Recent vulnerabilities

Recent vulnerabilities from
Select from 69 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-5104
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R cstecgi.cgi setStaticRoute command injection Totolink
 A3300R
 2026-03-30T02:00:15.646Z 2026-03-30T02:00:15.646Z
CVE-2026-3124
7.5 (3.1)
Download Monitor <= 5.1.7 - Insecure Direct Object Ref… wpchill
 Download Monitor
 2026-03-30T01:24:44.783Z 2026-03-30T01:24:44.783Z
CVE-2025-15036
9.6 (3.0)
Path Traversal Vulnerability in mlflow/mlflow mlflow
 mlflow/mlflow
 2026-03-30T01:16:06.400Z 2026-03-30T01:16:06.400Z
CVE-2026-5103
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R cstecgi.cgi setUPnPCfg command injection Totolink
 A3300R
 2026-03-30T01:00:20.917Z 2026-03-30T01:00:20.917Z
CVE-2025-7741
2.1 (4.0)
Hardcoded Password Vulnerability have been found … Yokogawa Electric Corporation
 CENTUM VP
 2026-03-30T00:01:11.948Z 2026-03-30T00:01:11.948Z
CVE-2026-5102
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R Parameter cstecgi.cgi setSmartQosCfg c… Totolink
 A3300R
 2026-03-30T00:00:20.436Z 2026-03-30T00:00:20.436Z
CVE-2026-2370
8.1 (3.1)
Improper Handling of Parameters in GitLab GitLab
 GitLab
 2026-03-29T23:33:44.410Z 2026-03-29T23:33:44.410Z
CVE-2026-5101
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R Parameter cstecgi.cgi setLanCfg comman… Totolink
 A3300R
 2026-03-29T23:00:15.592Z 2026-03-29T23:00:15.592Z
CVE-2026-4176
N/A
Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.… SHAY
 perl
 2026-03-29T20:50:51.058Z 2026-03-29T20:50:51.058Z
CVE-2026-4946
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
CVE-2026-0558
7.5 (3.0)
Unauthenticated File Upload in parisneo/lollms parisneo
 parisneo/lollms
 2026-03-29T17:53:08.003Z 2026-03-29T17:53:08.003Z
CVE-2026-0560
7.5 (3.0)
Server-Side Request Forgery (SSRF) in parisneo/lollms parisneo
 parisneo/lollms
 2026-03-29T17:51:20.708Z 2026-03-29T17:51:20.708Z
CVE-2026-0562
8.3 (3.0)
Insecure Direct Object Reference (IDOR) in parisneo/lollms parisneo
 parisneo/lollms
 2026-03-29T17:49:44.461Z 2026-03-29T17:49:44.461Z
CVE-2026-34005
8.8 (3.1)
In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and … Xiongmai
 DVR/NVR devices
 2026-03-29T17:02:15.445Z 2026-03-29T17:09:28.999Z
CVE-2026-5046
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet sta… Tenda
 FH1201
 2026-03-29T14:15:12.643Z 2026-03-29T14:15:12.643Z
CVE-2025-53521
9.8 (3.1)
9.3 (4.0)
BigIP APM Vulnerability F5
 BIG-IP
 2025-10-15T13:55:52.694Z 2026-03-29T13:56:45.917Z
CVE-2026-28369
8.7 (3.1)
Undertow: undertow: request smuggling via malformed ht… Red Hat
 Red Hat build of Apache Camel for Spring Boot 4
 2026-03-27T16:13:05.719Z 2026-03-29T13:56:11.063Z
CVE-2025-15445
5.4 (3.1)
Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary … Unknown
 Restaurant Cafeteria
 2026-03-28T06:00:07.103Z 2026-03-29T13:49:16.577Z
CVE-2026-5045
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda FH1201 Parameter WrlclientSet stack-based overflow Tenda
 FH1201
 2026-03-29T13:15:12.383Z 2026-03-29T13:15:12.383Z
CVE-2026-23400
N/A
rust_binder: call set_notification_done() without proc lock Linux
 Linux
 2026-03-29T12:55:50.660Z 2026-03-29T12:55:50.660Z
CVE-2026-33575
8.6 (4.0)
7.5 (3.1)
OpenClaw < 2026.3.12 - Long-lived Credential Exposure … OpenClaw
 OpenClaw
 2026-03-29T12:44:32.407Z 2026-03-29T12:44:32.407Z
CVE-2026-33574
5.8 (4.0)
6.2 (3.1)
OpenClaw < 2026.3.8 - Path Traversal via Tools Root Re… OpenClaw
 OpenClaw
 2026-03-29T12:44:31.816Z 2026-03-29T12:44:31.816Z
CVE-2026-33573
8.8 (3.1)
OpenClaw < 2026.3.11 - Workspace Boundary Bypass via A… OpenClaw
 OpenClaw
 2026-03-29T12:44:31.060Z 2026-03-29T12:44:31.060Z
CVE-2026-33572
6.8 (4.0)
8.4 (3.1)
OpenClaw < 2026.2.17 - Insufficient File Permissions i… OpenClaw
 OpenClaw
 2026-03-29T12:44:30.369Z 2026-03-29T12:44:30.369Z
CVE-2026-32987
9.3 (4.0)
9.8 (3.1)
OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via… OpenClaw
 OpenClaw
 2026-03-29T12:44:29.705Z 2026-03-29T12:44:29.705Z
CVE-2026-32980
8.7 (4.0)
7.5 (3.1)
OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthe… OpenClaw
 OpenClaw
 2026-03-29T12:44:28.919Z 2026-03-29T12:44:28.919Z
CVE-2026-32979
7.3 (3.1)
OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime… OpenClaw
 OpenClaw
 2026-03-29T12:44:28.226Z 2026-03-29T12:44:28.226Z
CVE-2026-32978
8 (3.1)
OpenClaw < 2026.3.11 - Approval Bypass via Unrecognize… OpenClaw
 OpenClaw
 2026-03-29T12:44:27.571Z 2026-03-29T12:44:27.571Z
CVE-2026-32975
6.9 (4.0)
9.8 (3.1)
OpenClaw < 2026.3.12 - Weak Authorization via Mutable … OpenClaw
 OpenClaw
 2026-03-29T12:44:26.875Z 2026-03-29T12:44:26.875Z
CVE-2026-32974
8.6 (3.1)
OpenClaw < 2026.3.12 - Forged Event Injection via Feis… OpenClaw
 OpenClaw
 2026-03-29T12:44:26.283Z 2026-03-29T12:44:26.283Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-5104
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R cstecgi.cgi setStaticRoute command injection Totolink
 A3300R
 2026-03-30T02:00:15.646Z 2026-03-30T02:00:15.646Z
CVE-2026-5103
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R cstecgi.cgi setUPnPCfg command injection Totolink
 A3300R
 2026-03-30T01:00:20.917Z 2026-03-30T01:00:20.917Z
CVE-2026-3124
7.5 (3.1)
Download Monitor <= 5.1.7 - Insecure Direct Object Ref… wpchill
 Download Monitor
 2026-03-30T01:24:44.783Z 2026-03-30T01:24:44.783Z
CVE-2025-15036
9.6 (3.0)
Path Traversal Vulnerability in mlflow/mlflow mlflow
 mlflow/mlflow
 2026-03-30T01:16:06.400Z 2026-03-30T01:16:06.400Z
CVE-2026-5102
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R Parameter cstecgi.cgi setSmartQosCfg c… Totolink
 A3300R
 2026-03-30T00:00:20.436Z 2026-03-30T00:00:20.436Z
CVE-2026-2370
8.1 (3.1)
Improper Handling of Parameters in GitLab GitLab
 GitLab
 2026-03-29T23:33:44.410Z 2026-03-29T23:33:44.410Z
CVE-2025-7741
2.1 (4.0)
Hardcoded Password Vulnerability have been found … Yokogawa Electric Corporation
 CENTUM VP
 2026-03-30T00:01:11.948Z 2026-03-30T00:01:11.948Z
CVE-2026-5101
