Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-1151 |
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
|
technical-laohu mpay User Center cross site scripting |
technical-laohu |
mpay |
2026-01-19T11:02:05.822Z | 2026-01-19T11:02:05.822Z |
| CVE-2026-1150 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Totolink LR350 POST Request cstecgi.cgi setTracerouteC… |
Totolink |
LR350 |
2026-01-19T10:32:07.749Z | 2026-01-19T10:32:07.749Z |
| CVE-2026-1149 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Totolink LR350 POST Request cstecgi.cgi setDiagnosisCf… |
Totolink |
LR350 |
2026-01-19T10:02:09.073Z | 2026-01-19T10:02:09.073Z |
| CVE-2026-1148 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-01-19T09:32:05.845Z | 2026-01-19T09:32:05.845Z |
| CVE-2026-1147 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-01-19T09:02:07.338Z | 2026-01-19T09:02:07.338Z |
| CVE-2025-59355 |
N/A
|
Apache Linkis: Password Exposure |
Apache Software Foundation |
Apache Linkis |
2026-01-19T08:37:24.364Z | 2026-01-19T09:12:28.261Z |
| CVE-2025-29847 |
N/A
|
Apache Linkis: Arbitrary File Read via Double URL Enco… |
Apache Software Foundation |
Apache Linkis |
2026-01-19T08:36:06.839Z | 2026-01-19T09:11:59.096Z |
| CVE-2026-1146 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-01-19T08:32:05.987Z | 2026-01-19T08:32:05.987Z |
| CVE-2026-1145 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs quickjs.c js_typed_array_constructo… |
quickjs-ng |
quickjs |
2026-01-19T08:02:08.519Z | 2026-01-19T08:02:08.519Z |
| CVE-2026-1144 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs Atomics Ops quickjs.c use after free |
quickjs-ng |
quickjs |
2026-01-19T07:32:10.363Z | 2026-01-19T07:32:10.363Z |
| CVE-2026-1143 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer… |
TOTOLINK |
A3700R |
2026-01-19T07:02:08.102Z | 2026-01-19T07:02:08.102Z |
| CVE-2026-1142 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
PHPGurukul News Portal cross-site request forgery |
PHPGurukul |
News Portal |
2026-01-19T06:32:07.733Z | 2026-01-19T06:32:07.733Z |
| CVE-2026-1141 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
PHPGurukul News Portal Add Sub-Admin add-subadmins.php… |
PHPGurukul |
News Portal |
2026-01-19T06:02:07.574Z | 2026-01-19T06:02:07.574Z |
| CVE-2026-1140 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W ConfigExceptAli strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T05:32:05.853Z | 2026-01-19T05:32:05.853Z |
| CVE-2026-1139 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W ConfigExceptMSN strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T05:02:06.639Z | 2026-01-19T05:02:06.639Z |
| CVE-2026-1138 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W ConfigExceptQQ strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T04:32:06.342Z | 2026-01-19T04:32:06.342Z |
| CVE-2026-1137 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W formWebAuthGlobalConfig strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T04:02:08.232Z | 2026-01-19T04:02:08.232Z |
| CVE-2026-1136 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
lcg0124 BootDo ContentController save cross site scripting |
lcg0124 |
BootDo |
2026-01-19T03:32:05.721Z | 2026-01-19T03:32:05.721Z |
| CVE-2026-1135 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
itsourcecode Society Management System activity.php cr… |
itsourcecode |
Society Management System |
2026-01-19T03:02:06.348Z | 2026-01-19T03:02:06.348Z |
| CVE-2026-0943 |
N/A
|
HarfBuzz::Shaper versions before 0.032 for Perl contai… |
JV |
HarfBuzz::Shaper |
2026-01-19T02:46:52.012Z | 2026-01-19T02:54:06.255Z |
| CVE-2026-1134 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
itsourcecode Society Management System expenses.php cr… |
itsourcecode |
Society Management System |
2026-01-19T02:32:06.648Z | 2026-01-19T02:32:06.648Z |
| CVE-2026-1133 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter folder.jsp sql injection |
Yonyou |
KSOA |
2026-01-19T02:02:06.448Z | 2026-01-19T02:02:06.448Z |
| CVE-2026-1132 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter edit_folder.jsp sql injection |
Yonyou |
KSOA |
2026-01-19T01:32:06.215Z | 2026-01-19T01:32:06.215Z |
| CVE-2026-1131 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql in… |
Yonyou |
KSOA |
2026-01-19T01:02:06.653Z | 2026-01-19T01:02:06.653Z |
| CVE-2026-1130 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter worksadd_plan.jsp sql i… |
Yonyou |
KSOA |
2026-01-19T00:32:06.597Z | 2026-01-19T00:32:06.597Z |
| CVE-2026-1129 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter worksadd.jsp sql injection |
Yonyou |
KSOA |
2026-01-19T00:02:05.784Z | 2026-01-19T00:02:05.784Z |
| CVE-2025-15539 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Open5GS sgwc s11-handler.c sgwc_s11_handle_downlink_da… |
n/a |
Open5GS |
2026-01-18T23:32:06.758Z | 2026-01-19T06:45:07.898Z |
| CVE-2026-23829 |
5.3 (3.1)
|
Mailpit has SMTP Header Injection via Regex Bypass |
axllent |
mailpit |
2026-01-18T23:23:04.176Z | 2026-01-18T23:23:04.176Z |
| CVE-2025-15538 |
4.8 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Open Asset Import Library Assimp LWOMaterial.cpp FindU… |
Open Asset Import Library |
Assimp |
2026-01-18T23:02:07.734Z | 2026-01-18T23:02:07.734Z |
| CVE-2026-23733 |
6.4 (3.1)
|
Lobe Chat has Cross-Site Scripting (XSS) issue that ma… |
lobehub |
lobe-chat |
2026-01-18T22:56:15.888Z | 2026-01-18T22:56:15.888Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-1151 |
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
|
technical-laohu mpay User Center cross site scripting |
technical-laohu |
mpay |
2026-01-19T11:02:05.822Z | 2026-01-19T11:02:05.822Z |
| CVE-2026-1150 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Totolink LR350 POST Request cstecgi.cgi setTracerouteC… |
Totolink |
LR350 |
2026-01-19T10:32:07.749Z | 2026-01-19T10:32:07.749Z |
| CVE-2026-1149 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
Totolink LR350 POST Request cstecgi.cgi setDiagnosisCf… |
Totolink |
LR350 |
2026-01-19T10:02:09.073Z | 2026-01-19T10:02:09.073Z |
| CVE-2026-1148 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-01-19T09:32:05.845Z | 2026-01-19T09:32:05.845Z |
| CVE-2026-1147 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-01-19T09:02:07.338Z | 2026-01-19T09:02:07.338Z |
| CVE-2026-1146 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
SourceCodester/Patrick Mvuma Patients Waiting Area Que… |
SourceCodester |
Patients Waiting Area Queue Management System |
2026-01-19T08:32:05.987Z | 2026-01-19T08:32:05.987Z |
| CVE-2026-1145 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs quickjs.c js_typed_array_constructo… |
quickjs-ng |
quickjs |
2026-01-19T08:02:08.519Z | 2026-01-19T08:02:08.519Z |
| CVE-2025-59355 |
N/A
|
Apache Linkis: Password Exposure |
Apache Software Foundation |
Apache Linkis |
2026-01-19T08:37:24.364Z | 2026-01-19T09:12:28.261Z |
| CVE-2025-29847 |
N/A
|
Apache Linkis: Arbitrary File Read via Double URL Enco… |
Apache Software Foundation |
Apache Linkis |
2026-01-19T08:36:06.839Z | 2026-01-19T09:11:59.096Z |
| CVE-2026-1144 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
quickjs-ng quickjs Atomics Ops quickjs.c use after free |
quickjs-ng |
quickjs |
2026-01-19T07:32:10.363Z | 2026-01-19T07:32:10.363Z |
| CVE-2026-1143 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer… |
TOTOLINK |
A3700R |
2026-01-19T07:02:08.102Z | 2026-01-19T07:02:08.102Z |
| CVE-2026-1142 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
PHPGurukul News Portal cross-site request forgery |
PHPGurukul |
News Portal |
2026-01-19T06:32:07.733Z | 2026-01-19T06:32:07.733Z |
| CVE-2026-1141 |
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
|
PHPGurukul News Portal Add Sub-Admin add-subadmins.php… |
PHPGurukul |
News Portal |
2026-01-19T06:02:07.574Z | 2026-01-19T06:02:07.574Z |
| CVE-2026-1140 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W ConfigExceptAli strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T05:32:05.853Z | 2026-01-19T05:32:05.853Z |
| CVE-2026-1139 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W ConfigExceptMSN strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T05:02:06.639Z | 2026-01-19T05:02:06.639Z |
| CVE-2026-1138 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W ConfigExceptQQ strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T04:32:06.342Z | 2026-01-19T04:32:06.342Z |
| CVE-2026-1137 |
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
|
UTT 进取 520W formWebAuthGlobalConfig strcpy buffer overflow |
UTT |
进取 520W |
2026-01-19T04:02:08.232Z | 2026-01-19T04:02:08.232Z |
| CVE-2026-1136 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
lcg0124 BootDo ContentController save cross site scripting |
lcg0124 |
BootDo |
2026-01-19T03:32:05.721Z | 2026-01-19T03:32:05.721Z |
| CVE-2026-1135 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
itsourcecode Society Management System activity.php cr… |
itsourcecode |
Society Management System |
2026-01-19T03:02:06.348Z | 2026-01-19T03:02:06.348Z |
| CVE-2026-1134 |
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
|
itsourcecode Society Management System expenses.php cr… |
itsourcecode |
Society Management System |
2026-01-19T02:32:06.648Z | 2026-01-19T02:32:06.648Z |
| CVE-2026-0943 |
N/A
|
HarfBuzz::Shaper versions before 0.032 for Perl contai… |
JV |
