Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-35682 |
8.8 (3.1)
|
Anviz CX2 Lite Command Injection |
Anviz |
Anviz CX2 Lite Firmware |
2026-04-17T19:46:26.716Z | 2026-04-17T20:30:18.510Z |
| CVE-2026-33436 |
3.1 (3.1)
|
Stirling-PDF: Reflected XSS through crafted filename i… |
Stirling-Tools |
Stirling-PDF |
2026-04-17T20:29:43.262Z | 2026-04-17T20:29:43.262Z |
| CVE-2026-40434 |
8.1 (3.1)
|
Anviz CrossChex Standard Improper Verification of Sour… |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:49:28.099Z | 2026-04-17T20:28:02.785Z |
| CVE-2026-40286 |
7.5 (3.1)
|
WeGIA has Cross-Site Scripting in Controle de Contribuição |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:27:59.131Z | 2026-04-17T20:27:59.131Z |
| CVE-2026-32650 |
7.5 (3.1)
|
Anviz CrossChex Standard Algorithm Downgrade |
Anviz |
Anviz CrossChex Standard |
2026-04-17T19:52:45.308Z | 2026-04-17T20:26:17.922Z |
| CVE-2026-23500 |
9.4 (4.0)
|
Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_P… |
Dolibarr |
dolibarr |
2026-04-17T20:25:49.843Z | 2026-04-17T20:25:49.843Z |
| CVE-2026-40285 |
8.8 (3.1)
|
WeGIA has SQL Injection via Session Variable Override … |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:25:33.185Z | 2026-04-17T20:25:33.185Z |
| CVE-2026-40527 |
8.5 (4.0)
7.8 (3.1)
|
radare2 Command Injection via DWARF Parameter Names |
radareorg |
radare2 |
2026-04-17T20:25:20.143Z | 2026-04-17T20:25:20.143Z |
| CVE-2026-40284 |
6.8 (3.1)
|
WeGIA has stored XSS in listar_despachos.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:24:10.282Z | 2026-04-17T20:24:10.282Z |
| CVE-2026-40282 |
6.4 (4.0)
|
WeGIA has stored XSS in intercorrencia_visualizar.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:16:46.878Z | 2026-04-17T20:23:13.483Z |
| CVE-2026-35512 |
8.7 (4.0)
|
xrdp: Heap buffer overflow in EGFX channel |
neutrinolabs |
xrdp |
2026-04-17T20:21:59.868Z | 2026-04-17T20:21:59.868Z |
| CVE-2026-33689 |
8.7 (4.0)
|
xrdp: Pre-authentication out-of-bounds reads in channe… |
neutrinolabs |
xrdp |
2026-04-17T20:16:31.248Z | 2026-04-17T20:16:31.248Z |
| CVE-2026-33145 |
6.3 (3.1)
|
xrdp: Authenticated RCE via unsanitized AlternateShell… |
neutrinolabs |
xrdp |
2026-04-17T20:14:14.048Z | 2026-04-17T20:15:20.525Z |
| CVE-2026-32324 |
7.7 (3.1)
|
Anviz CX7 Firmware Use of Hard-coded Cryptographic Key |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:22:12.097Z | 2026-04-17T20:10:48.189Z |
| CVE-2026-32648 |
5.3 (3.1)
|
Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:34:21.522Z | 2026-04-17T20:09:05.861Z |
| CVE-2026-35061 |
5.3 (3.1)
|
Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:19:25.884Z | 2026-04-17T20:07:00.826Z |
| CVE-2026-35546 |
9.8 (3.1)
|
Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:39:25.110Z | 2026-04-17T20:05:28.411Z |
| CVE-2026-40461 |
7.5 (3.1)
|
Anviz Products Missing Authentication for Critical Function |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:36:29.842Z | 2026-04-17T20:03:18.872Z |
| CVE-2026-40283 |
6.8 (3.1)
|
WeGIA has stored XSS in profile_paciente.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:03:14.016Z | 2026-04-17T20:03:14.016Z |
| CVE-2026-40066 |
8.8 (3.1)
|
Anviz Products Download of Code Without Integrity Check |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:43:20.709Z | 2026-04-17T20:00:36.786Z |
| CVE-2026-32624 |
6.3 (4.0)
|
xrdp: Heap buffer overflow in xrdp_sec_process_logon_i… |
neutrinolabs |
xrdp |
2026-04-17T19:58:08.687Z | 2026-04-17T19:58:08.687Z |
| CVE-2026-6437 |
6.5 (3.1)
6.9 (4.0)
|
AWS EFS CSI Driver Mount Option Injection |
Amazon |
AWS EFS CSI Driver |
2026-04-17T18:41:36.075Z | 2026-04-17T19:57:02.728Z |
| CVE-2026-33516 |
7.7 (4.0)
|
xrdp: Pre-authentication out-of-bounds reads in RDP ca… |
neutrinolabs |
xrdp |
2026-04-17T19:56:11.990Z | 2026-04-17T19:56:11.990Z |
| CVE-2026-33093 |
5.3 (3.1)
|
Anviz Products Missing Authorization |
Anviz |
Anviz CX7 Firmware |
2026-04-17T19:17:15.274Z | 2026-04-17T19:54:36.104Z |
| CVE-2026-32623 |
7.7 (4.0)
|
xrdp: Heap buffer overflow in NeutrinoRDP channel reassembly |
neutrinolabs |
xrdp |
2026-04-17T19:43:58.682Z | 2026-04-17T19:43:58.682Z |
| CVE-2026-28224 |
8.2 (3.1)
|
Firebird Null Pointer Dereference via CryptCallback ca… |
FirebirdSQL |
firebird |
2026-04-17T18:38:58.138Z | 2026-04-17T19:31:38.952Z |
| CVE-2026-32105 |
9.3 (4.0)
|
xrdp: RDP MAC signature (dataSignature) never verified… |
neutrinolabs |
xrdp |
2026-04-17T19:27:39.809Z | 2026-04-17T19:27:39.809Z |
| CVE-2026-32107 |
8.8 (3.1)
|
xrdp: Fail-open privilege drop in sesexec — child proc… |
neutrinolabs |
xrdp |
2026-04-17T19:25:20.274Z | 2026-04-17T19:25:20.274Z |
| CVE-2026-40342 |
10 (3.1)
|
Firebird: Path Traversal + Arbitrary File Write Leads … |
FirebirdSQL |
firebird |
2026-04-17T19:22:46.644Z | 2026-04-17T19:22:46.644Z |
| CVE-2026-33337 |
7.5 (3.1)
|
Firebird has a buffer overflow when parsing corrupted … |
FirebirdSQL |
firebird |
2026-04-17T18:48:47.953Z | 2026-04-17T19:21:17.132Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-31941 |
7.7 (3.1)
|
Server-Side Request Forgery (SSRF) in Chamilo LMS |
chamilo |
chamilo-lms |
2026-04-10T17:37:50.948Z | 2026-04-10T18:33:22.920Z |
| CVE-2026-32892 |
9.1 (3.1)
|
OS Command Injection in Chamilo LMS 1.11.36 |
chamilo |
chamilo-lms |
2026-04-10T17:56:57.695Z | 2026-04-14T14:07:14.704Z |
| CVE-2025-15602 |
8.7 (4.0)
8.8 (3.1)
|
Snipe-IT < 8.3.7 Mass Assignment Vulnerability Leading… |
Grokability, Inc. |
Snipe-IT |
2026-03-06T16:16:08.531Z | 2026-03-09T15:12:11.595Z |
| CVE-2026-32893 |
5.4 (3.1)
|
Chamilo LMS has Reflected XSS via Unsanitized http_bui… |
chamilo |
chamilo-lms |
2026-04-10T17:42:24.220Z | 2026-04-15T14:51:41.852Z |
| CVE-2026-32894 |
7.1 (3.1)
|
Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour… |
chamilo |
chamilo-lms |
2026-04-10T17:44:24.994Z | 2026-04-13T15:36:28.238Z |
| CVE-2026-32930 |
7.1 (3.1)
|
Chamilo LMS has an IDOR in Gradebook Allows Cross-Cour… |
chamilo |
chamilo-lms |
2026-04-10T17:48:51.774Z | 2026-04-10T18:32:13.726Z |
| CVE-2026-32931 |
7.5 (3.1)
|
Chamilo LMS has Arbitrary File Upload via MIME-Only Va… |
chamilo |
chamilo-lms |
2026-04-10T17:50:40.176Z | 2026-04-15T14:56:10.732Z |
| CVE-2026-32932 |
4.7 (3.1)
|
Chamilo LMS has an Open Redirect via Unvalidated 'page… |
chamilo |
chamilo-lms |
2026-04-10T17:51:58.480Z | 2026-04-13T15:36:22.092Z |
| CVE-2026-33141 |
6.5 (3.1)
|
Chamilo LMS has an IDOR in REST API Stats Endpoint Exp… |
chamilo |
chamilo-lms |
2026-04-10T18:01:26.027Z | 2026-04-14T14:06:11.889Z |
| CVE-2026-31939 |
8.3 (3.1)
|
Path Traversal (Arbitrary File Delete) in Chamilo LMS |
chamilo |
chamilo-lms |
2026-04-10T17:32:29.252Z | 2026-04-13T15:36:34.681Z |
| CVE-2026-34238 |
5.1 (3.1)
|
ImageMagick: Integer overflow in despeckle operation c… |
ImageMagick |
ImageMagick |
2026-04-13T21:14:07.180Z | 2026-04-14T13:46:39.542Z |
| CVE-2026-33899 |
5.3 (3.1)
|
ImageMagick: Heap BufferOverflow write of single zero … |
ImageMagick |
ImageMagick |
2026-04-13T20:46:43.781Z | 2026-04-16T13:26:40.513Z |
| CVE-2026-28518 |
8.4 (4.0)
7.8 (3.1)
|
OpenViking .ovpack Import ZIP Slip Path Traversal |
Volcengine |
OpenViking |
2026-03-03T14:36:13.472Z | 2026-03-31T20:44:01.330Z |
| CVE-2026-33900 |
5.9 (3.1)
|
ImageMagick has a Heap overflow caused by integer over… |
ImageMagick |
ImageMagick |
2026-04-13T20:50:19.615Z | 2026-04-14T16:28:41.536Z |
| CVE-2026-33894 |
7.5 (3.1)
|
Forge has signature forgery in RSA-PKCS due to ASN.1 e… |
digitalbazaar |
forge |
2026-03-27T20:45:49.583Z | 2026-03-31T14:05:14.708Z |
| CVE-2026-40527 |
8.5 (4.0)
7.8 (3.1)
|
radare2 Command Injection via DWARF Parameter Names |
radareorg |
radare2 |
2026-04-17T20:25:20.143Z | 2026-04-17T20:25:20.143Z |
| CVE-2026-40303 |
7.5 (3.1)
|
zrok allows unauthenticated DoS via unbounded memory a… |
openziti |
zrok |
2026-04-17T21:01:51.899Z | 2026-04-17T21:01:51.899Z |
| CVE-2026-40302 |
6.1 (3.1)
|
zrok has reflected XSS in GitHub OAuth callback via un… |
openziti |
zrok |
2026-04-17T20:56:08.368Z | 2026-04-17T20:56:08.368Z |
| CVE-2026-40301 |
4.7 (3.1)
|
rhukster/dom-sanitizer: SVG <style> tag allows CSS inj… |
rhukster |
dom-sanitizer |
2026-04-17T20:51:37.226Z | 2026-04-17T20:51:37.226Z |
| CVE-2026-40299 |
6.9 (4.0)
|
next-intl has an open redirect vulnerability |
amannn |
next-intl |
2026-04-17T20:49:05.642Z | 2026-04-17T20:49:05.642Z |
| CVE-2026-40293 |
6.5 (3.1)
|
OpenFGA Playground Preshared Key Exposure |
openfga |
openfga |
2026-04-17T20:47:06.804Z | 2026-04-17T20:47:06.804Z |
| CVE-2026-40286 |
7.5 (3.1)
|
WeGIA has Cross-Site Scripting in Controle de Contribuição |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:27:59.131Z | 2026-04-17T20:27:59.131Z |
| CVE-2026-40285 |
8.8 (3.1)
|
WeGIA has SQL Injection via Session Variable Override … |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:25:33.185Z | 2026-04-17T20:25:33.185Z |
| CVE-2026-40284 |
6.8 (3.1)
|
WeGIA has stored XSS in listar_despachos.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:24:10.282Z | 2026-04-17T20:24:10.282Z |
| CVE-2026-40282 |
6.4 (4.0)
|
WeGIA has stored XSS in intercorrencia_visualizar.php |
LabRedesCefetRJ |
WeGIA |
2026-04-17T20:16:46.878Z | 2026-04-17T20:23:13.483Z |
| CVE-2026-40196 |
8.1 (3.1)
|
HomeBox has Unauthorized API Access via Retained defau… |
sysadminsmedia |
homebox |
2026-04-17T21:01:18.530Z | 2026-04-17T21:01:18.530Z |
| CVE-2026-40155 |
5.4 (3.1)
|
Auth0 Next.js SDK has Improper Proxy Cache Lookup |
auth0 |
nextjs-auth0 |
2026-04-17T20:54:38.958Z | 2026-04-17T20:54:38.958Z |
| CVE-2026-35603 |
5.4 (4.0)
|
Claude Code: Insecure System-Wide Configuration Loadin… |
anthropics |
claude-code |
2026-04-17T20:38:49.901Z | 2026-04-17T20:38:49.901Z |
| CVE-2026-35512 |
8.7 (4.0)
|
xrdp: Heap buffer overflow in EGFX channel |
neutrinolabs |
xrdp |
2026-04-17T20:21:59.868Z | 2026-04-17T20:21:59.868Z |
| CVE-2026-35402 |
2.3 (4.0)
|
mcp-neo4j-cypher: SSRF and Data Modification via read_… |
neo4j-contrib |
mcp-neo4j |
2026-04-17T20:34:06.510Z | 2026-04-17T20:34:06.510Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-40293 | OpenFGA is an authorization/permission engine built for developers. In versions 0.1.4 through 1.13.… | 2026-04-17T21:16:34.567 | 2026-04-17T21:16:34.567 |
| fkie_cve-2026-40286 | WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit… | 2026-04-17T21:16:34.430 | 2026-04-17T21:16:34.430 |
| fkie_cve-2026-40285 | WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injectio… | 2026-04-17T21:16:34.267 | 2026-04-17T21:16:34.267 |
| fkie_cve-2026-40284 | WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit… | 2026-04-17T21:16:34.140 | 2026-04-17T21:16:34.140 |
| fkie_cve-2026-40282 | WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Sit… | 2026-04-17T21:16:34.007 | 2026-04-17T21:16:34.007 |
| fkie_cve-2026-40196 | HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerabili… | 2026-04-17T21:16:33.863 | 2026-04-17T21:16:33.863 |
| fkie_cve-2026-40155 | The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In… | 2026-04-17T21:16:33.713 | 2026-04-17T21:16:33.713 |
| fkie_cve-2026-35603 | Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded t… | 2026-04-17T21:16:33.507 | 2026-04-17T21:16:33.507 |
| fkie_cve-2026-35512 | xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the… | 2026-04-17T21:16:33.297 | 2026-04-17T21:16:33.297 |
| fkie_cve-2026-35402 | mcp-neo4j-cypher is an MCP server for executing Cypher queries against Neo4j databases. In versions… | 2026-04-17T21:16:33.170 | 2026-04-17T21:16:33.170 |
| fkie_cve-2026-33689 | xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability… | 2026-04-17T21:16:32.963 | 2026-04-17T21:16:32.963 |
| fkie_cve-2026-33436 | Stirling-PDF is a locally hosted web application that facilitates various operations on PDF files. … | 2026-04-17T21:16:32.750 | 2026-04-17T21:16:32.750 |
| fkie_cve-2026-33145 | xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to ex… | 2026-04-17T21:16:32.610 | 2026-04-17T21:16:32.610 |
| fkie_cve-2026-23500 | Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) softwa… | 2026-04-17T21:16:31.890 | 2026-04-17T21:16:31.890 |
| fkie_cve-2026-33549 | SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator p… | 2026-03-22T03:16:01.237 | 2026-04-17T21:13:29.500 |
| fkie_cve-2026-32766 | astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and ear… | 2026-03-20T00:16:18.100 | 2026-04-17T21:09:16.900 |
| fkie_cve-2026-33060 | CKAN MCP Server is a tool for querying CKAN open data portals. Versions prior to 0.4.85 provide too… | 2026-03-20T08:16:11.923 | 2026-04-17T21:06:02.070 |
| fkie_cve-2025-65734 | An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gune… | 2026-03-16T17:16:28.137 | 2026-04-17T21:01:15.040 |
| fkie_cve-2026-1776 | Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, contain a path traversal vuln… | 2026-03-10T07:38:01.950 | 2026-04-17T20:59:47.330 |
| fkie_cve-2026-0846 | A vulnerability in the `filestring()` function of the `nltk.util` module in nltk version 3.9.2 allo… | 2026-03-09T20:16:05.703 | 2026-04-17T20:57:00.540 |
| fkie_cve-2026-33273 | Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. I… | 2026-04-08T06:16:28.647 | 2026-04-17T20:49:00.363 |
| fkie_cve-2026-33901 | ImageMagick is free and open-source software used for editing and manipulating digital images. In v… | 2026-04-13T21:16:25.497 | 2026-04-17T20:46:41.380 |
| fkie_cve-2026-33902 | ImageMagick is free and open-source software used for editing and manipulating digital images. In v… | 2026-04-13T22:16:28.680 | 2026-04-17T20:46:33.620 |
| fkie_cve-2026-33905 | ImageMagick is free and open-source software used for editing and manipulating digital images. In v… | 2026-04-13T22:16:28.837 | 2026-04-17T20:46:19.393 |
| fkie_cve-2026-33908 | ImageMagick is free and open-source software used for editing and manipulating digital images. In v… | 2026-04-13T22:16:28.997 | 2026-04-17T20:45:45.227 |
| fkie_cve-2026-40169 | ImageMagick is free and open-source software used for editing and manipulating digital images. In v… | 2026-04-13T22:16:29.477 | 2026-04-17T20:45:27.577 |
| fkie_cve-2026-40183 | ImageMagick is free and open-source software used for editing and manipulating digital images. In v… | 2026-04-13T22:16:29.643 | 2026-04-17T20:44:34.230 |
| fkie_cve-2026-40310 | ImageMagick is free and open-source software used for editing and manipulating digital images. Vers… | 2026-04-13T22:16:29.790 | 2026-04-17T20:44:16.020 |
| fkie_cve-2026-24913 | SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is ex… | 2026-04-08T06:16:27.073 | 2026-04-17T20:44:11.940 |
| fkie_cve-2026-40311 | ImageMagick is free and open-source software used for editing and manipulating digital images. Vers… | 2026-04-13T22:16:29.950 | 2026-04-17T20:43:48.057 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-53vx-pmqw-863c |
