Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-4r27-2c98-x9f5 | The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2… | 2025-12-05T09:31:08Z | 2025-12-05T09:31:08Z |
| ghsa-p7gr-6x8w-xrcm | The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin sett… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-m98h-2vmw-fx96 | The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordP… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-fcvm-3w6m-5wpr | The Payaza plugin for WordPress is vulnerable to unauthorized modification of data due to a missing… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-c3mh-x7r7-p882 | The Live CSS Preview plugin for WordPress is vulnerable to unauthorized modification of data due to… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-6hj9-8964-6c8j | The Torod – The smart shipping and delivery portal for e-shops and retailers plugin for WordPress i… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-5x99-573p-j6jf | The Voidek Employee Portal plugin for WordPress is vulnerable to unauthorized access due to a missi… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-54x2-3gfp-xm8f | The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via th… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-4fx5-7hwc-phm3 | The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’ pa… | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-464w-3px7-55cm | The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – … | 2025-12-05T09:31:07Z | 2025-12-05T09:31:07Z |
| ghsa-xcg9-fw4f-9chv | The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This… | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-wm5q-q282-hjjq | The dream gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions … | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-hqrc-p5h3-734h | The Jabbernotification plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the… | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-gxgp-vx99-mxcw | In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temp… | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-9gh5-jw42-rrp3 | The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admi… | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-366w-47hf-9j25 | The Easy Jump Links Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the… | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-345x-g5f7-pjwq | The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scrip… | 2025-12-05T06:31:31Z | 2025-12-05T06:31:31Z |
| ghsa-xcmm-v5vf-j4qx | The Webcake – Landing Page Builder plugin for WordPress is vulnerable to unauthorized modification … | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-wxj8-3mjf-2fc3 | The Norby AI plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-vx9x-mffh-7v5j | The FitVids for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via adm… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-rgjg-5fjw-rm4x | The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file … | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-r8gc-wh4j-rhrc | The Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agent… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-r7px-4869-mhc2 | The CRM Memberships plugin for WordPress is vulnerable to unauthorized membership tag creation due … | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-r3v4-hrwm-cxm5 | The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore a… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-mp5q-9g62-4fc6 | The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing fi… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-mcqw-mpqf-pxq5 | The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive Info… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-m48p-p8gp-9jxf | In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause … | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-jhqp-8v5c-95qc | The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions … | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-jhfm-q6qg-273x | The Time Sheets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up… | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ghsa-hw7r-83w9-vx2p | The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions … | 2025-12-05T06:31:30Z | 2025-12-05T06:31:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-59117 | 4.8 (v4.0) | Multiple Stored XSS in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:33.240Z | 2025-12-05T12:22:03.275Z |
| cve-2025-13620 | Wp Social Login and Register Social Counter <= 3.1.3 -… |
roxnor |
Wp Social Login and Register Social Counter |
2025-12-05T10:57:55.576Z | 2025-12-05T12:21:58.651Z | |
| cve-2025-59116 | 6.9 (v4.0) | User enumeration in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:56.775Z | 2025-12-05T12:21:56.289Z |
| cve-2025-59115 | 5.3 (v4.0) | Stored XSS in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:32.325Z | 2025-12-05T12:21:46.678Z |
| cve-2025-59114 | 5.1 (v4.0) | Cross-Site Request Forgery in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:31.881Z | 2025-12-05T12:21:34.813Z |
| cve-2025-59113 | 6.9 (v4.0) | Bruteforce Protection Bypass in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:31.504Z | 2025-12-05T12:21:23.795Z |
| cve-2025-59112 | 5.1 (v4.0) | Cross-Site Request Forgery in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:31.060Z | 2025-12-05T12:21:16.296Z |
| cve-2025-59111 | 6.9 (v4.0) | Broken Access Control in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:39.486Z | 2025-12-05T12:21:10.295Z |
| cve-2025-59110 | 6.8 (v4.0) | Cross-Site Request Forgery in Windu CMS |
JCD |
Windu CMS |
2025-11-18T13:26:29.098Z | 2025-12-05T12:20:57.157Z |
| cve-2021-4465 | 8.7 (v4.0) | ReQuest Serious Play F3 Media Server <= 7.0.3 Remote DoS |
ReQuest Serious Play LLC |
ReQuest Serious Play Pro |
2025-11-14T22:51:28.004Z | 2025-12-05T12:08:15.315Z |
| cve-2025-66200 | Apache HTTP Server: mod_userdir+suexec bypass via Allo… |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T11:02:25.722Z | 2025-12-05T11:06:04.039Z | |
| cve-2025-65082 | Apache HTTP Server: CGI environment variable override |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T10:46:27.138Z | 2025-12-05T11:06:01.853Z | |
| cve-2025-59775 | Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T10:17:03.852Z | 2025-12-05T11:05:59.532Z | |
| cve-2025-55753 | Apache HTTP Server: mod_md (ACME), unintended retry in… |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T10:12:22.041Z | 2025-12-05T11:05:52.628Z | |
| cve-2025-7195 | 5.2 (v3.1) | Operator-sdk: privilege escalation due to incorrect pe… |
Red Hat |
Compliance Operator 1 |
2025-08-07T19:05:08.756Z | 2025-12-05T11:02:39.021Z |
| cve-2025-11411 | 5.7 (v4.0) | Possible domain hijacking via promiscuous records in t… |
NLnet Labs |
Unbound |
2025-10-22T12:28:02.607Z | 2025-12-05T10:56:13.103Z |
| cve-2025-13682 | Trail Manager <= 1.0.0 - Authenticated (Admin+) Stored… |
phegman |
Trail Manager |
2025-12-05T09:27:03.999Z | 2025-12-05T09:27:03.999Z | |
| cve-2025-13614 | Cool Tag Cloud <= 2.29 - Authenticated (Contributor+) … |
wpkube |
Cool Tag Cloud |
2025-12-05T09:27:03.633Z | 2025-12-05T09:27:03.633Z | |
| cve-2025-13678 | Thai Lottery Widget <= 2.5 - Authenticated (Contributo… |
siamlottery |
Thai Lottery Widget |
2025-12-05T09:27:03.279Z | 2025-12-05T09:27:03.279Z | |
| cve-2025-12876 | Projectopia – WordPress Project Management <= 5.1.19 -… |
projectopia |
Projectopia – WordPress Project Management |
2025-12-05T09:27:02.882Z | 2025-12-05T09:27:02.882Z | |
| cve-2025-12879 | User Generator and Importer <= 1.2.2 - Cross-Site Requ… |
vinoth06 |
User Generator and Importer |
2025-12-05T09:27:02.498Z | 2025-12-05T09:27:02.498Z | |
| cve-2025-13739 | CryptX <= 4.0.4 - Authenticated (Contributor+) Stored … |
d3395 |
CryptX |
2025-12-05T09:27:02.057Z | 2025-12-05T09:27:02.057Z | |
