Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0655 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2001-12-09T10:00:00.000Z |
| CVE-1999-0621 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NETBIOS is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2002-02-02T10:00:00.000Z |
| CVE-2001-1167 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candidate is a duplicate of CVE-2001-0976. Notes: CVE-2001-0976 should be used instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2002-03-15T05:00:00.000Z | 2002-03-22T10:00:00.000Z |
| CVE-1999-0615 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SNMP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2002-05-09T09:00:00.000Z |
| CVE-2002-1261 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1292. Reason: This candidate is a reservation duplicate of CVE-2002-1292. Notes: All CVE users should reference CVE-2002-1292 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2002-12-17T05:00:00.000Z | 2002-12-18T10:00:00.000Z |
| CVE-2002-1404 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1348. Reason: This candidate is a reservation duplicate of CVE-2002-1348. Notes: All CVE users should reference CVE-2002-1348 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2003-02-05T05:00:00.000Z | 2003-02-11T10:00:00.000Z |
| CVE-2002-1234 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0180. Reason: This candidate is a an out-of-band assignment duplicate of CVE-2002-0180. Notes: All CVE users should reference CVE-2002-0180 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2002-10-25T04:00:00.000Z | 2003-02-26T10:00:00.000Z |
| CVE-1999-0614 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The FTP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0616 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The TFTP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0617 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SMTP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0619 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The Telnet service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0620 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NIS is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0622 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to DNS service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0623 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X Windows service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0631 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The NFS service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0633 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The HTTP/WWW service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0634 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SSH service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0642 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A POP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0643 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IMAP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0644 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The NNTP news service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0645 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IRC service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0646 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The LDAP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0648 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X25 service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0658 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "DCOM is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0659 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0660 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. It might be more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0647 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The bootparam (bootparamd) service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-05-08T09:00:00.000Z |
| CVE-2003-0582 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0504. Reason: This candidate is a duplicate of CVE-2003-0504. Notes: All CVE users should reference CVE-2003-0504 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2003-07-25T04:00:00.000Z | 2003-07-25T09:00:00.000Z |
| CVE-2003-0090 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2003-11-18T05:00:00.000Z | 2003-11-21T10:00:00.000Z |
| CVE-2002-0841 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0842. Reason: This candidate is a duplicate of CVE-2002-0842. The duplicate assignment was made before public disclosure. Notes: none | N/A | N/A | 2003-02-21T05:00:00.000Z | 2004-01-26T10:00:00.000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-1999-0020 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-02-04T00:00:00.000Z |
| CVE-1999-0110 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candidate's original description had a typo that delayed it from being detected as a duplicate of CVE-1999-0315. Notes: All CVE users should reference CVE-1999-0315 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-02-04T00:00:00.000Z |
| CVE-1999-0187 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candidate is a duplicate of CVE-1999-0022. Notes: All CVE users should reference CVE-1999-0022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-02-04T00:00:00.000Z |
| CVE-1999-0282 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reason: This candidate combined references from one issue with the description from another issue. Notes: Users should consult CVE-1999-1584 and CVE-1999-1586 to obtain the appropriate name. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-08-30T00:00:00.000Z |
| CVE-1999-0335 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidate is a duplicate of CVE-1999-0032. Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | N/A | N/A | 1999-09-29T04:00:00.000Z | 2022-08-17T02:55:29.000Z |
| CVE-1999-0531 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-11-02T10:00:00.000Z |
| CVE-1999-0614 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The FTP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0615 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SNMP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2002-05-09T09:00:00.000Z |
| CVE-1999-0616 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The TFTP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0617 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SMTP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0619 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The Telnet service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0620 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NIS is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0621 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to NETBIOS is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2002-02-02T10:00:00.000Z |
| CVE-1999-0622 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A component service related to DNS service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0623 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X Windows service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0631 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The NFS service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0633 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The HTTP/WWW service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0634 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The SSH service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0642 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A POP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0643 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IMAP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0644 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The NNTP news service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0645 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The IRC service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0646 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The LDAP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0647 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The bootparam (bootparamd) service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-05-08T09:00:00.000Z |
| CVE-1999-0648 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The X25 service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0649 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "The FSP service is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-11-02T10:00:00.000Z |
| CVE-1999-0652 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A database service is running, e.g. a SQL server, Oracle, or mySQL. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2005-11-02T10:00:00.000Z |
| CVE-1999-0655 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. Notes: the former description is: "A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2001-12-09T10:00:00.000Z |
| CVE-1999-0658 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "DCOM is running. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| CVE-1999-0659 |
N/A
|
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: "A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present. | N/A | N/A | 2000-02-04T05:00:00.000Z | 2003-03-21T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-1999-0020 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candid… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:53.530 |
| fkie_cve-1999-0110 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0315. Reason: This candid… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:55.093 |
| fkie_cve-1999-0187 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0022. Reason: This candid… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:55.743 |
| fkie_cve-1999-0282 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1584, CVE-1999-1586. Reas… | 1997-09-23T04:00:00.000 | 2023-11-07T01:54:56.640 |
| fkie_cve-1999-0335 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-0032. Reason: This candidat… | 1996-08-01T04:00:00.000 | 2023-11-07T01:54:57.050 |
| fkie_cve-1999-0531 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:58.853 |
| fkie_cve-1999-0614 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.310 |
| fkie_cve-1999-0615 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.343 |
| fkie_cve-1999-0616 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.373 |
| fkie_cve-1999-0617 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.410 |
| fkie_cve-1999-0619 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.450 |
| fkie_cve-1999-0620 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.480 |
| fkie_cve-1999-0621 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.540 |
| fkie_cve-1999-0622 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.607 |
| fkie_cve-1999-0623 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.640 |
| fkie_cve-1999-0631 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.713 |
| fkie_cve-1999-0633 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.750 |
| fkie_cve-1999-0634 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.870 |
| fkie_cve-1999-0642 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:54:59.973 |
| fkie_cve-1999-0643 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.010 |
| fkie_cve-1999-0644 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.043 |
| fkie_cve-1999-0645 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.070 |
| fkie_cve-1999-0646 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.103 |
| fkie_cve-1999-0647 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.137 |
| fkie_cve-1999-0648 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.170 |
| fkie_cve-1999-0649 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.207 |
| fkie_cve-1999-0652 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.253 |
| fkie_cve-1999-0655 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is no… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.307 |
| fkie_cve-1999-0658 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.370 |
| fkie_cve-1999-0659 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is so… | 1999-01-01T05:00:00.000 | 2023-11-07T01:55:00.407 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-89ch-hqf9-rgp3 |
|
Using JS libraries with known security vulnerabilities | 2019-11-12T22:59:28Z | 2019-11-15T20:11:29Z |
| ghsa-6r5x-hmgg-7h53 |
|
Remote code execution in Handlebars.js | 2019-07-15T19:46:01Z | 2019-12-20T02:08:50Z |
| ghsa-m5ff-3wj3-8ph4 |
|
HTTP Request Smuggling: Invalid whitespace characters in headers in Waitress | 2019-12-26T16:34:38Z | 2019-12-26T16:34:06Z |
| ghsa-f884-gm86-cg3q |
|
PrestaShop module ps_facetedsearch might be vulnerable from CVE-2017-9841 | 2020-01-07T17:20:47Z | 2020-01-07T17:20:13Z |
| ghsa-wqq8-mqj9-697f |
|
PrestaShop autoupgrade module ZIP archives were vulnerable from CVE-2017-9841 | 2020-01-08T03:10:30Z | 2020-01-08T03:06:57Z |
| ghsa-769f-539v-f5jg |
|
PrestaShop gamification module ZIP archives were vulnerable from CVE-2017-9841 | 2020-01-08T03:10:44Z | 2020-01-08T03:10:06Z |
| ghsa-9r27-994c-4xch |
|
discord-html not escaping HTML code blocks when lacking a language identifier | 2020-02-24T17:34:02Z | 2020-02-21T20:20:53Z |
| ghsa-p94w-42g3-f7h4 |
|
Holder can (re)create authentic credentials after receiving a credential in vp-toolkit | 2020-03-06T01:16:00Z | 2020-02-28T16:38:09Z |
| ghsa-ff5x-w9wg-h275 |
|
Holder can generate proof of ownership for credentials it does not control in vp-toolkit | 2020-03-06T01:15:46Z | 2020-02-28T16:38:18Z |
| ghsa-738m-f33v-qc2r |
|
SMTP Injection in PHPMailer | 2020-03-05T22:09:19Z | 2020-03-05T21:57:18Z |
| ghsa-mr6r-mvw4-736g |
|
Vyper interfaces returning integer types less than 256 bits can be manipulated if uint256 is used | 2020-03-25T18:20:19Z | 2020-03-25T18:19:55Z |
| ghsa-7fhm-mqm4-2wp7 |
|
Withdrawn: ESLint dependencies are vulnerable (ReDoS and Prototype Pollution) | 2020-03-13T20:36:16Z | 2020-04-03T21:54:52Z |
| ghsa-3gg7-9q2x-79fc |
|
Improper Restriction of Rendered UI Layers or Frames in Keycloak | 2020-04-15T21:09:40Z | 2020-04-15T21:07:13Z |
| ghsa-qmqc-x3r4-6v39 |
|
Polymorphic deserialization of malicious object in jackson-databind | 2020-05-15T18:59:07Z | 2020-04-22T20:58:45Z |
| ghsa-334p-wv2m-w3vp |
|
Denial of service in Apache Xerces2 | 2020-06-15T18:51:30Z | 2020-06-15T15:55:30Z |
| ghsa-wrr7-33fx-rcvj |
|
Deserialization of Untrusted Data in jackson-databind | 2020-06-15T18:44:56Z | 2020-06-16T20:41:59Z |
| ghsa-23v3-qfrj-wmgh |
|
Moderate severity vulnerability that affects actionpack | 2018-09-17T21:54:22Z | 2020-06-16T20:51:48Z |
| ghsa-4j6x-w426-6rc6 |
|
Default Express middleware security check is ignored in production | 2019-11-08T17:31:17Z | 2020-06-16T20:58:26Z |
| ghsa-568q-9fw5-28wf |
|
Moderate severity vulnerability that affects org.postgresql:pgjdbc-aggregate | 2018-10-19T16:53:33Z | 2020-06-16T21:00:08Z |
| ghsa-6cw8-7j6c-hccp |
|
Moderate severity vulnerability that affects io.vertx:vertx-core | 2018-10-19T17:43:36Z | 2020-06-16T21:18:56Z |
| ghsa-778x-2mqv-w6xw |
|
Moderate severity vulnerability that affects org.keycloak:keycloak-core | 2018-10-18T16:48:01Z | 2020-06-16T21:21:49Z |
| ghsa-959q-32g8-vvp7 |
|
Moderate severity vulnerability that affects org.keycloak:keycloak-core | 2018-10-18T16:50:05Z | 2020-06-16T21:27:40Z |
| ghsa-44vc-fpcg-5cc5 |
|
Moderate severity vulnerability that affects safemode | 2018-08-08T22:29:49Z | 2020-06-16T21:30:40Z |
| ghsa-ccq6-3qx5-vmqx |
|
Moderate severity vulnerability that affects is-my-json-valid | 2018-07-31T22:54:14Z | 2020-06-16T21:33:36Z |
| ghsa-9wv8-jgw4-4g28 |
|
High severity vulnerability that affects festivaltts4r | 2018-08-15T20:04:13Z | 2020-06-16T21:33:56Z |
| ghsa-3q5q-f79q-7hr2 |
|
High severity vulnerability that affects rubyzip | 2018-07-31T18:21:46Z | 2020-06-16T21:36:51Z |
| ghsa-77pc-q5q7-qg9h |
|
Moderate severity vulnerability that affects rails-html-sanitizer | 2018-09-17T21:58:30Z | 2020-06-16T21:37:28Z |
| ghsa-5xmj-wm96-fmw8 |
|
Moderate severity vulnerability that affects actionpack | 2018-09-17T21:54:37Z | 2020-06-16T21:38:53Z |
| ghsa-cwp3-834g-x79g |
|
Moderate severity vulnerability that affects archive-tar-minitar and minitar | 2018-08-21T17:07:36Z | 2020-06-16T21:39:02Z |
| ghsa-hhxm-4f85-rgr8 |
|
High severity vulnerability that affects many_versioned_gem | 2019-02-05T16:25:34Z | 2020-06-16T21:40:22Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2024-55 |
|
Malicious package. Exfiltrated secrets to a target server. | cipherbcrypt | 0001-01-01T00:00:00+00:00 | |
| pysec-2010-13 |
|
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inapprop… | moin | 2010-03-29T20:30:00Z | 2010-05-27T05:47:00Z |
| pysec-2010-20 |
|
Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 al… | pyftpdlib | 2010-10-19T20:00:00Z | 2010-10-20T04:00:00Z |
| pysec-2010-21 |
|
FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for … | pyftpdlib | 2010-10-19T20:00:00Z | 2010-10-20T04:00:00Z |
| pysec-2010-22 |
|
pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PA… | pyftpdlib | 2010-10-19T20:00:00Z | 2010-10-20T04:00:00Z |
| pysec-2010-23 |
|
FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of servi… | pyftpdlib | 2010-10-19T20:00:00Z | 2010-10-20T04:00:00Z |
| pysec-2010-24 |
|
The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number… | pyftpdlib | 2010-10-19T20:00:00Z | 2010-10-20T04:00:00Z |
| pysec-2010-25 |
|
The ftp_PORT function in FTPServer.py in pyftpdlib before 0.2.0 does not prevent TCP conn… | pyftpdlib | 2010-10-19T20:00:00Z | 2010-10-20T04:00:00Z |
| pysec-2009-6 |
|
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1… | moin | 2009-04-29T18:30:00Z | 2017-08-17T01:30:00Z |
| pysec-2019-113 |
|
CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP heade… | pypiserver | 2019-01-25T04:29:00Z | 2019-01-25T19:42:00Z |
| pysec-2019-122 |
|
Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixt… | sqla-yaml-fixtures | 2019-01-03T19:29:00Z | 2019-01-31T18:00:00Z |
| pysec-2019-7 |
|
www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of … | buildbot | 2019-02-03T08:29:00Z | 2019-02-06T21:48:00Z |
| pysec-2019-1 |
|
aioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vu… | aioxmpp | 2019-02-04T21:29:00Z | 2019-02-15T15:00:00Z |
| pysec-2019-139 |
|
An issue was discovered in webargs before 5.1.3, as used with marshmallow and other produ… | webargs | 2019-03-12T02:29:00Z | 2019-03-12T13:09:00Z |
| pysec-2019-21 |
|
An issue was discovered in Donfig 0.3.0. There is a vulnerability in the collect_yaml met… | donfig | 2019-03-21T20:29:00Z | 2019-03-26T14:13:00Z |
| pysec-2019-107 |
|
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0… | nnabla | 2019-04-04T05:29:00Z | 2019-04-05T20:09:00Z |
| pysec-2019-17 |
|
In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper… | django | 2019-01-09T23:29:00Z | 2019-04-23T13:11:00Z |
| pysec-2019-6 |
|
Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token f… | buildbot | 2019-05-23T15:30:00Z | 2019-06-07T18:29:00Z |
| pysec-2019-79 |
|
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2… | django | 2019-06-03T17:29:00Z | 2019-06-12T17:29:00Z |
| pysec-2019-132 |
|
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attac… | urllib3 | 2019-04-15T15:29:00Z | 2019-06-13T04:29:00Z |
| pysec-2019-109 |
|
** DISPUTED ** A deserialization vulnerability exists in the way parso through 0.4.0 hand… | parso | 2019-06-06T19:29:00Z | 2019-07-05T11:15:00Z |
| pysec-2019-20 |
|
verification.py in django-rest-registration (aka Django REST Registration library) before… | django-rest-registration | 2019-07-02T22:15:00Z | 2019-07-12T13:52:00Z |
| pysec-2019-26 |
|
invenio-previewer before 1.0.0a12 allows XSS. | invenio-previewer | 2019-07-29T14:15:00Z | 2019-07-31T19:44:00Z |
| pysec-2019-24 |
|
invenio-app before 1.1.1 allows host header injection. | invenio-app | 2019-07-29T15:15:00Z | 2019-08-01T16:12:00Z |
| pysec-2019-27 |
|
invenio-records before 1.2.2 allows XSS. | invenio-records | 2019-07-29T15:15:00Z | 2019-08-01T16:29:00Z |
| pysec-2019-25 |
|
invenio-communities before 1.0.0a20 allows XSS. | invenio-communities | 2019-07-29T15:15:00Z | 2019-08-01T16:59:00Z |
| pysec-2019-119 |
|
SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker c… | salt | 2019-07-18T17:15:00Z | 2019-08-13T18:15:00Z |
| pysec-2019-129 |
|
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verif… | twisted | 2019-06-16T12:29:00Z | 2019-08-14T03:15:00Z |
| pysec-2019-219 |
|
Recommender before 2018-07-18 allows XSS. | recommender-xblock | 2019-08-09T16:15:00Z | 2019-08-15T16:48:00Z |
