Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-31845
9.3 (4.0)
9.3 (3.1)
A reflected cross-site scripting (XSS) vulnerabil… Rukovoditel
 Rukovoditel CRM
 2026-04-11T18:26:46.481Z 2026-04-11T18:42:30.728Z
CVE-2026-5704
5 (3.1)
Tar: tar: hidden file injection via crafted archives Red Hat
 Red Hat Enterprise Linux 10
 2026-04-06T15:17:27.945Z 2026-04-11T18:09:35.974Z
CVE-2026-34933
5.5 (3.1)
Avahi: Reachable assertion in `transport_flags_from_do… avahi
 avahi
 2026-04-03T22:43:26.683Z 2026-04-11T18:09:34.774Z
CVE-2026-34621
9.6 (3.1)
Acrobat Reader | Improperly Controlled Modification of… Adobe
 Acrobat Reader
 2026-04-11T06:45:43.512Z 2026-04-11T17:06:40.544Z
CVE-2026-0966
6.5 (3.0)
Libssh: buffer underflow in ssh_get_hexa() on invalid input Red Hat
 Red Hat Enterprise Linux 10
 2026-03-26T20:06:28.313Z 2026-04-11T14:56:45.344Z
CVE-2026-0968
3.1 (3.0)
Libssh: libssh: denial of service due to malformed sft… Red Hat
 Red Hat Enterprise Linux 10
 2026-03-26T20:06:29.554Z 2026-04-11T14:51:51.891Z
CVE-2026-0967
2.2 (3.0)
Libssh: libssh: denial of service via inefficient regu… Red Hat
 Red Hat Enterprise Linux 10
 2026-03-26T20:06:30.707Z 2026-04-11T14:51:43.159Z
CVE-2026-0965
3.3 (3.0)
Libssh: libssh: denial of service via improper configu… Red Hat
 Red Hat Enterprise Linux 10
 2026-03-26T20:06:33.336Z 2026-04-11T14:51:43.182Z
CVE-2026-0964
5 (3.0)
Libssh: improper sanitation of paths received from scp… Red Hat
 Red Hat Enterprise Linux 10
 2026-03-26T20:06:28.871Z 2026-04-11T14:51:43.325Z
CVE-2026-35537
3.7 (3.1)
An issue was discovered in Roundcube Webmail befo… Roundcube
 Webmail
 2026-04-03T03:28:29.321Z 2026-04-11T14:12:39.387Z
CVE-2026-32146
6.2 (4.0)
Improper Path Validation in Git Dependency Handling Al… Gleam
 Gleam
 2026-04-11T12:59:22.911Z 2026-04-11T12:59:22.911Z
CVE-2026-23900
N/A
Extension - phoca.cz - Stored XSS vectors in Phoca Map… phoca.cz
 phoca.cz - Phoca Maps for Joomla
 2026-04-11T12:52:12.525Z 2026-04-11T12:52:12.525Z
CVE-2026-31408
N/A
Bluetooth: SCO: Fix use-after-free in sco_recv_frame()… Linux
 Linux
 2026-04-06T07:38:20.533Z 2026-04-11T12:45:48.733Z
CVE-2026-23414
N/A
tls: Purge async_hold in tls_decrypt_async_wait() Linux
 Linux
 2026-04-02T11:40:55.746Z 2026-04-11T12:45:47.634Z
CVE-2026-23401
N/A
KVM: x86/mmu: Drop/zap existing present SPTE even when… Linux
 Linux
 2026-04-01T08:36:32.367Z 2026-04-11T12:45:46.506Z
CVE-2026-23389
N/A
ice: Fix memory leak in ice_set_ringparam() Linux
 Linux
 2026-03-25T10:28:06.991Z 2026-04-11T12:45:45.418Z
CVE-2026-23360
N/A
nvme: fix admin queue leak on controller reset Linux
 Linux
 2026-03-25T10:27:43.892Z 2026-04-11T12:45:44.310Z
CVE-2025-71269
N/A
btrfs: do not free data reservation in fallback from i… Linux
 Linux
 2026-03-18T17:40:58.949Z 2026-04-11T12:45:43.200Z
CVE-2025-68265
N/A
nvme: fix admin request_queue lifetime Linux
 Linux
 2025-12-16T14:47:05.303Z 2026-04-11T12:45:42.048Z
CVE-2025-40242
N/A
gfs2: Fix unlikely race in gdlm_put_lock Linux
 Linux
 2025-12-04T15:31:31.497Z 2026-04-11T12:45:40.664Z
CVE-2025-39822
5.5 (3.1)
io_uring/kbuf: fix signedness in this_len calculation Linux
 Linux
 2025-09-16T13:00:21.533Z 2026-04-11T12:45:39.510Z
CVE-2025-39816
5.5 (3.1)
io_uring/kbuf: always use READ_ONCE() to read ring pro… Linux
 Linux
 2025-09-16T13:00:17.026Z 2026-04-11T12:45:38.325Z
CVE-2025-38710
N/A
gfs2: Validate i_depth for exhash directories Linux
 Linux
 2025-09-04T15:33:00.629Z 2026-04-11T12:45:37.195Z
CVE-2025-38303
N/A
Bluetooth: eir: Fix possible crashes on eir_create_adv_data Linux
 Linux
 2025-07-10T07:42:14.728Z 2026-04-11T12:45:36.082Z
CVE-2025-37980
N/A
block: fix resource leak in blk_register_queue() error path Linux
 Linux
 2025-05-20T16:58:22.720Z 2026-04-11T12:45:34.912Z
CVE-2025-37945
N/A
net: phy: allow MDIO bus PM ops to start/stop state ma… Linux
 Linux
 2025-05-20T15:58:20.841Z 2026-04-11T12:45:33.746Z
CVE-2024-47736
N/A
erofs: handle overlapped pclusters out of crafted imag… Linux
 Linux
 2024-10-21T12:14:06.530Z 2026-04-11T12:45:32.618Z
CVE-2024-27022
N/A
fork: defer linking file vma until vma is fully initialized Linux
 Linux
 2024-05-01T05:35:39.627Z 2026-04-11T12:45:31.515Z
CVE-2026-31410
N/A
ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION Linux
 Linux
 2026-04-06T07:38:21.876Z 2026-04-11T09:53:42.652Z
CVE-2026-31409
N/A
ksmbd: unset conn->binding on failed binding request Linux
 Linux
 2026-04-06T07:38:21.223Z 2026-04-11T09:53:40.522Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-5704
5 (3.1)
Tar: tar: hidden file injection via crafted archives Red Hat
 Red Hat Enterprise Linux 10
 2026-04-06T15:17:27.945Z 2026-04-11T18:09:35.974Z
CVE-2026-34933
5.5 (3.1)
Avahi: Reachable assertion in `transport_flags_from_do… avahi
 avahi
 2026-04-03T22:43:26.683Z 2026-04-11T18:09:34.774Z
CVE-2026-31845
9.3 (4.0)
9.3 (3.1)
A reflected cross-site scripting (XSS) vulnerabil… Rukovoditel
 Rukovoditel CRM
 2026-04-11T18:26:46.481Z 2026-04-11T18:42:30.728Z
CVE-2026-35537
3.7 (3.1)
An issue was discovered in Roundcube Webmail befo… Roundcube
 Webmail
 2026-04-03T03:28:29.321Z 2026-04-11T14:12:39.387Z
CVE-2026-32146
6.2 (4.0)
Improper Path Validation in Git Dependency Handling Al… Gleam
 Gleam
 2026-04-11T12:59:22.911Z 2026-04-11T12:59:22.911Z
CVE-2026-23900
N/A
Extension - phoca.cz - Stored XSS vectors in Phoca Map… phoca.cz
 phoca.cz - Phoca Maps for Joomla
 2026-04-11T12:52:12.525Z 2026-04-11T12:52:12.525Z
CVE-2026-31408
N/A
Bluetooth: SCO: Fix use-after-free in sco_recv_frame()… Linux
 Linux
 2026-04-06T07:38:20.533Z 2026-04-11T12:45:48.733Z
CVE-2026-23414
N/A
tls: Purge async_hold in tls_decrypt_async_wait() Linux
 Linux
 2026-04-02T11:40:55.746Z 2026-04-11T12:45:47.634Z
CVE-2026-23401
N/A
KVM: x86/mmu: Drop/zap existing present SPTE even when… Linux
 Linux
 2026-04-01T08:36:32.367Z 2026-04-11T12:45:46.506Z
CVE-2026-23389
N/A
ice: Fix memory leak in ice_set_ringparam() Linux
 Linux
 2026-03-25T10:28:06.991Z 2026-04-11T12:45:45.418Z
CVE-2026-23360
N/A
nvme: fix admin queue leak on controller reset Linux
 Linux
 2026-03-25T10:27:43.892Z 2026-04-11T12:45:44.310Z
CVE-2025-71269
N/A
btrfs: do not free data reservation in fallback from i… Linux
 Linux
 2026-03-18T17:40:58.949Z 2026-04-11T12:45:43.200Z
CVE-2025-68265
N/A
nvme: fix admin request_queue lifetime Linux
 Linux
 2025-12-16T14:47:05.303Z 2026-04-11T12:45:42.048Z
CVE-2025-40242
N/A
gfs2: Fix unlikely race in gdlm_put_lock Linux
 Linux
 2025-12-04T15:31:31.497Z 2026-04-11T12:45:40.664Z
CVE-2025-39816
5.5 (3.1)
io_uring/kbuf: always use READ_ONCE() to read ring pro… Linux
 Linux
 2025-09-16T13:00:17.026Z 2026-04-11T12:45:38.325Z
CVE-2025-38710
N/A
gfs2: Validate i_depth for exhash directories Linux
 Linux
 2025-09-04T15:33:00.629Z 2026-04-11T12:45:37.195Z
CVE-2025-38303
N/A
Bluetooth: eir: Fix possible crashes on eir_create_adv_data Linux
 Linux
 2025-07-10T07:42:14.728Z 2026-04-11T12:45:36.082Z
CVE-2025-37980
N/A
block: fix resource leak in blk_register_queue() error path Linux
 Linux
 2025-05-20T16:58:22.720Z 2026-04-11T12:45:34.912Z
CVE-2025-37945
N/A
net: phy: allow MDIO bus PM ops to start/stop state ma… Linux
 Linux
 2025-05-20T15:58:20.841Z 2026-04-11T12:45:33.746Z
CVE-2024-47736
N/A
erofs: handle overlapped pclusters out of crafted imag… Linux
 Linux
 2024-10-21T12:14:06.530Z 2026-04-11T12:45:32.618Z
CVE-2024-27022
N/A
fork: defer linking file vma until vma is fully initialized Linux
 Linux
 2024-05-01T05:35:39.627Z 2026-04-11T12:45:31.515Z
CVE-2026-5809
7.1 (3.1)
wpForo Forum <= 3.0.2 - Authenticated (Subscriber+) Ar… tomdever
 wpForo Forum
 2026-04-11T07:40:15.574Z 2026-04-11T07:40:15.574Z
CVE-2026-34621
9.6 (3.1)
Acrobat Reader | Improperly Controlled Modification of… Adobe
 Acrobat Reader
 2026-04-11T06:45:43.512Z 2026-04-11T17:06:40.544Z
CVE-2026-1502
5.7 (4.0)
HTTP client proxy tunnel headers not validated for CR/LF Python Software Foundation
 CPython
 2026-04-10T17:54:44.121Z 2026-04-11T04:39:26.099Z
CVE-2026-5876
6.5 (3.1)
Side-channel information leakage in Navigation in… Google
 Chrome
 2026-04-08T21:20:47.387Z 2026-04-11T03:03:31.034Z
CVE-2026-5875
4.3 (3.1)
Policy bypass in Blink in Google Chrome prior to … Google
 Chrome
 2026-04-08T21:20:46.990Z 2026-04-11T03:01:51.897Z
CVE-2026-5874
9.6 (3.1)
Use after free in PrivateAI in Google Chrome prio… Google
 Chrome
 2026-04-08T21:20:46.077Z 2026-04-11T02:59:10.879Z
CVE-2026-34080
6.8 (4.0)
xdg-dbus-proxy has an eavesdrop filter bypass allowing… flatpak
 xdg-dbus-proxy
 2026-04-07T20:57:57.931Z 2026-04-11T01:34:11.813Z
CVE-2026-5226
6.1 (3.1)
Optimole <= 4.2.3 - Reflected Cross-Site Scripting via… optimole
 Optimole – Optimize Images in Real Time
 2026-04-11T01:24:57.542Z 2026-04-11T01:24:57.542Z
CVE-2026-5217
7.2 (3.1)
Optimole <= 4.2.2 - Unauthenticated Stored Cross-Site … optimole
 Optimole – Optimize Images in Real Time
 2026-04-11T01:24:58.602Z 2026-04-11T01:24:58.602Z
ID Description Published Updated
fkie_cve-2026-39304 Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker… 2026-04-10T11:16:23.143 2026-04-10T11:16:23.143
fkie_cve-2026-31412 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_mass_storage: F… 2026-04-10T11:16:22.967 2026-04-10T11:16:22.967
fkie_cve-2025-66168 WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x relea… 2026-03-04T09:15:54.757 2026-04-10T11:16:21.590
fkie_cve-2026-6057 FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload … 2026-04-10T10:16:04.547 2026-04-10T10:16:04.547
fkie_cve-2026-6042 A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the… 2026-04-10T09:16:25.450 2026-04-10T10:16:04.277
fkie_cve-2026-4162 The Gravity SMTP plugin for WordPress is vulnerable to Missing Authorization in versions up to, and… 2026-04-10T10:16:04.120 2026-04-10T10:16:04.120
fkie_cve-2021-47961 A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows… 2026-04-10T10:16:03.913 2026-04-10T10:16:03.913
fkie_cve-2021-47960 A files or directories accessible to external parties vulnerability in Synology SSL VPN Client befo… 2026-04-10T10:16:02.853 2026-04-10T10:16:02.853
fkie_cve-2026-6038 A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impact… 2026-04-10T09:16:25.220 2026-04-10T09:16:25.220
fkie_cve-2026-6037 A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affect… 2026-04-10T09:16:25.000 2026-04-10T09:16:25.000
fkie_cve-2026-6036 A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted ele… 2026-04-10T09:16:24.787 2026-04-10T09:16:24.787
fkie_cve-2026-33457 Livestatus injection in the prediction graph page in Checkmk <2.5.0b4, <2.4.0p26, and <2.3.0p47 all… 2026-04-10T09:16:24.630 2026-04-10T09:16:24.630
fkie_cve-2026-33456 Livestatus injection in the notification test mode in Checkmk <2.5.0b4 and <2.4.0p26 allows an auth… 2026-04-10T09:16:24.493 2026-04-10T09:16:24.493
fkie_cve-2026-33455 Livestatus injection in the monitoring quicksearch in Checkmk <2.5.0b4 allows an authenticated atta… 2026-04-10T09:16:23.447 2026-04-10T09:16:23.447
fkie_cve-2026-6035 A vulnerability has been found in code-projects Vehicle Showroom Management System 1.0. The affecte… 2026-04-10T08:16:27.110 2026-04-10T08:16:27.110
fkie_cve-2026-6034 A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Impacted is an unkno… 2026-04-10T08:16:26.900 2026-04-10T08:16:26.900
fkie_cve-2026-6033 A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function o… 2026-04-10T08:16:26.690 2026-04-10T08:16:26.690
