Recent vulnerabilities
Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-40288 |
9.8 (3.1)
|
PraisonAI: Critical RCE via `type: job` workflow YAML |
MervinPraison |
PraisonAI |
2026-04-14T03:00:21.547Z | 2026-04-14T15:57:15.812Z |
| CVE-2025-13753 |
4.3 (3.1)
|
WP Table Builder <= 2.0.19 - Incorrect Authorization tā¦ |
wptb |
WP Table Builder ā Drag & Drop Table Builder |
2026-01-09T07:22:12.280Z | 2026-04-14T15:56:21.107Z |
| CVE-2026-39425 |
5.1 (4.0)
|
MaxKB: Stored XSS via Unsanitized html_rander Tags in ā¦ |
1Panel-dev |
MaxKB |
2026-04-14T01:18:42.895Z | 2026-04-14T15:56:06.211Z |
| CVE-2026-39423 |
6.9 (4.0)
|
Stored XSS via Eval Injection in EchartsRander Component |
1Panel-dev |
MaxKB |
2026-04-14T00:28:47.572Z | 2026-04-14T15:55:17.386Z |
| CVE-2026-39418 |
5 (3.1)
|
MaxKB: SSRF via sandbox network hook bypass |
1Panel-dev |
MaxKB |
2026-04-14T00:08:50.182Z | 2026-04-14T15:54:30.206Z |
| CVE-2026-33948 |
2.9 (4.0)
|
jq: Embedded-NUL Truncation in CLI JSON Input Path Cauā¦ |
jqlang |
jq |
2026-04-13T23:51:04.144Z | 2026-04-14T15:53:38.340Z |
| CVE-2026-40169 |
6.2 (3.1)
|
ImageMagick: Heap buffer overflow (WRITE) in the YAML ā¦ |
ImageMagick |
ImageMagick |
2026-04-13T21:25:56.317Z | 2026-04-14T15:52:31.799Z |
| CVE-2026-2399 |
6.9 (4.0)
|
CWE-22 Improper Limitation of a Pathname to a Resā¦ |
Schneider Electric |
PowerChuteā¢ Serial Shutdown |
2026-04-14T15:09:58.751Z | 2026-04-14T15:52:07.599Z |
| CVE-2026-33902 |
5.5 (3.1)
|
ImageMagick: Stack Overflow via Recursive FX Expressioā¦ |
ImageMagick |
ImageMagick |
2026-04-13T20:59:47.120Z | 2026-04-14T15:51:26.551Z |
| CVE-2026-5121 |
7.5 (3.1)
|
Libarchive: libarchive: arbitrary code execution via iā¦ |
Red Hat |
Red Hat Enterprise Linux 10 |
2026-03-30T07:47:28.562Z | 2026-04-14T15:50:50.457Z |
| CVE-2026-33740 |
5.4 (3.1)
|
EspoCRM: Email importEml can import and delete anotherā¦ |
espocrm |
espocrm |
2026-04-13T20:37:28.831Z | 2026-04-14T15:50:45.744Z |
| CVE-2026-5713 |
5.3 (4.0)
|
Out-of-bounds read/write during remote profiling and aā¦ |
Python Software Foundation |
CPython |
2026-04-14T15:11:51.122Z | 2026-04-14T15:49:38.323Z |
| CVE-2026-39809 |
6.2 (3.1)
|
A improper neutralization of special elements useā¦ |
Fortinet |
FortiClientEMS |
2026-04-14T15:05:56.647Z | 2026-04-14T15:48:39.293Z |
| CVE-2026-40311 |
5.5 (3.1)
|
ImageMagick: Heap-use-after-free via XMP profile couldā¦ |
ImageMagick |
ImageMagick |
2026-04-13T21:36:44.262Z | 2026-04-14T15:48:36.521Z |
| CVE-2026-24069 |
5.4 (3.1)
|
Improper Enforcement of Disabled Accounts in WebUI SSOā¦ |
Kiuwan |
SAST |
2026-04-14T11:26:55.274Z | 2026-04-14T15:45:49.812Z |
| CVE-2026-37980 |
6.9 (3.1)
|
Org.keycloak.forms.login: keycloak: keycloak: arbitrarā¦ |
Red Hat |
Red Hat Build of Keycloak |
2026-04-14T14:54:42.871Z | 2026-04-14T15:43:02.647Z |
| CVE-2026-6216 |
5.1 (4.0)
3.5 (3.1)
3.5 (3.0)
|
DbGate SVG Icon String FontIcon.svelte cross site scripting |
n/a |
DbGate |
2026-04-13T20:15:13.778Z | 2026-04-14T15:41:52.694Z |
| CVE-2025-61624 |
5.4 (3.1)
|
An Improper Limitation of a Pathname to a Restricā¦ |
Fortinet |
FortiOS |
2026-04-14T15:39:51.445Z | 2026-04-14T15:39:51.445Z |
| CVE-2025-68649 |
5.4 (3.1)
|
An improper limitation of a pathname to a restricā¦ |
Fortinet |
FortiManager Cloud |
2026-04-14T15:39:46.446Z | 2026-04-14T15:39:46.446Z |
| CVE-2026-21741 |
2.2 (3.1)
|
An URL Redirection to Untrusted Site ('Open Redirā¦ |
Fortinet |
FortiNAC-F |
2026-04-14T15:39:45.334Z | 2026-04-14T15:39:45.334Z |
| CVE-2025-62600 |
8.6 (3.1)
|
eprosima Fast DDS affected by Out-of-Memory in readBinā¦ |
eProsima |
Fast-DDS |
2026-02-03T19:11:19.429Z | 2026-04-14T15:39:28.295Z |
| CVE-2026-39813 |
9.1 (3.1)
|
A path traversal: '../filedir' vulnerability in Fā¦ |
Fortinet |
FortiSandbox |
2026-04-14T15:38:30.311Z | 2026-04-14T15:38:30.311Z |
| CVE-2025-61848 |
6.8 (3.1)
|
An improper neutralization of special elements usā¦ |
Fortinet |
FortiManager |
2026-04-14T15:38:24.009Z | 2026-04-14T15:38:24.009Z |
| CVE-2026-25836 |
6.7 (3.1)
|
An improper neutralization of special elements usā¦ |
Fortinet |
FortiSandbox Cloud |
2026-03-10T16:44:06.991Z | 2026-04-14T15:38:23.184Z |
| CVE-2026-22828 |
7.3 (3.1)
|
A heap-based buffer overflow vulnerability in Forā¦ |
Fortinet |
FortiAnalyzer Cloud |
2026-04-14T15:38:22.657Z | 2026-04-14T15:38:22.657Z |
| CVE-2026-39815 |
7.9 (3.1)
|
A improper neutralization of special elements useā¦ |
Fortinet |
FortiDDoS-F |
2026-04-14T15:38:22.588Z | 2026-04-14T15:38:22.588Z |
| CVE-2026-22573 |
6.2 (3.1)
|
An improper limitation of a pathname to a restricā¦ |
Fortinet |
FortiSOAR on-premise |
2026-04-14T15:38:22.081Z | 2026-04-14T15:38:22.081Z |
| CVE-2025-61886 |
4.9 (3.1)
|
An Improper Neutralization of Input During Web Paā¦ |
Fortinet |
FortiSandbox PaaS |
2026-04-14T15:38:21.587Z | 2026-04-14T15:38:21.587Z |
| CVE-2026-39810 |
5.2 (3.1)
|
A use of hard-coded cryptographic key vulnerabiliā¦ |
Fortinet |
FortiClientEMS |
2026-04-14T15:38:21.194Z | 2026-04-14T15:38:21.194Z |
| CVE-2026-39811 |
4.4 (3.1)
|
A integer overflow or wraparound vulnerability inā¦ |
Fortinet |
FortiWeb |
2026-04-14T15:38:20.186Z | 2026-04-14T15:38:20.186Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-0596 |
9.6 (3.0)
|
Command Injection in mlflow/mlflow |
mlflow |
mlflow/mlflow |
2026-03-31T14:25:27.716Z | 2026-04-01T03:55:35.518Z |
| CVE-2026-35164 |
8.8 (3.1)
|
Brave CMS Sffected by Unrestricted File Upload via CKEā¦ |
Ajax30 |
BraveCMS-2.0 |
2026-04-06T17:33:33.715Z | 2026-04-07T14:07:00.606Z |
| CVE-2026-35182 |
8.8 (3.1)
|
Missing Authorization Privilege Escalation |
Ajax30 |
BraveCMS-2.0 |
2026-04-06T19:10:28.850Z | 2026-04-07T14:04:00.456Z |
| CVE-2026-35183 |
7.1 (3.1)
|
Brave CMS has an Insecure Direct Object Reference in Aā¦ |
Ajax30 |
BraveCMS-2.0 |
2026-04-06T19:11:28.807Z | 2026-04-07T16:14:01.519Z |
| CVE-2026-30309 |
7.8 (3.1)
|
InfCode's terminal auto-execution module containsā¦ |
n/a |
n/a |
2026-03-31T00:00:00.000Z | 2026-03-31T15:15:28.893Z |
| CVE-2026-30075 |
7.5 (3.1)
|
OpenAirInterface Version 2.2.0 has a Buffer Overfā¦ |
n/a |
n/a |
2026-04-08T00:00:00.000Z | 2026-04-09T20:48:57.341Z |
| CVE-2026-30080 |
7.5 (3.1)
|
OpenAirInterface v2.2.0 accepts Security Mode Comā¦ |
n/a |
n/a |
2026-04-08T00:00:00.000Z | 2026-04-09T20:45:42.267Z |
| CVE-2026-31017 |
9.1 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerabilitā¦ |
n/a |
n/a |
2026-04-08T00:00:00.000Z | 2026-04-09T20:49:57.487Z |
| CVE-2025-70844 |
6.1 (3.1)
|
yaffa v2.0.0 is vulnerable to Cross Site Scriptinā¦ |
n/a |
n/a |
2026-04-07T00:00:00.000Z | 2026-04-09T13:59:20.267Z |
| CVE-2026-30079 |
9.8 (3.1)
|
In OpenAirInterface V2.2.0 AMF, Out of sequence mā¦ |
n/a |
n/a |
2026-04-07T00:00:00.000Z | 2026-04-09T13:47:21.689Z |
| CVE-2025-52222 |
7.5 (3.1)
|
D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; ā¦ |
n/a |
n/a |
2026-04-08T00:00:00.000Z | 2026-04-10T15:42:31.084Z |
| CVE-2025-64759 |
8.1 (3.1)
|
Homarr is Vulnerable to Stored Cross-Site Scripting (Xā¦ |
homarr-labs |
homarr |
2025-11-19T18:44:09.341Z | 2025-11-19T21:14:41.116Z |
| CVE-2026-3466 |
8.5 (4.0)
|
Cross-site scripting in dashlet title |
Checkmk GmbH |
Checkmk |
2026-04-07T12:08:50.132Z | 2026-04-08T08:17:54.013Z |
| CVE-2025-66453 |
5.5 (4.0)
|
Rhino vulnerable high CPU usage and potential DoS whenā¦ |
mozilla |
rhino |
2025-12-03T19:31:54.629Z | 2025-12-03T19:43:58.830Z |
| CVE-2025-39666 |
9.3 (4.0)
|
omd: Local privilege escalation when executing omd comā¦ |
Checkmk GmbH |
Checkmk |
2026-04-07T12:09:07.609Z | 2026-04-07T13:18:19.609Z |
| CVE-2026-35452 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated Information Disclosureā¦ |
WWBN |
AVideo |
2026-04-06T21:47:45.511Z | 2026-04-08T14:08:17.131Z |
| CVE-2026-35450 |
5.3 (3.1)
|
WWBN AVideo has Unauthenticated FFmpeg Remote Server Sā¦ |
WWBN |
AVideo |
2026-04-06T21:46:54.779Z | 2026-04-07T16:21:46.027Z |
| CVE-2026-35174 |
9.1 (3.1)
|
Chyrp Lite has a Path Traversal to Remote Code Execution |
xenocrat |
chyrp-lite |
2026-04-06T17:50:04.544Z | 2026-04-07T14:38:40.034Z |
| CVE-2026-35173 |
6.5 (3.1)
|
Chyrp Lite has an IDOR via Mass Assignment in Post Model |
xenocrat |
chyrp-lite |
2026-04-06T17:48:52.681Z | 2026-04-06T18:47:56.696Z |
| CVE-2026-35171 |
9.8 (3.1)
|
Arbitrary Code Execution via Malicious Logging Configuā¦ |
kedro-org |
kedro |
2026-04-06T17:45:45.664Z | 2026-04-07T15:10:37.613Z |
| CVE-2025-10655 |
8.6 (4.0)
|
Frappe Helpdesk 1.14.0 ā SQL Injection in dashboard geā¦ |
Frappe |
Frappe HelpDesk |
2025-12-09T14:49:53.280Z | 2025-12-09T15:06:24.237Z |
| CVE-2025-68143 |
6.5 (4.0)
|
mcp-server-git's unrestricted git_init tool allows repā¦ |
modelcontextprotocol |
servers |
2025-12-17T22:09:43.159Z | 2025-12-18T15:07:15.061Z |
| CVE-2026-35167 |
7.1 (3.1)
|
Kedro has a path traversal in versioned dataset loadinā¦ |
kedro-org |
kedro |
2026-04-06T17:43:21.922Z | 2026-04-07T14:36:34.218Z |
| CVE-2022-2785 |
6.7 (3.1)
|
Arbitrary Memory read in BPF Linux Kernel |
Linux Kernel |
Kernel |
2022-09-23T11:10:08.764Z | 2025-04-21T13:49:09.750Z |
| CVE-2025-68144 |
6.3 (4.0)
|
mcp-server-git argument injection in git_diff and git_ā¦ |
modelcontextprotocol |
servers |
2025-12-17T22:10:56.086Z | 2025-12-18T15:07:03.402Z |
| CVE-2026-6100 |
9.1 (4.0)
|
Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompā¦ |
Python Software Foundation |
CPython |
2026-04-13T17:15:47.606Z | 2026-04-14T14:30:25.622Z |
| CVE-2026-5894 |
4.3 (3.1)
|
Inappropriate implementation in PDF in Google Chrā¦ |
Google |
Chrome |
2026-04-08T21:20:56.746Z | 2026-04-14T13:54:04.406Z |
| CVE-2026-5892 |
6.6 (3.1)
|
Insufficient policy enforcement in PWAs in Googleā¦ |
Google |
Chrome |
2026-04-08T21:20:54.153Z | 2026-04-14T13:51:34.286Z |
| CVE-2026-4914 |
5.4 (3.1)
|
Stored XSSĀ inĀ IvantiĀ N-ITSMĀ beforeĀ version 2025.4ā¦ |
Ivanti |
Neurons for ITSM (On-Premise) |
2026-04-14T14:15:48.101Z | 2026-04-14T14:15:48.101Z |
| CVE-2026-4913 |
5.7 (3.1)
|
Improper protection of an alternate pathĀ inĀ Ivantā¦ |
Ivanti |
Neurons for ITSM (On-Premise) |
2026-04-14T14:10:30.529Z | 2026-04-14T15:07:48.368Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-35164 | Brave CMS is an open-source CMS. Prior to 2.0.6, an unrestricted file upload vulnerability exists iā¦ | 2026-04-06T18:16:42.900 | 2026-04-14T15:51:15.613 |
| fkie_cve-2026-35182 | Brave CMS is an open-source CMS. Prior to 2.0.6, this vulnerability is a missing authorization checā¦ | 2026-04-06T20:16:26.553 | 2026-04-14T15:50:57.397 |
| fkie_cve-2026-35183 | Brave CMS is an open-source CMS. Prior to 2.0.6, an Insecure Direct Object Reference (IDOR) vulneraā¦ | 2026-04-06T20:16:26.727 | 2026-04-14T15:50:08.513 |
| fkie_cve-2026-30309 | InfCode's terminal auto-execution module contains a critical command filtering vulnerability that rā¦ | 2026-03-31T15:16:12.863 | 2026-04-14T15:49:43.420 |
| fkie_cve-2026-30075 | OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransportā¦ | 2026-04-08T17:21:18.503 | 2026-04-14T15:47:23.860 |
| fkie_cve-2026-30080 | OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuratā¦ | 2026-04-08T17:21:18.623 | 2026-04-14T15:47:10.330 |
| fkie_cve-2026-31017 | A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNā¦ | 2026-04-08T17:21:18.737 | 2026-04-14T15:46:59.460 |
| fkie_cve-2025-70844 | yaffa v2.0.0 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScriā¦ | 2026-04-07T17:16:26.297 | 2026-04-14T15:46:12.757 |
| fkie_cve-2026-30079 | In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during Uā¦ | 2026-04-07T15:17:38.267 | 2026-04-14T15:45:37.633 |
| fkie_cve-2025-52222 | D-Link DI-8003 v16.07.26A1, DI-8500 v16.07.26A1; DI-8003G v17.12.21A1, DI-8200G v17.12.20A1, DI-820ā¦ | 2026-04-08T18:24:51.373 | 2026-04-14T15:45:21.273 |
| fkie_cve-2025-64759 | Homarr is an open-source dashboard. Prior to version 1.43.3, stored XSS vulnerability exists, allowā¦ | 2025-11-19T19:15:49.963 | 2026-04-14T15:42:45.563 |
| fkie_cve-2026-3466 | Insufficient sanitization of dashboard dashlet title links in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 beā¦ | 2026-04-07T13:16:47.150 | 2026-04-14T15:39:45.173 |
| fkie_cve-2025-66453 | Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.ā¦ | 2025-12-03T20:16:26.897 | 2026-04-14T15:39:20.143 |
| fkie_cve-2025-39666 | Local privilege escalation in Checkmk 2.2.0 (EOL), Checkmk 2.3.0 before 2.3.0p46, Checkmk 2.4.0 befā¦ | 2026-04-07T13:16:44.847 | 2026-04-14T15:39:05.660 |
| fkie_cve-2026-35452 | WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/clieā¦ | 2026-04-06T22:16:23.610 | 2026-04-14T15:37:41.140 |
| fkie_cve-2026-35450 | WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/API/check.ffmpā¦ | 2026-04-06T22:16:23.463 | 2026-04-14T15:37:29.017 |
| fkie_cve-2026-35174 | Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, a path traversal vulnerabilitā¦ | 2026-04-06T18:16:43.677 | 2026-04-14T15:37:14.427 |
| fkie_cve-2026-35173 | Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, an IDOR / Mass Assignment issā¦ | 2026-04-06T18:16:43.523 | 2026-04-14T15:36:44.207 |
| fkie_cve-2026-35171 | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, Kedro allows the logging confā¦ | 2026-04-06T18:16:43.373 | 2026-04-14T15:36:21.790 |
| fkie_cve-2025-10655 | SQL Injection in Frappe HelpDesk in the dashboard get_dashboard_data due to unsafe concatenation ofā¦ | 2025-12-09T16:17:31.540 | 2026-04-14T15:35:01.293 |
| fkie_cve-2025-68143 | Model Context Protocol Servers is a collection of reference implementations for the model context pā¦ | 2025-12-17T23:16:04.560 | 2026-04-14T15:30:51.740 |
| fkie_cve-2026-35167 | Kedro is a toolbox for production-ready data science. Prior to 1.3.0, the _get_versioned_path() metā¦ | 2026-04-06T18:16:43.217 | 2026-04-14T15:26:03.083 |
| fkie_cve-2022-2785 | There exists an arbitrary memory read within the Linux Kernel BPF - Constants provided to fill poinā¦ | 2022-09-23T11:15:09.510 | 2026-04-14T15:23:49.830 |
| fkie_cve-2025-68144 | In mcp-server-git versions prior to 2025.12.17, the git_diff and git_checkout functions passed userā¦ | 2025-12-17T23:16:04.703 | 2026-04-14T15:23:26.290 |
| fkie_cve-2026-6100 | Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.ā¦ | 2026-04-13T18:16:31.297 | 2026-04-14T15:16:41.247 |
| fkie_cve-2026-5894 | Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attackā¦ | 2026-04-08T22:16:29.290 | 2026-04-14T15:16:40.500 |
| fkie_cve-2026-5892 | Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote atā¦ | 2026-04-08T22:16:29.083 | 2026-04-14T15:16:40.297 |
| fkie_cve-2026-4914 | Stored XSSĀ inĀ IvantiĀ N-ITSMĀ beforeĀ version 2025.4Ā allows aĀ remoteĀ authenticatedĀ attacker toĀ obtain ā¦ | 2026-04-14T15:16:39.750 | 2026-04-14T15:16:39.750 |
| fkie_cve-2026-4913 | Improper protection of an alternate pathĀ inĀ IvantiĀ N-ITSMĀ beforeĀ version 2025.4Ā allows aĀ remote autā¦ | 2026-04-14T15:16:39.587 | 2026-04-14T15:16:39.587 |
| fkie_cve-2026-4786 | Mitgation ofĀ CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bā¦ | 2026-04-13T22:16:30.413 | 2026-04-14T15:16:39.417 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-r39r-m7wq-966m |
5.7 (3.1)
|
Improper protection of an alternate pathĀ inĀ IvantiĀ N-ITSMĀ beforeĀ version 2025.4Ā allows aĀ remote autā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-px5r-qp49-693q |
|
An issue in Hostbill v.2025-11-24 and 2025-12-01 allows a remote attacker to execute arbitrary codeā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:35Z |
| ghsa-mm54-xvph-7p9r |
7.1 (3.1)
|
A maliciously crafted HTML payload in an assembly variant name, when displayed during the delete coā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-m32f-8vh9-2hh3 |
6.9 (3.1)
|
A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-h62w-pgwx-cpqf |
|
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the fileā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-h4hr-66wr-j77w |
|
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to arbitrary code execution ā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-ggm3-44jr-6qqx |
5.4 (3.1)
|
Stored XSSĀ inĀ IvantiĀ N-ITSMĀ beforeĀ version 2025.4Ā allows aĀ remoteĀ authenticatedĀ attacker toĀ obtain ā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-fxwp-fxmc-jh57 |
|
A side-channel vulnerability exists in the implementation of BIP-39 mnemonic processing, as observeā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:35Z |
| ghsa-fwc8-56f8-ccxh |
|
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL injection in the filā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:35Z |
| ghsa-cghg-c2cv-qhxh |
9.1 (4.0)
|
The OECH1 prefix encoding is intended to obfuscate values across the OpenEdge platform. Ā It has beeā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:35Z |
| ghsa-96vp-26rc-8483 |
7.1 (3.1)
|
A maliciously crafted HTML payload, stored in a design name and exported to CSV, can trigger a Storā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-5xvq-hmf7-8pf3 |
|
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the fileā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-483f-3c23-9fjm |
|
SourceCodester Patient Appointment Scheduler System v1.0 is vulnerable to SQL Injection in the fileā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-355c-p2wf-x6ff |
7.1 (3.1)
|
A maliciously crafted HTML payload in a component name, when displayed during the delete confirmatiā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-33rr-qfgw-97qc |
|
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injectioā¦ | 2026-04-14T15:30:35Z | 2026-04-14T15:30:35Z |
| ghsa-2j5h-v6hf-cf8g |
|
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injectioā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:35Z |
| ghsa-xxwj-xx57-672q |
|
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the filā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-xvm8-45r5-rf28 |
8.2 (4.0)
|
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-xrxf-jgv3-qmrm |
|
A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution tā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-xgq8-f73q-q3gm |
7.4 (4.0)
|
.NET misconfiguration: use of impersonation vulnerability in upKeeper Solutions upKeeper Instant Prā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-vrxf-fj4v-4j4w |
|
A Local File Inclusion (LFI) vulnerability in the NFSen module (nfsen.inc.php) of LibreNMS 22.11.0-ā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-ph84-76fm-mvm4 |
|
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injectioā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-pg25-7cx5-cvcm |
9.1 (4.0)
|
Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.ā¦ | 2026-04-13T18:30:42Z | 2026-04-14T15:30:34Z |
| ghsa-jx2h-5gf7-p2qj |
|
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injectioā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-h5cx-hfj5-x8v3 |
6.1 (3.1)
|
Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting (XSS) via the binā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-ggj5-jcgr-fm9g |
|
SourceCodester Storage Unit Rental Management System v1.0 is vulnerable to SQL Injection in the filā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-cccx-m78h-m3xw |
7.0 (4.0)
|
Mitgation ofĀ CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bā¦ | 2026-04-14T00:31:12Z | 2026-04-14T15:30:34Z |
| ghsa-997p-hfm2-4w8j |
|
Sourcecodester Storage Unit Rental Management System v1.0 is vulnerable to SQL in the file /storageā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-2h65-97g8-x647 |
|
SourceCodester Online Employees Work From Home Attendance System v1.0 is vulnerable to SQL Injectioā¦ | 2026-04-14T15:30:34Z | 2026-04-14T15:30:34Z |
| ghsa-r9rh-xw3r-r4x2 |
9.8 (3.1)
|
A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Studā¦ | 2026-04-10T15:31:58Z | 2026-04-14T15:30:33Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2026-3 |
|
After an API token exposure from an exploited Trivy dependency, two new releases of `telnā¦ | telnyx | 2026-03-27T14:53:14Z | |
| pysec-2026-2 |
|
After an API Token exposure from an exploited Trivy dependency, two new releases of `liteā¦ | litellm | 2026-03-24T15:35:32Z | |
| pysec-2024-85 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDā¦ | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.848846Z |
| pysec-2024-84 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsDā¦ | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.756762Z |
| pysec-2024-83 |
7.5 (3.1)
|
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsDā¦ | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.662671Z |
| pysec-2024-82 |
8.8 (3.1)
|
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDBā¦ | mindsdb | 2024-09-12T13:15:00Z | 2026-03-03T16:29:37.563380Z |
| pysec-2023-278 |
5.3 (3.1)
|
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1ā¦ | mindsdb | 2023-12-11T21:15:00Z | 2026-03-03T16:29:37.448520Z |
| pysec-2023-121 |
|
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as aā¦ | zstd | 2023-03-31T20:15:00+00:00 | 2026-02-25T19:20:58+00:00 |