6.9 (4.0)
|
OpenClaw: Browser SSRF policy default allowed private-network navigation | 2026-04-17T21:58:15Z | 2026-04-17T21:58:15Z |
| ghsa-xq94-r468-qwgj |
6.3 (4.0)
|
OpenClaw: Browser SSRF hostname validation could be bypassed by DNS rebinding | 2026-04-17T21:58:01Z | 2026-04-17T21:58:01Z |
| ghsa-2767-2q9v-9326 |
5.3 (4.0)
|
OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes | 2026-04-17T21:57:31Z | 2026-04-17T21:57:31Z |
| ghsa-7wv4-cc7p-jhxc |
6.8 (4.0)
|
OpenClaw: Workspace .env could inject OpenClaw runtime-control variables | 2026-04-17T21:56:12Z | 2026-04-17T21:56:12Z |
| ghsa-c9h3-5p7r-mrjh |
5.3 (4.0)
|
OpenClaw: Discord event cover images bypassed sandbox media normalization | 2026-04-17T21:56:04Z | 2026-04-17T21:56:04Z |
| ghsa-49cg-279w-m73x |
6.0 (4.0)
|
OpenClaw: Empty approver lists could grant explicit approval authorization | 2026-04-17T21:55:54Z | 2026-04-17T21:55:54Z |
| ghsa-7g8c-cfr3-vqqr |
6.6 (4.0)
|
OpenClaw: Agent hook events could enqueue trusted system events from unsanitized external input | 2026-04-17T21:55:20Z | 2026-04-17T21:55:21Z |
| ghsa-vfp4-8x56-j7c5 |
7.1 (4.0)
|
OpenClaw: Exec environment denylist missed high-risk interpreter startup variables | 2026-04-17T21:54:20Z | 2026-04-17T21:54:21Z |
| ghsa-j6c7-3h5x-99g9 |
6.3 (4.0)
|
OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms | 2026-04-17T21:53:36Z | 2026-04-17T21:53:36Z |
| ghsa-5gjc-grvm-m88j |
4.9 (4.0)
|
OpenClaw: Memory dreaming config persistence was reachable from operator.write commands | 2026-04-17T21:53:17Z | 2026-04-17T21:53:17Z |
| ghsa-gc9r-867r-j85f |
1.7 (4.0)
|
OpenClaw: Microsoft Teams SSO invoke handler missed sender authorization checks | 2026-04-17T21:51:04Z | 2026-04-17T21:51:04Z |
| ghsa-r77c-2cmr-7p47 |
2.3 (4.0)
|
OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay | 2026-04-17T21:50:55Z | 2026-04-17T21:50:55Z |
| ghsa-g375-h3v6-4873 |
6.0 (4.0)
|
OpenClaw: Heartbeat owner downgrade missed local async exec completion events | 2026-04-17T21:48:57Z | 2026-04-17T21:48:57Z |
| ghsa-vw3h-q6xq-jjm5 |
8.7 (4.0)
|
OpenClaw: Voice-call realtime WebSocket accepted oversized frames | 2026-04-17T21:48:36Z | 2026-04-17T21:48:36Z |
| ghsa-g2hm-779g-vm32 |
6.0 (4.0)
|
OpenClaw: Heartbeat owner downgrade missed untrusted webhook wake events | 2026-04-17T21:48:25Z | 2026-04-17T21:48:25Z |
| ghsa-c4qm-58hj-j6pj |
6.0 (4.0)
|
OpenClaw: Browser snapshot and screenshot routes could expose internal page content after navigation | 2026-04-17T21:47:36Z | 2026-04-17T21:47:36Z |
| ghsa-8372-7vhw-cm6q |
7.1 (4.0)
|
OpenClaw: config.get redaction bypass through sourceConfig and runtimeConfig aliases | 2026-04-17T21:47:15Z | 2026-04-17T21:47:15Z |
| ghsa-jwrq-8g5x-5fhm |
5.3 (4.0)
|
OpenClaw: Collect-mode queue batches could reuse the last sender authorization context | 2026-04-17T21:35:35Z | 2026-04-17T21:35:35Z |
| ghsa-5fw2-mwhh-9947 |
8.2 (4.0)
|
Flowise: Unauthenticated TTS endpoint accepts arbitrary credential IDs — enables API credit abuse v… | 2026-04-17T21:35:14Z | 2026-04-17T21:35:14Z |
| ghsa-w47f-j8rh-wx87 |
8.7 (4.0)
|
Flowise: Public chatflow endpoints return unsanitized flowData including plaintext API keys, passwo… | 2026-04-17T21:34:30Z | 2026-04-17T21:34:30Z |
| ghsa-3prp-9gf7-4rxx |
7.6 (4.0)
|
Flowise: Mass Assignment in DocumentStore Create Endpoint Leads to Cross-Workspace Object Takeover (IDOR) | 2026-04-17T21:34:16Z | 2026-04-17T21:34:16Z |
| ghsa-4c3q-x735-j3r5 |
8.4 (3.1)
|
Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing | 2026-04-17T21:32:59Z | 2026-04-17T21:32:59Z |
| ghsa-4pc8-6qgf-fgv2 |
7.8 (3.1)
8.5 (4.0)
|
radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj comman… | 2026-04-17T21:31:48Z | 2026-04-17T21:31:48Z |
| ghsa-wh3w-c78x-9663 |
8.8 (3.1)
|
Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The devi… | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ghsa-w67w-38wc-vr97 |
7.5 (3.1)
|
Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings … | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ghsa-vh49-38wc-6wqp |
5.3 (3.1)
|
Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo wi… | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ghsa-qg37-cwrh-945r |
8.1 (3.1)
|
Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP pack… | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ghsa-pxw3-r2m4-c5m3 |
6.5 (3.1)
|
Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to snif… | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ghsa-9q53-p4m8-gm9v |
5.3 (3.1)
|
Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved wi… | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ghsa-98hc-x583-4p47 |
9.8 (3.1)
|
Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted arc… | 2026-04-17T21:31:47Z | 2026-04-17T21:31:47Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-56 |
4.3 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2024-256 |
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-12-03T16:15:24+00:00 | 2025-06-27T17:22:53.325430+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| pysec-2025-53 |
|
vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-51 |
|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-50 |
|
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2024-255 |
|
Gradio before 4.20 allows credential leakage on Windows. | gradio | 2024-05-05T20:15:07+00:00 | 2025-06-17T19:21:48.983901+00:00 |
| pysec-2024-254 |
4.2 (3.1)
|
A session fixation vulnerability exists in the zenml-io/zenml application, where JWT toke… | zenml | 2024-04-16T00:15:11+00:00 | 2025-06-13T00:48:41.806476+00:00 |
| pysec-2025-49 |
8.8 (3.1)
|
setuptools is a package that allows users to download, build, install, upgrade, and unins… | setuptools | 2025-05-17T16:15:19+00:00 | 2025-06-12T22:23:11.115559+00:00 |
| pysec-2025-48 |
9.8 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2025-03-31T17:15:42+00:00 | 2025-06-12T22:23:10.476087+00:00 |
| pysec-2024-253 |
|
pretix before 2024.1.1 mishandles file validation. | pretix | 2024-02-26T16:28:00+00:00 | 2025-06-11T15:23:51.683422+00:00 |
| pysec-2024-252 |
|
PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in t… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T19:22:08.948962+00:00 |
| pysec-2024-251 |
|
Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T03:12:59.077932+00:00 |
| pysec-2025-47 |
|
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-46 |
5.5 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri… | pypickle | 2025-05-26T08:15:19+00:00 | 2025-06-03T17:36:58.579358+00:00 |
| pysec-2025-45 |
7.8 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.… | pypickle | 2025-05-26T07:15:26+00:00 | 2025-06-03T17:36:58.528116+00:00 |
| pysec-2024-250 |
|
Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csr… | torch | 2024-04-19T21:15:08+00:00 | 2025-06-03T15:23:56.072490+00:00 |
| pysec-2023-312 |
5.9 (3.1)
|
Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b… | redis | 2023-07-15T23:15:09Z | 2025-06-02T11:48:06.372423Z |
| pysec-2025-44 |
|
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-43 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions sta… | vllm | 2025-05-29T17:15:21+00:00 | 2025-05-29T19:21:01.611587+00:00 |
| pysec-2025-42 |
9.8 (3.1)
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver… | vllm | 2025-04-30T01:15:51+00:00 | 2025-05-28T21:23:12.396609+00:00 |
| pysec-2025-41 |
9.8 (3.1)
|
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… | torch | 2025-04-18T16:15:23+00:00 | 2025-05-28T15:23:37.843138+00:00 |
| pysec-2025-40 |
7.5 (3.1)
|
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`… | transformers | 2025-05-19T12:15:19+00:00 | 2025-05-21T19:22:10.801823+00:00 |
| pysec-2024-249 |
6.1 (3.1)
|
### Summary On all Label Studio versions prior to 1.11.0, data imported via file upload f… | label-studio | 2024-02-22T22:15:47+00:00 | 2025-05-19T11:22:35.312280+00:00 |
| pysec-2024-248 |
7.8 (3.1)
|
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its … | opencanary | 2024-10-14T21:15:12+00:00 | 2025-05-16T14:23:05.150356+00:00 |
| pysec-2025-39 |
|
motionEye is an online interface for the software motion, a video surveillance program wi… | motioneye | 2025-05-14T16:15:29+00:00 | 2025-05-14T17:22:51.050788+00:00 |
| pysec-2025-38 |
|
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im… | ironic | 2025-05-08T17:16:01Z | 2025-05-13T04:24:03.083929Z |
| pysec-2024-247 |
9.9 (3.1)
|
A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically… | zenml | 2024-04-16T00:15:11+00:00 | 2025-05-12T15:23:53.861001+00:00 |
| pysec-2025-37 |
|
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2… | django | 2025-05-08T04:17:18+00:00 | 2025-05-08T05:23:16.210893+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33881 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.886591Z |
| gsd-2024-33880 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.882744Z |
| gsd-2024-33879 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.727068Z |
| gsd-2024-33878 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.850311Z |
| gsd-2024-33877 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.871220Z |
| gsd-2024-33876 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.990196Z |
| gsd-2024-33875 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.862083Z |
| gsd-2024-33874 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.959238Z |
| gsd-2024-33873 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.870402Z |
| gsd-2024-33872 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.839468Z |
| gsd-2024-33871 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.800751Z |
| gsd-2024-33870 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.943118Z |
| gsd-2024-33869 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.784255Z |
| gsd-2024-33868 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.896638Z |
| gsd-2024-33867 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.808129Z |
| gsd-2024-33866 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.819755Z |
| gsd-2024-33865 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.790923Z |
| gsd-2024-33864 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.792101Z |
| gsd-2024-33863 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.824810Z |
| gsd-2024-33862 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.799465Z |
| gsd-2024-33861 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.958057Z |
| gsd-2024-33860 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.777612Z |
| gsd-2024-33859 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.867340Z |
| gsd-2024-33858 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.848478Z |
| gsd-2024-33857 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.834866Z |
| gsd-2024-33856 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.944669Z |
| gsd-2024-33855 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.741239Z |
| gsd-2024-33854 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.916266Z |
| gsd-2024-33853 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.825026Z |
| gsd-2024-33852 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.824312Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-2619 | Malicious code in upstartloans (npm) | 2026-04-12T10:46:31Z | 2026-04-17T04:37:20Z |
| mal-2026-2618 | Malicious code in upstartdr (npm) | 2026-04-12T10:46:29Z | 2026-04-17T04:37:20Z |
| mal-2026-2617 | Malicious code in upstartautoretailadmin (npm) | 2026-04-12T10:45:47Z | 2026-04-17T04:37:20Z |
| mal-2026-2616 | Malicious code in upstartapplicationstatus (npm) | 2026-04-12T10:44:44Z | 2026-04-17T04:37:20Z |
| mal-2026-2615 | Malicious code in upstartadmindashboard- (npm) | 2026-04-12T10:46:34Z | 2026-04-17T04:37:20Z |
| mal-2026-2614 | Malicious code in upstart.previewcss (npm) | 2026-04-12T10:45:42Z | 2026-04-17T04:37:20Z |
| mal-2026-2613 | Malicious code in upstart-offer-container (npm) | 2026-04-12T10:46:10Z | 2026-04-17T04:37:20Z |
| mal-2026-2612 | Malicious code in upstart-loan-status (npm) | 2026-04-12T10:45:51Z | 2026-04-17T04:37:20Z |
| mal-2026-2611 | Malicious code in upstart-lending-status (npm) | 2026-04-12T10:45:18Z | 2026-04-17T04:37:20Z |
| mal-2026-2654 | Malicious code in pinstatsd (npm) | 2026-04-12T06:43:57Z | 2026-04-17T03:59:33Z |
| mal-2026-2653 | Malicious code in pinlogger (npm) | 2026-04-12T06:43:45Z | 2026-04-17T03:59:33Z |
| mal-2026-2588 | Malicious code in @lamoda/seller-ui-kit (npm) | 2026-04-10T12:56:44Z | 2026-04-17T03:59:29Z |
| mal-2026-615 | Malicious code in teaser-nav (npm) | 2026-01-31T13:35:28Z | 2026-04-17T03:12:23Z |
| mal-2026-2822 | Malicious code in ing-web-v5 (npm) | 2026-04-17T02:00:34Z | 2026-04-17T02:00:34Z |
| mal-2026-2821 | Malicious code in robase-quick-install (PyPI) | 2026-04-16T22:30:00Z | 2026-04-16T22:30:00Z |
| mal-2026-2820 | Malicious code in chainutils (PyPI) | 2026-04-16T21:15:50Z | 2026-04-16T22:20:32Z |
| mal-2026-2819 | Malicious code in pynosist (PyPI) | 2026-04-16T17:48:29Z | 2026-04-16T22:20:32Z |
| mal-2026-2818 | Malicious code in genosys (PyPI) | 2026-04-16T17:48:14Z | 2026-04-16T22:20:32Z |
| mal-2026-2817 | Malicious code in lightweight-charts-4.1 (npm) | 2026-04-16T17:35:59Z | 2026-04-16T17:35:59Z |
| mal-2025-938 | Malicious code in just-test-framework (PyPI) | 2025-01-10T01:24:54Z | 2026-04-16T15:42:11Z |
| mal-2025-6495 | Malicious code in discord-booster (PyPI) | 2025-05-29T22:39:05Z | 2026-04-16T15:42:11Z |
| mal-2025-4270 | Malicious code in web3automation (PyPI) | 2025-04-27T08:06:41Z | 2026-04-16T15:42:11Z |
| mal-2025-4232 | Malicious code in pyinitialyze (PyPI) | 2025-05-09T20:14:13Z | 2026-04-16T15:42:11Z |
| mal-2025-3484 | Malicious code in yolov8mini (PyPI) | 2025-03-23T21:03:35Z | 2026-04-16T15:42:11Z |
| mal-2025-3473 | Malicious code in textgradient (PyPI) | 2025-03-28T17:41:31Z | 2026-04-16T15:42:11Z |
| mal-2025-3441 | Malicious code in colorina (PyPI) | 2025-04-10T07:47:51Z | 2026-04-16T15:42:11Z |
| mal-2025-3014 | Malicious code in w3socket (PyPI) | 2025-02-17T10:36:37Z | 2026-04-16T15:42:11Z |
| mal-2025-3010 | Malicious code in transaction-analysis (PyPI) | 2025-02-24T10:06:17Z | 2026-04-16T15:42:11Z |
| mal-2025-2967 | Malicious code in heroku-tl (PyPI) | 2025-03-08T07:34:12Z | 2026-04-16T15:42:11Z |
| mal-2025-2949 | Malicious code in colorizetext (PyPI) | 2025-03-05T16:15:15Z | 2026-04-16T15:42:11Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| 3adr011432 | AC500 V2 Buffer overread on Modbus protocol | 2025-07-23T00:30:00.000Z | 2025-07-23T00:30:00.000Z |
| 9akk108471a4556 | Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. | 2025-07-21T00:30:00.000Z | 2025-07-21T00:30:00.000Z |
| 2crt000008 | Lite Panel Pro Vulnerability in Session Management | 2025-06-26T00:30:00.000Z | 2025-06-26T00:30:00.000Z |