fkie_cve-2026-6032 A vulnerability was found in code-projects Simple Laundry System 1.0. This impacts an unknown funct… 2026-04-10T08:16:26.473 2026-04-10T08:16:26.473
fkie_cve-2026-6031 A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. This affects an unk… 2026-04-10T08:16:26.253 2026-04-10T08:16:26.253
fkie_cve-2026-5525 A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop hand… 2026-04-10T08:16:26.067 2026-04-10T08:16:26.067
fkie_cve-2026-40212 OpenStack Skyline before 5.0.1, 6.0.0, and 7.0.0 has a DOM-based Cross-Site Scripting (XSS) vulnera… 2026-04-10T08:16:25.850 2026-04-10T08:16:25.850
fkie_cve-2026-22750 When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl… 2026-04-10T08:16:24.787 2026-04-10T08:16:24.787
fkie_cve-2026-6030 A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is a… 2026-04-10T07:16:22.207 2026-04-10T07:16:22.207
fkie_cve-2026-6029 A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the … 2026-04-10T07:16:22.000 2026-04-10T07:16:22.000
fkie_cve-2026-6028 A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is th… 2026-04-10T07:16:21.790 2026-04-10T07:16:21.790
fkie_cve-2026-6027 A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the fun… 2026-04-10T07:16:21.583 2026-04-10T07:16:21.583
fkie_cve-2026-6026 A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability af… 2026-04-10T07:16:21.350 2026-04-10T07:16:21.350
fkie_cve-2026-4432 The YITH WooCommerce Wishlist WordPress plugin before 4.13.0 does not properly validate wishlist ow… 2026-04-10T07:16:21.237 2026-04-10T07:16:21.237
fkie_cve-2026-28704 Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL file is placed to the sam… 2026-04-10T07:16:21.023 2026-04-10T07:16:21.023
fkie_cve-2026-1115 A Stored Cross-Site Scripting (XSS) vulnerability was identified in the social feature of parisneo/… 2026-04-10T07:16:20.750 2026-04-10T07:16:20.750
ID Severity Description Published Updated
ghsa-jqqw-37x4-9rwj
5.0 (3.1)
A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious… 2026-04-06T18:33:08Z 2026-04-11T21:30:19Z
ghsa-hxff-cjjh-cmf4
9.3 (3.1)
9.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability exists in Rukovoditel CRM version 3.6.4 and ea… 2026-04-11T21:30:19Z 2026-04-11T21:30:19Z
ghsa-wqgp-m495-6968
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reserv… 2026-03-18T18:31:17Z 2026-04-11T15:30:24Z
ghsa-p4gj-pp28-43q4
Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.… 2026-04-11T15:30:24Z 2026-04-11T15:30:24Z
ghsa-mx2c-4m76-c7r4
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin queue leak on … 2026-03-25T12:30:23Z 2026-04-11T15:30:24Z
ghsa-c47v-8m9c-7hhr
5.5 (3.1)
In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate i_depth for exh… 2025-09-05T18:31:16Z 2026-04-11T15:30:24Z
ghsa-8fgp-q3pf-q3rh
In the Linux kernel, the following vulnerability has been resolved: tls: Purge async_hold in tls_d… 2026-04-02T12:31:05Z 2026-04-11T15:30:24Z
ghsa-82h6-xw4j-pq2m
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-… 2026-04-06T09:31:42Z 2026-04-11T15:30:24Z
ghsa-57pg-f379-59c5
5.5 (3.1)
In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: always use READ… 2025-09-16T15:32:35Z 2026-04-11T15:30:24Z
ghsa-4r22-fj9f-vv8r
In the Linux kernel, the following vulnerability has been resolved: ice: Fix memory leak in ice_se… 2026-03-25T12:30:24Z 2026-04-11T15:30:24Z
ghsa-4g8j-hwjq-h8fr
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdl… 2025-12-04T18:30:52Z 2026-04-11T15:30:24Z
ghsa-2rf6-4xf4-32wc
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin request_queue … 2025-12-16T15:30:47Z 2026-04-11T15:30:24Z
ghsa-2g4m-3wvw-crq2
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existin… 2026-04-01T09:31:27Z 2026-04-11T15:30:24Z
ghsa-x689-8m9r-8332
5.5 (3.1)
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM op… 2025-05-20T18:30:56Z 2026-04-11T15:30:23Z
ghsa-rvcc-g859-q9qh
7.8 (3.1)
In the Linux kernel, the following vulnerability has been resolved: fork: defer linking file vma u… 2024-05-01T06:31:43Z 2026-04-11T15:30:23Z
ghsa-fh88-v2mj-cp79
5.5 (3.1)
In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclus… 2024-10-21T15:32:26Z 2026-04-11T15:30:23Z
ghsa-87cq-2fcr-7xh3
5.5 (3.1)
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix possible c… 2025-07-10T09:32:30Z 2026-04-11T15:30:23Z
ghsa-3hqw-p326-56f7
5.5 (3.1)
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in bl… 2025-05-20T18:30:58Z 2026-04-11T15:30:23Z
ghsa-vcqh-932g-m3qj
9.6 (3.1)
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Contro… 2026-04-11T09:30:27Z 2026-04-11T09:30:27Z
ghsa-32mm-8hwv-mvwg
7.1 (3.1)
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to an… 2026-04-11T09:30:27Z 2026-04-11T09:30:27Z
ghsa-hjxq-7w9q-2jw6
5.7 (4.0)
CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host. 2026-04-10T18:31:20Z 2026-04-11T06:31:14Z
ghsa-9wcm-fcg4-668c
6.5 (3.1)
Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a re… 2026-04-09T00:31:59Z 2026-04-11T06:31:14Z
ghsa-gxc3-xj8w-g58j
9.6 (3.1)
Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who c… 2026-04-09T00:31:59Z 2026-04-11T06:31:13Z
ghsa-32x4-hg4x-w43c
4.3 (3.1)
Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform… 2026-04-09T00:31:59Z 2026-04-11T06:31:13Z
ghsa-x955-p5cf-56m4
7.8 (3.1)
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnera… 2026-04-11T03:30:30Z 2026-04-11T03:30:30Z
ghsa-x742-r3m3-mw53
7.8 (3.1)
Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnera… 2026-04-11T03:30:30Z 2026-04-11T03:30:30Z
ghsa-vg79-f5m5-mw2x
7.8 (3.1)
Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerabilit… 2026-04-11T03:30:30Z 2026-04-11T03:30:30Z
ghsa-rr9p-8245-3f99
7.8 (3.1)
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerab… 2026-04-11T03:30:30Z 2026-04-11T03:30:30Z
ghsa-rmxh-6c8g-3v9r
6.4 (3.1)
The GreenShift - Animation and Page Builder Blocks plugin for WordPress is vulnerable to Stored Cro… 2026-04-11T03:30:30Z 2026-04-11T03:30:30Z
ghsa-qj44-r97p-27pf
6.5 (3.1)
The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all … 2026-04-11T03:30:30Z 2026-04-11T03:30:30Z
ID Severity Description Package Published Updated
pysec-2026-3
After an API token exposure from an exploited Trivy dependency, two new releases of `teln… telnyx 2026-03-27T14:53:14Z
pysec-2026-2
After an API Token exposure from an exploited Trivy dependency, two new releases of `lite… litellm 2026-03-24T15:35:32Z
pysec-2024-85
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.848846Z
pysec-2024-84
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.756762Z
pysec-2024-83
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.662671Z
pysec-2024-82
8.8 (3.1)
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.563380Z
pysec-2023-278
5.3 (3.1)
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… mindsdb 2023-12-11T21:15:00Z 2026-03-03T16:29:37.448520Z
pysec-2023-121
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… zstd 2023-03-31T20:15:00+00:00 2026-02-25T19:20:58+00:00
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious version… dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2020-220
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… ansible 2020-10-05T14:15:00Z 2025-10-31T04:43:53.616247Z
pysec-2025-72
The `num2words` project was compromised via a phishing attack and two new versions were u… num2words 2025-07-31T14:34:47+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2024-259
9.8 (3.1)
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… torch 2024-10-29T21:15:04+00:00 2025-07-16T03:09:57.748865+00:00
pysec-2024-258
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… scrapy 2024-05-20T08:15:08+00:00 2025-07-15T17:37:50.051730+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2024-257
7.5 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-03-22T23:15:07+00:00 2025-06-30T15:23:50.085549+00:00
pysec-2025-58
8.8 (3.1)
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… vllm 2025-01-27T18:15:41+00:00 2025-06-27T21:22:36.583615+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
ID Description Updated
gsd-2024-33903 In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… 2024-04-29T05:02:07.295775Z
gsd-2024-33902 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.486429Z
gsd-2024-33901 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.525896Z
gsd-2024-33900 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.290639Z
gsd-2024-33899 RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… 2024-04-29T05:02:07.400574Z
gsd-2024-33898 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287632Z
gsd-2024-33897 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.283756Z
gsd-2024-33896 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.313250Z
gsd-2024-33895 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.493081Z
gsd-2024-33894 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.488420Z
gsd-2024-33893 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.381761Z
gsd-2024-33892 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.378170Z
gsd-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… 2024-04-29T05:02:07.412035Z
gsd-2024-33890 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.344384Z
gsd-2024-33889 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.392587Z
gsd-2024-33888 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.468423Z
gsd-2024-33887 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.503613Z
gsd-2024-33886 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287167Z
gsd-2024-33885 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.441746Z
gsd-2024-33884 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.534455Z
gsd-2024-33883 The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… 2024-04-29T05:02:07.271727Z
gsd-2024-4303 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.716348Z
gsd-2024-4302 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.603637Z
gsd-2024-4301 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.678292Z
gsd-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… 2024-04-29T05:02:05.715239Z
gsd-2024-4299 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… 2024-04-29T05:02:05.606402Z
gsd-2024-4298 The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… 2024-04-29T05:02:05.598531Z
gsd-2024-4297 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… 2024-04-29T05:02:05.700888Z
gsd-2024-4296 The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… 2024-04-29T05:02:05.621428Z
gsd-2024-33882 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.803998Z
ID Description Published Updated
mal-2026-2562 Malicious code in robase-fallback (PyPI) 2026-04-11T20:26:50Z 2026-04-11T20:33:01Z
mal-2026-2563 Malicious code in robase-installer (PyPI) 2026-04-11T20:04:56Z 2026-04-11T20:05:11Z
mal-2026-2560 Malicious code in @b2b-portal/uch (npm) 2026-04-11T17:55:17Z 2026-04-11T17:55:17Z
mal-2026-2561 Malicious code in robase-help (PyPI) 2026-04-11T17:14:47Z 2026-04-11T17:14:48Z
mal-2026-2559 Malicious code in databasesupalake (PyPI) 2026-04-11T17:07:46Z 2026-04-11T17:07:46Z
mal-2026-2556 Malicious code in api-analysis (PyPI) 2026-04-11T14:18:43Z 2026-04-11T14:19:01Z
mal-2026-2558 Malicious code in robase-utils (PyPI) 2026-04-11T14:15:49Z 2026-04-11T14:15:49Z
mal-2026-2557 Malicious code in databasesupasafe (PyPI) 2026-04-11T14:13:54Z 2026-04-11T14:13:54Z
mal-2026-2555 Malicious code in api-feature (PyPI) 2026-04-11T14:04:25Z 2026-04-11T14:04:25Z