| cve-2025-12851 | My auctions allegro <= 3.6.32 - Unauthenticated Local … |
wphocus |
My auctions allegro |
2025-12-05T09:27:00.893Z | 2025-12-05T09:27:00.893Z | |
| cve-2025-66287 | 8.8 (v3.1) | Webkitgtk: processing maliciously crafted web content … |
Red Hat |
Red Hat Enterprise Linux 6 |
2025-12-04T16:48:31.485Z | 2025-12-05T09:21:06.543Z |
| cve-2025-12130 | WC Vendors – WooCommerce Multivendor, WooCommerce Mark… |
wcvendors |
WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors |
2025-12-05T07:26:18.017Z | 2025-12-05T07:26:18.017Z | |
| cve-2025-13684 | ARK Related Posts <= 2.19 - Cross-Site Request Forgery… |
alexkar |
ARK Related Posts |
2025-12-05T07:26:17.419Z | 2025-12-05T07:26:17.419Z | |
| cve-2025-12850 | My auctions allegro <= 3.6.32 - Unauthenticated SQL In… |
wphocus |
My auctions allegro |
2025-12-05T06:43:51.373Z | 2025-12-05T06:43:51.373Z | |
| cve-2025-13515 | Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site … |
danrajkumar |
Nouri.sh Newsletter |
2025-12-05T06:07:20.455Z | 2025-12-05T06:07:20.455Z | |
| cve-2025-12093 | Voidek Employee Portal <= 1.0.6 - Missing Authorization |
voidek |
Voidek Employee Portal |
2025-12-05T06:07:19.994Z | 2025-12-05T06:07:19.994Z | |
| cve-2025-12355 | Payaza <= 0.3.8 - Missing Authorization to Unauthentic… |
bigmaster |
Payaza |
2025-12-05T06:07:19.571Z | 2025-12-05T06:07:19.571Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-66200 | Apache HTTP Server: mod_userdir+suexec bypass via Allo… |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T11:02:25.722Z | 2025-12-05T11:06:04.039Z | |
| cve-2025-65082 | Apache HTTP Server: CGI environment variable override |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T10:46:27.138Z | 2025-12-05T11:06:01.853Z | |
| cve-2025-59775 | Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T10:17:03.852Z | 2025-12-05T11:05:59.532Z | |
| cve-2025-55753 | Apache HTTP Server: mod_md (ACME), unintended retry in… |
Apache Software Foundation |
Apache HTTP Server |
2025-12-05T10:12:22.041Z | 2025-12-05T11:05:52.628Z | |
| cve-2025-13620 | Wp Social Login and Register Social Counter <= 3.1.3 -… |
roxnor |
Wp Social Login and Register Social Counter |
2025-12-05T10:57:55.576Z | 2025-12-05T12:21:58.651Z | |
| cve-2025-11411 | 5.7 (v4.0) | Possible domain hijacking via promiscuous records in t… |
NLnet Labs |
Unbound |
2025-10-22T12:28:02.607Z | 2025-12-05T10:56:13.103Z |
| cve-2025-13739 | CryptX <= 4.0.4 - Authenticated (Contributor+) Stored … |
d3395 |
CryptX |
2025-12-05T09:27:02.057Z | 2025-12-05T09:27:02.057Z | |
| cve-2025-13682 | Trail Manager <= 1.0.0 - Authenticated (Admin+) Stored… |
phegman |
Trail Manager |
2025-12-05T09:27:03.999Z | 2025-12-05T09:27:03.999Z | |
| cve-2025-13678 | Thai Lottery Widget <= 2.5 - Authenticated (Contributo… |
siamlottery |
Thai Lottery Widget |
2025-12-05T09:27:03.279Z | 2025-12-05T09:27:03.279Z | |
| cve-2025-13614 | Cool Tag Cloud <= 2.29 - Authenticated (Contributor+) … |
wpkube |
Cool Tag Cloud |
2025-12-05T09:27:03.633Z | 2025-12-05T09:27:03.633Z | |
| cve-2025-12879 | User Generator and Importer <= 1.2.2 - Cross-Site Requ… |
vinoth06 |
User Generator and Importer |
2025-12-05T09:27:02.498Z | 2025-12-05T09:27:02.498Z | |
| cve-2025-12876 | Projectopia – WordPress Project Management <= 5.1.19 -… |
projectopia |
Projectopia – WordPress Project Management |
2025-12-05T09:27:02.882Z | 2025-12-05T09:27:02.882Z | |
| cve-2025-12851 | My auctions allegro <= 3.6.32 - Unauthenticated Local … |
wphocus |
My auctions allegro |
2025-12-05T09:27:00.893Z | 2025-12-05T09:27:00.893Z | |
| cve-2025-13684 | ARK Related Posts <= 2.19 - Cross-Site Request Forgery… |
alexkar |
ARK Related Posts |
2025-12-05T07:26:17.419Z | 2025-12-05T07:26:17.419Z | |
| cve-2025-12130 | WC Vendors – WooCommerce Multivendor, WooCommerce Mark… |
wcvendors |
WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors |
2025-12-05T07:26:18.017Z | 2025-12-05T07:26:18.017Z | |
| cve-2025-13515 | Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site … |
danrajkumar |
Nouri.sh Newsletter |
2025-12-05T06:07:20.455Z | 2025-12-05T06:07:20.455Z | |
| cve-2025-12850 | My auctions allegro <= 3.6.32 - Unauthenticated SQL In… |
wphocus |
My auctions allegro |
2025-12-05T06:43:51.373Z | 2025-12-05T06:43:51.373Z | |
| cve-2025-12374 | Email Verification, Email OTP, Block Spam Email, Passw… |
pickplugins |
User Verification by PickPlugins |
2025-12-05T06:07:19.086Z | 2025-12-05T06:07:19.086Z | |
| cve-2025-12373 | Torod – The smart shipping and delivery portal for e-s… |
torod |
Torod – The smart shipping and delivery portal for e-shops and retailers |
2025-12-05T06:07:18.239Z | 2025-12-05T06:07:18.239Z | |
| cve-2025-12355 | Payaza <= 0.3.8 - Missing Authorization to Unauthentic… |
bigmaster |
Payaza |
2025-12-05T06:07:19.571Z | 2025-12-05T06:07:19.571Z | |
| cve-2025-12354 | Live CSS Preview <= 2.0.0 - Missing Authorization to A… |
dojodigital |
Live CSS Preview |
2025-12-05T06:07:18.677Z | 2025-12-05T06:07:18.677Z | |
| cve-2025-12186 | Weekly Planner <= 1.0 - Authenticated (Admin+) Stored … |
michael_j_reid |
Weekly Planner |
2025-12-05T06:07:17.545Z | 2025-12-05T06:07:17.545Z | |
| cve-2025-12093 | Voidek Employee Portal <= 1.0.6 - Missing Authorization |
voidek |
Voidek Employee Portal |
2025-12-05T06:07:19.994Z | 2025-12-05T06:07:19.994Z | |
| cve-2025-66270 | The KDE Connect protocol 8 before 2025-11-28 does… |
KDE |
KDE Connect protocol |
2025-12-05T00:00:00.000Z | 2025-12-05T05:25:41.584Z | |
| cve-2025-32901 | In KDE Connect before 1.33.0 on Android, maliciou… |
KDE |
KDEConnect |
2025-12-05T00:00:00.000Z | 2025-12-05T05:12:40.025Z | |
| cve-2025-32900 | In the KDE Connect information-exchange protocol … |
KDE |
KDE Connect information-exchange protocol |
2025-12-05T00:00:00.000Z | 2025-12-05T05:34:03.875Z | |
| cve-2025-13860 | Easy Jump Links Menus <= 1.0.0 - Authenticated (Contri… |
webradykal |
Easy Jump Links Menus |
2025-12-05T05:31:29.457Z | 2025-12-05T05:31:29.457Z | |
| cve-2025-13625 | WP-SOS-Donate Donation Sidebar Plugin <= 0.9.2 - Refle… |
switch2mac |
WP-SOS-Donate Donation Sidebar Plugin |
2025-12-05T05:31:24.473Z | 2025-12-05T05:31:24.473Z | |
| cve-2025-13623 | Twitscription <= 0.1.1 - Reflected Cross-Site Scriptin… |
natambu |
Twitscription |
2025-12-05T05:31:26.091Z | 2025-12-05T05:31:26.091Z | |
| cve-2025-13622 | Jabbernotification <= 0.99-RC2 - Reflected Cross-Site … |
missi |
Jabbernotification |
2025-12-05T05:31:25.692Z | 2025-12-05T05:31:25.692Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-13739 | The CryptX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `cryp… | 2025-12-05T10:15:47.460 | 2025-12-05T10:15:47.460 |
| fkie_cve-2025-13682 | The Trail Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin setti… | 2025-12-05T10:15:47.237 | 2025-12-05T10:15:47.237 |
| fkie_cve-2025-13678 | The Thai Lottery Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `… | 2025-12-05T10:15:47.047 | 2025-12-05T10:15:47.047 |
| fkie_cve-2025-13614 | The Cool Tag Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin… | 2025-12-05T10:15:46.810 | 2025-12-05T10:15:46.810 |
| fkie_cve-2025-12879 | The User Generator and Importer plugin for WordPress is vulnerable to Cross-Site Request Forgery in… | 2025-12-05T10:15:46.597 | 2025-12-05T10:15:46.597 |
| fkie_cve-2025-12876 | The Projectopia – WordPress Project Management plugin for WordPress is vulnerable to unauthorized m… | 2025-12-05T10:15:46.370 | 2025-12-05T10:15:46.370 |
| fkie_cve-2025-12851 | The My auctions allegro plugin for WordPress is vulnerable to Local File Inclusion in all versions … | 2025-12-05T10:15:45.530 | 2025-12-05T10:15:45.530 |
| fkie_cve-2025-13684 | The ARK Related Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 2… | 2025-12-05T08:15:47.883 | 2025-12-05T08:15:47.883 |
| fkie_cve-2025-12130 | The WC Vendors – WooCommerce Multivendor, WooCommerce Marketplace, Product Vendors plugin for WordP… | 2025-12-05T08:15:46.170 | 2025-12-05T08:15:46.170 |