HarfBuzz::Shaper |
2026-01-19T02:46:52.012Z | 2026-01-19T02:54:06.255Z |
| CVE-2026-1133 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter folder.jsp sql injection |
Yonyou |
KSOA |
2026-01-19T02:02:06.448Z | 2026-01-19T02:02:06.448Z |
| CVE-2026-1132 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter edit_folder.jsp sql injection |
Yonyou |
KSOA |
2026-01-19T01:32:06.215Z | 2026-01-19T01:32:06.215Z |
| CVE-2026-1131 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter save_catalog.jsp sql in… |
Yonyou |
KSOA |
2026-01-19T01:02:06.653Z | 2026-01-19T01:02:06.653Z |
| CVE-2026-1130 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter worksadd_plan.jsp sql i… |
Yonyou |
KSOA |
2026-01-19T00:32:06.597Z | 2026-01-19T00:32:06.597Z |
| CVE-2026-1129 |
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
|
Yonyou KSOA HTTP GET Parameter worksadd.jsp sql injection |
Yonyou |
KSOA |
2026-01-19T00:02:05.784Z | 2026-01-19T00:02:05.784Z |
| CVE-2026-23829 |
5.3 (3.1)
|
Mailpit has SMTP Header Injection via Regex Bypass |
axllent |
mailpit |
2026-01-18T23:23:04.176Z | 2026-01-18T23:23:04.176Z |
| CVE-2025-15539 |
6.9 (4.0)
5.3 (3.1)
5.3 (3.0)
|
Open5GS sgwc s11-handler.c sgwc_s11_handle_downlink_da… |
n/a |
Open5GS |
2026-01-18T23:32:06.758Z | 2026-01-19T06:45:07.898Z |
| CVE-2026-23733 |
6.4 (3.1)
|
Lobe Chat has Cross-Site Scripting (XSS) issue that ma… |
lobehub |
lobe-chat |
2026-01-18T22:56:15.888Z | 2026-01-18T22:56:15.888Z |
| CVE-2026-23644 |
7.7 (4.0)
|
esm.sh has path traversal in `extractPackageTarball` t… |
esm-dev |
esm.sh |
2026-01-18T22:49:29.676Z | 2026-01-18T22:49:29.676Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-0854 | Certain DVR/NVR models developed by Merit LILIN has a OS Command Injection vulnerability, allowing … | 2026-01-12T06:16:11.040 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-14579 | The Quiz Maker WordPress plugin before 6.7.0.89 does not sanitise and escape some of its settings, … | 2026-01-12T06:16:10.193 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-69276 | Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux al… | 2026-01-12T05:16:11.780 | 2026-01-14T16:41:50.373 |
| fkie_cve-2025-69275 | Dependency on Vulnerable Third-Party Component vulnerability in Broadcom DX NetOps Spectrum on Wind… | 2026-01-12T05:16:11.643 | 2026-01-14T16:47:26.547 |
| fkie_cve-2025-69274 | Authorization Bypass Through User-Controlled Key vulnerability in Broadcom DX NetOps Spectrum on Wi… | 2026-01-12T05:16:11.497 | 2026-01-14T16:48:55.327 |
| fkie_cve-2025-69273 | Improper Authentication vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Authe… | 2026-01-12T05:16:11.363 | 2026-01-14T17:53:48.250 |
| fkie_cve-2025-69272 | Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Win… | 2026-01-12T05:16:11.213 | 2026-01-14T17:54:24.857 |
| fkie_cve-2025-69271 | Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux… | 2026-01-12T05:16:11.060 | 2026-01-14T17:55:06.017 |
| fkie_cve-2025-69270 | Information Exposure Through Query Strings in GET Request vulnerability in Broadcom DX NetOps Spect… | 2026-01-12T05:16:10.900 | 2026-01-14T17:56:04.990 |
| fkie_cve-2025-69269 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerab… | 2026-01-12T05:16:10.747 | 2026-01-14T18:01:20.657 |
| fkie_cve-2025-69268 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnera… | 2026-01-12T05:16:10.587 | 2026-01-14T18:03:32.927 |
| fkie_cve-2025-69267 | Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in Broad… | 2026-01-12T05:16:09.753 | 2026-01-14T18:03:58.060 |
| fkie_cve-2026-0853 | Certain NVR models developed by A-Plus Video Technologies has a Sensitive Data Exposure vulnerabili… | 2026-01-12T04:15:46.840 | 2026-01-13T14:03:18.990 |
| fkie_cve-2025-52694 | Successful exploitation of the SQL injection vulnerability could allow an unauthenticated remote at… | 2026-01-12T03:16:07.127 | 2026-01-13T14:03:18.990 |
| fkie_cve-2026-0852 | A security flaw has been discovered in code-projects Online Music Site 1.0. The impacted element is… | 2026-01-12T01:15:49.950 | 2026-01-14T22:19:33.933 |
| fkie_cve-2026-0851 | A vulnerability was identified in code-projects Online Music Site 1.0. The affected element is an u… | 2026-01-12T00:15:52.763 | 2026-01-14T22:18:02.417 |
| fkie_cve-2026-0850 | A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted i… | 2026-01-11T23:15:46.090 | 2026-01-14T22:09:35.817 |
| fkie_cve-2025-68493 | Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache St… | 2026-01-11T13:15:45.610 | 2026-01-16T14:31:16.030 |
| fkie_cve-2025-15506 | A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects … | 2026-01-11T11:15:49.113 | 2026-01-13T14:03:18.990 |
| fkie_cve-2026-0843 | A vulnerability has been found in jiujiujia/victor123/wxw850227 jjjfood and jjjshop_food up to 2026… | 2026-01-11T09:15:50.810 | 2026-01-13T14:03:18.990 |
| fkie_cve-2026-0842 | A flaw has been found in Flycatcher Toys smART Sketcher up to 2.0. This affects an unknown part of … | 2026-01-11T08:16:00.150 | 2026-01-13T14:03:18.990 |
| fkie_cve-2026-0841 | A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function st… | 2026-01-11T08:15:59.153 | 2026-01-13T21:55:32.140 |
| fkie_cve-2026-0840 | A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerabil… | 2026-01-11T07:15:49.680 | 2026-01-13T21:56:28.297 |
| fkie_cve-2026-0839 | A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the … | 2026-01-11T06:15:57.567 | 2026-01-13T21:57:24.170 |
| fkie_cve-2026-0838 | A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy o… | 2026-01-11T06:15:57.300 | 2026-01-13T22:02:34.320 |
| fkie_cve-2026-0837 | A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the… | 2026-01-11T05:15:58.893 | 2026-01-13T22:03:26.023 |
| fkie_cve-2026-0836 | A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function st… | 2026-01-11T05:15:47.947 | 2026-01-13T22:04:12.347 |
| fkie_cve-2025-15505 | A vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function… | 2026-01-11T02:15:58.890 | 2026-01-13T14:03:18.990 |
| fkie_cve-2026-0824 | A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of … | 2026-01-10T15:15:50.137 | 2026-01-13T14:03:18.990 |
| fkie_cve-2026-0822 | A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function … | 2026-01-10T14:15:50.087 | 2026-01-13T14:03:18.990 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-jqv9-g2ph-pfw9 |
6.3 (3.1)
2.1 (4.0)
|
A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the fun… | 2026-01-19T09:30:28Z | 2026-01-19T09:30:28Z |
| ghsa-jhmw-7pvw-ww89 |
3.5 (3.1)
2.0 (4.0)
|
A vulnerability has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Manageme… | 2026-01-19T09:30:28Z | 2026-01-19T09:30:28Z |
| ghsa-6vfr-p2hx-6v32 |
|
A vulnerability. When org.apache.linkis.metadata.util.HiveUtils.decode() fails to perform Base64 d… | 2026-01-19T09:30:28Z | 2026-01-19T09:30:28Z |
| ghsa-w98p-2mg7-6p5x |
4.3 (3.1)
2.1 (4.0)
|
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unkno… | 2026-01-19T09:30:27Z | 2026-01-19T09:30:27Z |
| ghsa-m237-23r2-f38w |
8.8 (3.1)
7.4 (4.0)
|
A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function … | 2026-01-19T09:30:27Z | 2026-01-19T09:30:27Z |
| ghsa-j6q4-mvcw-hpgm |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown fu… | 2026-01-19T09:30:27Z | 2026-01-19T09:30:27Z |
| ghsa-c399-q49h-qwc8 |
|
A vulnerability in Apache Linkis. Problem Description When using the JDBC engine and da When using… | 2026-01-19T09:30:27Z | 2026-01-19T09:30:27Z |
| ghsa-2gmr-vqp5-r9qg |
6.3 (3.1)
2.1 (4.0)
|
A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of… | 2026-01-19T09:30:27Z | 2026-01-19T09:30:27Z |
| ghsa-xxjh-3xfp-3f5r |
8.8 (3.1)
7.4 (4.0)
|
A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function… | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-x43r-qjj8-2492 |
8.8 (3.1)
7.4 (4.0)
|
A vulnerability was found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of th… | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-r9c3-2gmx-vr4j |
4.3 (3.1)
2.1 (4.0)
|
A vulnerability was identified in itsourcecode Society Management System 1.0. This affects an unkno… | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-hw36-xf9g-wmmp |
8.8 (3.1)
7.4 (4.0)
|
A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /go… | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-f4vw-wpg8-p532 |
3.5 (3.1)
2.0 (4.0)
|
A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Af… | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-6qwc-c44f-q4q8 |
8.8 (3.1)
7.4 (4.0)
|
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function st… | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-5649-r252-h649 |
4.3 (3.1)
2.1 (4.0)
|
A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an … | 2026-01-19T06:30:28Z | 2026-01-19T06:30:28Z |
| ghsa-hmr2-524c-vv28 |
|
HarfBuzz::Shaper versions before 0.032 for Perl contains a bundled library with a null pointer dere… | 2026-01-19T06:30:27Z | 2026-01-19T06:30:27Z |
| ghsa-j9c4-9cf2-xpp8 |
7.3 (3.1)
5.5 (4.0)
|
A flaw has been found in Yonyou KSOA 9.0. This issue affects some unknown processing of the file /w… | 2026-01-19T03:30:26Z | 2026-01-19T03:30:26Z |
| ghsa-c4q8-cg76-8wm5 |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was determined in Yonyou KSOA 9.0. The impacted element is an unknown function of t… | 2026-01-19T03:30:26Z | 2026-01-19T03:30:26Z |