| pysec-2026-1 |
|
A PyPI user account compromised by an attacker and was able to upload a malicious versionā¦ | dydx-v4-client | 2026-01-28T21:09:02+00:00 | |
| pysec-2025-52 |
|
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2020-220 |
|
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collā¦ | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2025-72 |
|
The `num2words` project was compromised via a phishing attack and two new versions were uā¦ | num2words | 2025-07-31T14:34:47+00:00 | |
| pysec-2025-71 |
|
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fasā¦ | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-70 |
10.0 (3.1)
|
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componenā¦ | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2024-259 |
9.8 (3.1)
|
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by mā¦ | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-258 |
|
In scrapy/scrapy, an issue was identified where the Authorization header is not removed dā¦ | scrapy | 2024-05-20T08:15:08+00:00 | 2025-07-15T17:37:50.051730+00:00 |
| pysec-2025-69 |
|
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker temā¦ | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-68 |
8.0 (3.1)
|
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6ā¦ | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 |
9.8 (3.1)
|
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabilā¦ | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-66 |
|
Improper privilege management in a REST interface allowed registered users to access unauā¦ | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-65 |
|
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0ā¦ | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 |
|
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap ā¦ | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-64 |
9.8 (3.1)
|
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0ā¦ | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-63 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Wheā¦ | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-62 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Malā¦ | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-60 |
|
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Informā¦ | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 |
|
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attackā¦ | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2024-257 |
7.5 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessmā¦ | mobsf | 2024-03-22T23:15:07+00:00 | 2025-06-30T15:23:50.085549+00:00 |
| pysec-2025-58 |
8.8 (3.1)
|
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py implā¦ | vllm | 2025-01-27T18:15:41+00:00 | 2025-06-27T21:22:36.583615+00:00 |
| pysec-2025-57 |
|
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthentā¦ | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33903 | In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedeā¦ | 2024-04-29T05:02:07.295775Z |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.486429Z |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.525896Z |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.290639Z |
| gsd-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scrā¦ | 2024-04-29T05:02:07.400574Z |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287632Z |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.283756Z |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.313250Z |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.493081Z |
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.488420Z |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.381761Z |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.378170Z |
| gsd-2024-33891 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via thā¦ | 2024-04-29T05:02:07.412035Z |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.344384Z |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.392587Z |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.468423Z |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.503613Z |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287167Z |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.441746Z |
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.534455Z |
| gsd-2024-33883 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certaā¦ | 2024-04-29T05:02:07.271727Z |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.716348Z |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.603637Z |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.678292Z |
| gsd-2024-4300 | E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remoā¦ | 2024-04-29T05:02:05.715239Z |
| gsd-2024-4299 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherocā¦ | 2024-04-29T05:02:05.606402Z |
| gsd-2024-4298 | The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Auditā¦ | 2024-04-29T05:02:05.598531Z |
| gsd-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherloā¦ | 2024-04-29T05:02:05.700888Z |
| gsd-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlockā¦ | 2024-04-29T05:02:05.621428Z |
| gsd-2024-33882 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.803998Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-2666 | Malicious code in moooo (PyPI) | 2026-04-14T15:21:49Z | 2026-04-14T15:21:49Z |
| mal-2026-2663 | Malicious code in tether-wrk-base (npm) | 2026-04-14T13:36:19Z | 2026-04-14T14:41:15Z |
| mal-2026-2664 | Malicious code in buildenv-telemetry (PyPI) | 2026-04-14T14:28:02Z | 2026-04-14T14:28:02Z |
| mal-2026-2665 | Malicious code in hive-os-settings (PyPI) | 2026-04-14T14:27:24Z | 2026-04-14T14:27:24Z |
| mal-2026-2662 | Malicious code in @automation-toolchain/f5-cloud-libs (npm) | 2026-04-14T13:05:55Z | 2026-04-14T13:40:00Z |
| mal-2026-2529 | Malicious code in use-form-builder-plugin (npm) | 2026-04-06T16:16:50Z | 2026-04-14T12:40:55Z |
| mal-2026-2429 | Malicious code in vv-ftend-core (npm) | 2026-04-02T12:10:43Z | 2026-04-14T12:40:55Z |
| mal-2026-2428 | Malicious code in vv-ftend-api (npm) | 2026-04-02T12:21:07Z | 2026-04-14T12:40:55Z |
| mal-2026-2568 | Malicious code in pt-sc-logger (npm) | 2026-04-12T21:36:18Z | 2026-04-14T12:40:54Z |
| mal-2026-2567 | Malicious code in pt-sc-demo-app (npm) | 2026-04-12T21:41:40Z | 2026-04-14T12:40:54Z |
| mal-2026-2427 | Malicious code in partner-tracker-api (npm) | 2026-04-02T12:10:47Z | 2026-04-14T12:40:54Z |
| mal-2026-2426 | Malicious code in partner-tracker (npm) | 2026-04-02T12:10:54Z | 2026-04-14T12:40:54Z |
| mal-2026-2513 | Malicious code in gprofiler (npm) | 2026-04-08T11:45:58Z | 2026-04-14T12:40:52Z |
| mal-2026-2425 | Malicious code in bytefrontier-tracker (npm) | 2026-04-02T12:10:59Z | 2026-04-14T12:40:51Z |
| mal-2026-2424 | Malicious code in bytefrontier-sdk (npm) | 2026-04-02T12:21:22Z | 2026-04-14T12:40:51Z |
| mal-2026-2423 | Malicious code in bytefrontier-partner (npm) | 2026-04-02T12:10:52Z | 2026-04-14T12:40:51Z |
| mal-2026-2422 | Malicious code in bytefrontier-api (npm) | 2026-04-02T12:10:50Z | 2026-04-14T12:40:51Z |
| mal-2026-2658 | Malicious code in tailwindcss-style-typography (npm) | 2026-04-14T12:12:36Z | 2026-04-14T12:12:37Z |
| mal-2026-2657 | Malicious code in tailwind-typ (npm) | 2026-04-14T12:01:40Z | 2026-04-14T12:01:41Z |
| mal-2026-2656 | Malicious code in tailwind-stylecss-typography (npm) | 2026-04-14T11:52:39Z | 2026-04-14T11:52:40Z |
| mal-2026-2641 | Malicious code in chai-as-refined (npm) | 2026-04-14T11:48:44Z | 2026-04-14T11:48:44Z |
| mal-2026-2644 | Malicious code in node-unpnotifyserv (npm) | 2026-04-14T11:47:49Z | 2026-04-14T11:47:50Z |
| mal-2026-2659 | Malicious code in ui-utils-udhay-alerts (npm) | 2026-04-14T11:47:49Z | 2026-04-14T11:47:49Z |
| mal-2026-2661 | Malicious code in vip-landing (npm) | 2026-04-14T11:47:12Z | 2026-04-14T11:47:19Z |
| mal-2026-2660 | Malicious code in use-feature-flags-plugin (npm) | 2026-04-14T11:47:12Z | 2026-04-14T11:47:19Z |
| mal-2026-2654 | Malicious code in pinstatsd (npm) | 2026-04-14T11:47:13Z | 2026-04-14T11:47:19Z |
| mal-2026-2653 | Malicious code in pinlogger (npm) | 2026-04-14T11:47:13Z | 2026-04-14T11:47:19Z |
| mal-2026-2652 | Malicious code in onewin-landing (npm) | 2026-04-14T11:47:12Z | 2026-04-14T11:47:19Z |
| mal-2026-2648 | Malicious code in okx-nav (npm) | 2026-04-14T11:47:13Z | 2026-04-14T11:47:19Z |
| mal-2026-2646 | Malicious code in okfe-serverless-conf (npm) | 2026-04-14T11:47:13Z | 2026-04-14T11:47:19Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 7paa020125 | Denial of Service Vulnerabilities in System 800xA, SymphonyĀ® Plus IEC 61850 communication stack | 2026-04-13T00:30:00.000Z | 2026-04-13T00:30:00.000Z |
| 7paa017341 | PostgreSQL vulnerabilities in ABB Abilityā¢ SymphonyĀ® Plus Engineering | 2026-04-13T00:30:00.000Z | 2026-04-13T00:30:00.000Z |
| 7paa023732 | System 800xA affected by 3rd party component vulnerabilities | 2026-03-31T00:30:00.000Z | 2026-03-31T00:30:00.000Z |
| 4hzm000604 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) | 2026-03-26T00:30:00.000Z | 2026-03-26T00:30:00.000Z |
| 4jno000329 | AWIN Gateways Vulnerabilities in Embedded Webserver | 2026-03-13T00:30:00.000Z | 2026-03-13T00:30:00.000Z |
| 3adr011536 | AC500 V3 Stack buffer overflow in Cryptographic Message Syntax | 2026-03-12T00:30:00.000Z | 2026-03-12T00:30:00.000Z |
| 3adr011525 | ABB Automation Builder Gateway for Windows with insecure defaults | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| 3adr011524 | AC500 V3 Multiple vulnerabilities | 2026-02-24T00:30:00.000Z | 2026-02-24T00:30:00.000Z |
| sa25p007 | B&R Automation Studio Update of SQLite version | 2026-02-18T00:30:00.000Z | 2026-02-18T00:30:00.000Z |
| sa26p001 | āāPVIā āāInsertion of Sensitive Information into Logfile | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| sa24p003 | āB&R PCs vulnerable to PixieFail attackā | 2026-01-29T00:30:00.000Z | 2026-01-29T00:30:00.000Z |
| 7paa013309 | System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability | 2024-06-05T00:30:00.000Z | 2026-01-23T00:30:00.000Z |
| sa25p005 | B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| sa25p004 | Automation Studio Insufficient Server Certificate Validation | 2026-01-19T00:30:00.000Z | 2026-01-19T00:30:00.000Z |
| 9akk108472a1331 | ABB Abilityā¢ OPTIMAXĀ® Authentication Bypass in Single-Sign On with Azure Active Directory | 2026-01-16T00:30:00.000Z | 2026-01-16T00:30:00.000Z |
| 2crt000009 | WebPro SNMP Card PowerValue Multiple Vulnerabilities | 2026-01-07T00:30:00.000Z | 2026-01-07T00:30:00.000Z |
| 9akk108471a8107 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-09-16T00:30:00.000Z | 2025-11-28T08:00:00.000Z |
| 4hzm000603 | ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) | 2025-11-27T00:30:00.000Z | 2025-11-28T00:30:00.000Z |
| 7paa022088 | Edgenius Management Portal Authentication Bypass | 2025-11-20T00:30:00.000Z | 2025-11-20T00:30:00.000Z |
| 2nga002813 | PCM600 SharpZip library vulnerability | 2025-11-03T00:30:00.000Z | 2025-11-03T00:30:00.000Z |
| 4tz00000006007 | ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations | 2025-10-20T00:30:00.000Z | 2025-10-23T00:30:00.000Z |
| 9akk108471a8948 | Terra AC wallbox Heap Memory Corruption Vulnerability | 2025-10-20T00:30:00.000Z | 2025-10-21T00:30:00.000Z |
| 3kxg200000r4801 | CoreSenseā¢ HM and CoreSenseā¢ M10 File Path Traversal Vulnerability | 2025-04-16T00:30:00.000Z | 2025-10-20T00:30:00.000Z |
| sa25p003 | B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-14T00:30:00.000Z |
| 4tz00000006008 | LVS MConfig Insecure memory handling | 2025-10-08T00:30:00.000Z | 2025-10-08T00:30:00.000Z |
| sa25p002 | B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7808 | EIBPORT Reflected XSS | 2025-10-07T00:30:00.000Z | 2025-10-07T00:30:00.000Z |
| 9akk108471a7121 | FLXeon Controllers Multiple vulnerabilities | 2025-09-09T00:30:00.000Z | 2025-09-18T00:30:00.000Z |
| 9akk108471a4462 | ELSB/BLBA ASPECT advisory several CVEs | 2025-08-11T00:30:00.000Z | 2025-09-04T00:30:00.000Z |
| 9akk108471a3623 | RMC - 100 Vulnerabilities in web UI (REST Interface) | 2025-07-03T00:30:00.000Z | 2025-08-18T00:30:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-1068 | Adobe Acrobat und Acrobat Reader: Mehrere Schwachstellen | 2020-08-11T22:00:00.000+00:00 | 2026-04-13T22:00:00.000+00:00 |
| wid-sec-w-2025-2564 | Microsoft Windows und Windows Server: Mehrere Schwachstellen | 2025-11-11T23:00:00.000+00:00 | 2026-04-13T22:00:00.000+00:00 |
| wid-sec-w-2023-2890 | Microsoft Windows: Mehrere Schwachstellen | 2023-11-14T23:00:00.000+00:00 | 2026-04-13T22:00:00.000+00:00 |
| wid-sec-w-2023-0368 | Microsoft Exchange: Mehrere Schwachstellen ermƶglichen CodeausfĆ¼hrung | 2023-02-14T23:00:00.000+00:00 | 2026-04-13T22:00:00.000+00:00 |
| wid-sec-w-2026-1047 | Adobe Acrobat Reader: Schwachstelle ermƶglicht Offenlegung von Informationen und CodeausfĆ¼hrung | 2026-04-09T22:00:00.000+00:00 | 2026-04-12T22:00:00.000+00:00 |
| wid-sec-w-2026-0884 | OpenClaw: Mehrere Schwachstellen | 2026-03-26T23:00:00.000+00:00 | 2026-04-12T22:00:00.000+00:00 |
| wid-sec-w-2026-0856 | OpenClaw: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-12T22:00:00.000+00:00 |
| wid-sec-w-2026-0542 | OpenClaw: Mehrere Schwachstellen | 2026-02-25T23:00:00.000+00:00 | 2026-04-12T22:00:00.000+00:00 |
| wid-sec-w-2026-0472 | OpenClaw: Mehrere Schwachstellen | 2026-02-22T23:00:00.000+00:00 | 2026-04-12T22:00:00.000+00:00 |
| wid-sec-w-2026-1036 | OpenCTI: Schwachstelle ermƶglicht CodeausfĆ¼hrung | 2026-04-08T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1027 | LangChain: Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen | 2026-04-08T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1023 | libpng: Schwachstelle ermƶglicht Offenlegung von Informationen | 2026-04-08T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1022 | Juniper Patchday April 2026: Mehrere Schwachstellen | 2026-04-08T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1020 | Intel Prozessoren (Pentium Silver Series, Celeron J Series, und Celeron N series): Schwachstelle ermƶglicht Privilegieneskalation | 2026-04-08T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1012 | SonicWall SMA1000 : Mehrere Schwachstellen | 2026-04-08T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1006 | Golang Go: Mehrere Schwachstellen | 2026-04-07T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-1002 | Django: Mehrere Schwachstellen | 2026-04-07T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0997 | Mozilla Firefox und Thunderbird: Mehrere Schwachstellen | 2026-04-07T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0995 | OpenSSL: Mehrere Schwachstellen | 2026-04-07T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0967 | Red Hat Enterprise Linux (fontforge): Schwachstelle ermƶglicht CodeausfĆ¼hrung | 2026-04-06T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0966 | Red Hat Enterprise Linux (crun): Schwachstelle ermƶglicht Privilegieneskalation | 2026-04-06T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0950 | Linux Kernel: Mehrere Schwachstellen | 2026-03-31T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0939 | cPanel cPanel/WHM (perl-YAML-Syck): Schwachstelle ermƶglicht CodeausfĆ¼hrung und DoS | 2026-03-31T22:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0888 | tigervnc: Schwachstelle ermƶglicht Offenlegung von Informationen, Manipulation von Dateien, und Denial of Service | 2026-03-26T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0887 | Internet Systems Consortium Kea: Schwachstelle ermƶglicht Denial of Service | 2026-03-26T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0875 | Red Hat Enterprise Linux (ncurses): Schwachstelle ermƶglicht CodeausfĆ¼hrung | 2026-03-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0870 | libpng: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0863 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2026-03-25T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0860 | NGINX und NGINX Plus: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| wid-sec-w-2026-0850 | Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen | 2026-03-24T23:00:00.000+00:00 | 2026-04-09T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-26-099-02 | GPL Odorizers GPL750 | 2026-04-09T06:00:00.000000Z | 2026-04-09T06:00:00.000000Z |
| icsa-26-099-01 | Contemporary Controls BASC 20T | 2026-04-09T06:00:00.000000Z | 2026-04-09T06:00:00.000000Z |
| icsa-25-345-10 | OpenPLC_V3 (Update A) | 2025-12-11T07:00:00.000000Z | 2026-04-09T06:00:00.000000Z |
| va-26-097-02 | IBM Maximo Application Suite Sensitive Tokens without 'Secure' Attribute | 2026-04-07T20:51:13Z | 2026-04-07T20:51:13Z |
| va-26-097-01 | Thales Sentinel LDK Runtime Stored XSS | 2026-04-07T20:50:15Z | 2026-04-07T20:50:15Z |
| icsa-26-097-01 | Mitsubishi Electric GENESIS64 and ICONICS Suite products | 2026-04-07T00:00:00.000000Z | 2026-04-07T06:00:00.000000Z |
| icsa-24-338-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C) | 2024-12-03T00:00:00.000000Z | 2026-04-07T06:00:00.000000Z |
| icsa-24-184-03 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D) | 2024-07-02T06:00:00.000000Z | 2026-04-07T06:00:00.000000Z |
| icsa-25-217-01 | Mitsubishi Electric Iconics Digital Solutions Multiple Products (Update B) | 2025-08-05T05:00:00.000000Z | 2026-04-07T05:00:00.000000Z |
| icsa-25-140-04 | Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update F) | 2025-05-20T04:00:00.000000Z | 2026-04-07T05:00:00.000000Z |
| va-26-092-01 | Bentley Systems iTwin Platform exposed access token | 2026-04-02T17:11:43Z | 2026-04-02T17:11:43Z |
| va-26-092-02 | Zscaler Client Connector hard-coded proxy configuration domain | 2026-04-02T13:54:30Z | 2026-04-02T13:54:30Z |
| icsa-26-092-03 | Hitachi Energy Ellipse | 2026-02-24T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-092-02 | Yokogawa CENTUM VP | 2026-04-02T06:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-092-01 | Siemens SICAM 8 Products | 2026-03-26T00:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-25-037-02 | Schneider Electric EcoStruxure (Update D) | 2025-01-14T07:00:00.000000Z | 2026-04-02T06:00:00.000000Z |
| icsa-26-055-03 | Gardyn Home Kit (Update A) | 2026-02-24T06:00:00.000000Z | 2026-04-02T05:00:00.000000Z |
| va-26-084-01 | Nanoleaf Lines unauthenticated firmware file store | 2026-03-25T00:00:00Z | 2026-04-02T00:00:00Z |
| icsa-26-090-02 | PX4 Autopilot | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-26-090-01 | Anritsu Remote Spectrum Monitor | 2026-03-31T06:00:00.000000Z | 2026-03-31T06:00:00.000000Z |
| icsa-24-324-01 | Mitsubishi Electric MELSEC iQ-F Series (Update A) | 2024-11-19T00:00:00.000Z | 2026-03-31T00:00:00.000000Z |
| icsma-26-083-01 | Grassroots DICOM (GDCM) | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsma-25-364-01 | WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) | 2025-12-30T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-03 | "Schneider Electric Plant iT/Brewmaxx" | 2026-01-13T08:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-02 | Schneider Electric EcoStruxure Foxboro DCS | 2026-03-10T07:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-083-01 | Pharos Controls Mosaic Show Controller | 2026-03-24T06:00:00.000000Z | 2026-03-24T06:00:00.000000Z |
| icsa-26-078-08 | Automated Logic WebCTRL Premium Server | 2026-03-19T06:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-05 | Mitsubishi Electric CNC Series | 2026-03-10T00:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-04 | Schneider Electric EcoStruxure PME and EPO | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| icsa-26-078-03 | Schneider Electric EcoStruxure Automation Expert | 2026-03-10T07:00:00.000000Z | 2026-03-19T06:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-iosxe-mntc-dos-lzweqcyq | Cisco IOS XE Software Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-04-02T19:43:54+00:00 |
| cisco-sa-ssm-cli-execution-chucwunr | Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-ndi-afw-rjurc5dz | Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-nd-ssrf-naen4o7r | Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-nd-cbid-5yqkoshu | Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-epnm-improp-auth-muwfwuu3 | Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cssm-priv-esc-xranouo8 | Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cimc-cmd-inj-3hkn3bvt | Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-cimc-auth-bypass-agg2bxtn | Cisco Integrated Management Controller Authentication Bypass Vulnerability | 2026-04-01T16:00:00+00:00 | 2026-04-01T16:00:00+00:00 |
| cisco-sa-ndfc-cmdinj-uvyzrkfr | Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability | 2024-10-02T16:00:00+00:00 | 2026-03-31T18:47:53+00:00 |