mal-2026-2551 Malicious code in paysafe-card-payments (npm) 2026-04-11T09:40:44Z 2026-04-11T09:40:44Z
mal-2026-2550 Malicious code in paysafe-apple-pay (npm) 2026-04-11T09:33:48Z 2026-04-11T09:33:48Z
mal-2026-2552 Malicious code in paysafe-google-pay (npm) 2026-04-11T09:20:48Z 2026-04-11T09:20:48Z
mal-2026-2554 Malicious code in paysafe-venmo (npm) 2026-04-11T09:20:42Z 2026-04-11T09:20:42Z
mal-2026-2553 Malicious code in paysafe-payments-sdk-common (npm) 2026-04-11T09:20:41Z 2026-04-11T09:20:41Z
mal-2026-2549 Malicious code in python-aickerso (PyPI) 2026-04-11T08:20:30Z 2026-04-11T08:49:58Z
mal-2026-2548 Malicious code in ks-hex2pcap (PyPI) 2026-04-11T08:22:32Z 2026-04-11T08:49:58Z
mal-2026-2547 Malicious code in ixosmonitoring (PyPI) 2026-04-11T08:30:32Z 2026-04-11T08:49:58Z
mal-2026-2546 Malicious code in hex2pcap (PyPI) 2026-04-11T08:16:27Z 2026-04-11T08:49:58Z
mal-2026-2545 Malicious code in @sap-px/pxapi (npm) 2026-04-11T04:45:40Z 2026-04-11T04:45:40Z
mal-2026-2512 Malicious code in roboat-utils (PyPI) 2026-04-08T09:50:08Z 2026-04-10T21:49:20Z
mal-2026-2502 Malicious code in databasenaps (PyPI) 2026-04-07T04:39:13Z 2026-04-10T21:49:20Z
mal-2026-2501 Malicious code in databaselooks (PyPI) 2026-04-07T04:00:02Z 2026-04-10T21:49:20Z
mal-2026-2494 Malicious code in databasetapes (PyPI) 2026-04-05T19:35:23Z 2026-04-10T21:49:20Z
mal-2026-2490 Malicious code in databaserotacos (PyPI) 2026-04-04T22:03:00Z 2026-04-10T21:49:20Z
mal-2026-2489 Malicious code in databaserobooms (PyPI) 2026-04-04T22:24:16Z 2026-04-10T21:49:20Z
mal-2026-2433 Malicious code in pycolorlib3 (PyPI) 2026-04-02T20:38:16Z 2026-04-10T21:49:20Z
mal-2026-2305 Malicious code in databaseroboats (PyPI) 2026-03-30T20:21:21Z 2026-04-10T21:49:20Z
mal-2026-2295 Malicious code in databaseroboat (PyPI) 2026-03-29T20:12:48Z 2026-04-10T21:49:20Z
mal-2026-2289 Malicious code in database-roblox (PyPI) 2026-03-29T12:15:48Z 2026-04-10T21:49:20Z
mal-2026-2281 Malicious code in roboats-addition (PyPI) 2026-03-28T20:17:03Z 2026-04-10T21:49:20Z
ID Description Published Updated
7paa023732 System 800xA affected by 3rd party component vulnerabilities 2026-03-31T00:30:00.000Z 2026-03-31T00:30:00.000Z
4hzm000604 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) 2026-03-26T00:30:00.000Z 2026-03-26T00:30:00.000Z
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ​​PVI​ ​​Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ​B&R PCs vulnerable to PixieFail attack​ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
ID Description Published Updated
wid-sec-w-2026-1036 OpenCTI: Schwachstelle ermöglicht Codeausführung 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1027 LangChain: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1023 libpng: Schwachstelle ermöglicht Offenlegung von Informationen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1022 Juniper Patchday April 2026: Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1020 Intel Prozessoren (Pentium Silver Series, Celeron J Series, und Celeron N series): Schwachstelle ermöglicht Privilegieneskalation 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1012 SonicWall SMA1000 : Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1006 Golang Go: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1002 Django: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0997 Mozilla Firefox und Thunderbird: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0995 OpenSSL: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0967 Red Hat Enterprise Linux (fontforge): Schwachstelle ermöglicht Codeausführung 2026-04-06T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0966 Red Hat Enterprise Linux (crun): Schwachstelle ermöglicht Privilegieneskalation 2026-04-06T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0950 Linux Kernel: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0939 cPanel cPanel/WHM (perl-YAML-Syck): Schwachstelle ermöglicht Codeausführung und DoS 2026-03-31T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0888 tigervnc: Schwachstelle ermöglicht Offenlegung von Informationen, Manipulation von Dateien, und Denial of Service 2026-03-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0887 Internet Systems Consortium Kea: Schwachstelle ermöglicht Denial of Service 2026-03-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0884 OpenClaw: Mehrere Schwachstellen 2026-03-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0875 Red Hat Enterprise Linux (ncurses): Schwachstelle ermöglicht Codeausführung 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0870 libpng: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0863 Internet Systems Consortium BIND: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0860 NGINX und NGINX Plus: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0856 OpenClaw: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0850 Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0843 Node.js: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0824 Python: Schwachstelle ermöglicht Codeausführung 2026-03-22T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0790 Linux Kernel: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0769 Red Hat Enterprise Linux (capstone) und OpenShift (rhcos): Mehrere Schwachstellen 2026-03-17T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0733 libexpat: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-15T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0729 OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-15T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0725 FreeRDP: Mehrere Schwachstellen 2026-03-12T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
ID Description Published Updated
icsa-26-099-02 GPL Odorizers GPL750 2026-04-09T06:00:00.000000Z 2026-04-09T06:00:00.000000Z
icsa-26-099-01 Contemporary Controls BASC 20T 2026-04-09T06:00:00.000000Z 2026-04-09T06:00:00.000000Z
icsa-25-345-10 OpenPLC_V3 (Update A) 2025-12-11T07:00:00.000000Z 2026-04-09T06:00:00.000000Z
va-26-097-02 IBM Maximo Application Suite Sensitive Tokens without 'Secure' Attribute 2026-04-07T20:51:13Z 2026-04-07T20:51:13Z
va-26-097-01 Thales Sentinel LDK Runtime Stored XSS 2026-04-07T20:50:15Z 2026-04-07T20:50:15Z
icsa-26-097-01 Mitsubishi Electric GENESIS64 and ICONICS Suite products 2026-04-07T00:00:00.000000Z 2026-04-07T06:00:00.000000Z
icsa-24-338-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C) 2024-12-03T00:00:00.000000Z 2026-04-07T06:00:00.000000Z
icsa-24-184-03 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D) 2024-07-02T06:00:00.000000Z 2026-04-07T06:00:00.000000Z
icsa-25-217-01 Mitsubishi Electric Iconics Digital Solutions Multiple Products (Update B) 2025-08-05T05:00:00.000000Z 2026-04-07T05:00:00.000000Z
icsa-25-140-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update F) 2025-05-20T04:00:00.000000Z 2026-04-07T05:00:00.000000Z
va-26-092-01 Bentley Systems iTwin Platform exposed access token 2026-04-02T17:11:43Z 2026-04-02T17:11:43Z
va-26-092-02 Zscaler Client Connector hard-coded proxy configuration domain 2026-04-02T13:54:30Z 2026-04-02T13:54:30Z
icsa-26-092-03 Hitachi Energy Ellipse 2026-02-24T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-092-02 Yokogawa CENTUM VP 2026-04-02T06:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-092-01 Siemens SICAM 8 Products 2026-03-26T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-25-037-02 Schneider Electric EcoStruxure (Update D) 2025-01-14T07:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-055-03 Gardyn Home Kit (Update A) 2026-02-24T06:00:00.000000Z 2026-04-02T05:00:00.000000Z
va-26-084-01 Nanoleaf Lines unauthenticated firmware file store 2026-03-25T00:00:00Z 2026-04-02T00:00:00Z
icsa-26-090-02 PX4 Autopilot 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-26-090-01 Anritsu Remote Spectrum Monitor 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-24-324-01 Mitsubishi Electric MELSEC iQ-F Series (Update A) 2024-11-19T00:00:00.000Z 2026-03-31T00:00:00.000000Z
icsma-26-083-01 Grassroots DICOM (GDCM) 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsma-25-364-01 WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) 2025-12-30T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-03 "Schneider Electric Plant iT/Brewmaxx" 2026-01-13T08:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-02 Schneider Electric EcoStruxure Foxboro DCS 2026-03-10T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-01 Pharos Controls Mosaic Show Controller 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-05 Mitsubishi Electric CNC Series 2026-03-10T00:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
ID Description Published Updated
cisco-sa-iosxe-mntc-dos-lzweqcyq Cisco IOS XE Software Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-04-02T19:43:54+00:00
cisco-sa-ssm-cli-execution-chucwunr Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-ndi-afw-rjurc5dz Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-ssrf-naen4o7r Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-cbid-5yqkoshu Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-epnm-improp-auth-muwfwuu3 Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cssm-priv-esc-xranouo8 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cimc-cmd-inj-3hkn3bvt Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cimc-auth-bypass-agg2bxtn Cisco Integrated Management Controller Authentication Bypass Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-ndfc-cmdinj-uvyzrkfr Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability 2024-10-02T16:00:00+00:00 2026-03-31T18:47:53+00:00
cisco-sa-xe-secureboot-bypass-b6uyxysz Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-wlc-dos-hnx5kgom Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-vmanage-xss-zqkhp9w9 Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-scp-dos-duadxtcg Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-xss-lpgkzwtj Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-crlf-nvgktkjz Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe_infodis-6j847ueb Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-tls-dos-tvgldezl Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-lobby-privesc-kwxbqjy Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-ios-http-dos-sbv8xrpl Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-bootp-wubhnbxa Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-asa-ftd-ios-dos-kpepqggk Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-fmc-rce-nkhnuljh Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 2026-03-04T16:00:00+00:00 2026-03-25T14:21:24+00:00
cisco-sa-sdwan-authbp-qwcx8d4v Cisco Catalyst SD-WAN Vulnerabilities 2026-02-25T16:00:00+00:00 2026-03-18T01:06:38+00:00
cisco-sa-xrncs-epni-int-dos-twmffusn Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-isis-dos-kdmxpszk Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-iosxr-privesc-bf8d5u4w Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-cc-xss-mrnah5jh Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-fmc-sql-inject-2enmtc8v Cisco Secure Firewall Management Center Software SQL Injection Vulnerability 2024-10-23T16:00:00+00:00 2026-03-04T16:11:01+00:00
cisco-sa-asaftd-cmd-inj-zjv8wysm Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability 2024-04-24T16:00:00+00:00 2026-03-04T16:10:59+00:00
ID Description Published Updated