| pysec-2019-19 |
|
django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_reverse_inline. | django-js-reverse | 2019-08-23T13:15:00Z | 2019-08-26T17:39:00Z |
| ID | Description | Updated |
|---|---|---|
| gsd-2007-0469 | The extract_files function in installer.rb in RubyGems before 0.9.1 does not check whethe… | 2007-01-22T00:00:00.000Z |
| gsd-2007-6183 | Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialo… | 2007-11-27T00:00:00.000Z |
| gsd-2008-7311 | Spree contains a hardcoded flaw related to the config.action_controller_session hash valu… | 2008-08-12T00:00:00.000Z |
| gsd-2008-7310 | Spree contains a hash restriction weakness that occurs when parsing a modified URL. This … | 2008-09-22T00:00:00.000Z |
| gsd-2009-4123 | A security problem involving peer certificate verification was found where failed verific… | 2009-12-07T00:00:00.000Z |
| gsd-2010-3978 | Spree contains a flaw that may lead to an unauthorized information disclosure. The issue … | 2010-11-02T00:00:00.000Z |
| gsd-2011-0739 | Mail Gem for Ruby contains a flaw related to the failure to properly sanitise input passe… | 2011-01-25T00:00:00.000Z |
| gsd-2011-3186 | A response splitting flaw in Ruby on Rails 2.3.x was reported that could allow a remote a… | 2011-08-16T00:00:00.000Z |
| gsd-2011-4319 | A cross-site scripting (XSS) flaw was found in the way the 'translate' helper method of t… | 2011-11-17T00:00:00.000Z |
| gsd-2011-5036 | Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for fo… | 2011-12-28T00:00:00.000Z |
| gsd-2012-6135 | Phusion Passenger Gem for Ruby contains a flaw that is triggered during application start… | 2012-02-01T00:00:00.000Z |
| gsd-2012-6684 | Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earli… | 2012-02-29T00:00:00.000Z |
| gsd-2012-1098 | Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x befo… | 2012-03-01T00:00:00.000Z |
| gsd-2012-1099 | Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_optio… | 2012-03-01T00:00:00.000Z |
| gsd-2012-2139 | Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb i… | 2012-03-14T00:00:00.000Z |
| gsd-2012-2140 | The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands … | 2012-03-14T00:00:00.000Z |
| gsd-2012-2126 | RubyGems before 1.8.23 does not verify an SSL certificate, which allows remote attackers … | 2012-04-20T00:00:00.000Z |
| gsd-2012-6109 | lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1… | 2012-05-04T00:00:00.000Z |
| gsd-2012-2660 | actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.0.13, 3.1.x befo… | 2012-05-31T00:00:00.000Z |
| gsd-2012-2661 | The Active Record component in Ruby on Rails 3.0.x before 3.0.13, 3.1.x before 3.1.5, and… | 2012-05-31T00:00:00.000Z |
| gsd-2012-2671 | Rack::Cache (rack-cache) contains a flaw related to the rubygem caching sensitive HTTP he… | 2012-06-06T00:00:00.000Z |
| gsd-2012-6685 | Nokogiri before 1.5.4 is vulnerable to XXE attacks | 2012-06-08T00:00:00.000Z |
| gsd-2012-3424 | The decode_credentials method in actionpack/lib/action_controller/metal/http_authenticati… | 2012-07-26T00:00:00.000Z |
| gsd-2012-3463 | Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_h… | 2012-08-09T00:00:00.000Z |
| gsd-2012-3464 | Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/str… | 2012-08-09T00:00:00.000Z |
| gsd-2012-3465 | Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_h… | 2012-08-09T00:00:00.000Z |
| gsd-2012-6134 | The omniauth-oauth2 Ruby Gem contains a flaw that allows an attacker to inject values int… | 2012-09-08T00:00:00.000Z |
| gsd-2012-2125 | RubyGems before 1.8.23 can redirect HTTPS connections to HTTP, which makes it easier for … | 2012-09-25T00:00:00.000Z |
| gsd-2012-5604 | The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directo… | 2012-12-04T00:00:00.000Z |
| gsd-2013-0284 | A bug in the Ruby agent causes database connection information and raw SQL statements to … | 2012-12-06T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| MAL-2022-5108 | Malicious code in opsie (npm) | 2022-05-09T21:16:00Z | 2022-05-09T21:16:01Z |
| mal-2022-5108 | Malicious code in opsie (npm) | 2022-05-09T21:16:00Z | 2022-05-09T21:16:01Z |
| MAL-2022-4049 | Malicious code in jquerry (npm) | 2022-05-11T16:45:06Z | 2022-05-11T16:45:07Z |
| mal-2022-4049 | Malicious code in jquerry (npm) | 2022-05-11T16:45:06Z | 2022-05-11T16:45:07Z |
| MAL-2022-5303 | Malicious code in personal-colorss (npm) | 2022-05-13T17:03:32Z | 2022-05-13T17:03:32Z |
| mal-2022-5303 | Malicious code in personal-colorss (npm) | 2022-05-13T17:03:32Z | 2022-05-13T17:03:32Z |
| MAL-2022-2819 | Malicious code in eslint-plugin-kavak (npm) | 2022-05-16T06:20:33Z | 2022-05-16T06:20:34Z |
| mal-2022-2819 | Malicious code in eslint-plugin-kavak (npm) | 2022-05-16T06:20:33Z | 2022-05-16T06:20:34Z |
| MAL-2022-4341 | Malicious code in loadassh (npm) | 2022-05-16T06:22:48Z | 2022-05-16T06:22:56Z |
| MAL-2022-4342 | Malicious code in loaddash (npm) | 2022-05-16T06:22:48Z | 2022-05-16T06:22:56Z |
| mal-2022-4341 | Malicious code in loadassh (npm) | 2022-05-16T06:22:48Z | 2022-05-16T06:22:56Z |
| mal-2022-4342 | Malicious code in loaddash (npm) | 2022-05-16T06:22:48Z | 2022-05-16T06:22:56Z |
| MAL-2022-5239 | Malicious code in payoneer-scripts (npm) | 2022-05-16T06:25:04Z | 2022-05-16T06:25:34Z |
| mal-2022-5239 | Malicious code in payoneer-scripts (npm) | 2022-05-16T06:25:04Z | 2022-05-16T06:25:34Z |
| MAL-2022-3359 | Malicious code in gfg-security-utilities (npm) | 2022-05-16T06:27:19Z | 2022-05-16T06:27:20Z |
| mal-2022-3359 | Malicious code in gfg-security-utilities (npm) | 2022-05-16T06:27:19Z | 2022-05-16T06:27:20Z |
| MAL-2022-6234 | Malicious code in speedy-ts-compiler (npm) | 2022-05-16T06:37:16Z | 2022-05-16T06:37:16Z |
| mal-2022-6234 | Malicious code in speedy-ts-compiler (npm) | 2022-05-16T06:37:16Z | 2022-05-16T06:37:16Z |
| MAL-2022-2100 | Malicious code in com.unity.probuilder (npm) | 2022-05-16T06:45:14Z | 2022-05-16T06:45:15Z |
| MAL-2022-2101 | Malicious code in com.unity.render-pipelines.high-definition-config (npm) | 2022-05-16T06:45:15Z | 2022-05-16T06:45:15Z |
| MAL-2022-2103 | Malicious code in com.unity.searcher (npm) | 2022-05-16T06:45:14Z | 2022-05-16T06:45:15Z |
| mal-2022-2100 | Malicious code in com.unity.probuilder (npm) | 2022-05-16T06:45:14Z | 2022-05-16T06:45:15Z |
| mal-2022-2101 | Malicious code in com.unity.render-pipelines.high-definition-config (npm) | 2022-05-16T06:45:15Z | 2022-05-16T06:45:15Z |
| mal-2022-2103 | Malicious code in com.unity.searcher (npm) | 2022-05-16T06:45:14Z | 2022-05-16T06:45:15Z |
| MAL-2022-4945 | Malicious code in npm_test_nothing (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| MAL-2022-6722 | Malicious code in ual-content-page (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| MAL-2022-7288 | Malicious code in xo-locale (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| mal-2022-4945 | Malicious code in npm_test_nothing (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| mal-2022-6722 | Malicious code in ual-content-page (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| mal-2022-7288 | Malicious code in xo-locale (npm) | 2022-05-16T06:46:03Z | 2022-05-16T06:46:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 3adr011377 | AC500 V3 Multiple vulnerabilities | 2025-01-07T00:30:00.000Z | 2025-01-07T00:30:00.000Z |
| 9akk108470a5466 | Drive Composer Path Traversal Vulnerability | 2025-02-05T00:30:00.000Z | 2025-01-10T00:30:00.000Z |
| sa25p001 | Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates | 2025-01-15T00:30:00.000Z | 2025-01-16T00:30:00.000Z |
| 9akk108470a6775 | Hardcoded credentials in ASPECT Energy Management System | 2025-02-05T00:30:00.000Z | 2025-02-06T00:30:00.000Z |
| 7paa012159 | System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text | 2025-02-10T00:30:00.000Z | 2025-02-10T00:30:00.000Z |
| 9akk108470a5684 | FLXeon Controllers Cyber Security Advisory | 2025-01-20T00:30:00.000Z | 2025-02-14T00:30:00.000Z |
| 9akk108470a8565 | RMC-100 Vulnerability in the Web UI (REST Interface) | 2025-03-11T00:30:00.000Z | 2025-03-11T00:30:00.000Z |
| sa24p015 | B&R APROL Potential Privilege Escalation and Information Disclosure | 2025-03-24T00:30:00.000Z | 2025-03-24T00:30:00.000Z |
| 9akk108470a9491 | ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| 9akk108470a9494 | Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| 2nga002427 | ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 2nga002579 | ABB Arctic communication solution ARM600 Vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 9akk108470a9989 | ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities | 2025-04-10T08:30:00.000Z | 2025-04-10T08:30:00.000Z |
| 2crt000007 | Ekip Com IEC61850 Vulnerability in 3rd Party Library | 2025-04-29T00:30:00.000Z | 2025-04-29T00:30:00.000Z |
| 2crt000006 | ANC – ABB Network Card Multiple vulnerabilities in ANC | 2025-04-30T00:30:00.000Z | 2025-04-30T00:30:00.000Z |
| 9akk108471a0021 | ELSB/BLBA ASPECT advisory several CVEs | 2025-05-22T00:30:00.000Z | 2025-05-23T10:30:00.000Z |
| 9akk108471a1621 | EIBPORT Session Management Fail | 2025-06-02T00:30:00.000Z | 2025-06-04T00:30:00.000Z |
| 9akk108470a8948 | ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. | 2025-05-29T00:30:00.000Z | 2025-06-05T00:30:00.000Z |
| 2crt000008 | Lite Panel Pro Vulnerability in Session Management | 2025-06-26T00:30:00.000Z | 2025-06-26T00:30:00.000Z |
| 9akk108471a4556 | Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode. | 2025-07-21T00:30:00.000Z | 2025-07-21T00:30:00.000Z |
| 3adr011432 | AC500 V2 Buffer overread on Modbus protocol | 2025-07-23T00:30:00.000Z | 2025-07-23T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| 2nga002743 | ABB AbilityTM zenon Remote Transport Vulnerability | 2025-08-12T00:30:00.000Z | 2025-08-12T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bsi-2022-0001 | CVRF-CSAF-Converter: XML External Entities Vulnerability | 2022-03-17T13:03:42.105Z | 2022-07-14T08:20:40.872Z |
| bsi-2022-0002 | Stack Buffer Overflow vulnerability in FastStone Image Viewer 7.5 and earlier | 2022-08-01T10:00:00.000Z | 2022-08-01T10:00:00.000Z |
| bsi-2022-0005 | Multiple Vulnerabilities in GE MS 3000 | 2022-11-02T21:00:00.000Z | 2022-11-02T21:00:00.000Z |
| bsi-2022-0003 | Stored Cross-Site Scripting (XSS) Vulnerability in csaf_provider | 2022-11-04T15:00:00.000Z | 2022-11-04T15:00:00.000Z |
| wid-sec-w-2022-1714 | Samba: Mehrere Schwachstellen ermöglichen Denial of Service | 2021-10-05T22:00:00.000+00:00 | 2022-11-27T23:00:00.000+00:00 |
| wid-sec-w-2022-2051 | Samba: Mehrere Schwachstellen | 2019-12-09T23:00:00.000+00:00 | 2022-11-27T23:00:00.000+00:00 |
| wid-sec-w-2022-2154 | Mattermost: Mehrere Schwachstellen ermöglichen Denial of Service | 2022-11-22T23:00:00.000+00:00 | 2022-11-27T23:00:00.000+00:00 |
| wid-sec-w-2022-2178 | Red Hat OpenShift: Schwachstelle ermöglicht Darstellen falscher Informationen | 2022-11-27T23:00:00.000+00:00 | 2022-11-27T23:00:00.000+00:00 |
| wid-sec-w-2022-0198 | Varnish HTTP Cache: Schwachstelle ermöglicht Offenlegung von Informationen und Cache Poisoning | 2022-01-25T23:00:00.000+00:00 | 2022-11-28T23:00:00.000+00:00 |
| wid-sec-w-2022-1640 | Red Hat Enterprise Linux (exiv2): Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2021-08-15T22:00:00.000+00:00 | 2022-11-28T23:00:00.000+00:00 |
| wid-sec-w-2022-1794 | Xen: Schwachstelle ermöglicht Offenlegung von Informationen | 2021-05-04T22:00:00.000+00:00 | 2022-11-28T23:00:00.000+00:00 |
| wid-sec-w-2022-2030 | BusyBox: Schwachstelle ermöglicht Offenlegung von Informationen | 2019-01-09T23:00:00.000+00:00 | 2022-11-28T23:00:00.000+00:00 |
| wid-sec-w-2022-2174 | Google Chrome / Microsoft Edge: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2022-11-24T23:00:00.000+00:00 | 2022-11-28T23:00:00.000+00:00 |
| wid-sec-w-2022-0920 | GnuTLS: Schwachstelle ermöglicht Denial of Service | 2022-03-02T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-1109 | binutils: Schwachstelle ermöglicht Denial of Service | 2021-05-03T22:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-1946 | gcc: Schwachstelle ermöglicht Denial of Service | 2022-03-27T22:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2046 | gcc: Schwachstelle ermöglicht Denial of Service | 2022-01-26T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2138 | binutils: Schwachstelle ermöglicht Denial of Service | 2021-07-14T22:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2155 | Aruba EdgeConnect: Mehrere Schwachstellen | 2022-11-22T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2196 | VMware Tools: Schwachstelle ermöglicht Denial of Service | 2022-11-29T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2199 | Keycloak: Schwachstelle ermöglicht Cross-Site Scripting | 2022-11-29T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-2200 | Trellix Agent: Schwachstelle ermöglicht Privilegieneskalation | 2022-11-29T23:00:00.000+00:00 | 2022-11-29T23:00:00.000+00:00 |
| wid-sec-w-2022-0551 | Kyocera Drucker: Mehrere Schwachstellen | 2022-07-03T22:00:00.000+00:00 | 2022-11-30T23:00:00.000+00:00 |
| wid-sec-w-2022-0735 | Oracle MySQL: Mehrere Schwachstellen | 2022-07-19T22:00:00.000+00:00 | 2022-11-30T23:00:00.000+00:00 |
| wid-sec-w-2022-2204 | Grafana: Schwachstelle ermöglicht Offenlegung von Informationen | 2022-11-30T23:00:00.000+00:00 | 2022-11-30T23:00:00.000+00:00 |
| wid-sec-w-2022-2206 | Drupal: Mehrere Schwachstellen ermöglichen das Umgehen von Sicherheitsvorkehrungen | 2022-11-30T23:00:00.000+00:00 | 2022-11-30T23:00:00.000+00:00 |
| wid-sec-w-2022-2209 | Microsoft GitHub Enterprise: Mehrere Schwachstellen | 2022-11-30T23:00:00.000+00:00 | 2022-11-30T23:00:00.000+00:00 |
| wid-sec-w-2022-2212 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2022-12-01T23:00:00.000+00:00 | 2022-12-01T23:00:00.000+00:00 |
| wid-sec-w-2022-2213 | MISP: Mehrere Schwachstellen ermöglichen Manipulation von Dateien | 2022-12-01T23:00:00.000+00:00 | 2022-12-01T23:00:00.000+00:00 |
| wid-sec-w-2022-2215 | D-LINK Router: Schwachstelle ermöglicht Denial of Service | 2022-12-01T23:00:00.000+00:00 | 2022-12-01T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-17-012-01 | Advantech WebAccess | 2017-01-12T00:00:00.000000Z | 2017-01-12T00:00:00.000000Z |
| icsa-17-012-02 | VideoInsight Web Client | 2017-01-12T00:00:00.000000Z | 2017-01-12T00:00:00.000000Z |
| icsa-17-012-03 | Carlo Gavazzi VMU-C EM and VMU-C PV | 2017-01-12T00:00:00.000000Z | 2017-01-12T00:00:00.000000Z |
| icsa-17-017-01 | PHOENIX CONTACT mGuard | 2017-01-17T00:00:00.000000Z | 2017-01-17T00:00:00.000000Z |
| icsa-17-024-01 | Schneider Electric Wonderware Historian | 2017-01-24T00:00:00.000000Z | 2017-01-24T00:00:00.000000Z |
| icsa-17-026-01 | Eaton ePDU Path Traversal Vulnerability | 2017-01-26T00:00:00.000000Z | 2017-01-26T00:00:00.000000Z |
| icsa-17-031-02 | Ecava IntegraXor | 2017-01-31T00:00:00.000000Z | 2017-01-31T00:00:00.000000Z |
| icsa-17-033-01 | Honeywell XL Web II Controller Vulnerabilities | 2017-02-02T00:00:00.000000Z | 2017-02-02T00:00:00.000000Z |
| icsma-17-009-01a | ICSMA-17-009-01A_St. Jude Merlin@home Transmitter Vulnerability (Update A) | 2017-01-09T00:00:00.000000Z | 2017-02-06T00:00:00.000000Z |
| icsa-17-031-01a | BINOM3 Electric Power Quality Meter (Update A) | 2017-01-31T00:00:00.000000Z | 2017-02-07T00:00:00.000000Z |
| icsa-17-038-01 | ICSA-17-038-01_Sielco Sistemi Winlog SCADA Software | 2017-02-07T00:00:00.000000Z | 2017-02-07T00:00:00.000000Z |
| icsma-17-017-01 | ICSMA-17-017-01_BD Alaris 8000 Insufficiently Protected Credentials Vulnerability | 2017-01-17T00:00:00.000000Z | 2017-02-07T00:00:00.000000Z |
| icsa-17-040-01 | Hanwha Techwin Smart Security Manager | 2017-02-09T00:00:00.000000Z | 2017-02-09T00:00:00.000000Z |
| icsa-17-045-01 | Advantech WebAccess | 2017-02-14T00:00:00.000000Z | 2017-02-14T00:00:00.000000Z |
| icsa-17-045-02 | Geutebrück IP Cameras | 2017-02-14T00:00:00.000000Z | 2017-02-14T00:00:00.000000Z |
| icsa-17-054-01 | VIPA Controls WinPLC7 | 2017-02-23T00:00:00.000000Z | 2017-02-23T00:00:00.000000Z |
| icsa-17-054-02 | Red Lion Controls Sixnet-Managed Industrial Switches, AutomationDirect STRIDE-Managed Ethernet Switches Vulnerability | 2017-02-23T00:00:00.000000Z | 2017-02-23T00:00:00.000000Z |
| icsa-17-059-01 | Siemens RUGGEDCOM NMS | 2017-02-28T00:00:00.000000Z | 2017-02-28T00:00:00.000000Z |
| icsa-17-061-01 | ICSA-17-061-01_Eaton xComfort Ethernet Communication Interface | 2017-03-02T00:00:00.000000Z | 2017-03-02T00:00:00.000000Z |
| icsa-17-061-02 | Schneider Electric Conext ComBox | 2017-03-02T00:00:00.000000Z | 2017-03-02T00:00:00.000000Z |
| icsa-17-061-03 | Siemens SINUMERIK Integrate and SINUMERIK Operate | 2017-03-02T00:00:00.000000Z | 2017-03-02T00:00:00.000000Z |
| icsa-17-066-01 | ICSA-17-066-01_Schneider Electric Wonderware Intelligence | 2017-03-07T00:00:00.000000Z | 2017-03-07T00:00:00.000000Z |
| icsa-17-068-01 | Schneider Electric ClearSCADA | 2017-03-09T00:00:00.000000Z | 2017-03-09T00:00:00.000000Z |
| icsa-17-073-01 | FATEK Automation PLC Ethernet Module | 2017-03-14T00:00:00.000000Z | 2017-03-14T00:00:00.000000Z |
| icsa-17-075-01 | LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA | 2017-03-16T00:00:00.000000Z | 2017-03-16T00:00:00.000000Z |
| icsa-17-047-01 | Rockwell Automation Connected Components Workbench | 2017-02-16T00:00:00.000000Z | 2017-03-21T00:00:00.000000Z |
| icsa-17-047-02 | Rockwell Automation FactoryTalk Activation | 2017-02-16T00:00:00.000000Z | 2017-03-21T00:00:00.000000Z |
| icsa-17-082-01 | LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA | 2017-03-23T00:00:00.000000Z | 2017-03-23T00:00:00.000000Z |
| icsma-17-082-01 | ICSMA-17-082-01_BD Kiestra PerformA and KLA Journal Service Applications Hard-Coded Passwords Vulnerability | 2017-03-23T00:00:00.000000Z | 2017-03-23T00:00:00.000000Z |
| icsa-17-087-01 | Siemens RUGGEDCOM ROX I | 2017-03-28T00:00:00.000000Z | 2017-03-28T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-20170320-ani | Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Registrar Denial of Service Vulnerability | 2017-03-20T16:00:00+00:00 | 2017-03-20T16:00:00+00:00 |
| cisco-sa-20170320-aniipv6 | Cisco IOS and IOS XE Software IPv6 Denial of Service Vulnerability | 2017-03-20T16:00:00+00:00 | 2017-03-20T16:00:00+00:00 |
| cisco-sa-20170322-dhcpc | Cisco IOS and IOS XE Software DHCP Client Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-l2tp | Cisco IOS and IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-webui | Cisco IOS XE Software Web User Interface Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-xeci | Cisco IOS XE Software HTTP Command Injection Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170322-ztp | Cisco IOS XE Software for Cisco ASR 920 Series Routers Zero Touch Provisioning Denial of Service Vulnerability | 2017-03-22T16:00:00+00:00 | 2017-03-22T16:00:00+00:00 |
| cisco-sa-20170621-piwf | Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerability | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170621-piwf1 | Cisco Prime Infrastructure Web Framework Code Cross-Site Scripting Vulnerabilities | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170621-ucce | Cisco Unified Contact Center Express Clear Text Authentication Vulnerability | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170621-waas | Cisco Wide Area Application Services TCP Fragment Denial of Service Vulnerability | 2017-06-21T16:00:00+00:00 | 2017-06-21T16:00:00+00:00 |
| cisco-sa-20170705-ios | Cisco IOS XR Software Incorrect Permissions Privilege Escalation Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-iosxr | Cisco IOS XR Software Multicast Source Discovery Protocol Session Denial of Service Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-ise1 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-prime | Cisco Prime Network Privilege Escalation Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-staros | Cisco StarOS Border Gateway Protocol Process Denial of Service Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-waas | Cisco Wide Area Application Services Core Dump Denial of Service Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-waas1 | Cisco Wide Area Application Services Central Manager Information Disclosure Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-05T16:00:00+00:00 |
| cisco-sa-20170705-cpn | Cisco Prime Network Information Disclosure Vulnerability | 2017-07-05T16:00:00+00:00 | 2017-07-06T20:36:00+00:00 |
| cisco-sa-20170727-ospf | Multiple Cisco Products OSPF LSA Manipulation Vulnerability | 2017-07-27T16:00:00+00:00 | 2017-08-03T14:07:00+00:00 |
