-254-01 Vijeo Designer 2024-09-10T00:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-01 Insight Home and Insight Facility 2025-06-10T04:00:00.000Z 2025-06-10T04:00:00.000Z
sevd-2020-287-01 Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules 2020-10-13T00:00:00.000Z 2025-06-10T04:00:00.000Z
sevd-2025-133-04 Schneider Electric PrismaSeT Active - Wireless Panel Server 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-03 EcoStruxure Power Build Rapsody 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-02 Wiser Home Automation 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-098-01 ConneXium Network Manager Software 2025-04-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-014-09 EcoStruxure™ Power Build Rapsody 2025-01-14T00:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2024-282-05 EcoStruxure™ Power Monitoring Expert (PME) 2024-10-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-098-02 Trio™ Q Licensed Data Radios 2025-04-08T04:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-014-01 Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC 2025-01-14T05:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-070-03 WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-02 EPAS-UI & EcoSUI 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-01 EcoStruxure™ Panel Server 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
ID Description Published Updated
SCA-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
sca-2023-0008 Vulnerability in SICK SIM1012 2023-09-29T13:00:00.000Z 2023-09-29T13:00:00.000Z
SCA-2023-0008 Vulnerability in SICK SIM1012 2023-09-29T13:00:00.000Z 2023-09-29T13:00:00.000Z
sca-2023-0009 Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products 2023-09-29T10:00:00.000Z 2023-09-29T10:00:00.000Z
SCA-2023-0009 Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products 2023-09-29T10:00:00.000Z 2023-09-29T10:00:00.000Z
sca-2023-0007 Vulnerabilities in SICK LMS5xx 2023-08-25T11:00:00.000Z 2023-08-25T11:00:00.000Z
SCA-2023-0007 Vulnerabilities in SICK LMS5xx 2023-08-25T11:00:00.000Z 2023-08-25T11:00:00.000Z
sca-2023-0006 Vulnerabilities in SICK ICR890-4 2023-07-10T13:00:00.000Z 2023-07-10T13:00:00.000Z
SCA-2023-0006 Vulnerabilities in SICK ICR890-4 2023-07-10T13:00:00.000Z 2023-07-10T13:00:00.000Z
sca-2023-0005 Vulnerabilities in SICK EventCam App 2023-06-19T11:00:00.000Z 2023-06-19T11:00:00.000Z
SCA-2023-0005 Vulnerabilities in SICK EventCam App 2023-06-19T11:00:00.000Z 2023-06-19T11:00:00.000Z
sca-2023-0004 Vulnerabilities in SICK FTMg 2023-05-11T13:00:00.000Z 2023-05-11T13:00:00.000Z
SCA-2023-0004 Vulnerabilities in SICK FTMg 2023-05-11T13:00:00.000Z 2023-05-11T13:00:00.000Z
sca-2023-0003 Vulnerability in SICK Flexi Soft and Flexi Classic Gateways 2023-05-03T13:00:00.000Z 2023-05-03T13:00:00.000Z
SCA-2023-0003 Vulnerability in SICK Flexi Soft and Flexi Classic Gateways 2023-05-03T13:00:00.000Z 2023-05-03T13:00:00.000Z
sca-2023-0002 Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways 2023-04-11T10:00:00.000Z 2023-04-11T10:00:00.000Z
sca-2023-0001 Bootloader mode vulnerability in Flexi Soft Gateways v3 2023-02-20T14:00:00.000Z 2023-02-20T14:00:00.000Z
sca-2022-0015 Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR 2022-12-08T16:00:00.000Z 2022-12-08T16:00:00.000Z
sca-2022-0013 Password recovery vulnerability affects multiple SICK SIMs 2022-10-21T13:00:00.000Z 2022-11-04T14:00:00.000Z
sca-2022-0014 SICK FlexiCompact affected by Denial of Service vulnerability 2022-10-31T11:00:00.000Z 2022-10-31T11:00:00.000Z
sca-2022-0012 OpenSSL vulnerability affects multiple SICK SIMs 2022-08-08T13:00:00.000Z 2022-08-03T13:00:00.000Z
sca-2022-0010 Vulnerability in SICK Flexi Soft Designer & Safety Designer 2022-05-16T10:00:00.000Z 2022-07-19T10:00:00.000Z
sca-2022-0011 Vulnerabilities in SICK Package Analytics 2022-06-08T15:00:00.000Z 2022-06-08T15:00:00.000Z
sca-2022-0009 Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET 2022-04-29T15:00:00.000Z 2022-04-29T15:00:00.000Z
sca-2022-0008 Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 2022-04-29T15:00:00.000Z 2022-04-29T15:00:00.000Z
sca-2022-0007 Vulnerabilities in SICK MARSIC300 2022-04-21T15:00:00.000Z 2022-04-21T15:00:00.000Z
sca-2022-0006 Vulnerability in SICK MSC800 2022-04-11T15:00:00.000Z 2022-04-11T15:00:00.000Z
sca-2022-0005 Vulnerability in SICK Overall Equipment Effectiveness (OEE) 2022-04-11T15:00:00.000Z 2022-04-11T15:00:00.000Z
sca-2022-0004 Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC 2022-04-11T15:00:00.000Z 2022-03-31T15:00:00.000Z
sca-2022-0003 Vulnerabilities in SICK FTMg 2022-03-31T15:00:00.000Z 2022-03-31T15:00:00.000Z
ID Description Published Updated
ssa-130874 SSA-130874: Buffer Overflow Vulnerability in SCALANCE X Switches 2012-04-05T00:00:00Z 2026-02-10T00:00:00Z
ssa-035571 SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-978177 SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices 2025-08-12T00:00:00Z 2026-01-13T00:00:00Z
ssa-928984 SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC) 2024-12-16T00:00:00Z 2026-01-13T00:00:00Z
ssa-912274 SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 2025-12-09T00:00:00Z 2026-01-13T00:00:00Z
ssa-858251 SSA-858251: Authentication Bypass Vulnerabilities in OPC UA 2025-03-11T00:00:00Z 2026-01-13T00:00:00Z
ssa-832273 SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices 2024-03-12T00:00:00Z 2026-01-13T00:00:00Z
ssa-827968 SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-698820 SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices 2024-07-09T00:00:00Z 2026-01-13T00:00:00Z
ssa-693776 SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2 2025-06-10T00:00:00Z 2026-01-13T00:00:00Z
ssa-366067 SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices 2024-03-12T00:00:00Z 2026-01-13T00:00:00Z
ssa-365200 SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products 2025-10-14T00:00:00Z 2026-01-13T00:00:00Z
ssa-364175 SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 2024-07-09T00:00:00Z 2026-01-13T00:00:00Z
ssa-192617 SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-014678 SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-001536 SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-512988 SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 2025-12-12T00:00:00Z 2025-12-12T00:00:00Z