| 9akk108470a8948 | ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. | 2025-05-29T00:30:00.000Z | 2025-06-05T00:30:00.000Z |
| 9akk108471a1621 | EIBPORT Session Management Fail | 2025-06-02T00:30:00.000Z | 2025-06-04T00:30:00.000Z |
| 9akk108471a0021 | ELSB/BLBA ASPECT advisory several CVEs | 2025-05-22T00:30:00.000Z | 2025-05-23T10:30:00.000Z |
| 2crt000006 | ANC – ABB Network Card Multiple vulnerabilities in ANC | 2025-04-30T00:30:00.000Z | 2025-04-30T00:30:00.000Z |
| 2crt000007 | Ekip Com IEC61850 Vulnerability in 3rd Party Library | 2025-04-29T00:30:00.000Z | 2025-04-29T00:30:00.000Z |
| 9akk108470a9989 | ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities | 2025-04-10T08:30:00.000Z | 2025-04-10T08:30:00.000Z |
| 2nga002579 | ABB Arctic communication solution ARM600 Vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 2nga002427 | ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 9akk108470a9494 | Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| 9akk108470a9491 | ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| sa24p015 | B&R APROL Potential Privilege Escalation and Information Disclosure | 2025-03-24T00:30:00.000Z | 2025-03-24T00:30:00.000Z |
| 9akk108470a8565 | RMC-100 Vulnerability in the Web UI (REST Interface) | 2025-03-11T00:30:00.000Z | 2025-03-11T00:30:00.000Z |
| 9akk108470a5684 | FLXeon Controllers Cyber Security Advisory | 2025-01-20T00:30:00.000Z | 2025-02-14T00:30:00.000Z |
| 7paa012159 | System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text | 2025-02-10T00:30:00.000Z | 2025-02-10T00:30:00.000Z |
| 9akk108470a6775 | Hardcoded credentials in ASPECT Energy Management System | 2025-02-05T00:30:00.000Z | 2025-02-06T00:30:00.000Z |
| sa25p001 | Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates | 2025-01-15T00:30:00.000Z | 2025-01-16T00:30:00.000Z |
| 9akk108470a5466 | Drive Composer Path Traversal Vulnerability | 2025-02-05T00:30:00.000Z | 2025-01-10T00:30:00.000Z |
| 3adr011377 | AC500 V3 Multiple vulnerabilities | 2025-01-07T00:30:00.000Z | 2025-01-07T00:30:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-0870 | libpng: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0863 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0860 | NGINX und NGINX Plus: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0850 | Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0843 | Node.js: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0824 | Python: Schwachstelle ermöglicht Codeausführung | 2026-03-22T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0790 | Linux Kernel: Mehrere Schwachstellen | 2026-03-18T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0769 | Red Hat Enterprise Linux (capstone) und OpenShift (rhcos): Mehrere Schwachstellen | 2026-03-17T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0733 | libexpat: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-03-15T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0729 | OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2026-03-15T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0725 | FreeRDP: Mehrere Schwachstellen | 2026-03-12T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0716 | OpenSSH GSSAPI delta: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2026-03-12T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0692 | Mattermost MS Teams plugin: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-03-10T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0614 | Linux Kernel: Mehrere Schwachstellen | 2026-03-04T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0548 | Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2026-02-26T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0525 | GStreamer: Mehrere Schwachstellen | 2026-02-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0514 | FreeRDP: Mehrere Schwachstellen | 2026-02-24T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0443 | Apache Tomcat und Tomcat Native: Mehrere Schwachstellen | 2026-02-17T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0421 | Linux Kernel: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0409 | PostgreSQL: Mehrere Schwachstellen | 2026-02-12T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0378 | IBM WebSphere Application Server: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2026-02-10T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0359 | GnuTLS: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-02-09T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0324 | Linux Kernel: Mehrere Schwachstellen | 2026-02-04T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0309 | NGINX OSS und NGINX Plus: Schwachstelle ermöglicht Manipulation von Dateien | 2026-02-04T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0302 | Red Hat Enterprise Linux (python-wheel): Schwachstelle ermöglicht Privilegieneskalation und Codeausführung | 2026-02-03T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0280 | Linux Kernel: Mehrere Schwachstellen | 2026-02-01T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0244 | FreeRDP: Mehrere Schwachstellen | 2026-01-27T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0215 | Linux Kernel: Mehrere Schwachstellen | 2026-01-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0194 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2026-01-21T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0184 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2026-01-20T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| va-26-092-02 | Zscaler Client Connector hard-coded proxy configuration domain | 2026-04-02T13:54:30Z | 2026-04-02T13:54:30Z |
| icsa-26-092-03 | Hitachi Energy Ellipse | 2026-02-24T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-092-02 | Yokogawa CENTUM VP | 2026-04-02T06:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-092-01 | Siemens SICAM 8 Products | 2026-03-26T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-25-037-02 | Schneider Electric EcoStruxure (Update D) | 2025-01-14T07:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-055-03 | Gardyn Home Kit (Update A) | 2026-02-24T06:00:00.000000Z | 2026-04-02T05:00:00.000000Z |
| va-26-084-01 | Nanoleaf Lines unauthenticated firmware file store | 2026-03-25T00:00:00Z | 2026-04-02T00:00:00Z |
| icsa-26-090-02 | PX4 Autopilot | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-26-090-01 | Anritsu Remote Spectrum Monitor | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-24-324-01 | Mitsubishi Electric MELSEC iQ-F Series (Update A) | 2024-11-19T00:00:00.000Z | 2026-03-31T00:00:00.000000Z |
| icsma-26-083-01 | Grassroots DICOM (GDCM) | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsma-25-364-01 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) | 2025-12-30T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-03 | "Schneider Electric Plant iT/Brewmaxx" | 2026-01-13T08:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-02 | Schneider Electric EcoStruxure Foxboro DCS | 2026-03-10T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-01 | Pharos Controls Mosaic Show Controller | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-078-08 | Automated Logic WebCTRL Premium Server | 2026-03-19T06:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-05 | Mitsubishi Electric CNC Series | 2026-03-10T00:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-04 | Schneider Electric EcoStruxure PME and EPO | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-03 | Schneider Electric EcoStruxure Automation Expert | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-02 | Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-01 | Schneider Electric Modicon M241, M251, and M262 | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-07 | IGL-Technologies eParking.fi | 2026-03-19T05:00:00.000000Z | 2026-03-19T05:00:00.000000Z |
| icsa-26-078-06 | CTEK Chargeportal | 2026-03-19T05:00:00.000000Z | 2026-03-19T05:00:00.000000Z |
| icsa-26-076-04 | Siemens SICAM SIAPP SDK | 2026-03-10T00:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-076-03 | Schneider Electric EcoStruxure Data Center Expert | 2026-03-10T07:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-076-02 | Schneider Electric SCADAPack and RemoteConnect | 2026-02-10T08:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-076-01 | CODESYS in Festo Automation Suite | 2026-02-26T08:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-26-015-10 | Schneider Electric EcoStruxure Power Build Rapsody (Update A) | 2026-01-13T08:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-25-160-02 | Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A) | 2023-06-27T00:00:00.000000Z | 2026-03-17T06:00:00.000000Z |
| icsa-25-303-01 | International Standards Organization ISO 15118-2 (Update A) | 2025-10-30T05:00:00.000000Z | 2026-03-17T05:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-bootp-wubhnbxa | Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-asa-ftd-ios-dos-kpepqggk | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-fmc-rce-nkhnuljh | Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-25T14:21:24+00:00 |
| cisco-sa-sdwan-authbp-qwcx8d4v | Cisco Catalyst SD-WAN Vulnerabilities | 2026-02-25T16:00:00+00:00 | 2026-03-18T01:06:38+00:00 |
| cisco-sa-xrncs-epni-int-dos-twmffusn | Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-isis-dos-kdmxpszk | Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-iosxr-privesc-bf8d5u4w | Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-cc-xss-mrnah5jh | Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-fmc-sql-inject-2enmtc8v | Cisco Secure Firewall Management Center Software SQL Injection Vulnerability | 2024-10-23T16:00:00+00:00 | 2026-03-04T16:11:01+00:00 |
| cisco-sa-asaftd-cmd-inj-zjv8wysm | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability | 2024-04-24T16:00:00+00:00 | 2026-03-04T16:10:59+00:00 |
| cisco-sa-snort3-multi-dos-xfwkwswz | Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-onprem-fmc-authbypass-5jpp45v2 | Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftdfmc-dir-trav-wergjhwq | Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftd-tcp-dos-rhfqnwrg | Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftd-snort-bypass-rlggkzvf | Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftd-dnd-dos-bpecg7b7 | Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-ftd-cmd-inj-mtzgzexf | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-fmc-sql-injection-2qh6ccjd | Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asaftd-vpn-m9sx6mbc | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asaftd-saml-lkttrwzp | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asaftd-ospf-zh8phbsw | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asaftd-luainject-vescqgms | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asaftd-ikev2-dos-ebuegdeg | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asaftd-desync-n5avzeqw | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-asa-ssh-keybypass-cr5xpusf | Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-04T16:00:00+00:00 |
| cisco-sa-sdwan-rpa-ehchtzk | Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-03-03T00:38:56+00:00 |
| cisco-sa-sd-wan-priv-e6e8tedf | Cisco SD-WAN Software Privilege Escalation Vulnerabilities | 2022-09-28T16:00:00+00:00 | 2026-02-25T20:29:00+00:00 |
| cisco-sa-ucsm-cmdinj-gvxlpesb | Cisco UCS Manager Software Command Injection Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-ucsm-afwae-mogufyln | Cisco UCS Manager Software Privilege Escalation Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| cisco-sa-ucsfxosxss-7skve8zv | Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability | 2026-02-25T16:00:00+00:00 | 2026-02-25T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-31789 | Heap Buffer Overflow in Hexadecimal Conversion | 2026-04-02T00:00:00.000Z | 2026-04-15T01:45:06.000Z |
| msrc_cve-2026-28389 | Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo | 2026-04-02T00:00:00.000Z | 2026-04-15T01:44:54.000Z |
| msrc_cve-2026-28388 | NULL Pointer Dereference When Processing a Delta CRL | 2026-04-02T00:00:00.000Z | 2026-04-15T01:44:38.000Z |
| msrc_cve-2026-28387 | Potential Use-after-free in DANE Client Code | 2026-04-02T00:00:00.000Z | 2026-04-15T01:44:18.000Z |
| msrc_cve-2026-33055 | tar-rs incorrectly ignores PAX size headers if header size is nonzero | 2026-03-02T00:00:00.000Z | 2026-04-15T01:44:10.000Z |
| msrc_cve-2026-33056 | tar-rs: unpack_in can chmod arbitrary directories by following symlinks | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:57.000Z |
| msrc_cve-2026-2646 | Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:43.000Z |
| msrc_cve-2026-2645 | Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:37.000Z |
| msrc_cve-2026-3579 | Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:31.000Z |
| msrc_cve-2026-3849 | Buffer Overflow in HPKE via Oversized ECH Config | 2026-03-02T00:00:00.000Z | 2026-04-15T01:43:25.000Z |
| msrc_cve-2026-35611 | Addressable has a Regular Expression Denial of Service in Addressable templates | 2026-04-02T00:00:00.000Z | 2026-04-15T01:43:25.000Z |
| msrc_cve-2026-35093 | Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins | 2026-04-02T00:00:00.000Z | 2026-04-15T01:42:54.000Z |
| msrc_cve-2026-34743 | XZ Utils: Buffer overflow in lzma_index_append() | 2026-04-02T00:00:00.000Z | 2026-04-15T01:42:40.000Z |
| msrc_cve-2026-3644 | Incomplete control character validation in http.cookies | 2026-03-02T00:00:00.000Z | 2026-04-15T01:42:33.000Z |
| msrc_cve-2026-34601 | xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion | 2026-04-02T00:00:00.000Z | 2026-04-15T01:42:18.000Z |
| msrc_cve-2026-32287 | Infinite loop in github.com/antchfx/xpath | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:59.000Z |
| msrc_cve-2026-32777 | CVE-2026-32777 | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:54.000Z |
| msrc_cve-2026-4739 | Integer overflow vulnerabilities in InsightSoftwareConsortium/ITK | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:38.000Z |
| msrc_cve-2026-32778 | CVE-2026-32778 | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:36.000Z |
| msrc_cve-2026-32776 | CVE-2026-32776 | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:18.000Z |
| msrc_cve-2026-4176 | Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib | 2026-03-02T00:00:00.000Z | 2026-04-15T01:41:11.000Z |
| msrc_cve-2026-27171 | zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. | 2026-02-02T00:00:00.000Z | 2026-04-15T01:40:55.000Z |
| msrc_cve-2026-27139 | FileInfo can escape from a Root in os | 2026-03-02T00:00:00.000Z | 2026-04-15T01:40:46.000Z |
| msrc_cve-2025-14523 | Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins) | 2025-12-02T00:00:00.000Z | 2026-04-15T01:39:52.000Z |