| ghsa-c4j7-gjxv-6wvj |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in Yonyou KSOA 9.0. Impacted is an unknown function of the file /kmc… | 2026-01-19T03:30:26Z | 2026-01-19T03:30:26Z |
| ghsa-c48w-33vf-w7hq |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was found in Yonyou KSOA 9.0. The affected element is an unknown function of the fi… | 2026-01-19T03:30:26Z | 2026-01-19T03:30:26Z |
| ghsa-5qvx-3gp5-6m7q |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the fil… | 2026-01-19T03:30:25Z | 2026-01-19T03:30:25Z |
| ghsa-xm92-8fcx-x654 |
5.3 (3.1)
1.9 (4.0)
|
A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affecte… | 2026-01-19T00:30:14Z | 2026-01-19T00:30:14Z |
| ghsa-9g9c-c6jm-98g4 |
5.3 (3.1)
5.5 (4.0)
|
A vulnerability was determined in Open5GS up to 2.7.6. Impacted is the function sgwc_s11_handle_dow… | 2026-01-19T00:30:14Z | 2026-01-19T00:30:14Z |
| ghsa-rf69-3jvx-93qp |
6.3 (3.1)
2.1 (4.0)
|
A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f686346403446… | 2026-01-18T18:30:16Z | 2026-01-18T18:30:16Z |
| ghsa-j6wg-29xj-2fjf |
8.5 (3.1)
|
Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor s… | 2026-01-18T18:30:16Z | 2026-01-18T18:30:16Z |
| ghsa-8whh-2x7g-j9cx |
7.3 (3.1)
5.5 (4.0)
|
A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function su… | 2026-01-18T18:30:16Z | 2026-01-18T18:30:16Z |
| ghsa-7v6v-gxc3-52qv |
7.3 (3.1)
5.5 (4.0)
|
A security flaw has been discovered in Yonyou KSOA 9.0. Affected by this vulnerability is an unknow… | 2026-01-18T18:30:16Z | 2026-01-18T18:30:16Z |
| ghsa-x4w4-c97j-2px5 |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was found in Yonyou KSOA 9.0. This affects an unknown function of the file /workshe… | 2026-01-18T15:30:25Z | 2026-01-18T15:30:25Z |
| ghsa-rr7h-2vmq-r7qh |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of t… | 2026-01-18T15:30:25Z | 2026-01-18T15:30:25Z |
| ghsa-p6xj-m4mp-fwqx |
7.3 (3.1)
5.5 (4.0)
|
A vulnerability was determined in Yonyou KSOA 9.0. This impacts an unknown function of the file /wo… | 2026-01-18T15:30:25Z | 2026-01-18T15:30:25Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-51 |
|
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-47 |
|
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-44 |
|
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-55 |
|
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-54 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| pysec-2025-50 |
|
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2025-53 |
|
vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-43 |
|
vLLM is an inference and serving engine for large language models (LLMs). In versions sta… | vllm | 2025-05-29T17:15:21+00:00 | 2025-05-29T19:21:01.611587+00:00 |
| pysec-2025-46 |
5.5 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri… | pypickle | 2025-05-26T08:15:19+00:00 | 2025-06-03T17:36:58.579358+00:00 |
| pysec-2025-45 |
7.8 (3.1)
|
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.… | pypickle | 2025-05-26T07:15:26+00:00 | 2025-06-03T17:36:58.528116+00:00 |
| pysec-2025-40 |
7.5 (3.1)
|
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`… | transformers | 2025-05-19T12:15:19+00:00 | 2025-05-21T19:22:10.801823+00:00 |
| pysec-2025-49 |
8.8 (3.1)
|
setuptools is a package that allows users to download, build, install, upgrade, and unins… | setuptools | 2025-05-17T16:15:19+00:00 | 2025-06-12T22:23:11.115559+00:00 |
| pysec-2025-39 |
|
motionEye is an online interface for the software motion, a video surveillance program wi… | motioneye | 2025-05-14T16:15:29+00:00 | 2025-05-14T17:22:51.050788+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2025-38 |
|
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im… | ironic | 2025-05-08T17:16:01Z | 2025-05-13T04:24:03.083929Z |
| pysec-2025-37 |
|
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2… | django | 2025-05-08T04:17:18+00:00 | 2025-05-08T05:23:16.210893+00:00 |
| pysec-2025-42 |
9.8 (3.1)
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver… | vllm | 2025-04-30T01:15:51+00:00 | 2025-05-28T21:23:12.396609+00:00 |
| pysec-2025-34 |
|
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… | picklescan | 2025-04-24T01:15:49+00:00 | 2025-04-24T03:08:15.436691+00:00 |
| pysec-2025-56 |
4.3 (3.1)
|
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2025-41 |
9.8 (3.1)
|
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… | torch | 2025-04-18T16:15:23+00:00 | 2025-05-28T15:23:37.843138+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-351 | Malicious code in nanoinstaller (PyPI) | 2026-01-19T07:16:02Z | 2026-01-19T07:16:02Z |
| mal-2026-350 | Malicious code in bnanainstaller (PyPI) | 2026-01-19T06:43:19Z | 2026-01-19T06:43:19Z |
| mal-2026-349 | Malicious code in tutor_table (npm) | 2026-01-19T06:07:51Z | 2026-01-19T06:07:52Z |
| mal-2026-348 | Malicious code in react-native-webview-forked (npm) | 2026-01-19T05:24:56Z | 2026-01-19T05:24:57Z |
| mal-2026-347 | Malicious code in @bingads-webui-theme-2018/theme-fluent (npm) | 2026-01-19T05:13:17Z | 2026-01-19T05:13:18Z |
| mal-2026-339 | Malicious code in internallib_v355 (npm) | 2026-01-19T01:00:08Z | 2026-01-19T01:00:08Z |
| mal-2026-345 | Malicious code in private-payment-lib (npm) | 2026-01-19T00:59:52Z | 2026-01-19T01:00:00Z |
| mal-2026-344 | Malicious code in ofjaaah-security-lib (npm) | 2026-01-19T00:59:52Z | 2026-01-19T00:59:53Z |
| mal-2026-343 | Malicious code in ofjaaah-internal-utils (npm) | 2026-01-19T00:59:52Z | 2026-01-19T00:59:53Z |
| mal-2026-342 | Malicious code in ofjaaah-build-tools (npm) | 2026-01-19T00:59:52Z | 2026-01-19T00:59:53Z |
| mal-2026-341 | Malicious code in ofjaaah-auth-module (npm) | 2026-01-19T00:59:52Z | 2026-01-19T00:59:53Z |
| mal-2026-338 | Malicious code in internal-company-sdk (npm) | 2026-01-19T00:59:52Z | 2026-01-19T01:00:00Z |
| mal-2026-336 | Malicious code in @cda-apps/source (npm) | 2026-01-19T00:57:36Z | 2026-01-19T00:57:37Z |
| mal-2026-337 | Malicious code in chai-as-executed (npm) | 2026-01-19T00:56:45Z | 2026-01-19T00:56:46Z |
| mal-2026-340 | Malicious code in libsignal-yazxzcode (npm) | 2026-01-19T00:46:52Z | 2026-01-19T00:46:52Z |
| mal-2026-346 | Malicious code in zod-js (npm) | 2026-01-19T00:46:16Z | 2026-01-19T00:46:17Z |
| mal-2026-335 | Malicious code in wac-react-relay (npm) | 2026-01-19T00:45:11Z | 2026-01-19T00:45:21Z |
| mal-2026-329 | Malicious code in @brokenzzz/garfish (npm) | 2026-01-19T00:45:11Z | 2026-01-19T00:45:21Z |
| mal-2026-328 | Malicious code in 1231dai (npm) | 2026-01-19T00:43:46Z | 2026-01-19T00:43:46Z |
| mal-2026-334 | Malicious code in viem-js (npm) | 2026-01-19T00:43:31Z | 2026-01-19T00:43:36Z |
| mal-2026-332 | Malicious code in tailwin (npm) | 2026-01-19T00:43:31Z | 2026-01-19T00:43:36Z |
| mal-2026-331 | Malicious code in cyrpto (npm) | 2026-01-19T00:43:31Z | 2026-01-19T00:43:31Z |
| mal-2026-333 | Malicious code in tronweb-tool (npm) | 2026-01-19T00:34:59Z | 2026-01-19T00:35:00Z |
| mal-2026-330 | Malicious code in @daffadeveloper/signal-node (npm) | 2026-01-19T00:33:19Z | 2026-01-19T00:33:19Z |
| mal-2026-326 | Malicious code in urlssser (PyPI) | 2026-01-18T23:14:24Z | 2026-01-18T23:14:24Z |
| mal-2026-325 | Malicious code in marshel (PyPI) | 2026-01-18T22:56:09Z | 2026-01-18T23:39:04Z |
| mal-2026-324 | Malicious code in typedoc-plugin-fuel-variants (npm) | 2026-01-17T22:15:00Z | 2026-01-17T22:15:00Z |
| mal-2026-323 | Malicious code in eslint-plugin-fuel-react (npm) | 2026-01-17T21:37:23Z | 2026-01-17T21:37:23Z |
| mal-2026-327 | Malicious code in mapkit-example-vanillajs (npm) | 2026-01-17T07:00:15Z | 2026-01-19T06:27:13Z |
| mal-2026-322 | Malicious code in admin10001 (npm) | 2026-01-16T13:51:12Z | 2026-01-19T01:55:13Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-0096 | Google Android Pixel: Mehrere Schwachstellen | 2026-01-13T23:00:00.000+00:00 | 2026-01-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0083 | Microsoft Windows : Mehrere Schwachstellen | 2026-01-13T23:00:00.000+00:00 | 2026-01-18T23:00:00.000+00:00 |
| wid-sec-w-2026-0047 | CoreDNS: Schwachstelle ermöglicht Denial of Service | 2026-01-07T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0044 | libtasn1: Schwachstelle ermöglicht Denial of Service | 2026-01-07T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0043 | Trend Micro Apex Central: Mehrere Schwachstellen | 2026-01-07T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0040 | n8n: Mehrere Schwachstellen | 2026-01-07T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0037 | GitLab CE und EE: Mehrere Schwachstellen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0036 | OpenLDAP: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen | 2026-01-07T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0035 | MediaWiki Erweiterungen: Mehrere Schwachstellen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0034 | Keycloak: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2026-01-07T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0030 | cURL: Mehrere Schwachstellen | 2026-01-06T23:00:00.000+00:00 | 2026-01-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0026 | HCL BigFix: Mehrere Schwachstellen | 2026-01-06T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2026-0020 | Google Chrome/Microsoft Edge: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2026-01-06T23:00:00.000+00:00 | 2026-01-11T23:00:00.000+00:00 |