| fkie_cve-2025-13515 | The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via th… | 2025-12-05T07:16:11.583 | 2025-12-05T07:16:11.583 |
| fkie_cve-2025-12850 | The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’ pa… | 2025-12-05T07:16:11.350 | 2025-12-05T07:16:11.350 |
| fkie_cve-2025-12374 | The Email Verification, Email OTP, Block Spam Email, Passwordless login, Hide Login, Magic Login – … | 2025-12-05T07:16:11.117 | 2025-12-05T07:16:11.117 |
| fkie_cve-2025-12373 | The Torod – The smart shipping and delivery portal for e-shops and retailers plugin for WordPress i… | 2025-12-05T07:16:10.880 | 2025-12-05T07:16:10.880 |
| fkie_cve-2025-12355 | The Payaza plugin for WordPress is vulnerable to unauthorized modification of data due to a missing… | 2025-12-05T07:16:10.660 | 2025-12-05T07:16:10.660 |
| fkie_cve-2025-12354 | The Live CSS Preview plugin for WordPress is vulnerable to unauthorized modification of data due to… | 2025-12-05T07:16:10.413 | 2025-12-05T07:16:10.413 |
| fkie_cve-2025-12186 | The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin sett… | 2025-12-05T07:16:10.180 | 2025-12-05T07:16:10.180 |
| fkie_cve-2025-12093 | The Voidek Employee Portal plugin for WordPress is vulnerable to unauthorized access due to a missi… | 2025-12-05T07:16:08.347 | 2025-12-05T07:16:08.347 |
| fkie_cve-2025-66270 | The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This… | 2025-12-05T06:16:09.253 | 2025-12-05T06:16:09.253 |
| fkie_cve-2025-32901 | In KDE Connect before 1.33.0 on Android, malicious device IDs (sent via broadcast UDP) could cause … | 2025-12-05T05:17:02.380 | 2025-12-05T06:16:09.077 |
| fkie_cve-2025-32900 | In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temp… | 2025-12-05T06:16:08.900 | 2025-12-05T06:16:08.900 |
| fkie_cve-2025-13860 | The Easy Jump Links Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the… | 2025-12-05T06:16:08.730 | 2025-12-05T06:16:08.730 |
| fkie_cve-2025-13625 | The WP-SOS-Donate Donation Sidebar Plugin for WordPress is vulnerable to Reflected Cross-Site Scrip… | 2025-12-05T06:16:08.563 | 2025-12-05T06:16:08.563 |
| fkie_cve-2025-13623 | The Twitscription plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the admi… | 2025-12-05T06:16:08.400 | 2025-12-05T06:16:08.400 |
| fkie_cve-2025-13622 | The Jabbernotification plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the… | 2025-12-05T06:16:08.233 | 2025-12-05T06:16:08.233 |
| fkie_cve-2025-13621 | The dream gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions … | 2025-12-05T06:16:08.063 | 2025-12-05T06:16:08.063 |
| fkie_cve-2025-13528 | The Feedback Modal for Website plugin for WordPress is vulnerable to unauthorized access of data du… | 2025-12-05T06:16:07.900 | 2025-12-05T06:16:07.900 |
| fkie_cve-2025-13512 | The CoSign Single Signon plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via t… | 2025-12-05T06:16:07.727 | 2025-12-05T06:16:07.727 |
| fkie_cve-2025-13360 | The Quantic Social Image Hover plugin for WordPress is vulnerable to Cross-Site Request Forgery in … | 2025-12-05T06:16:07.563 | 2025-12-05T06:16:07.563 |
| fkie_cve-2025-13144 | The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions … | 2025-12-05T06:16:07.400 | 2025-12-05T06:16:07.400 |
| fkie_cve-2025-12370 | The Takeads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and i… | 2025-12-05T06:16:07.233 | 2025-12-05T06:16:07.233 |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2024-85 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-05T11:23:10.354455Z |
| pysec-2024-84 | Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-05T11:23:10.257369Z |
| pysec-2024-83 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-05T11:23:10.161043Z |
| pysec-2024-82 | Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-05T11:23:10.059500Z |
| pysec-2023-278 | MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2025-12-05T11:23:09.942170Z |
| pysec-2025-52 | gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T10:49:50.730736Z |
| pysec-2020-220 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2025-72 | The `num2words` project was compromised via a phishing attack and two new versions were u… | num2words | 2025-07-31T14:34:47+00:00 | |
| pysec-2025-71 | Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… | cadwyn | 2025-07-21T21:15:25+00:00 | 2025-07-23T15:24:03.825615+00:00 |
| pysec-2025-70 | A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… | langchain-community | 2025-06-23T21:15:25+00:00 | 2025-07-16T21:23:40.211079+00:00 |
| pysec-2024-259 | In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… | torch | 2024-10-29T21:15:04+00:00 | 2025-07-16T03:09:57.748865+00:00 |
| pysec-2024-258 | In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… | scrapy | 2024-05-20T08:15:08+00:00 | 2025-07-15T17:37:50.051730+00:00 |
| pysec-2025-69 | In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… | roundup | 2025-07-13T20:15:25+00:00 | 2025-07-13T21:23:01.161315+00:00 |
| pysec-2025-68 | A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.449399+00:00 |
| pysec-2025-67 | A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… | upsonic | 2025-06-19T21:15:27+00:00 | 2025-07-08T19:22:27.385619+00:00 |
| pysec-2025-66 | Improper privilege management in a REST interface allowed registered users to access unau… | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-65 | A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… | llama-index | 2025-07-07T13:15:28+00:00 | 2025-07-07T15:23:42.730681+00:00 |
| pysec-2025-61 | Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … | pillow | 2025-07-01T19:15:27Z | 2025-07-07T14:12:46.226030Z |
| pysec-2025-64 | A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… | python-a2a | 2025-06-17T07:15:18+00:00 | 2025-07-02T21:23:13.806273+00:00 |
| pysec-2025-63 | vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-62 | vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-60 | Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… | apache-iotdb | 2025-05-14T11:16:28+00:00 | 2025-07-01T21:22:47.232036+00:00 |
| pysec-2025-59 | Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… | apache-iotdb | 2025-05-14T11:15:47+00:00 | 2025-07-01T21:22:47.177405+00:00 |
| pysec-2024-257 | Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-03-22T23:15:07+00:00 | 2025-06-30T15:23:50.085549+00:00 |
| pysec-2025-58 | vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… | vllm | 2025-01-27T18:15:41+00:00 | 2025-06-27T21:22:36.583615+00:00 |
| pysec-2025-57 | A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| pysec-2025-56 | OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… | octoprint | 2025-04-22T18:15:59+00:00 | 2025-06-27T17:22:53.513680+00:00 |
| pysec-2024-256 | Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2024-12-03T16:15:24+00:00 | 2025-06-27T17:22:53.325430+00:00 |
| pysec-2025-55 | vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.407481+00:00 |
| pysec-2025-54 | vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8… | vllm | 2025-05-30T19:15:30+00:00 | 2025-06-26T21:23:06.319321+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33884 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.534455Z |
| gsd-2024-33901 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.525896Z |
| gsd-2024-33887 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.503613Z |
| gsd-2024-33895 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.493081Z |
| gsd-2024-33894 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.488420Z |
| gsd-2024-33902 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.486429Z |
| gsd-2024-33888 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.468423Z |
| gsd-2024-33885 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.441746Z |
| gsd-2024-33891 | Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… | 2024-04-29T05:02:07.412035Z |