| msrc_cve-2026-33940 | Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:35.000Z |
| msrc_cve-2025-61729 | Excessive resource consumption when printing error string for host certificate validation in crypto/x509 | 2025-12-02T00:00:00.000Z | 2026-04-15T01:39:31.000Z |
| msrc_cve-2026-33939 | Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:30.000Z |
| msrc_cve-2026-33941 | Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:24.000Z |
| msrc_cve-2026-33938 | Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:18.000Z |
| msrc_cve-2026-33891 | Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input | 2026-03-02T00:00:00.000Z | 2026-04-15T01:39:13.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0097 | Kwetsbaarheden verholpen in Google Chrome | 2026-03-13T08:33:43.877125Z | 2026-03-13T08:33:43.877125Z |
| ncsc-2026-0096 | Kwetsbaarheden verholpen in Veeam Backup & Replication | 2026-03-12T14:54:08.200676Z | 2026-03-12T14:54:08.200676Z |
| ncsc-2026-0095 | Kwetsbaarheid verholpen in pac4j-jwt | 2026-03-12T14:45:51.156512Z | 2026-03-12T14:45:51.156512Z |
| ncsc-2026-0094 | Kwetsbaarheden verholpen in Cisco IOS XR | 2026-03-12T14:44:08.106602Z | 2026-03-12T14:44:08.106602Z |
| ncsc-2026-0093 | Kwetsbaarheden verholpen in GitLab | 2026-03-12T14:42:46.936248Z | 2026-03-12T14:42:46.936248Z |
| ncsc-2026-0092 | Kwetsbaarheden verholpen in Fortinet FortiWeb | 2026-03-12T07:46:15.529522Z | 2026-03-12T07:46:15.529522Z |
| ncsc-2026-0091 | Kwetsbaarheden verholpen in SAP-producten | 2026-03-12T07:24:16.575638Z | 2026-03-12T07:24:16.575638Z |
| ncsc-2026-0090 | Kwetsbaarheden verholpen in Adobe Experience Manager | 2026-03-12T07:12:51.952931Z | 2026-03-12T07:12:51.952931Z |
| ncsc-2026-0089 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2026-03-12T07:03:24.148324Z | 2026-03-12T07:03:24.148324Z |
| ncsc-2026-0088 | Kwetsbaarheden verholpen in Adobe Illustrator | 2026-03-12T06:55:39.712240Z | 2026-03-12T06:55:39.712240Z |
| ncsc-2026-0087 | Kwetsbaarheden verholpen in Adobe Commerce | 2026-03-12T06:49:56.459199Z | 2026-03-12T06:49:56.459199Z |
| ncsc-2026-0086 | Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer | 2026-03-11T09:19:38.777277Z | 2026-03-11T09:19:38.777277Z |
| ncsc-2026-0085 | Kwetsbaarheden verholpen in Microsoft Developer tools | 2026-03-10T20:35:10.478398Z | 2026-03-10T20:35:10.478398Z |
| ncsc-2026-0084 | Kwetsbaarheden verholpen in Microsoft Office | 2026-03-10T20:20:08.157658Z | 2026-03-10T20:20:08.157658Z |
| ncsc-2026-0083 | Kwetsbaarheid verholpen in Microsoft Authenticator app | 2026-03-10T20:18:35.792755Z | 2026-03-10T20:18:35.792755Z |
| ncsc-2026-0082 | Kwetsbaarheden verholpen in Microsoft Azure | 2026-03-10T20:15:41.528951Z | 2026-03-10T20:15:41.528951Z |
| ncsc-2026-0081 | Kwetsbaarheden verholpen in Microsoft SQL Server | 2026-03-10T20:12:56.032261Z | 2026-03-10T20:12:56.032261Z |
| ncsc-2026-0080 | Kwetsbaarheden verholpen in Microsoft Windows | 2026-03-10T20:07:55.976638Z | 2026-03-10T20:07:55.976638Z |
| ncsc-2026-0059 | Kwetsbaarheden verholpen in Ivanti Endpoint Manager | 2026-02-11T08:16:27.583936Z | 2026-03-10T14:20:48.176282Z |
| ncsc-2026-0079 | Kwetsbaarheden verholpen in Siemens producten | 2026-03-10T12:39:14.474522Z | 2026-03-10T12:39:14.474522Z |
| ncsc-2026-0071 | Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager | 2026-02-25T17:11:09.013125Z | 2026-03-06T12:07:02.595940Z |
| ncsc-2026-0078 | Kwetsbaarheden verholpen in Kibana | 2026-03-05T09:36:49.056247Z | 2026-03-05T09:36:49.056247Z |
| ncsc-2026-0077 | Kwetsbaarheden verholpen in Cisco Secure Firewall systemen | 2026-03-05T09:05:21.646499Z | 2026-03-05T09:05:21.646499Z |
| ncsc-2026-0075 | Kwetsbaarheid verholpen in n8n Automation Platform | 2026-03-04T14:03:54.207583Z | 2026-03-04T14:03:54.207583Z |
| ncsc-2026-0070 | Kwetsbaarheden verholpen in VMware Aria Operations | 2026-02-25T11:24:46.807867Z | 2026-03-04T08:54:08.940512Z |
| ncsc-2026-0074 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 2026-03-03T09:07:09.279353Z | 2026-03-03T09:07:09.279353Z |
| ncsc-2026-0073 | Kwetsbaarheid verholpen in Juniper Junos OS Evolved | 2026-02-27T09:48:51.845864Z | 2026-02-27T09:48:51.845864Z |
| ncsc-2026-0072 | Kwetsbaarheden verholpen in GitLab | 2026-02-27T07:15:18.318821Z | 2026-02-27T07:15:18.318821Z |
| ncsc-2026-0069 | Kwetsbaarheden verholpen in SolarWinds Serv-U | 2026-02-25T10:39:38.154815Z | 2026-02-25T10:39:38.154815Z |
| ncsc-2026-0068 | Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform | 2026-02-23T14:27:28.865278Z | 2026-02-23T14:27:28.865278Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2023_5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022_2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022_2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022:2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022:2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021_2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021_1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021:2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021:1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020_3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020_2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020:3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020:2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10514-1 | go1.25-1.25.9-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10513-1 | fontforge-20251009-6.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10512-1 | aws-c-event-stream-devel-0.7.0-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10511-1 | MozillaFirefox-149.0.2-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:20477-1 | Security update for aws-c-event-stream | 2026-04-08T13:03:50Z | 2026-04-08T13:03:50Z |
| opensuse-su-2026:10510-1 | sudo-1.9.17p2-2.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10509-1 | steampipe-2.4.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10508-1 | ruby4.0-rubygem-rack-2.2-2.2.23-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10507-1 | python311-lupa-2.7-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10506-1 | jupyter-jupyterlab-templates-0.5.3-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10505-1 | libIex-3_4-33-3.4.9-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10504-1 | corepack24-24.14.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10503-1 | firefox-esr-140.9.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10502-1 | dcmtk-3.7.0-2.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10501-1 | MozillaThunderbird-140.9.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10500-1 | 389-ds-3.1.4+e2562f589-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:20476-1 | Security update for mapserver | 2026-04-07T15:33:59Z | 2026-04-07T15:33:59Z |
| opensuse-su-2026:20471-1 | Security update for systemd | 2026-04-07T15:17:05Z | 2026-04-07T15:17:05Z |
| opensuse-su-2026:20472-1 | Security update for tar | 2026-04-07T14:58:07Z | 2026-04-07T14:58:07Z |
| opensuse-su-2026:20470-1 | Security update for libtasn1 | 2026-04-07T14:33:05Z | 2026-04-07T14:33:05Z |
| opensuse-su-2026:20469-1 | Security update for cockpit-packages | 2026-04-07T13:03:46Z | 2026-04-07T13:03:46Z |
| opensuse-su-2026:20465-1 | Security update for tigervnc | 2026-04-07T12:21:55Z | 2026-04-07T12:21:55Z |
| opensuse-su-2026:20468-1 | Security update for python-cbor2 | 2026-04-07T11:57:38Z | 2026-04-07T11:57:38Z |
| opensuse-su-2026:20466-1 | Security update for libpng16 | 2026-04-07T11:57:38Z | 2026-04-07T11:57:38Z |
| opensuse-su-2026:20473-1 | Security update for osslsigncode | 2026-04-07T07:50:40Z | 2026-04-07T07:50:40Z |
| opensuse-su-2026:10499-1 | python311-social-auth-app-django-5.7.0-1.1 on GA media | 2026-04-07T00:00:00Z | 2026-04-07T00:00:00Z |
| opensuse-su-2026:10498-1 | libeverest-3.6.6-1.1 on GA media | 2026-04-07T00:00:00Z | 2026-04-07T00:00:00Z |
| opensuse-su-2026:10497-1 | heroic-games-launcher-2.20.1-5.1 on GA media | 2026-04-07T00:00:00Z | 2026-04-07T00:00:00Z |
| opensuse-su-2026:10496-1 | git-cliff-2.12.0-1.1 on GA media | 2026-04-07T00:00:00Z | 2026-04-07T00:00:00Z |
| opensuse-su-2026:10495-1 | ckermit-9.0.302-20.1 on GA media | 2026-04-07T00:00:00Z | 2026-04-07T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:5549 | Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.4 | 2026-03-24T07:31:25+00:00 | 2026-04-17T21:47:00+00:00 |
| rhsa-2026:5452 | Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release | 2026-03-23T16:13:04+00:00 | 2026-04-17T21:47:00+00:00 |
| rhsa-2026:5447 | Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release | 2026-03-23T16:03:55+00:00 | 2026-04-17T21:47:00+00:00 |
| rhsa-2026:5444 | Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release | 2026-03-23T15:45:35+00:00 | 2026-04-17T21:46:59+00:00 |
| rhsa-2026:5439 | Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release | 2026-03-23T15:37:52+00:00 | 2026-04-17T21:46:59+00:00 |
| rhsa-2026:5110 | Red Hat Security Advisory: Multicluster Global Hub 1.5.4 security update | 2026-03-19T10:27:09+00:00 | 2026-04-17T21:46:58+00:00 |
| rhsa-2026:4942 | Red Hat Security Advisory: Red Hat Quay 3.12.15 | 2026-03-18T16:21:15+00:00 | 2026-04-17T21:46:58+00:00 |
| rhsa-2026:4672 | Red Hat Security Advisory: container-tools:rhel8 security update | 2026-03-17T04:01:11+00:00 | 2026-04-17T21:46:56+00:00 |
| rhsa-2026:4466 | Red Hat Security Advisory: RHACS 4.8.9 security and bug fix update | 2026-03-12T11:53:42+00:00 | 2026-04-17T21:46:56+00:00 |
| rhsa-2026:4467 | Red Hat Security Advisory: RHACS 4.9.4 security and bug fix update | 2026-03-12T11:53:58+00:00 | 2026-04-17T21:46:55+00:00 |
| rhsa-2026:4170 | Red Hat Security Advisory: Red Hat OpenShift API for Data Protection | 2026-03-10T10:02:11+00:00 | 2026-04-17T21:46:55+00:00 |
| rhsa-2026:3884 | Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.2 security update | 2026-03-05T12:07:11+00:00 | 2026-04-17T21:46:55+00:00 |
| rhsa-2026:4434 | Red Hat Security Advisory: OpenShift Container Platform 4.19.26 bug fix and security update | 2026-03-18T18:31:59+00:00 | 2026-04-17T21:46:53+00:00 |
| rhsa-2026:3880 | Red Hat Security Advisory: grafana security update | 2026-03-05T12:20:43+00:00 | 2026-04-17T21:46:51+00:00 |
| rhsa-2026:3855 | Red Hat Security Advisory: OpenShift Container Platform 4.20.16 bug fix and security update | 2026-03-11T04:54:31+00:00 | 2026-04-17T21:46:50+00:00 |
| rhsa-2026:3854 | Red Hat Security Advisory: grafana security update | 2026-03-05T11:07:41+00:00 | 2026-04-17T21:46:50+00:00 |
| rhsa-2026:3851 | Red Hat Security Advisory: OpenShift Container Platform 4.20.16 packages and security update | 2026-03-11T05:24:06+00:00 | 2026-04-17T21:46:50+00:00 |
| rhsa-2026:3838 | Red Hat Security Advisory: grafana security update | 2026-03-05T09:44:33+00:00 | 2026-04-17T21:46:50+00:00 |
| rhsa-2026:3836 | Red Hat Security Advisory: grafana security update | 2026-03-05T09:03:15+00:00 | 2026-04-17T21:46:49+00:00 |
| rhsa-2026:3835 | Red Hat Security Advisory: grafana security update | 2026-03-05T09:01:36+00:00 | 2026-04-17T21:46:48+00:00 |
| rhsa-2026:3833 | Red Hat Security Advisory: grafana security update | 2026-03-05T08:23:57+00:00 | 2026-04-17T21:46:48+00:00 |
| rhsa-2026:3831 | Red Hat Security Advisory: grafana security update | 2026-03-05T07:55:46+00:00 | 2026-04-17T21:46:48+00:00 |
| rhsa-2026:3782 | Red Hat Security Advisory: RHOAI 2.25.3 - Red Hat OpenShift AI | 2026-03-04T18:23:40+00:00 | 2026-04-17T21:46:48+00:00 |
| rhsa-2026:3753 | Red Hat Security Advisory: osbuild-composer security update | 2026-03-04T15:52:29+00:00 | 2026-04-17T21:46:47+00:00 |
| rhsa-2026:3752 | Red Hat Security Advisory: osbuild-composer security update | 2026-03-04T15:29:36+00:00 | 2026-04-17T21:46:47+00:00 |
| rhsa-2026:3559 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.14 | 2026-03-02T17:03:40+00:00 | 2026-04-17T21:46:47+00:00 |
| rhsa-2026:3556 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.14 | 2026-03-02T16:52:33+00:00 | 2026-04-17T21:46:47+00:00 |
| rhsa-2026:3489 | Red Hat Security Advisory: go-toolset:rhel8 security update | 2026-03-02T02:56:16+00:00 | 2026-04-17T21:46:46+00:00 |
| rhsa-2026:3473 | Red Hat Security Advisory: golang security update | 2026-03-02T01:23:25+00:00 | 2026-04-17T21:46:46+00:00 |
| rhsa-2026:3472 | Red Hat Security Advisory: golang security update | 2026-03-02T01:26:30+00:00 | 2026-04-17T21:46:45+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2023-192-04 | CODESYS Runtime Vulnerabilities | 2023-07-11T07:15:18.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2021-159-04 | ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools | 2021-06-08T04:36:25.000Z | 2025-11-15T00:00:00.000Z |
| sevd-2022-284-03 | ISaGRAF Workbench for SAGE RTU | 2022-10-10T22:13:16.000Z | 2025-11-14T06:30:00.000Z |
| sevd-2025-315-02 | EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-315-01 | PowerChute™ Serial Shutdown | 2025-11-11T08:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-02 | EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-224-01 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-08-12T04:00:00.000Z | 2025-11-11T08:00:00.000Z |
| sevd-2025-287-01 | EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server | 2025-10-14T07:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-133-01 | Modicon Controllers M241/M251/M258/LMC058 | 2025-05-13T04:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2024-345-03 | Modicon M241 / M251 / M258 / LMC058 | 2024-12-10T05:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2024-191-04 | Modicon Controllers M241/ M251, M258 / LMC058 and M262 | 2024-07-09T00:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-133-05 | Galaxy VS, Galaxy VL, Galaxy VXL | 2025-05-13T04:00:00.000Z | 2025-09-24T04:00:00.000Z |
| sevd-2025-252-02 | Saitel DR & Saitel DP Remote Terminal Unit | 2025-09-09T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-224-04 | EcoStruxure™ Building Operation Enterprise Server, EcoStruxure™ Building Operation Enterprise Central, and EcoStruxure™ Workstation | 2025-08-12T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-224-03 | Schneider Electric Software Update | 2025-08-12T04:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-014-02 | Pro-face GP-Pro EX and Remote HMI | 2025-01-14T00:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2021-313-05 | BadAlloc Vulnerabilities | 2021-11-09T05:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2025-014-03 | Wind River VxWorks DHCP Server Vulnerability | 2025-01-14T05:00:00.000Z | 2025-08-12T04:00:00.000Z |