| wid-sec-w-2026-0017 | Veeam Backup & Replication: Mehrere Schwachstellen | 2026-01-05T23:00:00.000+00:00 | 2026-01-12T23:00:00.000+00:00 |
| wid-sec-w-2026-0010 | Samsung Exynos: Mehrere Schwachstellen | 2026-01-04T23:00:00.000+00:00 | 2026-01-06T23:00:00.000+00:00 |
| wid-sec-w-2026-0009 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-01-04T23:00:00.000+00:00 | 2026-01-05T23:00:00.000+00:00 |
| wid-sec-w-2026-0008 | Red Hat Enterprise Linux: Mehrere Schwachstellen | 2026-01-04T23:00:00.000+00:00 | 2026-01-06T23:00:00.000+00:00 |
| wid-sec-w-2026-0006 | OpenCTI: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen, Manipulation von Daten, Denial of Service | 2026-01-04T23:00:00.000+00:00 | 2026-01-05T23:00:00.000+00:00 |
| wid-sec-w-2026-0003 | Vaadin: Schwachstelle ermöglicht Cross-Site Scripting | 2026-01-04T23:00:00.000+00:00 | 2026-01-05T23:00:00.000+00:00 |
| wid-sec-w-2025-2938 | Arista EOS: Schwachstelle ermöglicht Denial of Service | 2025-12-30T23:00:00.000+00:00 | 2026-01-06T23:00:00.000+00:00 |
| wid-sec-w-2025-2934 | ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-29T23:00:00.000+00:00 | 2025-12-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2928 | GnuPG: Mehrere Schwachstellen | 2025-12-28T23:00:00.000+00:00 | 2026-01-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2916 | Net-SNMP: Schwachstelle ermöglicht Codeausführung und DoS | 2025-12-23T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2911 | Synacor Zimbra: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2026-01-05T23:00:00.000+00:00 |
| wid-sec-w-2025-2910 | Hitachi Ops Center: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2025-12-23T23:00:00.000+00:00 |
| wid-sec-w-2025-2909 | IBM App Connect Enterprise: Mehrere Schwachstellen | 2025-12-22T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2905 | MongoDB: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-18T23:00:00.000+00:00 | 2025-12-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2904 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2897 | Apache log4j: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-18T23:00:00.000+00:00 | 2026-01-07T23:00:00.000+00:00 |
| wid-sec-w-2025-2891 | WebKitGTK: Mehrere Schwachstellen ermöglichen Codeausführung und DoS | 2025-12-18T23:00:00.000+00:00 | 2026-01-05T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0019 | Kwetsbaarheid verholpen in Fortinet FortiSIEM | 2026-01-16T13:34:34.467426Z | 2026-01-16T13:34:34.467426Z |
| ncsc-2026-0018 | Kwetsbaarheden verholpen in TYPO3 CMS | 2026-01-16T10:11:37.524826Z | 2026-01-16T10:11:37.524826Z |
| ncsc-2026-0017 | Kwetsbaarheden verholpen in Juniper Networks JunOS | 2026-01-16T10:07:39.310560Z | 2026-01-16T10:07:39.310560Z |
| ncsc-2026-0016 | Kwetsbaarheden verholpen in Aruba Networks ArubaOS | 2026-01-16T09:44:20.575860Z | 2026-01-16T09:44:20.575860Z |
| ncsc-2026-0015 | Kwetsbaarheid verholpen in Fortinet FortiOS | 2026-01-15T12:31:57.265723Z | 2026-01-15T12:31:57.265723Z |
| ncsc-2026-0014 | Kwetsbaarheden verholpen in Adobe Illustrator | 2026-01-15T12:16:05.427141Z | 2026-01-15T12:16:05.427141Z |
| ncsc-2026-0013 | Kwetsbaarheden verholpen in Adobe InDesign Desktop | 2026-01-14T13:45:48.530782Z | 2026-01-14T13:45:48.530782Z |
| ncsc-2026-0012 | Kwetsbaarheden verholpen in Adobe Dreamweaver Desktop | 2026-01-14T13:41:56.261778Z | 2026-01-14T13:41:56.261778Z |
| ncsc-2026-0011 | Kwetsbaarheid verholpen in Microsoft Developer Tools | 2026-01-13T19:19:27.690900Z | 2026-01-13T19:19:27.690900Z |
| ncsc-2026-0010 | Kwetsbaarheden verholpen in Microsoft Office | 2026-01-13T19:18:45.984019Z | 2026-01-13T19:18:45.984019Z |
| ncsc-2026-0009 | Kwetsbaarheden verholpen in Microsoft Azure | 2026-01-13T19:17:59.629364Z | 2026-01-13T19:17:59.629364Z |
| ncsc-2026-0008 | Kwetsbaarheid verholpen in Microsoft SQL Server | 2026-01-13T19:17:18.848673Z | 2026-01-13T19:17:18.848673Z |
| ncsc-2026-0007 | Kwetsbaarheden verholpen in Microsoft Windows | 2026-01-13T19:16:30.720079Z | 2026-01-13T19:16:30.720079Z |
| ncsc-2026-0006 | Kwetsbaarheden verholpen in SAP producten | 2026-01-13T14:42:24.621603Z | 2026-01-13T14:42:24.621603Z |
| ncsc-2026-0005 | Kwetsbaarheden verholpen in Siemens producten | 2026-01-13T12:05:57.353070Z | 2026-01-13T12:05:57.353070Z |
| ncsc-2026-0004 | Kwetsbaarheden verholpen in Trend Micro Apex Central | 2026-01-09T11:14:58.910197Z | 2026-01-09T11:14:58.910197Z |
| ncsc-2026-0003 | Kwetsbaarheden verholpen in GitLab | 2026-01-09T11:11:48.308357Z | 2026-01-09T11:11:48.308357Z |
| ncsc-2026-0002 | Kwetsbaarheid verholpen in n8n | 2026-01-08T12:34:29.315681Z | 2026-01-08T12:34:29.315681Z |
| ncsc-2026-0001 | Kwetsbaarheden verholpen in Hanwha camera systemen | 2026-01-08T12:28:21.446188Z | 2026-01-08T12:28:21.446188Z |
| ncsc-2025-0405 | Kwetsbaarheid verholpen in Roundcube Webmail | 2025-12-31T14:29:26.821576Z | 2025-12-31T14:29:26.821576Z |
| ncsc-2025-0404 | Kwetsbaarheid verholpen in SmarterMail | 2025-12-31T14:19:01.847364Z | 2025-12-31T14:19:01.847364Z |
| ncsc-2025-0403 | Kwetsbaarheden verholpen in QNAP besturingssystemen | 2025-12-29T09:17:28.385450Z | 2025-12-29T09:17:28.385450Z |
| ncsc-2025-0402 | Kwetsbaarheid verholpen in MongoDB | 2025-12-27T11:38:11.514349Z | 2025-12-27T11:38:11.514349Z |
| ncsc-2025-0401 | Kwetsbaarheden verholpen in Foxit PDF Reader | 2025-12-24T09:14:56.590353Z | 2025-12-24T09:14:56.590353Z |
| ncsc-2025-0400 | Kwetsbaarheid verholpen in WatchGuard Firebox | 2025-12-19T11:16:01.438518Z | 2025-12-19T11:16:01.438518Z |
| ncsc-2025-0399 | Kwetsbaarheid verholpen in HPE OneView Software | 2025-12-18T18:38:20.794784Z | 2025-12-24T11:29:46.123674Z |
| ncsc-2025-0398 | Kwetsbaarheid in Cisco AsyncOS | 2025-12-17T19:47:00.346651Z | 2025-12-17T19:47:00.346651Z |
| ncsc-2025-0397 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2025-12-15T09:08:39.804149Z | 2025-12-15T09:08:39.804149Z |
| ncsc-2025-0396 | Kwetsbaarheden verholpen in Apple macOS | 2025-12-15T09:06:36.450655Z | 2025-12-15T09:06:36.450655Z |
| ncsc-2025-0395 | Kwetsbaarheden verholpen in SAP Software | 2025-12-12T09:29:08.429888Z | 2025-12-12T09:29:08.429888Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-827968 | SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-674753 | SSA-674753: Denial-of-Service Vulnerability in ET 200SP | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-192617 | SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-014678 | SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-001536 | SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-416652 | SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-202008 | SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-599451 | SSA-599451: Multiple Vulnerabilities in SiPass integrated Before V3.0 | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:0759 | Red Hat Security Advisory: kernel security update | 2026-01-19T04:00:59+00:00 | 2026-01-19T04:03:11+00:00 |
| rhsa-2026:0761 | Red Hat Security Advisory: Red Hat build of Cryostat security update | 2026-01-19T03:34:11+00:00 | 2026-01-19T03:56:18+00:00 |
| rhsa-2026:0760 | Red Hat Security Advisory: kernel-rt security update | 2026-01-19T03:14:39+00:00 | 2026-01-19T04:03:11+00:00 |
| rhsa-2026:0753 | Red Hat Security Advisory: container-tools:rhel8 security update | 2026-01-19T02:20:14+00:00 | 2026-01-19T04:18:25+00:00 |
| rhsa-2026:0750 | Red Hat Security Advisory: net-snmp security update | 2026-01-19T02:06:04+00:00 | 2026-01-19T03:56:24+00:00 |
| rhsa-2026:0755 | Red Hat Security Advisory: kernel security update | 2026-01-19T01:39:54+00:00 | 2026-01-19T03:55:41+00:00 |
| rhsa-2026:0756 | Red Hat Security Advisory: transfig security update | 2026-01-19T01:35:29+00:00 | 2026-01-19T03:55:36+00:00 |
| rhsa-2026:0754 | Red Hat Security Advisory: kernel-rt security update | 2026-01-19T01:18:28+00:00 | 2026-01-19T03:55:40+00:00 |
| rhsa-2026:0752 | Red Hat Security Advisory: jmc security update | 2026-01-19T01:17:13+00:00 | 2026-01-19T03:56:23+00:00 |
| rhsa-2026:0751 | Red Hat Security Advisory: jmc security update | 2026-01-19T01:16:23+00:00 | 2026-01-19T03:56:17+00:00 |
| rhsa-2026:0745 | Red Hat Security Advisory: libpq security update | 2026-01-19T00:55:23+00:00 | 2026-01-19T03:55:31+00:00 |
| rhsa-2026:0747 | Red Hat Security Advisory: kernel security update | 2026-01-19T00:45:53+00:00 | 2026-01-19T03:56:12+00:00 |
| rhsa-2026:0744 | Red Hat Security Advisory: libpq security update | 2026-01-19T00:42:18+00:00 | 2026-01-19T03:55:31+00:00 |
| rhsa-2026:0746 | Red Hat Security Advisory: libpq security update | 2026-01-19T00:41:38+00:00 | 2026-01-19T03:55:31+00:00 |
| rhsa-2026:0743 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.16 security update | 2026-01-19T00:18:54+00:00 | 2026-01-19T03:55:11+00:00 |
| rhsa-2026:0742 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.13 on RHEL 7 security update | 2026-01-19T00:15:08+00:00 | 2026-01-19T03:55:10+00:00 |
| rhsa-2026:0737 | Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update | 2026-01-15T23:39:47+00:00 | 2026-01-19T10:05:49+00:00 |
| rhsa-2026:0728 | Red Hat Security Advisory: gnupg2 security update | 2026-01-15T21:34:05+00:00 | 2026-01-19T03:56:21+00:00 |
| rhsa-2026:0726 | Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14.2.P1 for Spring Boot release. | 2026-01-15T19:53:18+00:00 | 2026-01-19T03:56:16+00:00 |