| cisco-sa-xe-secureboot-bypass-b6uyxysz | Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-wlc-dos-hnx5kgom | Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-vmanage-xss-zqkhp9w9 | Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-scp-dos-duadxtcg | Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iox-xss-lpgkzwtj | Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iox-crlf-nvgktkjz | Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe_infodis-6j847ueb | Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe-tls-dos-tvgldezl | Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-iosxe-lobby-privesc-kwxbqjy | Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-ios-http-dos-sbv8xrpl | Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-bootp-wubhnbxa | Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-asa-ftd-ios-dos-kpepqggk | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability | 2026-03-25T16:00:00+00:00 | 2026-03-25T16:00:00+00:00 |
| cisco-sa-fmc-rce-nkhnuljh | Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability | 2026-03-04T16:00:00+00:00 | 2026-03-25T14:21:24+00:00 |
| cisco-sa-sdwan-authbp-qwcx8d4v | Cisco Catalyst SD-WAN Vulnerabilities | 2026-02-25T16:00:00+00:00 | 2026-03-18T01:06:38+00:00 |
| cisco-sa-xrncs-epni-int-dos-twmffusn | Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-isis-dos-kdmxpszk | Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-iosxr-privesc-bf8d5u4w | Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-cc-xss-mrnah5jh | Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities | 2026-03-11T16:00:00+00:00 | 2026-03-11T16:00:00+00:00 |
| cisco-sa-fmc-sql-inject-2enmtc8v | Cisco Secure Firewall Management Center Software SQL Injection Vulnerability | 2024-10-23T16:00:00+00:00 | 2026-03-04T16:11:01+00:00 |
| cisco-sa-asaftd-cmd-inj-zjv8wysm | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability | 2024-04-24T16:00:00+00:00 | 2026-03-04T16:10:59+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-31418 | netfilter: ipset: drop logically empty buckets in mtype_del | 2026-04-02T00:00:00.000Z | 2026-04-14T01:44:36.000Z |
| msrc_cve-2026-28390 | Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo | 2026-04-02T00:00:00.000Z | 2026-04-14T01:44:07.000Z |
| msrc_cve-2026-3184 | Util-linux: util-linux: access control bypass due to improper hostname canonicalization | 2026-04-02T00:00:00.000Z | 2026-04-14T01:41:57.000Z |
| msrc_cve-2026-27456 | util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup | 2026-04-02T00:00:00.000Z | 2026-04-14T01:41:50.000Z |
| msrc_cve-2026-0964 | Libssh: improper sanitation of paths received from scp servers | 2026-03-02T00:00:00.000Z | 2026-04-14T01:41:19.000Z |
| msrc_cve-2026-0966 | Libssh: buffer underflow in ssh_get_hexa() on invalid input | 2026-03-02T00:00:00.000Z | 2026-04-14T01:41:12.000Z |
| msrc_cve-2026-0967 | Libssh: libssh: denial of service via inefficient regular expression processing | 2026-03-02T00:00:00.000Z | 2026-04-14T01:41:06.000Z |
| msrc_cve-2026-0965 | Libssh: libssh: denial of service via improper configuration file handling | 2026-03-02T00:00:00.000Z | 2026-04-14T01:40:59.000Z |
| msrc_cve-2026-4647 | Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library | 2026-03-02T00:00:00.000Z | 2026-04-14T01:40:35.000Z |
| msrc_cve-2026-32777 | CVE-2026-32777 | 2026-03-02T00:00:00.000Z | 2026-04-14T01:39:46.000Z |
| msrc_cve-2026-32778 | CVE-2026-32778 | 2026-03-02T00:00:00.000Z | 2026-04-14T01:39:31.000Z |
| msrc_cve-2026-32776 | CVE-2026-32776 | 2026-03-02T00:00:00.000Z | 2026-04-14T01:39:20.000Z |
| msrc_cve-2025-69647 | CVE-2025-69647 | 2026-03-02T00:00:00.000Z | 2026-04-14T01:39:06.000Z |
| msrc_cve-2026-3784 | wrong proxy connection reuse with credentials | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:59.000Z |
| msrc_cve-2026-1965 | bad reuse of HTTP Negotiate connection | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:52.000Z |
| msrc_cve-2026-3783 | token leak with redirect and netrc | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:46.000Z |
| msrc_cve-2025-69649 | GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed. | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:39.000Z |
| msrc_cve-2025-69645 | Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file. | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:32.000Z |
| msrc_cve-2025-69652 | GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service. | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:25.000Z |
| msrc_cve-2025-69646 | Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis. | 2026-03-02T00:00:00.000Z | 2026-04-14T01:38:18.000Z |
| msrc_cve-2025-11839 | GNU Binutils prdbg.c tg_tag_type return value | 2025-10-02T00:00:00.000Z | 2026-04-14T01:37:48.000Z |
| msrc_cve-2025-1148 | GNU Binutils ld ldelfgen.c link_order_scan memory leak | 2025-02-02T00:00:00.000Z | 2026-04-14T01:37:32.000Z |
| msrc_cve-2025-1147 | GNU Binutils nm nm.c internal_strlen buffer overflow | 2025-02-02T00:00:00.000Z | 2026-04-14T01:37:25.000Z |
| msrc_cve-2026-31428 | netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:38.000Z |
| msrc_cve-2026-31421 | net/sched: cls_fw: fix NULL pointer dereference on shared blocks | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:33.000Z |
| msrc_cve-2026-31420 | bridge: mrp: reject zero test interval to avoid OOM panic | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:27.000Z |
| msrc_cve-2026-31419 | net: bonding: fix use-after-free in bond_xmit_broadcast() | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:22.000Z |
| msrc_cve-2026-31426 | ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:16.000Z |
| msrc_cve-2026-31427 | netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:11.000Z |
| msrc_cve-2026-31414 | netfilter: nf_conntrack_expect: use expect->helper | 2026-04-02T00:00:00.000Z | 2026-04-14T01:02:05.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0113 | Kwetsbaarheden verholpen in SAP-producten | 2026-04-14T12:55:40.388960Z | 2026-04-14T12:55:40.388960Z |
| ncsc-2026-0112 | Kwetsbaarheden verholpen in Siemens producten | 2026-04-14T11:37:21.682429Z | 2026-04-14T11:37:21.682429Z |
| ncsc-2026-0111 | Kwetsbaarheid verholpen in Adobe Acrobat | 2026-04-12T08:42:18.844193Z | 2026-04-13T09:38:04.129352Z |
| ncsc-2026-0110 | Kwetsbaarheid verholpen in Cisco Smart Software Manager On-Prem | 2026-04-10T14:28:58.703642Z | 2026-04-10T14:28:58.703642Z |
| ncsc-2026-0007 | Kwetsbaarheden verholpen in Microsoft Windows | 2026-01-13T19:16:30.720079Z | 2026-04-10T12:53:42.521564Z |
| ncsc-2026-0109 | Kwetsbaarheden verholpen in Synology SSL VPN Client | 2026-04-10T12:11:00.859799Z | 2026-04-10T12:11:00.859799Z |
| ncsc-2026-0108 | Kwetsbaarheid verholpen in Juniper Networks Junos OS Evolved | 2026-04-10T12:06:13.479822Z | 2026-04-10T12:06:13.479822Z |
| ncsc-2026-0107 | Kwetsbaarheid verholpen in FortiClient EMS van Fortinet | 2026-04-04T13:49:19.002116Z | 2026-04-04T13:49:19.002116Z |
| ncsc-2026-0106 | Kwetsbaarheden verholpen in Cisco Integrated Management Controller | 2026-04-03T10:34:46.145536Z | 2026-04-03T10:34:46.145536Z |
| ncsc-2026-0105 | Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights | 2026-04-03T08:20:48.187725Z | 2026-04-03T08:20:48.187725Z |
| ncsc-2026-0047 | Kwetsbaarheid verholpen in Fortinet FortiClient EMS | 2026-02-09T10:16:18.048622Z | 2026-03-30T11:36:22.656910Z |
| ncsc-2025-0319 | Kwetsbaarheden verholpen in F5 Networks BIG-IP, F5OS en NGINX App Protect WAF | 2025-10-15T15:21:14.871532Z | 2026-03-27T18:09:03.259108Z |
| ncsc-2026-0104 | Kwetsbaarheden verholpen in Cisco IOS XE Software | 2026-03-26T09:50:03.269095Z | 2026-03-26T09:50:03.269095Z |
| ncsc-2026-0103 | Kwetsbaarheden verholpen in GitLab | 2026-03-26T09:48:10.874427Z | 2026-03-26T09:48:10.874427Z |
| ncsc-2026-0102 | Kwetsbaarheden verholpen in Apple macOS | 2026-03-25T14:15:56.073353Z | 2026-03-25T14:15:56.073353Z |
| ncsc-2026-0101 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-03-25T14:02:07.392994Z | 2026-03-25T14:02:07.392994Z |
| ncsc-2026-0100 | Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway | 2026-03-23T13:43:30.957806Z | 2026-03-23T13:43:30.957806Z |
| ncsc-2026-0099 | Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager | 2026-03-20T15:56:12.716324Z | 2026-03-20T15:56:12.716324Z |
| ncsc-2026-0010 | Kwetsbaarheden verholpen in Microsoft Office | 2026-01-13T19:18:45.984019Z | 2026-03-20T14:03:59.225773Z |
| ncsc-2026-0076 | Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center | 2026-03-04T20:49:12.211658Z | 2026-03-19T11:48:18.917205Z |
| ncsc-2026-0098 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-03-13T08:41:19.155490Z | 2026-03-13T08:41:19.155490Z |
| ncsc-2026-0097 | Kwetsbaarheden verholpen in Google Chrome | 2026-03-13T08:33:43.877125Z | 2026-03-13T08:33:43.877125Z |
| ncsc-2026-0096 | Kwetsbaarheden verholpen in Veeam Backup & Replication | 2026-03-12T14:54:08.200676Z | 2026-03-12T14:54:08.200676Z |
| ncsc-2026-0095 | Kwetsbaarheid verholpen in pac4j-jwt | 2026-03-12T14:45:51.156512Z | 2026-03-12T14:45:51.156512Z |
| ncsc-2026-0094 | Kwetsbaarheden verholpen in Cisco IOS XR | 2026-03-12T14:44:08.106602Z | 2026-03-12T14:44:08.106602Z |
| ncsc-2026-0093 | Kwetsbaarheden verholpen in GitLab | 2026-03-12T14:42:46.936248Z | 2026-03-12T14:42:46.936248Z |
| ncsc-2026-0092 | Kwetsbaarheden verholpen in Fortinet FortiWeb | 2026-03-12T07:46:15.529522Z | 2026-03-12T07:46:15.529522Z |
| ncsc-2026-0091 | Kwetsbaarheden verholpen in SAP-producten | 2026-03-12T07:24:16.575638Z | 2026-03-12T07:24:16.575638Z |
| ncsc-2026-0090 | Kwetsbaarheden verholpen in Adobe Experience Manager | 2026-03-12T07:12:51.952931Z | 2026-03-12T07:12:51.952931Z |
| ncsc-2026-0089 | Kwetsbaarheden verholpen in Adobe Acrobat Reader | 2026-03-12T07:03:24.148324Z | 2026-03-12T07:03:24.148324Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:18-01 | Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:17-01 | HTML injection in Sensor Map in CMC before 25.6.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:16-01 | HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 | 2026-03-04T11:00:00.000Z | 2026-03-04T11:00:00.000Z |
| nn-2025:15-01 | Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:14-01 | HTML injection in Asset List in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:13-01 | Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:12-01 | HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 | 2025-12-18T11:00:00.000Z | 2025-12-18T11:00:00.000Z |
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2023_17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-11T11:00:00.000Z |
| nn-2024_1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-04-10T11:00:00.000Z |
| nn-2023_12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-01-16T11:00:00.000Z |
| nn-2023_9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:10537-1 | python311-biopython-1.87-1.1 on GA media | 2026-04-12T00:00:00Z | 2026-04-12T00:00:00Z |
| opensuse-su-2026:10536-1 | libcap-devel-2.78-1.1 on GA media | 2026-04-12T00:00:00Z | 2026-04-12T00:00:00Z |
| opensuse-su-2026:10522-1 | python315-3.15.0~a8-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10521-1 | python312-3.12.13-5.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10520-1 | python310-3.10.20-4.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10519-1 | glances-common-4.5.3-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10518-1 | python311-Flask-HTTPAuth-4.8.1-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10517-1 | python313-Django6-6.0.4-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10516-1 | python311-Django4-4.2.30-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10515-1 | libprotobuf-lite34_1_0-32bit-34.1-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10514-1 | go1.25-1.25.9-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10513-1 | fontforge-20251009-6.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10512-1 | aws-c-event-stream-devel-0.7.0-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:10511-1 | MozillaFirefox-149.0.2-1.1 on GA media | 2026-04-09T00:00:00Z | 2026-04-09T00:00:00Z |
| opensuse-su-2026:20477-1 | Security update for aws-c-event-stream | 2026-04-08T13:03:50Z | 2026-04-08T13:03:50Z |
| opensuse-su-2026:10510-1 | sudo-1.9.17p2-2.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10509-1 | steampipe-2.4.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10508-1 | ruby4.0-rubygem-rack-2.2-2.2.23-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10507-1 | python311-lupa-2.7-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10506-1 | jupyter-jupyterlab-templates-0.5.3-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10505-1 | libIex-3_4-33-3.4.9-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10504-1 | corepack24-24.14.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10503-1 | firefox-esr-140.9.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10502-1 | dcmtk-3.7.0-2.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10501-1 | MozillaThunderbird-140.9.1-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:10500-1 | 389-ds-3.1.4+e2562f589-1.1 on GA media | 2026-04-08T00:00:00Z | 2026-04-08T00:00:00Z |
| opensuse-su-2026:20476-1 | Security update for mapserver | 2026-04-07T15:33:59Z | 2026-04-07T15:33:59Z |
| opensuse-su-2026:20471-1 | Security update for systemd | 2026-04-07T15:17:05Z | 2026-04-07T15:17:05Z |
| opensuse-su-2026:20472-1 | Security update for tar | 2026-04-07T14:58:07Z | 2026-04-07T14:58:07Z |
| opensuse-su-2026:20470-1 | Security update for libtasn1 | 2026-04-07T14:33:05Z | 2026-04-07T14:33:05Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2026-0001 | OX Dovecot Security Advisory OXDC-ADV-2026-0001 | 2026-03-27T00:00:00+00:00 | 2026-03-27T00:00:00+00:00 |
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:6564 | Red Hat Security Advisory: OpenShift Container Platform 4.20.18 bug fix and security update | 2026-04-09T13:13:19+00:00 | 2026-04-14T16:11:11+00:00 |
| rhsa-2026:6493 | Red Hat Security Advisory: OpenShift Container Platform 4.12.87 bug fix and security update | 2026-04-09T11:02:04+00:00 | 2026-04-14T16:11:11+00:00 |
| rhsa-2026:5876 | Red Hat Security Advisory: OpenShift Container Platform 4.19.27 packages and security update | 2026-04-01T10:19:18+00:00 | 2026-04-14T16:11:11+00:00 |
| rhsa-2026:6226 | Red Hat Security Advisory: Multicluster Global Hub 1.6.2 security update | 2026-03-31T02:53:32+00:00 | 2026-04-14T16:11:10+00:00 |
| rhsa-2026:6191 | Red Hat Security Advisory: container-tools:rhel8 security update | 2026-03-30T16:08:31+00:00 | 2026-04-14T16:11:10+00:00 |
| rhsa-2026:5645 | Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1 | 2026-03-24T15:38:55+00:00 | 2026-04-14T16:11:09+00:00 |
| rhsa-2026:5866 | Red Hat Security Advisory: OpenShift Container Platform 4.17.52 packages and security update | 2026-04-01T09:29:07+00:00 | 2026-04-14T16:11:08+00:00 |
| rhsa-2026:5636 | Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update | 2026-03-24T14:23:47+00:00 | 2026-04-14T16:11:07+00:00 |
| rhsa-2026:5633 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.12.8 security update | 2026-03-24T14:07:27+00:00 | 2026-04-14T16:11:07+00:00 |
| rhsa-2026:5394 | Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 director Operator container images | 2026-03-23T13:04:11+00:00 | 2026-04-14T16:11:05+00:00 |
| rhsa-2026:5234 | Red Hat Security Advisory: skopeo security update | 2026-03-23T02:36:02+00:00 | 2026-04-14T16:11:05+00:00 |
| rhsa-2026:5107 | Red Hat Security Advisory: OpenShift Container Platform 4.14.63 bug fix and security update | 2026-03-26T06:43:02+00:00 | 2026-04-14T16:11:04+00:00 |
| rhsa-2026:5086 | Red Hat Security Advisory: OpenShift Container Platform 4.14.63 packages and security update | 2026-03-26T07:35:30+00:00 | 2026-04-14T16:11:02+00:00 |
| rhsa-2026:4936 | Red Hat Security Advisory: Release of containers for RHOSO 18.0.17 security update | 2026-03-18T15:36:04+00:00 | 2026-04-14T16:11:00+00:00 |
| rhsa-2026:4693 | Red Hat Security Advisory: container-tools:rhel8 security update | 2026-03-17T06:49:06+00:00 | 2026-04-14T16:11:00+00:00 |
| rhsa-2026:4533 | Red Hat Security Advisory: podman security update | 2026-03-12T21:34:53+00:00 | 2026-04-14T16:10:59+00:00 |
| rhsa-2026:4532 | Red Hat Security Advisory: buildah security update | 2026-03-12T21:01:29+00:00 | 2026-04-14T16:10:58+00:00 |
| rhsa-2026:4510 | Red Hat Security Advisory: OpenShift Container Platform 4.17.51 bug fix and security update | 2026-03-19T02:31:44+00:00 | 2026-04-14T16:10:58+00:00 |
| rhsa-2026:4482 | Red Hat Security Advisory: OpenShift Container Platform 4.16.58 bug fix and security update | 2026-03-19T07:09:17+00:00 | 2026-04-14T16:10:58+00:00 |
| rhsa-2026:4464 | Red Hat Security Advisory: OpenShift Container Platform 4.16.58 packages and security update | 2026-03-19T07:51:30+00:00 | 2026-04-14T16:10:56+00:00 |
| rhsa-2026:4434 | Red Hat Security Advisory: OpenShift Container Platform 4.19.26 bug fix and security update | 2026-03-18T18:31:59+00:00 | 2026-04-14T16:10:56+00:00 |
| rhsa-2026:4423 | Red Hat Security Advisory: OpenShift Container Platform 4.15.62 bug fix and security update | 2026-03-19T05:29:11+00:00 | 2026-04-14T16:10:56+00:00 |
| rhsa-2026:4418 | Red Hat Security Advisory: OpenShift Container Platform 4.15.62 packages and security update | 2026-03-19T05:59:29+00:00 | 2026-04-14T16:10:55+00:00 |
| rhsa-2026:4215 | Red Hat Security Advisory: Red Hat Quay 3.14.6 | 2026-03-10T15:34:38+00:00 | 2026-04-14T16:10:55+00:00 |
| rhsa-2026:3905 | Red Hat Security Advisory: OpenShift Container Platform 4.18.35 bug fix and security update | 2026-03-11T04:27:58+00:00 | 2026-04-14T16:10:55+00:00 |
| rhsa-2026:3875 | Red Hat Security Advisory: OpenShift Container Platform 4.18.35 packages and security update | 2026-03-11T05:09:45+00:00 | 2026-04-14T16:10:55+00:00 |
| rhsa-2026:3108 | Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.5 | 2026-02-23T17:24:11+00:00 | 2026-04-14T16:10:54+00:00 |
| rhsa-2026:2900 | Red Hat Security Advisory: Network Observability 1.11.0 for OpenShift | 2026-02-18T08:39:41+00:00 | 2026-04-14T16:10:52+00:00 |
| rhsa-2026:2737 | Red Hat Security Advisory: Red Hat Ceph Storage | 2026-02-16T12:56:05+00:00 | 2026-04-14T16:10:51+00:00 |
| rhsa-2026:2711 | Red Hat Security Advisory: Red Hat Ceph Storage 8.1 security and bug fix update | 2026-02-16T10:49:01+00:00 | 2026-04-14T16:10:50+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2026-104-03 | Use of Hard-coded Credentials vulnerability on Easergy MiCOM Px40 Series | 2026-04-14T07:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2026-104-02 | Third-Party vulnerability on Modicon Networking Managed Switches | 2026-04-14T07:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2026-104-01 | Multiple Vulnerabilities on PowerChuteā¢ Serial Shutdown | 2026-04-14T07:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2025-224-05 | Modicon M340 Controller and Communication Modules | 2025-08-12T04:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2025-014-05 | Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules | 2025-01-14T00:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2024-317-02 | Modicon Controllers M340 / Momentum / MC80 & EcoStruxureā¢ Control Expert | 2024-11-12T00:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2024-163-01 | Modicon M340, Modbus/TCP Ethernet Modicon M340 module, and Modbus/TCP Ethernet Modicon M340 FactoryCast module | 2024-06-11T00:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2024-044-01 | EcoStruxureā¢ Control Expert, EcoStruxureā¢ Process Expert and Modicon M340, M580 and M580 Safety PLCs | 2024-02-13T12:41:43.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2023-010-06 | EcoStruxureā¢ Control Expert, EcoStruxureā¢ Process Expert and Modicon M340, M580 and M580 CPU Safety | 2023-01-10T00:00:00.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2019-134-11 | Multiple Vulnerabilities in Modicon Controller Products | 2019-05-14T16:48:40.000Z | 2026-04-14T07:00:00.000Z |
| sevd-2026-069-02 | Improper Neutralization vulnerability in Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-31T07:00:00.000Z |
| sevd-2026-069-01 | Improper Resource Shutdown or Release vulnerability in Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-31T07:00:00.000Z |
| sevd-2026-069-03 | Deserialization of Untrusted Data vulnerability on EcoStruxureā¢ Foxboro DCS | 2026-03-10T07:00:00.000Z | 2026-03-13T07:00:00.000Z |