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
Totolink A3300R Parameter cstecgi.cgi setLanCfg comman… Totolink
 A3300R
 2026-03-29T23:00:15.592Z 2026-03-29T23:00:15.592Z
CVE-2026-4176
N/A
Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.… SHAY
 perl
 2026-03-29T20:50:51.058Z 2026-03-29T20:50:51.058Z
CVE-2026-4946
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
CVE-2026-0562
8.3 (3.0)
Insecure Direct Object Reference (IDOR) in parisneo/lollms parisneo
 parisneo/lollms
 2026-03-29T17:49:44.461Z 2026-03-29T17:49:44.461Z
CVE-2026-0560
7.5 (3.0)
Server-Side Request Forgery (SSRF) in parisneo/lollms parisneo
 parisneo/lollms
 2026-03-29T17:51:20.708Z 2026-03-29T17:51:20.708Z
CVE-2026-0558
7.5 (3.0)
Unauthenticated File Upload in parisneo/lollms parisneo
 parisneo/lollms
 2026-03-29T17:53:08.003Z 2026-03-29T17:53:08.003Z
CVE-2026-34005
8.8 (3.1)
In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and … Xiongmai
 DVR/NVR devices
 2026-03-29T17:02:15.445Z 2026-03-29T17:09:28.999Z
CVE-2026-5046
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet sta… Tenda
 FH1201
 2026-03-29T14:15:12.643Z 2026-03-29T14:15:12.643Z
CVE-2026-5045
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda FH1201 Parameter WrlclientSet stack-based overflow Tenda
 FH1201
 2026-03-29T13:15:12.383Z 2026-03-29T13:15:12.383Z
CVE-2025-15445
5.4 (3.1)
Restaurant Cafeteria <= 0.4.6 - Subscriber+ Arbitrary … Unknown
 Restaurant Cafeteria
 2026-03-28T06:00:07.103Z 2026-03-29T13:49:16.577Z
CVE-2026-5044
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Belkin F9K1122 Setting formSetSystemSettings stack-bas… Belkin
 F9K1122
 2026-03-29T12:15:10.537Z 2026-03-29T12:15:10.537Z
CVE-2026-33575
8.6 (4.0)
7.5 (3.1)
OpenClaw < 2026.3.12 - Long-lived Credential Exposure … OpenClaw
 OpenClaw
 2026-03-29T12:44:32.407Z 2026-03-29T12:44:32.407Z
CVE-2026-33574
5.8 (4.0)
6.2 (3.1)
OpenClaw < 2026.3.8 - Path Traversal via Tools Root Re… OpenClaw
 OpenClaw
 2026-03-29T12:44:31.816Z 2026-03-29T12:44:31.816Z
CVE-2026-33573
8.8 (3.1)
OpenClaw < 2026.3.11 - Workspace Boundary Bypass via A… OpenClaw
 OpenClaw
 2026-03-29T12:44:31.060Z 2026-03-29T12:44:31.060Z
CVE-2026-33572
6.8 (4.0)
8.4 (3.1)
OpenClaw < 2026.2.17 - Insufficient File Permissions i… OpenClaw
 OpenClaw
 2026-03-29T12:44:30.369Z 2026-03-29T12:44:30.369Z
CVE-2026-32987
9.3 (4.0)
9.8 (3.1)
OpenClaw < 2026.3.13 - Bootstrap Setup Code Replay via… OpenClaw
 OpenClaw
 2026-03-29T12:44:29.705Z 2026-03-29T12:44:29.705Z
CVE-2026-32980
8.7 (4.0)
7.5 (3.1)
OpenClaw < 2026.3.13 - Resource Exhaustion via Unauthe… OpenClaw
 OpenClaw
 2026-03-29T12:44:28.919Z 2026-03-29T12:44:28.919Z
CVE-2026-32979
7.3 (3.1)
OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime… OpenClaw
 OpenClaw
 2026-03-29T12:44:28.226Z 2026-03-29T12:44:28.226Z
CVE-2026-32978
8 (3.1)
OpenClaw < 2026.3.11 - Approval Bypass via Unrecognize… OpenClaw
 OpenClaw
 2026-03-29T12:44:27.571Z 2026-03-29T12:44:27.571Z
CVE-2026-32975
6.9 (4.0)
9.8 (3.1)
OpenClaw < 2026.3.12 - Weak Authorization via Mutable … OpenClaw
 OpenClaw
 2026-03-29T12:44:26.875Z 2026-03-29T12:44:26.875Z
CVE-2026-32974
8.6 (3.1)
OpenClaw < 2026.3.12 - Forged Event Injection via Feis… OpenClaw
 OpenClaw
 2026-03-29T12:44:26.283Z 2026-03-29T12:44:26.283Z
CVE-2026-32973
8.8 (4.0)
9.8 (3.1)
OpenClaw < 2026.3.11 - Exec Allowlist Pattern Overmatc… OpenClaw
 OpenClaw
 2026-03-29T12:44:25.567Z 2026-03-29T12:44:25.567Z
CVE-2026-32972
7.1 (3.1)
OpenClaw < 2026.3.11 - Authorization Bypass in Browser… OpenClaw
 OpenClaw
 2026-03-29T12:44:24.909Z 2026-03-29T12:44:24.909Z
ID Description Published Updated
fkie_cve-2026-5102 A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. This vulnerability a… 2026-03-30T00:16:01.997 2026-03-30T00:16:01.997
fkie_cve-2026-2370 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9… 2026-03-30T00:16:01.800 2026-03-30T00:16:01.800
fkie_cve-2025-7741 Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded p… 2026-03-30T00:16:00.943 2026-03-30T00:16:00.943
fkie_cve-2026-5101 A vulnerability was identified in Totolink A3300R 17.0.0cu.557_b20221024. This affects the function… 2026-03-29T23:16:48.597 2026-03-29T23:16:48.597
fkie_cve-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.… 2026-03-29T21:16:15.717 2026-03-29T21:16:15.717
fkie_cve-2026-4946 Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically … 2026-03-29T20:16:12.723 2026-03-29T20:16:12.723
fkie_cve-2026-0562 A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated … 2026-03-29T18:16:14.460 2026-03-29T18:16:14.460
fkie_cve-2026-0560 A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.… 2026-03-29T18:16:14.303 2026-03-29T18:16:14.303
fkie_cve-2026-0558 A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users… 2026-03-29T18:16:13.250 2026-03-29T18:16:13.250
fkie_cve-2026-34005 In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command inje… 2026-03-29T17:16:44.257 2026-03-29T17:16:44.257
fkie_cve-2026-5046 A flaw has been found in Tenda FH1201 1.2.0.14(408). Affected is the function formWrlExtraSet of th… 2026-03-29T15:16:36.990 2026-03-29T15:16:36.990
fkie_cve-2026-5045 A vulnerability was detected in Tenda FH1201 1.2.0.14(408). This impacts the function WrlclientSet … 2026-03-29T14:16:32.547 2026-03-29T14:16:32.547
fkie_cve-2025-15445 The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without … 2026-03-28T06:16:00.137 2026-03-29T14:16:31.087
fkie_cve-2026-5044 A security vulnerability has been detected in Belkin F9K1122 1.00.33. This affects the function for… 2026-03-29T13:17:03.573 2026-03-29T13:17:03.573
fkie_cve-2026-33575 OpenClaw before 2026.3.12 embeds long-lived shared gateway credentials directly in pairing setup co… 2026-03-29T13:17:03.370 2026-03-29T13:17:03.370
fkie_cve-2026-33574 OpenClaw before 2026.3.8 contains a path traversal vulnerability in the skills download installer t… 2026-03-29T13:17:03.173 2026-03-29T13:17:03.173
fkie_cve-2026-33573 OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC t… 2026-03-29T13:17:02.980 2026-03-29T13:17:02.980