| gsd-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… | 2024-04-29T05:02:07.400574Z |
| gsd-2024-33889 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.392587Z |
| gsd-2024-33893 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.381761Z |
| gsd-2024-33892 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.378170Z |
| gsd-2024-33890 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.344384Z |
| gsd-2024-33896 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.313250Z |
| gsd-2024-33903 | In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… | 2024-04-29T05:02:07.295775Z |
| gsd-2024-33900 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.290639Z |
| gsd-2024-33898 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287632Z |
| gsd-2024-33886 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.287167Z |
| gsd-2024-33897 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:07.283756Z |
| gsd-2024-33883 | The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… | 2024-04-29T05:02:07.271727Z |
| gsd-2024-4303 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.716348Z |
| gsd-2024-4300 | E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… | 2024-04-29T05:02:05.715239Z |
| gsd-2024-4297 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… | 2024-04-29T05:02:05.700888Z |
| gsd-2024-4301 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.678292Z |
| gsd-2024-4296 | The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… | 2024-04-29T05:02:05.621428Z |
| gsd-2024-4299 | The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… | 2024-04-29T05:02:05.606402Z |
| gsd-2024-4302 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-29T05:02:05.603637Z |
| gsd-2024-4298 | The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… | 2024-04-29T05:02:05.598531Z |
| gsd-2024-33876 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.990196Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192321 | Malicious code in json-map-source (npm) | 2025-12-05T05:53:00Z | 2025-12-05T05:53:01Z |
| mal-2025-192318 | Malicious code in chai-as-deployed (npm) | 2025-12-05T05:43:31Z | 2025-12-05T05:43:31Z |
| mal-2025-192319 | Malicious code in chai-promised-chain (npm) | 2025-12-05T05:40:01Z | 2025-12-05T05:40:02Z |
| mal-2025-192320 | Malicious code in dotnetenv (npm) | 2025-12-05T05:37:50Z | 2025-12-05T05:37:56Z |
| mal-2025-192317 | Malicious code in tailwindcss-setfont (npm) | 2025-12-05T03:07:11Z | 2025-12-05T03:07:11Z |
| mal-2025-192316 | Malicious code in tailwindcss-animation-helper (npm) | 2025-12-05T03:05:17Z | 2025-12-05T03:05:18Z |
| mal-2025-192315 | Malicious code in seeds-random (npm) | 2025-12-05T03:03:24Z | 2025-12-05T03:03:25Z |
| mal-2025-192313 | Malicious code in react-svg-fill (npm) | 2025-12-05T02:57:24Z | 2025-12-05T02:57:24Z |
| mal-2025-192314 | Malicious code in react-svg-supporter (npm) | 2025-12-05T02:52:02Z | 2025-12-05T02:52:03Z |
| mal-2025-192312 | Malicious code in react-svg-bundler (npm) | 2025-12-05T02:52:02Z | 2025-12-05T02:52:02Z |
| mal-2025-192311 | Malicious code in react-icon-updater (npm) | 2025-12-05T02:50:28Z | 2025-12-05T02:50:28Z |
| mal-2025-192307 | Malicious code in jsonify-settings (npm) | 2025-12-05T02:44:48Z | 2025-12-05T02:44:48Z |
| mal-2025-192308 | Malicious code in module-listener (npm) | 2025-12-05T02:42:15Z | 2025-12-05T02:42:20Z |
| mal-2025-192310 | Malicious code in node-tailwind (npm) | 2025-12-05T02:42:15Z | 2025-12-05T02:42:16Z |
| mal-2025-192309 | Malicious code in node-dpapi1 (npm) | 2025-12-05T02:42:15Z | 2025-12-05T02:42:16Z |
| mal-2025-192305 | Malicious code in dell-recovery (PyPI) | 2025-12-04T22:01:57Z | 2025-12-04T22:01:57Z |
| mal-2025-192306 | Malicious code in dell-restore-system (PyPI) | 2025-12-04T21:59:37Z | 2025-12-04T21:59:37Z |
| mal-2025-192304 | Malicious code in elf-stats-northbound-sparkler-410 (npm) | 2025-12-04T19:12:07Z | 2025-12-04T19:12:07Z |
| mal-2025-192302 | Malicious code in coremsft (PyPI) | 2025-12-04T12:39:04Z | 2025-12-04T15:10:43Z |
| mal-2025-192303 | Malicious code in elf-stats-ginger-wreath-646 (npm) | 2025-12-04T13:55:53Z | 2025-12-04T13:55:53Z |
| mal-2025-192117 | Malicious code in elf-stats-piney-icicle-501 (npm) | 2025-12-03T15:59:29Z | 2025-12-04T10:25:39Z |
| mal-2025-192052 | Malicious code in elf-stats-ginger-icicle-707 (npm) | 2025-12-03T15:59:29Z | 2025-12-04T10:25:39Z |
| mal-2025-191995 | Malicious code in elf-stats-candlelit-reindeer-881 (npm) | 2025-12-03T15:59:29Z | 2025-12-04T09:25:56Z |
| mal-2025-192222 | Malicious code in elf-stats-mulled-stocking-538 (npm) | 2025-12-03T17:22:10Z | 2025-12-04T08:26:39Z |
| mal-2025-192259 | Malicious code in unified11 (npm) | 2025-12-03T18:25:39Z | 2025-12-04T07:25:06Z |
| mal-2025-192254 | Malicious code in unified10 (npm) | 2025-12-03T18:06:52Z | 2025-12-04T07:25:06Z |
| mal-2025-192253 | Malicious code in remark-stringify10 (npm) | 2025-12-03T17:50:51Z | 2025-12-04T07:25:05Z |
| mal-2025-192246 | Malicious code in remark-parse10 (npm) | 2025-12-03T17:35:41Z | 2025-12-04T07:25:05Z |
| mal-2025-192245 | Malicious code in remark-mdx2.3 (npm) | 2025-12-03T17:31:24Z | 2025-12-04T07:25:05Z |
| mal-2025-192244 | Malicious code in hast-util-to-mdast9 (npm) | 2025-12-03T17:15:49Z | 2025-12-04T07:25:03Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2738 | Vercel Next.js und React Server Components (React2Shell): Schwachstelle ermöglicht Codeausführung | 2025-12-03T23:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-1883 | Apache Tika: Schwachstelle ermöglicht Infogewinn oder Manipulation | 2025-08-20T22:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2730 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-02T23:00:00.000+00:00 | 2025-12-03T23:00:00.000+00:00 |
| wid-sec-w-2025-2717 | Django: Mehrere Schwachstellen | 2025-12-02T23:00:00.000+00:00 | 2025-12-02T23:00:00.000+00:00 |
| wid-sec-w-2025-2703 | Zabbix: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2701 | xwiki (XJetty): Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2700 | CODESYS Control und Development System: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2636 | OpenVPN: Mehrere Schwachstellen | 2025-11-18T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2566 | Mozilla Firefox und Firefox ESR: Mehrere Schwachstellen | 2025-11-11T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2533 | RedHat Multicluster Engine for Kubernetes: Schwachstelle ermöglicht Privilegieneskalation | 2025-11-09T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2518 | Red Hat Enterprise Linux (runc): Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen | 2025-11-09T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2508 | Red Hat Enterprise Linux: Schwachstelle ermöglicht Denial of Service | 2025-11-06T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2488 | Red Hat Enterprise Linux (SSSD, libsoup): Mehrere Schwachstellen | 2025-11-04T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2450 | Linux Kernel: Mehrere Schwachstellen | 2025-10-29T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2697 | Devolutions Remote Desktop Manager und Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-11-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2495 | Django: Mehrere Schwachstellen ermöglichen Denial of Service und SQL-Injection | 2025-11-05T23:00:00.000+00:00 | 2025-11-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2687 | Apache CloudStack: Mehrere Schwachstellen | 2025-11-26T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2651 | GnuTLS: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-11-19T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2638 | Grub: Mehrere Schwachstellen | 2025-11-18T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2608 | Golang Go: Schwachstelle ermöglicht Denial of Service | 