| sevd-2025-189-04 | EcoStruxure™ Power Monitoring Expert (PME) and EcoStruxure™ Power Operation (EPO) with Advanced Reporting and Dashboards | 2025-07-08T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-189-02 | System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs | 2025-07-08T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-189-01 | EcoStruxure™ IT Data Center Expert | 2025-07-08T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-161-03 | EVLink WallBox | 2025-06-10T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-161-02 | Modicon Controllers M241/M251/M258/LMC058/M262 | 2025-06-10T04:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2024-254-01 | Vijeo Designer | 2024-09-10T00:00:00.000Z | 2025-07-08T04:00:00.000Z |
| sevd-2025-161-01 | Insight Home and Insight Facility | 2025-06-10T04:00:00.000Z | 2025-06-10T04:00:00.000Z |
| sevd-2020-287-01 | Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules | 2020-10-13T00:00:00.000Z | 2025-06-10T04:00:00.000Z |
| sevd-2025-133-04 | Schneider Electric PrismaSeT Active - Wireless Panel Server | 2025-05-13T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-133-03 | EcoStruxure Power Build Rapsody | 2025-05-13T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-133-02 | Wiser Home Automation | 2025-05-13T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-098-01 | ConneXium Network Manager Software | 2025-04-08T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| SCA-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| SCA-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| SCA-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| sca-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| SCA-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| sca-2023-0006 | Vulnerabilities in SICK ICR890-4 | 2023-07-10T13:00:00.000Z | 2023-07-10T13:00:00.000Z |
| SCA-2023-0006 | Vulnerabilities in SICK ICR890-4 | 2023-07-10T13:00:00.000Z | 2023-07-10T13:00:00.000Z |
| sca-2023-0005 | Vulnerabilities in SICK EventCam App | 2023-06-19T11:00:00.000Z | 2023-06-19T11:00:00.000Z |
| SCA-2023-0005 | Vulnerabilities in SICK EventCam App | 2023-06-19T11:00:00.000Z | 2023-06-19T11:00:00.000Z |
| sca-2023-0004 | Vulnerabilities in SICK FTMg | 2023-05-11T13:00:00.000Z | 2023-05-11T13:00:00.000Z |
| SCA-2023-0004 | Vulnerabilities in SICK FTMg | 2023-05-11T13:00:00.000Z | 2023-05-11T13:00:00.000Z |
| sca-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| SCA-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| sca-2023-0002 | Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways | 2023-04-11T10:00:00.000Z | 2023-04-11T10:00:00.000Z |
| sca-2023-0001 | Bootloader mode vulnerability in Flexi Soft Gateways v3 | 2023-02-20T14:00:00.000Z | 2023-02-20T14:00:00.000Z |
| sca-2022-0015 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR | 2022-12-08T16:00:00.000Z | 2022-12-08T16:00:00.000Z |
| sca-2022-0013 | Password recovery vulnerability affects multiple SICK SIMs | 2022-10-21T13:00:00.000Z | 2022-11-04T14:00:00.000Z |
| sca-2022-0014 | SICK FlexiCompact affected by Denial of Service vulnerability | 2022-10-31T11:00:00.000Z | 2022-10-31T11:00:00.000Z |
| sca-2022-0012 | OpenSSL vulnerability affects multiple SICK SIMs | 2022-08-08T13:00:00.000Z | 2022-08-03T13:00:00.000Z |
| sca-2022-0010 | Vulnerability in SICK Flexi Soft Designer & Safety Designer | 2022-05-16T10:00:00.000Z | 2022-07-19T10:00:00.000Z |
| sca-2022-0011 | Vulnerabilities in SICK Package Analytics | 2022-06-08T15:00:00.000Z | 2022-06-08T15:00:00.000Z |
| sca-2022-0009 | Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0008 | Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0007 | Vulnerabilities in SICK MARSIC300 | 2022-04-21T15:00:00.000Z | 2022-04-21T15:00:00.000Z |
| sca-2022-0006 | Vulnerability in SICK MSC800 | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0005 | Vulnerability in SICK Overall Equipment Effectiveness (OEE) | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0004 | Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC | 2022-04-11T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0003 | Vulnerabilities in SICK FTMg | 2022-03-31T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-485750 | SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-430425 | SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0 | 2024-10-08T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-201595 | SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2025-08-14T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-126399 | SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-082556 | SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 | 2025-06-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-027652 | SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives | 2025-09-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-613116 | SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 | 2025-08-12T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-355557 | SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 | 2025-08-12T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-089022 | SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 | 2026-01-28T00:00:00Z | 2026-02-24T00:00:00Z |
| ssa-965753 | SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-864900 | SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2025-05-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-783261 | SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 | 2012-12-12T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-674753 | SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices | 2026-01-13T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-625934 | SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-599451 | SSA-599451: Multiple Vulnerabilities in SiPass integrated | 2025-10-14T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-507364 | SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-445819 | SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-265688 | SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 | 2024-04-09T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-130874 | SSA-130874: Buffer Overflow Vulnerability in SCALANCE X Switches | 2012-04-05T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-035571 | SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506 | 2026-02-10T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-928984 | SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC) | 2024-12-16T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-858251 | SSA-858251: Authentication Bypass Vulnerabilities in OPC UA | 2025-03-11T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-698820 | SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices | 2024-07-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-693776 | SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2 | 2025-06-10T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-366067 | SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:1365-1 | Security update for python | 2026-04-15T14:30:35Z | 2026-04-15T14:30:35Z |
| suse-su-2026:1364-1 | Security update for webkit2gtk3 | 2026-04-15T14:27:58Z | 2026-04-15T14:27:58Z |
| suse-su-2026:1363-1 | Security update for nodejs20 | 2026-04-15T14:16:20Z | 2026-04-15T14:16:20Z |
| suse-su-2026:1361-1 | Security update for himmelblau | 2026-04-15T14:14:00Z | 2026-04-15T14:14:00Z |
| suse-su-2026:1360-1 | Security update for tigervnc | 2026-04-15T14:10:48Z | 2026-04-15T14:10:48Z |
| suse-su-2026:1359-1 | Security update for sudo | 2026-04-15T14:07:03Z | 2026-04-15T14:07:03Z |
| suse-su-2026:1356-1 | Security update for nfs-utils | 2026-04-15T13:43:43Z | 2026-04-15T13:43:43Z |
| suse-su-2026:1355-1 | Security update for rubygem-bundler | 2026-04-15T13:37:50Z | 2026-04-15T13:37:50Z |
| suse-su-2026:1354-1 | Security update for python313 | 2026-04-15T13:37:43Z | 2026-04-15T13:37:43Z |
| suse-su-2026:1353-1 | Security update for netty, netty-tcnative | 2026-04-15T13:37:19Z | 2026-04-15T13:37:19Z |
| suse-su-2026:1352-1 | Security update for expat | 2026-04-15T13:36:53Z | 2026-04-15T13:36:53Z |
| suse-su-2026:1351-1 | Security update for bind | 2026-04-15T13:36:44Z | 2026-04-15T13:36:44Z |
| suse-su-2026:1350-1 | Security update for nghttp2 | 2026-04-15T13:36:21Z | 2026-04-15T13:36:21Z |
| suse-su-2026:1349-1 | Security update for python311 | 2026-04-15T13:35:56Z | 2026-04-15T13:35:56Z |
| suse-su-2026:1347-1 | Security update for vim | 2026-04-15T12:26:44Z | 2026-04-15T12:26:44Z |
| suse-su-2026:1345-1 | Security update for python36 | 2026-04-15T12:04:26Z | 2026-04-15T12:04:26Z |
| suse-su-2026:1344-1 | Security update for libssh | 2026-04-15T10:21:31Z | 2026-04-15T10:21:31Z |
| suse-su-2026:1343-1 | Security update for Mesa | 2026-04-15T10:18:55Z | 2026-04-15T10:18:55Z |
| suse-su-2026:1342-1 | Security update for the Linux Kernel | 2026-04-15T10:15:54Z | 2026-04-15T10:15:54Z |
| suse-su-2026:1338-1 | Security update for giflib | 2026-04-15T07:33:53Z | 2026-04-15T07:33:53Z |
| suse-su-2026:1337-1 | Security update for rust1.92 | 2026-04-15T07:33:26Z | 2026-04-15T07:33:26Z |
| suse-su-2026:1335-1 | Security update for xorg-x11-server | 2026-04-14T17:28:43Z | 2026-04-14T17:28:43Z |
| suse-su-2026:1333-1 | Security update for xorg-x11-server | 2026-04-14T17:18:59Z | 2026-04-14T17:18:59Z |
| suse-su-2026:1332-1 | Security update for xorg-x11-server | 2026-04-14T17:15:06Z | 2026-04-14T17:15:06Z |
| suse-su-2026:1331-1 | Security update for xorg-x11-server | 2026-04-14T17:11:37Z | 2026-04-14T17:11:37Z |
| suse-su-2026:1330-1 | Security update for xorg-x11-server | 2026-04-14T17:08:59Z | 2026-04-14T17:08:59Z |
| suse-su-2026:1329-1 | Security update for xwayland | 2026-04-14T17:06:20Z | 2026-04-14T17:06:20Z |
| suse-su-2026:1328-1 | Security update for xwayland | 2026-04-14T17:04:46Z | 2026-04-14T17:04:46Z |
| suse-su-2026:21112-1 | Security update for pam | 2026-04-14T13:47:51Z | 2026-04-14T13:47:51Z |
| suse-su-2026:1325-1 | Security update for clamav | 2026-04-14T13:15:45Z | 2026-04-14T13:15:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:7670 | Important: nodejs:24 security update | 2026-04-13T00:00:00Z | 2026-04-15T07:50:26Z |
| alsa-2026:7677 | Important: fontforge security update | 2026-04-13T00:00:00Z | 2026-04-15T07:47:47Z |
| alsa-2026:7992 | Important: golang-github-openprinting-ipp-usb security update | 2026-04-14T00:00:00Z | 2026-04-15T07:46:43Z |
| alsa-2026:7680 | Important: perl-XML-Parser security update | 2026-04-13T00:00:00Z | 2026-04-15T07:45:45Z |
| alsa-2026:7672 | Important: firefox security update | 2026-04-13T00:00:00Z | 2026-04-15T07:44:48Z |
| alsa-2026:7666 | Important: nghttp2 security update | 2026-04-13T00:00:00Z | 2026-04-15T07:43:49Z |
| alsa-2026:7383 | Critical: cockpit: Unauthenticated remote code execution due to SSH command-line argument injection | 2026-04-10T00:00:00Z | 2026-04-15T07:41:21Z |
| alsa-2026:7342 | Important: kea security update | 2026-04-09T00:00:00Z | 2026-04-15T07:38:09Z |
| alsa-2026:7005 | Important: git-lfs security update | 2026-04-08T00:00:00Z | 2026-04-15T07:35:05Z |
| alsa-2026:6817 | Important: capstone security update | 2026-04-07T00:00:00Z | 2026-04-15T07:33:58Z |
| alsa-2026:6825 | Moderate: rsync security update | 2026-04-07T00:00:00Z | 2026-04-15T07:31:08Z |
| alsa-2026:8119 | Important: squid security update | 2026-04-14T00:00:00Z | 2026-04-15T07:19:29Z |
| alsa-2026:1240 | Important: fence-agents security update | 2026-01-26T00:00:00Z | 2026-04-15T07:17:05Z |
| alsa-2026:8155 | Important: bind9.16 security update | 2026-04-14T00:00:00Z | 2026-04-15T07:13:08Z |
| alsa-2026:7675 | Important: nodejs24 security update | 2026-04-13T00:00:00Z | 2026-04-14T13:07:01Z |
| alsa-2026:7682 | Important: openexr security update | 2026-04-13T00:00:00Z | 2026-04-14T12:33:23Z |
| alsa-2026:7711 | Important: vim security update | 2026-04-13T00:00:00Z | 2026-04-14T12:18:44Z |
| alsa-2026:6907 | Important: nginx:1.24 security update | 2026-04-07T00:00:00Z | 2026-04-14T11:33:03Z |
| alsa-2026:1241 | Important: resource-agents security update | 2026-01-26T00:00:00Z | 2026-04-14T07:53:22Z |
| alsa-2026:7681 | Important: perl-XML-Parser security update | 2026-04-13T00:00:00Z | 2026-04-14T07:40:45Z |
| alsa-2026:7667 | Important: nghttp2 security update | 2026-04-13T00:00:00Z | 2026-04-14T07:31:34Z |
| alsa-2026:6632 | Moderate: kernel security update | 2026-04-06T00:00:00Z | 2026-04-10T16:50:39Z |
| alsa-2026:6799 | Important: freerdp security update | 2026-04-07T00:00:00Z | 2026-04-09T20:01:55Z |
| alsa-2026:6923 | Important: nginx:1.24 security update | 2026-04-07T00:00:00Z | 2026-04-09T19:55:44Z |
| alsa-2026:6766 | Important: python3.9 security update | 2026-04-07T00:00:00Z | 2026-04-09T19:44:34Z |
| alsa-2025:3026 | Important: kernel security update | 2025-03-19T00:00:00Z | 2026-04-09T19:27:31Z |
| alsa-2025:2872 | Important: pcs security update | 2025-03-17T00:00:00Z | 2026-04-09T19:08:56Z |
| alsa-2024:10987 | Moderate: pcs security update | 2024-12-12T00:00:00Z | 2026-04-09T19:04:08Z |
| alsa-2025:3027 | Important: kernel-rt security update | 2025-03-19T00:00:00Z | 2026-04-09T18:58:43Z |
| alsa-2025:3210 | Important: container-tools:rhel8 security update | 2025-03-26T00:00:00Z | 2026-04-09T18:51:49Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2023-0003 | code injection in xmonad-contrib | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0002 | Improper Verification of Cryptographic Signature | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0001 | Hash flooding vulnerability in aeson | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2022-372 | Heap-buffer-overflow in dwg_encode_VERTEX_2D | 2022-04-26T00:00:09.352798Z | 2026-04-10T14:11:27.492166Z |
| osv-2022-379 | Segv on unknown address in bit_write_TV | 2022-04-27T00:00:44.539231Z | 2026-04-10T14:11:26.691044Z |
| osv-2022-1176 | Heap-double-free in dwg_free | 2022-11-18T13:00:26.857477Z | 2026-04-10T14:10:36.470316Z |
| osv-2022-1259 | Heap-buffer-overflow in dwg_decode_INSERT_private | 2022-12-13T13:00:46.870838Z | 2026-04-10T14:10:23.558612Z |
| osv-2021-1343 | Heap-buffer-overflow in get_next_owned_entity | 2021-09-21T00:01:33.177403Z | 2026-04-10T14:10:04.765852Z |
| osv-2021-1086 | Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 | 2021-08-02T00:00:31.888461Z | 2026-04-10T14:09:40.474591Z |
| osv-2022-1018 | Index-out-of-bounds in LibRaw::kodak_radc_load_raw | 2022-10-06T00:02:27.511658Z | 2026-04-10T14:06:59.896524Z |
| osv-2021-525 | Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char> | 2021-03-16T00:00:19.176877Z | 2026-04-10T14:06:54.074771Z |
| osv-2021-972 | UNKNOWN READ in void mc_chroma<unsigned short> | 2021-07-13T00:00:16.631711Z | 2026-04-10T14:06:51.235370Z |
| osv-2021-948 | Use-of-uninitialized-value in residual_coding | 2021-07-10T00:01:12.890029Z | 2026-04-10T14:06:45.638294Z |
| osv-2021-735 | Use-of-uninitialized-value in decode_CABAC_FL_bypass | 2021-05-08T00:00:14.355747Z | 2026-04-10T14:06:44.826192Z |