msrc_cve-2026-39881 Vim Ex command injection in Vims NetBeans integration 2026-04-02T00:00:00.000Z 2026-04-11T01:40:57.000Z
msrc_cve-2026-40024 Sleuth Kit tsk_recover Path Traversal 2026-04-02T00:00:00.000Z 2026-04-11T01:40:50.000Z
msrc_cve-2026-40025 Sleuth Kit APFS Keybag Parser Out-of-Bounds Read 2026-04-02T00:00:00.000Z 2026-04-11T01:40:44.000Z
msrc_cve-2026-40026 Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read 2026-04-02T00:00:00.000Z 2026-04-11T01:40:37.000Z
msrc_cve-2026-34743 XZ Utils: Buffer overflow in lzma_index_append() 2026-04-02T00:00:00.000Z 2026-04-11T01:40:16.000Z
msrc_cve-2026-35535 CVE-2026-35535 2026-04-02T00:00:00.000Z 2026-04-11T01:40:10.000Z
msrc_cve-2026-35385 CVE-2026-35385 2026-04-02T00:00:00.000Z 2026-04-11T01:40:03.000Z
msrc_cve-2026-35386 CVE-2026-35386 2026-04-02T00:00:00.000Z 2026-04-11T01:39:56.000Z
msrc_cve-2026-35388 CVE-2026-35388 2026-04-02T00:00:00.000Z 2026-04-11T01:39:45.000Z
msrc_cve-2026-4878 Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() 2026-04-02T00:00:00.000Z 2026-04-11T01:10:27.000Z
msrc_cve-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 2026-04-02T00:00:00.000Z 2026-04-11T01:10:17.000Z
msrc_cve-2026-27140 Code execution vulnerability in SWIG code generation in cmd/go 2026-04-02T00:00:00.000Z 2026-04-11T01:10:08.000Z
msrc_cve-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile 2026-04-02T00:00:00.000Z 2026-04-11T01:09:42.000Z
msrc_cve-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix 2026-04-02T00:00:00.000Z 2026-04-11T01:09:15.000Z
msrc_cve-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile 2026-04-02T00:00:00.000Z 2026-04-11T01:08:48.000Z
msrc_cve-2026-32280 Unexpected work during chain building in crypto/x509 2026-04-02T00:00:00.000Z 2026-04-11T01:08:24.000Z
msrc_cve-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls 2026-04-02T00:00:00.000Z 2026-04-11T01:07:52.000Z
msrc_cve-2026-32289 JsBraceDepth Context Tracking Bugs (XSS) in html/template 2026-04-02T00:00:00.000Z 2026-04-11T01:07:20.000Z
msrc_cve-2026-32281 Inefficient policy validation in crypto/x509 2026-04-02T00:00:00.000Z 2026-04-11T01:06:47.000Z
msrc_cve-2026-32288 Unbounded allocation for old GNU sparse in archive/tar 2026-04-02T00:00:00.000Z 2026-04-11T01:06:16.000Z
msrc_cve-2026-31789 Heap Buffer Overflow in Hexadecimal Conversion 2026-04-02T00:00:00.000Z 2026-04-11T01:05:12.000Z
msrc_cve-2026-28388 NULL Pointer Dereference When Processing a Delta CRL 2026-04-02T00:00:00.000Z 2026-04-11T01:04:53.000Z
msrc_cve-2026-28387 Potential Use-after-free in DANE Client Code 2026-04-02T00:00:00.000Z 2026-04-11T01:04:19.000Z
msrc_cve-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) 2026-04-02T00:00:00.000Z 2026-04-11T01:03:43.000Z
msrc_cve-2026-39882 OpenTelemetry-Go OTLP HTTP exporters read unbounded HTTP response bodies 2026-04-02T00:00:00.000Z 2026-04-11T01:03:08.000Z
msrc_cve-2026-28390 Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo 2026-04-02T00:00:00.000Z 2026-04-11T01:02:31.000Z
msrc_cve-2026-28389 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo 2026-04-02T00:00:00.000Z 2026-04-11T01:02:05.000Z
msrc_cve-2026-35611 Addressable has a Regular Expression Denial of Service in Addressable templates 2026-04-02T00:00:00.000Z 2026-04-11T01:01:39.000Z
msrc_cve-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver 2026-04-02T00:00:00.000Z 2026-04-11T01:01:30.000Z
msrc_cve-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer 2026-04-02T00:00:00.000Z 2026-04-11T01:01:21.000Z
ID Description Published Updated
ncsc-2026-0110 Kwetsbaarheid verholpen in Cisco Smart Software Manager On-Prem 2026-04-10T14:28:58.703642Z 2026-04-10T14:28:58.703642Z
ncsc-2026-0109 Kwetsbaarheden verholpen in Synology SSL VPN Client 2026-04-10T12:11:00.859799Z 2026-04-10T12:11:00.859799Z
ncsc-2026-0108 Kwetsbaarheid verholpen in Juniper Networks Junos OS Evolved 2026-04-10T12:06:13.479822Z 2026-04-10T12:06:13.479822Z
ncsc-2026-0107 Kwetsbaarheid verholpen in FortiClient EMS van Fortinet 2026-04-04T13:49:19.002116Z 2026-04-04T13:49:19.002116Z
ncsc-2026-0106 Kwetsbaarheden verholpen in Cisco Integrated Management Controller 2026-04-03T10:34:46.145536Z 2026-04-03T10:34:46.145536Z
ncsc-2026-0105 Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights 2026-04-03T08:20:48.187725Z 2026-04-03T08:20:48.187725Z
ncsc-2026-0047 Kwetsbaarheid verholpen in Fortinet FortiClient EMS 2026-02-09T10:16:18.048622Z 2026-03-30T11:36:22.656910Z
ncsc-2025-0319 Kwetsbaarheden verholpen in F5 Networks BIG-IP, F5OS en NGINX App Protect WAF 2025-10-15T15:21:14.871532Z 2026-03-27T18:09:03.259108Z
ncsc-2026-0104 Kwetsbaarheden verholpen in Cisco IOS XE Software 2026-03-26T09:50:03.269095Z 2026-03-26T09:50:03.269095Z
ncsc-2026-0103 Kwetsbaarheden verholpen in GitLab 2026-03-26T09:48:10.874427Z 2026-03-26T09:48:10.874427Z
ncsc-2026-0102 Kwetsbaarheden verholpen in Apple macOS 2026-03-25T14:15:56.073353Z 2026-03-25T14:15:56.073353Z
ncsc-2026-0101 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-25T14:02:07.392994Z 2026-03-25T14:02:07.392994Z
ncsc-2026-0100 Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway 2026-03-23T13:43:30.957806Z 2026-03-23T13:43:30.957806Z
ncsc-2026-0099 Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager 2026-03-20T15:56:12.716324Z 2026-03-20T15:56:12.716324Z
ncsc-2026-0010 Kwetsbaarheden verholpen in Microsoft Office 2026-01-13T19:18:45.984019Z 2026-03-20T14:03:59.225773Z
ncsc-2026-0076 Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center 2026-03-04T20:49:12.211658Z 2026-03-19T11:48:18.917205Z
ncsc-2026-0098 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-13T08:41:19.155490Z 2026-03-13T08:41:19.155490Z
ncsc-2026-0097 Kwetsbaarheden verholpen in Google Chrome 2026-03-13T08:33:43.877125Z 2026-03-13T08:33:43.877125Z
ncsc-2026-0096 Kwetsbaarheden verholpen in Veeam Backup & Replication 2026-03-12T14:54:08.200676Z 2026-03-12T14:54:08.200676Z
ncsc-2026-0095 Kwetsbaarheid verholpen in pac4j-jwt 2026-03-12T14:45:51.156512Z 2026-03-12T14:45:51.156512Z
ncsc-2026-0094 Kwetsbaarheden verholpen in Cisco IOS XR 2026-03-12T14:44:08.106602Z 2026-03-12T14:44:08.106602Z
ncsc-2026-0093 Kwetsbaarheden verholpen in GitLab 2026-03-12T14:42:46.936248Z 2026-03-12T14:42:46.936248Z
ncsc-2026-0092 Kwetsbaarheden verholpen in Fortinet FortiWeb 2026-03-12T07:46:15.529522Z 2026-03-12T07:46:15.529522Z
ncsc-2026-0091 Kwetsbaarheden verholpen in SAP-producten 2026-03-12T07:24:16.575638Z 2026-03-12T07:24:16.575638Z
ncsc-2026-0090 Kwetsbaarheden verholpen in Adobe Experience Manager 2026-03-12T07:12:51.952931Z 2026-03-12T07:12:51.952931Z
ncsc-2026-0089 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2026-03-12T07:03:24.148324Z 2026-03-12T07:03:24.148324Z
ncsc-2026-0088 Kwetsbaarheden verholpen in Adobe Illustrator 2026-03-12T06:55:39.712240Z 2026-03-12T06:55:39.712240Z
ncsc-2026-0087 Kwetsbaarheden verholpen in Adobe Commerce 2026-03-12T06:49:56.459199Z 2026-03-12T06:49:56.459199Z
ncsc-2026-0086 Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer 2026-03-11T09:19:38.777277Z 2026-03-11T09:19:38.777277Z
ncsc-2026-0085 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-03-10T20:35:10.478398Z 2026-03-10T20:35:10.478398Z
ID Description Published Updated
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10522-1 python315-3.15.0~a8-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10521-1 python312-3.12.13-5.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10520-1 python310-3.10.20-4.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10519-1 glances-common-4.5.3-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10518-1 python311-Flask-HTTPAuth-4.8.1-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10517-1 python313-Django6-6.0.4-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10516-1 python311-Django4-4.2.30-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10515-1 libprotobuf-lite34_1_0-32bit-34.1-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10514-1 go1.25-1.25.9-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10513-1 fontforge-20251009-6.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10512-1 aws-c-event-stream-devel-0.7.0-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:10511-1 MozillaFirefox-149.0.2-1.1 on GA media 2026-04-09T00:00:00Z 2026-04-09T00:00:00Z
opensuse-su-2026:20477-1 Security update for aws-c-event-stream 2026-04-08T13:03:50Z 2026-04-08T13:03:50Z
opensuse-su-2026:10510-1 sudo-1.9.17p2-2.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10509-1 steampipe-2.4.1-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10508-1 ruby4.0-rubygem-rack-2.2-2.2.23-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10507-1 python311-lupa-2.7-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10506-1 jupyter-jupyterlab-templates-0.5.3-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10505-1 libIex-3_4-33-3.4.9-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10504-1 corepack24-24.14.1-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10503-1 firefox-esr-140.9.1-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10502-1 dcmtk-3.7.0-2.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10501-1 MozillaThunderbird-140.9.1-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:10500-1 389-ds-3.1.4+e2562f589-1.1 on GA media 2026-04-08T00:00:00Z 2026-04-08T00:00:00Z
opensuse-su-2026:20476-1 Security update for mapserver 2026-04-07T15:33:59Z 2026-04-07T15:33:59Z
opensuse-su-2026:20471-1 Security update for systemd 2026-04-07T15:17:05Z 2026-04-07T15:17:05Z
opensuse-su-2026:20472-1 Security update for tar 2026-04-07T14:58:07Z 2026-04-07T14:58:07Z
opensuse-su-2026:20470-1 Security update for libtasn1 2026-04-07T14:33:05Z 2026-04-07T14:33:05Z
opensuse-su-2026:20469-1 Security update for cockpit-packages 2026-04-07T13:03:46Z 2026-04-07T13:03:46Z
opensuse-su-2026:20465-1 Security update for tigervnc 2026-04-07T12:21:55Z 2026-04-07T12:21:55Z
ID Description Published Updated
oxdc-adv-2026-0001 OX Dovecot Security Advisory OXDC-ADV-2026-0001 2026-03-27T00:00:00+00:00 2026-03-27T00:00:00+00:00
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2016:2133 Red Hat Security Advisory: kernel security update 2016-11-01T10:58:08+00:00 2026-04-11T22:06:40+00:00
rhsa-2017:0372 Red Hat Security Advisory: kernel-aarch64 security and bug fix update 2017-03-02T17:04:41+00:00 2026-04-11T22:06:36+00:00
rhsa-2016:2132 Red Hat Security Advisory: kernel security and bug fix update 2016-11-01T13:24:02+00:00 2026-04-11T22:06:36+00:00
rhsa-2016:2124 Red Hat Security Advisory: kernel security and bug fix update 2016-10-28T09:28:10+00:00 2026-04-11T22:06:36+00:00
rhsa-2016:2128 Red Hat Security Advisory: kernel security and enhancement update 2016-10-31T16:01:35+00:00 2026-04-11T22:06:35+00:00
rhsa-2016:2127 Red Hat Security Advisory: kernel security update 2016-10-31T11:29:55+00:00 2026-04-11T22:06:35+00:00
rhsa-2016:2126 Red Hat Security Advisory: kernel security update 2016-10-31T11:30:06+00:00 2026-04-11T22:06:35+00:00
rhsa-2016:2120 Red Hat Security Advisory: kernel security update 2016-10-27T09:08:14+00:00 2026-04-11T22:06:33+00:00
rhsa-2016:2118 Red Hat Security Advisory: kernel security update 2016-10-26T18:43:44+00:00 2026-04-11T22:06:32+00:00
rhsa-2016:2110 Red Hat Security Advisory: kernel-rt security update 2016-10-26T12:21:02+00:00 2026-04-11T22:06:32+00:00
rhsa-2016:2107 Red Hat Security Advisory: kernel-rt security update 2016-10-26T10:47:33+00:00 2026-04-11T22:06:32+00:00