ssa-915282 SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-882673 SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-800126 SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-763474 SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-734261 SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-723487 SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products 2024-07-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-693808 SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-673996 SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products 2024-09-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-626856 SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-493396 SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-471761 SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-420375 SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-416652 SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ID Description Published Updated
suse-su-2026:0824-1 Security update for openCryptoki 2026-03-05T15:16:07Z 2026-03-05T15:16:07Z
suse-su-2026:0821-1 Security update for python-Django 2026-03-05T11:43:12Z 2026-03-05T11:43:12Z
suse-su-2026:0819-1 Security update for virtiofsd 2026-03-05T10:49:51Z 2026-03-05T10:49:51Z
suse-su-2026:0817-1 Security update for wireshark 2026-03-05T09:51:15Z 2026-03-05T09:51:15Z
suse-su-2026:0816-1 Security update for virtiofsd 2026-03-05T09:50:59Z 2026-03-05T09:50:59Z
suse-su-2026:0814-1 Security update for mozilla-nss 2026-03-05T09:06:46Z 2026-03-05T09:06:46Z
suse-su-2026:0813-1 Security update for mozilla-nss 2026-03-05T08:34:14Z 2026-03-05T08:34:14Z
suse-su-2026:0812-1 Security update for MozillaFirefox 2026-03-05T08:31:43Z 2026-03-05T08:31:43Z
suse-su-2026:0811-1 Security update for libsoup2 2026-03-05T03:05:23Z 2026-03-05T03:05:23Z
suse-su-2026:0790-1 Security update for go1.25-openssl 2026-03-03T15:52:22Z 2026-03-03T15:52:22Z
suse-su-2026:0789-1 Security update for go1.24-openssl 2026-03-03T15:51:34Z 2026-03-03T15:51:34Z
suse-su-2026:0788-1 Security update for libsoup 2026-03-03T15:15:16Z 2026-03-03T15:15:16Z
suse-su-2026:0787-1 Security update for postgresql17 2026-03-03T14:48:34Z 2026-03-03T14:48:34Z
suse-su-2026:0786-1 Security update for postgresql14 2026-03-03T14:47:10Z 2026-03-03T14:47:10Z
suse-su-2026:0785-1 Security update for postgresql18 2026-03-03T14:01:35Z 2026-03-03T14:01:35Z
suse-su-2026:0784-1 Security update for postgresql16 2026-03-03T13:42:32Z 2026-03-03T13:42:32Z
suse-su-2026:0783-1 Security update for zlib 2026-03-03T13:36:20Z 2026-03-03T13:36:20Z
suse-su-2026:0782-1 Security update for libxml2 2026-03-03T13:35:15Z 2026-03-03T13:35:15Z
suse-su-2026:0781-1 Security update for patch 2026-03-03T13:28:08Z 2026-03-03T13:28:08Z
suse-su-2026:0780-1 Security update for tracker-miners 2026-03-03T13:25:57Z 2026-03-03T13:25:57Z
suse-su-2026:0779-1 Security update for libssh 2026-03-03T13:25:08Z 2026-03-03T13:25:08Z
suse-su-2026:0778-1 Security update for libssh 2026-03-03T13:24:29Z 2026-03-03T13:24:29Z
suse-su-2026:0777-1 Security update for cosign 2026-03-03T13:22:27Z 2026-03-03T13:22:27Z
suse-su-2026:0776-1 Security update for evolution-data-server 2026-03-03T13:20:26Z 2026-03-03T13:20:26Z
suse-su-2026:0775-1 Security update for evolution-data-server 2026-03-03T13:19:14Z 2026-03-03T13:19:14Z
suse-su-2026:0774-1 Security update for python 2026-03-03T13:18:14Z 2026-03-03T13:18:14Z
suse-su-2026:0772-1 Security update for docker 2026-03-03T13:14:59Z 2026-03-03T13:14:59Z
suse-su-2026:0771-1 Security update for postgresql15 2026-03-03T13:13:43Z 2026-03-03T13:13:43Z
suse-su-2026:0770-1 Security update for postgresql15 2026-03-03T13:12:48Z 2026-03-03T13:12:48Z
suse-su-2026:0769-1 Security update for postgresql18 2026-03-03T13:11:44Z 2026-03-03T13:11:44Z
ID Description Published Updated
alsa-2026:3515 Important: thunderbird security update 2026-03-02T00:00:00Z 2026-03-04T11:54:18Z
alsa-2026:3669 Important: go-rpm-macros security update 2026-03-03T00:00:00Z 2026-03-04T11:09:35Z
alsa-2026:3668 Important: go-rpm-macros security update 2026-03-03T00:00:00Z 2026-03-04T11:06:04Z
alsa-2026:3638 Moderate: nginx:1.24 security update 2026-03-03T00:00:00Z 2026-03-04T10:33:37Z
alsa-2026:3488 Moderate: kernel security update 2026-03-02T00:00:00Z 2026-03-04T10:30:56Z
alsa-2026:3507 Important: valkey security update 2026-03-02T00:00:00Z 2026-03-04T10:26:29Z
alsa-2026:3516 Important: thunderbird security update 2026-03-02T00:00:00Z 2026-03-04T10:23:48Z
alsa-2026:3551 Important: libpng security update 2026-03-02T00:00:00Z 2026-03-04T10:21:19Z
alsa-2026:3463 Moderate: kernel-rt security update 2026-03-02T00:00:00Z 2026-03-03T15:13:38Z
alsa-2026:3464 Moderate: kernel security update 2026-03-02T00:00:00Z 2026-03-03T15:09:58Z
alsa-2026:3428 Important: container-tools:rhel8 security update 2026-02-26T00:00:00Z 2026-03-02T15:20:08Z
alsa-2026:3407 Important: mingw-fontconfig security update 2026-02-26T00:00:00Z 2026-03-02T15:16:03Z
alsa-2026:3477 Moderate: gnutls security update 2026-03-02T00:00:00Z 2026-03-02T13:35:48Z
alsa-2026:3405 Important: libpng security update 2026-02-26T00:00:00Z 2026-03-02T13:11:42Z
alsa-2026:3275 Moderate: kernel security update 2026-02-25T00:00:00Z 2026-03-02T13:07:09Z
alsa-2026:3341 Important: containernetworking-plugins security update 2026-02-25T00:00:00Z 2026-03-02T12:59:54Z
alsa-2026:3340 Important: skopeo security update 2026-02-25T00:00:00Z 2026-03-02T12:57:45Z
alsa-2026:3338 Important: firefox security update 2026-02-25T00:00:00Z 2026-03-02T12:54:29Z
alsa-2026:3336 Important: podman security update 2026-02-25T00:00:00Z 2026-02-26T13:31:46Z
alsa-2026:3343 Important: skopeo security update 2026-02-25T00:00:00Z 2026-02-26T13:30:14Z
alsa-2026:3354 Important: python-pyasn1 security update 2026-02-25T00:00:00Z 2026-02-26T13:28:33Z
alsa-2026:3031 Important: libpng15 security update 2026-02-23T00:00:00Z 2026-02-26T10:52:26Z
alsa-2026:3033 Important: munge security update 2026-02-23T00:00:00Z 2026-02-26T10:51:19Z
alsa-2026:3034 Important: munge security update 2026-02-23T00:00:00Z 2026-02-26T10:49:31Z
alsa-2026:3035 Important: grafana-pcp security update 2026-02-23T00:00:00Z 2026-02-26T10:48:18Z
alsa-2026:3066 Moderate: kernel security update 2026-02-23T00:00:00Z 2026-02-26T10:43:00Z
alsa-2026:3067 Important: freerdp security update 2026-02-23T00:00:00Z 2026-02-26T10:36:11Z
alsa-2026:3068 Important: freerdp security update 2026-02-23T00:00:00Z 2026-02-26T10:34:44Z
alsa-2026:3092 Important: golang-github-openprinting-ipp-usb security update 2026-02-23T00:00:00Z 2026-02-26T10:33:21Z