| rhsa-2026:0418 | Red Hat Security Advisory: OpenShift Container Platform 4.16.55 packages and security update | 2026-01-15T19:15:31+00:00 | 2026-01-16T20:05:32+00:00 |
| rhsa-2026:0331 | Red Hat Security Advisory: OpenShift Container Platform 4.18.31 packages and security update | 2026-01-15T19:11:50+00:00 | 2026-01-16T20:05:30+00:00 |
| rhsa-2026:0332 | Red Hat Security Advisory: OpenShift Container Platform 4.18.31 bug fix and security update | 2026-01-15T18:56:30+00:00 | 2026-01-16T16:14:48+00:00 |
| rhsa-2026:0326 | Red Hat Security Advisory: OpenShift Container Platform 4.16.55 bug fix and security update | 2026-01-15T18:47:30+00:00 | 2026-01-16T16:14:47+00:00 |
| rhsa-2026:0722 | Red Hat Security Advisory: multicluster engine for Kubernetes v2.8.4 security update | 2026-01-15T17:23:06+00:00 | 2026-01-19T10:05:49+00:00 |
| rhsa-2026:0719 | Red Hat Security Advisory: gnupg2 security update | 2026-01-15T17:17:05+00:00 | 2026-01-19T03:56:19+00:00 |
| rhsa-2026:0714 | Red Hat Security Advisory: openssl security update | 2026-01-15T16:05:10+00:00 | 2026-01-16T09:53:32+00:00 |
| rhsa-2026:0718 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.13.5 security update | 2026-01-15T15:59:28+00:00 | 2026-01-19T10:05:48+00:00 |
| rhsa-2026:0327 | Red Hat Security Advisory: OpenShift Container Platform 4.16.55 bug fix and security update | 2026-01-15T15:33:44+00:00 | 2026-01-15T16:28:52+00:00 |
| rhsa-2026:0696 | Red Hat Security Advisory: net-snmp security update | 2026-01-15T13:19:04+00:00 | 2026-01-19T03:56:20+00:00 |
| rhsa-2026:0705 | Red Hat Security Advisory: transfig security update | 2026-01-15T13:11:05+00:00 | 2026-01-19T03:55:35+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| va-26-015-01 | NOAA PMEL Live Access Server (LAS) command injection | 2026-01-15T19:59:37Z | 2026-01-15T19:59:37Z |
| icsa-26-013-03 | YoSmart YoLink Smart Hub | 2026-01-13T07:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| icsa-26-013-02 | Rockwell Automation FactoryTalk DataMosaix Private Cloud | 2026-01-13T07:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| icsa-26-013-01 | Rockwell Automation 432ES-IG3 Series A | 2026-01-13T07:00:00.000000Z | 2026-01-13T07:00:00.000000Z |
| va-26-013-01 | NSecKrnl driver terminates system processes with crafted IOCTL requests | 2026-01-13T00:00:00Z | 2026-01-13T00:00:00Z |
| va-26-008-01 | OPEXUS eCASE | 2026-01-08T16:36:15Z | 2026-01-08T16:36:15Z |
| va-26-008-03 | Ideagen DevonWay stored XSS | 2026-01-08T00:00:00Z | 2026-01-08T00:00:00Z |
| va-26-008-02 | OPEXUS eComplaint and eCasePortal IDOR | 2026-01-07T16:35:11Z | 2026-01-07T16:35:11Z |
| icsa-26-006-01 | Columbia Weather Systems MicroServer | 2026-01-06T07:00:00.000000Z | 2026-01-06T07:00:00.000000Z |
| icsma-25-364-01 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs | 2025-12-30T07:00:00.000000Z | 2025-12-30T07:00:00.000000Z |
| icsa-25-352-08 | Axis Communications Camera Station Pro, Camera Station, and Device Manager | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-07 | Rockwell Automation Micro820, Micro850, Micro870 | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-06 | Advantech WebAccess/SCADA | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-03 | National Instruments LabView | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| icsa-25-352-01 | Inductive Automation Ignition | 2025-12-18T07:00:00.000000Z | 2025-12-18T07:00:00.000000Z |
| va-25-352-01 | BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities | 2025-12-18T00:00:00Z | 2025-12-18T00:00:00Z |
| icsa-25-350-04 | Mitsubishi Electric GT Designer3 | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-03 | Hitachi Energy AFS, AFR and AFF Series | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-02 | Johnson Controls PowerG, IQPanel and IQHub | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| icsa-25-350-01 | Güralp Systems Fortimus Series, Minimus Series, and Certimus Series | 2025-12-16T07:00:00.000000Z | 2025-12-16T07:00:00.000000Z |
| va-25-345-01 | CISA Software Acquisition Guide Supplier Response Web Tool XSS | 2025-12-12T20:27:47Z | 2025-12-12T20:27:47Z |
| icsma-25-345-02 | Varex Imaging Panoramic Dental Imaging Software | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsma-25-345-01 | Grassroots DICOM (GDCM) | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-10 | OpenPLC_V3 | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-03 | AzeoTech DAQFactory (Update A) | 2025-12-11T07:00:00.000000Z | 2026-01-12T07:00:00.000000Z |
| icsa-25-345-02 | Johnson Controls iSTAR Ultra | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-01 | Johnson Controls iSTAR | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| va-25-343-01 | Windscribe for Linux 'changeMTU' local privilege escalation | 2025-12-10T16:46:41Z | 2025-12-10T16:46:41Z |
| icsa-25-352-02 | Schneider Electric EcoStruxure Foxboro DCS Advisor | 2025-12-09T08:00:00.000000Z | 2025-12-18T18:23:06.311869Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ise-xss-9tdh2kx | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-ise-xss-964cdxw5 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-epnm-pi-stored-xss-gekx8ywk | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-snort3-dcerpc-vulns-j9hnf4th | Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities | 2026-01-07T16:00:00+00:00 | 2026-01-07T16:00:00+00:00 |
| cisco-sa-ise-xxe-jwsbsdkt | Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability | 2026-01-07T16:00:00+00:00 | 2026-01-07T16:00:00+00:00 |
| cisco-sa-sma-attack-n9bf4 | Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager | 2025-12-17T16:00:00+00:00 | 2026-01-15T16:01:43+00:00 |
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-17T22:37:17+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-cv-xss-rwrakaj9 | Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-cucm-stored-xss-fnj66yly | Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-webui-xss-vwydgjou | Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-26T16:35:50+00:00 |
| cisco-sa-snmpwred-x3mjyf5m | Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-snmp-x4lphte | Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-10-06T18:27:02+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-nbar-dos-lavwtmet | Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-iosxe-arg-inject-eyddbh4e | Cisco IOS XE Software CLI Argument Injection Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2026-0002 | Vulnerabilities affecting SICK Incoming Goods Suite | 2026-01-15T14:00:00.000Z | 2026-01-15T14:00:00.000Z |
| sca-2026-0001 | Vulnerabilities affecting SICK TDC-X401GL | 2026-01-15T14:00:00.000Z | 2026-01-15T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| sca-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| sca-2023-0006 | Vulnerabilities in SICK ICR890-4 | 2023-07-10T13:00:00.000Z | 2023-07-10T13:00:00.000Z |
| sca-2023-0005 | Vulnerabilities in SICK EventCam App | 2023-06-19T11:00:00.000Z | 2023-06-19T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2024_1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2023_17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2023_12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023_9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-21265 | Secure Boot Certificate Expiration Security Feature Bypass Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-21226 | Azure Core shared client library for Python Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-21224 | Azure Connected Machine Agent Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-21223 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-16T08:00:00.000Z |
| msrc_cve-2026-21221 | Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-21219 | Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20965 | Windows Admin Center Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20963 | Microsoft SharePoint Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20962 | Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20960 | Microsoft Power Apps Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-16T08:00:00.000Z |
| msrc_cve-2026-20959 | Microsoft SharePoint Server Spoofing Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20958 | Microsoft SharePoint Information Disclosure Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-14T08:00:00.000Z |
| msrc_cve-2026-20957 | Microsoft Excel Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20956 | Microsoft Excel Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20955 | Microsoft Excel Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20953 | Microsoft Office Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20952 | Microsoft Office Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20951 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20950 | Microsoft Excel Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20949 | Microsoft Excel Security Feature Bypass Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20948 | Microsoft Word Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20947 | Microsoft SharePoint Server Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20946 | Microsoft Excel Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20944 | Microsoft Word Remote Code Execution Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20943 | Microsoft Office Click-To-Run Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20941 | Host Process for Windows Tasks Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20940 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20939 | Windows File Explorer Information Disclosure Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20938 | Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| msrc_cve-2026-20937 | Windows File Explorer Information Disclosure Vulnerability | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 2crt000009 | WebPro SNMP Card PowerValue Multiple Vulnerabilities | 2026-01-07T00:30:00.000Z | 2026-01-07T00:30:00.000Z |