fkie_cve-2026-33572 OpenClaw before 2026.2.17 creates session transcript JSONL files with overly broad default permissi… 2026-03-29T13:17:02.770 2026-03-29T13:17:02.770
fkie_cve-2026-32987 OpenClaw before 2026.3.13 allows bootstrap setup codes to be replayed during device pairing verific… 2026-03-29T13:17:02.563 2026-03-29T13:17:02.563
fkie_cve-2026-32980 OpenClaw before 2026.3.13 reads and buffers Telegram webhook request bodies before validating the x… 2026-03-29T13:17:02.353 2026-03-29T13:17:02.353
fkie_cve-2026-32979 OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execut… 2026-03-29T13:17:02.157 2026-03-29T13:17:02.157
fkie_cve-2026-32978 OpenClaw before 2026.3.11 contains an approval integrity vulnerability where system.run approvals f… 2026-03-29T13:17:01.963 2026-03-29T13:17:01.963
fkie_cve-2026-32975 OpenClaw before 2026.3.12 contains a weak authorization vulnerability in Zalouser allowlist mode th… 2026-03-29T13:17:01.763 2026-03-29T13:17:01.763
fkie_cve-2026-32974 OpenClaw before 2026.3.12 contains an authentication bypass vulnerability in Feishu webhook mode wh… 2026-03-29T13:17:01.570 2026-03-29T13:17:01.570
fkie_cve-2026-32973 OpenClaw before 2026.3.11 contains an exec allowlist bypass vulnerability where matchesExecAllowlis… 2026-03-29T13:17:01.367 2026-03-29T13:17:01.367
fkie_cve-2026-32972 OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing authenticated ope… 2026-03-29T13:17:01.167 2026-03-29T13:17:01.167
fkie_cve-2026-32924 OpenClaw before 2026.3.12 contains an authorization bypass vulnerability where Feishu reaction even… 2026-03-29T13:17:00.963 2026-03-29T13:17:00.963
fkie_cve-2026-32923 OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in Discord guild reaction … 2026-03-29T13:17:00.767 2026-03-29T13:17:00.767
fkie_cve-2026-32922 OpenClaw before 2026.3.11 contains a privilege escalation vulnerability in device.token.rotate that… 2026-03-29T13:17:00.573 2026-03-29T13:17:00.573
fkie_cve-2026-32919 OpenClaw before 2026.3.11 contains an authorization bypass vulnerability allowing write-scoped call… 2026-03-29T13:17:00.380 2026-03-29T13:17:00.380
ID Severity Description Published Updated
ghsa-mp6c-hc7j-7fh2
2.1 (4.0)
Hardcoded Password Vulnerability have been found in CENTUM. Affected products contain a hardcoded p… 2026-03-30T00:31:08Z 2026-03-30T00:31:08Z
ghsa-h2wr-p8mq-wj29
6.3 (3.1)
2.1 (4.0)
A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. This vulnerability a… 2026-03-30T00:31:08Z 2026-03-30T00:31:08Z
ghsa-g68w-w4h2-fr59
8.1 (3.1)
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9… 2026-03-30T00:31:08Z 2026-03-30T00:31:08Z
ghsa-452m-gc7f-x9g5
6.3 (3.1)
2.1 (4.0)
A vulnerability was identified in Totolink A3300R 17.0.0cu.557_b20221024. This affects the function… 2026-03-30T00:31:08Z 2026-03-30T00:31:08Z
ghsa-q2q4-jjp8-f6m3
Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.… 2026-03-29T21:30:21Z 2026-03-29T21:30:21Z
ghsa-3wfw-pwxc-r3x9
8.8 (3.1)
Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically … 2026-03-29T21:30:21Z 2026-03-29T21:30:21Z
ghsa-rqmp-494m-8qgf
7.5 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in parisneo/lollms versions prior to 2.2.… 2026-03-29T18:30:20Z 2026-03-29T18:30:20Z
ghsa-4574-jvgw-55gr
7.5 (3.1)
A vulnerability in parisneo/lollms, up to and including version 2.2.0, allows unauthenticated users… 2026-03-29T18:30:19Z 2026-03-29T18:30:20Z
ghsa-2j48-mfm5-x2hv
8.3 (3.1)
A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated … 2026-03-29T18:30:20Z 2026-03-29T18:30:20Z
ghsa-2969-xpvc-282x
8.8 (3.1)
In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command inje… 2026-03-29T18:30:19Z 2026-03-29T18:30:19Z
ghsa-w8q8-93cx-6h7r
8.7 (3.1)
8.8 (4.0)
jsrsasign: Missing cryptographic validation during DSA signing enables private key extraction 2026-03-23T06:30:29Z 2026-03-29T15:51:59Z
ghsa-8g7p-jf3g-gxcp
7.5 (3.1)
7.7 (4.0)
jsrsasign is vulnerable to DoS through Infinite Loop when processing zero or negative inputs 2026-03-23T06:30:29Z 2026-03-29T15:51:28Z
ghsa-4hmj-39m8-jwc7
OpenClaw has ACP CLI approval prompt ANSI escape sequence injection 2026-03-29T15:50:41Z 2026-03-29T15:50:41Z
ghsa-j4c9-w69r-cw33
OpenClaw: Telegram DM-Scoped Inline Button Callbacks Bypass DM Pairing and Mutate Session State 2026-03-29T15:50:23Z 2026-03-29T15:50:23Z
ghsa-mf5g-6r6f-ghhm
OpenClaw: Synology Chat Webhook Pre-Auth Rate-Limit Bypass Enables Brute-Force Guessing of Webhook Token 2026-03-29T15:50:09Z 2026-03-29T15:50:09Z
ghsa-rf6h-5gpw-qrgq
OpenClaw: MS Teams Feedback Invocation Bypasses Sender Allowlists and Records Unauthorized Session … 2026-03-29T15:49:50Z 2026-03-29T15:49:50Z
ghsa-h4jx-hjr3-fhgc
OpenClaw: Gateway Plugin Subagent Fallback `deleteSession` Uses Synthetic `operator.admin` 2026-03-29T15:49:34Z 2026-03-29T15:49:34Z
ghsa-77w2-crqv-cmv3
OpenClaw: Feishu Raw Card Send Surface Can Mint Legacy Card Callbacks That Bypass DM Pairing 2026-03-29T15:49:17Z 2026-03-29T15:49:17Z
ghsa-3h52-cx59-c456
OpenClaw: Feishu webhook reads and parses unauthenticated request bodies before signature validation 2026-03-29T15:48:58Z 2026-03-29T15:48:58Z
ghsa-rhfg-j8jq-7v2h
OpenClaw: SSRF via Unguarded Configured Base URLs in Multiple Channel Extensions (Incomplete Fix fo… 2026-03-29T15:48:42Z 2026-03-29T15:48:42Z
ghsa-52q4-3xjc-6778
OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName 2026-03-29T15:48:15Z 2026-03-29T15:48:15Z
ghsa-q2qc-744p-66r2
OpenClaw: `session_status` sessionId resolution bypasses sandboxed session-tree visibility 2026-03-29T15:47:50Z 2026-03-29T15:47:50Z
ghsa-5jvj-hxmh-6h6j
5.3 (4.0)
OpenClaw: Gateway HTTP Session History Route Bypasses Operator Read Scope 2026-03-29T15:46:40Z 2026-03-29T15:46:40Z
ghsa-q35r-vvhv-vx5h
4.3 (3.1)
Keycloak: Missing Role Enforcement on UMA 2.0 Permission Ticket Endpoint Leads to Information Disclosure 2026-03-26T21:31:26Z 2026-03-29T15:46:10Z
ghsa-7xf9-4jfc-wgm4
6.5 (3.1)
Keycloak: manage-clients permission escalates to full realm admin access 2026-03-26T21:31:26Z 2026-03-29T15:45:17Z