alsa-2026:3189 Moderate: 389-ds-base security update 2026-02-24T00:00:00Z 2026-02-26T10:31:32Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2022-599 Use-of-uninitialized-value in mrb_bint_as_int 2022-07-20T00:00:11.865502Z 2026-03-12T14:10:24.439358Z
osv-2024-914 UNKNOWN READ in boost::re_detail_500::basic_regex_formatter<std::__1::ostream_iterator<char, cha 2024-08-16T00:08:20.277708Z 2026-03-11T14:30:35.738187Z
osv-2024-398 Use-of-uninitialized-value in wabt::BinaryReaderObjdump::PrintInitExpr 2024-05-01T00:11:38.602555Z 2026-03-11T14:28:35.396657Z
osv-2024-112 Stack-overflow in boost::read_graphviz_detail::parser::parse_subgraph 2024-02-16T00:05:47.896843Z 2026-03-11T14:26:22.626694Z
osv-2023-346 UNKNOWN WRITE in void std::__1::allocator_traits<std::__1::allocator<wabt::interp::HandlerDesc> > 2023-04-27T14:02:25.286668Z 2026-03-11T14:24:45.211720Z
osv-2022-916 Container-overflow in wabt::interp::BinaryReaderInterp::BeginFunctionBody 2022-09-20T00:00:42.122902Z 2026-03-11T14:23:47.282795Z
osv-2022-1263 Null-dereference READ 2022-12-20T13:01:53.219707Z 2026-03-11T14:20:54.166339Z
osv-2026-371 Heap-buffer-overflow in tinyobj::tryParseDouble 2026-03-09T00:09:41.689616Z 2026-03-09T00:09:41.689926Z
osv-2024-838 Bad-cast to RDKit::AtomRDKit::ROMol::initFromOther 2024-08-16T00:03:32.029853Z 2026-03-07T14:34:10.603763Z
osv-2026-359 Segv on unknown address in gpsd_vlog 2026-03-07T00:03:40.062221Z 2026-03-07T00:03:40.062505Z
osv-2025-62 UNKNOWN READ in RDKit::Dict::reset 2025-01-27T00:01:51.692636Z 2026-03-06T14:31:24.229549Z
osv-2023-133 Heap-buffer-overflow in H5L__extern_traverse 2023-03-02T13:02:08.499899Z 2026-03-05T15:50:03.549911Z
osv-2023-359 Heap-buffer-overflow in H5MM_memcpy 2023-05-01T14:02:33.841821Z 2026-03-05T15:30:27.737619Z
osv-2023-76 Heap-buffer-overflow in H5SM_delete 2023-02-18T13:00:50.471845Z 2026-03-05T15:16:28.198333Z
osv-2023-89 Heap-buffer-overflow in H5O__mtime_new_encode 2023-02-21T13:00:30.347876Z 2026-03-05T14:51:38.032364Z
osv-2023-430 Heap-buffer-overflow in H5MM_xstrdup 2023-05-26T14:00:26.078002Z 2026-03-05T14:50:31.048848Z
osv-2023-392 Negative-size-param in H5MM_memcpy 2023-05-13T14:00:26.093088Z 2026-03-05T14:50:14.844074Z
osv-2023-370 Heap-buffer-overflow in H5FS__sect_link 2023-05-06T14:01:04.165113Z 2026-03-05T14:50:11.421136Z
osv-2023-381 UNKNOWN READ in H5FL__blk_gc_list 2023-05-08T14:02:04.934252Z 2026-03-05T14:49:56.592245Z
osv-2023-216 Heap-buffer-overflow in H5G__node_cmp3 2023-03-23T13:00:48.081705Z 2026-03-05T14:49:35.416808Z
osv-2024-387 Heap-buffer-overflow in H5F_addr_encode 2024-04-30T00:13:39.184262Z 2026-03-05T14:41:50.404940Z
osv-2024-728 Negative-size-param in pdf_resize_resource_arrays 2024-08-08T00:09:33.935595Z 2026-03-05T14:38:34.171834Z
osv-2025-266 Heap-buffer-overflow in lj_buf_ruleb128 2025-04-08T00:17:06.279554Z 2026-03-05T14:36:27.176471Z
osv-2024-719 Heap-buffer-overflow in hevc_ref_pic_lists_modification 2024-08-07T00:05:22.699506Z 2026-03-05T14:35:24.195250Z
osv-2023-34 Heap-use-after-free in gc_trace 2023-01-29T13:00:17.773387Z 2026-03-05T14:33:25.047298Z
osv-2022-73 Heap-use-after-free in pdfi_cspace_free_callback 2022-01-22T00:00:41.413569Z 2026-03-05T14:32:30.429302Z
osv-2024-677 Segv on unknown address in gs_gc_reclaim 2024-07-25T00:06:43.762625Z 2026-03-05T14:30:40.209744Z
osv-2022-524 Heap-buffer-overflow in Ins_JROF 2022-07-01T00:01:43.353257Z 2026-03-05T14:30:32.759280Z
osv-2022-94 Heap-buffer-overflow in cli_strlcat 2022-01-27T00:02:12.465969Z 2026-03-05T14:29:46.831320Z
osv-2022-636 UNKNOWN READ in fp_cmp_mag 2022-07-27T00:00:35.300337Z 2026-03-05T14:28:12.890689Z
ID Description Published Updated
rustsec-2025-0147 `evm-units` was removed from crates.io for malicious code 2025-12-03T12:00:00Z 2026-02-23T07:15:28Z
rustsec-2025-0146 `sha-rust` was removed from crates.io for malicious code 2025-12-05T12:00:00Z 2026-02-23T07:15:28Z
rustsec-2025-0145 `uniswap-utils` was removed from crates.io for malicious code 2025-12-03T12:00:00Z 2026-02-23T07:15:28Z
rustsec-2026-0017 `clob-sdk` was removed from crates.io for malicious code 2026-02-20T12:00:00Z 2026-02-21T01:48:10Z
rustsec-2026-0016 `polymarkets-rs-clob-client` was removed from crates.io for malicious code 2026-02-20T12:00:00Z 2026-02-20T18:09:09Z
rustsec-2026-0012 Unsoundness in opt-in ARMv8 assembly backend for `keccak` 2026-02-12T12:00:00Z 2026-02-20T04:00:15Z
rustsec-2026-0015 `polymarkets-client-sdk` was removed from crates.io for malicious code 2026-02-19T12:00:00Z 2026-02-19T22:41:14Z
rustsec-2026-0014 `rpc-check` was removed from crates.io for malicious code 2026-02-19T12:00:00Z 2026-02-19T22:41:14Z
rustsec-2026-0011 `polymarket-client-sdks` was removed from crates.io for malicious code 2026-02-13T12:00:00Z 2026-02-14T08:13:56Z
rustsec-2025-0152 `finch_cli_rust` was removed from crates.io for malicious code 2025-12-09T12:00:00Z 2026-02-13T04:43:42Z
rustsec-2025-0151 `sha-rst` was removed from crates.io for malicious code 2025-12-09T12:00:00Z 2026-02-13T04:43:42Z
rustsec-2025-0150 `finch-rst` was removed from crates.io for malicious code 2025-12-09T12:00:00Z 2026-02-13T04:43:42Z
rustsec-2025-0142 Segmentation fault and invalid memory read in `mnl::cb_run` 2025-10-18T12:00:00Z 2026-02-10T13:23:41Z
rustsec-2025-0149 World Writable Directory in /var/log/below Allows Local Privilege Escalation 2025-03-12T12:00:00Z 2026-02-08T07:26:28Z
rustsec-2026-0009 Denial of Service via Stack Exhaustion 2026-02-05T12:00:00Z 2026-02-06T09:12:16Z
rustsec-2026-0008 Potential undefined behavior when dereferencing Buf struct 2026-02-02T12:00:00Z 2026-02-05T06:08:13Z
rustsec-2026-0007 Integer overflow in `BytesMut::reserve` 2026-02-03T12:00:00Z 2026-02-04T06:56:11Z
rustsec-2026-0006 Wasmtime segfault or unused out-of-sandbox load with `f64.copysign` operator on x86-64 2026-01-26T12:00:00Z 2026-01-30T05:41:11Z
rustsec-2025-0143 Unsound APIs of public `constant::Reader` and `StructSchema` 2025-12-24T12:00:00Z 2026-01-29T05:56:50Z
rustsec-2025-0144 Timing side-channel in ML-DSA decomposition 2025-12-12T12:00:00Z 2026-01-27T22:28:37Z
rustsec-2024-0436 paste - no longer maintained 2024-10-07T12:00:00Z 2026-01-27T21:51:15Z
rustsec-2026-0005 Potential use-after-free in `oneshot` when used asynchronously 2026-01-25T12:00:00Z 2026-01-27T05:50:51Z
rustsec-2026-0004 Triton VM Soundness Vulnerability due to Improper Sampling of Randomness 2026-01-21T12:00:00Z 2026-01-23T05:50:29Z
rustsec-2021-0155 Use After Free in lucet-runtime 2021-11-30T12:00:00Z 2026-01-17T19:50:19Z