| 4hzm000603 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) | 2025-11-27T00:30:00.000Z | 2025-11-28T00:30:00.000Z |
| 7paa022088 | Edgenius Management Portal Authentication Bypass | 2025-11-20T00:30:00.000Z | 2025-11-20T00:30:00.000Z |
| 2nga002813 | PCM600 SharpZip library vulnerability | 2025-11-03T00:30:00.000Z | 2025-11-03T00:30:00.000Z |
| 9akk108471a8948 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-10-20T00:30:00.000Z | 2025-10-21T00:30:00.000Z |
| 4tz00000006007 | ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations | 2025-10-20T00:30:00.000Z | 2025-10-23T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a8107 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-09-16T00:30:00.000Z | 2025-11-28T08:00:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 3adr011432 | AC500 V2 Buffer overread on Modbus protocol | 2025-07-23T00:30:00.000Z | 2025-07-23T00:30:00.000Z |
| 9akk108471a4556 | Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. | 2025-07-21T00:30:00.000Z | 2025-07-21T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| 2crt000008 | Lite Panel Pro Vulnerability in Session Management | 2025-06-26T00:30:00.000Z | 2025-06-26T00:30:00.000Z |
| 9akk108471a1621 | EIBPORT Session Management Fail | 2025-06-02T00:30:00.000Z | 2025-06-04T00:30:00.000Z |
| 9akk108470a8948 | ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. | 2025-05-29T00:30:00.000Z | 2025-06-05T00:30:00.000Z |
| 9akk108471a0021 | ELSB/BLBA ASPECT advisory several CVEs | 2025-05-22T00:30:00.000Z | 2025-05-23T10:30:00.000Z |
| 2crt000006 | ANC – ABB Network Card Multiple vulnerabilities in ANC | 2025-04-30T00:30:00.000Z | 2025-04-30T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| 2crt000007 | Ekip Com IEC61850 Vulnerability in 3rd Party Library | 2025-04-29T00:30:00.000Z | 2025-04-29T00:30:00.000Z |
| 3kxg200000r4801 | CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability | 2025-04-16T00:30:00.000Z | 2025-10-20T00:30:00.000Z |
| 9akk108470a9989 | ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities | 2025-04-10T08:30:00.000Z | 2025-04-10T08:30:00.000Z |
| 2nga002579 | ABB Arctic communication solution ARM600 Vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 2nga002427 | ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 9akk108470a9494 | Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| 9akk108470a9491 | ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| ID | Description | Updated |
|---|---|---|
| var-202407-2188 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… | 2024-07-23T22:46:32.699000Z |
| var-202406-3119 | Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… | 2024-07-23T22:46:22.685000Z |
| var-202407-1740 | NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… | 2024-07-23T22:46:18.378000Z |
| var-202407-1417 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… | 2024-07-23T22:46:07.784000Z |
| var-202407-1103 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… | 2024-07-23T22:46:01.992000Z |
| var-202407-0957 | WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… | 2024-07-23T22:45:59.391000Z |
| var-202407-0819 | SIMATIC S7-1500 is a modular control system suitable for various automation applications … | 2024-07-23T22:45:56.958000Z |
| var-202407-0818 | NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… | 2024-07-23T22:45:56.946000Z |
| var-202407-0779 | Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … | 2024-07-23T22:45:56.150000Z |
| var-202407-0778 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… | 2024-07-23T22:45:56.131000Z |
| var-202407-0745 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… | 2024-07-23T22:45:55.498000Z |
| var-202305-1479 | D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … | 2024-07-23T22:45:09.335000Z |
| var-202108-1158 | A race condition was addressed with improved locking. This issue is fixed in macOS Monter… | 2024-07-23T22:44:06.976000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… | 2024-07-23T22:43:49.590000Z |
| var-200702-0378 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … | 2024-07-23T22:43:25.614000Z |
| var-201011-0225 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … | 2024-07-23T22:41:43.584000Z |
| var-201112-0297 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… | 2024-07-23T22:41:20.004000Z |
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includ… | 2024-07-23T22:41:18.832000Z |
| var-201803-1810 | A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … | 2024-07-23T22:41:17.171000Z |
| var-201809-0087 | WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… | 2024-07-23T22:41:16.554000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… | 2024-07-23T22:41:04.279000Z |
| var-201702-0423 | An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… | 2024-07-23T22:40:53.160000Z |
| var-202305-1588 | D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… | 2024-07-23T22:40:05.297000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … | 2024-07-23T22:39:32.535000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… | 2024-07-23T22:39:32.874000Z |
| var-201706-0017 | In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… | 2024-07-23T22:38:34.494000Z |
| var-202305-1520 | D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… | 2024-07-23T22:38:26.576000Z |
| var-202407-0490 | A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … | 2024-07-23T22:38:24.768000Z |
| var-201810-0396 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… | 2024-07-23T22:37:44.850000Z |
| var-202001-0833 | A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… | 2024-07-23T22:37:43.471000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-001380 | Multiple vulnerabilities in Canon Small Office Multifunction Printers and Laser Printers | 2026-01-19T10:08+09:00 | 2026-01-19T10:08+09:00 |
| jvndb-2026-000007 | Multiple Vulnerabilities in TOA Network Cameras TRIFORA 3 series | 2026-01-16T15:06+09:00 | 2026-01-16T15:06+09:00 |
| jvndb-2026-000006 | Chainlit vulnerable to improper access restriction | 2026-01-14T17:03+09:00 | 2026-01-14T17:03+09:00 |
| jvndb-2026-000005 | Multiple vulnerabilities in EATON UPS Companion | 2026-01-13T19:01+09:00 | 2026-01-13T19:01+09:00 |
| jvndb-2026-000003 | RICOH Streamline NX vulnerable to improper authorization | 2026-01-09T18:17+09:00 | 2026-01-09T18:17+09:00 |
| jvndb-2026-000004 | The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries | 2026-01-08T13:47+09:00 | 2026-01-08T13:47+09:00 |
| jvndb-2026-000001 | Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2 | 2026-01-07T14:19+09:00 | 2026-01-07T14:19+09:00 |
| jvndb-2026-000002 | Multiple vulnerabilities in multiple NEC branded projectors manufactured by Sharp Display Solutions, Ltd. | 2026-01-07T14:10+09:00 | 2026-01-14T16:54+09:00 |
| jvndb-2026-001001 | Authentication bypass vulnerability in OpenBlocks series | 2026-01-07T10:46+09:00 | 2026-01-07T10:46+09:00 |
| jvndb-2025-022878 | Media Player MP-01 vulnerable to Missing Authentication for Critical Function | 2025-12-24T11:10+09:00 | 2026-01-15T11:10+09:00 |
| jvndb-2025-022400 | Ruijie Networks AP180 Series vulnerable to OS command injection | 2025-12-19T12:33+09:00 | 2025-12-19T12:33+09:00 |
| jvndb-2025-000118 | GROWI vulnerable to cross-site request forgery | 2025-12-17T13:04+09:00 | 2025-12-17T13:04+09:00 |
| jvndb-2025-022062 | Multiple vulnerabilities in CHOCO TEI WATCHER mini | 2025-12-17T11:28+09:00 | 2025-12-17T11:28+09:00 |
| jvndb-2025-000117 | SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow | 2025-12-16T15:31+09:00 | 2025-12-23T11:57+09:00 |
| jvndb-2025-000115 | QND vulnerable to privilege escalation | 2025-12-11T14:33+09:00 | 2025-12-11T14:33+09:00 |
| jvndb-2025-021305 | Android App "Brother iPrint&Scan" improper use of an external cache directory | 2025-12-09T17:25+09:00 | 2025-12-09T17:25+09:00 |
| jvndb-2025-000114 | ELECOM Clone for Windows registers a Windows service with an unquoted file path | 2025-12-09T17:16+09:00 | 2025-12-09T17:16+09:00 |
| jvndb-2025-000113 | Multiple vulnerabilities in GroupSession | 2025-12-08T17:48+09:00 | 2025-12-11T11:30+09:00 |
| jvndb-2025-000116 | GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths | 2025-12-08T14:06+09:00 | 2025-12-08T14:06+09:00 |
| jvndb-2025-000094 | Multiple vulnerabilities in ABB Terra AC Wallbox | 2025-12-05T14:12+09:00 | 2025-12-05T14:12+09:00 |
| jvndb-2025-000112 | Installer of INZONE Hub may insecurely load Dynamic Link Libraries | 2025-11-28T13:36+09:00 | 2025-11-28T13:36+09:00 |
| jvndb-2025-000111 | SwitchBot Smart Video Doorbell vulnerable to active debug code | 2025-11-26T14:35+09:00 | 2025-11-26T14:35+09:00 |
| jvndb-2025-000110 | Multiple vulnerabilities in Security Point (Windows) of MaLion | 2025-11-25T17:17+09:00 | 2025-11-25T17:17+09:00 |