| osv-2021-586 | Use-of-uninitialized-value in void intra_prediction_angular<unsigned short> | 2021-03-31T00:01:03.787831Z | 2026-04-10T14:06:19.649878Z |
| osv-2020-868 | Use-of-uninitialized-value in fetchARGB32ToRGBA64PM_avx2 | 2020-07-14T22:13:50.828646Z | 2026-04-10T14:06:12.468231Z |
| osv-2022-1198 | Heap-buffer-overflow in dwg_json_LTYPE | 2022-11-23T13:02:06.623044Z | 2026-04-10T14:05:46.801956Z |
| osv-2022-842 | Stack-buffer-overflow in wc_Shake256_Final | 2022-09-05T00:00:28.251072Z | 2026-04-09T14:36:35.503150Z |
| osv-2023-107 | Heap-buffer-overflow in DecodeBasicOcspResponse | 2023-02-25T13:00:07.390537Z | 2026-04-09T14:34:49.566404Z |
| osv-2024-269 | Security exception in java.base/java.util.stream.AbstractPipeline.evaluate | 2024-04-18T00:04:02.456948Z | 2026-04-09T14:31:24.951720Z |
| osv-2022-312 | Heap-buffer-overflow in dhcp_reply | 2022-04-07T00:00:40.457052Z | 2026-04-07T14:18:25.731015Z |
| osv-2021-1135 | Heap-use-after-free in prvTidyInsertedToken | 2021-08-16T00:01:09.422775Z | 2026-04-05T14:14:03.564509Z |
| osv-2026-532 | Heap-buffer-overflow in regsub | 2026-04-05T00:06:36.291055Z | 2026-04-05T00:06:36.291504Z |
| osv-2022-394 | Incorrect-function-pointer-type in cv::split | 2022-05-04T00:00:27.326853Z | 2026-04-04T14:23:39.520277Z |
| osv-2024-451 | Use-of-uninitialized-value in XpackDynamicTable::_make_space | 2024-05-08T00:14:48.544622Z | 2026-04-03T14:17:40.819969Z |
| osv-2026-518 | Use-of-uninitialized-value in ne_read_block | 2026-04-03T00:21:06.950773Z | 2026-04-03T00:21:06.951035Z |
| osv-2026-514 | Heap-buffer-overflow in format_expand1 | 2026-04-03T00:09:42.155641Z | 2026-04-03T00:09:42.155954Z |
| osv-2026-512 | Heap-buffer-overflow in g_utf8_get_char | 2026-04-03T00:07:59.707776Z | 2026-04-03T00:07:59.708039Z |
| osv-2026-504 | Heap-use-after-free in ObjectStream::getObject | 2026-04-02T00:16:28.228723Z | 2026-04-02T00:16:28.229037Z |
| osv-2022-937 | Use-after-poison in rx_ip | 2022-09-23T00:02:21.434097Z | 2026-04-01T14:27:42.367988Z |
| osv-2022-1201 | Stack-buffer-overflow in msc_zero_object | 2022-11-24T13:00:10.344351Z | 2026-03-31T14:04:55.969741Z |
| osv-2022-1188 | Stack-buffer-overflow in authentic_get_tagged_data | 2022-11-20T13:01:57.719130Z | 2026-03-31T14:04:55.181202Z |
| osv-2023-395 | Stack-buffer-overflow in sc_path_print | 2023-05-14T14:00:57.078498Z | 2026-03-31T14:04:53.759303Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2025-0157 | `statsrelay-protobuf` was removed from crates.io for malicious code | 2025-08-26T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0156 | `tree-sitter-pkl` was removed from crates.io for malicious code | 2025-03-10T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2026-0077 | Incorrect Check of Signer Response Norm During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0076 | Panic in Signature Hint Decoding During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0075 | All-Zero Key Generation on Catastrophic RNG Failure | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0074 | Incorrect Output of Incremental Portable SHAKE API | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0073 | Panic in Standalone MAC Operations | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2025-0155 | `rands` was removed from crates.io for malicious code | 2025-02-10T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0124 | `bit-flags` was removed from crates.io for malicious code | 2023-12-22T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0123 | `hann-rs-service` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0122 | `winx-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0121 | `libusb1-main` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0120 | `windows-service-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0119 | `openvpn-plugin-rs` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0118 | `win_run_rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0117 | `tauri-winrt-notifications` was removed from crates.io for malicious code | 2023-11-20T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0116 | `registry-win` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0115 | `acceptxmr-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0114 | `tiny-server` was removed from crates.io for malicious code | 2023-11-06T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0113 | `win-base64-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0112 | `monero-rpc-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0111 | `monero-api` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0110 | `postgresderive` was removed from crates.io for malicious code | 2023-08-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0109 | `win-crypto` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0108 | `tauri-win-rt-notification` was removed from crates.io for malicious code | 2023-11-20T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0107 | `lasso-rs` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0106 | `lfest-main` was removed from crates.io for malicious code | 2023-11-15T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0105 | `windowsservice` was removed from crates.io for malicious code | 2023-11-18T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2023-0104 | `littest` was removed from crates.io for malicious code | 2023-11-06T12:00:00Z | 2026-03-26T06:26:31Z |
| rustsec-2025-0154 | `replit_ruspty` was removed from crates.io for malicious code | 2025-11-04T12:00:00Z | 2026-03-25T08:37:19Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-gitlab-2026-1752 | Incorrect Authorization in GitLab | 2026-04-17T00:08:45.124Z | 2026-04-17T00:10:47.507Z |
| bit-gitlab-2026-1092 | Improper Validation of Specified Quantity in Input in GitLab | 2026-04-17T00:08:11.375Z | 2026-04-17T00:10:47.507Z |
| bit-elk-2026-33458 | Server-Side Request Forgery (SSRF) in Kibana One Workflow Leading to Information Disclosure | 2026-04-13T05:38:33.681Z | 2026-04-17T00:10:47.507Z |
| bit-drupal-2020-11022 | jQuery has a potential XSS vulnerability | 2024-03-06T10:59:15.938Z | 2026-04-17T00:10:47.507Z |
| bit-dotnet-2026-25667 | 2026-04-16T23:38:58.356Z | 2026-04-17T00:10:47.507Z | |
| bit-django-2026-4292 | Privilege abuse in ModelAdmin.list_editable | 2026-04-16T23:38:51.369Z | 2026-04-17T00:10:47.507Z |
| bit-django-2026-4277 | Privilege abuse in GenericInlineModelAdmin | 2026-04-16T23:38:49.720Z | 2026-04-17T00:10:47.507Z |
| bit-django-2026-3902 | ASGI header spoofing via underscore/hyphen conflation | 2026-04-16T23:38:48.155Z | 2026-04-17T00:10:47.507Z |
| bit-django-2026-33034 | Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass | 2026-04-16T23:38:46.634Z | 2026-04-17T00:10:47.507Z |
| bit-django-2026-33033 | Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload | 2026-04-16T23:38:44.975Z | 2026-04-17T00:10:47.507Z |
| bit-cosign-2026-39395 | Cosign's verify-blob-attestation reports false positive when payload parsing fails | 2026-04-09T08:37:13.235Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2026-25922 | authentik has a Signature Verification Bypass via SAML Assertion Wrapping | 2026-04-16T23:36:35.408Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2026-25748 | authentik has a forward authentication bypass with broken cookie | 2026-04-16T23:36:33.948Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2026-25227 | authentik affected by Remote Code Execution via Context Key Injection in PropertyMapping Test Endpoint | 2026-04-16T23:36:32.477Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2025-64708 | authentik invitation expiry is delayed by at least 5 minutes | 2026-04-16T23:36:31.140Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2025-64521 | authentik deactivated service accounts can authenticate to OAuth | 2026-04-16T23:36:29.712Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2025-53942 | authentik has an insufficient check for account active status during OAuth/SAML authentication | 2026-04-16T23:36:28.200Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2025-52553 | authentik has Insufficient Session verification for Remote Access Control endpoint access | 2026-04-16T23:36:26.917Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2025-29928 | authentik's deletion of sessions did not revoke sessions when using database session storage | 2026-04-16T23:36:25.530Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-52307 | authentik allows a timing attack due to missing constant time comparison for metrics view | 2026-04-16T23:36:24.031Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-52289 | authentik has an insecure default configuration for OAuth2 Redirect URIs | 2026-04-16T23:36:22.514Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-52287 | authentik performs insufficient validation of OAuth scopes | 2026-04-16T23:36:20.916Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-47077 | authentik cross-provider token validation problems | 2026-04-16T23:36:19.464Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-47070 | authentik vulnerable to password authentication bypass via X-Forwarded-For HTTP header | 2026-04-16T23:36:17.967Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-42490 | authentik has Insufficient Authorization for several API endpoints | 2026-04-16T23:36:16.647Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-38371 | Insufficient access control for OAuth2 Device Code flow in authentik | 2026-04-16T23:36:15.228Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-37905 | Improper Access Control and Incorrect Authorization in github.com/goauthentik/authentik | 2026-04-16T23:36:13.946Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-23647 | PKCE downgrade attack in Authentik | 2026-04-16T23:36:12.438Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-21637 | XSS in Authentik via JavaScript-URI as Redirect URI and form_post Response Mode | 2026-04-16T23:36:10.878Z | 2026-04-17T00:10:47.507Z |
| bit-authentik-2024-11623 | Stored XSS in authentik | 2026-04-16T23:36:09.282Z | 2026-04-17T00:10:47.507Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-in87004 | In libexpat before 2 | 2026-04-10T00:52:28.484967Z | 2026-04-09T11:45:48Z |
| cleanstart-2026-ag20129 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-10T00:51:29.221302Z | 2026-04-09T11:45:48Z |
| cleanstart-2026-mu81308 | gRPC-Go is the Go language implementation of gRPC | 2026-04-10T00:56:28.601214Z | 2026-04-09T11:29:32Z |
| cleanstart-2026-nx54250 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-10T01:03:29.003448Z | 2026-04-09T09:59:33Z |
| cleanstart-2026-ac01087 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-10T01:03:59.042951Z | 2026-04-09T09:55:12Z |
| cleanstart-2026-nz97711 | gRPC-Go is the Go language implementation of gRPC | 2026-04-10T01:00:58.666965Z | 2026-04-09T09:33:10Z |
| cleanstart-2026-hm40094 | filippo | 2026-04-10T01:03:28.912174Z | 2026-04-09T09:27:45Z |
| cleanstart-2026-dm93480 | During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions | 2026-04-10T01:06:00.088585Z | 2026-04-09T09:11:04Z |
| cleanstart-2026-kl76732 | attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing | 2026-04-10T01:03:58.949308Z | 2026-04-09T09:05:28Z |
| cleanstart-2026-dp55969 | Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16 | 2026-04-10T01:04:00.139766Z | 2026-04-09T09:00:58Z |
| cleanstart-2026-aa51484 | Security fixes for ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-fghv-69vj-qj49, ghsa-prj3-ccx8-p6x4, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16 | 2026-04-10T01:04:01.115500Z | 2026-04-09T08:58:26Z |
| cleanstart-2026-jm69747 | Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 25.10.0-r1 | 2026-04-10T01:04:01.248430Z | 2026-04-09T08:55:52Z |
| cleanstart-2026-av56399 | Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 25.10.0-r1 | 2026-04-10T01:04:01.910374Z | 2026-04-09T08:54:48Z |
| cleanstart-2026-oc72960 | attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing | 2026-04-10T01:04:28.955253Z | 2026-04-09T08:54:07Z |
| cleanstart-2026-iw23933 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:42:07.594705Z | 2026-04-08T10:12:34Z |
| cleanstart-2026-hz73294 | Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service | 2026-04-09T00:45:08.400884Z | 2026-04-08T10:12:22Z |
| cleanstart-2026-fz55932 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-04-09T00:41:07.286953Z | 2026-04-08T10:10:33Z |
| cleanstart-2026-ku98579 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:42:07.643397Z | 2026-04-08T10:07:21Z |
| cleanstart-2026-ly88807 | Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\ProgramData\\\\\\\\Docker\\\\\\\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:43:37.430373Z | 2026-04-08T10:02:31Z |
| cleanstart-2026-nv37937 | Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\ProgramData\\\\\\\\Docker\\\\\\\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:44:07.747698Z | 2026-04-08T09:58:55Z |
| cleanstart-2026-bd18029 | Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\ProgramData\\\\\\\\Docker\\\\\\\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:45:07.480117Z | 2026-04-08T09:49:10Z |
| cleanstart-2026-mo53190 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:49:37.904336Z | 2026-04-08T09:47:14Z |
| cleanstart-2026-co68219 | Docker CLI for Windows searches for plugin binaries in C:\\\\\\\\ProgramData\\\\\\\\Docker\\\\\\\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:47:37.444297Z | 2026-04-08T09:44:10Z |
| cleanstart-2026-by59711 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:47:37.687304Z | 2026-04-08T09:36:51Z |
| cleanstart-2026-mi26424 | net/url package does not set a limit on the number of query parameters in a query | 2026-04-09T00:48:07.244191Z | 2026-04-08T09:30:12Z |
| cleanstart-2026-iw08736 | Uncontrolled Recursion vulnerability in Apache Commons Lang | 2026-04-09T00:53:08.467045Z | 2026-04-08T09:19:34Z |
| cleanstart-2026-bg72514 | Uncontrolled Recursion vulnerability in Apache Commons Lang | 2026-04-09T00:49:38.775284Z | 2026-04-08T09:13:42Z |
| cleanstart-2026-oq84658 | Netty is an asynchronous, event-driven network application framework | 2026-04-09T00:52:07.697782Z | 2026-04-08T08:14:27Z |
| cleanstart-2026-cq39708 | Netty is an asynchronous, event-driven network application framework | 2026-04-09T00:53:38.262441Z | 2026-04-08T08:11:56Z |
| cleanstart-2026-ge08280 | Ruby JSON is a JSON implementation for Ruby | 2026-04-09T01:01:38.909372Z | 2026-04-08T08:04:46Z |
| ID | Description | Updated |
|---|---|---|
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ts-2022-005 | TS-2022-005 | 2022-11-21T00:00 |
| ts-2022-004 | TS-2022-004 | 2022-11-21T00:00 |
| ts-2022-003 | TS-2022-003 | 2022-06-14T00:00 |
| ts-2022-002 | TS-2022-002 | 2022-05-11T00:00 |