2025-11-16T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2468 | CPython: Schwachstelle ermöglicht Denial of Service | 2025-11-02T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2441 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-29T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2431 | Linux Kernel: Mehrere Schwachstellen | 2025-10-28T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2407 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-26T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2394 | Linux Kernel: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2392 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2386 | Unbound: Schwachstelle ermöglicht Manipulation von Dateien | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2350 | Linux Kernel: Mehrere Schwachstellen | 2025-10-20T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2322 | Samba: Mehrere Schwachstellen | 2025-10-15T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2298 | Linux Kernel: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-864900 | SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-794185 | SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-770770 | SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-750499 | SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-726617 | SSA-726617: Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-711309 | SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | 2023-09-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-698820 | SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-687955 | SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5 | 2025-02-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-631336 | SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 | 2022-06-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-552874 | SSA-552874: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2022-12-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-322980 | SSA-322980: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2023-04-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-301229 | SSA-301229: Client-Side Enforcement of Server-Side Security Vulnerabilities in RUGGEDCOM ROX II | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-225578 | SSA-225578: Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3 | 2022-07-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-216014 | SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs | 2025-03-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-194557 | SSA-194557: Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5 | 2025-01-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-876787 | SSA-876787: Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs | 2024-10-08T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-722410 | SSA-722410: Multiple Vulnerabilities in User Management Component (UMC) | 2025-09-09T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-693808 | SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-10-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:21885 | Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update | 2025-11-20T19:56:52+00:00 | 2025-11-29T08:07:16+00:00 |
| rhsa-2025:21368 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18 security, enhancement & bug fix update | 2025-11-13T17:36:32+00:00 | 2025-11-29T08:07:14+00:00 |
| rhsa-2025:19961 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.12.6 security update | 2025-11-10T01:30:28+00:00 | 2025-11-29T08:07:14+00:00 |
| rhsa-2025:19958 | Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.7 security update | 2025-11-10T01:14:14+00:00 | 2025-11-29T08:07:14+00:00 |
| rhsa-2025:19335 | Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.14.1 security update | 2025-10-30T12:58:23+00:00 | 2025-11-29T08:07:14+00:00 |
| rhsa-2025:19332 | Red Hat Security Advisory: multicluster engine for Kubernetes 2.9.1 security update | 2025-10-30T12:27:36+00:00 | 2025-11-29T08:07:14+00:00 |
| rhsa-2025:9646 | Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.7 security and bug fix update | 2025-06-25T14:06:29+00:00 | 2025-11-29T06:55:12+00:00 |
| rhsa-2025:9759 | Red Hat Security Advisory: OpenShift Container Platform 4.14.53 bug fix and security update | 2025-07-02T17:25:30+00:00 | 2025-11-29T06:55:11+00:00 |
| rhsa-2025:9562 | Red Hat Security Advisory: OpenShift Container Platform 4.20.0 bug fix and security update | 2025-10-21T04:13:27+00:00 | 2025-11-29T06:55:08+00:00 |
| rhsa-2025:9541 | Red Hat Security Advisory: Submariner 0.17.6 bug fixes and container updates | 2025-06-24T14:31:21+00:00 | 2025-11-29T06:55:08+00:00 |
| rhsa-2025:9388 | Red Hat Security Advisory: Red Hat Multicluster GlobalHub 1.2.3 bug fixes and container updates | 2025-06-23T15:10:48+00:00 | 2025-11-29T06:55:06+00:00 |
| rhsa-2025:9259 | Red Hat Security Advisory: OpenShift Container Platform 4.15.53 bug fix and security update | 2025-06-26T01:50:03+00:00 | 2025-11-29T06:55:06+00:00 |
| rhsa-2025:9167 | Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.6.0 release | 2025-06-17T09:27:34+00:00 | 2025-11-29T06:55:05+00:00 |
| rhsa-2025:9136 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.16.2 product release | 2025-06-16T18:32:02+00:00 | 2025-11-29T06:55:04+00:00 |
| rhsa-2025:8704 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.17.1 product release | 2025-06-09T16:42:07+00:00 | 2025-11-29T06:55:04+00:00 |
| rhsa-2025:8552 | Red Hat Security Advisory: OpenShift Container Platform 4.17.33 bug fix and security update | 2025-06-11T12:02:51+00:00 | 2025-11-29T06:55:04+00:00 |
| rhsa-2025:8691 | Red Hat Security Advisory: RHSA: Submariner 0.20.1 - bug fix and enhancement update | 2025-06-09T14:26:17+00:00 | 2025-11-29T06:55:02+00:00 |
| rhsa-2025:8560 | Red Hat Security Advisory: OpenShift Container Platform 4.18.17 bug fix and security update | 2025-06-10T06:26:36+00:00 | 2025-11-29T06:55:01+00:00 |
| rhsa-2025:8556 | Red Hat Security Advisory: OpenShift Container Platform 4.16.42 bug fix and security update | 2025-06-13T05:16:43+00:00 | 2025-11-29T06:55:00+00:00 |
| rhsa-2025:8544 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15.14 Bug Fix Update | 2025-06-04T20:11:19+00:00 | 2025-11-29T06:55:00+00:00 |
| rhsa-2025:8542 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.13.3 fixes and container updates | 2025-06-04T21:17:49+00:00 | 2025-11-29T06:54:58+00:00 |
| rhsa-2025:8510 | Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.7 security and bug fix update | 2025-06-04T12:26:00+00:00 | 2025-11-29T06:54:58+00:00 |
| rhsa-2025:8479 | Red Hat Security Advisory: RHODF-4.16-RHEL-9 security update | 2025-06-04T01:58:44+00:00 | 2025-11-29T06:54:58+00:00 |
| rhsa-2025:8392 | Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.9.9 bug fixes and container updates | 2025-06-04T00:41:53+00:00 | 2025-11-29T06:54:57+00:00 |
| rhsa-2025:8390 | Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.9 security updates and bug fixes | 2025-06-02T17:37:18+00:00 | 2025-11-29T06:54:55+00:00 |
| rhsa-2025:8384 | Red Hat Security Advisory: Red Hat multicluster global hub 1.4.1 bug fixes and container updates | 2025-06-02T14:56:45+00:00 | 2025-11-29T06:54:54+00:00 |
| rhsa-2025:8299 | Red Hat Security Advisory: OpenShift Container Platform 4.15.52 bug fix and security update | 2025-06-04T12:16:12+00:00 | 2025-11-29T06:54:54+00:00 |
| rhsa-2025:8284 | Red Hat Security Advisory: OpenShift Container Platform 4.18.16 bug fix and security update | 2025-06-03T10:16:45+00:00 | 2025-11-29T06:54:53+00:00 |
| rhsa-2025:8280 | Red Hat Security Advisory: OpenShift Container Platform 4.17.32 bug fix and security update | 2025-06-04T09:19:59+00:00 | 2025-11-29T06:54:52+00:00 |
| rhsa-2025:8274 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.14.4 security update | 2025-05-28T20:39:49+00:00 | 2025-11-29T06:54:52+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-12970 | CVE-2025-12970 | 2025-11-02T00:00:00.000Z | 2025-12-05T01:36:55.000Z |