ghsa-qpfv-44f3-qqx6
8.3 (4.0)
MikroORM has Prototype Pollution in Utils.merge 2026-03-29T15:44:16Z 2026-03-29T15:44:16Z
ghsa-gwhv-j974-6fxm
9.3 (4.0)
MikroORM is vulnerable to SQL Injection via specially crafted object 2026-03-29T15:44:04Z 2026-03-29T15:44:04Z
ghsa-g3hj-mf85-679g
5.4 (3.1)
AVideo: IDOR in uploadPoster.php Allows Any Authenticated User to Overwrite Scheduled Live Stream P… 2026-03-29T15:41:44Z 2026-03-29T15:41:44Z
ghsa-2rm7-j397-3fqg
6.3 (3.1)
AVideo: Missing Authorization in Playlist Schedule Creation Allows Cross-User Broadcast Hijacking 2026-03-29T15:41:33Z 2026-03-29T15:41:33Z
ghsa-wprj-9cvc-5w37
7.5 (3.1)
AVideo: Unauthenticated Access to Payment Log DataTables Endpoints Exposes Transaction Data, PayPal… 2026-03-29T15:40:52Z 2026-03-29T15:40:52Z
ID Severity Description Package Published Updated
pysec-2026-3
After an API token exposure from an exploited Trivy dependency, two new releases of `teln… telnyx 2026-03-27T14:53:14Z
pysec-2026-2
After an API Token exposure from an exploited Trivy dependency, two new releases of `lite… litellm 2026-03-24T15:35:32Z
pysec-2024-85
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.848846Z
pysec-2024-84
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.756762Z
pysec-2024-83
7.5 (3.1)
Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.662671Z
pysec-2024-82
8.8 (3.1)
Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… mindsdb 2024-09-12T13:15:00Z 2026-03-03T16:29:37.563380Z
pysec-2023-278
5.3 (3.1)
MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… mindsdb 2023-12-11T21:15:00Z 2026-03-03T16:29:37.448520Z
pysec-2023-121
A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as a… zstd 2023-03-31T20:15:00+00:00 2026-02-25T19:20:58+00:00
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious version… dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2020-220
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… ansible 2020-10-05T14:15:00Z 2025-10-31T04:43:53.616247Z
pysec-2025-72
The `num2words` project was compromised via a phishing attack and two new versions were u… num2words 2025-07-31T14:34:47+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas… cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen… langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2024-259
9.8 (3.1)
In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m… torch 2024-10-29T21:15:04+00:00 2025-07-16T03:09:57.748865+00:00
pysec-2024-258
In scrapy/scrapy, an issue was identified where the Authorization header is not removed d… scrapy 2024-05-20T08:15:08+00:00 2025-07-15T17:37:50.051730+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem… roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil… upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0… llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap … pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0… python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform… apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack… apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2024-257
7.5 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2024-03-22T23:15:07+00:00 2025-06-30T15:23:50.085549+00:00
pysec-2025-58
8.8 (3.1)
vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl… vllm 2025-01-27T18:15:41+00:00 2025-06-27T21:22:36.583615+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
ID Description Updated
gsd-2024-33903 In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede… 2024-04-29T05:02:07.295775Z
gsd-2024-33902 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.486429Z
gsd-2024-33901 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.525896Z
gsd-2024-33900 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.290639Z
gsd-2024-33899 RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr… 2024-04-29T05:02:07.400574Z
gsd-2024-33898 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287632Z
gsd-2024-33897 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.283756Z
gsd-2024-33896 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.313250Z
gsd-2024-33895 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.493081Z
gsd-2024-33894 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.488420Z
gsd-2024-33893 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.381761Z
gsd-2024-33892 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.378170Z
gsd-2024-33891 Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th… 2024-04-29T05:02:07.412035Z
gsd-2024-33890 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.344384Z
gsd-2024-33889 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.392587Z
gsd-2024-33888 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.468423Z
gsd-2024-33887 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.503613Z
gsd-2024-33886 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.287167Z
gsd-2024-33885 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.441746Z
gsd-2024-33884 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:07.534455Z
gsd-2024-33883 The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa… 2024-04-29T05:02:07.271727Z
gsd-2024-4303 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.716348Z
gsd-2024-4302 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.603637Z
gsd-2024-4301 The format of the source doesn't require a description, click on the link for more details. 2024-04-29T05:02:05.678292Z
gsd-2024-4300 E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo… 2024-04-29T05:02:05.715239Z
gsd-2024-4299 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc… 2024-04-29T05:02:05.606402Z
gsd-2024-4298 The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit… 2024-04-29T05:02:05.598531Z
gsd-2024-4297 The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo… 2024-04-29T05:02:05.700888Z
gsd-2024-4296 The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock… 2024-04-29T05:02:05.621428Z