| cisco-sa-20170927-cc | Cisco IOS XE Software for Cisco ASR 1000 Series and cBR-8 Routers Line Card Console Access Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-lisp | Cisco IOS XE Software Locator/ID Separation Protocol Authentication Bypass Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-pnp | Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-privesc | Cisco IOS XE Software Web UI Privilege Escalation Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-restapi | Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20170927-vpls | Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability | 2017-09-27T16:00:00+00:00 | 2017-09-27T16:00:00+00:00 |
| cisco-sa-20171004-asa | Cisco Adaptive Security Appliance Software Direct Authentication Denial of Service Vulnerability | 2017-10-04T16:00:00+00:00 | 2017-10-12T13:48:00+00:00 |
| cisco-sa-20171018-ccs | Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability | 2017-10-18T16:00:00+00:00 | 2017-10-18T16:00:00+00:00 |
| cisco-sa-20171129-ipp | Cisco IP Phone 8800 Series Denial of Service Vulnerability | 2017-11-29T16:00:00+00:00 | 2017-11-29T16:00:00+00:00 |
| cisco-sa-20171129-nxos | Cisco NX-OS System Software Patch Signature Bypass Vulnerability | 2017-11-29T16:00:00+00:00 | 2017-11-29T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2019-1105 | Outlook for Android Spoofing Vulnerability | 2019-06-11T07:00:00.000Z | 2019-06-20T07:00:00.000Z |
| msrc_cve-2015-8100 | The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf which allows local users to obtain sensitive community information by reading this file. | 2015-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication obtain sensitive information or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c which trigger an "Off-by-two" or "Out of bounds overwrite" memory error. | 2015-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-10739 | In the GNU C Library (aka glibc or libc6) through 2.28 the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters which could lead applications to incorrectly assume that it had parsed a valid string without the possibility of embedded HTTP headers or other potentially dangerous substrings. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2016-3189 | Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file related to block ends set to before the start of the block. | 2016-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-10896 | The default cloud-init configuration in cloud-init 0.6.2 and newer included "ssh_deletekeys: 0" disabling cloud-init's deletion of ssh host keys. In some environments this could lead to instances created by cloning a golden master or template system sharing ssh host keys and being able to impersonate one another or conduct man-in-the-middle attacks. | 2018-08-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15686 | systemd: reexec state injection: fgets() on overlong lines leads to line splitting | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15687 | systemd: chown_one() can dereference symlinks | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-15688 | Out-of-Bounds write in systemd-networkd dhcpv6 option handling | 2018-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16864 | An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16865 | An allocation of memory without limits that could result in the stack clashing with another memory region was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker or a remote one if systemd-journal-remote is used may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-16866 | An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. | 2019-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19591 | In the GNU C Library (aka glibc or libc6) through 2.28 attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19665 | The Bluetooth subsystem in QEMU mishandles negative values for length variables leading to memory corruption. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-19876 | cairo 1.16.0 in cairo_ft_apply_variations() in cairo-ft-font.c would free memory using a free function incompatible with WebKit's fastMalloc leading to an application crash with a "free(): invalid pointer" error. | 2018-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20796 | In the GNU C Library (aka glibc or libc6) through 2.29 check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. | 2019-02-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2018-20843 | In libexpat in Expat before 2.2.7 XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-12439 | bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations (related to XDG_RUNTIME_DIR) a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code. | 2019-05-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-12972 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-13012 | The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir NULL NULL) and files using g_file_replace_contents (kfsb->file contents length NULL FALSE G_FILE_CREATE_REPLACE_DESTINATION NULL NULL NULL). Consequently it does not properly restrict directory (and file) permissions. Instead for directories 0777 permissions are used; for files default file permissions are used. This is similar to CVE-2019-12450. | 2019-06-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14250 | An issue was discovered in GNU libiberty as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value leading to an integer overflow and resultant heap-based buffer overflow. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14444 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file as demonstrated by readelf. | 2019-07-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-14834 | A vulnerability was found in dnsmasq before version 2.81 where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-15847 | The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example within a single execution of a program the output of every __builtin_darn() call may be the same. | 2019-09-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17450 | find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-17451 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c as demonstrated by nm. | 2019-10-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-18276 | An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default if Bash is run with its effective UID not equal to its real UID it will drop privileges by setting its effective UID to its real UID. However it does so incorrectly. On Linux and other systems that support "saved UID" functionality the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin which can be a shared object that calls setuid() and therefore regains privileges. However binaries running with an effective UID of 0 are unaffected. | 2019-11-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20175 | An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that implies that the size of successful DMA transfers there must be a multiple of 512 (the size of a sector). NOTE: a member of the QEMU security team disputes the significance of this issue because a "privileged guest user has many ways to cause similar DoS effect without triggering this assert. | 2019-12-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20386 | An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command a memory leak may occur. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| msrc_cve-2019-20388 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. | 2020-01-02T00:00:00.000Z | 2020-08-18T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2024-0217 | Kwetsbaarheden verholpen in Apple MacOS | 2024-05-15T10:50:09.062571Z | 2024-05-15T11:18:13.188010Z |
| ncsc-2024-0218 | Kwetsbaarheden verholpen in Mozilla Firefox en Thunderbird | 2024-05-15T12:29:43.620890Z | 2024-05-15T12:29:43.620890Z |
| ncsc-2024-0219 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2024-05-15T12:47:39.940581Z | 2024-05-15T12:47:39.940581Z |
| ncsc-2024-0220 | Kwetsbaarheden verholpen in Aruba Networks ArubaOS | 2024-05-16T12:41:16.031110Z | 2024-05-16T12:41:16.031110Z |
| ncsc-2024-0221 | Kwetsbaarheden verholpen in Google Chrome | 2024-05-16T12:42:36.777137Z | 2024-05-16T12:42:36.777137Z |
| ncsc-2024-0222 | Kwetsbaarheden verholpen in Fortinet FortiOS | 2024-05-16T12:43:57.240443Z | 2024-05-16T12:43:57.240443Z |
| ncsc-2024-0223 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2024-05-16T12:44:31.298431Z | 2024-05-16T12:44:31.298431Z |
| ncsc-2024-0224 | Kwetsbaarheid verholpen in Adobe Dreamweaver | 2024-05-16T12:45:03.866353Z | 2024-05-16T12:45:03.866353Z |
| ncsc-2024-0225 | Kwetsbaarheden verholpen in Adobe FrameMaker | 2024-05-16T12:54:55.359838Z | 2024-05-16T12:54:55.359838Z |
| ncsc-2024-0226 | Kwetsbaarheden verholpen in Adobe Animate | 2024-05-16T12:55:49.361352Z | 2024-05-16T12:55:49.361352Z |
| ncsc-2024-0227 | Kwetsbaarheden verholpen in Adobe Illustrator | 2024-05-16T12:59:04.595951Z | 2024-05-16T12:59:04.595951Z |
| ncsc-2024-0228 | Kwetsbaarheden verholpen in SAP producten | 2024-05-17T11:28:01.264255Z | 2024-05-17T11:28:01.264255Z |
| ncsc-2024-0229 | Kwetsbaarheid verholpen in QlikSense Enterprise | 2024-05-22T05:33:44.910098Z | 2024-05-22T05:33:44.910098Z |
| ncsc-2024-0230 | Kwetsbaarheden verholpen in QNAP QTS en QTS Hero | 2024-05-22T08:02:19.922765Z | 2024-05-22T08:02:19.922765Z |
| ncsc-2024-0231 | Kwetsbaarheden verholpen in Atlassian producten | 2024-05-22T11:13:07.693855Z | 2024-05-22T11:13:07.693855Z |
| ncsc-2024-0233 | Kwetsbaarheden verholpen in Cisco producten | 2024-05-23T10:56:24.310012Z | 2024-05-23T10:56:24.310012Z |
| ncsc-2024-0234 | Kwetsbaarheid verholpen in Github Enterprise Server | 2024-05-23T10:57:36.609416Z | 2024-05-23T10:57:36.609416Z |
| ncsc-2024-0235 | Kwetsbaarheid verholpen in Google Chrome | 2024-05-27T07:10:26.268379Z | 2024-05-27T07:50:35.517237Z |
| ncsc-2024-0237 | Kwetsbaarheden verholpen in GitLab Enterprise Edition en Community Edition | 2024-05-27T11:26:30.888877Z | 2024-05-27T11:26:30.888877Z |
| ncsc-2024-0238 | Kwetsbaarheid verholpen in Check Point VPN producten | 2024-05-30T07:56:46.220112Z | 2024-05-30T07:56:46.220112Z |
| ncsc-2024-0239 | Kwetsbaarheden verholpen in Solarwinds Platform | 2024-06-07T06:26:01.172456Z | 2024-06-07T06:26:01.172456Z |
| ncsc-2024-0240 | Kwetsbaarheden verholpen in Google Android en Samsung Mobile | 2024-06-07T07:21:29.492650Z | 2024-06-07T07:21:29.492650Z |
| ncsc-2024-0241 | Kwetsbaarheden verholpen in FortiNet FortiWebManager | 2024-06-07T07:22:27.233971Z | 2024-06-07T07:22:27.233971Z |
| ncsc-2024-0242 | Kwetsbaarheden verholpen in RoundCube Webmail | 2024-06-07T11:01:13.397121Z | 2024-06-07T11:01:13.397121Z |
| ncsc-2024-0243 | Kwetsbaarheden verholpen in PHP | 2024-06-10T07:02:05.106950Z | 2024-06-10T07:02:05.106950Z |
| ncsc-2024-0232 | Kwetsbaarheden verholpen in Veeam Backup Enterprise Manager | 2024-05-22T11:42:48.155465Z | 2024-06-11T11:33:12.845658Z |
| ncsc-2024-0244 | Kwetsbaarheden verholpen in Schneider Electric Sage RTU systemen | 2024-06-11T11:33:48.933251Z | 2024-06-11T11:33:48.933251Z |
| ncsc-2024-0245 | Kwetsbaarheden verholpen in Trend Micro Apex One | 2024-06-11T11:51:02.976099Z | 2024-06-11T11:51:02.976099Z |
| ncsc-2024-0247 | Kwetsbaarheden verholpen in SAP producten | 2024-06-11T12:37:09.525507Z | 2024-06-11T12:37:09.525507Z |
| ncsc-2024-0246 | Kwetsbaarheden verholpen in Siemens producten | 2024-06-11T13:29:25.912614Z | 2024-06-11T13:29:25.912614Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2019:1-01 | Stored XSS in field name data model | 2019-11-11T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2019:2-01 | CSV Injection on node label | 2019-11-11T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2019_1-01 | Stored XSS in field name data model | 2019-11-11T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2019_2-01 | CSV Injection on node label | 2019-11-11T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020:2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020:3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020_2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020_3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021:1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021:2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021_1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021_2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022:2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022:2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022_2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022_2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2016:1623-1 | Security update for Chromium | 2016-07-06T12:21:45Z | 2016-07-06T12:21:45Z |
| opensuse-su-2016:1769-1 | Security update for Mozilla Thunderbird | 2016-07-10T18:30:29Z | 2016-07-10T18:30:29Z |
| opensuse-su-2016:1778-1 | Security update for Mozilla Thunderbird | 2016-07-10T18:30:29Z | 2016-07-10T18:30:29Z |
| opensuse-su-2016:1868-1 | Security update for Chromium | 2016-07-25T09:41:24Z | 2016-07-25T09:41:24Z |
| opensuse-su-2016:1869-1 | Security update for Chromium | 2016-07-25T09:41:24Z | 2016-07-25T09:41:24Z |
| opensuse-su-2016:1884-1 | Security update for karchive | 2016-07-27T13:24:09Z | 2016-07-27T13:24:09Z |
| opensuse-su-2016:2223-1 | Security update for karchive | 2016-07-27T13:24:09Z | 2016-07-27T13:24:09Z |
| opensuse-su-2016:1980-1 | Security update for redis | 2016-08-05T18:14:32Z | 2016-08-05T18:14:32Z |
| opensuse-su-2016:1981-1 | Security update for redis | 2016-08-05T18:14:32Z | 2016-08-05T18:14:32Z |
| opensuse-su-2016:1982-1 | Security update for Chromium | 2016-08-07T18:52:29Z | 2016-08-07T18:52:29Z |
| opensuse-su-2016:1983-1 | Security update for Chromium | 2016-08-07T18:52:29Z | 2016-08-07T18:52:29Z |
| opensuse-su-2016:2054-1 | security update for go | 2016-08-11T18:59:52Z | 2016-08-11T18:59:52Z |
| opensuse-su-2016:2055-1 | security update for go | 2016-08-11T18:59:52Z | 2016-08-11T18:59:52Z |
| opensuse-su-2016:2113-1 | Security update for iperf | 2016-08-19T13:27:09Z | 2016-08-19T13:27:09Z |
| opensuse-su-2016:2121-1 | Security update for iperf | 2016-08-19T13:27:09Z | 2016-08-19T13:27:09Z |
| opensuse-su-2016:2250-1 | Security update for Chromium | 2016-09-01T12:42:13Z | 2016-09-01T12:42:13Z |
| opensuse-su-2016:2253-1 | Security update for MozillaThunderbird | 2016-09-06T18:46:14Z | 2016-09-06T18:46:14Z |
| opensuse-su-2016:2254-1 | Security update for MozillaThunderbird | 2016-09-06T18:46:14Z | 2016-09-06T18:46:14Z |
| opensuse-su-2016:2309-1 | Recommended update for chromium | 2016-09-14T21:25:32Z | 2016-09-14T21:25:32Z |
| opensuse-su-2016:2311-1 | Recommended update for chromium | 2016-09-14T21:25:32Z | 2016-09-14T21:25:32Z |
| opensuse-su-2016:2429-1 | Security update for chromium | 2016-10-04T07:45:14Z | 2016-10-04T07:45:14Z |
| opensuse-su-2016:2432-1 | Security update for chromium | 2016-10-04T07:45:14Z | 2016-10-04T07:45:14Z |
| opensuse-su-2016:2524-1 | Security update for irssi | 2016-10-07T13:29:02Z | 2016-10-07T13:29:02Z |
| opensuse-su-2016:2484-1 | Security update for MozillaThunderbird | 2016-10-10T13:48:55Z | 2016-10-10T13:48:55Z |
| opensuse-su-2016:2485-1 | Security update for MozillaThunderbird | 2016-10-10T13:48:55Z | 2016-10-10T13:48:55Z |
| opensuse-su-2016:2495-1 | Security update for kde-cli-tools5 | 2016-10-11T13:50:53Z | 2016-10-11T13:50:53Z |
| opensuse-su-2016:2498-1 | Security update for kde-cli-tools5 | 2016-10-11T13:50:53Z | 2016-10-11T13:50:53Z |
| opensuse-su-2016:2536-1 | Security update to go1.4 | 2016-10-14T09:45:15Z | 2016-10-14T09:45:15Z |
| opensuse-su-2016:2558-1 | Security update for kcoreaddons | 2016-10-18T08:48:46Z | 2016-10-18T08:48:46Z |
| opensuse-su-2016:2559-1 | Security update for kcoreaddons | 2016-10-18T08:48:46Z | 2016-10-18T08:48:46Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxdc-adv-2026-0001 | OX Dovecot Security Advisory OXDC-ADV-2026-0001 | 2026-03-27T00:00:00+00:00 | 2026-03-27T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2004:033 | Red Hat Security Advisory: gaim security update | 2004-01-26T19:01:00Z | 2004-01-19T00:00:00Z |
| rhsa-2004_033 | Red Hat Security Advisory: gaim security update | 2004-01-26T19:01:00Z | 2004-01-19T00:00:00Z |
| rhsa-2004:110 | Red Hat Security Advisory: mozilla security update | 2004-03-29T18:14:00Z | 2004-04-02T00:00:00Z |
| rhsa-2004_110 | Red Hat Security Advisory: mozilla security update | 2004-03-29T18:14:00Z | 2004-04-02T00:00:00Z |
| rhsa-2004:421 | Red Hat Security Advisory: mozilla security update | 2004-08-04T21:51:00Z | 2004-08-04T00:00:00Z |
| rhsa-2004_421 | Red Hat Security Advisory: mozilla security update | 2004-08-04T21:51:00Z | 2004-08-04T00:00:00Z |
| rhsa-2004:400 | Red Hat Security Advisory: gaim security update | 2004-09-07T15:38:00Z | 2004-09-07T00:00:00Z |
| rhsa-2004_400 | Red Hat Security Advisory: gaim security update | 2004-09-07T15:38:00Z | 2004-09-07T00:00:00Z |
| rhsa-2004:486 | Red Hat Security Advisory: mozilla security update | 2004-09-30T14:23:00Z | 2004-09-30T00:00:00Z |
| rhsa-2004_486 | Red Hat Security Advisory: mozilla security update | 2004-09-30T14:23:00Z | 2004-09-30T00:00:00Z |
| rhsa-2004:604 | Red Hat Security Advisory: gaim security update | 2004-10-20T19:47:00Z | 2004-10-20T00:00:00Z |
| rhsa-2004_604 | Red Hat Security Advisory: gaim security update | 2004-10-20T19:47:00Z | 2004-10-20T00:00:00Z |
| rhsa-2005:038 | Red Hat Security Advisory: mozilla security update | 2005-01-13T13:38:00Z | 2005-01-13T00:00:00Z |
| rhsa-2005_038 | Red Hat Security Advisory: mozilla security update | 2005-01-13T13:38:00Z | 2005-01-13T00:00:00Z |
| rhsa-2005:037 | Red Hat Security Advisory: ethereal security update | 2005-02-15T09:49:00Z | 2005-02-15T00:00:00Z |
| rhsa-2005_037 | Red Hat Security Advisory: ethereal security update | 2005-02-15T09:49:00Z | 2005-02-15T00:00:00Z |
| rhsa-2005:277 | Red Hat Security Advisory: mozilla security update | 2005-03-04T09:22:00Z | 2005-03-04T00:00:00Z |
| rhsa-2005_277 | Red Hat Security Advisory: mozilla security update | 2005-03-04T09:22:00Z | 2005-03-04T00:00:00Z |
| rhsa-2005:215 | Red Hat Security Advisory: gaim security update | 2005-03-10T16:41:00Z | 2005-03-10T00:00:00Z |
| rhsa-2005_215 | Red Hat Security Advisory: gaim security update | 2005-03-10T16:41:00Z | 2005-03-10T00:00:00Z |
| rhsa-2005:323 | Red Hat Security Advisory: mozilla security update | 2005-03-23T19:01:00Z | 2005-03-23T00:00:00Z |
| rhsa-2005_323 | Red Hat Security Advisory: mozilla security update | 2005-03-23T19:01:00Z | 2005-03-23T00:00:00Z |
| rhsa-2005:365 | Red Hat Security Advisory: gaim security update | 2005-04-12T13:56:00Z | 2005-04-12T00:00:00Z |
| rhsa-2005_365 | Red Hat Security Advisory: gaim security update | 2005-04-12T13:56:00Z | 2005-04-12T00:00:00Z |
| rhsa-2005:384 | Red Hat Security Advisory: Mozilla security update | 2005-04-28T19:11:00Z | 2005-04-28T00:00:00Z |
| rhsa-2005_384 | Red Hat Security Advisory: Mozilla security update | 2005-04-28T19:11:00Z | 2005-04-28T00:00:00Z |
| rhsa-2005:429 | Red Hat Security Advisory: gaim security update | 2005-05-11T08:33:00Z | 2005-05-11T00:00:00Z |
| rhsa-2005_429 | Red Hat Security Advisory: gaim security update | 2005-05-11T08:33:00Z | 2005-05-11T00:00:00Z |
| rhsa-2005:518 | Red Hat Security Advisory: gaim security update | 2005-06-16T17:52:00Z | 2005-06-16T00:00:00Z |
| rhsa-2005_518 | Red Hat Security Advisory: gaim security update | 2005-06-16T17:52:00Z | 2005-06-16T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2020-014-01 | MSX Configurator | 2020-01-14T00:00:00.000Z | 2020-01-14T00:00:00.000Z |
| sevd-2018-095-01 | Security Notification - U.motion Builder software | 2018-04-05T00:00:00.000Z | 2020-02-11T00:00:00.000Z |
| sevd-2020-042-01 | ProSoft Configurator for Modicon PMEPXM0100 (H) | 2020-02-11T00:00:00.000Z | 2020-02-11T00:00:00.000Z |
| sevd-2020-070-01 | IGSS (Interactive Graphical SCADA System) | 2020-03-10T00:00:00.000Z | 2020-03-10T00:00:00.000Z |
| sevd-2020-070-02 | Modicon Quantum Ethernet Network module and Quantum / Premium COPRO | 2020-03-10T00:00:00.000Z | 2020-03-10T00:00:00.000Z |
| sevd-2020-070-03 | ZigBee Installation Toolkit | 2020-03-10T00:00:00.000Z | 2020-03-10T00:00:00.000Z |
| sevd-2020-105-01 | Modicon M100/M200/M221 controllers, SoMachine Basic and EcoStruxure Machine Expert - Basic Programming Software | 2020-04-14T00:00:00.000Z | 2020-04-14T00:00:00.000Z |
| sevd-2020-070-04 | Andover Continuum System | 2020-03-10T00:00:00.000Z | 2020-05-12T00:00:00.000Z |
| sevd-2015-344-01 | GoAhead Web Server vulnerability | 2015-12-15T00:00:00.000Z | 2020-06-09T00:00:00.000Z |
| sevd-2020-161-01 | Modicon M218 Logic Controller | 2020-06-09T00:00:00.000Z | 2020-06-09T00:00:00.000Z |
| sevd-2020-161-03 | Modicon LMC078 Logic Controller additional URGENT/11 Fix | 2020-06-09T00:00:00.000Z | 2020-06-09T00:00:00.000Z |
| sevd-2020-196-01 | Schneider Electric Software Update (SESU) | 2020-07-14T00:00:00.000Z | 2020-07-14T00:00:00.000Z |