| ts-2022-001 | TS-2022-001 | 2022-02-07T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| CERTFR-2025-ALE-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| CERTFR-2025-ALE-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| CERTFR-2024-ALE-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| CERTFR-2024-ALE-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| CERTFR-2024-ALE-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-ALE-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-ALE-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| CERTFR-2024-ALE-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| CERTFR-2024-ALE-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways | 2024-01-11T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-ALE-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-ALE-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0427 | Multiples vulnérabilités dans Microsoft Edge | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0426 | Multiples vulnérabilités dans Python | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0425 | Vulnérabilité dans Foxit PDF Services API | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0424 | Multiples vulnérabilités dans les produits IBM | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0423 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0422 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0421 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0420 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0419 | Multiples vulnérabilités dans Mattermost Desktop App | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0418 | Multiples vulnérabilités dans Apache Tomcat | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0417 | Vulnérabilité dans Spring Cloud Gateway | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0416 | Vulnérabilité dans les produits Juniper Networks | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0415 | Multiples vulnérabilités dans Tenable Security Center | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0414 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0413 | Multiples vulnérabilités dans les produits Elastic | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0412 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0411 | Multiples vulnérabilités dans Mitel MiCollab | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0410 | Multiples vulnérabilités dans GitLab | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0409 | Multiples vulnérabilités dans Sonicwall Secure Mobile Access | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0408 | Multiples vulnérabilités dans les produits Juniper Networks | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0407 | Multiples vulnérabilités dans Google Chrome | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0406 | Multiples vulnérabilités dans les produits Microsoft | 2026-04-08T00:00:00.000000 | 2026-04-08T00:00:00.000000 |
| certfr-2026-avi-0405 | Vulnérabilité dans les produits Moxa | 2026-04-08T00:00:00.000000 | 2026-04-08T00:00:00.000000 |
| certfr-2026-avi-0404 | Multiples vulnérabilités dans les produits Mozilla | 2026-04-08T00:00:00.000000 | 2026-04-08T00:00:00.000000 |
| certfr-2026-avi-0403 | Multiples vulnérabilités dans OpenSSL | 2026-04-08T00:00:00.000000 | 2026-04-08T00:00:00.000000 |
| certfr-2026-avi-0402 | Vulnérabilité dans HPE Aruba Networking Private 5G Core | 2026-04-08T00:00:00.000000 | 2026-04-08T00:00:00.000000 |
| certfr-2026-avi-0373 | Vulnérabilité dans Roundcube | 2026-03-30T00:00:00.000000 | 2026-04-08T00:00:00.000000 |
| certfr-2026-avi-0401 | Multiples vulnérabilités dans GLPI | 2026-04-07T00:00:00.000000 | 2026-04-07T00:00:00.000000 |
| certfr-2026-avi-0400 | Vulnérabilité dans Fortinet FortiClientEMS | 2026-04-07T00:00:00.000000 | 2026-04-07T00:00:00.000000 |
| certfr-2026-avi-0399 | Multiples vulnérabilités dans Google Android | 2026-04-07T00:00:00.000000 | 2026-04-07T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-007524 | Vulnerability in Hitachi Command Suite | 2026-03-17T16:42+09:00 | 2026-03-17T16:42+09:00 |
| jvndb-2026-000038 | Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries | 2026-03-17T14:57+09:00 | 2026-03-17T14:57+09:00 |
| jvndb-2026-000039 | Missing authorization in the OpenAI thread/message API endpoints of GROWI | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-000037 | OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-006887 | Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 | 2026-03-12T17:22+09:00 | 2026-03-12T17:22+09:00 |
| jvndb-2026-000036 | Improper file access permission settings in multiple Digital Arts products | 2026-03-09T14:57+09:00 | 2026-03-09T16:23+09:00 |
| jvndb-2026-000035 | Installer for Qsee Client may insecurely load Dynamic Link Libraries | 2026-03-09T14:57+09:00 | 2026-03-09T14:57+09:00 |
| jvndb-2026-006102 | Security issues in ESC/POS | 2026-03-06T10:31+09:00 | 2026-03-06T10:31+09:00 |
| jvndb-2026-000034 | django-allauth vulnerable to open redirect | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000033 | EC-CUBE vulnerable to multi-factor authentication bypass | 2026-03-05T12:36+09:00 | 2026-03-05T12:36+09:00 |
| jvndb-2026-000032 | Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) | 2026-03-04T12:20+09:00 | 2026-03-04T12:20+09:00 |
| jvndb-2026-005746 | Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) | 2026-03-04T10:40+09:00 | 2026-03-04T10:40+09:00 |
| jvndb-2026-005744 | Canon IJ Scan Utility registers Windows services with unquoted file paths | 2026-03-04T10:40+09:00 | 2026-03-04T10:40+09:00 |
| jvndb-2026-000030 | IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization | 2026-02-27T15:41+09:00 | 2026-03-03T10:06+09:00 |
| jvndb-2026-005259 | Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) | 2026-03-02T11:46+09:00 | 2026-03-02T11:46+09:00 |
| jvndb-2026-000031 | Improper file access permission settings in the installers for multiple Soliton Systems products | 2026-02-27T15:41+09:00 | 2026-02-27T15:41+09:00 |
| jvndb-2026-000029 | Multiple vulnerabilities in the installer of FinalCode Client | 2026-02-26T14:24+09:00 | 2026-02-26T14:24+09:00 |
| jvndb-2026-004811 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-004810 | Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager | 2026-02-26T11:02+09:00 | 2026-02-26T11:02+09:00 |
| jvndb-2026-000026 | Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal | 2026-02-25T15:14+09:00 | 2026-02-25T15:14+09:00 |
| jvndb-2026-004359 | Security information for Hitachi Disk Array Systems | 2026-02-20T18:35+09:00 | 2026-02-20T18:35+09:00 |
| jvndb-2026-000027 | WordPress Plugin "Survey Maker" vulnerable to cross-site scripting | 2026-02-20T12:32+09:00 | 2026-02-20T12:32+09:00 |
| jvndb-2026-000028 | Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries | 2026-02-20T12:31+09:00 | 2026-02-20T12:31+09:00 |
| jvndb-2026-003912 | Vulnerability in Cosminexus HTTP Server and Hitachi Web Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003911 | Vulnerability in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003910 | Multiple Vulnerabilities in Cosminexus HTTP Server | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003909 | Multiple Vulnerabilities in Hitachi Command Suite products | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003908 | Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003907 | Multiple Vulnerabilities in JP1 | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| jvndb-2026-003906 | Multiple Vulnerabilities in Cosminexus | 2026-02-17T20:46+09:00 | 2026-02-17T20:46+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-16049 | OpenClaw存在未明漏洞(CNVD-2026-16049) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16048 | OpenClaw存在未明漏洞(CNVD-2026-16048) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16047 | OpenClaw代码执行漏洞(CNVD-2026-16047) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16046 | OpenClaw命令执行漏洞(CNVD-2026-16046) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16045 | OpenClaw安全绕过漏洞(CNVD-2026-16045) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16044 | OpenClaw操作系统命令注入漏洞(CNVD-2026-16044) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16043 | OpenClaw操作系统命令注入漏洞(CNVD-2026-16043) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16042 | OpenClaw路径遍历漏洞(CNVD-2026-16042) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16041 | OpenClaw访问控制错误漏洞(CNVD-2026-16041) | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16040 | OpenClaw路径遍历漏洞(CNVD-2026-16040) | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16039 | WordPress插件Addon Jobsearch Chat跨站脚本漏洞 | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16038 | Linux kernel内存错误引用漏洞(CNVD-2026-16038) | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16037 | FreeBSD缓冲区溢出漏洞(CNVD-2026-16037) | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16036 | Linux kernel双重释放漏洞(CNVD-2026-16036) | 2026-04-02 | 2026-04-03 |
| cnvd-2026-16035 | FreeRDP拒绝服务漏洞(CNVD-2026-16035) | 2026-04-02 | 2026-04-03 |
| cnvd-2026-16034 | FreeRDP越界读取漏洞(CNVD-2026-16034) | 2026-04-02 | 2026-04-03 |
| cnvd-2026-16033 | FreeRDP堆缓冲区溢出漏洞(CNVD-2026-16033) | 2026-04-02 | 2026-04-03 |
| cnvd-2026-16032 | FreeRDP双重释放漏洞(CNVD-2026-16032) | 2026-04-02 | 2026-04-03 |
| cnvd-2026-16031 | OpenBao授权问题漏洞 | 2026-04-02 | 2026-04-03 |
| cnvd-2026-15865 | Delta Electronics COMMGR2堆栈缓冲区溢出漏洞 | 2026-03-16 | 2026-04-02 |
| cnvd-2026-15864 | Delta Electronics COMMGR2拒绝服务漏洞 | 2026-03-16 | 2026-04-02 |
| cnvd-2026-15863 | Advantech WISE-6610操作系统命令注入漏洞 | 2026-02-25 | 2026-04-02 |
| cnvd-2026-15862 | ZTE ZXCDN Struts远程代码执行漏洞 | 2025-10-17 | 2026-04-02 |
| cnvd-2026-15861 | ZTE ElasticNet UME R32 on Linux权限管理不当漏洞 | 2025-11-28 | 2026-04-02 |
| cnvd-2026-15860 | Canva Affinity越界读取漏洞(CNVD-2026-15860) | 2026-03-26 | 2026-04-02 |
| cnvd-2026-15859 | Canva Affinity越界读取漏洞(CNVD-2026-15859) | 2026-03-26 | 2026-04-02 |
| cnvd-2026-15858 | Canva Affinity越界读取漏洞(CNVD-2026-15858) | 2026-03-26 | 2026-04-02 |
| cnvd-2026-15857 | Canva Affinity类型混淆漏洞 | 2026-03-26 | 2026-04-02 |
| cnvd-2026-15856 | Canva Affinity越界读取漏洞(CNVD-2026-15856) | 2026-03-26 | 2026-04-02 |
| cnvd-2026-15855 | Canva Affinity越界读取漏洞(CNVD-2026-15855) | 2026-03-26 | 2026-04-02 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01814 | Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01813 | Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01812 | Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01811 | Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01810 | Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01809 | Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01808 | Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01807 | Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01806 | Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01805 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01804 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01803 | Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01802 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01801 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01800 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01799 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01798 | Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01797 | Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01796 | Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01795 | Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01794 | Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01792 | Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… | 13.02.2026 | 16.02.2026 |
| bdu:2026-01727 | Уязвимость функции оценки избирательности расширения Intarray системы управления базами д… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01726 | Уязвимость функции обработки типов данных oidvector системы управления базами данных Post… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01724 | Уязвимость компонента pg_trgm системы управления базами данных PostgreSQL, позволяющая на… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01723 | Уязвимость системы управления базами данных PostgreSQL, связанная с неверным индексирован… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01722 | Уязвимость компонента pgcrypto системы управления базами данных PostgreSQL, позволяющая н… | 11.02.2026 | 16.02.2026 |
| bdu:2026-01017 | Уязвимость ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код | 30.01.2026 | 16.02.2026 |
| bdu:2025-15831 | Уязвимость программного обеспечения для настройки безопасности astra-safepolicy, связанна… | 15.12.2025 | 16.02.2026 |
| bdu:2025-15830 | Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… | 15.12.2025 | 16.02.2026 |
| ID | Description | Updated |
|---|---|---|
| var-202001-0832 | A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… | 2024-07-23T22:37:43.319000Z |
| var-201208-0222 | Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… | 2024-07-23T22:37:43.393000Z |
| var-202108-1148 | An access issue was addressed with improved access restrictions. This issue is fixed in m… | 2024-07-23T22:36:01.656000Z |
| var-200202-0006 | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… | 2024-07-23T22:34:48.127000Z |
| var-202007-0395 | Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities … | 2024-07-23T22:33:57.481000Z |
| var-201805-1147 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… | 2024-07-23T22:32:10.966000Z |
| var-201902-0647 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening … | 2024-07-23T22:32:09.990000Z |
| var-201908-0863 | Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… | 2024-07-23T22:30:33.144000Z |
| var-201912-0120 | A memory corruption issue was addressed with improved validation. This issue is fixed in … | 2024-07-23T22:30:32.761000Z |
| var-201912-0114 | A memory corruption issue was addressed with improved validation. This issue is fixed in … | 2024-07-23T22:30:32.792000Z |
| var-202305-1589 | D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulne… | 2024-07-23T22:30:26.856000Z |
| var-202407-0235 | Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… | 2024-07-23T22:30:24.825000Z |
| var-202407-0234 | Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … | 2024-07-23T22:30:24.699000Z |
| var-202407-0233 | Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … | 2024-07-23T22:30:24.731000Z |
| var-202407-0232 | Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… | 2024-07-23T22:30:24.657000Z |
| var-201112-0097 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… | 2024-07-23T22:29:05.132000Z |
| var-201801-0152 | An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri… | 2024-07-23T22:28:30.754000Z |
| var-201801-0151 | A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior … | 2024-07-23T22:28:30.640000Z |