gsd-2024-33882 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.803998Z
ID Description Published Updated
mal-2026-2295 Malicious code in databaseroboat (PyPI) 2026-03-29T20:12:48Z 2026-03-29T23:47:45Z
mal-2026-2296 Malicious code in bos-decoration-elements (npm) 2026-03-29T22:45:22Z 2026-03-29T22:45:22Z
mal-2026-2292 Malicious code in safecheckit (PyPI) 2026-03-29T13:37:12Z 2026-03-29T22:12:52Z
mal-2026-2290 Malicious code in iwantsafecheckit (PyPI) 2026-03-29T13:31:21Z 2026-03-29T22:12:52Z
mal-2026-2289 Malicious code in database-roblox (PyPI) 2026-03-29T12:15:48Z 2026-03-29T20:48:22Z
mal-2026-2281 Malicious code in roboats-addition (PyPI) 2026-03-28T20:17:03Z 2026-03-29T20:48:22Z
mal-2026-2280 Malicious code in roboat-additions (PyPI) 2026-03-28T20:16:43Z 2026-03-29T20:48:22Z
mal-2026-2279 Malicious code in roboat-addition (PyPI) 2026-03-28T20:15:46Z 2026-03-29T20:48:22Z
mal-2026-2294 Malicious code in hiveos (PyPI) 2026-03-29T18:44:31Z 2026-03-29T18:44:31Z
mal-2026-2238 Malicious code in spr-i18n-labels (npm) 2026-03-26T16:40:45Z 2026-03-29T16:14:46Z
mal-2026-2291 Malicious code in pychatz (PyPI) 2026-03-29T13:50:56Z 2026-03-29T13:50:56Z
mal-2026-2293 Malicious code in thisismytestnouser (PyPI) 2026-03-29T13:34:24Z 2026-03-29T13:34:25Z
mal-2026-2287 Malicious code in f0-state-manager (npm) 2026-03-29T11:50:43Z 2026-03-29T11:50:43Z
mal-2026-2288 Malicious code in merchservicingnodeserv (npm) 2026-03-29T11:50:39Z 2026-03-29T11:50:39Z
mal-2026-2285 Malicious code in dial-app-version (npm) 2026-03-29T10:58:29Z 2026-03-29T11:44:25Z
mal-2026-2284 Malicious code in bizsignupnodeweb (npm) 2026-03-29T10:58:26Z 2026-03-29T10:58:26Z
mal-2026-2286 Malicious code in sn3akysnak3-test (npm) 2026-03-29T10:55:32Z 2026-03-29T10:55:32Z
mal-2026-2283 Malicious code in interwebz (PyPI) 2026-03-29T10:06:44Z 2026-03-29T10:06:44Z
mal-2026-2282 Malicious code in @adac-fahrzeugplattform/ui (npm) 2026-03-29T04:43:26Z 2026-03-29T06:02:22Z
mal-2026-2278 Malicious code in python-aiogram-telegram-updater (PyPI) 2026-03-28T19:40:48Z 2026-03-28T19:40:48Z
mal-2026-2277 Malicious code in aiogram-photo-updater (PyPI) 2026-03-28T19:40:23Z 2026-03-28T19:40:23Z
mal-2026-2275 Malicious code in npmamzs (npm) 2026-03-28T10:54:14Z 2026-03-28T15:13:55Z
mal-2026-2276 Malicious code in payerpath-customer-lib (npm) 2026-03-28T14:45:51Z 2026-03-28T14:45:51Z
mal-2026-2274 Malicious code in autoshipment-public-front (npm) 2026-03-28T10:54:19Z 2026-03-28T10:54:19Z
mal-2026-2268 Malicious code in gemini-ai-api (PyPI) 2026-03-27T16:39:25Z 2026-03-27T17:24:17Z
mal-2026-2245 Malicious code in requests-testik111 (PyPI) 2026-03-26T21:35:07Z 2026-03-27T17:24:17Z
mal-2026-2270 Malicious code in copytrading (PyPI) 2026-03-27T16:50:02Z 2026-03-27T16:50:02Z
mal-2026-2273 Malicious code in trustwallet (PyPI) 2026-03-27T16:47:51Z 2026-03-27T16:47:51Z
mal-2026-2271 Malicious code in metamask-api (PyPI) 2026-03-27T16:47:31Z 2026-03-27T16:47:31Z
mal-2026-2269 Malicious code in claude-lite (PyPI) 2026-03-27T16:45:20Z 2026-03-27T16:45:20Z
ID Description Published Updated
4hzm000604 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) 2026-03-26T00:30:00.000Z 2026-03-26T00:30:00.000Z
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ​​PVI​ ​​Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ​B&R PCs vulnerable to PixieFail attack​ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Ability™ OPTIMAX® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
3adr011432 AC500 V2 Buffer overread on Modbus protocol 2025-07-23T00:30:00.000Z 2025-07-23T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-0882 GIMP: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0881 IBM License Metric Tool: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0879 Linux Kernel: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0878 FreeBSD Project FreeBSD OS: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0875 Red Hat Enterprise Linux (ncurses): Schwachstelle ermöglicht Codeausführung 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0873 docker: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0870 libpng: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0869 SolarWinds Platform: Mehrere Schwachstellen ermöglichen Cross-Site Scripting 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0865 Keycloak: Schwachstelle ermöglicht Offenlegung von Informationen 2026-03-25T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0850 Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0849 ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-24T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0837 Google Chrome: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0833 Ruby on Rails: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0831 systemd: Mehrere Schwachstellen 2026-03-23T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0824 Python: Schwachstelle ermöglicht Codeausführung 2026-03-22T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0821 Keycloak: Mehrere Schwachstellen 2026-03-22T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0816 Apache ActiveMQ Artemis: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-22T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0790 Linux Kernel: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0787 Keycloak: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0785 libarchive: Schwachstelle ermöglicht Denial of Service 2026-03-18T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0781 Drupal Automated Logout Extension: Schwachstelle ermöglicht Manipulation von Dateien 2026-03-18T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0775 nghttp2: Schwachstelle ermöglicht Denial of Service 2026-03-17T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0769 Red Hat Enterprise Linux (capstone) und OpenShift (rhcos): Mehrere Schwachstellen 2026-03-17T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0764 Grafana Tempo: Schwachstelle ermöglicht Offenlegung von Informationen 2026-03-17T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0760 Xen und Citrix Systems XenServer: Mehrere Schwachstellen 2026-03-17T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0734 GNU InetUtils: Mehrere Schwachstellen 2026-03-15T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0720 systemd: Mehrere Schwachstellen 2026-03-12T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0704 Google Cloud Platform Envoy Proxy, Istio und Service Mesh: Mehrere Schwachstellen 2026-03-11T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0607 CPython: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-04T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