rustsec-2025-0111 `tokio-tar` parses PAX extended headers incorrectly, allows file smuggling 2025-10-21T12:00:00Z 2026-01-17T07:44:05Z
rustsec-2025-0141 Bincode is unmaintained 2025-12-16T12:00:00Z 2026-01-16T11:04:42Z
rustsec-2026-0003 Non-constant-time code generation on ARM32 targets 2026-01-14T12:00:00Z 2026-01-15T17:45:42Z
rustsec-2026-0002 `IterMut` violates Stacked Borrows by invalidating internal pointer 2026-01-07T12:00:00Z 2026-01-08T05:46:06Z
rustsec-2026-0001 Potential Undefined Behaviors in `Arc<T>`/`Rc<T>` impls of `from_value` on OOM 2026-01-05T12:00:00Z 2026-01-06T15:33:19Z
rustsec-2025-0139 theshit vulnerable to unsafe loading of user-owned Python rules when running as root 2025-12-30T12:00:00Z 2026-01-04T20:34:25Z
ID Description Published Updated
bit-parse-2026-31800 Parse Server: Classes `_GraphQLConfig` and `_Audience` master key bypass via generic class routes 2026-03-12T14:48:16.613Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30972 Parse Server has a rate limit bypass via batch request endpoint 2026-03-12T14:48:14.900Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30967 Parse Server OAuth2 authentication adapter account takeover via identity spoofing 2026-03-12T14:48:13.390Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30966 Parse Server role escalation and CLP bypass via direct `_Join` table write 2026-03-12T14:48:11.522Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30965 Parse Server session token exfiltration via `redirectClassNameForKey` query parameter 2026-03-12T14:48:09.696Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30962 Parse Server has a protected fields bypass via logical query operators 2026-03-12T14:48:07.977Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30949 Parse Server is missing audience validation in Keycloak authentication adapter 2026-03-12T14:48:06.075Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30948 Parse Server has stored cross-site scripting (XSS) via SVG file upload 2026-03-12T14:48:04.274Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30947 Parse Server ha a bypass of class-level permissions in LiveQuery 2026-03-12T14:48:02.496Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30946 Parse Server affected by denial-of-service via unbounded query complexity in REST and GraphQL API 2026-03-12T14:48:00.783Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30941 Parse Server has a NoSQL injection via token type in password reset and email verification endpoints 2026-03-12T14:47:58.977Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30939 Parse Server has Denial of Service (DoS) and Cloud Function Dispatch Bypass via Prototype Chain Resolution 2026-03-12T14:47:57.281Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30938 Parse Server has denylist `requestKeywordDenylist` keyword scan bypass through nested object placement 2026-03-12T14:47:55.401Z 2026-03-12T15:11:51.041Z
bit-parse-2026-30925 Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery 2026-03-12T14:47:53.415Z 2026-03-12T15:11:51.041Z
bit-tomcat-2026-24734 Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass 2026-02-20T09:53:00.269Z 2026-03-12T09:10:07.191Z
bit-tomcat-2026-24733 Apache Tomcat: Security constraint bypass with HTTP/0.9 2026-02-20T09:52:58.708Z 2026-03-12T09:10:07.191Z
bit-tomcat-2025-66614 Apache Tomcat: Client certificate verification bypass due to virtual host mapping 2026-02-20T09:52:57.300Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly 2026-03-12T08:39:47.564Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26311 Envoy HTTP: filter chain execution on reset streams causing UAF crash 2026-03-12T08:39:46.109Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26310 Crash for scoped ip address in Envoy during DNS 2026-03-12T08:39:44.551Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26309 Envoy has an off-by-one write in JsonEscaper::escapeString() 2026-03-12T08:39:42.871Z 2026-03-12T09:10:07.191Z
bit-envoy-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation 2026-03-12T08:39:41.078Z 2026-03-12T09:10:07.191Z
bit-appsmith-2026-30862 Critical Stored XSS & Privilege Escalation in Appsmith 2026-03-12T08:36:03.908Z 2026-03-12T09:10:07.191Z
bit-parse-2026-30863 Parse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adapters 2026-03-11T15:49:05.551Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30854 Parse Server: GraphQL `__type` introspection bypass via inline fragments when public introspection is disabled 2026-03-11T15:49:02.829Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30850 Parse Server: File metadata endpoint bypasses `beforeFind` / `afterFind` trigger authorization 2026-03-11T15:48:59.848Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30848 Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory 2026-03-11T15:48:57.194Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30835 Parse Server: Malformed `$regex` query leaks database error details in API response 2026-03-11T15:48:54.398Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30229 Parse Server: Endpoint `/loginAs` allows `readOnlyMasterKey` to gain full read and write access as any user 2026-03-11T15:48:51.922Z 2026-03-11T18:56:50.865Z
bit-parse-2026-30228 Parse Server: File creation and deletion bypasses `readOnlyMasterKey` write restriction 2026-03-11T15:48:49.330Z 2026-03-11T18:56:50.865Z
ID Description Published Updated
cleanstart-2026-aj16639 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-02-27T00:53:09.299313Z 2026-02-26T12:09:56Z
cleanstart-2026-ac12204 go-git is a highly extensible git implementation library written in pure Go 2026-02-27T00:54:09.647466Z 2026-02-26T12:09:56Z
cleanstart-2026-vu62737 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-02-26T00:41:56.473097Z 2026-02-25T07:34:17Z
cleanstart-2026-kk99760 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-02-26T00:41:27.004859Z 2026-02-25T07:34:17Z
cleanstart-2026-dc63423 Within HostnameError 2026-02-26T00:40:26.756005Z 2026-02-25T07:34:17Z
cleanstart-2026-zs11519 Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0 2026-02-25T00:49:13.663387Z 2026-02-24T09:23:19Z
cleanstart-2026-xk29348 Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 8.4.0-r0 2026-02-25T00:39:11.477214Z 2026-02-24T09:23:19Z
cleanstart-2026-wk32717 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... 2026-02-25T00:52:13.178542Z 2026-02-24T09:23:19Z