| sevd-2020-105-03 | Vijeo Designer and Vijeo Designer Basic | 2020-04-14T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-02 | spaceLYnk & Wiser for KNX (formerly homeLYnk) | 2020-08-11T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-03 | Modicon M218 Logic Controller | 2020-08-11T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-04 | APC Easy UPS On-Line Software | 2020-08-11T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-05 | PowerChute Business Edition | 2020-08-11T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-06 | Harmony® eXLhoist | 2020-08-11T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-07 | SoMove | 2020-08-11T00:00:00.000Z | 2020-08-11T00:00:00.000Z |
| sevd-2020-224-08 | Schneider Electric PACTware | 2020-08-11T00:00:00.000Z | 2020-08-13T00:00:00.000Z |
| sevd-2020-133-02 | Vijeo Designer and Vijeo Designer Basic Software | 2020-05-12T00:00:00.000Z | 2020-08-14T00:00:00.000Z |
| sevd-2020-224-01 | Schneider Electric Modbus Serial Driver | 2020-08-11T00:00:00.000Z | 2020-10-13T00:00:00.000Z |
| sevd-2020-287-03 | Smartlink, PowerTag, and Wiser Series Gateways | 2020-10-13T00:00:00.000Z | 2020-10-13T00:00:00.000Z |
| sevd-2020-287-04 | EcoStruxure™ and SmartStruxure™ Power Monitoring and SCADA Software | 2020-10-13T00:00:00.000Z | 2020-10-13T00:00:00.000Z |
| sevd-2020-105-02 | Modicon M218/M241/M251/M258 Logic Controllers,SoMachine/SoMachine Motion, EcoStruxure™ Machine Expert | 2020-04-14T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| sevd-2020-315-04 | EcoStruxure Building Operation (EBO) | 2020-11-10T00:00:00.000Z | 2020-11-10T00:00:00.000Z |
| sevd-2020-287-02 | Wibu-Systems CodeMeter Vulnerabilities | 2020-10-13T00:00:00.000Z | 2020-12-08T00:00:00.000Z |
| sevd-2020-315-06 | Easergy T300 | 2020-11-10T00:00:00.000Z | 2020-12-08T00:00:00.000Z |
| sevd-2020-343-02 | EcoStruxure Geo SCADA Expert | 2020-12-08T00:00:00.000Z | 2020-12-08T00:00:00.000Z |
| sevd-2020-343-08 | Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium | 2020-12-08T00:00:00.000Z | 2020-12-08T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2019-0001 | MSC800 affected by hard-coded credentials vulnerability | 2019-06-21T10:00:00.000Z | 2019-06-21T10:00:00.000Z |
| sca-2019-0002 | Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000 | 2019-09-20T10:00:00.000Z | 2019-09-20T10:00:00.000Z |
| sca-2020-0001 | Security Information Regarding "Profile Programming" | 2020-05-31T10:00:00.000Z | 2020-05-31T10:00:00.000Z |
| sca-2020-0002 | Vulnerabilities in SICK Package Analytics | 2020-08-07T10:00:00.000Z | 2020-07-28T10:00:00.000Z |
| sca-2020-0003 | MEAC affected by Windows SMBv3 vulnerability | 2020-08-07T10:00:00.000Z | 2020-08-07T10:00:00.000Z |
| sca-2020-0004 | Vulnerability in Platform Mechanism AutoIP | 2020-08-31T10:00:00.000Z | 2020-08-31T10:00:00.000Z |
| sca-2020-0005 | Package Analytics affected by Windows TCP/IP vulnerability | 2020-10-29T11:00:00.000Z | 2020-10-29T11:00:00.000Z |
| sca-2021-0001 | Inadequate SSH configuration in SICK Visionary-S CX | 2021-06-25T10:00:00.000Z | 2021-06-25T10:00:00.000Z |
| sca-2021-0002 | MEAC affected by Windows SMBv1 vulnerability | 2021-08-04T10:00:00.000Z | 2021-08-04T10:00:00.000Z |
| sca-2021-0004 | Vulnerabilities in SICK SOPAS ET | 2021-12-16T08:00:00.000Z | 2021-12-17T08:00:00.000Z |
| sca-2021-0003 | SICK Security Advisory for Apache Log4j (CVE-2021-44228) | 2021-12-14T17:00:00.000Z | 2021-12-17T12:00:00.000Z |
| sca-2022-0001 | Vulnerability in SICK FieldEcho | 2022-02-17T16:00:00.000Z | 2022-02-17T16:00:00.000Z |
| sca-2022-0002 | PwnKit vulnerability affects multiple SICK IPCs | 2022-02-23T16:00:00.000Z | 2022-02-23T16:00:00.000Z |
| sca-2022-0003 | Vulnerabilities in SICK FTMg | 2022-03-31T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0004 | Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC | 2022-04-11T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0005 | Vulnerability in SICK Overall Equipment Effectiveness (OEE) | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0006 | Vulnerability in SICK MSC800 | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0007 | Vulnerabilities in SICK MARSIC300 | 2022-04-21T15:00:00.000Z | 2022-04-21T15:00:00.000Z |
| sca-2022-0008 | Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0009 | Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0011 | Vulnerabilities in SICK Package Analytics | 2022-06-08T15:00:00.000Z | 2022-06-08T15:00:00.000Z |
| sca-2022-0010 | Vulnerability in SICK Flexi Soft Designer & Safety Designer | 2022-05-16T10:00:00.000Z | 2022-07-19T10:00:00.000Z |
| sca-2022-0012 | OpenSSL vulnerability affects multiple SICK SIMs | 2022-08-08T13:00:00.000Z | 2022-08-03T13:00:00.000Z |
| sca-2022-0014 | SICK FlexiCompact affected by Denial of Service vulnerability | 2022-10-31T11:00:00.000Z | 2022-10-31T11:00:00.000Z |
| sca-2022-0013 | Password recovery vulnerability affects multiple SICK SIMs | 2022-10-21T13:00:00.000Z | 2022-11-04T14:00:00.000Z |
| sca-2022-0015 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR | 2022-12-08T16:00:00.000Z | 2022-12-08T16:00:00.000Z |
| sca-2023-0001 | Bootloader mode vulnerability in Flexi Soft Gateways v3 | 2023-02-20T14:00:00.000Z | 2023-02-20T14:00:00.000Z |
| sca-2023-0002 | Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways | 2023-04-11T10:00:00.000Z | 2023-04-11T10:00:00.000Z |
| SCA-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| sca-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-163226 | SSA-163226: CELL File Parsing Vulnerability in Tecnomatix RobotExpert | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-292794 | SSA-292794: Multiple Denial-of-Service Vulnerabilities in SINEMA Remote Connect Server | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-296266 | SSA-296266: Denial-of-Service Vulnerability in SCALANCE and RUGGEDCOM Devices | 2021-03-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-541017 | SSA-541017: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SIRIUS 3RW5 Modbus TCP and SENTRON PAC / 3VA Devices | 2020-12-08T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-591405 | SSA-591405: Web Vulnerabilities in SCALANCE S-600 Family | 2020-02-11T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-689942 | SSA-689942: Denial-of-Service and DLL Hijacking Vulnerabilities in Multiple SIMATIC Software Products | 2020-06-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-715184 | SSA-715184: Multiple File Parsing Vulnerabilities in Solid Edge | 2021-03-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-788287 | SSA-788287: Disclosure of Private Data | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-853866 | SSA-853866: User Credentials Disclosure Vulnerability in Siveillance Video Open Network Bridge (ONVIF) | 2021-04-13T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-979775 | SSA-979775: Stack Overflow Vulnerability in SCALANCE and RUGGEDCOM Devices | 2021-03-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-875726 | SSA-875726: Privilege Escalation Vulnerability in Mendix | 2021-04-14T00:00:00Z | 2021-04-14T00:00:00Z |
| ssa-116379 | SSA-116379: Denial-of-Service Vulnerability in OSPF Packet Handling of SCALANCE XM-400 and XR-500 Devices | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-478893 | SSA-478893: TightVNC Vulnerabilities in Industrial Products (Revoked) | 2020-12-08T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-594364 | SSA-594364: Denial-of-Service Vulnerability in SNMP Implementation of WinCC Runtime | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-646763 | SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices | 2021-01-19T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-676775 | SSA-676775: Denial-of-Service Vulnerability in SIMATIC NET CP 343-1 Devices | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-794542 | SSA-794542: Insecure Folder Permissions in SIMARIS Configuration | 2021-02-09T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-854248 | SSA-854248: Information Disclosure Vulnerability in Mendix Excel Importer Module | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-919955 | SSA-919955: Information Disclosure Vulnerability in Mendix Database Replication Module | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-940818 | SSA-940818: UltraVNC Vulnerabilities in SIMATIC HMIs/WinCC Products | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-983548 | SSA-983548: Multiple SPP File Parsing Vulnerabilities in Tecnomatix Plant Simulation | 2021-05-11T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-622830 | SSA-622830: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0 | 2021-01-12T00:00:00Z | 2021-05-17T00:00:00Z |
| ssa-663999 | SSA-663999: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0.1 | 2021-02-09T00:00:00Z | 2021-05-17T00:00:00Z |
| ssa-695540 | SSA-695540: ASM and PAR File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.1.0.2 | 2021-05-17T00:00:00Z | 2021-05-17T00:00:00Z |
| ssa-119468 | SSA-119468: Luxion KeyShot Vulnerabilities in Solid Edge | 2021-05-25T00:00:00Z | 2021-05-25T00:00:00Z |
| ssa-133038 | SSA-133038: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-200951 | SSA-200951: Multiple Vulnerabilities in Third-Party Component libcurl of TIM Devices | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-208356 | SSA-208356: DFT File Parsing Vulnerabilities in Solid Edge | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-419820 | SSA-419820: Denial-of-Service Vulnerability in TIM 1531 IRC | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-522654 | SSA-522654: Privilege Escalation Vulnerability in Mendix SAML Module | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2015:0652-1 | Security update for Kernel | 2012-04-24T18:13:18Z | 2012-04-24T18:13:18Z |
| suse-su-2015:0182-2 | Security update for compat-openssl097g | 2012-08-30T22:56:05Z | 2012-08-30T22:56:05Z |
| suse-su-2015:0543-1 | Security update for compat-openssl097g | 2012-08-30T22:56:05Z | 2012-08-30T22:56:05Z |
| suse-su-2015:0578-1 | Security update for compat-openssl097g | 2012-08-30T22:56:05Z | 2012-08-30T22:56:05Z |
| suse-su-2015:1183-1 | Security update for compat-openssl097g | 2012-08-30T22:56:05Z | 2012-08-30T22:56:05Z |
| suse-su-2015:0929-1 | Security update for kvm | 2012-08-31T14:36:20Z | 2012-08-31T14:36:20Z |
| suse-su-2015:0259-2 | Recommended update for ntp | 2012-11-22T17:45:21Z | 2012-11-22T17:45:21Z |
| suse-su-2015:0940-1 | Security update for Xen | 2012-11-22T17:59:15Z | 2012-11-22T17:59:15Z |
| suse-su-2015:1177-2 | Security update for MySQL | 2012-12-27T16:15:49Z | 2012-12-27T16:15:49Z |
| suse-su-2015:0944-1 | Security update for Xen | 2013-03-13T11:27:38Z | 2013-03-13T11:27:38Z |
| suse-su-2015:0545-1 | Security update for OpenSSL | 2013-03-25T15:10:09Z | 2013-03-25T15:10:09Z |
| suse-su-2015:1184-2 | Security update for OpenSSL | 2013-03-25T15:10:09Z | 2013-03-25T15:10:09Z |
| suse-su-2015:0716-1 | Security update for pigz | 2013-06-10T16:21:37Z | 2013-06-10T16:21:37Z |
| suse-su-2015:0943-1 | Security update for KVM | 2013-06-24T20:56:39Z | 2013-06-24T20:56:39Z |
| suse-su-2015:1337-1 | Security update for tomcat6 | 2013-08-02T13:29:14Z | 2013-08-02T13:29:14Z |
| suse-ru-2015:0779-1 | Recommended update for ibutils | 2013-08-14T20:44:57Z | 2013-08-14T20:44:57Z |
| suse-su-2015:0551-1 | Security update for glibc | 2013-09-13T15:23:14Z | 2013-09-13T15:23:14Z |
| suse-su-2015:0447-1 | Security update for Mozilla Firefox | 2013-09-19T09:38:57Z | 2013-09-19T09:38:57Z |
| suse-su-2015:0446-1 | Security update for Mozilla Firefox | 2013-09-19T11:00:29Z | 2013-09-19T11:00:29Z |
| suse-su-2015:0392-1 | Security update for IBM Java 6 | 2013-11-14T23:20:58Z | 2013-11-14T23:20:58Z |
| suse-su-2015:1086-1 | Security update for IBM Java 6 | 2013-11-14T23:20:58Z | 2013-11-14T23:20:58Z |
| suse-su-2015:0344-1 | Security update for IBM Java 7 | 2013-11-19T10:42:44Z | 2013-11-19T10:42:44Z |
| suse-su-2015:1086-3 | Security update for IBM Java 7 | 2013-11-19T10:42:44Z | 2013-11-19T10:42:44Z |
| suse-ru-2015:0793-1 | Security update for webyast | 2013-12-02T16:20:49Z | 2013-12-02T16:20:49Z |
| suse-ru-2015:0876-1 | Recommended update for mailx | 2013-12-10T16:46:46Z | 2013-12-10T16:46:46Z |
| suse-su-2015:0386-1 | Security update for Samba | 2013-12-13T21:39:19Z | 2013-12-13T21:39:19Z |
| suse-su-2015:0011-2 | Security update for bind | 2014-01-27T18:38:10Z | 2014-01-27T18:38:10Z |
| suse-su-2015:1205-1 | Security update for bind | 2014-01-27T18:38:10Z | 2014-01-27T18:38:10Z |
| suse-su-2015:0480-1 | Security update for bind | 2014-01-27T18:54:09Z | 2014-01-27T18:54:09Z |
| suse-su-2015:0481-1 | Security update for Linux kernel | 2014-02-05T12:49:24Z | 2014-02-05T12:49:24Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2019:0975 | Important: container-tools:rhel8 security and bug fix update | 2019-05-07T03:39:11Z | 2019-05-07T03:39:02Z |
| alsa-2019:0981 | Important: python27:2.7 security update | 2019-05-07T03:40:00Z | 2019-05-07T03:39:54Z |
| alsa-2019:0984 | Moderate: python36:3.6 security update | 2019-05-07T03:40:33Z | 2019-05-07T03:40:21Z |
| alsa-2019:1529 | Important: pki-deps:10.6 security update | 2019-06-18T16:36:21Z | 2019-06-18T16:36:09Z |
| alsa-2019:1972 | Important: ruby:2.5 security update | 2019-07-30T11:16:25Z | 2019-07-30T15:56:05Z |
| alsa-2019:2511 | Important: mysql:8.0 security update | 2019-08-15T17:31:05Z | 2019-08-15T17:31:05Z |
| alsa-2019:2512 | Important: subversion:1.10 security update | 2019-08-15T17:34:10Z | 2019-08-15T17:34:10Z |
| alsa-2019:2593 | Important: squid:4 security update | 2019-09-02T10:22:04Z | 2019-09-02T10:22:04Z |
| alsa-2019:2720 | Important: pki-deps:10.6 security update | 2019-09-10T15:32:49Z | 2019-09-10T15:32:43Z |
| alsa-2019:2799 | Important: nginx:1.14 security update | 2019-09-17T08:45:10Z | 2019-09-17T08:45:10Z |
| alsa-2019:2925 | Important: nodejs:10 security update | 2019-09-30T07:07:29Z | 2019-09-30T07:07:29Z |
| alsa-2019:3335 | Moderate: python27:2.7 security and bug fix update | 2019-11-05T17:32:12Z | 2019-11-05T17:31:55Z |
| alsa-2019:3403 | Important: container-tools:rhel8 security, bug fix, and enhancement update | 2019-11-05T17:41:57Z | 2019-11-05T17:41:43Z |
| alsa-2019:3476 | Moderate: squid:4 security and bug fix update | 2019-11-05T17:50:00Z | 2019-11-05T17:49:48Z |
| alsa-2019:3494 | Important: container-tools:1.0 security and bug fix update | 2019-11-05T17:52:13Z | 2019-11-05T17:52:00Z |
| alsa-2019:3735 | Critical: php:7.2 security update | 2019-11-06T13:15:34Z | 2019-11-06T13:15:21Z |
| alsa-2019:3736 | Critical: php:7.3 security update | 2019-11-06T13:15:46Z | 2019-11-06T13:15:34Z |
| alsa-2019:4269 | Important: container-tools:rhel8 security and bug fix update | 2019-12-17T09:19:28Z | 2019-12-17T09:19:15Z |
| alsa-2019:4273 | Important: container-tools:1.0 security update | 2019-12-17T09:20:02Z | 2019-12-17T09:19:52Z |
| alsa-2020:0348 | Important: container-tools:rhel8 security, bug fix, and enhancement update | 2020-02-04T11:39:46Z | 2020-02-04T11:39:39Z |
| alsa-2020:0579 | Important: nodejs:10 security update | 2020-02-25T07:57:02Z | 2020-02-25T07:57:02Z |
| alsa-2020:0598 | Important: nodejs:12 security update | 2020-02-25T13:06:23Z | 2020-02-25T13:06:23Z |
| alsa-2020:1293 | Important: nodejs:12 security update | 2020-04-02T07:23:16Z | 2020-04-02T07:23:16Z |
| alsa-2020:1317 | Important: nodejs:10 security update | 2020-04-06T07:21:40Z | 2020-04-06T07:21:40Z |
| alsa-2020:1379 | Important: container-tools:rhel8 security and bug fix update | 2020-04-07T09:15:36Z | 2020-04-07T09:15:25Z |
| alsa-2020:1360 | Important: container-tools:1.0 security update | 2020-04-07T12:58:09Z | 2020-04-07T12:58:07Z |
| alsa-2020:1605 | Moderate: python27:2.7 security, bug fix, and enhancement update | 2020-04-28T08:55:59Z | 2020-04-28T08:55:52Z |
| alsa-2020:1624 | Moderate: php:7.2 security, bug fix, and enhancement update | 2020-04-28T08:57:54Z | 2020-04-28T08:57:41Z |
| alsa-2020:1644 | Moderate: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update | 2020-04-28T09:00:20Z | 2020-04-28T09:00:04Z |
| alsa-2020:1650 | Moderate: container-tools:rhel8 security, bug fix, and enhancement update | 2020-04-28T09:01:00Z | 2020-04-28T09:00:50Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2023-0001 | Hash flooding vulnerability in aeson | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0002 | Improper Verification of Cryptographic Signature | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0003 | code injection in xmonad-contrib | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0004 | xml-conduit unbounded entity expansion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0005 | tls-extra: certificate validation does not check Basic Constraints | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0006 | x509-validation does not enforce pathLenConstraint | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0007 | readFloat: memory exhaustion with large exponent | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0008 | Stored XSS in hledger-web | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0009 | git-annex command injection via malicious SSH hostname | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0010 | git-annex private data exfiltration to compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0011 | git-annex GPG decryption attack via compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0012 | git-annex checksum exposure to encrypted special remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0013 | git-annex plaintext storage of embedded credentials on encrypted remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0014 | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0015 | cabal-install uses expired key policies | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0001 | Reflected XSS vulnerability in keter | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0002 | out-of-bounds write when there are many bzip2 selectors | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0003 | process: command injection via argument list on Windows | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0006 | fromIntegral: conversion error | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0007 | Sign extension error in the AArch64 NCG | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0008 | Sign extension error in the PPC64le FFI | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0009 | Public key confusion in third-party blocks | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0001 | Subword division operations may produce incorrect results | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0002 | Double Public Key Signing Function Oracle Attack on Ed25519 | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0003 | Use after free in multithreaded lzma (.xz) decoder | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0004 | Broken Path Sanitization in spacecookie Library | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0005 | cabal-install dependency confusion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0006 | Private key leak via inherited file descriptor | 2025-11-17T02:22:38Z | 2025-11-17T02:22:38Z |
| hsec-2025-0007 | cmark-gfm: resource exhaustion due to quadratic complexity in parser | 2025-12-27T08:58:56Z | 2025-12-27T08:58:56Z |
| hsec-2024-0004 | Hackage package and doc upload stored XSS vulnerability | 2026-01-16T11:18:20Z | 2026-01-16T11:18:20Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osec-2017-01 | Local privilege escalation issue with ocaml binaries | 2017-06-23T15:19:47Z | 2025-12-16T12:00:00Z |
| osec-2018-01 | An integer overflow in the `bigarray` serialization module leads to arbitrary code execution | 2018-04-06T18:29:00Z | 2025-12-16T12:00:00Z |
| osec-2016-01 | Buffer overflow and information leak in OCaml < 4.03.0 | 2016-04-29T00:18:22Z | 2026-01-01T12:00:00Z |
| osec-2023-01 | Time of check time of use issue in opam's cache | 2023-05-25T12:00:00Z | 2026-01-09T12:00:00Z |
| osec-2016-02 | Memory disclosure in mirage-net-xen | 2016-05-03T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-01 | Memory disclosure in mirage-net-xen | 2019-03-21T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-02 | Grant unshare vulnerability in mirage-xen | 2019-04-26T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2025-01 | Albatross console out of memory | 2025-08-15T00:18:22Z | 2026-01-13T12:00:00Z |
| osec-2022-01 | Infinite loop in console output on xen | 2022-12-07T00:00:00Z | 2026-02-18T09:30:00Z |
| osec-2026-02 | ARP unbounded memory usage | 2026-02-18T10:30:00Z | 2026-02-18T10:30:00Z |
| osec-2026-01 | Buffer Over-Read in OCaml Marshal Deserialization | 2026-02-17T13:30:00Z | 2026-02-27T09:30:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2022-127 | Heap-use-after-free in UA_ServerConfig_clean | 2022-02-07T00:00:13.222125Z | 2022-02-07T00:00:13.222344Z |