rhsa-2016:2106 Red Hat Security Advisory: kernel security update 2016-10-26T09:07:07+00:00 2026-04-11T22:06:32+00:00
rhsa-2016:2105 Red Hat Security Advisory: kernel security update 2016-10-26T11:42:28+00:00 2026-04-11T22:06:32+00:00
rhsa-2016:2098 Red Hat Security Advisory: kernel security update 2016-10-24T13:31:27+00:00 2026-04-11T22:06:32+00:00
rhsa-2026:6568 Red Hat Security Advisory: Red Hat Quay 3.15.4 2026-04-03T22:07:28+00:00 2026-04-11T20:05:47+00:00
rhsa-2026:6564 Red Hat Security Advisory: OpenShift Container Platform 4.20.18 bug fix and security update 2026-04-09T13:13:19+00:00 2026-04-11T20:05:46+00:00
rhsa-2026:0722 Red Hat Security Advisory: multicluster engine for Kubernetes v2.8.4 security update 2026-01-15T17:23:06+00:00 2026-04-11T20:04:25+00:00
rhsa-2025:4204 Red Hat Security Advisory: OpenShift Container Platform 4.17.27 bug fix and security update 2025-04-30T03:47:47+00:00 2026-04-11T20:03:38+00:00
rhsa-2025:9776 Red Hat Security Advisory: New RHCS 8.1 container image is now available in the Red Hat Ecosystem Catalog. 2025-06-26T12:12:44+00:00 2026-04-11T19:44:39+00:00
rhsa-2025:4240 Red Hat Security Advisory: Updated 6.1 container image is now available in the Red Hat Ecosystem Catalog. 2025-04-28T05:29:21+00:00 2026-04-11T19:44:37+00:00
rhsa-2025:0664 Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.35.0 security update & enhancements 2025-01-23T13:02:37+00:00 2026-04-11T19:44:37+00:00
rhsa-2025:2449 Red Hat Security Advisory: OpenShift Container Platform 4.18.4 security update 2025-03-11T02:08:00+00:00 2026-04-11T19:44:36+00:00
rhsa-2025:22684 Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.12.6 security update 2025-12-03T23:53:32+00:00 2026-04-11T19:44:36+00:00
rhsa-2025:22683 Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.7 security update 2025-12-03T22:50:31+00:00 2026-04-11T19:44:35+00:00
rhsa-2025:1116 Red Hat Security Advisory: OpenShift Container Platform 4.13.55 bug fix and security update 2025-02-13T02:27:35+00:00 2026-04-11T19:44:34+00:00
rhsa-2025:0832 Red Hat Security Advisory: OpenShift Container Platform 4.12.72 bug fix and security update 2025-02-06T00:45:40+00:00 2026-04-11T19:44:34+00:00
rhsa-2025:0654 Red Hat Security Advisory: OpenShift Container Platform 4.17.14 bug fix and security update 2025-01-28T04:28:50+00:00 2026-04-11T19:44:32+00:00
rhsa-2025:0536 Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.15.0 2025-01-21T16:57:37+00:00 2026-04-11T19:44:32+00:00
rhsa-2025:0014 Red Hat Security Advisory: OpenShift Container Platform 4.12.71 bug fix and security update 2025-01-09T02:15:46+00:00 2026-04-11T19:44:31+00:00
rhsa-2024:9615 Red Hat Security Advisory: OpenShift Container Platform 4.16.23 bug fix and security update 2024-11-20T00:46:32+00:00 2026-04-11T19:44:31+00:00
ID Description Published Updated
sevd-2026-069-02 Improper Neutralization vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-343-01 EcoStruxure™ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-03 EcoStruxure™ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-343-02 EcoStruxure™ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2023-192-04 CODESYS Runtime Vulnerabilities 2023-07-11T07:15:18.000Z 2025-12-09T08:00:00.000Z
sevd-2021-159-04 ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools 2021-06-08T04:36:25.000Z 2025-11-15T00:00:00.000Z
sevd-2022-284-03 ISaGRAF Workbench for SAGE RTU 2022-10-10T22:13:16.000Z 2025-11-14T06:30:00.000Z
sevd-2025-315-02 EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-01 PowerChute™ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-02 EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-287-01 EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
ID Description Published Updated
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2025-05-20T11:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
SCA-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
ID Description Published Updated
ssa-246443 SSA-246443: Multiple Vulnerabilities in SICAM 8 Products 2026-03-26T00:00:00.000Z 2026-03-26T00:00:00.000Z
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-770770 SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices 2025-02-11T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-513708 SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-485750 SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-430425 SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0 2024-10-08T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-282044 SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery 2025-08-12T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-201595 SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2025-08-14T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-126399 SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-082556 SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-027652 SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives 2025-09-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-613116 SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-355557 SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-089022 SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 2026-01-28T00:00:00Z 2026-02-24T00:00:00Z
ssa-965753 SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-864900 SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2025-05-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-783261 SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 2012-12-12T00:00:00Z 2026-02-10T00:00:00Z
ssa-674753 SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices 2026-01-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-625934 SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-599451 SSA-599451: Multiple Vulnerabilities in SiPass integrated 2025-10-14T00:00:00Z 2026-02-10T00:00:00Z
ssa-507364 SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-445819 SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-265688 SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 2024-04-09T00:00:00Z 2026-02-10T00:00:00Z
ID Description Published Updated
suse-su-2026:1257-1 Security update for openssl-1_1 2026-04-10T15:06:36Z 2026-04-10T15:06:36Z
suse-su-2026:1256-1 Security update for openssl-1_0_0 2026-04-10T14:57:18Z 2026-04-10T14:57:18Z
suse-su-2026:1255-1 Security update for openssl-1_1 2026-04-10T14:56:12Z 2026-04-10T14:56:12Z
suse-su-2026:1254-1 Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5) 2026-04-10T14:04:42Z 2026-04-10T14:04:42Z
suse-su-2026:1252-1 Security update for tigervnc 2026-04-10T11:36:58Z 2026-04-10T11:36:58Z
suse-su-2026:1251-1 Security update for cockpit-podman 2026-04-10T11:36:50Z 2026-04-10T11:36:50Z
suse-su-2026:1250-1 Security update for cockpit-tukit 2026-04-10T11:36:40Z 2026-04-10T11:36:40Z
suse-su-2026:1249-1 Security update for cockpit-machines 2026-04-10T11:36:32Z 2026-04-10T11:36:32Z
suse-su-2026:1247-1 Security update for nghttp2 2026-04-10T10:34:43Z 2026-04-10T10:34:43Z
suse-su-2026:1248-1 Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5) 2026-04-10T09:13:03Z 2026-04-10T09:13:03Z
suse-su-2026:1244-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7) 2026-04-10T08:04:54Z 2026-04-10T08:04:54Z
suse-su-2026:1242-1 Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5) 2026-04-10T07:04:48Z 2026-04-10T07:04:48Z
suse-su-2026:1239-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6) 2026-04-09T19:04:33Z 2026-04-09T19:04:33Z
suse-su-2026:1237-1 Security update for the Linux Kernel (Live Patch 47 for SUSE Linux Enterprise 15 SP4) 2026-04-09T17:04:59Z 2026-04-09T17:04:59Z
suse-su-2026:1236-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6) 2026-04-09T14:22:32Z 2026-04-09T14:22:32Z
suse-su-2026:1232-1 Security update for cockpit 2026-04-09T10:47:29Z 2026-04-09T10:47:29Z
suse-su-2026:1231-1 Security update for the Linux Kernel (Live Patch 48 for SUSE Linux Enterprise 15 SP4) 2026-04-09T09:04:39Z 2026-04-09T09:04:39Z
suse-su-2026:1230-1 Security update for bind 2026-04-09T08:58:38Z 2026-04-09T08:58:38Z
suse-su-2026:1229-1 Security update for bind 2026-04-09T08:58:06Z 2026-04-09T08:58:06Z
suse-su-2026:1225-1 Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise 15 SP6) 2026-04-09T01:53:43Z 2026-04-09T01:53:43Z
suse-su-2026:1222-1 Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5) 2026-04-08T20:04:54Z 2026-04-08T20:04:54Z
suse-su-2026:1221-1 Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) 2026-04-08T16:04:43Z 2026-04-08T16:04:43Z
suse-su-2026:1218-1 Security update for python-requests 2026-04-08T14:39:49Z 2026-04-08T14:39:49Z
suse-su-2026:1217-1 Security update for freerdp 2026-04-08T12:28:33Z 2026-04-08T12:28:33Z
suse-su-2026:1216-1 Security update for openssl-1_1 2026-04-08T12:28:22Z 2026-04-08T12:28:22Z
suse-su-2026:1215-1 Security update for openssl-3 2026-04-08T12:27:58Z 2026-04-08T12:27:58Z
suse-su-2026:1214-1 Security update for openssl-3 2026-04-08T12:27:45Z 2026-04-08T12:27:45Z
suse-su-2026:1213-1 Security update for openssl-3 2026-04-08T12:27:10Z 2026-04-08T12:27:10Z
suse-su-2026:1051-1 Security update for vim 2026-04-08T11:40:57Z 2026-04-08T11:40:57Z
suse-su-2026:1212-1 Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5) 2026-04-08T10:04:46Z 2026-04-08T10:04:46Z
ID Description Published Updated
alsa-2026:6572 Moderate: kernel-rt security update 2026-04-06T00:00:00Z 2026-04-06T09:38:16Z
alsa-2026:6571 Moderate: kernel security update 2026-04-06T00:00:00Z 2026-04-06T09:27:57Z
alsa-2026:6621 Moderate: crun security update 2026-04-06T00:00:00Z 2026-04-06T08:42:59Z
alsa-2026:6622 Moderate: crun security update 2026-04-06T00:00:00Z 2026-04-06T08:36:15Z
alsa-2026:6300 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update 2026-03-31T00:00:00Z 2026-04-03T17:13:38Z
alsa-2026:6436 Moderate: rsync security update 2026-04-02T00:00:00Z 2026-04-03T12:29:15Z
alsa-2026:6439 Important: libpng15 security update 2026-04-02T00:00:00Z 2026-04-03T12:19:53Z
alsa-2026:6445 Important: libpng12 security update 2026-04-02T00:00:00Z 2026-04-03T12:13:28Z
alsa-2026:6470 Important: perl-YAML-Syck security update 2026-04-02T00:00:00Z 2026-04-03T12:07:59Z
alsa-2026:6473 Important: python3 security update 2026-04-02T00:00:00Z 2026-04-03T12:02:03Z
alsa-2026:6388 Important: grafana-pcp security update 2026-04-01T00:00:00Z 2026-04-03T10:02:10Z
alsa-2026:6344 Important: grafana security update 2026-04-01T00:00:00Z 2026-04-03T09:56:37Z
alsa-2026:6259 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update 2026-03-31T00:00:00Z 2026-04-03T09:45:31Z
alsa-2026:6053 Moderate: kernel security update 2026-03-30T00:00:00Z 2026-04-03T09:23:17Z
alsa-2026:6390 Moderate: rsync security update 2026-04-01T00:00:00Z 2026-04-02T09:23:33Z
alsa-2026:6383 Important: grafana-pcp security update 2026-04-01T00:00:00Z 2026-04-02T09:15:46Z
alsa-2026:6382 Important: grafana security update 2026-04-01T00:00:00Z 2026-04-02T09:12:36Z
alsa-2026:6340 Important: freerdp security update 2026-04-01T00:00:00Z 2026-04-02T09:09:13Z
alsa-2026:6005 Important: freerdp security update 2026-03-30T00:00:00Z 2026-04-02T09:00:17Z
alsa-2026:6153 Moderate: kernel security update 2026-03-30T00:00:00Z 2026-04-02T08:46:53Z
alsa-2026:6188 Important: thunderbird security update 2026-03-30T00:00:00Z 2026-04-02T08:18:50Z
alsa-2026:6342 Important: thunderbird security update 2026-04-01T00:00:00Z 2026-04-01T11:59:47Z