cleanstart-2026-vz85637 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-02-25T00:50:42.986205Z 2026-02-24T09:23:19Z
cleanstart-2026-vi85055 Within HostnameError 2026-02-25T00:51:12.873948Z 2026-02-24T09:23:19Z
cleanstart-2026-uq43569 go-git is a highly extensible git implementation library written in pure Go 2026-02-25T00:44:12.116432Z 2026-02-24T09:23:19Z
cleanstart-2026-uk11127 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... 2026-02-25T00:52:43.391940Z 2026-02-24T09:23:19Z
cleanstart-2026-rh10099 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 2026-02-25T00:43:12.068903Z 2026-02-24T09:23:19Z
cleanstart-2026-rd09851 net/url package does not set a limit on the number of query parameters in a query 2026-02-25T00:53:44.039015Z 2026-02-24T09:23:19Z
cleanstart-2026-pm90259 Cancelling a query (e 2026-02-25T00:50:43.010672Z 2026-02-24T09:23:19Z
cleanstart-2026-oo47906 Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0 2026-02-25T00:49:14.177631Z 2026-02-24T09:23:19Z
cleanstart-2026-oa82425 go-git is a highly extensible git implementation library written in pure Go 2026-02-25T00:44:42.034173Z 2026-02-24T09:23:19Z
cleanstart-2026-lo42921 Within HostnameError 2026-02-25T00:42:42.699243Z 2026-02-24T09:23:19Z
cleanstart-2026-ig94553 excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate 2026-02-25T00:49:42.735675Z 2026-02-24T09:23:19Z
cleanstart-2026-ia56615 go-git is a highly extensible git implementation library written in pure Go 2026-02-25T00:44:12.047442Z 2026-02-24T09:23:19Z
cleanstart-2026-ha44046 Within HostnameError 2026-02-25T00:49:42.693487Z 2026-02-24T09:23:19Z
cleanstart-2026-fm65506 html 2026-02-25T00:49:12.988018Z 2026-02-24T09:23:19Z
cleanstart-2026-dv04077 go-git is a highly extensible git implementation library written in pure Go 2026-02-25T00:42:42.369607Z 2026-02-24T09:23:19Z
cleanstart-2026-ds30740 go-git is a highly extensible git implementation library written in pure Go 2026-02-25T00:46:12.495329Z 2026-02-24T09:23:19Z
cleanstart-2026-dn18334 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... 2026-02-25T00:39:41.622120Z 2026-02-24T09:23:19Z
cleanstart-2026-dc27717 OpenVPN version 2 2026-02-25T00:39:42.192253Z 2026-02-24T09:23:19Z
cleanstart-2026-cy44461 Within HostnameError 2026-02-25T00:53:13.101959Z 2026-02-24T09:23:19Z
cleanstart-2026-yq79300 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-02-24T00:45:20.890998Z 2026-02-23T12:58:32Z
cleanstart-2026-uo76615 Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate 2026-02-24T00:45:21.009333Z 2026-02-23T12:58:32Z
cleanstart-2026-sp64433 Security fixes for GHSA-6rw7-vpxm-498p, GHSA-73rr-hh4g-fpgx, GHSA-8qq5-rm4j-mr97 applied in versions: 4.2.1.1-r1 2026-02-24T00:44:51.180009Z 2026-02-23T12:58:32Z
ID Description Published Updated
ID Description Updated
ts-2023-001 TS-2023-001 2023-01-17T00:00
ts-2022-005 TS-2022-005 2022-11-21T00:00
ts-2022-004 TS-2022-004 2022-11-21T00:00
ts-2022-003 TS-2022-003 2022-06-14T00:00
ts-2022-002 TS-2022-002 2022-05-11T00:00
ts-2022-001 TS-2022-001 2022-02-07T00:00
ID Description Published Updated
CERTFR-2025-ALE-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
certfr-2024-ale-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
certfr-2024-ale-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
CERTFR-2024-ALE-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
CERTFR-2024-ALE-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
certfr-2024-ale-015 [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks 2024-11-15T00:00:00.000000 2024-11-18T00:00:00.000000
CERTFR-2024-ALE-015 [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks 2024-11-15T00:00:00.000000 2024-11-18T00:00:00.000000
certfr-2024-ale-012 [MàJ] Vulnérabilités affectant OpenPrinting CUPS 2024-09-27T00:00:00.000000 2024-11-21T00:00:00.000000
certfr-2024-ale-011 Vulnérabilité dans SonicWall 2024-09-10T00:00:00.000000 2024-11-21T00:00:00.000000
CERTFR-2024-ALE-012 [MàJ] Vulnérabilités affectant OpenPrinting CUPS 2024-09-27T00:00:00.000000 2024-11-21T00:00:00.000000
CERTFR-2024-ALE-011 Vulnérabilité dans SonicWall 2024-09-10T00:00:00.000000 2024-11-21T00:00:00.000000
certfr-2024-ale-010 Multiples vulnérabilités dans Roundcube 2024-08-09T00:00:00.000000 2024-10-07T00:00:00.000000
certfr-2024-ale-009 Vulnérabilité dans OpenSSH 2024-07-01T00:00:00.000000 2024-07-03T00:00:00.000000
CERTFR-2024-ALE-010 Multiples vulnérabilités dans Roundcube 2024-08-09T00:00:00.000000 2024-10-07T00:00:00.000000
CERTFR-2024-ALE-009 Vulnérabilité dans OpenSSH 2024-07-01T00:00:00.000000 2024-07-03T00:00:00.000000
certfr-2024-ale-008 [MàJ] Vulnérabilité dans les produits Check Point 2024-05-30T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-007 Multiples vulnérabilités dans les produits Cisco 2024-04-25T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-006 [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect 2024-04-12T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-004 [MàJ] Vulnérabilité dans Fortinet FortiOS 2024-02-09T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-008 [MàJ] Vulnérabilité dans les produits Check Point 2024-05-30T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-007 Multiples vulnérabilités dans les produits Cisco 2024-04-25T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-006 [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect 2024-04-12T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-004 [MàJ] Vulnérabilité dans Fortinet FortiOS 2024-02-09T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-005 [MàJ] Vulnérabilité dans Microsoft Outlook 2024-02-15T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-003 [MàJ] Incident affectant les solutions AnyDesk 2024-02-05T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-001 [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways 2024-01-11T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-005 [MàJ] Vulnérabilité dans Microsoft Outlook 2024-02-15T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-003 [MàJ] Incident affectant les solutions AnyDesk 2024-02-05T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways 2024-01-11T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-002 [MàJ] Multiples Vulnérabilités dans GitLab 2024-01-12T00:00:00.000000 2024-02-22T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0265 Multiples vulnérabilités dans les produits Fortinet 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0264 Multiples vulnérabilités dans les produits Adobe 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0263 Vulnérabilité dans Ivanti Desktop and Server Management (DSM) 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0262 Multiples vulnérabilités dans HPE Aruba Networking AOS-CX 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0261 Multiples vulnérabilités dans les produits Intel 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0260 Multiples vulnérabilités dans WordPress 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0259 Multiples vulnérabilités dans Stormshield Network Security 2026-03-11T00:00:00.000000 2026-03-11T00:00:00.000000