| osv-2022-129 | Heap-buffer-overflow in dwg_free_HATCH_private | 2022-02-09T00:00:11.798343Z | 2022-02-09T00:00:11.798577Z |
| osv-2022-188 | Incorrect-function-pointer-type in cv::split | 2022-02-23T00:00:47.945292Z | 2022-02-23T00:00:47.945497Z |
| osv-2022-231 | Heap-buffer-overflow in do_fileid | 2022-03-11T00:00:50.495613Z | 2022-03-11T00:00:50.495861Z |
| osv-2022-237 | Stack-buffer-overflow in sc_format_oid | 2022-03-12T00:00:21.696792Z | 2022-03-12T00:00:21.697036Z |
| osv-2022-268 | Stack-use-after-return in template_sanity_check | 2022-03-21T00:01:55.565037Z | 2022-03-21T00:01:55.565249Z |
| osv-2022-276 | Segv on unknown address in sc_file_clear_acl_entries | 2022-03-24T00:00:43.845979Z | 2022-03-24T00:00:43.846203Z |
| osv-2022-282 | Heap-buffer-overflow in cosm_new_file | 2022-03-26T00:01:18.978386Z | 2022-03-26T00:01:18.978611Z |
| osv-2022-283 | Heap-buffer-overflow in epassNUMBER_hook_path | 2022-03-26T00:01:45.914197Z | 2022-03-26T00:01:45.914434Z |
| osv-2022-296 | Negative-size-param in jxl::N_SSE4::BlendingStage::ProcessPaddingRow | 2022-04-03T00:00:21.308788Z | 2022-04-03T00:00:21.309111Z |
| osv-2022-301 | Heap-buffer-overflow in template_compose_group | 2022-04-04T00:01:45.327471Z | 2022-04-04T00:01:45.327710Z |
| osv-2022-305 | Heap-buffer-overflow in jxl::N_AVX2::BlendingStage::ProcessPaddingRow | 2022-04-05T00:00:26.264820Z | 2022-04-05T00:00:26.265051Z |
| osv-2022-313 | Heap-buffer-overflow in generic_unpack | 2022-04-07T00:00:47.839342Z | 2022-04-07T00:00:47.839583Z |
| osv-2022-320 | Heap-buffer-overflow in lwan_h2_huffman_decode_for_fuzzing | 2022-04-09T00:00:11.593728Z | 2022-04-09T00:00:11.594Z |
| osv-2022-322 | Heap-buffer-overflow in frame_get_metalayers | 2022-04-09T00:00:44.310354Z | 2022-04-09T00:00:44.310661Z |
| osv-2022-323 | Heap-buffer-overflow in ConvertRGB24ToY_SSE41 | 2022-04-09T00:00:46.308548Z | 2022-04-09T00:00:46.308780Z |
| osv-2016-1 | UNKNOWN READ in mprint | 2021-01-13T21:56:22.388453Z | 2022-04-13T03:04:30.875874Z |
| osv-2016-2 | UNKNOWN READ in file_regexec | 2021-01-13T21:57:40.577225Z | 2022-04-13T03:04:30.860493Z |
| osv-2016-3 | UNKNOWN READ in file_regexec | 2021-01-15T05:20:54.558144Z | 2022-04-13T03:04:30.816004Z |
| osv-2016-6 | UNKNOWN READ in mprint | 2021-01-15T05:22:02.070395Z | 2022-04-13T03:04:30.786861Z |
| osv-2016-7 | Heap-buffer-overflow in mcopy | 2021-01-15T05:22:13.068Z | 2022-04-13T03:04:30.792444Z |
| osv-2017-102 | Use-of-uninitialized-value in match | 2021-01-13T21:57:41.999614Z | 2022-04-13T03:04:30.902318Z |
| osv-2017-131 | Heap-buffer-overflow in mprint | 2021-01-15T00:00:17.673475Z | 2022-04-13T03:04:30.854629Z |
| osv-2017-134 | Heap-buffer-overflow in cdf_file_property_info | 2021-01-15T00:00:24.559102Z | 2022-04-13T03:04:30.826487Z |
| osv-2017-140 | Heap-buffer-overflow in mprint | 2021-01-15T00:01:14.133316Z | 2022-04-13T03:04:30.798695Z |
| osv-2017-52 | Use-of-uninitialized-value in mcopy | 2021-01-13T21:56:15.043847Z | 2022-04-13T03:04:30.821252Z |
| osv-2018-15 | Heap-buffer-overflow in json_parse_string | 2021-01-13T00:00:06.229450Z | 2022-04-13T03:04:30.805121Z |
| osv-2018-18 | Heap-buffer-overflow in json_parse_object | 2021-01-13T00:00:06.806298Z | 2022-04-13T03:04:30.897105Z |
| osv-2020-1005 | Global-buffer-overflow in ihevcd_unpack_coeffs | 2020-07-22T21:49:39.555124Z | 2022-04-13T03:04:30.950362Z |
| osv-2020-1009 | Heap-buffer-overflow in mu::ParserBase::ParseCmdCodeBulk | 2020-07-22T21:49:39.777520Z | 2022-04-13T03:04:30.746791Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2016-0004 | libusb is unmaintained; use rusb instead | 2016-09-10T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2016-0006 | `cassandra` crate is unmaintained; use `cassandra-cpp` instead | 2016-12-15T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2017-0007 | lz4-compress is unmaintained | 2017-04-17T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0014 | chan is end-of-life; use crossbeam-channel instead | 2018-07-31T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0015 | term is looking for a new maintainer | 2018-11-19T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0016 | quickersort is deprecated and unmaintained | 2018-06-30T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2018-0017 | `tempdir` crate has been deprecated; use `tempfile` instead | 2018-02-13T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2019-0032 | crust repo has been archived; use libp2p instead | 2019-11-21T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0003 | rust_sodium is unmaintained; switch to a modern alternative | 2020-01-20T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0010 | tiberius is unmaintained | 2020-02-28T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0016 | `net2` crate has been deprecated; use `socket2` instead | 2020-05-01T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0018 | crate has been renamed to `block-cipher` | 2020-05-26T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0020 | `stb_truetype` crate has been deprecated; use `ttf-parser` instead | 2020-04-18T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0051 | Obsolete versions of the `rustsec` crate do not support the new V3 advisory format | 2020-10-01T12:00:00Z | 2020-10-02T01:29:11Z |
| rustsec-2020-0056 | stdweb is unmaintained | 2020-05-04T12:00:00Z | 2020-10-25T18:57:46Z |
| rustsec-2020-0057 | crate has been renamed to `cipher` | 2020-10-15T12:00:00Z | 2020-10-25T19:05:32Z |
| rustsec-2020-0058 | crate has been renamed to `cipher` | 2020-10-15T12:00:00Z | 2020-10-25T19:14:03Z |
| rustsec-2020-0063 | crate has been renamed to `safe-nd` | 2020-11-02T12:00:00Z | 2020-11-02T14:43:36Z |
| rustsec-2020-0064 | crate has been renamed to `sn_ffi_utils` | 2020-11-02T12:00:00Z | 2020-11-02T14:45:15Z |
| rustsec-2020-0065 | crate has been renamed to `sn_fake_clock` | 2020-11-02T12:00:00Z | 2020-11-02T14:46:33Z |
| rustsec-2020-0066 | crate has been renamed to `sn_bindgen` | 2020-11-02T12:00:00Z | 2020-11-02T14:48:54Z |
| rustsec-2020-0067 | crate has been renamed to `qp2p` | 2020-11-02T12:00:00Z | 2020-11-02T14:50:19Z |
| rustsec-2020-0076 | crate has been renamed to `sn_routing` | 2020-11-02T12:00:00Z | 2020-12-02T17:59:27Z |
| rustsec-2020-0083 | crate has been superseded by `sn_client` | 2020-12-07T12:00:00Z | 2020-12-07T17:22:02Z |
| rustsec-2020-0084 | crate has been superseded by `sn_client` | 2020-12-07T12:00:00Z | 2020-12-07T17:22:02Z |
| rustsec-2020-0085 | crate has been renamed to `sn_node` | 2020-12-07T12:00:00Z | 2020-12-07T17:22:02Z |
| rustsec-2020-0086 | crate has been renamed to `sn_client` | 2020-12-07T12:00:00Z | 2020-12-07T17:22:02Z |
| rustsec-2021-0002 | interfaces2 is unmaintained, use interfaces instead | 2021-01-04T12:00:00Z | 2021-01-06T16:07:19Z |
| rustsec-2020-0109 | stderr is unmaintained; use eprintln instead | 2020-12-22T12:00:00Z | 2021-01-20T19:29:04Z |
| rustsec-2020-0144 | lzw is unmaintained | 2020-02-10T12:00:00Z | 2021-02-10T18:27:15Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-golang-2021-33194 | 2024-03-06T11:05:26.460Z | 2024-03-06T11:25:28.861Z | |
| bit-mariadb-2022-27458 | 2024-03-06T10:58:21.495Z | 2024-03-06T11:25:28.861Z | |
| bit-postgresql-2024-24213 | 2024-03-06T11:02:10.168Z | 2024-03-06T11:25:28.861Z | |
| bit-rabbitmq-2020-5419 | 2024-03-06T11:04:02.503Z | 2024-03-06T11:25:28.861Z | |
| bit-rabbitmq-2021-22117 | 2024-03-06T11:03:44.606Z | 2024-03-06T11:25:28.861Z | |
| bit-kafka-2024-27309 | 2024-04-16T07:20:25.284Z | 2024-05-02T07:52:56.618Z | |
| bit-solr-2023-44487 | 2024-03-06T11:05:51.759Z | 2024-06-23T19:56:34.118Z | |
| bit-wordpress-2023-28492 | 2024-07-18T07:44:25.068Z | 2024-07-18T07:56:34.499Z | |
| bit-envoy-2024-7207 | 2024-09-26T07:10:09.460Z | 2024-09-26T07:51:02.528Z | |
| bit-gitlab-2022-4315 | 2024-11-05T07:26:59.363Z | 2024-11-27T19:40:48.342Z | |
| bit-wordpress-2023-23814 | 2024-12-11T07:22:41.801Z | 2024-12-11T07:36:45.271Z | |
| bit-node-2025-23087 | 2025-01-27T07:15:36.528Z | 2025-03-02T07:44:48.340Z | |
| bit-node-2025-23088 | 2025-01-27T07:15:29.521Z | 2025-03-02T07:44:48.340Z | |
| bit-node-2025-23089 | 2025-01-27T07:15:22.512Z | 2025-03-02T07:44:48.340Z | |
| bit-wordpress-2023-51474 | 2024-07-18T07:43:55.364Z | 2025-03-24T17:31:38.612Z | |
| bit-wordpress-2024-3755 | 2024-07-18T07:42:10.574Z | 2025-03-24T17:31:38.612Z | |
| bit-wordpress-2024-3756 | 2024-07-18T07:41:57.570Z | 2025-03-24T17:31:38.612Z | |
| bit-wordpress-2024-3992 | 2024-08-06T10:14:12.806Z | 2025-03-24T17:31:38.612Z | |
| bit-airflow-2020-11981 | 2024-03-06T11:01:26.575Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-11982 | 2024-03-06T11:01:18.203Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-11983 | 2024-03-06T11:01:07.495Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-13944 | 2024-03-06T11:00:45.413Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-17511 | 2024-03-06T11:00:34.382Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-17513 | 2024-03-06T11:00:25.620Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-17515 | 2024-03-06T11:00:14.504Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-17526 | 2024-03-06T11:00:04.682Z | 2025-04-03T14:40:37.652Z | |
| bit-airflow-2020-9485 | 2024-03-06T10:59:54.373Z | 2025-04-03T14:40:37.652Z | |
| bit-apache-2020-11984 | 2024-03-06T10:57:57.770Z | 2025-04-03T14:40:37.652Z | |
| bit-apache-2020-11985 | 2024-03-06T10:57:47.876Z | 2025-04-03T14:40:37.652Z | |
| bit-apache-2020-11993 | 2024-03-06T10:57:38.504Z | 2025-04-03T14:40:37.652Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2025-cn65903 | Security fixes for GHSA-6v2p-p543-phr9, GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.5.0-r0, 1.7.0-r0 | 2026-01-16T12:00:42.667592Z | 2025-09-29T13:20:40Z |
| cleanstart-2025-az51267 | Security fixes for GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.7.0-r0 | 2026-01-16T12:00:40.997706Z | 2025-09-29T13:20:59Z |
| cleanstart-2025-eu07511 | Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.7.0-r0, 1.7.1-r0 | 2026-01-16T11:58:32.440192Z | 2025-12-06T13:34:11Z |
| cleanstart-2025-jl63399 | Security fixes for CVE-2025-61729 applied in versions: 0.20.2-r1 | 2026-01-16T12:00:43.312220Z | 2025-12-06T13:34:11Z |
| cleanstart-2025-yj25356 | Security fixes for CVE-2025-61729 applied in versions: 1.40.2-r0 | 2026-01-16T12:00:45.358320Z | 2025-12-06T13:34:11Z |
| cleanstart-2025-ob44035 | Security fixes for CVE-2025-61729, GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2 | 2026-01-16T11:28:43.176297Z | 2025-12-13T08:34:16Z |
| cleanstart-2025-us16386 | Security fixes for GHSA-qxp5-gwg8-xv66, GHSA-vvgc-356p-c3xw applied in versions: 1.7.2-r0 | 2026-01-16T11:58:18.007779Z | 2025-12-23T06:02:25Z |
| cleanstart-2025-zr62045 | attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing | 2026-01-30T16:56:56.696859Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ad41794 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:47:54.368234Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ai42483 | PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access | 2026-01-30T16:26:55.732852Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-aj76138 | tar | 2026-01-30T14:58:52.957172Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-an66259 | attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests | 2026-01-30T16:28:25.281484Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-au31441 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T16:29:25.997506Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-av38242 | Cancelling a query (e | 2026-01-30T15:33:23.662793Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ax77726 | vulnerability was found in PAM | 2026-01-30T16:35:55.808062Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-az24638 | Within HostnameError | 2026-01-30T17:22:56.881050Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-az32516 | Within HostnameError | 2026-01-30T17:27:26.591189Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-ba37192 | When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers | 2026-01-30T17:14:26.459138Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bd53293 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-01-30T16:02:54.709597Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bh03809 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:04:53.009971Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bj28314 | Within HostnameError | 2026-01-30T15:00:22.906070Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bj35875 | tar | 2026-01-30T14:59:52.925710Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bk59402 | Moby is an open-source project created by Docker for software containerization | 2026-01-30T14:00:20.262469Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bl06950 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:08:23.121647Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bn11148 | Moby is an open-source project created by Docker for software containerization | 2026-01-30T16:54:56.412220Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bq46815 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-01-30T15:43:24.142238Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bs24435 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-01-30T15:44:54.166999Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bt39952 | Moby is an open source container framework developed by Docker Inc | 2026-01-30T15:45:23.955705Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bv91860 | Within HostnameError | 2026-01-30T15:42:23.881650Z | 2026-01-29T18:58:54Z |
| cleanstart-2026-bx37171 | Redis is an open source, in-memory database that persists on disk | 2026-01-30T14:43:22.549529Z | 2026-01-29T18:58:54Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2025-110 | 2025-09-24T17:27:41.000Z | 2025-09-24T17:27:41.000Z | |
| drupal-contrib-2026-008 | 2026-02-04T17:23:40.000Z | 2026-02-04T17:23:40.000Z | |
| drupal-contrib-2026-009 | 2026-02-11T16:53:32.000Z | 2026-02-12T15:37:20.000Z | |
| drupal-contrib-2026-010 | 2026-02-11T16:54:18.000Z | 2026-02-25T17:17:46.000Z | |
| drupal-contrib-2026-011 | 2026-02-25T18:43:32.000Z | 2026-02-25T18:43:32.000Z | |
| drupal-contrib-2026-012 | 2026-02-25T18:44:38.000Z | 2026-02-25T18:44:38.000Z | |
| drupal-contrib-2026-013 | 2026-02-25T18:45:13.000Z | 2026-02-25T18:45:13.000Z | |
| drupal-contrib-2026-014 | 2026-02-25T18:46:10.000Z | 2026-02-25T18:46:10.000Z | |
| drupal-contrib-2026-017 | 2026-02-25T18:51:01.000Z | 2026-02-25T18:51:01.000Z | |
| drupal-contrib-2026-018 | 2026-02-25T18:51:26.000Z | 2026-02-25T18:51:26.000Z | |
| drupal-contrib-2026-019 | 2026-02-25T18:51:43.000Z | 2026-02-25T18:51:43.000Z | |
| drupal-contrib-2026-016 | 2026-02-25T18:49:59.000Z | 2026-02-25T19:30:03.000Z | |
| drupal-contrib-2026-020 | 2026-03-04T17:54:27.000Z | 2026-03-04T17:54:27.000Z | |
| drupal-contrib-2026-021 | 2026-03-04T17:56:18.000Z | 2026-03-04T17:56:18.000Z | |
| drupal-contrib-2026-022 | 2026-03-04T17:57:58.000Z | 2026-03-04T17:57:58.000Z | |
| drupal-contrib-2026-023 | 2026-03-04T17:58:55.000Z | 2026-03-04T17:58:55.000Z | |
| drupal-contrib-2026-025 | 2026-03-04T18:00:41.000Z | 2026-03-04T18:00:41.000Z | |
| drupal-contrib-2026-026 | 2026-03-04T18:02:14.000Z | 2026-03-04T18:02:14.000Z | |
| drupal-contrib-2026-027 | 2026-03-04T18:02:59.000Z | 2026-03-04T18:02:59.000Z | |
| drupal-contrib-2026-024 | 2026-03-04T17:59:51.000Z | 2026-03-05T14:03:05.000Z | |
| drupal-contrib-2026-015 | 2026-02-25T18:47:57.000Z | 2026-03-17T13:20:54.000Z | |
| drupal-contrib-2026-030 | 2026-03-18T16:10:00.000Z | 2026-03-18T16:10:00.000Z | |
| drupal-contrib-2026-028 | 2026-03-11T16:33:14.000Z | 2026-03-26T19:43:59.000Z | |
| drupal-contrib-2026-029 | 2026-03-11T16:35:02.000Z | 2026-03-26T19:50:52.000Z | |
| drupal-contrib-2026-031 | 2026-04-01T16:38:14.000Z | 2026-04-02T14:13:13.000Z | |
| drupal-contrib-2026-032 | 2026-04-08T16:09:54.000Z | 2026-04-08T16:09:54.000Z |
| ID | Description | Updated |
|---|---|---|
| ts-2022-001 | TS-2022-001 | 2022-02-07T00:00 |
| ts-2022-002 | TS-2022-002 | 2022-05-11T00:00 |
| ts-2022-003 | TS-2022-003 | 2022-06-14T00:00 |
| ts-2022-004 | TS-2022-004 | 2022-11-21T00:00 |
| ts-2022-005 | TS-2022-005 | 2022-11-21T00:00 |
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2000-ALE-002 | Alerte de virus NEWLOVE | 2000-05-19T00:00:00.000000 | 2000-05-19T00:00:00.000000 |
| certa-2000-ale-002 | Alerte de virus NEWLOVE | 2000-05-19T00:00:00.000000 | 2000-05-19T00:00:00.000000 |
| CERTA-2000-ALE-003 | « Mesures de performances » de l'Internet | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| CERTA-2000-ALE-004 | Virus Macro OF97/Cybernet-A | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| certa-2000-ale-003 | « Mesures de performances » de l'Internet | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| certa-2000-ale-004 | Virus Macro OF97/Cybernet-A | 2000-05-26T00:00:00.000000 | 2000-05-26T00:00:00.000000 |
| CERTA-2000-ALE-005 | Virus macro V97M/Resume.A | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-ale-005 | Virus macro V97M/Resume.A | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| CERTA-2000-ALE-006 | Deni de service sous Firewall-1 | 2000-06-08T00:00:00.000000 | 2000-06-08T00:00:00.000000 |
| certa-2000-ale-006 | Deni de service sous Firewall-1 | 2000-06-08T00:00:00.000000 | 2000-06-08T00:00:00.000000 |
| CERTA-2000-ALE-007 | Virus VBS/LoveLet-AS | 2000-06-09T00:00:00.000000 | 2000-06-09T00:00:00.000000 |
| certa-2000-ale-007 | Virus VBS/LoveLet-AS | 2000-06-09T00:00:00.000000 | 2000-06-09T00:00:00.000000 |
| CERTA-2000-ALE-008 | The Serbian Badman Trojan (TSB) | 2000-06-13T00:00:00.000000 | 2000-06-13T00:00:00.000000 |
| certa-2000-ale-008 | The Serbian Badman Trojan (TSB) | 2000-06-13T00:00:00.000000 | 2000-06-13T00:00:00.000000 |
| CERTA-2000-ALE-009 | Ver VBS/Stages-A, Mirc/stages-a, pIRC/Stages-A | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-ale-009 | Ver VBS/Stages-A, Mirc/stages-a, pIRC/Stages-A | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| CERTA-2000-ALE-010 | Vulnérabilités dans le serveur de fichier wu-ftpd | 2000-06-26T00:00:00.000000 | 2000-06-26T00:00:00.000000 |
| certa-2000-ale-010 | Vulnérabilités dans le serveur de fichier wu-ftpd | 2000-06-26T00:00:00.000000 | 2000-06-26T00:00:00.000000 |
| CERTA-2000-ALE-011 | Trojan Simpsons | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| certa-2000-ale-011 | Trojan Simpsons | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| CERTA-2000-ALE-001 | Alerte de virus LOVE-LETTER-FOR-YOU | 2000-05-05T00:00:00.000000 | 2000-07-05T00:00:00.000000 |
| certa-2000-ale-001 | Alerte de virus LOVE-LETTER-FOR-YOU | 2000-05-05T00:00:00.000000 | 2000-07-05T00:00:00.000000 |
| CERTA-2000-ALE-012 | Mauvaise compatibilité des scanners de virus avec NTFS | 2000-09-08T00:00:00.000000 | 2000-09-08T00:00:00.000000 |
| certa-2000-ale-012 | Mauvaise compatibilité des scanners de virus avec NTFS | 2000-09-08T00:00:00.000000 | 2000-09-08T00:00:00.000000 |
| CERTA-2000-ALE-014 | Vulnérabilité dans la bibliothèque glibc sous Unix | 2000-09-14T00:00:00.000000 | 2000-09-14T00:00:00.000000 |
| certa-2000-ale-014 | Vulnérabilité dans la bibliothèque glibc sous Unix | 2000-09-14T00:00:00.000000 | 2000-09-14T00:00:00.000000 |
| CERTA-2000-ALE-013 | Virus VBS Quatro-A | 2000-09-18T00:00:00.000000 | 2000-09-18T00:00:00.000000 |
| certa-2000-ale-013 | Virus VBS Quatro-A | 2000-09-18T00:00:00.000000 | 2000-09-18T00:00:00.000000 |
| CERTA-2000-ALE-015 | Risque d'usurpation de l'identité de Sun Microsystems | 2000-10-25T00:00:00.000000 | 2000-10-25T00:00:00.000000 |
| certa-2000-ale-015 | Risque d'usurpation de l'identité de Sun Microsystems | 2000-10-25T00:00:00.000000 | 2000-10-25T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTA-2000-AVI-001 | Débordements de variables dans les services authentifiés par Kerberos | 2000-05-18T00:00:00.000000 | 2000-05-18T00:00:00.000000 |
| certa-2000-avi-001 | Débordements de variables dans les services authentifiés par Kerberos | 2000-05-18T00:00:00.000000 | 2000-05-18T00:00:00.000000 |
| CERTA-2000-AVI-002 | Vulnérabilités dans Office 2000 | 2000-05-25T00:00:00.000000 | 2000-05-25T00:00:00.000000 |
| certa-2000-avi-002 | Vulnérabilités dans Office 2000 | 2000-05-25T00:00:00.000000 | 2000-05-25T00:00:00.000000 |
| CERTA-2000-AVI-003 | Vulnérabilité sous HP Web JetAdmin Version 5.6 et antérieures | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| CERTA-2000-AVI-004 | Vulnérabilité dans le protocole du service explorateur d'ordinateurs sous Windows NT et Windows 2000 | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-avi-003 | Vulnérabilité sous HP Web JetAdmin Version 5.6 et antérieures | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| certa-2000-avi-004 | Vulnérabilité dans le protocole du service explorateur d'ordinateurs sous Windows NT et Windows 2000 | 2000-05-29T00:00:00.000000 | 2000-05-29T00:00:00.000000 |