alsa-2026:6301 Important: squid security update 2026-03-31T00:00:00Z 2026-04-01T09:27:45Z
alsa-2026:6256 Important: python3.12 security update 2026-03-31T00:00:00Z 2026-04-01T09:23:35Z
alsa-2026:6266 Moderate: libxslt security update 2026-03-31T00:00:00Z 2026-04-01T09:19:08Z
alsa-2026:6286 Important: python3.11 security update 2026-03-31T00:00:00Z 2026-04-01T09:15:24Z
alsa-2026:6285 Important: python3.12 security update 2026-03-31T00:00:00Z 2026-04-01T09:07:09Z
alsa-2026:6283 Important: python3.12 security update 2026-03-31T00:00:00Z 2026-04-01T08:56:58Z
alsa-2026:6281 Important: python3.11 security update 2026-03-31T00:00:00Z 2026-04-01T08:52:26Z
alsa-2026:6004 Important: freerdp security update 2026-03-30T00:00:00Z 2026-03-31T08:19:51Z
ID Description Published Updated
hsec-2026-0006 Cabal deletes project source files during configure 2026-04-08T14:23:27Z 2026-04-08T14:23:27Z
hsec-2026-0004 Hackage package metadata stored XSS vulnerability 2026-03-28T16:05:12Z 2026-03-28T16:05:12Z
hsec-2026-0002 Hackage CSRF vulnerability 2026-03-28T16:04:58Z 2026-03-28T16:04:58Z
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
ID Description Published Updated
osv-2022-388 Segv on unknown address in dwg_ref_get_object 2022-05-01T00:01:54.904711Z 2026-04-11T14:05:23.758549Z
osv-2020-876 Use-of-uninitialized-value in XCFImageFormat::mergeRGBToRGB 2020-07-14T22:13:55.541274Z 2026-04-11T14:04:22.896195Z
osv-2023-390 Heap-buffer-overflow in sdhci_write 2023-05-12T14:00:08.854823Z 2026-04-10T14:32:51.981168Z
osv-2022-581 Heap-buffer-overflow in megasas_map_sgl 2022-07-14T00:00:45.644503Z 2026-04-10T14:31:17.243227Z
osv-2021-820 UNKNOWN READ in virtio_gpu_disable_scanout 2021-06-02T00:00:31.619765Z 2026-04-10T14:28:59.278557Z
osv-2024-679 Heap-buffer-overflow in readImage4v2 2024-07-25T00:14:34.485446Z 2026-04-10T14:17:32.974190Z
osv-2023-307 Heap-buffer-overflow in bit_read_BB 2023-04-13T14:02:09.774988Z 2026-04-10T14:15:06.653636Z
osv-2022-714 Heap-buffer-overflow in dynapi_set_helper 2022-08-15T00:00:47.794062Z 2026-04-10T14:14:49.083912Z
osv-2022-653 Heap-double-free in dwg_free_common_entity_data 2022-07-30T00:01:52.491112Z 2026-04-10T14:13:58.401974Z
osv-2023-877 Heap-buffer-overflow in btf_ensure_modifiable 2023-09-18T14:02:44.989260Z 2026-04-10T14:13:13.162417Z
osv-2023-800 Heap-buffer-overflow in XCFImageFormat::loadTileRLE 2023-09-07T14:00:27.693270Z 2026-04-10T14:12:33.285572Z
osv-2023-55 Index-out-of-bounds in LibRaw::apply_tiff 2023-02-07T13:00:07.438565Z 2026-04-10T14:12:13.379692Z
osv-2022-400 Heap-double-free in dwg_free_XRECORD_private 2022-05-08T00:00:40.782520Z 2026-04-10T14:11:34.568715Z
osv-2022-372 Heap-buffer-overflow in dwg_encode_VERTEX_2D 2022-04-26T00:00:09.352798Z 2026-04-10T14:11:27.492166Z
osv-2022-379 Segv on unknown address in bit_write_TV 2022-04-27T00:00:44.539231Z 2026-04-10T14:11:26.691044Z
osv-2022-1176 Heap-double-free in dwg_free 2022-11-18T13:00:26.857477Z 2026-04-10T14:10:36.470316Z
osv-2022-1259 Heap-buffer-overflow in dwg_decode_INSERT_private 2022-12-13T13:00:46.870838Z 2026-04-10T14:10:23.558612Z
osv-2021-1343 Heap-buffer-overflow in get_next_owned_entity 2021-09-21T00:01:33.177403Z 2026-04-10T14:10:04.765852Z
osv-2021-1086 Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 2021-08-02T00:00:31.888461Z 2026-04-10T14:09:40.474591Z
osv-2022-1018 Index-out-of-bounds in LibRaw::kodak_radc_load_raw 2022-10-06T00:02:27.511658Z 2026-04-10T14:06:59.896524Z
osv-2021-525 Use-of-uninitialized-value in void edge_filtering_chroma_internal<unsigned char> 2021-03-16T00:00:19.176877Z 2026-04-10T14:06:54.074771Z
osv-2021-972 UNKNOWN READ in void mc_chroma<unsigned short> 2021-07-13T00:00:16.631711Z 2026-04-10T14:06:51.235370Z
osv-2021-948 Use-of-uninitialized-value in residual_coding 2021-07-10T00:01:12.890029Z 2026-04-10T14:06:45.638294Z
osv-2021-735 Use-of-uninitialized-value in decode_CABAC_FL_bypass 2021-05-08T00:00:14.355747Z 2026-04-10T14:06:44.826192Z
osv-2021-586 Use-of-uninitialized-value in void intra_prediction_angular<unsigned short> 2021-03-31T00:01:03.787831Z 2026-04-10T14:06:19.649878Z
osv-2020-868 Use-of-uninitialized-value in fetchARGB32ToRGBA64PM_avx2 2020-07-14T22:13:50.828646Z 2026-04-10T14:06:12.468231Z
osv-2022-1198 Heap-buffer-overflow in dwg_json_LTYPE 2022-11-23T13:02:06.623044Z 2026-04-10T14:05:46.801956Z
osv-2022-842 Stack-buffer-overflow in wc_Shake256_Final 2022-09-05T00:00:28.251072Z 2026-04-09T14:36:35.503150Z
osv-2023-107 Heap-buffer-overflow in DecodeBasicOcspResponse 2023-02-25T13:00:07.390537Z 2026-04-09T14:34:49.566404Z
osv-2024-269 Security exception in java.base/java.util.stream.AbstractPipeline.evaluate 2024-04-18T00:04:02.456948Z 2026-04-09T14:31:24.951720Z
ID Description Published Updated
rustsec-2026-0097 Rand is unsound with a custom logger using `rand::rng()` 2026-04-09T12:00:00Z 2026-04-11T11:38:57Z
rustsec-2026-0096 Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0095 Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0094 Improperly masked return value from `table.grow` with Winch compiler backend 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0093 Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0092 Panic when transcoding misaligned component model UTF-16 strings 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0091 Out-of-bounds write or crash when transcoding component model strings 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0090 Use-after-free bug after cloning `wasmtime::Linker` 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0089 Host panic when Winch compiler executes `table.fill` 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0088 Data leakage between pooling allocator instances 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0087 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0086 Host data leakage with 64-bit tables and Winch 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0085 Panic when lifting `flags` component value 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0084 `logprinter` was removed from crates.io for malicious code 2026-04-09T12:00:00Z 2026-04-09T11:23:07Z
rustsec-2026-0083 zantetsu-trainer is unmaintained 2026-04-07T12:00:00Z 2026-04-08T08:55:27Z
rustsec-2026-0082 zantetsu-ffi is unmaintained 2026-04-07T12:00:00Z 2026-04-08T08:55:27Z
rustsec-2026-0081 `logtrace` was removed from crates.io for malicious code 2026-04-05T12:00:00Z 2026-04-05T23:52:05Z
rustsec-2026-0080 Multiple soundness issues in `scaly` safe APIs 2026-01-19T12:00:00Z 2026-04-05T05:30:42Z
rustsec-2026-0079 `DynFuture` drop can construct a dangling reference 2026-01-21T12:00:00Z 2026-04-05T05:30:42Z
rustsec-2023-0125 Logs AWS credentials when TRACE-level logging is enabled 2023-04-19T12:00:00Z 2026-04-02T14:44:59Z
rustsec-2026-0078 Symbol confusion after hasher panic in `intaglio` interners 2026-03-30T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2025-0160 `custom-req-on-workers` was removed from crates.io for malicious code 2025-01-30T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2025-0159 `sophosfirewall-python` was removed from crates.io for malicious code 2025-02-15T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2025-0158 `jfrog_quotes` was removed from crates.io for malicious code 2025-01-30T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2025-0157 `statsrelay-protobuf` was removed from crates.io for malicious code 2025-08-26T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2025-0156 `tree-sitter-pkl` was removed from crates.io for malicious code 2025-03-10T12:00:00Z 2026-03-30T21:40:18Z
rustsec-2026-0077 Incorrect Check of Signer Response Norm During Verification 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0076 Panic in Signature Hint Decoding During Verification 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0075 All-Zero Key Generation on Catastrophic RNG Failure 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0074 Incorrect Output of Incremental Portable SHAKE API 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
ID Description Published Updated
bit-python-2026-1299 email BytesGenerator header injection due to unquoted newlines 2026-02-03T08:53:00.053Z 2026-04-10T09:26:18.172Z
bit-python-2026-0865 wsgiref.headers.Headers allows header newline injection 2026-01-26T14:50:04.789Z 2026-04-10T09:26:18.172Z
bit-python-2026-0672 Header injection in http.cookies.Morsel 2026-01-26T14:50:03.015Z 2026-04-10T09:26:18.172Z
bit-python-2025-6075 Quadratic complexity in os.path.expandvars() with user-controlled template 2025-12-05T11:13:34.373Z 2026-04-10T09:26:18.172Z
bit-python-2025-15282 Header injection via newlines in data URL mediatype 2026-01-26T14:49:40.631Z 2026-04-10T09:26:18.172Z
bit-python-2025-11468 Folding email comments of unfoldable characters doesn't preserve parenthesis 2026-01-26T14:49:32.088Z 2026-04-10T09:26:18.172Z
bit-libpython-2026-1299 email BytesGenerator header injection due to unquoted newlines 2026-02-03T08:45:06.015Z 2026-04-10T09:26:18.172Z
bit-libpython-2026-0865 wsgiref.headers.Headers allows header newline injection 2026-01-26T14:43:33.890Z 2026-04-10T09:26:18.172Z
bit-libpython-2026-0672 Header injection in http.cookies.Morsel 2026-01-26T14:43:32.238Z 2026-04-10T09:26:18.172Z
bit-libpython-2025-6075 Quadratic complexity in os.path.expandvars() with user-controlled template 2025-12-05T11:08:28.184Z 2026-04-10T09:26:18.172Z
bit-libpython-2025-15282 Header injection via newlines in data URL mediatype 2026-01-26T14:43:08.856Z 2026-04-10T09:26:18.172Z
bit-libpython-2025-11468 Folding email comments of unfoldable characters doesn't preserve parenthesis 2026-01-26T14:42:59.991Z 2026-04-10T09:26:18.172Z
bit-joomla-2026-23899 Joomla! Core - [20260306] - Improper access check in webservice endpoints 2026-04-10T08:49:24.143Z 2026-04-10T09:26:18.172Z
bit-joomla-2026-23898 Joomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdate 2026-04-10T08:49:22.196Z 2026-04-10T09:26:18.172Z
bit-joomla-2026-21632 Joomla! Core - [20260304] - XSS vectors in various article title outputs 2026-04-10T08:49:20.111Z 2026-04-10T09:26:18.172Z
bit-joomla-2026-21631 Joomla! Core - [20260303] - XSS vector in com_associations comparison view 2026-04-10T08:49:17.625Z 2026-04-10T09:26:18.172Z
bit-joomla-2026-21630 Joomla! Core - [20260302] - SQL injection in com_content articles webservice endpoint 2026-04-10T08:49:15.352Z 2026-04-10T09:26:18.172Z
bit-joomla-2026-21629 Joomla! Core - [20260301] - ACL hardening in com_ajax 2026-04-10T08:49:13.196Z 2026-04-10T09:26:18.172Z
bit-cassandra-2026-27315 Apache Cassandra: cqlsh history sensitive information leak 2026-04-09T08:36:45.141Z 2026-04-10T09:26:18.172Z
bit-parse-2026-39381 Parse Server's Endpoint `/sessions/me` bypasses `_Session` `protectedFields` 2026-04-09T14:37:43.255Z 2026-04-09T15:05:10.890Z
bit-parse-2026-39321 Parse Server has a login timing side-channel reveals user existence 2026-04-09T14:37:40.125Z 2026-04-09T15:05:10.890Z
bit-wordpress-2023-2745 WordPress Core < 6.2.1 - Directory Traversal 2024-03-06T11:09:15.187Z 2026-04-09T09:13:50.652Z
bit-cosign-2026-39395 Cosign's verify-blob-attestation reports false positive when payload parsing fails 2026-04-09T08:37:13.235Z 2026-04-09T09:13:50.652Z
bit-activemq-2026-34197 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans 2026-04-09T08:36:52.749Z 2026-04-09T09:13:50.652Z