| sevd-2026-069-06 | Deserialization of Untrusted Data vulnerability on Multiple Products | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-05 | Use of Hard-coded Credentials vulnerability in EcoStruxureā¢ IT Data Center Expert | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-069-04 | Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxureā¢ Automation Expert | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-013-04 | Multiple Vulnerabilities on EcoStruxure Power Build Rapsody | 2026-01-13T08:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-013-01 | Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx | 2026-01-13T08:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2025-014-07 | FlexNet Publisher Vulnerability | 2025-01-14T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2026-041-02 | Multiple Vulnerabilities on EcoStruxureā¢ Building Operation Workstation and EcoStruxureā¢ Building Operation Webstation | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-041-01 | Improper Check for Unusual or Exceptional Conditions on Multiple Products | 2026-02-10T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-343-01 | EcoStruxureā¢ Foxboro DCS | 2025-12-09T08:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-189-03 | EcoStruxureā¢ Power Operation | 2025-07-08T04:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-042-02 | Improper Input Validation Vulnerability in Uni-Telway Driver | 2025-02-11T05:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2026-013-03 | Multiple Vulnerabilities on Zigbee Products | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2026-013-02 | Incorrect Default Permissions Vulnerability on EcoStruxureā¢ Process Expert | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-014-06 | RemoteConnect and SCADAPackā¢ x70 Utilities | 2025-01-14T00:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2024-317-03 | Modicon Controllers M340 / Momentum / MC80 | 2024-11-12T05:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-343-02 | EcoStruxureā¢ Foxboro DCS Advisor | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| sevd-2025-252-01 | Multiple Altivar Process Drives and Communication Modules | 2025-09-09T04:00:00.000Z | 2025-12-09T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2026-0006 | Vulnerabilities affecting SICK Lector85x and SICK Lector83x | 2026-03-06T14:00:00.000Z | 2026-03-06T14:00:00.000Z |
| sca-2026-0005 | Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 | 2026-02-27T14:00:00.000Z | 2026-02-27T14:00:00.000Z |
| sca-2026-0004 | Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products | 2026-02-13T14:00:00.000Z | 2026-02-13T14:00:00.000Z |
| sca-2026-0003 | Vulnerability affecting SICK nanoScan3 and microScan3 | 2026-01-26T14:00:00.000Z | 2026-01-26T14:00:00.000Z |
| sca-2026-0002 | Vulnerabilities affecting SICK Incoming Goods Suite | 2026-01-15T14:00:00.000Z | 2026-01-22T19:00:00.000Z |
| sca-2026-0001 | Vulnerabilities affecting SICK TDC-X401GL | 2026-01-15T14:00:00.000Z | 2026-01-15T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| SCA-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-981622 | SSA-981622: Improper Certificate Validation Vulnerability in Siemens Analytics Toolkit | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-913875 | SSA-913875: Frame Aggregation and Fragmentation Vulnerabilities in 802.11 | 2021-07-13T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-827968 | SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices | 2026-01-13T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-801704 | SSA-801704: Authentication Bypass Vulnerability in SINEC NMS | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-741509 | SSA-741509: Privilege Escalation Vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary Before V5.8 | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-726834 | SSA-726834: Denial of Service Vulnerability in the RADIUS Client of SIPROTEC 5 Devices | 2023-03-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-726617 | SSA-726617: Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module | 2025-05-13T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-712929 | SSA-712929: Denial of Service Vulnerability in OpenSSL (CVE-2022-0778) Affecting Industrial Products | 2022-06-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-710008 | SSA-710008: Multiple Web Vulnerabilities in SCALANCE Products | 2022-08-09T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-628843 | SSA-628843: Out of Bound Read Vulnerability in TPM 2.0 | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-609469 | SSA-609469: Authorization Bypass Vulnerability in Industrial Edge Management | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-605717 | SSA-605717: Authorization Bypass Vulnerability in SINEC NMS Before V4.0 SP3 | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-599968 | SSA-599968: Denial of Service Vulnerability in Profinet Devices | 2021-07-13T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-552702 | SSA-552702: Privilege Escalation Vulnerability in the Web Interface of SCALANCE and RUGGEDCOM Products | 2022-10-11T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-408105 | SSA-408105: Buffer Overflow Vulnerabilities in OpenSSL 3.0 Affecting Siemens Products | 2022-12-13T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-311973 | SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) | 2026-02-10T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-244969 | SSA-244969: OpenSSL Vulnerability in Industrial Products | 2022-02-08T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-225816 | SSA-225816: Memory Corruption Vulnerability in RUGGEDCOM CROSSBOW Station Access Controller Before V5.8 | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-216014 | SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs | 2025-03-11T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-186293 | SSA-186293: XML External Entity (XXE) Injection Vulnerability in SIMOTION SCOUT, SIMOTION SCOUT TIA and SINAMICS STARTER | 2025-08-12T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-019200 | SSA-019200: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices Before V6.6.0 | 2026-04-14T00:00:00.000Z | 2026-04-14T00:00:00.000Z |
| ssa-246443 | SSA-246443: Multiple Vulnerabilities in SICAM 8 Products | 2026-03-26T00:00:00.000Z | 2026-03-26T00:00:00.000Z |
| ssa-452276 | SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 | 2026-03-10T00:00:00.000Z | 2026-03-19T00:00:00.000Z |
| ssa-975644 | SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-903736 | SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 | 2026-03-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-770770 | SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-535115 | SSA-535115: Data Validation Vulnerability in NX Before V2512 | 2026-02-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-513708 | SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices | 2025-06-10T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:1300-1 | Security update for GraphicsMagick | 2026-04-13T15:58:01Z | 2026-04-13T15:58:01Z |
| suse-su-2026:1299-1 | Security update for nodejs24 | 2026-04-13T15:54:45Z | 2026-04-13T15:54:45Z |
| suse-su-2026:1298-1 | Security update for the Linux Kernel (Live Patch 72 for SUSE Linux Enterprise 12 SP5) | 2026-04-13T15:04:44Z | 2026-04-13T15:04:44Z |
| suse-su-2026:1297-1 | Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) | 2026-04-13T12:42:14Z | 2026-04-13T12:42:14Z |
| suse-su-2026:1296-1 | Security update for python39 | 2026-04-13T12:32:48Z | 2026-04-13T12:32:48Z |
| suse-su-2026:1294-1 | Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) | 2026-04-13T09:04:33Z | 2026-04-13T09:04:33Z |
| suse-su-2026:1293-1 | Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) | 2026-04-13T08:35:44Z | 2026-04-13T08:35:44Z |
| suse-su-2026:1292-1 | Security update for python312 | 2026-04-13T08:10:43Z | 2026-04-13T08:10:43Z |
| suse-su-2026:1291-1 | Security update for openssl-1_0_0 | 2026-04-13T08:09:41Z | 2026-04-13T08:09:41Z |
| suse-su-2026:1290-1 | Security update for openssl-1_1 | 2026-04-13T08:08:54Z | 2026-04-13T08:08:54Z |
| suse-su-2026:1288-1 | Security update for the Linux Kernel (Live Patch 74 for SUSE Linux Enterprise 12 SP5) | 2026-04-13T06:34:14Z | 2026-04-13T06:34:14Z |
| suse-su-2026:1287-1 | Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) | 2026-04-12T23:15:16Z | 2026-04-12T23:15:16Z |
| suse-su-2026:1285-1 | Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5) | 2026-04-12T19:04:23Z | 2026-04-12T19:04:23Z |
| suse-su-2026:1284-1 | Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7) | 2026-04-12T10:34:11Z | 2026-04-12T10:34:11Z |
| suse-su-2026:1283-1 | Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) | 2026-04-12T10:34:05Z | 2026-04-12T10:34:05Z |
| suse-su-2026:1281-1 | Security update for the Linux Kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4) | 2026-04-12T08:35:33Z | 2026-04-12T08:35:33Z |
| suse-su-2026:1280-1 | Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4) | 2026-04-12T02:04:36Z | 2026-04-12T02:04:36Z |
| suse-su-2026:1279-1 | Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) | 2026-04-12T00:08:13Z | 2026-04-12T00:08:13Z |
| suse-su-2026:1278-1 | Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) | 2026-04-12T00:08:07Z | 2026-04-12T00:08:07Z |
| suse-su-2026:1274-1 | Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6) | 2026-04-11T20:04:33Z | 2026-04-11T20:04:33Z |
| suse-su-2026:1273-1 | Security update for MozillaFirefox | 2026-04-11T19:04:46Z | 2026-04-11T19:04:46Z |
| suse-su-2026:1272-1 | Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6) | 2026-04-11T18:04:50Z | 2026-04-11T18:04:50Z |
| suse-su-2026:1271-1 | Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6) | 2026-04-11T18:04:43Z | 2026-04-11T18:04:43Z |
| suse-su-2026:1270-1 | Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5) | 2026-04-11T16:34:14Z | 2026-04-11T16:34:14Z |
| suse-su-2026:1269-1 | Security update for the Linux Kernel (Live Patch 37 for SUSE Linux Enterprise 15 SP4) | 2026-04-11T16:04:45Z | 2026-04-11T16:04:45Z |
| suse-su-2026:1268-1 | Security update for the Linux Kernel (Live Patch 38 for SUSE Linux Enterprise 15 SP4) | 2026-04-11T14:04:40Z | 2026-04-11T14:04:40Z |
| suse-su-2026:1266-1 | Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6) | 2026-04-11T11:04:41Z | 2026-04-11T11:04:41Z |
| suse-su-2026:1265-1 | Security update for the Linux Kernel (Live Patch 46 for SUSE Linux Enterprise 15 SP4) | 2026-04-11T04:34:33Z | 2026-04-11T04:34:33Z |
| suse-su-2026:1263-1 | Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5) | 2026-04-10T22:35:17Z | 2026-04-10T22:35:17Z |
| suse-su-2026:1262-1 | Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7) | 2026-04-10T21:43:55Z | 2026-04-10T21:43:55Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:6572 | Moderate: kernel-rt security update | 2026-04-06T00:00:00Z | 2026-04-06T09:38:16Z |
| alsa-2026:6571 | Moderate: kernel security update | 2026-04-06T00:00:00Z | 2026-04-06T09:27:57Z |
| alsa-2026:6621 | Moderate: crun security update | 2026-04-06T00:00:00Z | 2026-04-06T08:42:59Z |
| alsa-2026:6622 | Moderate: crun security update | 2026-04-06T00:00:00Z | 2026-04-06T08:36:15Z |
| alsa-2026:6300 | Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update | 2026-03-31T00:00:00Z | 2026-04-03T17:13:38Z |
| alsa-2026:6436 | Moderate: rsync security update | 2026-04-02T00:00:00Z | 2026-04-03T12:29:15Z |
| alsa-2026:6439 | Important: libpng15 security update | 2026-04-02T00:00:00Z | 2026-04-03T12:19:53Z |
| alsa-2026:6445 | Important: libpng12 security update | 2026-04-02T00:00:00Z | 2026-04-03T12:13:28Z |
| alsa-2026:6470 | Important: perl-YAML-Syck security update | 2026-04-02T00:00:00Z | 2026-04-03T12:07:59Z |
| alsa-2026:6473 | Important: python3 security update | 2026-04-02T00:00:00Z | 2026-04-03T12:02:03Z |
| alsa-2026:6388 | Important: grafana-pcp security update | 2026-04-01T00:00:00Z | 2026-04-03T10:02:10Z |
| alsa-2026:6344 | Important: grafana security update | 2026-04-01T00:00:00Z | 2026-04-03T09:56:37Z |
| alsa-2026:6259 | Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update | 2026-03-31T00:00:00Z | 2026-04-03T09:45:31Z |
| alsa-2026:6053 | Moderate: kernel security update | 2026-03-30T00:00:00Z | 2026-04-03T09:23:17Z |
| alsa-2026:6390 | Moderate: rsync security update | 2026-04-01T00:00:00Z | 2026-04-02T09:23:33Z |
| alsa-2026:6383 | Important: grafana-pcp security update | 2026-04-01T00:00:00Z | 2026-04-02T09:15:46Z |
| alsa-2026:6382 | Important: grafana security update | 2026-04-01T00:00:00Z | 2026-04-02T09:12:36Z |
| alsa-2026:6340 | Important: freerdp security update | 2026-04-01T00:00:00Z | 2026-04-02T09:09:13Z |
| alsa-2026:6005 | Important: freerdp security update | 2026-03-30T00:00:00Z | 2026-04-02T09:00:17Z |
| alsa-2026:6153 | Moderate: kernel security update | 2026-03-30T00:00:00Z | 2026-04-02T08:46:53Z |
| alsa-2026:6188 | Important: thunderbird security update | 2026-03-30T00:00:00Z | 2026-04-02T08:18:50Z |
| alsa-2026:6342 | Important: thunderbird security update | 2026-04-01T00:00:00Z | 2026-04-01T11:59:47Z |
| alsa-2026:6301 | Important: squid security update | 2026-03-31T00:00:00Z | 2026-04-01T09:27:45Z |
| alsa-2026:6256 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:23:35Z |
| alsa-2026:6266 | Moderate: libxslt security update | 2026-03-31T00:00:00Z | 2026-04-01T09:19:08Z |
| alsa-2026:6286 | Important: python3.11 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:15:24Z |
| alsa-2026:6285 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T09:07:09Z |
| alsa-2026:6283 | Important: python3.12 security update | 2026-03-31T00:00:00Z | 2026-04-01T08:56:58Z |
| alsa-2026:6281 | Important: python3.11 security update | 2026-03-31T00:00:00Z | 2026-04-01T08:52:26Z |
| alsa-2026:6004 | Important: freerdp security update | 2026-03-30T00:00:00Z | 2026-03-31T08:19:51Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| hsec-2026-0006 | Cabal deletes project source files during configure | 2026-04-08T14:23:27Z | 2026-04-08T14:23:27Z |
| hsec-2026-0004 | Hackage package metadata stored XSS vulnerability | 2026-03-28T16:05:12Z | 2026-03-28T16:05:12Z |
| hsec-2026-0002 | Hackage CSRF vulnerability | 2026-03-28T16:04:58Z | 2026-03-28T16:04:58Z |
| hsec-2024-0004 | Hackage package and doc upload stored XSS vulnerability | 2026-01-16T11:18:20Z | 2026-01-16T11:18:20Z |
| hsec-2025-0007 | cmark-gfm: resource exhaustion due to quadratic complexity in parser | 2025-12-27T08:58:56Z | 2025-12-27T08:58:56Z |
| hsec-2025-0006 | Private key leak via inherited file descriptor | 2025-11-17T02:22:38Z | 2025-11-17T02:22:38Z |
| hsec-2025-0005 | cabal-install dependency confusion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0004 | Broken Path Sanitization in spacecookie Library | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0003 | Use after free in multithreaded lzma (.xz) decoder | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0002 | Double Public Key Signing Function Oracle Attack on Ed25519 | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2025-0001 | Subword division operations may produce incorrect results | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0009 | Public key confusion in third-party blocks | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0008 | Sign extension error in the PPC64le FFI | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0007 | Sign extension error in the AArch64 NCG | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0006 | fromIntegral: conversion error | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0003 | process: command injection via argument list on Windows | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0002 | out-of-bounds write when there are many bzip2 selectors | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2024-0001 | Reflected XSS vulnerability in keter | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0015 | cabal-install uses expired key policies | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0014 | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0013 | git-annex plaintext storage of embedded credentials on encrypted remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0012 | git-annex checksum exposure to encrypted special remotes | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0011 | git-annex GPG decryption attack via compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0010 | git-annex private data exfiltration to compromised remote | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0009 | git-annex command injection via malicious SSH hostname | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0008 | Stored XSS in hledger-web | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0007 | readFloat: memory exhaustion with large exponent | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0006 | x509-validation does not enforce pathLenConstraint | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0005 | tls-extra: certificate validation does not check Basic Constraints | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| hsec-2023-0004 | xml-conduit unbounded entity expansion | 2025-11-14T14:45:34Z | 2025-11-14T14:45:34Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osec-2026-01 | Buffer Over-Read in OCaml Marshal Deserialization | 2026-02-17T13:30:00Z | 2026-02-27T09:30:00Z |
| osec-2026-02 | ARP unbounded memory usage | 2026-02-18T10:30:00Z | 2026-02-18T10:30:00Z |
| osec-2022-01 | Infinite loop in console output on xen | 2022-12-07T00:00:00Z | 2026-02-18T09:30:00Z |
| osec-2025-01 | Albatross console out of memory | 2025-08-15T00:18:22Z | 2026-01-13T12:00:00Z |
| osec-2019-02 | Grant unshare vulnerability in mirage-xen | 2019-04-26T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2019-01 | Memory disclosure in mirage-net-xen | 2019-03-21T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2016-02 | Memory disclosure in mirage-net-xen | 2016-05-03T00:00:00Z | 2026-01-13T12:00:00Z |
| osec-2023-01 | Time of check time of use issue in opam's cache | 2023-05-25T12:00:00Z | 2026-01-09T12:00:00Z |
| osec-2016-01 | Buffer overflow and information leak in OCaml < 4.03.0 | 2016-04-29T00:18:22Z | 2026-01-01T12:00:00Z |
| osec-2018-01 | An integer overflow in the `bigarray` serialization module leads to arbitrary code execution | 2018-04-06T18:29:00Z | 2025-12-16T12:00:00Z |
| osec-2017-01 | Local privilege escalation issue with ocaml binaries | 2017-06-23T15:19:47Z | 2025-12-16T12:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2022-150 | Heap-buffer-overflow in coap_split_uri_sub | 2022-02-14T00:00:50.308933Z | 2026-04-14T14:11:39.559701Z |
| osv-2023-35 | Heap-buffer-overflow in parse_classes_64 | 2023-01-29T13:01:45.762871Z | 2026-04-13T14:21:54.947682Z |
| osv-2023-96 | Heap-buffer-overflow in load_buffer | 2023-02-23T13:00:28.515290Z | 2026-04-13T14:21:48.708753Z |
| osv-2022-599 | Use-of-uninitialized-value in mrb_bint_as_int | 2022-07-20T00:00:11.865502Z | 2026-04-13T14:17:11.247038Z |
| osv-2022-652 | Use-of-uninitialized-value in udiv | 2022-07-29T00:02:04.321859Z | 2026-04-13T14:16:38.313159Z |
| osv-2022-1137 | Heap-buffer-overflow in io_memory_read | 2022-11-05T00:00:44.243862Z | 2026-04-13T14:16:27.408482Z |
| osv-2022-993 | Stack-use-after-return in check_buffer | 2022-09-29T00:02:10.256639Z | 2026-04-13T14:16:10.642347Z |
| osv-2022-679 | Heap-buffer-overflow in udiv | 2022-08-07T00:01:59.645310Z | 2026-04-13T14:12:31.755206Z |
| osv-2024-245 | Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept | 2024-04-08T00:11:03.595756Z | 2026-04-12T14:19:34.243085Z |
| osv-2022-388 | Segv on unknown address in dwg_ref_get_object | 2022-05-01T00:01:54.904711Z | 2026-04-11T14:05:23.758549Z |
| osv-2020-876 | Use-of-uninitialized-value in XCFImageFormat::mergeRGBToRGB | 2020-07-14T22:13:55.541274Z | 2026-04-11T14:04:22.896195Z |
| osv-2023-390 | Heap-buffer-overflow in sdhci_write | 2023-05-12T14:00:08.854823Z | 2026-04-10T14:32:51.981168Z |
| osv-2022-581 | Heap-buffer-overflow in megasas_map_sgl | 2022-07-14T00:00:45.644503Z | 2026-04-10T14:31:17.243227Z |
| osv-2021-820 | UNKNOWN READ in virtio_gpu_disable_scanout | 2021-06-02T00:00:31.619765Z | 2026-04-10T14:28:59.278557Z |
| osv-2024-679 | Heap-buffer-overflow in readImage4v2 | 2024-07-25T00:14:34.485446Z | 2026-04-10T14:17:32.974190Z |
| osv-2023-307 | Heap-buffer-overflow in bit_read_BB | 2023-04-13T14:02:09.774988Z | 2026-04-10T14:15:06.653636Z |
| osv-2022-714 | Heap-buffer-overflow in dynapi_set_helper | 2022-08-15T00:00:47.794062Z | 2026-04-10T14:14:49.083912Z |
| osv-2022-653 | Heap-double-free in dwg_free_common_entity_data | 2022-07-30T00:01:52.491112Z | 2026-04-10T14:13:58.401974Z |
| osv-2023-877 | Heap-buffer-overflow in btf_ensure_modifiable | 2023-09-18T14:02:44.989260Z | 2026-04-10T14:13:13.162417Z |
| osv-2023-800 | Heap-buffer-overflow in XCFImageFormat::loadTileRLE | 2023-09-07T14:00:27.693270Z | 2026-04-10T14:12:33.285572Z |
| osv-2023-55 | Index-out-of-bounds in LibRaw::apply_tiff | 2023-02-07T13:00:07.438565Z | 2026-04-10T14:12:13.379692Z |
| osv-2022-400 | Heap-double-free in dwg_free_XRECORD_private | 2022-05-08T00:00:40.782520Z | 2026-04-10T14:11:34.568715Z |
| osv-2022-372 | Heap-buffer-overflow in dwg_encode_VERTEX_2D | 2022-04-26T00:00:09.352798Z | 2026-04-10T14:11:27.492166Z |
| osv-2022-379 | Segv on unknown address in bit_write_TV | 2022-04-27T00:00:44.539231Z | 2026-04-10T14:11:26.691044Z |
| osv-2022-1176 | Heap-double-free in dwg_free | 2022-11-18T13:00:26.857477Z | 2026-04-10T14:10:36.470316Z |