certfr-2026-avi-0258 Vulnérabilité dans Microsoft CBL-Mariner 2026-03-10T00:00:00.000000 2026-03-10T00:00:00.000000
certfr-2026-avi-0257 Vulnérabilité dans Mozilla Focus 2026-03-10T00:00:00.000000 2026-03-10T00:00:00.000000
certfr-2026-avi-0256 Multiples vulnérabilités dans les produits SAP 2026-03-10T00:00:00.000000 2026-03-10T00:00:00.000000
certfr-2026-avi-0255 Multiples vulnérabilités dans les produits Siemens 2026-03-10T00:00:00.000000 2026-03-10T00:00:00.000000
certfr-2026-avi-0254 Multiples vulnérabilités dans les produits Schneider Electric 2026-03-10T00:00:00.000000 2026-03-10T00:00:00.000000
certfr-2026-avi-0253 Multiples vulnérabilités dans Microsoft Edge 2026-03-09T00:00:00.000000 2026-03-09T00:00:00.000000
certfr-2026-avi-0252 Multiples vulnérabilités dans les produits Moxa 2026-03-09T00:00:00.000000 2026-03-09T00:00:00.000000
certfr-2026-avi-0251 Multiples vulnérabilités dans Apache Zookeeper 2026-03-09T00:00:00.000000 2026-03-09T00:00:00.000000
certfr-2026-avi-0250 Vulnérabilité dans Apereo CAS 2026-03-09T00:00:00.000000 2026-03-09T00:00:00.000000
certfr-2026-avi-0249 Multiples vulnérabilités dans les produits IBM 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0248 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0247 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0246 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0245 Vulnérabilité dans Zabbix 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0244 Vulnérabilité dans Nextcloud Flow 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0243 Vulnérabilité dans SPIP 2026-03-06T00:00:00.000000 2026-03-06T00:00:00.000000
certfr-2026-avi-0242 Multiples vulnérabilités dans les produits Cisco 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
certfr-2026-avi-0241 Vulnérabilité dans ClamAV 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
certfr-2026-avi-0240 Vulnérabilité dans CPython 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
certfr-2026-avi-0239 Multiples vulnérabilités dans Google Chrome 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
certfr-2026-avi-0238 Vulnérabilité dans NetApp ONTAP 9 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
certfr-2026-avi-0237 Multiples vulnérabilités dans les produits Microsoft 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
certfr-2026-avi-0236 Multiples vulnérabilités dans Traefik 2026-03-05T00:00:00.000000 2026-03-05T00:00:00.000000
ID Description Published Updated
jvndb-2026-000022 Oki Electric Industry products and OEM products register Windows services with unquoted file paths 2026-02-09T15:21+09:00 2026-02-09T15:21+09:00
jvndb-2026-000021 web2py vulnerable to open redirect 2026-02-05T15:01+09:00 2026-02-05T15:01+09:00
jvndb-2026-000017 Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows 2026-02-03T14:57+09:00 2026-02-05T14:41+09:00
jvndb-2026-000020 Multiple vulnerabilities in Movable Type 2026-02-04T16:15+09:00 2026-02-04T16:15+09:00
jvndb-2026-000016 Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries 2026-02-03T14:57+09:00 2026-02-04T12:39+09:00
jvndb-2024-002831 ELECOM wireless LAN routers vulnerable to OS command injection 2024-02-22T08:15+09:00 2026-02-04T12:02+09:00
jvndb-2025-000041 Multiple vulnerabilities in ELECOM wireless LAN routers 2025-06-24T14:50+09:00 2026-02-03T15:35+09:00
jvndb-2024-000078 Multiple vulnerabilities in ELECOM wireless LAN routers 2024-07-30T15:34+09:00 2026-02-03T15:35+09:00
jvndb-2026-000019 Multiple vulnerabilities in ELECOM wireless LAN products 2026-02-03T14:57+09:00 2026-02-03T14:57+09:00
jvndb-2026-000015 Sonatype Nexus Repository vulnerable to server-side request forgery 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000014 OS command injection in raspap-webgui 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000013 Multiple Microsoft Office products vulnerable to untrusted search path 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000012 Multiple vulnerabilities in Cybozu Garoon 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000018 Undocumented "TelnetEnable" functionality of End of Service NETGEAR products 2026-01-30T14:23+09:00 2026-01-30T14:23+09:00
jvndb-2026-002119 Multiple vulnerabilities in BROTHER MFPs (multifunction printers) 2026-01-30T11:26+09:00 2026-01-30T11:26+09:00
jvndb-2026-002030 Multiple Vulnerabilities in Cosminexus 2026-01-29T10:32+09:00 2026-01-29T10:32+09:00
jvndb-2026-001972 Archer MR600 vulnerable to OS command injection 2026-01-28T10:41+09:00 2026-01-28T10:41+09:00
jvndb-2026-000011 beat-access for Windows may insecurely load Dynamic Link Libraries 2026-01-27T18:22+09:00 2026-01-27T18:22+09:00
jvndb-2026-001732 Multiple Brother software installers may insecurely load Dynamic Link Libraries 2026-01-26T16:04+09:00 2026-01-26T16:04+09:00
jvndb-2026-000010 Command injection vulnerability in ASUS routers 2026-01-23T15:22+09:00 2026-01-23T15:22+09:00
jvndb-2026-001663 "iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization 2026-01-23T11:29+09:00 2026-01-23T11:29+09:00
jvndb-2026-001662 Multiple vulnerabilities in Trend Micro Apex Central (January 2026) 2026-01-23T11:29+09:00 2026-01-23T11:29+09:00
jvndb-2026-000009 Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries 2026-01-21T15:17+09:00 2026-01-21T15:17+09:00
jvndb-2026-000008 Ruijie Networks AP180 series vulnerable to OS command injection 2026-01-21T15:17+09:00 2026-01-21T15:17+09:00
jvndb-2026-001582 Security information for Hitachi Disk Array Systems 2026-01-21T12:11+09:00 2026-01-21T12:11+09:00
jvndb-2026-001578 ETERNUS SF vulnerable to insertion of sensitive information into maintenance data 2026-01-20T20:00+09:00 2026-01-20T20:00+09:00
jvndb-2026-001380 Multiple vulnerabilities in Canon Small Office Multifunction Printers and Laser Printers 2026-01-19T10:08+09:00 2026-01-19T10:08+09:00