| CERTA-2000-AVI-005 | Deux nouveaux vers VBS | 2000-05-31T00:00:00.000000 | 2000-05-31T00:00:00.000000 |
| certa-2000-avi-005 | Deux nouveaux vers VBS | 2000-05-31T00:00:00.000000 | 2000-05-31T00:00:00.000000 |
| CERTA-2000-AVI-006 | Vulnérabilités lors de sessions SSL | 2000-06-07T00:00:00.000000 | 2000-06-07T00:00:00.000000 |
| certa-2000-avi-006 | Vulnérabilités lors de sessions SSL | 2000-06-07T00:00:00.000000 | 2000-06-07T00:00:00.000000 |
| CERTA-2000-AVI-007 | Vulnérabilités sur le serveur FTP utilisant Kerberos 5 | 2000-06-15T00:00:00.000000 | 2000-06-15T00:00:00.000000 |
| certa-2000-avi-007 | Vulnérabilités sur le serveur FTP utilisant Kerberos 5 | 2000-06-15T00:00:00.000000 | 2000-06-15T00:00:00.000000 |
| CERTA-2000-AVI-008 | Vulnérabilité sous Windows 2000 | 2000-06-19T00:00:00.000000 | 2000-06-19T00:00:00.000000 |
| certa-2000-avi-008 | Vulnérabilité sous Windows 2000 | 2000-06-19T00:00:00.000000 | 2000-06-19T00:00:00.000000 |
| CERTA-2000-AVI-009 | Exécution de fichiers locaux grâce aux fichiers d'aides de Microsoft Windows | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| CERTA-2000-AVI-010 | Débordement de pile dans le programme <TT>splitVT</TT> | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-avi-009 | Exécution de fichiers locaux grâce aux fichiers d'aides de Microsoft Windows | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| certa-2000-avi-010 | Débordement de pile dans le programme <TT>splitVT</TT> | 2000-06-20T00:00:00.000000 | 2000-06-20T00:00:00.000000 |
| CERTA-2000-AVI-011 | Problèmes de privilèges dans les extensions de FrontPage | 2000-06-27T00:00:00.000000 | 2000-06-27T00:00:00.000000 |
| certa-2000-avi-011 | Problèmes de privilèges dans les extensions de FrontPage | 2000-06-27T00:00:00.000000 | 2000-06-27T00:00:00.000000 |
| CERTA-2000-AVI-012 | Vulnérabilité dans « Workshop » cvconnect sous IRIX | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| certa-2000-avi-012 | Vulnérabilité dans « Workshop » cvconnect sous IRIX | 2000-06-29T00:00:00.000000 | 2000-06-29T00:00:00.000000 |
| CERTA-2000-AVI-013 | Vulnérabilité dans Microsoft SQL Serveur | 2000-07-11T00:00:00.000000 | 2000-07-11T00:00:00.000000 |
| certa-2000-avi-013 | Vulnérabilité dans Microsoft SQL Serveur | 2000-07-11T00:00:00.000000 | 2000-07-11T00:00:00.000000 |
| CERTA-2000-AVI-014 | Vulnérabilité dans l'utilitaire makewhatis sous Unix | 2000-07-13T00:00:00.000000 | 2000-07-13T00:00:00.000000 |
| certa-2000-avi-014 | Vulnérabilité dans l'utilitaire makewhatis sous Unix | 2000-07-13T00:00:00.000000 | 2000-07-13T00:00:00.000000 |
| CERTA-2000-AVI-015 | Vulnérabilité dans l'en-tête des mèls sous Outlook | 2000-07-19T00:00:00.000000 | 2000-07-19T00:00:00.000000 |
| CERTA-2000-AVI-016 | Vulnérabilités dans Internet Explorer 4.01, Office 2000 et PowerPoint 97 | 2000-07-19T00:00:00.000000 | 2000-07-19T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2002-000291 | Canna irw_through Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000029 | w3m Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000030 | w3m Vulnerability of Unauthorized Access to Files or Cookies | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000144 | IP Messenger for Win Filename Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000149 | lv Arbitrary Command Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000163 | KON2 Buffer Overflow Vulnerability in Command Argument Validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000242 | skk Arbitrary Code Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000169 | LHa Vuffer Overflow Vulnerability in Testing and Extracting Process | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000170 | Lha Directory Traversal Vulnerability in Testing and Extracting Process | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000179 | DeleGate SSLway Filter Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000195 | LHA Arbitrary Command Execution Vulnerability with Shell Metacharacter in Directory Name | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000196 | LHA Buffer Overflow Vulnerability with lack of Path Length Validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000197 | LHA extrace_one Vuffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000231 | KAME Racoon eay_check_x509cert Improper Certificate Verification Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000323 | Ruby CGI Session Management Insecure File Permission Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000473 | Ruby cgi.rb Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000511 | DeleGate Multiple Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000554 | Namazu cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000586 | Virus Buster Corporate Edition vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000587 | desknet's buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000588 | SSL-VPN products vulnerable to cookie theft | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000589 | Toshiba HDD & DVD video recorders can be accessed without authentication | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000590 | Becky! Internet Mail vulnerability in S/MIME signature verification | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000591 | Shuriken Pro3 S/MIME signature verification does not verify the From address | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000592 | Shuriken Pro3 S/MIME signature verification does not verify the certificate authenticity | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000593 | LDAP server update function vulnerable to buffer overflow | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000594 | DNS cache servers resource consumption by TCP SYN_SENT states | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000163 | Sylpheed Email Header Buffer Overflow Vulnerability with non-ASCII Characters | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000183 | Apache Tomcat denial of service vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000199 | Sylpheed Filename Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2014-09151 | Puppet Enterprise信息泄露漏洞(CNVD-2014-09151) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09154 | ARRIS Touchstone TG862G/CT Telephony Gateway安全机制绕过漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09180 | Drupal Open Atrium Module存在多个漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09181 | IBM WebSphere Application Server信息泄露漏洞(CNVD-2014-09181) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09182 | IBM WebSphere Application Server目录遍历漏洞(CNVD-2014-09182) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09183 | IBM WebSphere Application Server跨站脚本漏洞(CNVD-2014-09183) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09184 | IBM WebSphere Application Server点击劫持漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09185 | IBM WebSphere Application Server Liberty Profile权限提升漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09186 | Puppet Server争用条件漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09187 | Cisco IronPort Email Security Appliance拒绝服务漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09188 | OpenSSL 's23_srvr.c'拒绝服务漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09189 | Cisco Meraki MS MRMX信息泄露漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09190 | Cisco Meraki MS MRMX任意命令执行漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09191 | Cisco Meraki MS MRMX存在shell获取漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09192 | Cisco Meraki MS MRMX任意固件安装漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09193 | IBM Security Access Manager拒绝服务漏洞(CNVD-2014-09193) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09194 | IBM Security Access Manager信息泄露漏洞(CNVD-2014-09194) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09195 | NetIQ Access Manager目录遍历漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09196 | IBM Security Access Manager信息泄露漏洞(CNVD-2014-09196) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09197 | NetIQ Access Manager存在多个跨站脚本漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09198 | IBM Security Access Manager信息泄露漏洞(CNVD-2014-09198) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09199 | IBM Security Access Manager信息泄露漏洞(CNVD-2014-09199) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09200 | IBM Security Access Manager信息泄露漏洞(CNVD-2014-09200) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09201 | IBM Security Access Manager拒绝服务漏洞(CNVD-2014-09201) | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09202 | IBM Security Access Manager SQL注入漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09203 | IBM Security Access Manager安全机制绕过漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09204 | IBM Security Access Manager跨站请求伪造漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09205 | IBM Security Access Manager点击劫持漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09206 | WordPress插件TwitterDash跨站请求伪造漏洞 | 2014-12-26 | 2014-12-29 |
| cnvd-2014-09207 | Piwigo 'rate_picture'函数SQL注入漏洞 | 2014-12-26 | 2014-12-29 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2014-00001 | Уязвимость микропрограммного обеспечения программируемого логического контроллера Schneid… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00005 | Уязвимость гипервизора VMware Workstation, позволяющая злоумышленнику получить контроль н… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00006 | Уязвимость гипервизора VMware ESXi, позволяющая злоумышленнику повысить привилегии или вы… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00009 | Уязвимость текстового редактора Microsoft Word, позволяющая злоумышленнику вызвать отказ … | 05.07.2016 | 28.11.2016 |
| bdu:2014-00010 | Уязвимость браузера Google Chrome, позволяющая злоумышленнику выполнить произвольный код | 05.07.2016 | 28.11.2016 |
| bdu:2014-00011 | Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику, прошедшему… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00012 | Уязвимость системы управления базами данных MySQL, позволяющая злоумышленнику, прошедшему… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00013 | Уязвимость системы обмена программными сообщениями Apache Qpid, позволяющая злоумышленник… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00014 | Уязвимость системы мониторинга вычислительных ресурсов Ganglia, позволяющая злоумышленник… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00015 | Уязвимость микропрограммного обеспечения маршрутизатора Cisco Linksys WRT350N, позволяюща… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00016 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику получить привилегии… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00019 | Уязвимость программного обеспечения управления виртуальной инфраструктурой VMware vCenter… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00020 | Уязвимость микропрограммного обеспечения программируемого логического контроллера Siemens… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00021 | Уязвимость микропрограммного обеспечения программируемого логического контроллера Siemens… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00022 | Уязвимость микропрограммного обеспечения программируемого логического контроллера Siemens… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00023 | Уязвимость микропрограммного обеспечения программируемого логического контроллера Siemens… | 07.07.2016 | 28.11.2016 |
| bdu:2014-00024 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00025 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00026 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00027 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00028 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00029 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00030 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00031 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00032 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00033 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику повысить привилегии… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00034 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать отказ в обс… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00035 | Уязвимость операционных систем Cisco IOS, Cisco IOS XE и системы управления IP-телефонией… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00036 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать «отказ в об… | 05.07.2016 | 28.11.2016 |
| bdu:2014-00037 | Уязвимость операционной системы Cisco IOS, позволяющая злоумышленнику вызвать «отказ в об… | 05.07.2016 | 28.11.2016 |
| ID | Description | Updated |
|---|---|---|
| var-202007-1471 | Centreon (Merethis Centreon) is a set of open source system monitoring tools from Centreo… | 2021-12-16T10:27:27.935000Z |
| var-202012-0331 | A lack of input validation and access controls in Lua CGIs on D-Link DSR VPN routers may … | 2021-12-17T04:57:47.164000Z |
| var-202103-0241 | Improper Access Control vulnerability in web service of Secomea SiteManager allows remote… | 2021-12-17T06:53:48.780000Z |
| var-201001-0336 | Multiple Hitachi products, including Cosminexus, Processing Kit for XML, and Hitachi Deve… | 2021-12-17T08:00:05.399000Z |
| var-201001-0281 | Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for … | 2021-12-17T08:08:14.210000Z |
| var-201001-0283 | Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge direc… | 2021-12-17T08:08:14.005000Z |
| var-201001-0354 | DeltaScripts PHP Links is prone to a cross-site scripting vulnerability because it fails … | 2021-12-17T08:42:36.480000Z |
| var-201002-0160 | The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 … | 2021-12-17T09:07:09.869000Z |
| var-201001-0389 | DeltaScripts PHP Links is prone to an SQL-injection vulnerability because it fails to suf… | 2021-12-17T12:39:02.472000Z |
| var-201001-0285 | Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java… | 2021-12-17T14:32:33.304000Z |
| var-201404-0699 | NETGEAR DGN2200 is a wireless router product from NETGEAR. An HTML injection vulnerabili… | 2021-12-17T19:43:32.877000Z |
| var-201004-0168 | Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Se… | 2021-12-17T21:22:07.102000Z |
| var-201001-0237 | Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite m… | 2021-12-18T01:40:54.074000Z |
| var-201002-0066 | Unspecified vulnerability in the administrative interface in the embedded HTTPS server on… | 2021-12-18T05:43:57.642000Z |
| var-201002-0067 | Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server … | 2021-12-18T05:43:58.290000Z |
| var-201002-0068 | Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption A… | 2021-12-18T05:43:58.950000Z |
| var-201002-0187 | Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM… | 2021-12-18T05:43:59.696000Z |
| var-201001-0192 | Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IO… | 2021-12-18T05:44:03.709000Z |
| var-201002-0148 | Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3… | 2021-12-18T06:57:44.035000Z |
| var-202108-1749 | Unprotected Transport of Credentials vulnerability in SiteManager provisioning service al… | 2021-12-18T08:25:41.629000Z |
| var-202108-1748 | Improper Access Control vulnerability in web service of Secomea SiteManager allows local … | 2021-12-18T08:37:55.140000Z |
| var-202108-0683 | A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code… | 2021-12-18T08:47:45.975000Z |
| var-201805-0872 | procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.… | 2021-12-18T12:29:55.049000Z |
| var-202109-1854 | A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateway… | 2021-12-18T13:04:00.617000Z |
| var-202109-1856 | A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateway… | 2021-12-18T13:07:33.391000Z |
| var-202109-1855 | A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways… | 2021-12-18T13:23:45.894000Z |
| var-202109-1928 | This vulnerability allows remote attackers to execute arbitrary code on affected installa… | 2021-12-18T15:40:54.484000Z |
| var-202109-1929 | This vulnerability allows remote attackers to execute arbitrary code on affected installa… | 2021-12-18T15:40:54.171000Z |
| var-201008-0272 | The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not p… | 2021-12-18T15:57:33.115000Z |
| var-201001-0193 | Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlie… | 2021-12-18T16:09:02.460000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2019-012 | TECSON/GOK: Improper Authentication and Access Control on multiple devices | 2019-06-04T13:21:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2025-028 | Draeger: ICMHelper is vulnerable to a privilege escalation | 2025-08-05T10:00:00.000Z | 2026-01-06T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2018-005 | Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Information Exposure | 2018-05-16T05:35:00.000Z | 2018-05-16T05:35:00.000Z |
| vde-2018-012 | PHOENIX CONTACT: ILC 1x1 ETH Denial of Service | 2018-08-13T11:55:00.000Z | 2018-08-13T11:55:00.000Z |
| vde-2018-015 | Phoenix Contact: AXL F BK PN Denial of Service Vulnerability | 2018-09-21T07:03:00.000Z | 2018-09-21T07:03:00.000Z |
| vde-2020-013 | PHOENIX CONTACT: Local Privilege Escalation in Portico Remote desktop control software | 2020-03-27T09:48:00.000Z | 2020-03-27T09:48:00.000Z |
| vde-2020-018 | PHOENIX CONTACT: FL MGUARD, TC MGUARD, TC ROUTER and TC CLOUD CLIENT: PPPD vulnerable to CVE-2020-8597 | 2020-06-02T08:42:00.000Z | 2020-06-02T08:42:00.000Z |
| vde-2020-030 | PHOENIX CONTACT: Products utilizing WIBU-SYSTEMS CodeMeter components | 2020-09-09T06:22:00.000Z | 2020-09-09T06:22:00.000Z |
| vde-2020-049 | Phoenix Contact: Multiple vulnerabilities in PLCnext Control devices < 2021.0 LTS | 2020-12-17T09:00:00.000Z | 2020-12-17T09:00:00.000Z |
| vde-2021-046 | PHOENIX CONTACT: XSS and memory-leak in FL MGUARD 1102/1105 | 2021-11-10T07:23:00.000Z | 2021-11-10T07:23:00.000Z |
| vde-2022-018 | PHOENIX CONTACT: Multiple vulnerabilities in RAD-ISM-900-EN-BD devices | 2022-05-11T14:20:00.000Z | 2022-05-11T14:20:00.000Z |
| vde-2023-004 | Phoenix Contact: Directory Traversal Vulnerability in ENERGY AXC PU Web service | 2023-04-11T08:00:00.000Z | 2023-04-11T08:00:00.000Z |
| vde-2023-030 | Phoenix Contact: Multiple products affected by WIBU Codemeter Vulnerability (Update A) | 2023-09-19T06:50:00.000Z | 2023-11-13T11:00:00.000Z |
| vde-2023-062 | Phoenix Contact: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products | 2023-11-21T08:15:00.000Z | 2023-11-21T08:15:00.000Z |
| vde-2023-055 | Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource | 2023-12-12T07:00:00.000Z | 2023-12-12T07:00:00.000Z |
| vde-2024-011 | PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers | 2024-03-12T07:00:00.000Z | 2024-03-12T07:00:00.000Z |
| vde-2024-019 | Phoenix Contact: Multiple vulnerabilities in the Firmware of CHARX SEC charge controllers | 2024-05-14T06:00:00.000Z | 2024-05-14T06:00:00.000Z |
| vde-2024-029 | Phoenix Contact: Unbounded growth of OpenSSL session cache in multiple FL MGUARD devices | 2024-06-11T06:00:00.000Z | 2024-06-11T06:00:00.000Z |
| vde-2017-003 | PHOENIX CONTACT: WLAN enabled devices utilising WPA2 encryption | 2017-11-09T16:20:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2017-004 | PHOENIX CONTACT: FL COMSERVER cross-site scripting (XSS) vulnerability | 2017-12-05T08:50:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-001 | PHOENIX CONTACT: Advisory for mGuard products | 2018-01-30T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-004 | Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Command Injection | 2018-05-16T05:35:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-006 | PHOENIX CONTACT: unauthorized access to WEB-UI on FL NAT SMx | 2019-03-25T11:40:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-007 | PHOENIX CONTACT: command injection on RAD-80211-XD(/HP-BUS) | 2019-03-25T11:45:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-014 | PHOENIX CONTACT: Multiple Vulnerabilities in Automation Worx Software Suite | 2019-06-19T12:41:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-016 | PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite | 2019-10-15T06:17:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-003 | PHOENIX CONTACT: TC Router and TC Cloud Client multiple vulnerabilities | 2020-03-05T15:58:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-023 | PHOENIX CONTACT: Two Vulnerabilities in Automation Worx Suite | 2020-07-01T08:25:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-025 | PHOENIX CONTACT: Improper path sanitation on import of project files in PLCnext Engineer | 2020-07-21T09:38:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-046 | PHOENIX CONTACT: mGuard <8.8.3 products missing initialization of resource | 2020-12-17T09:01:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-047 | PHOENIX CONTACT: BTP Touch Panels uncontrolled resource consumption | 2020-12-02T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-020 | PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite | 2021-06-23T11:10:00.000Z | 2025-05-14T12:28:19.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-023 | Welotec: Clickjacking Vulnerability in WebUI | 2024-04-23T08:00:00.000Z | 2024-04-23T08:00:00.000Z |