| var-201807-0341 | ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… | 2024-07-23T22:28:27.949000Z |
| var-201806-1058 | Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… | 2024-07-23T22:28:27.641000Z |
| var-201906-1029 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… | 2024-07-23T22:28:26.009000Z |
| var-202004-0077 | There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc… | 2024-07-23T22:28:24.545000Z |
| var-202206-2050 | The affected product is vulnerable to multiple SQL injections, which may allow an unautho… | 2024-07-23T22:27:49.515000Z |
| var-202305-1981 | D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution V… | 2024-07-23T22:27:44.287000Z |
| var-202305-0214 | D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerabilit… | 2024-07-23T22:27:44.496000Z |
| var-202305-0130 | D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vul… | 2024-07-23T22:27:44.522000Z |
| var-202407-0441 | A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC R… | 2024-07-23T22:27:41.577000Z |
| var-201105-0156 | Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 30… | 2024-07-23T22:25:52.955000Z |
| var-201402-0028 | The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… | 2024-07-23T22:25:48.624000Z |
| var-201402-0027 | The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… | 2024-07-23T22:25:48.742000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-046 | PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware | 2022-11-10T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-026 | PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool | 2022-06-21T05:16:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-025 | PHOENIX CONTACT: Vulnerability in classic line industrial controllers | 2022-06-21T05:15:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-014 | PHOENIX CONTACT: mGuard Device Manager affected by HTTP Request Smuggling of Apache Webserver | 2022-04-12T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-010 | PHOENIX CONTACT: Multiple Linux component vulnerabilities fixed in latest AXC F x152 LTS release | 2022-04-12T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-007 | PHOENIX CONTACT: Path Traversal in Library of PLCnext Technology Toolchain and FL Network Manager | 2022-03-22T07:43:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-005 | PHOENIX CONTACT: Vulnerabilities in XML parser library Expat (libexpat) | 2022-03-30T07:30:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-059 | PHOENIX CONTACT: BLUEMARK X1 / LED / CLED printers utilizing the Siemens Nucleus RTOS TCP/IP Stack | 2022-01-11T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-056 | WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 and WebVisualisation | 2021-11-16T14:11:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-052 | PHOENIX CONTACT: PC Worx/-Express prone to improper input validation vulnerability | 2021-11-03T09:45:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-035 | PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management | 2021-08-11T07:59:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-032 | PHOENIX CONTACT: Niche Ethernet Stack for ILC1x0, ILC1x1 and AXC 1050 Industrial controllers and CHARX control DC | 2021-08-04T07:57:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-026 | PHOENIX CONTACT: Denial-of-Service vulnerabilty in Emalytics, ILC 2050 BI and ILC 2050 BI-L | 2020-08-20T07:11:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-012 | PHOENIX CONTACT: Local Privilege Escalation in PC WORX SRT | 2020-03-27T09:47:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-001 | PHOENIX CONTACT: Emalytics Controller ILC 2050 BI(L) allows unauthorised read and write access to the configuration file | 2020-02-17T08:10:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-020 | PHOENIX CONTACT: improper access control exists on FL NAT devices when using MAC-based port security | 2019-10-29T10:56:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-009 | PHOENIX CONTACT: Multiple Vulnerabilities in AXC F 2152 | 2019-06-04T10:22:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2018-007 | Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series - Stack-based Buffer Overflow in shared object file | 2018-05-16T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2017-002 | PHOENIX CONTACT: mGuard device manager (mdm) multiple vulnerabilities in Java SE | 2017-09-07T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2017-001 | PHOENIX CONTACT: mGuard IKE daemon remote denial of service | 2017-03-07T11:05:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-003 | PHOENIX CONTACT: Multiple vulnerabilities in ENERGY AXC PU | 2023-03-14T09:14:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-058 | PHOENIX CONTACT: Profinet SDK libexpat vulnerabilities | 2022-12-13T07:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-053 | PHOENIX CONTACT: Advisory for TC ROUTER and CLOUD CLIENT | 2023-03-07T07:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-048 | PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities | 2022-11-15T09:25:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-028 | PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool | 2022-06-21T05:18:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-013 | PHOENIX CONTACT: Multiple products affected by possible infinite loop within OpenSSL library | 2022-04-12T06:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2019-001 | PHOENIX CONTACT: Multiple Vulnerabilities in FL SWITCH 3xxx, 4xxx and 48xx | 2019-01-23T12:02:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2018-006 | Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 has a Stack-based Buffer Overflow | 2018-05-16T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2025-005 | Phoenix Contact: Security Advisory for ESL Stick USB-A | 2025-01-14T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-070 | Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers | 2025-01-14T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2018-009 | Pepperl+Fuchs: Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices | 2018-07-06T14:47:00.000Z | 2018-10-23T10:00:00.000Z |
| vde-2017-005 | Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption | 2017-12-11T13:26:00.000Z | 2018-10-23T10:00:00.000Z |
| vde-2018-008 | Pepperl+Fuchs: Remote Code Execution Vulnerability in HMI Devices | 2018-07-06T13:37:00.000Z | 2018-07-06T13:37:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-036 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2021-06-29T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-044 | WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX | 2021-08-31T07:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-042 | WAGO: PLC families 750-88x and 750-352 prone to DoS attack, versions < FW10 (Update A) | 2020-10-27T10:28:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-029 | WAGO: XSS vulnerability in Web-UI in WAGO 750-88X and WAGO 750-89X | 2020-09-30T11:11:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-028 | WAGO: Authentication Bypass Vulnerability in WAGO 750-36X and WAGO 750-8XX Version <= FW03 | 2020-09-30T11:08:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-004 | WAGO: e!Cockpit cleartext communication and hardcoded key | 2020-03-09T09:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-038 | WAGO: OpenSSL DoS Vulnerability in PLCs | 2021-08-31T07:00:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2020-045 | WAGO: Command Injection Vulnerability in I/O-Check Service of multiple products | 2020-12-17T09:02:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2020-008 | WAGO: Cloud Connectivity Multiple Vulnerabilities | 2020-03-09T09:15:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2025-009 | WAGO: Vulnerabilities in CODESYS Control V3 - OPC UA Stack | 2025-02-04T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-043 | WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro | 2021-08-31T07:02:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-013 | WAGO: Multiple Vulnerabilities in the Web-Based Management Interface | 2021-05-05T08:54:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-032 | WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT | 2020-09-09T06:23:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-027 | WAGO: Vulnerability in web-based authentication in WAGO 750-8XX Version <= FW07 | 2020-09-30T11:06:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-020 | WAGO: PPPD in PFC100 and PFC200 Series is vulnerable to CVE-2020-8597 | 2020-06-10T10:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-006 | WAGO: Web-Based Management Authentication Vulnerabilities | 2020-03-09T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-017 | WAGO: Series PFC100/PFC200 Information Disclosure | 2019-09-18T11:25:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2023-046 | WAGO: Multiple products vulnerable to local file inclusion | 2023-10-23T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| vde-2025-007 | WAGO: Year 2038 problem | 2025-04-15T10:00:00.000Z | 2025-04-15T10:00:00.000Z |
| vde-2025-004 | Wago: Vulnerability in libwagosnmp | 2025-03-05T11:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-072 | WAGO: Vulnerabilities in CODESYS Control | 2024-12-03T11:00:00.000Z | 2024-12-03T11:00:00.000Z |
| vde-2023-042 | Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B) | 2023-09-25T10:00:00.000Z | 2024-11-20T11:00:00.000Z |
| vde-2023-006 | WAGO: Controller with CODESYS 2.3 Runtime Denial-of-Service | 2023-06-25T06:00:00.000Z | 2024-07-08T10:00:00.000Z |
| vde-2024-021 | WAGO: Vulnerability in WAGO Navigator | 2024-05-21T06:00:00.000Z | 2024-05-21T06:00:00.000Z |
| vde-2023-068 | WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime | 2024-05-21T06:00:00.000Z | 2024-05-21T06:00:00.000Z |
| vde-2023-039 | Wago: Multiple vulnerabilities in web-based management of multiple products | 2024-03-13T08:30:00.000Z | 2024-03-13T08:30:00.000Z |
| vde-2024-007 | WAGO: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products | 2024-01-22T07:00:00.000Z | 2024-01-22T07:00:00.000Z |
| vde-2023-045 | Wago: Vulnerability in Smart Designer Web-Application | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-044 | Wago: Vulnerabilities in IEC61850 Server / Telecontrol | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-037 | WAGO: Remote Code execution vulnerability in managed Switches | 2023-11-21T07:00:00.000Z | 2023-11-21T07:00:00.000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2025-0037 |
7 (4.0)
|
Reflected XSS in MISP Dashboard Widgets via Unescaped … |
misp |
misp |
2025-12-10T14:01:03.200804Z | 2025-12-10T14:01:03.200804Z |
| GCVE-1-2025-0036 |
8.3 (4.0)
|
A reflected cross-site scripting (XSS) vulnerability w… |
misp |
misp |
2025-12-10T13:46:07.170083Z | 2025-12-10T13:46:07.170083Z |
| GCVE-1-2025-0035 |
8.3 (4.0)
|
Insufficient sanitization of bundle metadata (availabl… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:25:00.000Z | 2025-12-08T12:14:06.307298Z |
| GCVE-1-2025-0034 |
7 (4.0)
|
Missing CSRF protection on state-changing endpoints in… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:19:00.000Z | 2025-12-08T12:13:24.197294Z |
| GCVE-1-2025-0033 |
8.1 (4.0)
|
Vulnerability-lookup did not track or limit failed One… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:11:00.000Z | 2025-12-08T12:12:53.235996Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox device… |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0030 |
6.2 (4.0)
|
A cross-site scripting (XSS) vulnerability in the MISP… |
misp |
misp |
2025-12-03T10:53:00.000Z | 2025-12-03T10:58:55.845341Z |
| GCVE-1-2025-0019 |
4 (4.0)
|
Path traversal vulnerability in EventReport for site-admin |
misp |
misp |
2025-11-26T14:47:00.000Z | 2025-11-28T07:27:42.721350Z |
| GCVE-1-2025-0017 |
9.4 (4.0)
|
Privilege escalation in Cerebrate allows an authentica… |
cerebrate |
cerebrate |
2025-11-12T08:15:00.000Z | 2025-11-28T07:22:08.205835Z |
| GCVE-1-2025-0029 |
6.3 (4.0)
|
Reflected cross-site scripting (XSS) vulnerabilities i… |
misp |
misp |
2025-11-27T12:41:00.000Z | 2025-11-27T12:48:51.085860Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |
| GCVE-1-2025-0028 |
8.5 (4.0)
|
Information leakage vulnerability in the MISP Feed con… |
misp |
misp |
2025-11-27T07:23:00.000Z | 2025-12-02T08:51:35.429494Z |
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |
| GCVE-1-2025-0025 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:27:00.000Z | 2025-12-02T08:50:18.897756Z |
| GCVE-1-2025-0024 |
9.4 (4.0)
|
cross-site scripting (XSS) vulnerability in the MISP s… |
misp |
misp |
2025-11-26T16:14:00.000Z | 2025-12-02T08:50:01.482327Z |
| GCVE-1-2025-0023 |
9.4 (4.0)
|
XSS in MISP server comparison tool |
misp |
misp |
2025-11-26T16:10:00.000Z | 2025-12-02T08:49:24.626168Z |
| GCVE-1-2025-0022 |
9.4 (4.0)
|
Clarified setting's impact on download_attachments_on_load |
misp |
misp |
2025-11-26T16:04:00.000Z | 2025-12-02T08:49:04.510294Z |
| GCVE-1-2025-0021 |
9.4 (4.0)
|
XSS in MISP ReST client in HTML view |
misp |
misp |
2025-11-26T15:55:00.000Z | 2025-12-02T08:48:41.869838Z |
| GCVE-1-2025-0020 |
9.4 (4.0)
|
cross-site scripting (XSS) in Galaxy element JSON view |
misp |
misp |
2025-11-26T15:49:00.000Z | 2025-12-02T08:47:41.151429Z |
| GCVE-1-2025-0018 |
9.4 (4.0)
|
HTML injection issue was identified in Lookyloo’s web … |
lookyloo |
lookyloo |
2025-11-18T15:33:00.000Z | 2025-11-18T20:39:45.579295Z |
| GCVE-1-2025-0016 |
6 (4.0)
|
Local file inclusion in [ImportFromUrl() URL hand… |
misp |
misp |
2025-11-04T09:20:00.000Z | 2025-11-04T09:56:38.383646Z |
| GCVE-1-2025-0015 |
9 (4.0)
|
Potential XSS in decaying simulation tool |
misp |
misp |
2025-11-04T09:06:00.000Z | 2025-11-04T09:06:59.216121Z |
| GCVE-1-2025-0014 |
9.4 (4.0)
|
XSS in event report via Mermaid diagram |
misp |
misp |
2025-11-04T08:58:00.024516Z | 2025-11-04T08:58:00.024516Z |
| GCVE-1-2025-0013 |
9.4 (4.0)
|
Vulnerability in sharing group blueprints allowing sha… |
misp |
misp |
2025-11-04T08:49:21.558087Z | 2025-11-04T08:49:21.558087Z |
| GCVE-1-2025-0012 |
N/A
|
Potential vulnerability in file check upload but non-e… |
misp |
misp |
2025-11-04T07:20:00.000Z | 2025-11-28T07:16:21.589449Z |
| GCVE-1-2025-0011 |
9.4 (4.0)
|
Arbitrary file inclusion / deletion via import modules… |
misp |
misp |
2025-11-04T07:01:25.464225Z | 2025-11-04T07:01:25.464225Z |
| GCVE-1-2025-0010 |
6.3 (4.0)
|
Arbitrary file hash inclusion via templates accessible… |
misp |
misp |
2025-11-04T06:25:11.108987Z | 2025-11-04T06:25:11.108987Z |
| GCVE-1-2025-0009 |
6.4 (4.0)
|
A pre-auth user could self-assign a reporter without b… |
CIRCL |
vulnerability-lookup |
2025-10-13T09:20:24.800890Z | 2025-10-13T09:20:24.800890Z |