wid-sec-w-2026-0599 Drupal Extensions: Mehrere Schwachstellen 2026-03-04T23:00:00.000+00:00 2026-03-26T23:00:00.000+00:00
ID Description Published Updated
va-26-084-01 Nanoleaf Lines unauthenticated firmware file store vulnerability 2026-03-25T00:00:00Z 2026-03-25T00:00:00Z
icsma-26-083-01 Grassroots DICOM (GDCM) 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsma-25-364-01 WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) 2025-12-30T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-03 "Schneider Electric Plant iT/Brewmaxx" 2026-01-13T08:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-02 Schneider Electric EcoStruxure Foxboro DCS 2026-03-10T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-01 Pharos Controls Mosaic Show Controller 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-05 Mitsubishi Electric CNC Series 2026-03-10T00:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-02 Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-01 Schneider Electric Modicon M241, M251, and M262 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-07 IGL-Technologies eParking.fi 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-078-06 CTEK Chargeportal 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-076-04 Siemens SICAM SIAPP SDK 2026-03-10T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-03 Schneider Electric EcoStruxure Data Center Expert 2026-03-10T07:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-02 Schneider Electric SCADAPack and RemoteConnect 2026-02-10T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-076-01 CODESYS in Festo Automation Suite 2026-02-26T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-015-10 Schneider Electric EcoStruxure Power Build Rapsody (Update A) 2026-01-13T08:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-25-160-02 Hitachi Energy Relion 670, 650, SAM600-IO Series (Update A) 2023-06-27T00:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-25-303-01 International Standards Organization ISO 15118-2 (Update A) 2025-10-30T05:00:00.000000Z 2026-03-17T05:00:00.000000Z
icsa-26-071-06 Inductive Automation Ignition Software 2026-03-12T06:00:00.000000Z 2026-03-13T06:00:00.000000Z
icsa-26-071-05 Siemens Heliox EV Chargers 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-04 Siemens SIMATIC 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-03 Siemens SIDIS Prime 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-02 Siemens RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-071-01 Trane Tracer SC, Tracer SC+, and Tracer Concierge 2026-03-12T06:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-048-04 Honeywell HIB2PI CCTV Camera (Update B) 2026-02-17T07:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-08 Siemens NX 2026-02-10T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-043-03 Siemens COMOS 2025-12-09T00:00:00.000000Z 2026-03-12T06:00:00.000000Z
ID Description Published Updated
cisco-sa-xe-secureboot-bypass-b6uyxysz Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-wlc-dos-hnx5kgom Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-vmanage-xss-zqkhp9w9 Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-scp-dos-duadxtcg Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-xss-lpgkzwtj Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-crlf-nvgktkjz Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe_infodis-6j847ueb Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-tls-dos-tvgldezl Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-mntc-dos-lzweqcyq Cisco IOS XE Software Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-lobby-privesc-kwxbqjy Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-ios-http-dos-sbv8xrpl Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-bootp-wubhnbxa Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-asa-ftd-ios-dos-kpepqggk Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-fmc-rce-nkhnuljh Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 2026-03-04T16:00:00+00:00 2026-03-25T14:21:24+00:00
cisco-sa-sdwan-authbp-qwcx8d4v Cisco Catalyst SD-WAN Vulnerabilities 2026-02-25T16:00:00+00:00 2026-03-18T01:06:38+00:00
cisco-sa-xrncs-epni-int-dos-twmffusn Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-isis-dos-kdmxpszk Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-iosxr-privesc-bf8d5u4w Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-cc-xss-mrnah5jh Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-fmc-sql-inject-2enmtc8v Cisco Secure Firewall Management Center Software SQL Injection Vulnerability 2024-10-23T16:00:00+00:00 2026-03-04T16:11:01+00:00
cisco-sa-asaftd-cmd-inj-zjv8wysm Cisco Adaptive Security Appliance and Firepower Threat Defense Software Command Injection Vulnerability 2024-04-24T16:00:00+00:00 2026-03-04T16:10:59+00:00
cisco-sa-snort3-multi-dos-xfwkwswz Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-onprem-fmc-authbypass-5jpp45v2 Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftdfmc-dir-trav-wergjhwq Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-tcp-dos-rhfqnwrg Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-snort-bypass-rlggkzvf Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-dnd-dos-bpecg7b7 Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-cmd-inj-mtzgzexf Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-sql-injection-2qh6ccjd Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-vpn-m9sx6mbc Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-4833 Orc discount Markdown markdown.c compile recursion 2026-03-02T00:00:00.000Z 2026-03-29T01:03:30.000Z