| msrc_cve-2025-11731 | Libxslt: type confusion in exsltfuncresultcompfunction of libxslt | 2025-10-02T00:00:00.000Z | 2025-12-05T01:36:30.000Z |
| msrc_cve-2025-55552 | pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together. | 2025-09-02T00:00:00.000Z | 2025-12-05T01:35:57.000Z |
| msrc_cve-2025-39833 | mISDN: hfcpci: Fix warning when deleting uninitialized timer | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:56.000Z |
| msrc_cve-2025-38709 | loop: Avoid updating block size under exclusive owner | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:51.000Z |
| msrc_cve-2023-53254 | cacheinfo: Fix shared_cpu_map to handle shared caches at different levels | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:34.000Z |
| msrc_cve-2023-53248 | drm/amdgpu: install stub fence into potential unused fence pointers | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:29.000Z |
| msrc_cve-2023-53247 | btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:23.000Z |
| msrc_cve-2023-53240 | xsk: check IFF_UP earlier in Tx path | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:17.000Z |
| msrc_cve-2023-53221 | bpf: Fix memleak due to fentry attach failure | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:12.000Z |
| msrc_cve-2023-53218 | rxrpc: Make it so that a waiting process can be aborted | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:06.000Z |
| msrc_cve-2022-50316 | orangefs: Fix kmemleak in orangefs_sysfs_init() | 2025-09-02T00:00:00.000Z | 2025-12-05T01:02:00.000Z |
| msrc_cve-2025-66031 | node-forge ASN.1 Unbounded Recursion | 2025-11-02T00:00:00.000Z | 2025-12-04T14:36:01.000Z |
| msrc_cve-2025-66030 | node-forge ASN.1 OID Integer Truncation | 2025-11-02T00:00:00.000Z | 2025-12-04T14:35:55.000Z |
| msrc_cve-2025-12816 | CVE-2025-12816 | 2025-11-02T00:00:00.000Z | 2025-12-04T14:35:48.000Z |
| msrc_cve-2025-12977 | CVE-2025-12977 | 2025-11-02T00:00:00.000Z | 2025-12-04T14:35:42.000Z |
| msrc_cve-2025-12969 | CVE-2025-12969 | 2025-11-02T00:00:00.000Z | 2025-12-04T14:35:35.000Z |
| msrc_cve-2025-39829 | trace/fgraph: Fix the warning caused by missing unregister notifier | 2025-09-02T00:00:00.000Z | 2025-12-04T01:01:45.000Z |
| msrc_cve-2025-39810 | bnxt_en: Fix memory corruption when FW resources change during ifdown | 2025-09-02T00:00:00.000Z | 2025-12-04T01:01:40.000Z |
| msrc_cve-2023-53292 | blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none | 2025-09-02T00:00:00.000Z | 2025-12-04T01:01:35.000Z |
| msrc_cve-2023-53261 | coresight: Fix memory leak in acpi_buffer->pointer | 2025-09-02T00:00:00.000Z | 2025-12-04T01:01:30.000Z |
| msrc_cve-2022-50266 | kprobes: Fix check for probe enabled in kill_kprobe() | 2025-09-02T00:00:00.000Z | 2025-12-04T01:01:24.000Z |
| msrc_cve-2025-11494 | GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds | 2025-10-02T00:00:00.000Z | 2025-12-03T01:39:19.000Z |
| msrc_cve-2025-4953 | Podman: build context bind mount | 2025-09-02T00:00:00.000Z | 2025-12-03T01:39:03.000Z |
| msrc_cve-2025-38626 | f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode | 2025-08-02T00:00:00.000Z | 2025-12-03T01:38:53.000Z |
| msrc_cve-2025-38615 | fs/ntfs3: cancle set bad inode after removing name fails | 2025-08-02T00:00:00.000Z | 2025-12-03T01:38:48.000Z |
| msrc_cve-2025-38597 | drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port | 2025-08-02T00:00:00.000Z | 2025-12-03T01:38:43.000Z |
| msrc_cve-2025-38659 | gfs2: No more self recovery | 2025-08-02T00:00:00.000Z | 2025-12-03T01:38:39.000Z |
| msrc_cve-2025-64506 | LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images | 2025-11-02T00:00:00.000Z | 2025-12-03T01:38:33.000Z |
| msrc_cve-2025-64505 | LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index | 2025-11-02T00:00:00.000Z | 2025-12-03T01:38:21.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-338-07 | Advantech iView | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-06 | SolisCloud Monitoring Platform | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-05 | Sunbird DCIM dcTrack and Power IQ | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-04 | Johnson Controls iSTAR | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-03 | Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-02 | MAXHUB Pivot | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-01 | Mitsubishi Electric GX Works2 | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-219-02 | Johnson Controls FX Server, FX80 and FX90 (Update A) | 2025-08-07T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-148-03 | Consilium Safety CS5000 Fire Panel (Update A) | 2025-05-29T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsma-25-336-01 | Mirion Medical EC2 Software NMIS BioDose | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-02 | Iskra iHUB and iHUB Lite | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-01 | Industrial Video & Control Longwatch | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-205-01 | Mitsubishi Electric CNC Series (Update A) | 2025-07-24T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-23-157-02 | Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update C) | 2023-06-06T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-329-06 | SiRcom SMART Alert (SiSA) | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-05 | Festo Compact Vision System, Control Block, Controller, and Operator Unit products | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-03 | Zenitel TCIV-3+ | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-02 | Rockwell Automation Arena Simulation | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-01 | Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-22-333-05 | Mitsubishi Electric FA Engineering Software (Update C) | 2022-12-05T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-04 | Opto 22 groov View | 2025-11-25T06:00:00.000000Z | 2025-11-25T06:00:00.000000Z |
| icsa-25-324-06 | Emerson Appleton UPSMON-PRO | 2025-11-20T07:00:00.000000Z | 2025-11-20T07:00:00.000000Z |
| icsa-25-324-01 | Automated Logic WebCTRL Premium Server | 2025-11-20T07:00:00.000000Z | 2025-11-20T07:00:00.000000Z |
| icsa-25-324-03 | Opto 22 GRV-EPIC and groov RIO | 2025-11-20T06:00:00.000000Z | 2025-11-20T06:00:00.000000Z |
| icsa-25-324-02 | ICAM365 CCTV Camera Multiple Models | 2025-11-20T06:00:00.000000Z | 2025-11-20T06:00:00.000000Z |
| icsa-25-322-05 | METZ CONNECT EWIO2 | 2025-11-18T12:00:00.000000Z | 2025-11-18T12:00:00.000000Z |
| icsa-25-322-03 | Shelly Pro 3EM | 2025-11-18T07:00:00.000000Z | 2025-11-18T07:00:00.000000Z |
| icsa-25-322-02 | Shelly Pro 4PM | 2025-11-18T07:00:00.000000Z | 2025-11-18T07:00:00.000000Z |
| icsa-25-317-12 | Siemens Spectrum Power 4 | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-317-11 | Siemens SICAM P850 family and SICAM P855 family | 2025-11-13T07:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T16:19:50+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-broadworks-xss-o696ymra | Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-10-21T15:13:31+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-snmp-x4lphte | Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-10-06T18:27:02+00:00 |
| cisco-sa-ios-tacacs-hdb7thjw | Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-10-01T16:39:50+00:00 |
| cisco-sa-cv-xss-rwrakaj9 | Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-cucm-stored-xss-fnj66yly | Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-cat9k-ptmd7bgy | Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-30T14:26:46+00:00 |
| cisco-sa-ap-ipv6-gw-tuazpn9o | Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-26T16:35:51+00:00 |
| cisco-sa-webui-xss-vwydgjou | Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-26T16:35:50+00:00 |