jvndb-2026-000007 Multiple Vulnerabilities in TOA Network Cameras TRIFORA 3 series 2026-01-16T15:06+09:00 2026-01-16T15:06+09:00
jvndb-2025-022878 Media Player MP-01 vulnerable to Missing Authentication for Critical Function 2025-12-24T11:10+09:00 2026-01-15T11:10+09:00
jvndb-2026-000006 Chainlit vulnerable to improper access restriction 2026-01-14T17:03+09:00 2026-01-14T17:03+09:00
ID Description Published Updated
cnvd-2026-12671 IBM Concert存在弱密码算法漏洞 2026-02-11 2026-03-05
cnvd-2026-12670 IBM Cloud Pak for Business Automation存在拒绝服务漏洞 2026-02-11 2026-03-05
cnvd-2026-12669 IBM Business Automation Workflow containers和IBM Business Automation Workflow traditional存… 2026-02-11 2026-03-05
cnvd-2026-12668 IBM webMethods Integration Server存在HTML注入漏洞 2026-03-02 2026-03-05
cnvd-2026-12667 IBM Sterling B2B Integrator和IBM Sterling File Gateway存在信息泄露漏洞 2026-03-02 2026-03-05
cnvd-2026-12666 IBM MQ Operator和IBM‑supplied MQ Advanced container images存在日志注入漏洞 2026-03-02 2026-03-05
cnvd-2026-12665 IBM Db2存在拒绝服务漏洞 2026-03-02 2026-03-05
cnvd-2026-12664 IBM Db2存在XML外部实体注入漏洞 2026-03-02 2026-03-05
cnvd-2026-12663 IBM Concert存在弱密码算法漏洞 2026-03-02 2026-03-05
cnvd-2026-12896 Apache Syncope代码问题漏洞 2026-02-10 2026-03-04
cnvd-2026-12895 Apache Syncope跨站脚本漏洞 2026-02-10 2026-03-04
cnvd-2026-12894 Apache Druid认证绕过漏洞 2026-02-13 2026-03-04
cnvd-2026-12893 Apache Superset输入验证漏洞 2026-02-27 2026-03-04
cnvd-2026-12892 Apache Shiro身份验证绕过漏洞 2026-03-02 2026-03-04
cnvd-2026-12702 Adobe After Effects存在内存释放后使用漏洞 2026-03-02 2026-03-04
cnvd-2026-12701 Adobe After Effects存在二进制漏洞 2026-03-02 2026-03-04
cnvd-2026-12700 Adobe ‌Substance 3D Stager‌存在越界读取漏洞 2026-03-02 2026-03-04
cnvd-2026-12699 Adobe ‌Substance 3D Stager‌存在越界读取漏洞(CNVD-2026-12699) 2026-03-02 2026-03-04
cnvd-2026-12698 Adobe Substance 3D Stager‌存在越界写入漏洞 2026-03-02 2026-03-04
cnvd-2026-12696 Adobe InDesign Desktop存在越界读取漏洞 2026-03-02 2026-03-04
cnvd-2026-12694 Adobe After Effects 25.6及之前版本存在内存释放后使用漏洞 2026-03-02 2026-03-04
cnvd-2026-12693 Adobe After Effects存在越界写入漏洞 2026-03-02 2026-03-04
cnvd-2026-12691 Adobe After Effects存在越界写入漏洞(CNVD-2026-12691) 2026-03-02 2026-03-04
cnvd-2026-12690 Adobe After Effects存在越界读取漏洞 2026-03-02 2026-03-04
cnvd-2026-12689 Adobe After Effects存在越界读取漏洞(CNVD-2026-12689) 2026-03-02 2026-03-04
cnvd-2026-12688 Adobe After Effects存在越界读取漏洞(CNVD-2026-12688) 2026-03-02 2026-03-04
cnvd-2026-12565 ChurchCRM SQL注入漏洞(CNVD-2026-12565) 2026-02-05 2026-03-04
cnvd-2026-12564 TeamViewer DEX Client输入验证错误漏洞 2026-02-05 2026-03-04
cnvd-2026-12563 TeamViewer DEX Client缓冲区溢出漏洞 2026-02-05 2026-03-04
cnvd-2026-12562 D-Link DIR-600命令注入漏洞 2026-02-11 2026-03-04
ID Description Published Updated
bdu:2026-01814 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… 16.02.2026 16.02.2026
bdu:2026-01813 Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … 16.02.2026 16.02.2026
bdu:2026-01812 Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… 16.02.2026 16.02.2026
bdu:2026-01811 Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… 16.02.2026 16.02.2026
bdu:2026-01810 Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… 16.02.2026 16.02.2026
bdu:2026-01809 Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … 16.02.2026 16.02.2026
bdu:2026-01808 Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … 16.02.2026 16.02.2026
bdu:2026-01807 Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… 16.02.2026 16.02.2026
bdu:2026-01806 Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… 16.02.2026 16.02.2026
bdu:2026-01805 Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… 16.02.2026 16.02.2026
bdu:2026-01804 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01803 Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … 16.02.2026 16.02.2026
bdu:2026-01802 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01801 Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… 16.02.2026 16.02.2026
bdu:2026-01800 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01799 Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… 16.02.2026 16.02.2026
bdu:2026-01798 Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… 16.02.2026 16.02.2026
bdu:2026-01797 Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… 16.02.2026 16.02.2026
bdu:2026-01796 Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01795 Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… 16.02.2026 16.02.2026
bdu:2026-01794 Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… 16.02.2026 16.02.2026
bdu:2026-01792 Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… 13.02.2026 16.02.2026
bdu:2026-01727 Уязвимость функции оценки избирательности расширения Intarray системы управления базами д… 11.02.2026 16.02.2026
bdu:2026-01726 Уязвимость функции обработки типов данных oidvector системы управления базами данных Post… 11.02.2026 16.02.2026
bdu:2026-01724 Уязвимость компонента pg_trgm системы управления базами данных PostgreSQL, позволяющая на… 11.02.2026 16.02.2026
bdu:2026-01723 Уязвимость системы управления базами данных PostgreSQL, связанная с неверным индексирован… 11.02.2026 16.02.2026
bdu:2026-01722 Уязвимость компонента pgcrypto системы управления базами данных PostgreSQL, позволяющая н… 11.02.2026 16.02.2026
bdu:2026-01017 Уязвимость ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код 30.01.2026 16.02.2026
bdu:2025-15831 Уязвимость программного обеспечения для настройки безопасности astra-safepolicy, связанна… 15.12.2025 16.02.2026
bdu:2025-15830 Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… 15.12.2025 16.02.2026
ID Description Updated
var-202001-0832 A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… 2024-07-23T22:37:43.319000Z
var-201208-0222 Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… 2024-07-23T22:37:43.393000Z
var-202108-1148 An access issue was addressed with improved access restrictions. This issue is fixed in m… 2024-07-23T22:36:01.656000Z
var-200202-0006 Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… 2024-07-23T22:34:48.127000Z
var-202007-0395 Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities … 2024-07-23T22:33:57.481000Z
var-201805-1147 WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… 2024-07-23T22:32:10.966000Z
var-201902-0647 LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening … 2024-07-23T22:32:09.990000Z
var-201908-0863 Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… 2024-07-23T22:30:33.144000Z
var-201912-0120 A memory corruption issue was addressed with improved validation. This issue is fixed in … 2024-07-23T22:30:32.761000Z