| osv-2022-1259 | Heap-buffer-overflow in dwg_decode_INSERT_private | 2022-12-13T13:00:46.870838Z | 2026-04-10T14:10:23.558612Z |
| osv-2021-1343 | Heap-buffer-overflow in get_next_owned_entity | 2021-09-21T00:01:33.177403Z | 2026-04-10T14:10:04.765852Z |
| osv-2021-1086 | Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 | 2021-08-02T00:00:31.888461Z | 2026-04-10T14:09:40.474591Z |
| osv-2022-1018 | Index-out-of-bounds in LibRaw::kodak_radc_load_raw | 2022-10-06T00:02:27.511658Z | 2026-04-10T14:06:59.896524Z |
| osv-2021-525 | Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char> | 2021-03-16T00:00:19.176877Z | 2026-04-10T14:06:54.074771Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2025-0161 | libsecp256k1 is unmaintained | 2025-01-14T12:00:00Z | 2026-04-14T11:24:03Z |
| rustsec-2026-0097 | Rand is unsound with a custom logger using `rand::rng()` | 2026-04-09T12:00:00Z | 2026-04-14T05:30:54Z |
| rustsec-2026-0096 | Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0095 | Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0094 | Improperly masked return value from `table.grow` with Winch compiler backend | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0093 | Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0092 | Panic when transcoding misaligned component model UTF-16 strings | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0091 | Out-of-bounds write or crash when transcoding component model strings | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0090 | Use-after-free bug after cloning `wasmtime::Linker` | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0089 | Host panic when Winch compiler executes `table.fill` | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0088 | Data leakage between pooling allocator instances | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0087 | Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64 | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0086 | Host data leakage with 64-bit tables and Winch | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0085 | Panic when lifting `flags` component value | 2026-04-09T12:00:00Z | 2026-04-09T19:59:38Z |
| rustsec-2026-0084 | `logprinter` was removed from crates.io for malicious code | 2026-04-09T12:00:00Z | 2026-04-09T11:23:07Z |
| rustsec-2026-0083 | zantetsu-trainer is unmaintained | 2026-04-07T12:00:00Z | 2026-04-08T08:55:27Z |
| rustsec-2026-0082 | zantetsu-ffi is unmaintained | 2026-04-07T12:00:00Z | 2026-04-08T08:55:27Z |
| rustsec-2026-0081 | `logtrace` was removed from crates.io for malicious code | 2026-04-05T12:00:00Z | 2026-04-05T23:52:05Z |
| rustsec-2026-0080 | Multiple soundness issues in `scaly` safe APIs | 2026-01-19T12:00:00Z | 2026-04-05T05:30:42Z |
| rustsec-2026-0079 | `DynFuture` drop can construct a dangling reference | 2026-01-21T12:00:00Z | 2026-04-05T05:30:42Z |
| rustsec-2023-0125 | Logs AWS credentials when TRACE-level logging is enabled | 2023-04-19T12:00:00Z | 2026-04-02T14:44:59Z |
| rustsec-2026-0078 | Symbol confusion after hasher panic in `intaglio` interners | 2026-03-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0160 | `custom-req-on-workers` was removed from crates.io for malicious code | 2025-01-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0159 | `sophosfirewall-python` was removed from crates.io for malicious code | 2025-02-15T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0158 | `jfrog_quotes` was removed from crates.io for malicious code | 2025-01-30T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0157 | `statsrelay-protobuf` was removed from crates.io for malicious code | 2025-08-26T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2025-0156 | `tree-sitter-pkl` was removed from crates.io for malicious code | 2025-03-10T12:00:00Z | 2026-03-30T21:40:18Z |
| rustsec-2026-0077 | Incorrect Check of Signer Response Norm During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0076 | Panic in Signature Hint Decoding During Verification | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| rustsec-2026-0075 | All-Zero Key Generation on Catastrophic RNG Failure | 2026-03-04T12:00:00Z | 2026-03-27T05:55:06Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-wiremock-2023-41329 | Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio | 2026-04-13T16:00:00.480Z | 2026-04-13T16:23:32.396Z |
| bit-wiremock-2023-41327 | Controlled SSRF through URL in the WireMock | 2026-04-13T15:59:58.176Z | 2026-04-13T16:23:32.396Z |
| bit-tomcat-2026-29146 | Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default | 2026-04-13T16:01:34.700Z | 2026-04-13T16:23:32.396Z |
| bit-drupal-2020-11022 | jQuery has a potential XSS vulnerability | 2024-03-06T10:59:15.938Z | 2026-04-13T15:28:02.082Z |
| bit-nifi-2024-45477 | Apache NiFi: Improper Neutralization of Input in Parameter Description | 2026-04-13T14:17:18.796Z | 2026-04-13T14:44:23.860Z |
| bit-wiremock-2023-50069 | 2026-04-13T11:50:15.583Z | 2026-04-13T12:09:46.643Z | |
| bit-tomcat-2026-34500 | Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled | 2026-04-13T10:20:02.205Z | 2026-04-13T10:42:00.723Z |
| bit-tomcat-2026-34487 | Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token | 2026-04-13T10:20:00.791Z | 2026-04-13T10:42:00.723Z |
| bit-tomcat-2026-34483 | Apache Tomcat: Incomplete escaping of JSON access logs | 2026-04-13T10:19:58.030Z | 2026-04-13T10:42:00.723Z |
| bit-tomcat-2026-29145 | Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled | 2026-04-13T10:19:53.698Z | 2026-04-13T10:42:00.723Z |
| bit-tomcat-2026-25854 | Apache Tomcat: Occasionally open redirect | 2026-04-13T10:19:50.972Z | 2026-04-13T10:42:00.723Z |
| bit-tomcat-2026-24880 | Apache Tomcat: Request smuggling via invalid chunk extension | 2026-04-13T10:19:49.629Z | 2026-04-13T10:42:00.723Z |
| bit-mongodb-2026-4148 | ExpressionContext use-after-free in classic engine $lookup and $graphLookup aggregation operators | 2026-04-13T10:13:07.402Z | 2026-04-13T10:42:00.723Z |
| bit-mongodb-2026-4147 | Stack memory disclosure in filemd5 command | 2026-04-13T10:13:04.983Z | 2026-04-13T10:42:00.723Z |
| bit-minio-2026-39414 | MinIO affected a DoS via Unbounded Memory Allocation in S3 Select CSV Parsing | 2026-04-13T10:10:51.384Z | 2026-04-13T10:42:00.723Z |
| bit-tomcat-2026-34486 | Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor | 2026-04-13T05:53:08.595Z | 2026-04-13T06:11:47.324Z |
| bit-tomcat-2026-32990 | Apache Tomcat: Fix for CVE-2025-66614 is incomplete | 2026-04-13T05:53:05.369Z | 2026-04-13T06:11:47.324Z |
| bit-tomcat-2026-29129 | Apache Tomcat: TLS cipher order is not preserved | 2026-04-13T05:53:00.617Z | 2026-04-13T06:11:47.324Z |
| bit-tomcat-2026-24734 | Apache Tomcat Native, Apache Tomcat: OCSP revocation bypass | 2026-02-20T09:53:00.269Z | 2026-04-13T06:11:47.324Z |
| bit-node-2026-21717 | 2026-04-06T07:58:47.295Z | 2026-04-13T06:11:47.324Z | |
| bit-node-2026-21716 | 2026-04-06T07:58:44.008Z | 2026-04-13T06:11:47.324Z | |
| bit-node-2026-21715 | 2026-04-06T07:58:41.424Z | 2026-04-13T06:11:47.324Z | |
| bit-node-2026-21714 | 2026-04-06T07:58:38.953Z | 2026-04-13T06:11:47.324Z | |
| bit-node-2026-21713 | 2026-04-06T07:58:36.353Z | 2026-04-13T06:11:47.324Z | |
| bit-node-2026-21710 | 2026-04-06T07:58:28.068Z | 2026-04-13T06:11:47.324Z | |
| bit-logstash-2026-33466 | Improper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write | 2026-04-13T05:42:10.653Z | 2026-04-13T06:11:47.324Z |
| bit-kibana-2026-4498 | Execution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Elasticsearch RBAC scope | 2026-04-13T05:42:05.042Z | 2026-04-13T06:11:47.324Z |
| bit-kibana-2026-33461 | Incorrect Authorization in Kibana Fleet Leading to Information Disclosure | 2026-04-13T05:42:03.441Z | 2026-04-13T06:11:47.324Z |
| bit-kibana-2026-33460 | Incorrect Authorization in Kibana Fleet Leading to Information Disclosure | 2026-04-13T05:42:01.870Z | 2026-04-13T06:11:47.324Z |
| bit-kibana-2026-33459 | Uncontrolled Resource Consumption in Kibana Leading to Denial of Service | 2026-04-13T05:42:00.230Z | 2026-04-13T06:11:47.324Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-iw23933 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:42:07.594705Z | 2026-04-08T10:12:34Z |
| cleanstart-2026-hz73294 | Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service | 2026-04-09T00:45:08.400884Z | 2026-04-08T10:12:22Z |
| cleanstart-2026-fz55932 | SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process | 2026-04-09T00:41:07.286953Z | 2026-04-08T10:10:33Z |
| cleanstart-2026-ku98579 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:42:07.643397Z | 2026-04-08T10:07:21Z |
| cleanstart-2026-ly88807 | Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:43:37.430373Z | 2026-04-08T10:02:31Z |
| cleanstart-2026-nv37937 | Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:44:07.747698Z | 2026-04-08T09:58:55Z |
| cleanstart-2026-bd18029 | Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:45:07.480117Z | 2026-04-08T09:49:10Z |
| cleanstart-2026-mo53190 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:49:37.904336Z | 2026-04-08T09:47:14Z |
| cleanstart-2026-co68219 | Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default | 2026-04-09T00:47:37.444297Z | 2026-04-08T09:44:10Z |
| cleanstart-2026-by59711 | gRPC-Go is the Go language implementation of gRPC | 2026-04-09T00:47:37.687304Z | 2026-04-08T09:36:51Z |
| cleanstart-2026-mi26424 | net/url package does not set a limit on the number of query parameters in a query | 2026-04-09T00:48:07.244191Z | 2026-04-08T09:30:12Z |
| cleanstart-2026-iw08736 | Uncontrolled Recursion vulnerability in Apache Commons Lang | 2026-04-09T00:53:08.467045Z | 2026-04-08T09:19:34Z |
| cleanstart-2026-bg72514 | Uncontrolled Recursion vulnerability in Apache Commons Lang | 2026-04-09T00:49:38.775284Z | 2026-04-08T09:13:42Z |
| cleanstart-2026-oq84658 | Netty is an asynchronous, event-driven network application framework | 2026-04-09T00:52:07.697782Z | 2026-04-08T08:14:27Z |
| cleanstart-2026-cq39708 | Netty is an asynchronous, event-driven network application framework | 2026-04-09T00:53:38.262441Z | 2026-04-08T08:11:56Z |
| cleanstart-2026-ge08280 | Ruby JSON is a JSON implementation for Ruby | 2026-04-09T01:01:38.909372Z | 2026-04-08T08:04:46Z |
| cleanstart-2026-ot38160 | url | 2026-04-09T00:55:38.018075Z | 2026-04-08T07:36:24Z |
| cleanstart-2026-ba09462 | OpenTelemetry-Go is the Go implementation of OpenTelemetry | 2026-04-09T00:57:38.077873Z | 2026-04-08T07:00:07Z |
| cleanstart-2026-mw52739 | Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 | 2026-04-09T00:59:39.080550Z | 2026-04-08T06:46:14Z |
| cleanstart-2026-ki25096 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-09T00:59:38.592849Z | 2026-04-08T06:46:14Z |
| cleanstart-2026-ij23041 | In libexpat before 2 | 2026-04-09T01:01:38.269615Z | 2026-04-08T06:46:14Z |
| cleanstart-2026-gy86690 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-09T00:57:57.606656Z | 2026-04-08T06:46:14Z |
| cleanstart-2026-pd43534 | In libexpat before 2 | 2026-04-08T00:39:47.879615Z | 2026-04-07T05:54:38Z |
| cleanstart-2026-mp09743 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 | 2026-04-08T00:37:59.326932Z | 2026-04-07T05:54:38Z |
| cleanstart-2026-bb02574 | Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 | 2026-04-08T00:37:58.971684Z | 2026-04-07T05:54:38Z |
| cleanstart-2026-af52025 | In libexpat before 2 | 2026-04-08T00:39:48.013620Z | 2026-04-07T05:54:38Z |
| cleanstart-2026-hx94762 | attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing | 2026-04-07T00:45:34.962189Z | 2026-04-06T13:01:42Z |
| cleanstart-2026-gg94489 | go-retryablehttp prior to 0 | 2026-04-07T00:41:33.578433Z | 2026-04-06T13:01:42Z |
| cleanstart-2026-fu47971 | protojson | 2026-04-07T00:47:07.546790Z | 2026-04-06T13:01:42Z |
| cleanstart-2026-ej93145 | attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames | 2026-04-07T00:44:04.086276Z | 2026-04-06T13:01:42Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| drupal-contrib-2026-032 | 2026-04-08T16:09:54.000Z | 2026-04-08T16:09:54.000Z | |
| drupal-contrib-2026-031 | 2026-04-01T16:38:14.000Z | 2026-04-02T14:13:13.000Z | |
| drupal-contrib-2026-029 | 2026-03-11T16:35:02.000Z | 2026-03-26T19:50:52.000Z | |
| drupal-contrib-2026-028 | 2026-03-11T16:33:14.000Z | 2026-03-26T19:43:59.000Z | |
| drupal-contrib-2026-030 | 2026-03-18T16:10:00.000Z | 2026-03-18T16:10:00.000Z | |
| drupal-contrib-2026-015 | 2026-02-25T18:47:57.000Z | 2026-03-17T13:20:54.000Z | |
| drupal-contrib-2026-024 | 2026-03-04T17:59:51.000Z | 2026-03-05T14:03:05.000Z | |
| drupal-contrib-2026-027 | 2026-03-04T18:02:59.000Z | 2026-03-04T18:02:59.000Z | |
| drupal-contrib-2026-026 | 2026-03-04T18:02:14.000Z | 2026-03-04T18:02:14.000Z | |
| drupal-contrib-2026-025 | 2026-03-04T18:00:41.000Z | 2026-03-04T18:00:41.000Z | |
| drupal-contrib-2026-023 | 2026-03-04T17:58:55.000Z | 2026-03-04T17:58:55.000Z | |
| drupal-contrib-2026-022 | 2026-03-04T17:57:58.000Z | 2026-03-04T17:57:58.000Z | |
| drupal-contrib-2026-021 | 2026-03-04T17:56:18.000Z | 2026-03-04T17:56:18.000Z | |
| drupal-contrib-2026-020 | 2026-03-04T17:54:27.000Z | 2026-03-04T17:54:27.000Z | |
| drupal-contrib-2026-016 | 2026-02-25T18:49:59.000Z | 2026-02-25T19:30:03.000Z | |
| drupal-contrib-2026-019 | 2026-02-25T18:51:43.000Z | 2026-02-25T18:51:43.000Z | |
| drupal-contrib-2026-018 | 2026-02-25T18:51:26.000Z | 2026-02-25T18:51:26.000Z | |
| drupal-contrib-2026-017 | 2026-02-25T18:51:01.000Z | 2026-02-25T18:51:01.000Z | |
| drupal-contrib-2026-014 | 2026-02-25T18:46:10.000Z | 2026-02-25T18:46:10.000Z | |
| drupal-contrib-2026-013 | 2026-02-25T18:45:13.000Z | 2026-02-25T18:45:13.000Z | |
| drupal-contrib-2026-012 | 2026-02-25T18:44:38.000Z | 2026-02-25T18:44:38.000Z | |
| drupal-contrib-2026-011 | 2026-02-25T18:43:32.000Z | 2026-02-25T18:43:32.000Z | |
| drupal-contrib-2026-010 | 2026-02-11T16:54:18.000Z | 2026-02-25T17:17:46.000Z | |
| drupal-contrib-2026-009 | 2026-02-11T16:53:32.000Z | 2026-02-12T15:37:20.000Z | |
| drupal-contrib-2026-008 | 2026-02-04T17:23:40.000Z | 2026-02-04T17:23:40.000Z | |
| drupal-contrib-2025-110 | 2025-09-24T17:27:41.000Z | 2025-09-24T17:27:41.000Z |
| ID | Description | Updated |
|---|---|---|
| ts-2026-001 | TS-2026-001 | 2026-01-15T00:00 |
| ts-2025-008 | TS-2025-008 | 2025-11-19T00:00 |
| ts-2025-007 | TS-2025-007 | 2025-11-07T00:00 |
| ts-2025-006 | TS-2025-006 | 2025-10-28T00:00 |
| ts-2025-005 | TS-2025-005 | 2025-08-07T00:00 |
| ts-2025-004 | TS-2025-004 | 2025-05-27T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-ale-004 | VulnƩrabilitƩ dans F5 BIG-IP Access Policy Manager | 2026-03-31T00:00:00.000000 | 2026-03-31T00:00:00.000000 |
| certfr-2026-ale-002 | [MĆ J] VulnĆ©rabilitĆ© dans Cisco Catalyst SD-WAN | 2026-02-25T00:00:00.000000 | 2026-03-26T00:00:00.000000 |
| certfr-2026-ale-003 | Note dāalerte ā Ciblage des messageries instantanĆ©es | 2026-03-20T00:00:00.000000 | 2026-03-20T00:00:00.000000 |
| certfr-2025-ale-014 | [MĆ J] VulnĆ©rabilitĆ© dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| CERTFR-2025-ALE-014 | [MĆ J] VulnĆ©rabilitĆ© dans React Server Components | 2025-12-05T00:00:00.000000 | 2026-02-12T00:00:00.000000 |
| certfr-2026-ale-001 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| CERTFR-2026-ALE-001 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Ivanti Endpoint Manager Mobile | 2026-01-30T00:00:00.000000 | 2026-02-03T00:00:00.000000 |
| certfr-2025-ale-013 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| CERTFR-2025-ALE-013 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Cisco ASA et FTD | 2025-09-25T00:00:00.000000 | 2025-10-06T00:00:00.000000 |
| certfr-2025-ale-012 | VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| CERTFR-2025-ALE-012 | VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway | 2025-08-26T00:00:00.000000 | 2025-09-26T00:00:00.000000 |
| certfr-2025-ale-010 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| CERTFR-2025-ALE-010 | [MĆ J] Multiples vulnĆ©rabilitĆ©s dans Microsoft SharePoint | 2025-07-21T00:00:00.000000 | 2025-08-26T00:00:00.000000 |
| certfr-2025-ale-011 | Incidents de sƩcuritƩ dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| certfr-2025-ale-009 | Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| CERTFR-2025-ALE-011 | Incidents de sƩcuritƩ dans les pare-feux SonicWall | 2025-08-05T00:00:00.000000 | 2025-08-18T00:00:00.000000 |
| CERTFR-2025-ALE-009 | Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway | 2025-07-01T00:00:00.000000 | 2025-07-17T00:00:00.000000 |
| certfr-2025-ale-004 | ActivitƩs de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| CERTFR-2025-ALE-004 | ActivitƩs de post-exploitation dans Fortinet FortiGate | 2025-04-11T00:00:00.000000 | 2025-08-07T00:00:00.000000 |
| certfr-2025-ale-008 | [MĆ J] VulnĆ©rabilitĆ© dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| CERTFR-2025-ALE-008 | [MĆ J] VulnĆ©rabilitĆ© dans Roundcube | 2025-06-05T00:00:00.000000 | 2025-07-21T00:00:00.000000 |
| certfr-2025-ale-007 | Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-006 | VulnƩrabilitƩ dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-005 | VulnƩrabilitƩ dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| certfr-2025-ale-003 | [MĆ J] VulnĆ©rabilitĆ© dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| CERTFR-2025-ALE-007 | Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) | 2025-05-14T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-006 | VulnƩrabilitƩ dans les produits Fortinet | 2025-05-13T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-005 | VulnƩrabilitƩ dans SAP NetWeaver | 2025-04-28T00:00:00.000000 | 2025-06-24T00:00:00.000000 |
| CERTFR-2025-ALE-003 | [MĆ J] VulnĆ©rabilitĆ© dans les produits Ivanti | 2025-04-04T00:00:00.000000 | 2025-04-11T00:00:00.000000 |
| certfr-2025-ale-002 | [MĆ J] VulnĆ©rabilitĆ© dans les produits Fortinet | 2025-05-07T00:00:00.000000 | 2025-01-14T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0435 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0434 | Multiples vulnƩrabilitƩs dans les produits SAP | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0433 | Multiples vulnƩrabilitƩs dans les produits Schneider Electric | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0432 | Multiples vulnƩrabilitƩs dans les produits Siemens | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0431 | Multiples vulnƩrabilitƩs dans Synology SSL VPN Client | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0430 | Multiples vulnƩrabilitƩs dans Python | 2026-04-14T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0320 | Multiples vulnƩrabilitƩs dans Roundcube | 2026-03-19T00:00:00.000000 | 2026-04-14T00:00:00.000000 |
| certfr-2026-avi-0429 | VulnƩrabilitƩ dans Adobe Acrobat | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0428 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0427 | Multiples vulnƩrabilitƩs dans Microsoft Edge | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0426 | Multiples vulnƩrabilitƩs dans Python | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0425 | VulnƩrabilitƩ dans Foxit PDF Services API | 2026-04-13T00:00:00.000000 | 2026-04-13T00:00:00.000000 |
| certfr-2026-avi-0424 | Multiples vulnƩrabilitƩs dans les produits IBM | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0423 | Multiples vulnƩrabilitƩs dans le noyau Linux de Red Hat | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0422 | Multiples vulnƩrabilitƩs dans le noyau Linux de SUSE | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0421 | Multiples vulnƩrabilitƩs dans le noyau Linux d'Ubuntu | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0420 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0419 | Multiples vulnƩrabilitƩs dans Mattermost Desktop App | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0418 | Multiples vulnƩrabilitƩs dans Apache Tomcat | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0417 | VulnƩrabilitƩ dans Spring Cloud Gateway | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0416 | VulnƩrabilitƩ dans les produits Juniper Networks | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0415 | Multiples vulnƩrabilitƩs dans Tenable Security Center | 2026-04-10T00:00:00.000000 | 2026-04-10T00:00:00.000000 |
| certfr-2026-avi-0414 | Multiples vulnƩrabilitƩs dans les produits Microsoft | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0413 | Multiples vulnƩrabilitƩs dans les produits Elastic | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0412 | Multiples vulnƩrabilitƩs dans les produits Palo Alto Networks | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0411 | Multiples vulnƩrabilitƩs dans Mitel MiCollab | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0410 | Multiples vulnƩrabilitƩs dans GitLab | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0409 | Multiples vulnƩrabilitƩs dans Sonicwall Secure Mobile Access | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0408 | Multiples vulnƩrabilitƩs dans les produits Juniper Networks | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| certfr-2026-avi-0407 | Multiples vulnƩrabilitƩs dans Google Chrome | 2026-04-09T00:00:00.000000 | 2026-04-09T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000053 | EmoCheck loads Dynamic Link Libraries insecurely | 2026-04-10T13:38+09:00 | 2026-04-10T13:38+09:00 |