| cisco-sa-snmpwred-x3mjyf5m | Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-nbar-dos-lavwtmet | Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-iosxe-arg-inject-eyddbh4e | Cisco IOS XE Software CLI Argument Injection Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-ios-xe-cmd-inject-rpjm8bgl | Cisco IOS XE Software HTTP API Command Injection Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-ios-invalid-url-dos-nvxszf6u | Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-ios-cli-eb7cz6yo | Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0010 | Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0009 | Vulnerabilities affecting SICK TDC-E210GC | 2025-08-01T13:00:00.000Z | 2025-08-01T13:00:00.000Z |
| sca-2025-0008 | Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 | 2025-07-03T13:00:00.000Z | 2025-07-03T13:00:00.000Z |
| sca-2025-0007 | Multiple vulnerabilities in SICK Field Analytics and SICK Media Server | 2025-06-12T13:00:00.000Z | 2025-06-12T13:00:00.000Z |
| sca-2025-0003 | FreeRTOS Vulnerabilities have no impact on SICK Products | 2025-02-28T00:00:00.000Z | 2025-05-20T11:00:00.000Z |
| sca-2025-0006 | Vulnerability affecting picoScan and multiScan | 2025-04-28T13:00:00.000Z | 2025-04-28T13:00:00.000Z |
| sca-2025-0005 | Vulnerabilities in SICK Flexi Compact | 2025-04-28T10:00:00.000Z | 2025-04-28T10:00:00.000Z |
| sca-2025-0004 | Critical vulnerabilities in SICK DL100-2xxxxxxx | 2025-03-14T11:00:00.000Z | 2025-03-14T11:00:00.000Z |
| sca-2025-0001 | Multiple vulnerabilities in SICK MEAC300 | 2025-02-14T14:00:00.000Z | 2025-02-21T14:00:00.000Z |
| sca-2025-0002 | Vulnerability in SICK Lector8xx and SICK InspectorP8xx | 2025-02-14T10:19:00.000Z | 2025-02-14T10:19:00.000Z |
| sca-2024-0007 | Vulnerability in SICK OLM | 2024-12-31T00:00:00.000Z | 2024-12-31T00:00:00.000Z |
| sca-2024-0006 | Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx | 2024-12-06T00:00:00.000Z | 2024-12-06T00:00:00.000Z |
| sca-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| SCA-2024-0005 | Vulnerability in SICK Incoming Goods Suite | 2024-11-19T00:00:00.000Z | 2024-11-19T00:00:00.000Z |
| sca-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| SCA-2024-0004 | Third party vulnerabilities in SICK CDE-100 | 2024-11-07T12:00:00.000Z | 2024-11-07T12:00:00.000Z |
| sca-2024-0003 | Critical vulnerability in multiple SICK products | 2024-10-17T13:00:00.000Z | 2024-10-17T13:00:00.000Z |
| sca-2024-0002 | Vulnerability in SICK MSC800 | 2024-09-11T23:00:00.000Z | 2024-09-11T23:00:00.000Z |
| sca-2024-0001 | Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics | 2024-01-29T00:00:00.000Z | 2024-01-29T00:00:00.000Z |
| sca-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| SCA-2023-0011 | Vulnerability in multiple SICK Flexi Soft Gateways | 2023-10-23T11:00:00.000Z | 2023-10-23T11:00:00.000Z |
| sca-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| SCA-2023-0010 | Vulnerabilities in SICK Application Processing Unit | 2023-10-09T11:00:00.000Z | 2023-10-09T11:00:00.000Z |
| sca-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| SCA-2023-0008 | Vulnerability in SICK SIM1012 | 2023-09-29T13:00:00.000Z | 2023-09-29T13:00:00.000Z |
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| SCA-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| nn-2025:9-01 | Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:8-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:7-01 | Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:6-01 | Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:5-01 | Incorrect authorization for CLI in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:4-01 | Client-side path traversal in Guardian/CMC before 25.2.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:10-01 | Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 | 2025-10-07T11:00:00.000Z | 2025-10-07T11:00:00.000Z |
| nn-2025:3-01 | Incorrect authorization for traces request/download in CMC before 25.1.0 | 2025-08-26T11:00:00.000Z | 2025-08-26T11:00:00.000Z |
| nn-2025:2-01 | Privilege escalation in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2025:1-01 | Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 | 2025-06-10T11:00:00.000Z | 2025-06-10T11:00:00.000Z |
| nn-2024_2-01 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | 2024-09-11T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2024_1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2024:2-01 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | 2024-09-11T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_15-01 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0001 | OX App Suite Security Advisory OXAS-ADV-2025-0001 | 2025-01-27T00:00:00+01:00 | 2025-04-07T00:00:00+00:00 |
| oxdc-adv-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxdc-adv-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| OXDC-ADV-2024-0003 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| OXDC-ADV-2024-0002 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 | 2024-09-10T00:00:00+02:00 | 2024-09-10T00:00:00+00:00 |
| oxas-adv-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| OXAS-ADV-2024-0005 | OX App Suite Security Advisory OXAS-ADV-2024-0005 | 2024-07-08T00:00:00+02:00 | 2024-09-09T00:00:00+00:00 |
| oxdc-adv-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| OXDC-ADV-2024-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 | 2024-09-02T00:00:00+02:00 | 2024-09-06T00:00:00+00:00 |
| oxas-adv-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| OXAS-ADV-2024-0004 | OX App Suite Security Advisory OXAS-ADV-2024-0004 | 2024-06-13T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| OXAS-ADV-2024-0003 | OX App Suite Security Advisory OXAS-ADV-2024-0003 | 2024-04-24T00:00:00+02:00 | 2024-08-19T00:00:00+00:00 |
| oxas-adv-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| OXAS-ADV-2024-0002 | OX App Suite Security Advisory OXAS-ADV-2024-0002 | 2024-03-06T00:00:00+01:00 | 2024-05-06T00:00:00+00:00 |
| oxas-adv-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| OXAS-ADV-2024-0001 | OX App Suite Security Advisory OXAS-ADV-2024-0001 | 2024-02-08T00:00:00+01:00 | 2024-04-25T00:00:00+00:00 |
| oxas-adv-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| OXAS-ADV-2023-0007 | OX App Suite Security Advisory OXAS-ADV-2023-0007 | 2023-12-11T00:00:00+01:00 | 2024-02-16T00:00:00+00:00 |
| oxas-adv-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| oxas-adv-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Updated |
|---|---|---|
| var-202411-1650 | D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (R… | 2024-11-29T23:10:19.240000Z |
| var-202411-1640 | Linksys E3000 is a powerful dual-band Wireless-N router from Linksys, an American company… | 2024-11-29T23:10:19.018000Z |
| var-202411-0543 | A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-P… | 2024-11-29T23:09:56.296000Z |
| var-201507-0645 | D-Link is an internationally renowned provider of network equipment and solutions, includ… | 2024-11-29T23:09:49.324000Z |
| var-201807-0341 | ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… | 2024-11-29T23:09:47.475000Z |
| var-202411-1422 | D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm f… | 2024-11-29T23:09:36.483000Z |
| var-202411-1539 | D-LINK DI-8003 v16.07.26A1 was discovered to contain a buffer overflow via the host_ip pa… | 2024-11-29T23:08:33.376000Z |
| var-201103-0371 | SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… | 2024-11-29T23:08:28.292000Z |
| var-202410-3364 | In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string … | 2024-11-29T23:07:43.747000Z |
| var-202411-1441 | D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the notify par… | 2024-11-29T23:07:42.700000Z |
| var-201112-0173 | The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … | 2024-11-29T23:07:06.630000Z |
| var-201011-0225 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … | 2024-11-29T23:04:25.952000Z |