bit-activemq-2026-33227 Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ Web, Apache ActiveMQ: Improper Limitation of a Pathname to a Restricted Classpath Directory 2026-04-09T08:36:51.132Z 2026-04-09T09:13:50.652Z
bit-wordpress-2023-5692 WordPress Core <= 6.4.3 - Sensitive Information Exposure via redirect_guess_404_permalink 2024-04-09T10:59:36.633Z 2026-04-08T18:15:20.423Z
bit-parse-2026-35200 Parse Server has a file upload Content-Type override via extension mismatch 2026-04-08T14:51:33.993Z 2026-04-08T15:15:28.618Z
bit-discourse-2026-34947 Discourse: Staged user custom fields are exposed on public invite pages 2026-04-08T14:45:19.092Z 2026-04-08T15:15:28.618Z
bit-discourse-2026-27481 Discourse: Hidden tag visibility bypass on tag routes 2026-04-08T14:43:31.143Z 2026-04-08T15:15:28.618Z
bit-mlflow-2025-15031 Path Traversal Vulnerability in mlflow/mlflow 2026-03-24T08:47:14.572Z 2026-04-08T12:15:37.582Z
ID Description Published Updated
cleanstart-2026-iw23933 gRPC-Go is the Go language implementation of gRPC 2026-04-09T00:42:07.594705Z 2026-04-08T10:12:34Z
cleanstart-2026-hz73294 Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service 2026-04-09T00:45:08.400884Z 2026-04-08T10:12:22Z
cleanstart-2026-fz55932 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process 2026-04-09T00:41:07.286953Z 2026-04-08T10:10:33Z
cleanstart-2026-ku98579 gRPC-Go is the Go language implementation of gRPC 2026-04-09T00:42:07.643397Z 2026-04-08T10:07:21Z
cleanstart-2026-ly88807 Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default 2026-04-09T00:43:37.430373Z 2026-04-08T10:02:31Z
cleanstart-2026-nv37937 Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default 2026-04-09T00:44:07.747698Z 2026-04-08T09:58:55Z
cleanstart-2026-bd18029 Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default 2026-04-09T00:45:07.480117Z 2026-04-08T09:49:10Z
cleanstart-2026-mo53190 gRPC-Go is the Go language implementation of gRPC 2026-04-09T00:49:37.904336Z 2026-04-08T09:47:14Z
cleanstart-2026-co68219 Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default 2026-04-09T00:47:37.444297Z 2026-04-08T09:44:10Z
cleanstart-2026-by59711 gRPC-Go is the Go language implementation of gRPC 2026-04-09T00:47:37.687304Z 2026-04-08T09:36:51Z
cleanstart-2026-mi26424 net/url package does not set a limit on the number of query parameters in a query 2026-04-09T00:48:07.244191Z 2026-04-08T09:30:12Z
cleanstart-2026-iw08736 Uncontrolled Recursion vulnerability in Apache Commons Lang 2026-04-09T00:53:08.467045Z 2026-04-08T09:19:34Z
cleanstart-2026-bg72514 Uncontrolled Recursion vulnerability in Apache Commons Lang 2026-04-09T00:49:38.775284Z 2026-04-08T09:13:42Z
cleanstart-2026-oq84658 Netty is an asynchronous, event-driven network application framework 2026-04-09T00:52:07.697782Z 2026-04-08T08:14:27Z
cleanstart-2026-cq39708 Netty is an asynchronous, event-driven network application framework 2026-04-09T00:53:38.262441Z 2026-04-08T08:11:56Z
cleanstart-2026-ge08280 Ruby JSON is a JSON implementation for Ruby 2026-04-09T01:01:38.909372Z 2026-04-08T08:04:46Z
cleanstart-2026-ot38160 url 2026-04-09T00:55:38.018075Z 2026-04-08T07:36:24Z
cleanstart-2026-ba09462 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-04-09T00:57:38.077873Z 2026-04-08T07:00:07Z
cleanstart-2026-mw52739 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-09T00:59:39.080550Z 2026-04-08T06:46:14Z
cleanstart-2026-ki25096 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-09T00:59:38.592849Z 2026-04-08T06:46:14Z
cleanstart-2026-ij23041 In libexpat before 2 2026-04-09T01:01:38.269615Z 2026-04-08T06:46:14Z
cleanstart-2026-gy86690 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-09T00:57:57.606656Z 2026-04-08T06:46:14Z
cleanstart-2026-pd43534 In libexpat before 2 2026-04-08T00:39:47.879615Z 2026-04-07T05:54:38Z
cleanstart-2026-mp09743 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-08T00:37:59.326932Z 2026-04-07T05:54:38Z
cleanstart-2026-bb02574 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-08T00:37:58.971684Z 2026-04-07T05:54:38Z
cleanstart-2026-af52025 In libexpat before 2 2026-04-08T00:39:48.013620Z 2026-04-07T05:54:38Z
cleanstart-2026-hx94762 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-07T00:45:34.962189Z 2026-04-06T13:01:42Z
cleanstart-2026-gg94489 go-retryablehttp prior to 0 2026-04-07T00:41:33.578433Z 2026-04-06T13:01:42Z
cleanstart-2026-fu47971 protojson 2026-04-07T00:47:07.546790Z 2026-04-06T13:01:42Z
cleanstart-2026-ej93145 attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames 2026-04-07T00:44:04.086276Z 2026-04-06T13:01:42Z
ID Description Published Updated
drupal-contrib-2026-032 2026-04-08T16:09:54.000Z 2026-04-08T16:09:54.000Z
drupal-contrib-2026-031 2026-04-01T16:38:14.000Z 2026-04-02T14:13:13.000Z
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-26T19:50:52.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-26T19:43:59.000Z
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ts-2026-001 TS-2026-001 2026-01-15T00:00
ts-2025-008 TS-2025-008 2025-11-19T00:00
ts-2025-007 TS-2025-007 2025-11-07T00:00
ts-2025-006 TS-2025-006 2025-10-28T00:00
ts-2025-005 TS-2025-005 2025-08-07T00:00
ts-2025-004 TS-2025-004 2025-05-27T00:00
ts-2025-003 TS-2025-003 2025-05-21T00:00
ts-2025-002 TS-2025-002 2025-05-15T00:00
ts-2025-001 TS-2025-001 2025-03-07T00:00
ts-2024-013 TS-2024-013 2024-12-04T00:00
ts-2024-012 TS-2024-012 2024-10-02T00:00
ts-2024-011 TS-2024-011 2024-07-22T00:00
ts-2024-010 TS-2024-010 2024-07-19T00:00
ts-2024-009 TS-2024-009 2024-06-27T00:00
ts-2024-008 TS-2024-008 2024-06-14T00:00
ts-2024-007 TS-2024-007 2024-06-12T00:00
ts-2024-006 TS-2024-006 2024-05-22T00:00
ts-2024-005 TS-2024-005 2024-05-08T00:00
ts-2024-004 TS-2024-004 2024-05-06T00:00
ts-2024-003 TS-2024-003 2024-04-23T00:00
ts-2024-002 TS-2024-002 2024-01-30T00:00
ts-2024-001 TS-2024-001 2024-01-08T00:00
ts-2023-009 TS-2023-009 2023-12-22T00:00
ts-2023-008 TS-2023-008 2023-11-01T00:00
ts-2023-007 TS-2023-007 2023-10-26T00:00
ts-2023-006 TS-2023-006 2023-08-22T00:00
ts-2023-005 TS-2023-005 2023-04-28T00:00
ts-2023-004 TS-2023-004 2023-04-04T00:00
ts-2023-003 TS-2023-003 2023-03-22T00:00
ts-2023-002 TS-2023-002 2023-01-24T00:00
ID Description Published Updated
certfr-2026-ale-004 Vulnérabilité dans F5 BIG-IP Access Policy Manager 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-ale-002 [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-ale-003 Note d’alerte – Ciblage des messageries instantanées 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2025-ale-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2026-ale-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2025-ale-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0424 Multiples vulnérabilités dans les produits IBM 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0423 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0422 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0421 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0420 Multiples vulnérabilités dans les produits Microsoft 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0419 Multiples vulnérabilités dans Mattermost Desktop App 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0418 Multiples vulnérabilités dans Apache Tomcat 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0417 Vulnérabilité dans Spring Cloud Gateway 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0416 Vulnérabilité dans les produits Juniper Networks 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0415 Multiples vulnérabilités dans Tenable Security Center 2026-04-10T00:00:00.000000 2026-04-10T00:00:00.000000
certfr-2026-avi-0414 Multiples vulnérabilités dans les produits Microsoft 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0413 Multiples vulnérabilités dans les produits Elastic 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0412 Multiples vulnérabilités dans les produits Palo Alto Networks 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0411 Multiples vulnérabilités dans Mitel MiCollab 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0410 Multiples vulnérabilités dans GitLab 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0409 Multiples vulnérabilités dans Sonicwall Secure Mobile Access 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0408 Multiples vulnérabilités dans les produits Juniper Networks 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0407 Multiples vulnérabilités dans Google Chrome 2026-04-09T00:00:00.000000 2026-04-09T00:00:00.000000
certfr-2026-avi-0406 Multiples vulnérabilités dans les produits Microsoft 2026-04-08T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0405 Vulnérabilité dans les produits Moxa 2026-04-08T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0404 Multiples vulnérabilités dans les produits Mozilla 2026-04-08T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0403 Multiples vulnérabilités dans OpenSSL 2026-04-08T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0402 Vulnérabilité dans HPE Aruba Networking Private 5G Core 2026-04-08T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0373 Vulnérabilité dans Roundcube 2026-03-30T00:00:00.000000 2026-04-08T00:00:00.000000
certfr-2026-avi-0401 Multiples vulnérabilités dans GLPI 2026-04-07T00:00:00.000000 2026-04-07T00:00:00.000000
certfr-2026-avi-0400 Vulnérabilité dans Fortinet FortiClientEMS 2026-04-07T00:00:00.000000 2026-04-07T00:00:00.000000
certfr-2026-avi-0399 Multiples vulnérabilités dans Google Android 2026-04-07T00:00:00.000000 2026-04-07T00:00:00.000000
certfr-2026-avi-0398 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0397 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
certfr-2026-avi-0396 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-04-03T00:00:00.000000 2026-04-03T00:00:00.000000
ID Description Published Updated
jvndb-2026-000053 EmoCheck loads Dynamic Link Libraries insecurely 2026-04-10T13:38+09:00 2026-04-10T13:38+09:00
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-04-09T13:55+09:00
jvndb-2026-000052 Multiple vulnerabilities in MATCHA series 2026-04-08T16:15+09:00 2026-04-08T16:15+09:00
jvndb-2026-000050 Multiple vulnerabilities in Movable Type 2026-04-08T16:15+09:00 2026-04-08T16:15+09:00
jvndb-2026-010301 Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-010300 Multiple Vulnerabilities in Hitachi Ops Center Viewpoint 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-010299 Multiple Vulnerabilities in Hitachi Ops Center Common Services 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-009720 Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) 2026-04-02T14:58+09:00 2026-04-03T15:50+09:00
jvndb-2026-000049 Multiple vulnerabilities in NEC Aterm series (NV26-001) 2026-04-03T15:09+09:00 2026-04-03T15:09+09:00
jvndb-2026-009412 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009411 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009410 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009409 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009408 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009406 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009147 Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2026-03-27T18:18+09:00 2026-03-27T18:18+09:00
jvndb-2026-009148 Open Redirect Vulnerability in Hitachi Ops Center Administrator 2026-03-27T18:17+09:00 2026-03-27T18:17+09:00