var-201912-0114 A memory corruption issue was addressed with improved validation. This issue is fixed in … 2024-07-23T22:30:32.792000Z
var-202305-1589 D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulne… 2024-07-23T22:30:26.856000Z
var-202407-0235 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… 2024-07-23T22:30:24.825000Z
var-202407-0234 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … 2024-07-23T22:30:24.699000Z
var-202407-0233 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … 2024-07-23T22:30:24.731000Z
var-202407-0232 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… 2024-07-23T22:30:24.657000Z
var-201112-0097 Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… 2024-07-23T22:29:05.132000Z
var-201801-0152 An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri… 2024-07-23T22:28:30.754000Z
var-201801-0151 A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior … 2024-07-23T22:28:30.640000Z
var-201807-0341 ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… 2024-07-23T22:28:27.949000Z
var-201806-1058 Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… 2024-07-23T22:28:27.641000Z
var-201906-1029 In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… 2024-07-23T22:28:26.009000Z
var-202004-0077 There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc… 2024-07-23T22:28:24.545000Z
var-202206-2050 The affected product is vulnerable to multiple SQL injections, which may allow an unautho… 2024-07-23T22:27:49.515000Z
var-202305-1981 D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution V… 2024-07-23T22:27:44.287000Z
var-202305-0214 D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerabilit… 2024-07-23T22:27:44.496000Z
var-202305-0130 D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vul… 2024-07-23T22:27:44.522000Z
var-202407-0441 A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC R… 2024-07-23T22:27:41.577000Z
var-201105-0156 Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 30… 2024-07-23T22:25:52.955000Z
var-201402-0028 The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… 2024-07-23T22:25:48.624000Z
var-201402-0027 The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… 2024-07-23T22:25:48.742000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2025-0032
10 (4.0)
The default configuration of WatchGuard Firebox device… watchguard
 firebox
 2025-12-03T16:25:00.000Z 2025-12-19T13:48:34.570799Z
GCVE-1-2025-0030
6.2 (4.0)
A cross-site scripting (XSS) vulnerability in the MISP… misp
 misp
 2025-12-03T10:53:00.000Z 2025-12-03T10:58:55.845341Z
GCVE-1-2025-0019
4 (4.0)
Path traversal vulnerability in EventReport for site-admin misp
 misp
 2025-11-26T14:47:00.000Z 2025-11-28T07:27:42.721350Z
GCVE-1-2025-0017
9.4 (4.0)
Privilege escalation in Cerebrate allows an authentica… cerebrate
 cerebrate
 2025-11-12T08:15:00.000Z 2025-11-28T07:22:08.205835Z
GCVE-1-2025-0029
6.3 (4.0)
Reflected cross-site scripting (XSS) vulnerabilities i… misp
 misp
 2025-11-27T12:41:00.000Z 2025-11-27T12:48:51.085860Z
GCVE-1-2025-0027
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-27T07:17:00.000Z 2025-12-02T08:51:04.323899Z
GCVE-1-2025-0028
8.5 (4.0)
Information leakage vulnerability in the MISP Feed con… misp
 misp
 2025-11-27T07:23:00.000Z 2025-12-02T08:51:35.429494Z
GCVE-1-2025-0026
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-26T16:35:00.000Z 2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-26T16:27:00.000Z 2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024
9.4 (4.0)
cross-site scripting (XSS) vulnerability in the MISP s… misp
 misp
 2025-11-26T16:14:00.000Z 2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023
9.4 (4.0)
XSS in MISP server comparison tool misp
 misp
 2025-11-26T16:10:00.000Z 2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022
9.4 (4.0)
Clarified setting's impact on download_attachments_on_load misp
 misp
 2025-11-26T16:04:00.000Z 2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021
9.4 (4.0)
XSS in MISP ReST client in HTML view misp
 misp
 2025-11-26T15:55:00.000Z 2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020
9.4 (4.0)
cross-site scripting (XSS) in Galaxy element JSON view misp
 misp
 2025-11-26T15:49:00.000Z 2025-12-02T08:47:41.151429Z
GCVE-1-2025-0018
9.4 (4.0)
HTML injection issue was identified in Lookyloo’s web … lookyloo
 lookyloo
 2025-11-18T15:33:00.000Z 2025-11-18T20:39:45.579295Z
GCVE-1-2025-0016
6 (4.0)
Local file inclusion in [ImportFromUrl() URL hand… misp
 misp
 2025-11-04T09:20:00.000Z 2025-11-04T09:56:38.383646Z
GCVE-1-2025-0015
9 (4.0)
Potential XSS in decaying simulation tool misp
 misp
 2025-11-04T09:06:00.000Z 2025-11-04T09:06:59.216121Z
GCVE-1-2025-0014
9.4 (4.0)
XSS in event report via Mermaid diagram misp
 misp
 2025-11-04T08:58:00.024516Z 2025-11-04T08:58:00.024516Z
GCVE-1-2025-0013
9.4 (4.0)
Vulnerability in sharing group blueprints allowing sha… misp
 misp
 2025-11-04T08:49:21.558087Z 2025-11-04T08:49:21.558087Z
GCVE-1-2025-0012
N/A
Potential vulnerability in file check upload but non-e… misp
 misp
 2025-11-04T07:20:00.000Z 2025-11-28T07:16:21.589449Z
GCVE-1-2025-0011
9.4 (4.0)
Arbitrary file inclusion / deletion via import modules… misp
 misp
 2025-11-04T07:01:25.464225Z 2025-11-04T07:01:25.464225Z
GCVE-1-2025-0010
6.3 (4.0)
Arbitrary file hash inclusion via templates accessible… misp
 misp
 2025-11-04T06:25:11.108987Z 2025-11-04T06:25:11.108987Z
GCVE-1-2025-0009
6.4 (4.0)
A pre-auth user could self-assign a reporter without b… CIRCL
 vulnerability-lookup
 2025-10-13T09:20:24.800890Z 2025-10-13T09:20:24.800890Z
GCVE-1-2025-0008
7 (4.0)
Logged users can view vulnerability disclosure comment… CIRCL
 vulnerability-lookup
 2025-10-13T09:10:00.000Z 2025-10-13T09:15:31.637686Z
GCVE-1-2025-0007
4.5 (4.0)
Missing email validation on user management CIRCL
 vulnerability-lookup
 2025-10-13T08:37:00.000Z 2025-10-13T08:51:37.408861Z
GCVE-1-2025-0006
9.3 (4.0)
Potential XSS in admin CPE in organization model CIRCL
 vulnerability-lookup
 2025-10-13T08:29:00.000Z 2025-10-13T08:52:23.411325Z
GCVE-1-2025-0005
9.4 (4.0)
Reflected XSS due to insecure use of Markup CIRCL
 vulnerability-lookup
 2025-10-13T08:23:29.812914Z 2025-10-13T08:23:29.812914Z
GCVE-1-2025-0004
10 (4.0)
XSS in Comments, Bundles, and Sightings component of v… CIRCL
 vulnerability-lookup
 2025-09-25T14:10:00.000Z 2025-11-19T10:16:47.656802Z
ID CVSS Description Vendor Product Published Updated