| var-202407-0046 | mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely exec… | 2024-11-29T23:04:10.837000Z |
| var-202410-2013 | In mm_GetMobileIdIndexForNsUpdate of mm_GmmPduCodec.c, there is a possible out of bounds … | 2024-11-29T23:04:10.282000Z |
| var-201105-0156 | Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 30… | 2024-11-29T22:59:31.553000Z |
| var-200702-0378 | Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … | 2024-11-29T22:58:37.276000Z |
| var-201112-0297 | Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… | 2024-11-29T22:57:57.328000Z |
| var-201407-0233 | Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote atta… | 2024-11-29T22:56:23.397000Z |
| var-201809-0087 | WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… | 2024-11-29T22:56:15.896000Z |
| var-202411-1458 | Cross Site Scripting vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink… | 2024-11-29T22:56:03.034000Z |
| var-201109-0089 | Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… | 2024-11-29T22:54:40.239000Z |
| var-201908-0863 | Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… | 2024-11-29T22:54:30.971000Z |
| var-201402-0027 | The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… | 2024-11-29T22:51:33.128000Z |
| var-201402-0028 | The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… | 2024-11-29T22:51:32.785000Z |
| var-201402-0026 | Buffer overflow in the process_ra function in the router advertisement daemon (radvd) bef… | 2024-11-29T22:51:32.731000Z |
| var-201803-1810 | A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … | 2024-11-29T22:51:22.051000Z |
| var-201810-0396 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… | 2024-11-29T22:51:21.315000Z |
| var-201906-1029 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… | 2024-11-29T22:51:20.239000Z |
| var-201702-0423 | An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… | 2024-11-29T22:49:47.108000Z |
| var-201801-0151 | A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior … | 2024-11-29T22:49:45.101000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000094 | Multiple vulnerabilities in ABB Terra AC Wallbox | 2025-12-05T14:12+09:00 | 2025-12-05T14:12+09:00 |
| jvndb-2025-000112 | Installer of INZONE Hub may insecurely load Dynamic Link Libraries | 2025-11-28T13:36+09:00 | 2025-11-28T13:36+09:00 |
| jvndb-2025-000111 | SwitchBot Smart Video Doorbell vulnerable to active debug code | 2025-11-26T14:35+09:00 | 2025-11-26T14:35+09:00 |
| jvndb-2025-000110 | Multiple vulnerabilities in Security Point (Windows) of MaLion | 2025-11-25T17:17+09:00 | 2025-11-25T17:17+09:00 |
| jvndb-2025-000109 | Multiple vulnerabilities in SNC-CX600W | 2025-11-25T14:59+09:00 | 2025-11-25T14:59+09:00 |
| jvndb-2025-000108 | "FOD" App uses hard-coded cryptographic keys | 2025-11-25T14:15+09:00 | 2025-11-25T14:15+09:00 |
| jvndb-2025-000106 | Multiple vulnerabilities in LogStare Collector | 2025-11-21T16:27+09:00 | 2025-11-21T16:27+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-11-21T15:31+09:00 |
| jvndb-2025-000107 | Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries | 2025-11-19T16:22+09:00 | 2025-11-19T16:22+09:00 |
| jvndb-2025-000097 | "Dejira" App for iOS vulnerable to improper server certificate verification | 2025-11-17T14:09+09:00 | 2025-11-17T14:09+09:00 |
| jvndb-2025-000105 | NCP-HG100 vulnerable to OS command injection | 2025-11-14T15:26+09:00 | 2025-11-14T15:26+09:00 |
| jvndb-2025-000104 | Multiple vulnerabilities in GNU Libmicrohttpd | 2025-11-10T15:07+09:00 | 2025-11-10T15:07+09:00 |
| jvndb-2025-000103 | Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series" | 2025-11-07T15:39+09:00 | 2025-11-07T15:39+09:00 |
| jvndb-2025-000102 | CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection | 2025-11-07T14:55+09:00 | 2025-11-07T14:55+09:00 |
| jvndb-2025-000101 | GROWI vulnerable to stored cross-site scripting | 2025-11-06T13:45+09:00 | 2025-11-06T13:45+09:00 |
| jvndb-2024-013260 | Multiple vulnerabilities in Edgecross Basic Software for Windows | 2024-11-22T10:59+09:00 | 2025-11-04T16:41+09:00 |
| jvndb-2025-017972 | Multiple vulnerabilities in Century Systems FutureNet MA and IP-K series | 2025-11-04T16:37+09:00 | 2025-11-04T16:37+09:00 |
| jvndb-2025-000100 | Multiple Roboticsware products register Windows services with unquoted file paths | 2025-11-04T14:17+09:00 | 2025-11-04T14:17+09:00 |
| jvndb-2025-000098 | Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path | 2025-11-04T13:51+09:00 | 2025-11-04T13:51+09:00 |
| jvndb-2025-000099 | Progress Flowmon vulnerable to authenticated OS command injection | 2025-11-04T12:47+09:00 | 2025-11-04T12:47+09:00 |
| jvndb-2025-000096 | Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries | 2025-10-29T14:17+09:00 | 2025-10-29T14:17+09:00 |
| jvndb-2025-000095 | MZK-DP300N uses hard-coded credentials | 2025-10-28T14:04+09:00 | 2025-10-28T14:04+09:00 |
| jvndb-2025-014793 | NIHON KOHDEN Central Monitor CNS-6201 vulnerable to NULL pointer dereference | 2025-10-01T11:35+09:00 | 2025-10-27T12:28+09:00 |
| jvndb-2025-000093 | Multiple stored cross-site scripting vulnerabilities in Pleasanter | 2025-10-24T15:11+09:00 | 2025-10-24T15:11+09:00 |
| jvndb-2025-000084 | GROWI vulnerable to cross-site scripting | 2025-10-22T15:44+09:00 | 2025-10-22T15:44+09:00 |
| jvndb-2025-000091 | I-O DATA NarSuS App registers a Windows service with an unquoted file path | 2025-10-22T15:04+09:00 | 2025-10-22T15:04+09:00 |
| jvndb-2025-000090 | Multiple stored cross-site scripting vulnerabilities in Movable Type | 2025-10-22T13:54+09:00 | 2025-10-22T13:54+09:00 |
| jvndb-2025-000088 | Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel | 2025-10-20T16:17+09:00 | 2025-10-22T10:06+09:00 |
| jvndb-2025-000092 | ETERNUS SF vulnerable to incorrect default permissions | 2025-10-20T14:20+09:00 | 2025-10-20T14:20+09:00 |
| jvndb-2025-000089 | Installer of AutoDownloader may insecurely load Dynamic Link Libraries | 2025-10-17T13:38+09:00 | 2025-10-17T13:38+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2025-008 | TS-2025-008 | 2025-11-19T00:00 |
| ts-2025-007 | TS-2025-007 | 2025-11-07T00:00 |
| ts-2025-006 | TS-2025-006 | 2025-10-28T00:00 |
| ts-2025-005 | TS-2025-005 | 2025-08-07T00:00 |
| ts-2025-004 | TS-2025-004 | 2025-05-27T00:00 |
| ts-2025-003 | TS-2025-003 | 2025-05-21T00:00 |
| ts-2025-002 | TS-2025-002 | 2025-05-15T00:00 |
| ts-2025-001 | TS-2025-001 | 2025-03-07T00:00 |
| ts-2024-013 | TS-2024-013 | 2024-12-04T00:00 |
| ts-2024-012 | TS-2024-012 | 2024-10-02T00:00 |
| ts-2024-011 | TS-2024-011 | 2024-07-22T00:00 |
| ts-2024-010 | TS-2024-010 | 2024-07-19T00:00 |
| ts-2024-009 | TS-2024-009 | 2024-06-27T00:00 |
| ts-2024-008 | TS-2024-008 | 2024-06-14T00:00 |
| ts-2024-007 | TS-2024-007 | 2024-06-12T00:00 |
| ts-2024-006 | TS-2024-006 | 2024-05-22T00:00 |
| ts-2024-005 | TS-2024-005 | 2024-05-08T00:00 |
| ts-2024-004 | TS-2024-004 | 2024-05-06T00:00 |
| ts-2024-003 | TS-2024-003 | 2024-04-23T00:00 |
| ts-2024-002 | TS-2024-002 | 2024-01-30T00:00 |
| ts-2024-001 | TS-2024-001 | 2024-01-08T00:00 |
| ts-2023-009 | TS-2023-009 | 2023-12-22T00:00 |
| ts-2023-008 | TS-2023-008 | 2023-11-01T00:00 |
| ts-2023-007 | TS-2023-007 | 2023-10-26T00:00 |
| ts-2023-006 | TS-2023-006 | 2023-08-22T00:00 |
| ts-2023-005 | TS-2023-005 | 2023-04-28T00:00 |
| ts-2023-004 | TS-2023-004 | 2023-04-04T00:00 |
| ts-2023-003 | TS-2023-003 | 2023-03-22T00:00 |
| ts-2023-002 | TS-2023-002 | 2023-01-24T00:00 |
| ts-2023-001 | TS-2023-001 | 2023-01-17T00:00 |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010 | 7.3 (v3.1) | Unitree Multiple Robotic Products Command Injection |
Unitree |
Go2 |
2025-09-26T06:53:49.585Z | 2025-09-26T15:16:57.586Z |
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 | 4.3 (v3.1) | Unauthenticated leak of sensitive information affectin… |
Brother Industries, Ltd |
HL-L8260CDN |
2025-08-12T15:23:00.577Z | 2025-08-15T05:53:23.017Z |