jvndb-2026-000047 Multiple vulnerabilities in baserCMS 2026-03-27T18:00+09:00 2026-03-27T18:00+09:00
jvndb-2026-000045 WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting 2026-03-27T17:34+09:00 2026-03-27T17:34+09:00
jvndb-2026-000046 Multiple vulnerabilities in BUFFALO Wi-Fi routers 2026-03-27T17:18+09:00 2026-03-27T17:18+09:00
jvndb-2026-000044 Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000042 Digital Photo Frame GH-WDF10A vulnerable to improper access restriction 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000043 SHARP routers missing authentication for some web APIs 2026-03-25T18:41+09:00 2026-03-25T18:41+09:00
jvndb-2026-000040 Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries 2026-03-25T18:13+09:00 2026-03-25T18:13+09:00
jvndb-2026-000041 SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths 2026-03-25T17:58+09:00 2026-03-25T17:58+09:00
jvndb-2026-007524 Vulnerability in Hitachi Command Suite 2026-03-17T16:42+09:00 2026-03-17T16:42+09:00
jvndb-2026-000038 Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries 2026-03-17T14:57+09:00 2026-03-17T14:57+09:00
jvndb-2026-000039 Missing authorization in the OpenAI thread/message API endpoints of GROWI 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-000037 OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-006887 Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 2026-03-12T17:22+09:00 2026-03-12T17:22+09:00
ID Description Published Updated
cnvd-2026-16137 IBM InfoSphere Information Server代码问题漏洞(CNVD-2026-16137) 2026-03-31 2026-04-03
cnvd-2026-16136 IBM Concert代码问题漏洞(CNVD-2026-16136) 2026-03-31 2026-04-03
cnvd-2026-16135 IBM Concert加密问题漏洞(CNVD-2026-16135) 2026-03-31 2026-04-03
cnvd-2026-16134 IBM Concert加密问题漏洞(CNVD-2026-16134) 2026-03-31 2026-04-03
cnvd-2026-16133 IBM InfoSphere Information Server加密问题漏洞 2026-03-31 2026-04-03
cnvd-2026-16132 IBM InfoSphere Information Server信息泄露漏洞(CNVD-2026-16132) 2026-03-31 2026-04-03
cnvd-2026-16131 IBM InfoSphere Information Server信息泄露漏洞(CNVD-2026-16131) 2026-03-31 2026-04-03
cnvd-2026-16130 IBM InfoSphere Information Server信息泄露漏洞(CNVD-2026-16130) 2026-03-31 2026-04-03
cnvd-2026-16129 IBM InfoSphere Information Server信息泄露漏洞(CNVD-2026-16129) 2026-03-31 2026-04-03
cnvd-2026-16128 IBM Concert访问控制错误漏洞(CNVD-2026-16128) 2026-03-31 2026-04-03
cnvd-2026-16069 WordPress插件WP Gmail SMTP信息泄露漏洞 2025-10-24 2026-04-03
cnvd-2026-16068 WordPress插件TNC Toolbox Web Performance存在未明漏洞 2025-11-14 2026-04-03
cnvd-2026-16067 WordPress插件ELEX WordPress HelpDesk & Customer Ticketing System存在未明漏洞 2026-02-11 2026-04-03
cnvd-2026-16066 WordPress插件King Addons for Elementor信息泄露漏洞 2026-03-26 2026-04-03
cnvd-2026-16065 WordPress插件Download Manager信息泄露漏洞 2026-03-26 2026-04-03
cnvd-2026-16064 WordPress插件SMTP Mailer信息泄露漏洞 2026-03-31 2026-04-03
cnvd-2026-16063 GNU BinUtils缓冲区溢出漏洞(CNVD-2026-16063) 2026-03-26 2026-04-03
cnvd-2026-16062 Artifex Ghostscript pdfmark_coerce_dest函数堆栈缓冲区溢出漏洞 2025-09-25 2026-04-03
cnvd-2026-16061 Artifex Ghostscript pdf_write_cmap函数堆栈缓冲区溢出漏洞 2025-09-25 2026-04-03
cnvd-2026-16060 Artifex Ghostscript ocr_begin_page函数堆缓冲区溢出漏洞 2025-09-25 2026-04-03
cnvd-2026-16059 Apple macOS信息泄露漏洞(CNVD-2026-16059) 2025-12-25 2026-04-03
cnvd-2026-16058 Apple macOS存在未明漏洞(CNVD-2026-16058) 2026-03-31 2026-04-03
cnvd-2026-16057 OpenClaw路径遍历漏洞(CNVD-2026-16057) 2026-03-26 2026-04-03
cnvd-2026-16056 OpenClaw安全绕过漏洞(CNVD-2026-16056) 2026-03-26 2026-04-03
cnvd-2026-16055 OpenClaw安全绕过漏洞(CNVD-2026-16055) 2026-03-26 2026-04-03
cnvd-2026-16054 OpenClaw命令执行漏洞(CNVD-2026-16054) 2026-03-26 2026-04-03
cnvd-2026-16053 OpenClaw拒绝服务漏洞(CNVD-2026-16053) 2026-03-26 2026-04-03
cnvd-2026-16052 OpenClaw访问控制错误漏洞(CNVD-2026-16052) 2026-03-26 2026-04-03
cnvd-2026-16051 OpenClaw安全绕过漏洞(CNVD-2026-16051) 2026-03-26 2026-04-03
cnvd-2026-16050 OpenClaw操作系统命令注入漏洞(CNVD-2026-16050) 2026-03-26 2026-04-03
ID Description Published Updated
bdu:2026-01844 Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… 16.02.2026 16.02.2026
bdu:2026-01843 Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… 16.02.2026 16.02.2026
bdu:2026-01842 Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … 16.02.2026 16.02.2026
bdu:2026-01841 Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… 16.02.2026 16.02.2026
bdu:2026-01840 Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… 16.02.2026 16.02.2026
bdu:2026-01839 Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… 16.02.2026 16.02.2026
bdu:2026-01838 Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… 16.02.2026 16.02.2026
bdu:2026-01837 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01836 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01835 Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… 16.02.2026 16.02.2026
bdu:2026-01834 Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… 16.02.2026 16.02.2026
bdu:2026-01833 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01832 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01831 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01830 Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… 16.02.2026 16.02.2026
bdu:2026-01829 Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… 16.02.2026 16.02.2026
bdu:2026-01828 Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… 16.02.2026 16.02.2026
bdu:2026-01827 Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… 16.02.2026 16.02.2026
bdu:2026-01826 Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… 16.02.2026 16.02.2026
bdu:2026-01825 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01824 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01823 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01822 Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… 16.02.2026 16.02.2026
bdu:2026-01821 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01820 Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … 16.02.2026 16.02.2026
bdu:2026-01819 Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… 16.02.2026 16.02.2026
bdu:2026-01818 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01817 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01816 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01815 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications … 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monter… 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includ… 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2018-003 PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities 2018-03-23T09:43:00.000Z 2025-10-01T08:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2019-015 PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers 2019-08-07T00:00:00.000Z 2025-07-11T07:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2020-002 PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks 2020-02-25T09:07:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-051 PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family 2022-11-15T09:27:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
ID Description Published Updated
advisory2026-03_vde-2026-018 CODESYS Control V3 - Externally-controlled format string in Auditlog 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-02_vde-2026-011 CODESYS Control V3 - Untrusted boot application 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-030 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-04-02T11:00:00.000Z 2026-04-02T11:00:00.000Z
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
ID Description Published Updated
vde-2026-013 Helmholz: Use of a Broken or Risky Cryptographic Algorithm 2026-04-07T08:00:00.000Z 2026-04-07T08:00:00.000Z
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI – devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
ID Description Published Updated
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
ID Description Published Updated
vde-2024-008 Wago: Vulnerability in WBM through Open VPN 2026-04-08T07:00:00.000Z 2026-04-08T07:00:00.000Z
vde-2026-021 WAGO: Multiple Vulnerabilities in WAGO VC Hub 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-010 WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2018-013 WAGO: 750-8xx Controller Denial of Service 2018-08-17T09:45:00.000Z 2025-09-22T10:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-011 WAGO: Multiple Vulnerabilities in I/O-Check Service 2020-03-09T09:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-009 WAGO: e!Cockpit Two Update Package Vulnerabilities 2020-03-09T09:18:00.000Z 2025-05-22T13:03:10.000Z
vde-2018-010 WAGO: Multiple vulnerabilities in e!DISPLAY products 2018-07-10T09:50:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-024 Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2026-04-02T10:00:00.000Z
vde-2026-003 Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime 2026-03-31T08:00:00.000Z 2026-04-01T11:00:00.000Z
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0024
8.8 (4.0)
LDAP injection in MISP ApacheAuthenticate when using a… misp
 misp
 2026-04-08T08:28:00.000Z 2026-04-09T04:44:04.936665Z
GCVE-1-2026-0023
8.5 (4.0)
Stored XSS in modal item preview for long item content… ail-project
 ail-framework
 2026-04-07T06:29:00.000Z 2026-04-08T04:22:15.084342Z
GCVE-1-2026-0022
6.4 (4.0)
MISP - Beta Overmind UI Stored Cross-Site Scripting in… misp
 misp
 2026-03-30T09:48:36.968649Z 2026-03-30T09:48:36.968649Z
GCVE-1-2026-0021
10 (4.0)
Critical RCE Vulnerability reported in Windchill windchill
 FlexPLM
 2026-03-23T12:30:40.249187Z 2026-03-23T12:30:40.249187Z
GCVE-1-2026-0020
10 (4.0)
Remote Code Execution Attack Against Eircom D1000 Router Eir
 D1000
 2026-03-11T14:12:00.000Z 2026-03-11T14:23:24.609831Z
GCVE-1-2026-0019
6.4 (4.0)
Improper URL validation in MISP dashboard button widge… misp
 misp
 2026-02-27T14:55:00.000Z 2026-02-27T15:44:29.998063Z
GCVE-1-2026-0018
6.5 (4.0)
Improper access control in MISP user contact form allo… misp
 misp
 2026-02-27T13:25:32.632362Z 2026-02-27T13:25:32.632362Z
GCVE-1-2026-0017
7.2 (4.0)
Improper Neutralization of Raw HTML in MISP modules Ma… misp
 misp-modules
 2026-02-27T13:10:24.641948Z 2026-02-27T13:10:24.641948Z
GCVE-1-2026-0016
7 (4.0)
Server-Side Request Forgery via Event Report Import Fr… misp
 misp
 2026-02-27T10:56:32.745676Z 2026-02-27T10:56:32.745676Z
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDA… fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifi… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Rese… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enum… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet … EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer ha… EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer ne… EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authentication… gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encry… cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model A… cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlle… cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URL… misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)… typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identif… misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was id… misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Du… misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped … misp
 misp
 2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectin… Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z