msrc_cve-2025-70888 CVE-2025-70888 2026-03-02T00:00:00.000Z 2026-03-29T01:03:20.000Z
msrc_cve-2026-33672 Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching 2026-03-02T00:00:00.000Z 2026-03-29T01:03:13.000Z
msrc_cve-2026-33671 Picomatch has a ReDoS vulnerability via extglob quantifiers 2026-03-02T00:00:00.000Z 2026-03-29T01:03:00.000Z
msrc_cve-2025-67030 CVE-2025-67030 2026-03-02T00:00:00.000Z 2026-03-29T01:02:46.000Z
msrc_cve-2026-23399 nf_tables: nft_dynset: fix possible stateful expression memleak in error path 2026-03-02T00:00:00.000Z 2026-03-29T01:02:34.000Z
msrc_cve-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function 2026-03-02T00:00:00.000Z 2026-03-29T01:02:28.000Z
msrc_cve-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 2026-03-02T00:00:00.000Z 2026-03-29T01:02:20.000Z
msrc_cve-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` 2026-03-02T00:00:00.000Z 2026-03-29T01:02:12.000Z
msrc_cve-2026-3591 A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass 2026-03-02T00:00:00.000Z 2026-03-29T01:02:04.000Z
msrc_cve-2026-3119 Authenticated query containing a TKEY record may cause named to terminate unexpectedly 2026-03-02T00:00:00.000Z 2026-03-29T01:01:58.000Z
msrc_cve-2026-3104 Memory leak in code preparing DNSSEC proofs of non-existence 2026-03-02T00:00:00.000Z 2026-03-29T01:01:52.000Z
msrc_cve-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys 2026-03-02T00:00:00.000Z 2026-03-29T01:01:47.000Z
msrc_cve-2026-32241 Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection 2026-03-02T00:00:00.000Z 2026-03-29T01:01:41.000Z
msrc_cve-2026-34085 CVE-2026-34085 2026-03-02T00:00:00.000Z 2026-03-29T01:01:35.000Z
msrc_cve-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation 2026-03-02T00:00:00.000Z 2026-03-29T01:01:29.000Z
msrc_cve-2026-33413 etcd: Authorization bypasses in multiple APIs 2026-03-02T00:00:00.000Z 2026-03-28T14:39:17.000Z
msrc_cve-2026-33343 etcd: Nested etcd transactions bypass RBAC authorization checks 2026-03-02T00:00:00.000Z 2026-03-28T14:39:11.000Z
msrc_cve-2026-4645 Github.com/antchfx/xpath: xpath: denial of service via crafted boolean xpath expressions 2026-03-02T00:00:00.000Z 2026-03-28T14:39:04.000Z
msrc_cve-2026-28755 NGINX ngx_stream_ssl_module vulnerability 2026-03-02T00:00:00.000Z 2026-03-28T14:38:55.000Z
msrc_cve-2026-32647 NGINX ngx_http_mp4_module vulnerability 2026-03-02T00:00:00.000Z 2026-03-28T14:38:48.000Z
msrc_cve-2026-28753 NGINX ngx_mail_proxy_module vulnerability 2026-03-02T00:00:00.000Z 2026-03-28T14:38:41.000Z
msrc_cve-2026-27784 NGINX ngx_http_mp4_module vulnerability 2026-03-02T00:00:00.000Z 2026-03-28T14:38:34.000Z
msrc_cve-2026-27654 NGINX ngx_http_dav_module vulnerability 2026-03-02T00:00:00.000Z 2026-03-28T14:38:27.000Z
msrc_cve-2026-27651 NGINX ngx_mail_auth_http_module vulnerability 2026-03-02T00:00:00.000Z 2026-03-28T14:38:21.000Z
msrc_cve-2026-32748 Squid has Denial of Service in ICP Response handling 2026-03-02T00:00:00.000Z 2026-03-28T14:38:14.000Z
msrc_cve-2026-33515 Squid has issues in ICP message handling 2026-03-02T00:00:00.000Z 2026-03-28T14:38:07.000Z
msrc_cve-2026-33526 Squid vulnerable to Denial of Service in ICP Request handling 2026-03-02T00:00:00.000Z 2026-03-28T14:38:00.000Z
msrc_cve-2025-69720 CVE-2025-69720 2026-03-02T00:00:00.000Z 2026-03-28T14:37:51.000Z
msrc_cve-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames 2026-03-02T00:00:00.000Z 2026-03-28T14:37:40.000Z
ID Description Published Updated
ncsc-2025-0319 Kwetsbaarheden verholpen in F5 Networks BIG-IP, F5OS en NGINX App Protect WAF 2025-10-15T15:21:14.871532Z 2026-03-27T18:09:03.259108Z
ncsc-2026-0104 Kwetsbaarheden verholpen in Cisco IOS XE Software 2026-03-26T09:50:03.269095Z 2026-03-26T09:50:03.269095Z
ncsc-2026-0103 Kwetsbaarheden verholpen in GitLab 2026-03-26T09:48:10.874427Z 2026-03-26T09:48:10.874427Z
ncsc-2026-0102 Kwetsbaarheden verholpen in Apple macOS 2026-03-25T14:15:56.073353Z 2026-03-25T14:15:56.073353Z
ncsc-2026-0101 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-25T14:02:07.392994Z 2026-03-25T14:02:07.392994Z
ncsc-2026-0100 Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway 2026-03-23T13:43:30.957806Z 2026-03-23T13:43:30.957806Z
ncsc-2026-0099 Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager 2026-03-20T15:56:12.716324Z 2026-03-20T15:56:12.716324Z
ncsc-2026-0010 Kwetsbaarheden verholpen in Microsoft Office 2026-01-13T19:18:45.984019Z 2026-03-20T14:03:59.225773Z
ncsc-2026-0076 Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center 2026-03-04T20:49:12.211658Z 2026-03-19T11:48:18.917205Z
ncsc-2026-0098 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-13T08:41:19.155490Z 2026-03-13T08:41:19.155490Z
ncsc-2026-0097 Kwetsbaarheden verholpen in Google Chrome 2026-03-13T08:33:43.877125Z 2026-03-13T08:33:43.877125Z
ncsc-2026-0096 Kwetsbaarheden verholpen in Veeam Backup & Replication 2026-03-12T14:54:08.200676Z 2026-03-12T14:54:08.200676Z
ncsc-2026-0095 Kwetsbaarheid verholpen in pac4j-jwt 2026-03-12T14:45:51.156512Z 2026-03-12T14:45:51.156512Z
ncsc-2026-0094 Kwetsbaarheden verholpen in Cisco IOS XR 2026-03-12T14:44:08.106602Z 2026-03-12T14:44:08.106602Z
ncsc-2026-0093 Kwetsbaarheden verholpen in GitLab 2026-03-12T14:42:46.936248Z 2026-03-12T14:42:46.936248Z
ncsc-2026-0092 Kwetsbaarheden verholpen in Fortinet FortiWeb 2026-03-12T07:46:15.529522Z 2026-03-12T07:46:15.529522Z
ncsc-2026-0091 Kwetsbaarheden verholpen in SAP-producten 2026-03-12T07:24:16.575638Z 2026-03-12T07:24:16.575638Z
ncsc-2026-0090 Kwetsbaarheden verholpen in Adobe Experience Manager 2026-03-12T07:12:51.952931Z 2026-03-12T07:12:51.952931Z
ncsc-2026-0089 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2026-03-12T07:03:24.148324Z 2026-03-12T07:03:24.148324Z