| jvndb-2025-000109 | Multiple vulnerabilities in SNC-CX600W | 2025-11-25T14:59+09:00 | 2025-11-25T14:59+09:00 |
| jvndb-2025-000108 | "FOD" App uses hard-coded cryptographic keys | 2025-11-25T14:15+09:00 | 2025-11-25T14:15+09:00 |
| jvndb-2025-000106 | Multiple vulnerabilities in LogStare Collector | 2025-11-21T16:27+09:00 | 2025-11-21T16:27+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-12-24T10:54+09:00 |
| jvndb-2025-000107 | Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries | 2025-11-19T16:22+09:00 | 2025-11-19T16:22+09:00 |
| jvndb-2025-000097 | "Dejira" App for iOS vulnerable to improper server certificate verification | 2025-11-17T14:09+09:00 | 2025-11-17T14:09+09:00 |
| jvndb-2025-000105 | NCP-HG100 vulnerable to OS command injection | 2025-11-14T15:26+09:00 | 2025-11-14T15:26+09:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:0133-1 | Security update for python | 2026-01-16T09:19:41Z | 2026-01-16T09:19:41Z |
| suse-su-2026:0125-1 | Security update for podman | 2026-01-14T16:57:37Z | 2026-01-14T16:57:37Z |
| suse-su-2026:0123-1 | Security update for libsoup | 2026-01-14T13:47:28Z | 2026-01-14T13:47:28Z |
| suse-su-2026:0122-1 | Security update for MozillaFirefox | 2026-01-14T08:49:21Z | 2026-01-14T08:49:21Z |
| suse-su-2026:0121-1 | Security update for ovmf | 2026-01-14T06:47:26Z | 2026-01-14T06:47:26Z |
| suse-su-2026:0120-1 | Security update for ovmf | 2026-01-14T06:46:44Z | 2026-01-14T06:46:44Z |
| suse-su-2026:0115-1 | Security update for util-linux | 2026-01-12T15:03:44Z | 2026-01-12T15:03:44Z |
| suse-su-2026:0099-1 | Security update for ImageMagick | 2026-01-12T10:37:47Z | 2026-01-12T10:37:47Z |
| suse-su-2026:0107-1 | Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5) | 2026-01-12T10:34:47Z | 2026-01-12T10:34:47Z |
| suse-su-2026:0090-1 | Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5) | 2026-01-12T10:34:10Z | 2026-01-12T10:34:10Z |
| suse-su-2026:0087-1 | Security update for libheif | 2026-01-09T15:19:44Z | 2026-01-09T15:19:44Z |
| suse-su-2026:0086-1 | Security update for php8 | 2026-01-09T15:01:56Z | 2026-01-09T15:01:56Z |
| suse-su-2026:0085-1 | Security update for libpng16 | 2026-01-09T15:01:38Z | 2026-01-09T15:01:38Z |
| suse-su-2026:0073-1 | Security update for ImageMagick | 2026-01-08T13:22:41Z | 2026-01-08T13:22:41Z |
| suse-su-2026:0072-1 | Security update for ImageMagick | 2026-01-08T13:22:28Z | 2026-01-08T13:22:28Z |
| suse-su-2026:0071-1 | Security update for php8 | 2026-01-08T13:22:08Z | 2026-01-08T13:22:08Z |
| suse-su-2026:0070-1 | Security update for qemu | 2026-01-08T13:21:59Z | 2026-01-08T13:21:59Z |
| suse-su-2026:0069-1 | Security update for rsync | 2026-01-08T13:21:48Z | 2026-01-08T13:21:48Z |
| suse-su-2026:0068-1 | Security update for libvirt | 2026-01-08T12:22:40Z | 2026-01-08T12:22:40Z |
| suse-su-2026:0067-1 | Security update for podman | 2026-01-08T12:22:16Z | 2026-01-08T12:22:16Z |
| suse-su-2026:0066-1 | Security update for curl | 2026-01-08T12:21:35Z | 2026-01-08T12:21:35Z |
| suse-su-2026:0053-1 | Security update for libpcap | 2026-01-07T11:03:52Z | 2026-01-07T11:03:52Z |
| suse-su-2026:0052-1 | Security update for curl | 2026-01-07T09:28:37Z | 2026-01-07T09:28:37Z |
| suse-su-2026:0051-1 | Security update for curl | 2026-01-07T09:28:27Z | 2026-01-07T09:28:27Z |
| suse-su-2026:0050-1 | Security update for curl | 2026-01-07T09:28:15Z | 2026-01-07T09:28:15Z |
| suse-su-2026:0044-1 | Security update for mozjs60 | 2026-01-06T16:10:16Z | 2026-01-06T16:10:16Z |
| suse-su-2026:0043-1 | Security update for qemu | 2026-01-06T16:03:07Z | 2026-01-06T16:03:07Z |
| suse-su-2026:0029-1 | Security update for the Linux Kernel | 2026-01-05T12:59:48Z | 2026-01-05T12:59:48Z |
| suse-su-2026:0028-1 | Security update for alloy | 2026-01-05T12:53:11Z | 2026-01-05T12:53:11Z |
| suse-su-2026:0027-1 | Security update for python3 | 2026-01-05T12:47:16Z | 2026-01-05T12:47:16Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10057-1 | chromedriver-144.0.7559.59-1.1 on GA media | 2026-01-16T00:00:00Z | 2026-01-16T00:00:00Z |
| opensuse-su-2026:10050-1 | rke2-1.34-1.34.3+rke2r1-1.1 on GA media | 2026-01-14T00:00:00Z | 2026-01-14T00:00:00Z |
| opensuse-su-2026:10049-1 | python311-urllib3-2.6.3-1.1 on GA media | 2026-01-14T00:00:00Z | 2026-01-14T00:00:00Z |
| opensuse-su-2026:10048-1 | openCryptoki-3.26.0-3.1 on GA media | 2026-01-14T00:00:00Z | 2026-01-14T00:00:00Z |
| opensuse-su-2026:10047-1 | libcryptopp-devel-8.9.0-6.1 on GA media | 2026-01-14T00:00:00Z | 2026-01-14T00:00:00Z |
| opensuse-su-2026:10046-1 | MozillaFirefox-147.0-1.1 on GA media | 2026-01-14T00:00:00Z | 2026-01-14T00:00:00Z |
| opensuse-su-2026:10035-1 | teleport-17.7.13-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10034-1 | python311-Authlib-1.6.6-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10033-1 | libtasn1-6-32bit-4.21.0-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10032-1 | libpcap-devel-1.10.6-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10031-1 | kubelogin-0.2.14-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10030-1 | k6-1.5.0-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10029-1 | istioctl-1.28.2-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10028-1 | ffmpeg-7-7.1.3-1.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10027-1 | ffmpeg-4-4.4.6-10.1 on GA media | 2026-01-12T00:00:00Z | 2026-01-12T00:00:00Z |
| opensuse-su-2026:10026-1 | python311-urllib3-2.6.2-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10025-1 | python311-aiohttp-3.13.3-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10024-1 | libsoup-2_4-1-2.74.3-13.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10023-1 | libsoup-3_0-0-3.6.5-10.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10022-1 | libsodium-devel-1.0.21-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10021-1 | coredns-1.14.0-1.1 on GA media | 2026-01-09T00:00:00Z | 2026-01-09T00:00:00Z |
| opensuse-su-2026:10015-1 | libwget4-2.2.1-1.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10014-1 | python311-cbor2-5.8.0-2.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10013-1 | apptainer-1.4.5-1.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10012-1 | ImageMagick-7.1.2.12-1.1 on GA media | 2026-01-07T00:00:00Z | 2026-01-07T00:00:00Z |
| opensuse-su-2026:10006-1 | dcmtk-3.7.0-1.1 on GA media | 2026-01-05T00:00:00Z | 2026-01-05T00:00:00Z |
| opensuse-su-2026:10005-1 | python312-Django6-6.0-1.1 on GA media | 2026-01-03T00:00:00Z | 2026-01-03T00:00:00Z |
| opensuse-su-2026:10004-1 | fluidsynth-2.5.2-1.1 on GA media | 2026-01-03T00:00:00Z | 2026-01-03T00:00:00Z |
| opensuse-su-2026:20001-1 | Security update for sssd | 2026-01-02T16:58:16Z | 2026-01-02T16:58:16Z |
| opensuse-su-2026:20002-1 | Security update for MozillaThunderbird | 2026-01-02T12:14:18Z | 2026-01-02T12:14:18Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-00112 | WordPress Real 3D FlipBook plugin跨站脚本漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00111 | WordPress User Submitted Posts plugin开放重定向漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00110 | WordPress Docket Cache plugin文件包含漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00109 | WordPress Diza plugin文件包含漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00108 | WordPress Chakra test plugin缺少授权漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00107 | WordPress Brave plugin缺少授权漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00106 | WordPress Brands for WooCommerce Plugin SQL注入漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00105 | WordPress Bold Timeline Lite plugin跨站脚本漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00104 | WordPress AutomatorWP plugin SQL注入漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00103 | WordPress Astra Widgets plugin跨站脚本漏洞 | 2025-12-30 | 2026-01-04 |
| cnvd-2026-00012 | Microsoft Azure Cosmos DB欺骗漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00011 | Microsoft Azure Cognitive Service for Language权限提升漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00010 | Microsoft Edge (Chromium-based)欺骗漏洞(CNVD-2026-00010) | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00009 | WordPress插件MasterStudy LMS Pro信息泄露漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00008 | WordPress插件Follow My Blog Post息泄露漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00007 | Apache StreamPark安全绕过漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00006 | Apache Fineract信息泄露漏洞(CNVD-2026-00006) | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00005 | Apache Fineract信息泄露漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00004 | Apache Fineract安全绕过漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00003 | Apache Airflow信息泄露漏洞(CNVD-2026-00003) | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00002 | WordPress插件myCred信息泄露漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2026-00001 | WordPress插件Appointment Booking Calendar信息泄露漏洞 | 2025-12-25 | 2026-01-04 |
| cnvd-2025-31388 | Apache StreamPark弱算法漏洞 | 2025-12-25 | 2025-12-25 |
| cnvd-2025-31387 | Apache HugeGraph-Server反序列化漏洞 | 2025-12-25 | 2025-12-25 |
| cnvd-2025-31336 | WordPress Hide Email Address plugin跨站脚本漏洞 | 2025-12-22 | 2025-12-24 |
| cnvd-2025-31335 | WordPress HelloLeads CRM Form Shortcode plugin缺少授权漏洞 | 2025-12-22 | 2025-12-24 |
| cnvd-2025-31334 | WordPress Header Footer Script Adder plugin跨站脚本漏洞 | 2025-12-22 | 2025-12-25 |