| jvndb-2026-007973 | Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) | 2026-03-23T14:54+09:00 | 2026-04-09T13:55+09:00 |
| jvndb-2026-000052 | Multiple vulnerabilities in MATCHA series | 2026-04-08T16:15+09:00 | 2026-04-08T16:15+09:00 |
| jvndb-2026-000050 | Multiple vulnerabilities in Movable Type | 2026-04-08T16:15+09:00 | 2026-04-08T16:15+09:00 |
| jvndb-2026-010301 | Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010300 | Multiple Vulnerabilities in Hitachi Ops Center Viewpoint | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-010299 | Multiple Vulnerabilities in Hitachi Ops Center Common Services | 2026-04-08T12:11+09:00 | 2026-04-08T12:11+09:00 |
| jvndb-2026-009720 | Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) | 2026-04-02T14:58+09:00 | 2026-04-03T15:50+09:00 |
| jvndb-2026-000049 | Multiple vulnerabilities in NEC Aterm series (NV26-001) | 2026-04-03T15:09+09:00 | 2026-04-03T15:09+09:00 |
| jvndb-2026-009412 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009411 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009410 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009409 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009408 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009406 | Security information for Hitachi Disk Array Systems | 2026-03-31T15:53+09:00 | 2026-03-31T15:53+09:00 |
| jvndb-2026-009147 | Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer | 2026-03-27T18:18+09:00 | 2026-03-27T18:18+09:00 |
| jvndb-2026-009148 | Open Redirect Vulnerability in Hitachi Ops Center Administrator | 2026-03-27T18:17+09:00 | 2026-03-27T18:17+09:00 |
| jvndb-2026-000047 | Multiple vulnerabilities in baserCMS | 2026-03-27T18:00+09:00 | 2026-03-27T18:00+09:00 |
| jvndb-2026-000045 | WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting | 2026-03-27T17:34+09:00 | 2026-03-27T17:34+09:00 |
| jvndb-2026-000046 | Multiple vulnerabilities in BUFFALO Wi-Fi routers | 2026-03-27T17:18+09:00 | 2026-03-27T17:18+09:00 |
| jvndb-2026-000044 | Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000042 | Digital Photo Frame GH-WDF10A vulnerable to improper access restriction | 2026-03-26T17:41+09:00 | 2026-03-26T17:41+09:00 |
| jvndb-2026-000043 | SHARP routers missing authentication for some web APIs | 2026-03-25T18:41+09:00 | 2026-03-25T18:41+09:00 |
| jvndb-2026-000040 | Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries | 2026-03-25T18:13+09:00 | 2026-03-25T18:13+09:00 |
| jvndb-2026-000041 | SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths | 2026-03-25T17:58+09:00 | 2026-03-25T17:58+09:00 |
| jvndb-2026-007524 | Vulnerability in Hitachi Command Suite | 2026-03-17T16:42+09:00 | 2026-03-17T16:42+09:00 |
| jvndb-2026-000038 | Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries | 2026-03-17T14:57+09:00 | 2026-03-17T14:57+09:00 |
| jvndb-2026-000039 | Missing authorization in the OpenAI thread/message API endpoints of GROWI | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-000037 | OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection | 2026-03-16T17:18+09:00 | 2026-03-16T17:18+09:00 |
| jvndb-2026-006887 | Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 | 2026-03-12T17:22+09:00 | 2026-03-12T17:22+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-16137 | IBM InfoSphere Information Server代ē é®é¢ę¼ę“ļ¼CNVD-2026-16137ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16136 | IBM Concert代ē é®é¢ę¼ę“ļ¼CNVD-2026-16136ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16135 | IBM Concertå åÆé®é¢ę¼ę“ļ¼CNVD-2026-16135ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16134 | IBM Concertå åÆé®é¢ę¼ę“ļ¼CNVD-2026-16134ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16133 | IBM InfoSphere Information Serverå åÆé®é¢ę¼ę“ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16132 | IBM InfoSphere Information Serveräæ”ęÆę³é²ę¼ę“ļ¼CNVD-2026-16132ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16131 | IBM InfoSphere Information Serveräæ”ęÆę³é²ę¼ę“ļ¼CNVD-2026-16131ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16130 | IBM InfoSphere Information Serveräæ”ęÆę³é²ę¼ę“ļ¼CNVD-2026-16130ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16129 | IBM InfoSphere Information Serveräæ”ęÆę³é²ę¼ę“ļ¼CNVD-2026-16129ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16128 | IBM Concertč®æé®ę§å¶éčÆÆę¼ę“ļ¼CNVD-2026-16128ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16069 | WordPressę件WP Gmail SMTPäæ”ęÆę³é²ę¼ę“ | 2025-10-24 | 2026-04-03 |
| cnvd-2026-16068 | WordPressę件TNC Toolbox Web PerformanceååØęŖęę¼ę“ | 2025-11-14 | 2026-04-03 |
| cnvd-2026-16067 | WordPressę件ELEX WordPress HelpDesk & Customer Ticketing SystemååØęŖęę¼ę“ | 2026-02-11 | 2026-04-03 |
| cnvd-2026-16066 | WordPressę件King Addons for Elementoräæ”ęÆę³é²ę¼ę“ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16065 | WordPressę件Download Manageräæ”ęÆę³é²ę¼ę“ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16064 | WordPressę件SMTP Maileräæ”ęÆę³é²ę¼ę“ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16063 | GNU BinUtilsē¼å²åŗęŗ¢åŗę¼ę“ļ¼CNVD-2026-16063ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16062 | Artifex Ghostscript pdfmark_coerce_destå½ę°å ę ē¼å²åŗęŗ¢åŗę¼ę“ | 2025-09-25 | 2026-04-03 |
| cnvd-2026-16061 | Artifex Ghostscript pdf_write_cmapå½ę°å ę ē¼å²åŗęŗ¢åŗę¼ę“ | 2025-09-25 | 2026-04-03 |
| cnvd-2026-16060 | Artifex Ghostscript ocr_begin_pageå½ę°å ē¼å²åŗęŗ¢åŗę¼ę“ | 2025-09-25 | 2026-04-03 |
| cnvd-2026-16059 | Apple macOSäæ”ęÆę³é²ę¼ę“ļ¼CNVD-2026-16059ļ¼ | 2025-12-25 | 2026-04-03 |
| cnvd-2026-16058 | Apple macOSååØęŖęę¼ę“ļ¼CNVD-2026-16058ļ¼ | 2026-03-31 | 2026-04-03 |
| cnvd-2026-16057 | OpenClawč·Æå¾éåę¼ę“ļ¼CNVD-2026-16057ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16056 | OpenClawå®å Øē»čæę¼ę“ļ¼CNVD-2026-16056ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16055 | OpenClawå®å Øē»čæę¼ę“ļ¼CNVD-2026-16055ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16054 | OpenClawå½ä»¤ę§č”ę¼ę“ļ¼CNVD-2026-16054ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16053 | OpenClawęē»ęå”ę¼ę“ļ¼CNVD-2026-16053ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16052 | OpenClawč®æé®ę§å¶éčÆÆę¼ę“ļ¼CNVD-2026-16052ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16051 | OpenClawå®å Øē»čæę¼ę“ļ¼CNVD-2026-16051ļ¼ | 2026-03-26 | 2026-04-03 |
| cnvd-2026-16050 | OpenClawęä½ē³»ē»å½ä»¤ę³Øå „ę¼ę“ļ¼CNVD-2026-16050ļ¼ | 2026-03-26 | 2026-04-03 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01844 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃŠ²ŠøŃŠ° Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃŠø Advanced DNS Security (ADNS) Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½Š¾Š¹ ŃŠøŃŃŠµŠ¼Ń PAN-OS,ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01843 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø loadRLE() Š·Š°Š³ŃŃŠ·ŃŠøŠŗŠ° TGA-ŠøŠ·Š¾Š±ŃŠ°Š¶ŠµŠ½ŠøŠ¹ (PluginTARGA.cpp) Š³ŃŠ°ŃŠøŃŠµŃŠŗŠ¾Š¹ Š±ŠøŠ±ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01842 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø ws_user_gerList() ŃŃŠµŠ½Š°ŃŠøŃ pwg.users.php ŃŠøŃŃŠµŠ¼Ń ŃŠæŃŠ°Š²Š»ŠµŠ½ŠøŃ ŠŗŠ¾Š½ŃŠµŠ½ŃŠ¾Š¼ ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01841 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° Updater Š¾Š±Š»Š°ŃŠ½Š¾Š¹ ŠæŠ»Š°ŃŃŠ¾ŃŠ¼Ń ŃŠæŃŠ°Š²Š»ŠµŠ½ŠøŃ ŠŗŠ¾Š½ŃŠµŠ¹Š½ŠµŃŠ°Š¼Šø Arcane, ŠæŠ¾Š·Š²Š¾Š»ŃŃā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01840 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŠ-Š°Š³ŠµŠ½ŃŠ° OpenClaw (ŃŠ°Š½ŠµŠµ - ClawdBot ŠøŠ»Šø MoltBot), ŃŠ²ŃŠ·Š°Š½Š½Š°Ń Ń Š¾ŃŃŃŃŃŃŠ²ŠøŠµŠ¼ ŠæŃŠ¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01839 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø blocked_path() ŠæŠ°ŠŗŠµŃŠ° Python Š“Š»Ń ŃŠ¾Š·Š“Š°Š½ŠøŃ ŠæŃŠøŠ»Š¾Š¶ŠµŠ½ŠøŠ¹ Š“Š»Ń Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Š¼Š°ŃŠøŠ½ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01838 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š“ŃŠ°Š¹Š²ŠµŃŠ¾Š² Š³ŃŠ°ŃŠøŃŠµŃŠŗŠøŃ ŠæŃŠ¾ŃŠµŃŃŠ¾ŃŠ¾Š² NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, ŃŠ²Ńā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01837 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š³ŃŠ°ŃŠøŃŠµŃŠŗŠøŃ ŠæŃŠ¾ŃŠµŃŃŠ¾ŃŠ¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ńā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01836 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š³ŃŠ°ŃŠøŃŠµŃŠŗŠøŃ ŠæŃŠ¾ŃŠµŃŃŠ¾ŃŠ¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ńā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01835 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š“ŃŠ°Š¹Š²ŠµŃŠ° ESXi base Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ ŃŠµŃŠµŠ²ŃŃ ŠŗŠ¾Š½ŃŃŠ¾Š»Š»ŠµŃŠ¾Š² Intel 80ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01834 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¼ŠøŠŗŃŠ¾ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ ŠŗŠ¾Š½ŃŃŠ¾Š»Š»ŠµŃŠ¾Š² Intel Ethernet ŃŠµŃŠøŠø E810, ŃŠ²ŃŠ·Š°Š½Š½Š°ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01833 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃ Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01832 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃ Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01831 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŠµŃ Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01830 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° File input Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š¾ŃŃŃŠµŃŃŠ²Šøā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01829 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° PictureInPicture Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š¾ŠŗŠ°ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01828 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° Animation Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š¾ŠŗŠ°Š·Š°ŃŃ Š²Š¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01827 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø ŠŗŠ¾Š½ŃŠøŠ“ŠµŠ½ŃŠøŠ°Š»ŃŠ½Š¾ŃŃŠø Fenced Frames Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01826 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½ŃŠ° WebGPU Š±ŃŠ°ŃŠ·ŠµŃŠ° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń Š½Š°ŃŃŃŠøŃŠµŠ»Ń Š²ŃŠ·Š²Š°ŃŃ Š¾ŃŠŗŠ°Š·ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01825 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°ŃŃŠ¾ŃŠ¼Ń Š½Š° Š±Š°Š·Šµ git Š“Š»Ń ŃŠ¾Š²Š¼ŠµŃŃŠ½Š¾Š¹ ŃŠ°Š±Š¾ŃŃ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, ŃŠ²ŃŠ·ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01824 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°ŃŃŠ¾ŃŠ¼Ń Š½Š° Š±Š°Š·Šµ git Š“Š»Ń ŃŠ¾Š²Š¼ŠµŃŃŠ½Š¾Š¹ ŃŠ°Š±Š¾ŃŃ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, ŃŠ²ŃŠ·ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01823 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø Š¼ŠµŠ¶ŃŠµŃŠµŠ²ŃŃ ŃŠŗŃŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01822 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń Ń Š½ŠµŠ“Š¾ŃŃŠ°ŃŠ¾ŃŠ½Š¾Š¹ ŠæŃŠ¾Š²ŠµŃŠŗŠ¾Š¹ ŠøŃŃŠ¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01821 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŃŃŠ½ŠŗŃŠøŠø Š¼ŠµŠ¶ŃŠµŃŠµŠ²ŃŃ ŃŠŗŃŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01820 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠøŠ½ŃŠµŃŃŠµŠ¹ŃŠ° ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ ŃŃŃŠ¾ŠŗŠø Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾Š»ŃŃŃŠ°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01819 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ Š³ŃŠ°ŃŠøŃŠµŃŠŗŠ¾Š³Š¾ ŠæŠ¾Š»ŃŠ·Š¾Š²Š°ŃŠµŠ»ŃŃŠŗŠ¾Š³Š¾ ŠøŠ½ŃŠµŃŃŠµŠ¹ŃŠ° Š¾ŠæŠµŃŠ°ŃŠøŠ¾Š½Š½ŃŃ ŃŠøŃŃŠµŠ¼ Fortinet FortiOSā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01818 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š“Š»Ń ŃŠ°Š·ŃŠ°Š±Š¾ŃŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01817 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š“Š»Ń ŃŠ°Š·ŃŠ°Š±Š¾ŃŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01816 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Š“Š»Ń ŃŠ°Š·ŃŠ°Š±Š¾ŃŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń ā¦ | 16.02.2026 | 16.02.2026 |
| bdu:2026-01815 | Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃŃ ŠæŃŠ¾Š³ŃŠ°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃŠµŠ½ŠøŃ Microsoft ACI Confidential Containers, ŃŠ²ŃŠ·Š°Š½Š½Š°Ń Ń Š½Šµā¦ | 16.02.2026 | 16.02.2026 |
| ID | Description | Updated |
|---|---|---|
| var-202407-2188 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā¦ | 2024-07-23T22:46:32.699000Z |
| var-202406-3119 | Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-sā¦ | 2024-07-23T22:46:22.685000Z |
| var-202407-1740 | NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E haā¦ | 2024-07-23T22:46:18.378000Z |
| var-202407-1417 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā¦ | 2024-07-23T22:46:07.784000Z |
| var-202407-1103 | Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā¦ | 2024-07-23T22:46:01.992000Z |
| var-202407-0957 | WinCC is a SCADA system suitable for all walks of life. It can access devices from mobileā¦ | 2024-07-23T22:45:59.391000Z |
| var-202407-0819 | SIMATIC S7-1500 is a modular control system suitable for various automation applications ā¦ | 2024-07-23T22:45:56.958000Z |
| var-202407-0818 | NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6ā¦ | 2024-07-23T22:45:56.946000Z |
| var-202407-0779 | Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of ā¦ | 2024-07-23T22:45:56.150000Z |
| var-202407-0778 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā¦ | 2024-07-23T22:45:56.131000Z |
| var-202407-0745 | Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā¦ | 2024-07-23T22:45:55.498000Z |
| var-202305-1479 | D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution ā¦ | 2024-07-23T22:45:09.335000Z |
| var-202108-1158 | A race condition was addressed with improved locking. This issue is fixed in macOS Monterā¦ | 2024-07-23T22:44:06.976000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as usedā¦ | 2024-07-23T22:43:49.590000Z |
| var-200702-0378 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 ā¦ | 2024-07-23T22:43:25.614000Z |
| var-201011-0225 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent ā¦ | 2024-07-23T22:41:43.584000Z |
| var-201112-0297 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Neā¦ | 2024-07-23T22:41:20.004000Z |
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includā¦ | 2024-07-23T22:41:18.832000Z |
| var-201803-1810 | A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial ā¦ | 2024-07-23T22:41:17.171000Z |
| var-201809-0087 | WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulā¦ | 2024-07-23T22:41:16.554000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) bā¦ | 2024-07-23T22:41:04.279000Z |
| var-201702-0423 | An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoftā¦ | 2024-07-23T22:40:53.160000Z |
| var-202305-1588 | D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilitā¦ | 2024-07-23T22:40:05.297000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, ā¦ | 2024-07-23T22:39:32.535000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and dā¦ | 2024-07-23T22:39:32.874000Z |
| var-201706-0017 | In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClieā¦ | 2024-07-23T22:38:34.494000Z |
| var-202305-1520 | D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulā¦ | 2024-07-23T22:38:26.576000Z |
| var-202407-0490 | A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP ā¦ | 2024-07-23T22:38:24.768000Z |
| var-201810-0396 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabiliā¦ | 2024-07-23T22:37:44.850000Z |
| var-202001-0833 | A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe moā¦ | 2024-07-23T22:37:43.471000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-028 | Draeger: ICMHelper is vulnerable to a privilege escalation | 2025-08-05T10:00:00.000Z | 2026-01-06T11:00:00.000Z |
| vde-2019-012 | TECSON/GOK: Improper Authentication and Access Control on multiple devices | 2019-06-04T13:21:00.000Z | 2025-05-14T13:00:14.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-104 | Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware | 2026-03-18T08:00:00.000Z | 2026-03-18T08:00:00.000Z |
| vde-2025-109 | Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware | 2026-02-10T08:00:00.000Z | 2026-02-23T14:00:00.000Z |
| vde-2025-073 | Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers | 2026-01-13T08:00:00.000Z | 2026-01-13T08:00:00.000Z |
| vde-2025-071 | Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware | 2025-12-09T08:00:00.000Z | 2026-01-12T08:00:00.000Z |
| vde-2025-074 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-10-14T10:00:00.000Z | 2025-10-15T10:00:00.000Z |
| vde-2025-072 | Phoenix Contact: Security Advisory for QUINT4-UPS EIP | 2025-10-14T06:00:00.000Z | 2025-10-14T06:00:00.000Z |
| vde-2018-003 | PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities | 2018-03-23T09:43:00.000Z | 2025-10-01T08:00:00.000Z |
| vde-2025-077 | Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-064 | Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation | 2025-09-09T07:00:00.000Z | 2025-09-09T07:00:00.000Z |
| vde-2024-039 | Phoenix Contact: Multiple Vulnerabilities in mGuard devices | 2024-09-10T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-022 | Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers | 2024-08-13T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-063 | Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation | 2025-08-12T10:00:00.000Z | 2025-08-12T10:00:00.000Z |
| vde-2025-019 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-07-08T10:00:00.000Z | 2025-07-22T08:00:00.000Z |
| vde-2019-015 | PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers | 2019-08-07T00:00:00.000Z | 2025-07-11T07:00:00.000Z |
| vde-2025-054 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-053 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2025-014 | Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers | 2025-07-08T10:00:00.000Z | 2025-07-08T10:00:00.000Z |
| vde-2023-057 | Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC | 2023-12-12T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2023-001 | PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware | 2023-02-14T07:50:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2020-002 | PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks | 2020-02-25T09:07:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2024-073 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2024-12-09T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-071 | Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware | 2024-12-09T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-058 | Phoenix Contact: PLCnext Control prone to download of code without integrity check | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-056 | Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-054 | Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-051 | Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 | 2023-12-12T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-018 | Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels | 2023-08-08T06:41:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-017 | Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices | 2023-08-08T04:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-016 | Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 | 2023-08-08T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-051 | PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family | 2022-11-15T09:27:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-085 | Welotec: Path Traversal in SmartEMS Upload Handling | 2025-09-10T07:00:00.000Z | 2025-09-22T08:00:00.000Z |
| vde-2025-076 | Welotec: Hard-coded JWT secret in egOS WebGUI | 2025-08-26T07:00:00.000Z | 2025-08-26T07:00:00.000Z |
| vde-2024-009 | Welotec: Two vulnerabilities in TK500v1 router series | 2024-04-09T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-043 | Welotec: Multiple products are vulnerable to regreSSHion | 2024-08-22T06:00:00.000Z | 2024-08-22T06:00:00.000Z |
| vde-2024-023 | Welotec: Clickjacking Vulnerability in WebUI | 2024-04-23T08:00:00.000Z | 2024-04-23T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| advisory2026-03_vde-2026-018 | CODESYS Control V3 - Externally-controlled format string in Auditlog | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-02_vde-2026-011 | CODESYS Control V3 - Untrusted boot application | 2026-03-24T08:00:00.000Z | 2026-03-24T08:00:00.000Z |
| advisory2026-01_vde-2026-012 | CODESYS Installer - Possible Privilege Escalation | 2026-03-10T10:00:00.000Z | 2026-03-10T10:00:00.000Z |