| vde-2024-043 | Welotec: Multiple products are vulnerable to regreSSHion | 2024-08-22T06:00:00.000Z | 2024-08-22T06:00:00.000Z |
| vde-2024-009 | Welotec: Two vulnerabilities in TK500v1 router series | 2024-04-09T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2025-076 | Welotec: Hard-coded JWT secret in egOS WebGUI | 2025-08-26T07:00:00.000Z | 2025-08-26T07:00:00.000Z |
| vde-2025-085 | Welotec: Path Traversal in SmartEMS Upload Handling | 2025-09-10T07:00:00.000Z | 2025-09-22T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2023-024 | CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting | 2023-07-28T07:45:00.000Z | 2023-07-28T07:45:00.000Z |
| vde-2023-019 | CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce | 2023-08-03T10:42:00.000Z | 2023-08-03T10:42:00.000Z |
| vde-2023-021 | CODESYS: Vulnerability in CODESYS Development System allows execution of binaries | 2023-08-03T10:48:00.000Z | 2023-08-03T10:48:00.000Z |
| vde-2023-022 | CODESYS: Missing integrity check in CODESYS Development System | 2023-08-03T10:52:00.000Z | 2023-08-03T10:52:00.000Z |
| vde-2023-023 | CODESYS: Missing Brute-Force protection in CODESYS Development System | 2023-08-03T11:08:00.000Z | 2023-08-03T11:08:00.000Z |
| vde-2023-025 | CODESYS: Control runtime system memory and integrity check vulnerabilities | 2023-08-03T11:18:00.000Z | 2023-08-03T11:18:00.000Z |
| vde-2023-035 | CODESYS: Multiple products affected by WIBU Codemeter vulnerability | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-066 | CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products | 2023-12-05T14:25:00.000Z | 2023-12-05T14:25:00.000Z |
| vde-2024-046 | OSCAT: Out-of-bounds read in OSCAT Basic library | 2024-09-10T14:00:00.000Z | 2024-09-10T14:00:00.000Z |
| advisory2024-05_vde-2024-057 | CODESYS: CODESYS web server vulnerable to DoS | 2024-09-25T21:59:00.000Z | 2025-04-03T10:00:00.000Z |
| advisory2025-05_vde-2025-027 | CODESYS Visualization user management bypass in WebVisu | 2025-04-23T10:00:00.000Z | 2025-04-23T10:00:00.000Z |
| vde-2024-026 | CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products | 2024-06-04T08:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-027 | CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere | 2024-06-04T06:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-024 | CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files | 2024-05-06T08:00:00.000Z | 2025-05-14T13:00:15.000Z |
| advisory2025-01_vde-2025-001 | CODESYS Key physical side-channel vulnerability | 2025-01-21T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-02_vde-2025-013 | CODESYS (Edge) Gateway for Windows insecure default | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-03_vde-2025-015 | CODESYS Control V3 removable media path traversal | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-04_vde-2025-022 | CODESYS Control V3 - OPC UA Server Authentication bypass | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-06_vde-2025-049 | CODESYS Control V3 - Insecure default permissions | 2025-08-04T10:00:00.000Z | 2025-08-04T10:00:00.000Z |
| advisory2025-07_vde-2025-051 | CODESYS Control V3 - Exposed PKI folder | 2025-08-04T10:00:00.000Z | 2025-09-01T10:00:00.000Z |
| advisory2025-08_vde-2025-070 | CODESYS Control V3 - NULL pointer dereference | 2025-08-04T08:00:00.000Z | 2025-10-14T08:00:00.000Z |
| advisory2025-11_vde-2025-101 | CODESYS Development System - Deserialization of Untrusted Data | 2025-12-01T10:00:00.000Z | 2025-12-01T10:00:00.000Z |
| advisory2025-09_vde-2025-099 | CODESYS Control - Linux/QNX SysSocket flaw | 2025-12-01T11:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-10_vde-2025-100 | CODESYS Control - Invalid type usage in visualization | 2025-12-01T10:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2026-01_vde-2026-012 | CODESYS Installer - Possible Privilege Escalation | 2026-03-10T10:00:00.000Z | 2026-03-10T10:00:00.000Z |
| advisory2026-02_vde-2026-011 | CODESYS Control V3 - Untrusted boot application | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-03_vde-2026-018 | CODESYS Control V3 - Externally-controlled format string in Auditlog | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-043 | Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family | 2022-11-07T11:43:00.000Z | 2022-11-07T12:14:00.000Z |
| vde-2025-031 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| vde-2025-032 | Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting | 2025-05-06T10:00:00.000Z | 2025-05-06T10:00:00.000Z |
| vde-2025-024 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version | 2025-05-13T10:00:00.000Z | 2025-05-13T10:00:00.000Z |
| vde-2024-018 | Wiesemann & Theis: Multiple products prone to unquoted search path | 2024-02-28T07:00:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2022-057 | Wiesemann & Theis multiple products prone to web interface vulnerability | 2022-12-13T07:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2025-067 | Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access | 2025-08-10T10:00:00.000Z | 2025-08-25T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2021-003 | MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) | 2022-09-07T10:46:00.000Z | 2022-09-07T10:46:00.000Z |
| vde-2022-011 | MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 | 2022-09-07T12:50:00.000Z | 2022-09-07T12:50:00.000Z |
| vde-2023-012 | MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2024-042 | MB connect line: Multiple products are vulnerable to regreSSHion | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-041 | MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2024-030 | MB connect line: mbNET.mini vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T09:00:00.000Z |
| vde-2020-035 | MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 | 2020-09-18T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-012 | MB connect line: multiple products partially affected by DNSpooq | 2021-04-26T08:04:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-017 | MB connect line: Privilege escalation in mbDIALUP | 2021-07-22T11:35:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-031 | MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 | 2021-07-22T11:33:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-037 | MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 | 2021-10-27T10:15:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2023-002 | MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 | 2023-05-15T14:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-030 | MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) | 2022-09-07T10:48:00.000Z | 2025-06-06T07:00:00.000Z |
| vde-2025-034 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-035 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-058 | MB connect line: Multiple vulnerabilities in mbNET.mini | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-065 | MB connect line: Sandbox escape in mbNET's LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2024-010 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-03-18T11:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-056 | MB connect line: Multiple Vulnerabilities in mbNET.mini Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-068 | MB connect line: Multiple Vulnerabilities in MB connect line Products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2026-024 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2026-030 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-04-02T11:00:00.000Z | 2026-04-02T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-039 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2022-09-07T10:56:00.000Z | 2022-09-07T10:56:00.000Z |
| vde-2023-008 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2023-05-15T12:06:00.000Z | 2023-05-15T12:06:00.000Z |
| vde-2023-029 | Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-043 | Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2024-032 | Helmholz: REX 100 vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T13:33:00.000Z |
| vde-2024-044 | Helmholz: Multiple products are vulnerable to regreSSHion | 2024-07-31T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-058 | Helmholz: Remote user enumeration in myREX24/myREX24-virtual | 2021-12-08T13:04:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-017 | Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual | 2022-09-07T12:54:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-031 | Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual | 2025-03-18T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-057 | Helmholz: Privilege Escalation in shDialup (Update A) | 2021-03-28T13:03:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2025-037 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-038 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-059 | Helmholz: Multiple vulnerabilities in REX 100 | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-069 | Helmholz: Sandbox escape in REX200/250 LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2024-066 | Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-069 | Helmholz: Multiple Vulnerabilities in Helmholz products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2026-025 | Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2026-013 | Helmholz: Use of a Broken or Risky Cryptographic Algorithm | 2026-04-07T08:00:00.000Z | 2026-04-07T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fsa-202406 | Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo | 2024-12-03T11:00:00.000Z | 2024-12-03T14:00:00.000Z |
| fsa-202305 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products | 2023-11-28T07:00:00.000Z | 2025-05-13T10:00:00.000Z |
| fsa-202201 | Festo: CECC-X-M1 - command injection vulnerabilities | 2022-07-06T07:00:00.000Z | 2025-06-23T08:00:00.000Z |
| fsa-202203 | Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-07-10T10:00:00.000Z |
| fsa-202207 | Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function | 2022-09-20T10:00:00.000Z | 2025-07-28T10:00:00.000Z |
| fsa-202101 | Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q | 2021-09-22T11:13:00.000Z | 2025-08-26T10:00:00.000Z |
| fsa-202303 | Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products | 2023-10-17T06:00:00.000Z | 2025-10-01T06:00:00.000Z |
| fsa-202301 | Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance | 2023-08-29T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202304 | Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions | 2023-09-05T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202206 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products | 2022-12-13T11:50:00.000Z | 2025-10-01T10:50:00.000Z |
| fsa-202208 | Festo: Multiple Festo products contain an unsafe default Codesys configuration | 2022-11-29T11:41:00.000Z | 2025-10-28T11:00:00.000Z |
| fsa-202209 | Festo: Incomplete documentation of remote accessible functions and protocols in Festo products | 2022-11-29T11:49:00.000Z | 2025-11-03T10:00:00.000Z |
| fsa-202202 | Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-11-03T11:00:00.000Z |
| fsa-202401 | Festo: Multiple products contain CoDe16 vulnerability | 2024-01-30T07:00:00.000Z | 2025-11-04T11:00:00.000Z |
| fsa-202405 | Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability | 2024-09-09T07:00:00.000Z | 2025-11-05T08:00:00.000Z |
| fsa-202402 | Several Vulnerabilities in MES PC (Windows 10) | 2024-02-27T12:00:00.000Z | 2025-12-08T07:00:00.000Z |
| fsa-202302 | Festo: Several vulnerabilities in FactoryViews | 2023-07-10T10:00:00.000Z | 2026-02-02T08:00:00.000Z |
| fsa-202601 | Several CODESYS vulnerabilities in Festo Automation Suite | 2026-02-26T08:00:00.000Z | 2026-02-26T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2018-008 | Pepperl+Fuchs: Remote Code Execution Vulnerability in HMI Devices | 2018-07-06T13:37:00.000Z | 2018-07-06T13:37:00.000Z |
| vde-2017-005 | Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption | 2017-12-11T13:26:00.000Z | 2018-10-23T10:00:00.000Z |
| vde-2018-009 | Pepperl+Fuchs: Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices | 2018-07-06T14:47:00.000Z | 2018-10-23T10:00:00.000Z |
| vde-2019-004 | Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack | 2019-03-14T07:52:00.000Z | 2019-03-14T07:52:00.000Z |
| vde-2019-011 | Pepperl+Fuchs: Remote code execution vulnerability in HMI devices | 2019-05-29T07:35:00.000Z | 2019-10-07T10:00:00.000Z |
| vde-2020-034 | Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components | 2020-09-10T13:22:00.000Z | 2020-09-10T13:22:00.000Z |
| vde-2020-040 | Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux | 2020-10-05T12:00:00.000Z | 2020-10-05T12:00:00.000Z |
| vde-2021-018 | Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules | 2021-05-12T08:57:00.000Z | 2021-05-12T08:57:00.000Z |
| vde-2021-034 | Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices | 2021-07-30T07:55:00.000Z | 2021-07-30T07:55:00.000Z |
| vde-2022-012 | Pepperl+Fuchs: Vulnerability in multiple VisuNet devices | 2022-04-26T12:00:00.000Z | 2022-05-16T14:15:00.000Z |
| vde-2024-037 | Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 | 2024-07-10T06:00:00.000Z | 2024-07-10T06:00:00.000Z |
| vde-2018-002 | Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks | 2018-02-14T08:50:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-016 | Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability | 2018-10-19T10:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-001 | Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 | 2021-01-15T12:41:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-063 | PEPPERL+FUCHS: Multiple products are affected by regreSSHion | 2024-10-08T12:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-065 | PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key | 2024-11-26T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-007 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-16T14:53:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2019-002 | Pepperl+Fuchs: Path traversal in WirelessHART Gateway | 2019-03-06T10:35:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-038 | Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master | 2021-01-04T13:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-027 | Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-10-16T12:00:00.001Z | 2025-05-14T13:00:14.000Z |
| vde-2021-028 | Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities | 2021-08-16T12:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-050 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-15T13:33:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-006 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-11-16T14:53:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-014 | Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets | 2020-03-31T13:30:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2024-033 | PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service | 2024-08-13T12:00:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2020-017 | Pepperl+Fuchs, PACTware: Two password vulnerabilities found | 2020-05-29T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-053 | Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities | 2021-03-08T13:44:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-041 | Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability | 2021-10-26T13:35:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-021 | Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities | 2022-05-16T14:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-017 | Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities | 2024-04-10T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2021-054 | Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-055 | Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-061 | Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2022-033 | Pilz: PASvisu and PMI affected by multiple vulnerabilities | 2022-11-24T09:00:00.000Z | 2022-11-24T09:00:00.000Z |
| vde-2023-059 | Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx | 2023-12-05T07:06:00.000Z | 2023-12-05T07:06:00.000Z |
| vde-2024-002 | Pilz: Multiple products affected by uC/HTTP vulnerability | 2024-02-06T07:00:00.000Z | 2024-02-06T07:00:00.000Z |
| vde-2023-050 | Pilz: Vulnerability in PASvisu and PMI v8xx | 2024-01-30T07:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2020-033 | Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-09-10T13:18:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-009 | Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities | 2021-09-20T11:56:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-045 | Pilz: PAS 4000 prone to ZipSlip | 2022-11-24T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-033 | Pilz: WIBU Vulnerabilitiy in multiple Products | 2023-10-12T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-048 | Pilz: Multiple products prone to libwebp vulnerability | 2023-12-05T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-044 | Pilz: Multiple products affected by ZipSlip | 2022-11-24T09:00:00.000Z | 2025-06-05T13:28:13.000Z |
| ppsa-2025-001 | Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory | 2025-06-30T10:00:00.000Z | 2025-06-30T10:00:00.000Z |
| ppsa-2025-002 | Pilz: Missing Authentication in Node-RED integration | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-003 | Pilz: Authentication Bypass in IndustrialPI Webstatus | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-004 | Pilz: Vulnerability affecting PASvisu Runtime | 2025-10-20T10:00:00.000Z | 2025-10-20T10:00:00.000Z |
| ppsa-2026-001 | Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service | 2026-02-02T08:00:00.000Z | 2026-02-02T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2019-013 | WAGO: Multiple Vulnerabilities in industrial managed switches | 2019-06-12T10:25:00.000Z | 2019-06-12T10:25:00.000Z |
| vde-2019-022 | WAGO: Multiple Vulnerabilities in I/O-Check Service in Multiple Devices | 2019-12-16T09:00:00.000Z | 2019-12-16T09:00:00.000Z |
| vde-2020-007 | WAGO: Web-Based Management Denial of Service | 2020-03-09T09:10:00.000Z | 2020-03-09T09:10:00.000Z |
| vde-2020-010 | WAGO: Cloud Connectivity Remote Code Execution Vulnerability | 2020-03-09T09:25:00.000Z | 2020-03-09T09:25:00.000Z |
| vde-2020-015 | WAGO: Web Based Management - Code Execution Vulnerability | 2020-06-10T08:00:00.000Z | 2020-06-10T08:00:00.000Z |
| vde-2020-048 | M&M Software (WAGO): Deserialisation of untrusted data in fdtContainer | 2021-01-14T14:57:00.000Z | 2021-01-14T14:57:00.000Z |
| vde-2021-050 | WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack. | 2021-11-16T11:02:00.000Z | 2021-11-16T11:02:00.000Z |
| vde-2022-004 | WAGO: Web-Based Management Cross-Site Scripting | 2022-03-09T07:00:00.000Z | 2022-03-09T07:00:00.000Z |
| vde-2022-031 | WAGO: Multiple Products Series affected by multiple CODESYS vulnerabilities | 2022-08-17T08:00:00.000Z | 2022-08-17T08:00:00.000Z |
| vde-2022-035 | WAGO: Multiple product series affected by multiple CODESYS vulnerabilities | 2022-08-17T08:00:00.000Z | 2022-08-17T08:00:00.000Z |
| vde-2022-047 | WAGO: FTP-Server - Denial-of-Service | 2022-10-12T08:00:00.000Z | 2022-10-12T08:00:00.000Z |
| vde-2022-042 | WAGO: Multiple products - Loss of MAC-Address-Filtering after reboot | 2022-10-17T08:00:00.000Z | 2022-10-17T08:00:00.000Z |
| vde-2022-054 | WAGO: Unauthenticated Configuration Export in web-based management in multiple devices | 2023-01-12T07:52:00.000Z | 2023-01-12T07:52:00.000Z |
| vde-2022-055 | WAGO: Exposure of configuration interface in unmanaged switches | 2023-02-16T13:43:00.000Z | 2023-02-16T13:43:00.000Z |
| vde-2022-060 | WAGO: Multiple vulnerabilities in web-based management of multiple products | 2023-02-27T11:00:00.000Z | 2023-02-27T11:00:00.000Z |
| vde-2023-005 | WAGO: Series 750-3x/-8x prone to MODBUS server DoS | 2023-06-25T06:00:00.000Z | 2023-06-25T06:00:00.000Z |
| vde-2023-014 | WAGO: Bluetooth LE vulnerability in WLAN-ETHERNET-Gateway | 2023-07-31T07:00:00.000Z | 2023-07-31T07:00:00.000Z |