| cnvd-2025-31333 | WordPress Grider for Elementor plugin缺少授权漏洞 | 2025-12-22 | 2025-12-25 |
| cnvd-2025-31332 | WordPress GPXpress plugin跨站脚本漏洞 | 2025-12-22 | 2025-12-25 |
| cnvd-2025-31331 | WordPress FX Currency Converter plugin跨站脚本漏洞 | 2025-12-22 | 2025-12-25 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0061 | Multiples vulnérabilités dans les produits IBM | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0060 | Vulnérabilité dans Apache Struts | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0059 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0058 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0057 | Multiples vulnérabilités dans le noyau Linux de Debian LTS | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0056 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0055 | Multiples vulnérabilités dans GLPI | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0054 | Multiples vulnérabilités dans Centreon Infra Monitoring | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0053 | Vulnérabilité dans Traefik | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0052 | Multiples vulnérabilités dans Mattermost Server | 2026-01-16T00:00:00.000000 | 2026-01-16T00:00:00.000000 |
| certfr-2026-avi-0051 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0050 | Multiples vulnérabilités dans les produits Juniper Networks | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0049 | Multiples vulnérabilités dans les produits Palo Alto Networks | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0048 | Multiples vulnérabilités dans Wireshark | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0047 | Vulnérabilité dans F5 NGINX Ingress Controller | 2026-01-15T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0046 | Multiples vulnérabilités dans les produits Microsoft | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0045 | Multiples vulnérabilités dans Microsoft Azure | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0044 | Multiples vulnérabilités dans Microsoft Windows | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0043 | Multiples vulnérabilités dans Microsoft Office | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0042 | Multiples vulnérabilités dans les produits HPE Aruba Networking | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0041 | Multiples vulnérabilités dans les produits Elastic | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0040 | Multiples vulnérabilités dans Google Chrome | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0039 | Multiples vulnérabilités dans Node.js | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0038 | Multiples vulnérabilités dans les produits Mozilla | 2026-01-14T00:00:00.000000 | 2026-01-15T00:00:00.000000 |
| certfr-2026-avi-0037 | Multiples vulnérabilités dans Typo3 | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0036 | Multiples vulnérabilités dans Suricata | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0035 | Multiples vulnérabilités dans les produits Fortinet | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0034 | Multiples vulnérabilités dans les produits SAP | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0033 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| certfr-2026-avi-0032 | Multiples vulnérabilités dans les produits Siemens | 2026-01-14T00:00:00.000000 | 2026-01-14T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2025-ale-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2025-12-08T00:00:00.000000 |
| CERTFR-2025-ALE-014 | [MàJ] Vulnérabilité dans React Server Components | 2025-12-05T00:00:00.000000 | 2025-12-08T00:00:00.000000 |
| certfr-2025-ale-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| CERTFR-2025-ALE-013 | [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-ale-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-ALE-012 | Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| CERTFR-2025-ALE-011 | Incidents de sécurité dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| CERTFR-2025-ALE-010 | [MàJ] Multiples vulnérabilités dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| CERTFR-2025-ALE-009 | Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| CERTFR-2025-ALE-008 | [MàJ] Vulnérabilité dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-007 | Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-006 | Vulnérabilité dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| CERTFR-2025-ALE-002 | [MàJ] Vulnérabilité dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| certfr-2025-ale-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-005 | Vulnérabilité dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| CERTFR-2025-ALE-004 | Activités de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| CERTFR-2025-ALE-003 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2024-ale-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| CERTFR-2024-ALE-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| CERTFR-2025-ALE-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2026-0001 |
N/A
|
Bundle reference to gpg.fail |
gnupg |
gnupg |
2026-01-02T10:20:00.000Z | 2026-01-02T13:31:14.359346Z |
| GCVE-1-2025-0041 |
6.4 (4.0)
|
[online services] Reflected Cross-Site Scripting (XSS)… |
typo3 |
typo3 |
2025-12-19T14:25:00.000Z | 2025-12-19T14:54:51.594645Z |
| GCVE-1-2025-0040 |
7.2 (4.0)
|
A cross-site scripting (XSS) vulnerability was id… |
misp |
misp |
2025-12-13T08:44:32.378924Z | 2025-12-13T08:44:32.378924Z |
| GCVE-1-2025-0039 |
8.5 (4.0)
|
XSS Reintroduced in MISP Dashboard World Map Widget Du… |
misp |
misp |
2025-12-10T14:33:52.856734Z | 2025-12-10T14:33:52.856734Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Ad… |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |
| GCVE-1-2025-0037 |
7 (4.0)
|
Reflected XSS in MISP Dashboard Widgets via Unescaped … |
misp |
misp |
2025-12-10T14:01:03.200804Z | 2025-12-10T14:01:03.200804Z |
| GCVE-1-2025-0036 |
8.3 (4.0)
|
A reflected cross-site scripting (XSS) vulnerability w… |
misp |
misp |
2025-12-10T13:46:07.170083Z | 2025-12-10T13:46:07.170083Z |
| GCVE-1-2025-0035 |
8.3 (4.0)
|
Insufficient sanitization of bundle metadata (availabl… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:25:00.000Z | 2025-12-08T12:14:06.307298Z |
| GCVE-1-2025-0034 |
7 (4.0)
|
Missing CSRF protection on state-changing endpoints in… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:19:00.000Z | 2025-12-08T12:13:24.197294Z |
| GCVE-1-2025-0033 |
8.1 (4.0)
|
Vulnerability-lookup did not track or limit failed One… |
CIRCL |
vulnerability-lookup |
2025-12-08T10:11:00.000Z | 2025-12-08T12:12:53.235996Z |
| GCVE-1-2025-0032 |
10 (4.0)
|
The default configuration of WatchGuard Firebox device… |
watchguard |
firebox |
2025-12-03T16:25:00.000Z | 2025-12-19T13:48:34.570799Z |
| GCVE-1-2025-0031 |
7.1 (4.0)
|
A cross-site scripting (XSS) vulnerability was identif… |
misp |
misp |
2025-12-03T10:58:00.000Z | 2025-12-16T09:36:09.594750Z |
| GCVE-1-2025-0030 |
6.2 (4.0)
|
A cross-site scripting (XSS) vulnerability in the MISP… |
misp |
misp |
2025-12-03T10:53:00.000Z | 2025-12-03T10:58:55.845341Z |
| GCVE-1-2025-0029 |
6.3 (4.0)
|
Reflected cross-site scripting (XSS) vulnerabilities i… |
misp |
misp |
2025-11-27T12:41:00.000Z | 2025-11-27T12:48:51.085860Z |
| GCVE-1-2025-0028 |
8.5 (4.0)
|
Information leakage vulnerability in the MISP Feed con… |
misp |
misp |
2025-11-27T07:23:00.000Z | 2025-12-02T08:51:35.429494Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |
| GCVE-1-2025-0025 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:27:00.000Z | 2025-12-02T08:50:18.897756Z |
| GCVE-1-2025-0024 |
9.4 (4.0)
|
cross-site scripting (XSS) vulnerability in the MISP s… |
misp |
misp |
2025-11-26T16:14:00.000Z | 2025-12-02T08:50:01.482327Z |
| GCVE-1-2025-0023 |
9.4 (4.0)
|
XSS in MISP server comparison tool |
misp |
misp |
2025-11-26T16:10:00.000Z | 2025-12-02T08:49:24.626168Z |
| GCVE-1-2025-0022 |
9.4 (4.0)
|
Clarified setting's impact on download_attachments_on_load |
misp |
misp |
2025-11-26T16:04:00.000Z | 2025-12-02T08:49:04.510294Z |
| GCVE-1-2025-0021 |
9.4 (4.0)
|
XSS in MISP ReST client in HTML view |
misp |
misp |
2025-11-26T15:55:00.000Z | 2025-12-02T08:48:41.869838Z |
| GCVE-1-2025-0020 |
9.4 (4.0)
|
cross-site scripting (XSS) in Galaxy element JSON view |
misp |
misp |
2025-11-26T15:49:00.000Z | 2025-12-02T08:47:41.151429Z |
| GCVE-1-2025-0019 |
4 (4.0)
|
Path traversal vulnerability in EventReport for site-admin |
misp |
misp |
2025-11-26T14:47:00.000Z | 2025-11-28T07:27:42.721350Z |
| GCVE-1-2025-0018 |
9.4 (4.0)
|
HTML injection issue was identified in Lookyloo’s web … |
lookyloo |
lookyloo |
2025-11-18T15:33:00.000Z | 2025-11-18T20:39:45.579295Z |
| GCVE-1-2025-0017 |
9.4 (4.0)
|
Privilege escalation in Cerebrate allows an authentica… |
cerebrate |
cerebrate |
2025-11-12T08:15:00.000Z | 2025-11-28T07:22:08.205835Z |
| GCVE-1-2025-0016 |
6 (4.0)
|
Local file inclusion in [ImportFromUrl() URL hand… |
misp |
misp |
2025-11-04T09:20:00.000Z | 2025-11-04T09:56:38.383646Z |
| GCVE-1-2025-0015 |
9 (4.0)
|
Potential XSS in decaying simulation tool |
misp |
misp |
2025-11-04T09:06:00.000Z | 2025-11-04T09:06:59.216121Z |
| GCVE-1-2025-0014 |
9.4 (4.0)
|
XSS in event report via Mermaid diagram |
misp |
misp |
2025-11-04T08:58:00.024516Z | 2025-11-04T08:58:00.024516Z |