| advisory2025-10_vde-2025-100 | CODESYS Control - Invalid type usage in visualization | 2025-12-01T10:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-09_vde-2025-099 | CODESYS Control - Linux/QNX SysSocket flaw | 2025-12-01T11:00:00.000Z | 2026-02-12T11:00:00.000Z |
| advisory2025-11_vde-2025-101 | CODESYS Development System - Deserialization of Untrusted Data | 2025-12-01T10:00:00.000Z | 2025-12-01T10:00:00.000Z |
| advisory2025-08_vde-2025-070 | CODESYS Control V3 - NULL pointer dereference | 2025-08-04T08:00:00.000Z | 2025-10-14T08:00:00.000Z |
| advisory2025-07_vde-2025-051 | CODESYS Control V3 - Exposed PKI folder | 2025-08-04T10:00:00.000Z | 2025-09-01T10:00:00.000Z |
| advisory2025-06_vde-2025-049 | CODESYS Control V3 - Insecure default permissions | 2025-08-04T10:00:00.000Z | 2025-08-04T10:00:00.000Z |
| advisory2025-04_vde-2025-022 | CODESYS Control V3 - OPC UA Server Authentication bypass | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-03_vde-2025-015 | CODESYS Control V3 removable media path traversal | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-02_vde-2025-013 | CODESYS (Edge) Gateway for Windows insecure default | 2025-03-18T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| advisory2025-01_vde-2025-001 | CODESYS Key physical side-channel vulnerability | 2025-01-21T11:00:00.000Z | 2025-06-05T13:31:01.000Z |
| vde-2024-024 | CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files | 2024-05-06T08:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2024-027 | CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere | 2024-06-04T06:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-026 | CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products | 2024-06-04T08:00:00.000Z | 2025-05-14T13:00:14.000Z |
| advisory2025-05_vde-2025-027 | CODESYS Visualization user management bypass in WebVisu | 2025-04-23T10:00:00.000Z | 2025-04-23T10:00:00.000Z |
| advisory2024-05_vde-2024-057 | CODESYS: CODESYS web server vulnerable to DoS | 2024-09-25T21:59:00.000Z | 2025-04-03T10:00:00.000Z |
| vde-2024-046 | OSCAT: Out-of-bounds read in OSCAT Basic library | 2024-09-10T14:00:00.000Z | 2024-09-10T14:00:00.000Z |
| vde-2023-066 | CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products | 2023-12-05T14:25:00.000Z | 2023-12-05T14:25:00.000Z |
| vde-2023-035 | CODESYS: Multiple products affected by WIBU Codemeter vulnerability | 2023-12-05T07:00:00.000Z | 2023-12-05T07:00:00.000Z |
| vde-2023-025 | CODESYS: Control runtime system memory and integrity check vulnerabilities | 2023-08-03T11:18:00.000Z | 2023-08-03T11:18:00.000Z |
| vde-2023-023 | CODESYS: Missing Brute-Force protection in CODESYS Development System | 2023-08-03T11:08:00.000Z | 2023-08-03T11:08:00.000Z |
| vde-2023-022 | CODESYS: Missing integrity check in CODESYS Development System | 2023-08-03T10:52:00.000Z | 2023-08-03T10:52:00.000Z |
| vde-2023-021 | CODESYS: Vulnerability in CODESYS Development System allows execution of binaries | 2023-08-03T10:48:00.000Z | 2023-08-03T10:48:00.000Z |
| vde-2023-019 | CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce | 2023-08-03T10:42:00.000Z | 2023-08-03T10:42:00.000Z |
| vde-2023-024 | CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting | 2023-07-28T07:45:00.000Z | 2023-07-28T07:45:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-067 | Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access | 2025-08-10T10:00:00.000Z | 2025-08-25T10:00:00.000Z |
| vde-2022-057 | Wiesemann & Theis multiple products prone to web interface vulnerability | 2022-12-13T07:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-018 | Wiesemann & Theis: Multiple products prone to unquoted search path | 2024-02-28T07:00:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2025-024 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version | 2025-05-13T10:00:00.000Z | 2025-05-13T10:00:00.000Z |
| vde-2025-032 | Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting | 2025-05-06T10:00:00.000Z | 2025-05-06T10:00:00.000Z |
| vde-2025-031 | Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| vde-2022-043 | Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family | 2022-11-07T11:43:00.000Z | 2022-11-07T12:14:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-030 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-04-02T11:00:00.000Z | 2026-04-02T11:00:00.000Z |
| vde-2026-024 | MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2024-068 | MB connect line: Multiple Vulnerabilities in MB connect line Products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2024-056 | MB connect line: Multiple Vulnerabilities in mbNET.mini Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-010 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-03-18T11:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-065 | MB connect line: Sandbox escape in mbNET's LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2025-058 | MB connect line: Multiple vulnerabilities in mbNET.mini | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-035 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-034 | Vulnerabilities in mbCONNECT24/mymbCONNECT24 | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2021-030 | MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) | 2022-09-07T10:48:00.000Z | 2025-06-06T07:00:00.000Z |
| vde-2023-002 | MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 | 2023-05-15T14:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-037 | MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 | 2021-10-27T10:15:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-031 | MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 | 2021-07-22T11:33:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-017 | MB connect line: Privilege escalation in mbDIALUP | 2021-07-22T11:35:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-012 | MB connect line: multiple products partially affected by DNSpooq | 2021-04-26T08:04:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-035 | MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 | 2020-09-18T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-030 | MB connect line: mbNET.mini vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T09:00:00.000Z |
| vde-2023-041 | MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2024-042 | MB connect line: Multiple products are vulnerable to regreSSHion | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-012 | MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2022-011 | MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 | 2022-09-07T12:50:00.000Z | 2022-09-07T12:50:00.000Z |
| vde-2021-003 | MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) | 2022-09-07T10:46:00.000Z | 2022-09-07T10:46:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-043 | Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual | 2026-04-13T11:00:00.000Z | 2026-04-13T11:00:00.000Z |
| vde-2026-013 | Helmholz: Use of a Broken or Risky Cryptographic Algorithm | 2026-04-07T08:00:00.000Z | 2026-04-07T08:00:00.000Z |
| vde-2026-025 | Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual | 2026-03-23T12:00:00.000Z | 2026-03-23T12:00:00.000Z |
| vde-2024-069 | Helmholz: Multiple Vulnerabilities in Helmholz products | 2024-10-15T08:00:00.000Z | 2026-03-06T08:00:00.000Z |
| vde-2024-066 | Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product | 2024-10-15T08:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-069 | Helmholz: Sandbox escape in REX200/250 LUA interpreter | 2025-07-31T10:00:00.000Z | 2025-07-31T10:00:00.000Z |
| vde-2025-059 | Helmholz: Multiple vulnerabilities in REX 100 | 2025-07-21T10:00:00.000Z | 2025-07-21T10:00:00.000Z |
| vde-2025-038 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2025-037 | Vulnerabilities in myREX24/myREX24.virtual | 2025-06-24T10:00:00.000Z | 2025-06-24T10:00:00.000Z |
| vde-2021-057 | Helmholz: Privilege Escalation in shDialup (Update A) | 2021-03-28T13:03:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2024-031 | Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual | 2025-03-18T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2022-017 | Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual | 2022-09-07T12:54:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-058 | Helmholz: Remote user enumeration in myREX24/myREX24-virtual | 2021-12-08T13:04:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-044 | Helmholz: Multiple products are vulnerable to regreSSHion | 2024-07-31T08:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-032 | Helmholz: REX 100 vulnerable to OS command injection | 2024-07-03T09:00:00.000Z | 2024-07-03T13:33:00.000Z |
| vde-2023-043 | Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual | 2023-10-16T08:38:00.000Z | 2023-10-16T08:38:00.000Z |
| vde-2023-029 | Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 | 2023-08-17T12:00:00.000Z | 2023-08-17T12:00:00.000Z |
| vde-2023-008 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2023-05-15T12:06:00.000Z | 2023-05-15T12:06:00.000Z |
| vde-2022-039 | Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual | 2022-09-07T10:56:00.000Z | 2022-09-07T10:56:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fsa-202601 | Several CODESYS vulnerabilities in Festo Automation Suite | 2026-02-26T08:00:00.000Z | 2026-02-26T08:00:00.000Z |
| fsa-202302 | Festo: Several vulnerabilities in FactoryViews | 2023-07-10T10:00:00.000Z | 2026-02-02T08:00:00.000Z |
| fsa-202402 | Several Vulnerabilities in MES PC (Windows 10) | 2024-02-27T12:00:00.000Z | 2025-12-08T07:00:00.000Z |
| fsa-202405 | Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability | 2024-09-09T07:00:00.000Z | 2025-11-05T08:00:00.000Z |
| fsa-202401 | Festo: Multiple products contain CoDe16 vulnerability | 2024-01-30T07:00:00.000Z | 2025-11-04T11:00:00.000Z |
| fsa-202202 | Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-11-03T11:00:00.000Z |
| fsa-202209 | Festo: Incomplete documentation of remote accessible functions and protocols in Festo products | 2022-11-29T11:49:00.000Z | 2025-11-03T10:00:00.000Z |
| fsa-202208 | Festo: Multiple Festo products contain an unsafe default Codesys configuration | 2022-11-29T11:41:00.000Z | 2025-10-28T11:00:00.000Z |
| fsa-202206 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products | 2022-12-13T11:50:00.000Z | 2025-10-01T10:50:00.000Z |
| fsa-202304 | Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions | 2023-09-05T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202301 | Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance | 2023-08-29T10:00:00.000Z | 2025-10-01T10:00:00.000Z |
| fsa-202303 | Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products | 2023-10-17T06:00:00.000Z | 2025-10-01T06:00:00.000Z |
| fsa-202101 | Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q | 2021-09-22T11:13:00.000Z | 2025-08-26T10:00:00.000Z |
| fsa-202207 | Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function | 2022-09-20T10:00:00.000Z | 2025-07-28T10:00:00.000Z |
| fsa-202203 | Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system | 2022-07-18T10:00:00.000Z | 2025-07-10T10:00:00.000Z |
| fsa-202201 | Festo: CECC-X-M1 - command injection vulnerabilities | 2022-07-06T07:00:00.000Z | 2025-06-23T08:00:00.000Z |
| fsa-202305 | Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products | 2023-11-28T07:00:00.000Z | 2025-05-13T10:00:00.000Z |
| fsa-202406 | Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo | 2024-12-03T11:00:00.000Z | 2024-12-03T14:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-011 | PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL ā Device is affected by XSS vulnerability and information disclosure | 2025-05-26T10:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2024-038 | Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation | 2024-07-10T06:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-002 | PEPPERL+FUCHS: HMI ā devices are affected by Windows RCE | 2025-02-25T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-017 | Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities | 2024-04-10T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-021 | Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities | 2022-05-16T14:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-041 | Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability | 2021-10-26T13:35:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-053 | Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities | 2021-03-08T13:44:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-017 | Pepperl+Fuchs, PACTware: Two password vulnerabilities found | 2020-05-29T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-033 | PEPPERL+FUCHS: Device Master ICDM-RX/* ā Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service | 2024-08-13T12:00:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2020-014 | Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets | 2020-03-31T13:30:00.000Z | 2025-05-14T14:34:17.000Z |
| vde-2021-006 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-11-16T14:53:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-050 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-15T13:33:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-028 | Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities | 2021-08-16T12:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-027 | Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-10-16T12:00:00.001Z | 2025-05-14T13:00:14.000Z |
| vde-2020-038 | Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master | 2021-01-04T13:01:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2019-002 | Pepperl+Fuchs: Path traversal in WirelessHART Gateway | 2019-03-06T10:35:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-007 | Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service | 2021-02-16T14:53:00.000Z | 2025-05-14T12:53:43.000Z |
| vde-2024-065 | PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key | 2024-11-26T11:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-063 | PEPPERL+FUCHS: Multiple products are affected by regreSSHion | 2024-10-08T12:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-001 | Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 | 2021-01-15T12:41:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-016 | Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability | 2018-10-19T10:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2018-002 | Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks | 2018-02-14T08:50:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-037 | Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 | 2024-07-10T06:00:00.000Z | 2024-07-10T06:00:00.000Z |
| vde-2022-012 | Pepperl+Fuchs: Vulnerability in multiple VisuNet devices | 2022-04-26T12:00:00.000Z | 2022-05-16T14:15:00.000Z |
| vde-2021-034 | Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices | 2021-07-30T07:55:00.000Z | 2021-07-30T07:55:00.000Z |
| vde-2021-018 | Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules | 2021-05-12T08:57:00.000Z | 2021-05-12T08:57:00.000Z |
| vde-2020-040 | Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux | 2020-10-05T12:00:00.000Z | 2020-10-05T12:00:00.000Z |
| vde-2020-034 | Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components | 2020-09-10T13:22:00.000Z | 2020-09-10T13:22:00.000Z |
| vde-2019-011 | Pepperl+Fuchs: Remote code execution vulnerability in HMI devices | 2019-05-29T07:35:00.000Z | 2019-10-07T10:00:00.000Z |
| vde-2019-004 | Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack | 2019-03-14T07:52:00.000Z | 2019-03-14T07:52:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ppsa-2026-001 | Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service | 2026-02-02T08:00:00.000Z | 2026-02-02T10:00:00.000Z |
| ppsa-2025-004 | Pilz: Vulnerability affecting PASvisu Runtime | 2025-10-20T10:00:00.000Z | 2025-10-20T10:00:00.000Z |
| ppsa-2025-003 | Pilz: Authentication Bypass in IndustrialPI Webstatus | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-002 | Pilz: Missing Authentication in Node-RED integration | 2025-07-01T10:00:00.000Z | 2025-07-01T10:00:00.000Z |
| ppsa-2025-001 | Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory | 2025-06-30T10:00:00.000Z | 2025-06-30T10:00:00.000Z |
| vde-2022-044 | Pilz: Multiple products affected by ZipSlip | 2022-11-24T09:00:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2023-048 | Pilz: Multiple products prone to libwebp vulnerability | 2023-12-05T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-033 | Pilz: WIBU Vulnerabilitiy in multiple Products | 2023-10-12T06:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-045 | Pilz: PAS 4000 prone to ZipSlip | 2022-11-24T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-009 | Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities | 2021-09-20T11:56:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-033 | Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-09-10T13:18:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2023-050 | Pilz: Vulnerability in PASvisu and PMI v8xx | 2024-01-30T07:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-002 | Pilz: Multiple products affected by uC/HTTP vulnerability | 2024-02-06T07:00:00.000Z | 2024-02-06T07:00:00.000Z |
| vde-2023-059 | Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx | 2023-12-05T07:06:00.000Z | 2023-12-05T07:06:00.000Z |
| vde-2022-033 | Pilz: PASvisu and PMI affected by multiple vulnerabilities | 2022-11-24T09:00:00.000Z | 2022-11-24T09:00:00.000Z |
| vde-2021-061 | Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-055 | Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2021-054 | Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-008 | Wago: Vulnerability in WBM through Open VPN | 2026-04-08T07:00:00.000Z | 2026-04-08T07:00:00.000Z |
| vde-2026-021 | WAGO: Multiple Vulnerabilities in WAGO VC Hub | 2026-03-30T07:00:00.000Z | 2026-03-30T07:00:00.000Z |
| vde-2026-010 | WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere | 2026-03-30T07:00:00.000Z | 2026-03-30T07:00:00.000Z |
| vde-2026-020 | WAGO: Vulnerability in managed switches | 2026-03-23T08:00:00.000Z | 2026-03-23T08:00:00.000Z |
| vde-2026-004 | WAGO: Vulnerabilities in Managed Switch | 2026-02-09T08:00:00.000Z | 2026-02-09T08:00:00.000Z |
| vde-2025-095 | WAGO: Vulnerabilities in WAGO Industrial-Managed Switches | 2025-12-10T10:00:00.000Z | 2026-01-19T08:00:00.000Z |
| vde-2025-018 | WAGO: Vulnerabilities in WAGO Device Manager | 2025-06-16T10:00:00.000Z | 2025-11-21T12:00:00.000Z |
| vde-2025-062 | WAGO: Multiple Vulnerabilities in CODESYS components | 2025-11-03T11:00:00.000Z | 2025-11-03T11:00:00.000Z |
| vde-2025-087 | WAGO: Vulnerabilities in Device Sphere and Solution Builder | 2025-09-24T09:00:00.000Z | 2025-09-24T09:00:00.000Z |
| vde-2018-013 | WAGO: 750-8xx Controller Denial of Service | 2018-08-17T09:45:00.000Z | 2025-09-22T10:00:00.000Z |
| vde-2025-083 | WAGO: Vulnerability in hardware switch circuit | 2025-09-15T08:00:00.000Z | 2025-09-15T08:00:00.000Z |
| vde-2025-080 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2025-082 | WAGO: Critical sudo Vulnerability in Multiple Products | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-048 | WAGO: Escalation of Privileges in Coupler Firmware | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-057 | WAGO: Vulnerability in WAGO Device Sphere | 2025-06-23T10:00:00.000Z | 2025-07-07T06:15:00.000Z |
| vde-2025-040 | WAGO: Vulnerabilities in ctrlX OS app | 2025-06-16T10:00:00.000Z | 2025-06-16T10:00:00.000Z |
| vde-2024-014 | WAGO: Multiple products affected by Terrapin | 2024-02-22T07:00:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2025-020 | WAGO: Switches affected by year 2k38 problem | 2025-06-02T06:00:00.000Z | 2025-06-02T06:00:00.000Z |
| vde-2024-047 | WAGO: Multiple vulnerabilities in docker configuration | 2024-11-18T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-026 | WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime | 2023-07-31T07:36:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-007 | WAGO: Unauthenticated command execution via Web-based-management UPDATE A | 2023-05-15T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-009 | WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe | 2022-04-06T07:30:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-002 | WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro | 2022-01-31T13:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-060 | WAGO: Smart Script affected by Log4Shell Vulnerability | 2022-01-05T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-049 | WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 | 2021-11-16T12:05:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-014 | WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 | 2021-05-20T09:08:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-011 | WAGO: Multiple Vulnerabilities in I/O-Check Service | 2020-03-09T09:30:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-009 | WAGO: e!Cockpit Two Update Package Vulnerabilities | 2020-03-09T09:18:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2018-010 | WAGO: Multiple vulnerabilities in e!DISPLAY products | 2018-07-10T09:50:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-008 | WAGO: Vulnerabilities in CODESYS Control | 2025-02-04T11:00:00.000Z | 2025-05-14T13:00:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-061 | ifm: Improper Access Control vulnerability | 2025-06-30T10:00:00.000Z | 2026-02-18T08:00:00.000Z |