| vde-2022-040 | WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime | 2022-10-17T08:00:00.000Z | 2023-09-22T12:39:00.000Z |
| vde-2023-015 | WAGO: Improper privilege management in web-based management | 2023-11-20T07:00:00.000Z | 2023-11-20T07:00:00.000Z |
| vde-2023-037 | WAGO: Remote Code execution vulnerability in managed Switches | 2023-11-21T07:00:00.000Z | 2023-11-21T07:00:00.000Z |
| vde-2023-044 | Wago: Vulnerabilities in IEC61850 Server / Telecontrol | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-045 | Wago: Vulnerability in Smart Designer Web-Application | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2024-007 | WAGO: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products | 2024-01-22T07:00:00.000Z | 2024-01-22T07:00:00.000Z |
| vde-2023-039 | Wago: Multiple vulnerabilities in web-based management of multiple products | 2024-03-13T08:30:00.000Z | 2024-03-13T08:30:00.000Z |
| vde-2023-068 | WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime | 2024-05-21T06:00:00.000Z | 2024-05-21T06:00:00.000Z |
| vde-2024-021 | WAGO: Vulnerability in WAGO Navigator | 2024-05-21T06:00:00.000Z | 2024-05-21T06:00:00.000Z |
| vde-2023-006 | WAGO: Controller with CODESYS 2.3 Runtime Denial-of-Service | 2023-06-25T06:00:00.000Z | 2024-07-08T10:00:00.000Z |
| vde-2023-042 | Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B) | 2023-09-25T10:00:00.000Z | 2024-11-20T11:00:00.000Z |
| vde-2024-072 | WAGO: Vulnerabilities in CODESYS Control | 2024-12-03T11:00:00.000Z | 2024-12-03T11:00:00.000Z |
| vde-2025-004 | Wago: Vulnerability in libwagosnmp | 2025-03-05T11:00:00.000Z | 2025-04-10T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-050 | IFM: weak password recovery vulnerability in moneo appliance | 2022-12-12T11:00:00.000Z | 2026-01-06T11:00:00.000Z |
| vde-2024-012 | ifm: Vulnerabilities in ifm AC14 firmware | 2024-07-09T07:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2024-028 | ifm moneo password reset can be exploited | 2024-05-06T10:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2024-061 | ifm: Improper Access Control vulnerability | 2025-06-30T10:00:00.000Z | 2026-02-18T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-051 | Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server | 2021-04-27T08:08:00.000Z | 2021-05-11T10:00:00.000Z |
| vde-2024-064 | Beckhoff: Local command injection via TwinCAT Package Manager | 2024-10-31T11:00:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2019-019 | Beckhoff: TwinCAT Denial-of-Service in Profinet driver | 2019-10-09T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-005 | Beckhoff: BK9000 couplers - Denial of service inhibits function | 2020-03-10T13:17:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-019 | Beckhoff: EtherLeak in TwinCAT RT network driver | 2020-06-16T08:31:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-037 | Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) | 2020-11-19T13:41:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-008 | Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-051 | Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server | 2021-11-04T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-067 | Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf | 2023-12-13T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-045 | Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-048 | Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-049 | Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-050 | Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-003 | BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology | 2022-03-01T12:34:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2025-075 | Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-092 | Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager | 2026-01-27T11:00:00.000Z | 2026-01-27T11:00:00.000Z |
| vde-2025-106 | Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server | 2026-01-26T10:00:00.000Z | 2026-02-12T09:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2021-033 | TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities | 2021-08-12T13:02:00.001Z | 2021-08-12T13:02:00.001Z |
| vde-2022-016 | TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability | 2022-05-02T10:00:00.000Z | 2022-05-02T10:00:00.000Z |
| vde-2022-034 | TRUMPF: Products prone to Unified Automation vulnerabilities | 2022-08-15T10:00:00.000Z | 2022-08-15T10:00:00.000Z |
| vde-2022-023 | TRUMPF TruTops prone to improper access control | 2022-10-17T10:00:00.000Z | 2022-10-17T10:00:00.000Z |
| vde-2023-031 | Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability | 2023-09-13T10:00:00.000Z | 2023-11-13T11:00:00.000Z |
| vde-2024-006 | TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x | 2024-01-23T07:00:00.000Z | 2024-01-23T07:00:00.000Z |
| vde-2024-001 | TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities | 2024-01-29T07:00:00.000Z | 2024-01-29T07:00:00.000Z |
| vde-2024-034 | Multiple TRUMPF products prone to nftables server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-040 | Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2020-039 | TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T10:28:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2022-049 | TRUMPF: Multiple products prone to X.Org server vulnerabilities | 2022-11-07T11:43:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-003 | TRUMPF: Multiple products include a vulnerable version of Notepad++ | 2024-01-23T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-004 | TRUMPF: Multiple products affected by log4net vulnerability | 2025-04-22T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-005 | TRUMPF: Multiple products contain vulnerable version of 7-zip | 2024-01-23T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2025-078 | TRUMPF: Remote support uses an outdated encryption algorithm | 2025-08-25T06:00:00.000Z | 2025-08-29T10:00:00.000Z |
| vde-2021-011 | TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability | 2021-03-22T08:59:00.000Z | 2026-02-02T14:25:00.000Z |
| vde-2026-007 | TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability | 2026-02-23T08:00:00.000Z | 2026-02-23T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2021-048 | Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication | 2021-10-04T12:33:00.000Z | 2021-10-04T12:33:00.000Z |
| vde-2022-030 | Lenze: Vulnerability in the OPC-UA authentification connection in the firmware | 2022-07-11T10:00:00.000Z | 2022-07-11T10:00:00.000Z |
| vde-2024-053 | Lenze: Install Directory with insufficient permissions | 2024-09-03T08:00:00.000Z | 2025-03-13T11:30:00.000Z |
| vde-2025-042 | Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway | 2025-05-27T09:00:00.000Z | 2025-05-27T09:00:00.000Z |
| vde-2025-043 | Lenze: PLC Designer V4 with insecure storage of sensitive information | 2025-06-25T10:00:00.000Z | 2025-06-25T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-029 | Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 | 2022-09-26T08:00:00.000Z | 2026-03-02T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-032 | AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service | 2022-08-09T08:00:00.000Z | 2022-08-09T08:00:00.000Z |
| vde-2023-027 | AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations | 2023-08-07T09:35:00.000Z | 2023-08-07T09:35:00.000Z |
| vde-2025-026 | AUMA Riester: Buffer overflow in service telegram | 2025-05-12T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-024 | Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver | 2022-06-15T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2023-028 | AUMA: SIMA Master Station affected by WRECK vulnerability | 2023-08-07T11:35:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2025-047 | AUMA: Incorrect delivery status of the Bluetooth configuration | 2025-06-10T10:00:00.000Z | 2025-06-10T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-043 | Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability | 2020-10-16T06:54:00.000Z | 2020-10-16T06:54:00.000Z |
| vde-2021-047 | Bender/ebee: Multiple Charge Controller Vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2025-061 | Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-084 | Bender Charge Controller Vulnerability - Unsecure Communication | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2019-005 | Endress+Hauser: WIFI enabled products utilising WPA2 | 2019-03-19T15:34:00.000Z | 2019-03-19T15:34:00.000Z |
| vde-2022-006 | Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware | 2022-03-24T10:48:00.000Z | 2022-03-24T10:48:00.000Z |
| vde-2022-019 | Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components | 2022-06-02T15:11:00.000Z | 2022-06-02T15:11:00.000Z |
| vde-2024-041 | Endress+Hauser: Multiple products are vulnerable to code injection | 2024-09-10T08:00:00.000Z | 2024-09-10T08:00:00.000Z |
| vde-2025-036 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-03-06T14:00:00.000Z | 2025-03-06T14:00:00.000Z |
| vde-2020-021 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management | 2020-11-19T14:48:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2021-010 | Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks | 2021-05-18T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-040 | Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow | 2021-10-04T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-022 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information | 2020-11-19T14:48:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-031 | Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T13:10:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-005 | Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability | 2021-03-01T06:39:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-044 | Endress+Hauser: Multiple products affected by log4net vulnerability | 2022-01-20T08:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-054 | Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-105 | Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability | 2025-12-08T09:00:00.000Z | 2025-12-08T09:00:00.000Z |
| vde-2025-068 | Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions | 2025-09-02T10:00:00.000Z | 2026-02-20T09:00:00.000Z |
| vde-2026-002 | Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation | 2026-03-02T07:00:00.000Z | 2026-03-02T07:00:00.000Z |
| vde-2026-003 | Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime | 2026-03-31T08:00:00.000Z | 2026-04-01T11:00:00.000Z |
| vde-2025-107 | Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities | 2025-12-05T11:00:00.000Z | 2026-04-02T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2023-011 | Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability | 2023-07-05T08:00:00.000Z | 2023-07-05T08:00:00.000Z |
| vde-2023-038 | Frauscher: Multiple Vulnerabilities in FDS101 | 2023-09-21T06:00:00.000Z | 2023-09-21T06:00:00.000Z |
| vde-2023-049 | Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability | 2023-12-11T07:00:00.000Z | 2023-12-11T07:00:00.000Z |
| vde-2025-030 | Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability | 2025-07-07T10:00:00.000Z | 2025-07-29T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-015 | Miele: Security vulnerability in Benchmark Programming Tool | 2022-04-27T12:00:00.000Z | 2022-04-27T12:00:00.000Z |
| vde-2022-052 | Miele: Vulnerability in ease2pay cloud service used by appWash | 2022-11-21T09:00:00.000Z | 2022-11-21T09:00:00.000Z |
| vde-2020-024 | Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED | 2020-07-08T07:29:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2019-010 | Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway | 2019-05-20T06:58:00.000Z | 2025-05-14T13:00:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-008 | WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways | 2022-04-07T06:00:00.000Z | 2022-04-07T06:00:00.000Z |
| vde-2021-004 | Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write | 2022-06-21T08:00:00.000Z | 2022-06-21T08:00:00.000Z |
| vde-2022-056 | Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability | 2022-12-14T07:00:00.000Z | 2022-12-14T07:00:00.000Z |
| vde-2025-023 | Weidmueller: OpenSSL vulnerability in industrial ethernet switches | 2025-03-05T08:00:00.000Z | 2025-03-05T11:00:00.000Z |
| vde-2020-041 | Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-10-12T09:14:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-002 | Weidmueller: WI Manager affected by fdtContainer vulnerability | 2021-01-20T13:32:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-016 | Weidmueller: Accidentally open network port in u-controls and IoT-Gateways | 2021-05-04T08:17:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-042 | Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities | 2021-10-18T08:24:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-026 | Weidmueller: Multiple vulnerabilities in Industrial WLAN devices | 2021-06-23T11:04:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2025-021 | Weidmueller: Authentication Vulnerability in PROCON-WIN 5 | 2025-03-05T09:00:00.000Z | 2025-05-14T13:26:53.000Z |
| vde-2025-041 | Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX | 2025-05-19T09:00:00.000Z | 2025-05-19T09:00:00.000Z |
| vde-2019-018 | Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches | 2019-12-05T12:03:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-032 | Weidmueller: WIBU Vulnerability in multiple Products | 2023-11-09T07:42:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-052 | Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities | 2025-06-11T10:00:00.000Z | 2025-07-23T10:00:00.000Z |
| vde-2025-044 | Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities | 2025-05-27T09:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-096 | Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-020 | SMA: Cluster Controller CSRF vulnerability | 2025-01-27T13:00:00.000Z | 2025-02-12T16:48:47.000Z |
| vde-2024-074 | SMA: SQL injection in Sunny Central UP | 2024-11-27T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2025-010 | SMA: Sunny Portal demo system privilege escalation | 2025-05-13T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2025-012 | SMA: Sunny Portal Remote Code Execution | 2025-02-26T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-075 | SMA: Sunny Webbox clickjacking vulnerability | 2025-01-27T13:00:00.000Z | 2025-06-17T06:00:00.000Z |
| vde-2025-050 | SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user | 2025-08-19T10:00:00.000Z | 2025-08-19T10:00:00.000Z |
| vde-2025-066 | SMA: Directory Traversal in Sunny Boy | 2025-08-27T08:00:00.000Z | 2025-08-27T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-059 | HIMA: unquoted path vulnerabilities in X-OPC and X-OTS | 2023-01-16T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-013 | HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing | 2024-02-13T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-091 | Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro | 2025-10-14T10:00:00.000Z | 2025-10-14T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-016 | SWARCO: Critical Vulnerability in CPU LS4000 | 2020-05-28T13:00:00.000Z | 2020-05-28T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2023-009 | ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 | 2023-05-08T13:37:00.000Z | 2023-05-08T13:37:00.000Z |
| vde-2025-033 | ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products | 2025-04-14T10:00:00.000Z | 2025-04-14T10:00:00.000Z |
| vde-2024-016 | ADS-TEC Industrial IT: Docker vulnerability affects multiple products | 2024-02-19T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-061 | VARTA: Multiple devices prone to hard-coded credentials | 2023-03-15T09:00:00.000Z | 2023-03-15T09:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-060 | Sauter: Multiple vulnerabilities in SAUTER modulo 6 | 2025-10-21T10:00:00.000Z | 2025-10-27T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-094 | Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ | 2025-11-24T12:00:00.000Z | 2025-11-24T12:00:00.000Z |
| vde-2025-079 | Janitza: Multiple vulnerabilities in UMG 96RM-E | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-001 | METTLER TOLEDO: ASP.NET core vulnerability in LabX | 2026-03-04T07:00:00.000Z | 2026-03-04T07:00:00.000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2025-0001 |
5.3 (4.0)
|
The absence of a password confirmation step when deact… |
CIRCL |
Vulnerability-Lookup |
2025-05-27T08:58:00.000Z | 2025-05-30T14:27:56.273945Z |
| GCVE-1-2025-0002 |
8.9 (4.0)
|
Command Injection in Cl0p Exfiltration Python Script |
Cl0p ransomware |
exfiltration |
2025-07-01T08:19:00.000Z | 2025-07-01T10:58:58.443468Z |
| GCVE-1-2025-0003 |
9.3 (4.0)
|
Incorrect ACL for user settings edit, which previ… |
cerebrate |
cerebrate |
2025-08-22T12:33:00.000Z | 2025-08-23T07:55:10.950332Z |
| GCVE-1-2025-0004 |
10 (4.0)
|
XSS in Comments, Bundles, and Sightings component of v… |
CIRCL |
vulnerability-lookup |
2025-09-25T14:10:00.000Z | 2025-11-19T10:16:47.656802Z |
| GCVE-1-2025-0005 |
9.4 (4.0)
|
Reflected XSS due to insecure use of Markup |
CIRCL |
vulnerability-lookup |
2025-10-13T08:23:29.812914Z | 2025-10-13T08:23:29.812914Z |
| GCVE-1-2025-0006 |
9.3 (4.0)
|
Potential XSS in admin CPE in organization model |
CIRCL |
vulnerability-lookup |
2025-10-13T08:29:00.000Z | 2025-10-13T08:52:23.411325Z |
| GCVE-1-2025-0007 |
4.5 (4.0)
|
Missing email validation on user management |
CIRCL |
vulnerability-lookup |
2025-10-13T08:37:00.000Z | 2025-10-13T08:51:37.408861Z |
| GCVE-1-2025-0008 |
7 (4.0)
|
Logged users can view vulnerability disclosure comment… |
CIRCL |
vulnerability-lookup |
2025-10-13T09:10:00.000Z | 2025-10-13T09:15:31.637686Z |
| GCVE-1-2025-0009 |
6.4 (4.0)
|
A pre-auth user could self-assign a reporter without b… |
CIRCL |
vulnerability-lookup |
2025-10-13T09:20:24.800890Z | 2025-10-13T09:20:24.800890Z |
| GCVE-1-2025-0010 |
6.3 (4.0)
|
Arbitrary file hash inclusion via templates accessible… |
misp |
misp |
2025-11-04T06:25:11.108987Z | 2025-11-04T06:25:11.108987Z |
| GCVE-1-2025-0011 |
9.4 (4.0)
|
Arbitrary file inclusion / deletion via import modules… |
misp |
misp |
2025-11-04T07:01:25.464225Z | 2025-11-04T07:01:25.464225Z |
| GCVE-1-2025-0012 |
N/A
|
Potential vulnerability in file check upload but non-e… |
misp |
misp |
2025-11-04T07:20:00.000Z | 2025-11-28T07:16:21.589449Z |
| GCVE-1-2025-0013 |
9.4 (4.0)
|
Vulnerability in sharing group blueprints allowing sha… |
misp |
misp |
2025-11-04T08:49:21.558087Z | 2025-11-04T08:49:21.558087Z |
| GCVE-1-2025-0014 |
9.4 (4.0)
|
XSS in event report via Mermaid diagram |
misp |
misp |
2025-11-04T08:58:00.024516Z | 2025-11-04T08:58:00.024516Z |
| GCVE-1-2025-0015 |
9 (4.0)
|
Potential XSS in decaying simulation tool |
misp |
misp |
2025-11-04T09:06:00.000Z | 2025-11-04T09:06:59.216121Z |
| GCVE-1-2025-0016 |
6 (4.0)
|
Local file inclusion in [ImportFromUrl() URL hand… |
misp |
misp |
2025-11-04T09:20:00.000Z | 2025-11-04T09:56:38.383646Z |
| GCVE-1-2025-0018 |
9.4 (4.0)
|
HTML injection issue was identified in Lookyloo’s web … |
lookyloo |
lookyloo |
2025-11-18T15:33:00.000Z | 2025-11-18T20:39:45.579295Z |
| GCVE-1-2025-0020 |
9.4 (4.0)
|
cross-site scripting (XSS) in Galaxy element JSON view |
misp |
misp |
2025-11-26T15:49:00.000Z | 2025-12-02T08:47:41.151429Z |
| GCVE-1-2025-0021 |
9.4 (4.0)
|
XSS in MISP ReST client in HTML view |
misp |
misp |
2025-11-26T15:55:00.000Z | 2025-12-02T08:48:41.869838Z |
| GCVE-1-2025-0022 |
9.4 (4.0)
|
Clarified setting's impact on download_attachments_on_load |
misp |
misp |
2025-11-26T16:04:00.000Z | 2025-12-02T08:49:04.510294Z |
| GCVE-1-2025-0023 |
9.4 (4.0)
|
XSS in MISP server comparison tool |
misp |
misp |
2025-11-26T16:10:00.000Z | 2025-12-02T08:49:24.626168Z |
| GCVE-1-2025-0024 |
9.4 (4.0)
|
cross-site scripting (XSS) vulnerability in the MISP s… |
misp |
misp |
2025-11-26T16:14:00.000Z | 2025-12-02T08:50:01.482327Z |
| GCVE-1-2025-0025 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:27:00.000Z | 2025-12-02T08:50:18.897756Z |
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |
| GCVE-1-2025-0028 |
8.5 (4.0)
|
Information leakage vulnerability in the MISP Feed con… |
misp |
misp |
2025-11-27T07:23:00.000Z | 2025-12-02T08:51:35.429494Z |
| GCVE-1-2025-0027 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-27T07:17:00.000Z | 2025-12-02T08:51:04.323899Z |
| GCVE-1-2025-0029 |
6.3 (4.0)
|
Reflected cross-site scripting (XSS) vulnerabilities i… |
misp |
misp |
2025-11-27T12:41:00.000Z | 2025-11-27T12:48:51.085860Z |
| GCVE-1-2025-0017 |
9.4 (4.0)
|
Privilege escalation in Cerebrate allows an authentica… |
cerebrate |
cerebrate |
2025-11-12T08:15:00.000Z | 2025-11-28T07:22:08.205835Z |