| vde-2024-028 | ifm moneo password reset can be exploited | 2024-05-06T10:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2024-012 | ifm: Vulnerabilities in ifm AC14 firmware | 2024-07-09T07:00:00.000Z | 2026-01-15T11:00:00.000Z |
| vde-2022-050 | IFM: weak password recovery vulnerability in moneo appliance | 2022-12-12T11:00:00.000Z | 2026-01-06T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-106 | Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server | 2026-01-26T10:00:00.000Z | 2026-02-12T09:00:00.000Z |
| vde-2025-092 | Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager | 2026-01-27T11:00:00.000Z | 2026-01-27T11:00:00.000Z |
| vde-2025-075 | Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering | 2025-09-09T10:00:00.000Z | 2025-09-09T10:00:00.000Z |
| vde-2022-003 | BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology | 2022-03-01T12:34:00.000Z | 2025-06-05T13:28:13.000Z |
| vde-2024-050 | Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-049 | Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-048 | Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-045 | Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system | 2024-08-27T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2023-067 | Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf | 2023-12-13T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-051 | Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server | 2021-11-04T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-008 | Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-037 | Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) | 2020-11-19T13:41:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-019 | Beckhoff: EtherLeak in TwinCAT RT network driver | 2020-06-16T08:31:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-005 | Beckhoff: BK9000 couplers - Denial of service inhibits function | 2020-03-10T13:17:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-019 | Beckhoff: TwinCAT Denial-of-Service in Profinet driver | 2019-10-09T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-064 | Beckhoff: Local command injection via TwinCAT Package Manager | 2024-10-31T11:00:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2020-051 | Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server | 2021-04-27T08:08:00.000Z | 2021-05-11T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-007 | TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability | 2026-02-23T08:00:00.000Z | 2026-02-23T08:00:00.000Z |
| vde-2021-011 | TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability | 2021-03-22T08:59:00.000Z | 2026-02-02T14:25:00.000Z |
| vde-2025-078 | TRUMPF: Remote support uses an outdated encryption algorithm | 2025-08-25T06:00:00.000Z | 2025-08-29T10:00:00.000Z |
| vde-2024-005 | TRUMPF: Multiple products contain vulnerable version of 7-zip | 2024-01-23T07:00:00.000Z | 2025-06-05T13:28:12.000Z |
| vde-2024-004 | TRUMPF: Multiple products affected by log4net vulnerability | 2025-04-22T10:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2024-003 | TRUMPF: Multiple products include a vulnerable version of Notepad++ | 2024-01-23T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-049 | TRUMPF: Multiple products prone to X.Org server vulnerabilities | 2022-11-07T11:43:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2020-039 | TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T10:28:00.000Z | 2025-05-14T12:36:39.000Z |
| vde-2024-040 | Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-034 | Multiple TRUMPF products prone to nftables server vulnerabilities | 2024-06-25T10:00:00.000Z | 2025-04-10T13:00:00.000Z |
| vde-2024-001 | TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities | 2024-01-29T07:00:00.000Z | 2024-01-29T07:00:00.000Z |
| vde-2024-006 | TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x | 2024-01-23T07:00:00.000Z | 2024-01-23T07:00:00.000Z |
| vde-2023-031 | Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability | 2023-09-13T10:00:00.000Z | 2023-11-13T11:00:00.000Z |
| vde-2022-023 | TRUMPF TruTops prone to improper access control | 2022-10-17T10:00:00.000Z | 2022-10-17T10:00:00.000Z |
| vde-2022-034 | TRUMPF: Products prone to Unified Automation vulnerabilities | 2022-08-15T10:00:00.000Z | 2022-08-15T10:00:00.000Z |
| vde-2022-016 | TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability | 2022-05-02T10:00:00.000Z | 2022-05-02T10:00:00.000Z |
| vde-2021-033 | TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities | 2021-08-12T13:02:00.001Z | 2021-08-12T13:02:00.001Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-043 | Lenze: PLC Designer V4 with insecure storage of sensitive information | 2025-06-25T10:00:00.000Z | 2025-06-25T10:00:00.000Z |
| vde-2025-042 | Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway | 2025-05-27T09:00:00.000Z | 2025-05-27T09:00:00.000Z |
| vde-2024-053 | Lenze: Install Directory with insufficient permissions | 2024-09-03T08:00:00.000Z | 2025-03-13T11:30:00.000Z |
| vde-2022-030 | Lenze: Vulnerability in the OPC-UA authentification connection in the firmware | 2022-07-11T10:00:00.000Z | 2022-07-11T10:00:00.000Z |
| vde-2021-048 | Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication | 2021-10-04T12:33:00.000Z | 2021-10-04T12:33:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-029 | Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 | 2022-09-26T08:00:00.000Z | 2026-03-02T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-047 | AUMA: Incorrect delivery status of the Bluetooth configuration | 2025-06-10T10:00:00.000Z | 2025-06-10T10:00:00.000Z |
| vde-2023-028 | AUMA: SIMA Master Station affected by WRECK vulnerability | 2023-08-07T11:35:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2022-024 | Auma: SIMAĀ² Master Station Denial of Service Vulnerability on Automation Runtime Webserver | 2022-06-15T10:00:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2025-026 | AUMA Riester: Buffer overflow in service telegram | 2025-05-12T10:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2023-027 | AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations | 2023-08-07T09:35:00.000Z | 2023-08-07T09:35:00.000Z |
| vde-2022-032 | AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service | 2022-08-09T08:00:00.000Z | 2022-08-09T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-084 | Bender Charge Controller Vulnerability - Unsecure Communication | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2025-061 | Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated | 2025-09-08T07:00:00.000Z | 2025-09-08T07:00:00.000Z |
| vde-2021-047 | Bender/ebee: Multiple Charge Controller Vulnerabilities | 2022-04-26T10:00:00.000Z | 2022-04-26T10:00:00.000Z |
| vde-2020-043 | Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability | 2020-10-16T06:54:00.000Z | 2020-10-16T06:54:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-107 | Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities | 2025-12-05T11:00:00.000Z | 2026-04-02T10:00:00.000Z |
| vde-2026-003 | Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime | 2026-03-31T08:00:00.000Z | 2026-04-01T11:00:00.000Z |
| vde-2026-002 | Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation | 2026-03-02T07:00:00.000Z | 2026-03-02T07:00:00.000Z |
| vde-2025-068 | Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions | 2025-09-02T10:00:00.000Z | 2026-02-20T09:00:00.000Z |
| vde-2025-105 | Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability | 2025-12-08T09:00:00.000Z | 2025-12-08T09:00:00.000Z |
| vde-2024-054 | Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities | 2024-10-21T08:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2021-044 | Endress+Hauser: Multiple products affected by log4net vulnerability | 2022-01-20T08:06:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-005 | Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability | 2021-03-01T06:39:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-031 | Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities | 2020-10-27T13:10:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2020-022 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information | 2020-11-19T14:48:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-040 | Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow | 2021-10-04T12:30:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-010 | Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks | 2021-05-18T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-021 | Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management | 2020-11-19T14:48:00.000Z | 2025-04-11T07:00:00.000Z |
| vde-2025-036 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-03-06T14:00:00.000Z | 2025-03-06T14:00:00.000Z |
| vde-2024-041 | Endress+Hauser: Multiple products are vulnerable to code injection | 2024-09-10T08:00:00.000Z | 2024-09-10T08:00:00.000Z |
| vde-2022-019 | Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components | 2022-06-02T15:11:00.000Z | 2022-06-02T15:11:00.000Z |
| vde-2022-006 | Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware | 2022-03-24T10:48:00.000Z | 2022-03-24T10:48:00.000Z |
| vde-2019-005 | Endress+Hauser: WIFI enabled products utilising WPA2 | 2019-03-19T15:34:00.000Z | 2019-03-19T15:34:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-030 | Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability | 2025-07-07T10:00:00.000Z | 2025-07-29T10:00:00.000Z |
| vde-2023-049 | Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability | 2023-12-11T07:00:00.000Z | 2023-12-11T07:00:00.000Z |
| vde-2023-038 | Frauscher: Multiple Vulnerabilities in FDS101 | 2023-09-21T06:00:00.000Z | 2023-09-21T06:00:00.000Z |
| vde-2023-011 | Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability | 2023-07-05T08:00:00.000Z | 2023-07-05T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2019-010 | Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway | 2019-05-20T06:58:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2020-024 | Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED | 2020-07-08T07:29:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2022-052 | Miele: Vulnerability in ease2pay cloud service used by appWash | 2022-11-21T09:00:00.000Z | 2022-11-21T09:00:00.000Z |
| vde-2022-015 | Miele: Security vulnerability in Benchmark Programming Tool | 2022-04-27T12:00:00.000Z | 2022-04-27T12:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-096 | Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| vde-2025-044 | Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities | 2025-05-27T09:00:00.000Z | 2025-08-27T10:00:00.000Z |
| vde-2025-052 | Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities | 2025-06-11T10:00:00.000Z | 2025-07-23T10:00:00.000Z |
| vde-2023-032 | Weidmueller: WIBU Vulnerability in multiple Products | 2023-11-09T07:42:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2019-018 | Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches | 2019-12-05T12:03:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-041 | Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX | 2025-05-19T09:00:00.000Z | 2025-05-19T09:00:00.000Z |
| vde-2025-021 | Weidmueller: Authentication Vulnerability in PROCON-WIN 5 | 2025-03-05T09:00:00.000Z | 2025-05-14T13:26:53.000Z |
| vde-2021-026 | Weidmueller: Multiple vulnerabilities in Industrial WLAN devices | 2021-06-23T11:04:00.000Z | 2025-05-14T13:00:15.000Z |
| vde-2021-042 | Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities | 2021-10-18T08:24:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2021-016 | Weidmueller: Accidentally open network port in u-controls and IoT-Gateways | 2021-05-04T08:17:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2021-002 | Weidmueller: WI Manager affected by fdtContainer vulnerability | 2021-01-20T13:32:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2020-041 | Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities | 2020-10-12T09:14:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2025-023 | Weidmueller: OpenSSL vulnerability in industrial ethernet switches | 2025-03-05T08:00:00.000Z | 2025-03-05T11:00:00.000Z |
| vde-2022-056 | Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability | 2022-12-14T07:00:00.000Z | 2022-12-14T07:00:00.000Z |
| vde-2021-004 | Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write | 2022-06-21T08:00:00.000Z | 2022-06-21T08:00:00.000Z |
| vde-2022-008 | WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways | 2022-04-07T06:00:00.000Z | 2022-04-07T06:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-066 | SMA: Directory Traversal in Sunny Boy | 2025-08-27T08:00:00.000Z | 2025-08-27T08:00:00.000Z |
| vde-2025-050 | SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user | 2025-08-19T10:00:00.000Z | 2025-08-19T10:00:00.000Z |
| vde-2024-075 | SMA: Sunny Webbox clickjacking vulnerability | 2025-01-27T13:00:00.000Z | 2025-06-17T06:00:00.000Z |
| vde-2025-012 | SMA: Sunny Portal Remote Code Execution | 2025-02-26T11:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-010 | SMA: Sunny Portal demo system privilege escalation | 2025-05-13T11:00:00.000Z | 2025-05-14T13:00:14.000Z |
| vde-2024-074 | SMA: SQL injection in Sunny Central UP | 2024-11-27T09:00:00.000Z | 2025-05-14T12:28:19.000Z |
| vde-2024-020 | SMA: Cluster Controller CSRF vulnerability | 2025-01-27T13:00:00.000Z | 2025-02-12T16:48:47.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-013 | HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing | 2024-02-13T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2022-059 | HIMA: unquoted path vulnerabilities in X-OPC and X-OTS | 2023-01-16T09:00:00.000Z | 2025-05-22T13:03:10.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-091 | Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro | 2025-10-14T10:00:00.000Z | 2025-10-14T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2020-016 | SWARCO: Critical Vulnerability in CPU LS4000 | 2020-05-28T13:00:00.000Z | 2020-05-28T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2024-016 | ADS-TEC Industrial IT: Docker vulnerability affects multiple products | 2024-02-19T07:00:00.000Z | 2025-05-22T13:03:10.000Z |
| vde-2025-033 | ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products | 2025-04-14T10:00:00.000Z | 2025-04-14T10:00:00.000Z |
| vde-2023-009 | ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 | 2023-05-08T13:37:00.000Z | 2023-05-08T13:37:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2022-061 | VARTA: Multiple devices prone to hard-coded credentials | 2023-03-15T09:00:00.000Z | 2023-03-15T09:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-060 | Sauter: Multiple vulnerabilities in SAUTER modulo 6 | 2025-10-21T10:00:00.000Z | 2025-10-27T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2025-079 | Janitza: Multiple vulnerabilities in UMG 96RM-E | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| vde-2025-094 | Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ | 2025-11-24T12:00:00.000Z | 2025-11-24T12:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| vde-2026-001 | METTLER TOLEDO: ASP.NET core vulnerability in LabX | 2026-03-04T07:00:00.000Z | 2026-03-04T07:00:00.000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-0025 |
6.9 (4.0)
|
RansomLook - Improper Filtering of Private Location Enā¦ |
ransomlook |
ransomlook |
2026-04-12T15:22:00.000Z | 2026-04-12T15:27:31.523942Z |
| GCVE-1-2026-0024 |
8.8 (4.0)
|
LDAP injection in MISP ApacheAuthenticate when using aā¦ |
misp |
misp |
2026-04-08T08:28:00.000Z | 2026-04-09T04:44:04.936665Z |
| GCVE-1-2026-0023 |
8.5 (4.0)
|
Stored XSS in modal item preview for long item contentā¦ |
ail-project |
ail-framework |
2026-04-07T06:29:00.000Z | 2026-04-08T04:22:15.084342Z |
| GCVE-1-2026-0022 |
6.4 (4.0)
|
MISP - Beta Overmind UI Stored Cross-Site Scripting inā¦ |
misp |
misp |
2026-03-30T09:48:36.968649Z | 2026-03-30T09:48:36.968649Z |
| GCVE-1-2026-0021 |
10 (4.0)
|
Critical RCE Vulnerability reported in Windchill |
windchill |
FlexPLM |
2026-03-23T12:30:40.249187Z | 2026-03-23T12:30:40.249187Z |
| GCVE-1-2026-0020 |
10 (4.0)
|
Remote Code Execution Attack Against Eircom D1000 Router |
Eir |
D1000 |
2026-03-11T14:12:00.000Z | 2026-03-11T14:23:24.609831Z |
| GCVE-1-2026-0019 |
6.4 (4.0)
|
Improper URL validation in MISP dashboard button widgeā¦ |
misp |
misp |
2026-02-27T14:55:00.000Z | 2026-02-27T15:44:29.998063Z |
| GCVE-1-2026-0018 |
6.5 (4.0)
|
Improper access control in MISP user contact form alloā¦ |
misp |
misp |
2026-02-27T13:25:32.632362Z | 2026-02-27T13:25:32.632362Z |
| GCVE-1-2026-0017 |
7.2 (4.0)
|
Improper Neutralization of Raw HTML in MISP modules Maā¦ |
misp |
misp-modules |
2026-02-27T13:10:24.641948Z | 2026-02-27T13:10:24.641948Z |
| GCVE-1-2026-0016 |
7 (4.0)
|
Server-Side Request Forgery via Event Report Import Frā¦ |
misp |
misp |
2026-02-27T10:56:32.745676Z | 2026-02-27T10:56:32.745676Z |
| GCVE-1-2026-0015 |
7.2 (4.0)
|
Threat actors use FortiCloud SSO bypass to collect LDAā¦ |
fortinet |
fortios |
2026-02-09T09:09:00.000Z | 2026-02-09T09:14:59.004089Z |
| GCVE-1-2026-0014 |
7.4 (4.0)
|
Missing Authorization Check Allows Unauthorized Modifiā¦ |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:32:14.341383Z | 2026-02-04T19:32:14.341383Z |
| GCVE-1-2026-0013 |
2.1 (4.0)
|
Flask Application Username Route Collision Allows Reseā¦ |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:27:00.000Z | 2026-02-04T19:32:49.787763Z |
| GCVE-1-2026-0012 |
2.1 (4.0)
|
Authentication Error Message Allows Email Address Enumā¦ |
vulnerability-lookup |
vulnerability-lookup |
2026-02-04T19:21:34.411344Z | 2026-02-04T19:21:34.411344Z |
| GCVE-1-2026-0011 |
8.7 (4.0)
|
Out-of-bounds memory write in the network packet ā¦ |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:37:00.000Z | 2026-01-29T14:39:17.728822Z |
| GCVE-1-2026-0010 |
9.3 (4.0)
|
Improper input validation in the file transfer haā¦ |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:33:18.822829Z | 2026-01-29T14:33:18.822829Z |
| GCVE-1-2026-0009 |
9.3 (4.0)
|
Stack-based buffer overflow in the multiplayer neā¦ |
EA Games |
Command & Conquer: Generals |
2026-01-29T14:30:38.596928Z | 2026-01-29T14:30:38.596928Z |
| GCVE-1-2026-0008 |
10 (4.0)
|
gpg-agent stack buffer overflow in pkdecrypt using KEM |
gnupg |
gpg-agent |
2026-01-28T13:48:12.350509Z | 2026-01-28T13:48:12.350509Z |
| GCVE-1-2026-0007 |
10 (4.0)
|
GNU InetUtils Security Advisory: remote authenticationā¦ |
gnu |
InetUtils |
2026-01-20T20:57:00.000Z | 2026-01-26T16:32:40.831364Z |
| GCVE-1-2026-0006 |
8.5 (4.0)
|
Improper Access Control in Cerebrate AuthKey and Encryā¦ |
cerebrate |
cerebrate |
2026-01-13T15:37:17.337254Z | 2026-01-13T15:37:17.337254Z |
| GCVE-1-2026-0005 |
8.5 (4.0)
|
Improper Access Control in Cerebrate Alignment Model Aā¦ |
cerebrate |
cerebrate |
2026-01-13T15:31:00.000Z | 2026-01-13T15:38:02.888546Z |
| GCVE-1-2026-0004 |
8.5 (4.0)
|
Authorization Bypass in Cerebrate IndividualsControlleā¦ |
cerebrate |
cerebrate |
2026-01-13T15:28:00.000Z | 2026-01-13T15:38:37.744618Z |
| GCVE-1-2026-0003 |
6.3 (4.0)
|
Stored/Reflected XSS via Unsanitized Parameters in URLā¦ |
misp |
misp |
2026-01-13T10:50:00.000Z | 2026-01-13T10:54:13.659223Z |
| GCVE-1-2026-0002 |
10 (4.0)
|
Heap-buffer-overflow in EXIF writer for extra IFD tags |
ffmpeg |
ffmpeg |
2026-01-02T19:50:00.000Z | 2026-01-02T20:05:27.269877Z |
| GCVE-1-2026-0001 |
N/A
|
Bundle reference to gpg.fail |
gnupg |
gnupg |
2026-01-02T10:20:00.000Z | 2026-01-02T13:31:14.359346Z |
| GCVE-1-2025-0041 |
6.4 (4.0)
|
[online services] Reflected Cross-Site Scripting (XSS)ā¦ |
typo3 |
typo3 |
2025-12-19T14:25:00.000Z | 2025-12-19T14:54:51.594645Z |
| GCVE-1-2025-0031 |
7.1 (4.0)
|
A cross-site scripting (XSS) vulnerability was identifā¦ |
misp |
misp |
2025-12-03T10:58:00.000Z | 2025-12-16T09:36:09.594750Z |
| GCVE-1-2025-0040 |
7.2 (4.0)
|
A cross-site scripting (XSS) vulnerability was idā¦ |
misp |
misp |
2025-12-13T08:44:32.378924Z | 2025-12-13T08:44:32.378924Z |
| GCVE-1-2025-0039 |
8.5 (4.0)
|
XSS Reintroduced in MISP Dashboard World Map Widget Duā¦ |
misp |
misp |
2025-12-10T14:33:52.856734Z | 2025-12-10T14:33:52.856734Z |
| GCVE-1-2025-0038 |
5 (4.0)
|
Reflected XSS in MISP Template Tag Removal and MISP Adā¦ |
misp |
misp |
2025-12-10T14:10:00.000Z | 2025-12-10T14:16:55.918270Z |