ncsc-2026-0088 Kwetsbaarheden verholpen in Adobe Illustrator 2026-03-12T06:55:39.712240Z 2026-03-12T06:55:39.712240Z
ncsc-2026-0087 Kwetsbaarheden verholpen in Adobe Commerce 2026-03-12T06:49:56.459199Z 2026-03-12T06:49:56.459199Z
ncsc-2026-0086 Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer 2026-03-11T09:19:38.777277Z 2026-03-11T09:19:38.777277Z
ncsc-2026-0085 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-03-10T20:35:10.478398Z 2026-03-10T20:35:10.478398Z
ncsc-2026-0084 Kwetsbaarheden verholpen in Microsoft Office 2026-03-10T20:20:08.157658Z 2026-03-10T20:20:08.157658Z
ncsc-2026-0083 Kwetsbaarheid verholpen in Microsoft Authenticator app 2026-03-10T20:18:35.792755Z 2026-03-10T20:18:35.792755Z
ncsc-2026-0082 Kwetsbaarheden verholpen in Microsoft Azure 2026-03-10T20:15:41.528951Z 2026-03-10T20:15:41.528951Z
ncsc-2026-0081 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-03-10T20:12:56.032261Z 2026-03-10T20:12:56.032261Z
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0059 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2026-02-11T08:16:27.583936Z 2026-03-10T14:20:48.176282Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ID Description Published Updated
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10457-1 xen-4.21.1_02-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10456-1 tailscale-1.96.4-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10455-1 python311-requests-2.33.0-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10454-1 python311-cryptography-46.0.6-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10453-1 libpolkit-agent-1-0-127-3.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10452-1 libjavamapscript-8.6.1-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10451-1 libpng16-16-1.6.56-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10450-1 incus-6.23-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10449-1 gsl-2.8-5.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10448-1 bind-9.20.21-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10447-1 MozillaThunderbird-140.9.0-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10446-1 ImageMagick-7.1.2.18-1.1 on GA media 2026-03-28T00:00:00Z 2026-03-28T00:00:00Z
opensuse-su-2026:10441-1 strongswan-6.0.5-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10440-1 jupyter-nbclassic-1.3.3-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10439-1 plexus-utils-4.0.2-2.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10438-1 openbao-2.5.2-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10437-1 libnghttp2-14-1.68.1-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10436-1 freeipmi-1.6.17-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10435-1 cpp-httplib-devel-0.38.0-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10434-1 chromedriver-146.0.7680.164-1.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10433-1 LibVNCServer-devel-0.9.15-2.1 on GA media 2026-03-26T00:00:00Z 2026-03-26T00:00:00Z
opensuse-su-2026:10419-1 rclone-1.73.3-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10418-1 python311-jsonpath-ng-1.8.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10417-1 python311-deepdiff-8.6.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10416-1 python313-PyMuPDF-1.27.2.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10415-1 glances-common-4.5.2-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10414-1 perl-Crypt-URandom-0.550.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10413-1 firefox-esr-140.9.0-1.1 on GA media 2026-03-24T00:00:00Z 2026-03-24T00:00:00Z
opensuse-su-2026:10406-1 lemon-3.51.3-1.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
opensuse-su-2026:10405-1 python314-3.14.3-3.1 on GA media 2026-03-22T00:00:00Z 2026-03-22T00:00:00Z
ID Description Published Updated
oxdc-adv-2026-0001 OX Dovecot Security Advisory OXDC-ADV-2026-0001 2026-03-27T00:00:00+00:00 2026-03-27T00:00:00+00:00
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2026:5948 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.9 2026-03-26T14:31:40+00:00 2026-03-30T02:41:52+00:00
rhsa-2026:5968 Red Hat Security Advisory: Satellite 6.18.4 Async Update 2026-03-26T19:47:53+00:00 2026-03-30T02:41:49+00:00
rhsa-2026:5952 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.3 2026-03-26T15:03:15+00:00 2026-03-30T02:41:48+00:00
rhsa-2026:5950 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.6 2026-03-26T14:51:43+00:00 2026-03-30T02:41:48+00:00
rhsa-2026:5853 Red Hat Security Advisory: osbuild-composer security update 2026-03-26T01:05:19+00:00 2026-03-30T02:41:47+00:00
rhsa-2026:5852 Red Hat Security Advisory: osbuild-composer security update 2026-03-26T00:58:34+00:00 2026-03-30T02:41:47+00:00
rhsa-2026:5851 Red Hat Security Advisory: DevWorkspace Operator 0.40.0 release. 2026-03-25T23:56:41+00:00 2026-03-30T02:41:47+00:00
rhsa-2026:5461 Red Hat Security Advisory: osbuild-composer security update 2026-03-23T17:44:49+00:00 2026-03-30T02:41:47+00:00
rhsa-2026:5807 Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI 2026-03-25T12:32:51+00:00 2026-03-30T02:41:46+00:00
rhsa-2026:5665 Red Hat Security Advisory: Red Hat Quay 3.10.19 2026-03-24T18:02:58+00:00 2026-03-30T02:41:46+00:00
rhsa-2026:5649 Red Hat Security Advisory: RHTAS 1.3.2 - Red Hat Trusted Artifact Signer Release 2026-03-24T16:17:51+00:00 2026-03-30T02:41:46+00:00
rhsa-2026:5645 Red Hat Security Advisory: cert-manager Operator for Red Hat OpenShift 1.17.1 2026-03-24T15:38:55+00:00 2026-03-30T02:41:46+00:00
rhsa-2026:5636 Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.9 security update 2026-03-24T14:23:47+00:00 2026-03-30T02:41:45+00:00
rhsa-2026:5549 Red Hat Security Advisory: Red Hat OpenShift Builds 1.6.4 2026-03-24T07:31:25+00:00 2026-03-30T02:41:45+00:00
rhsa-2026:5544 Red Hat Security Advisory: osbuild-composer security update 2026-03-24T06:55:51+00:00 2026-03-30T02:41:45+00:00
rhsa-2026:5533 Red Hat Security Advisory: osbuild-composer security update 2026-03-24T04:02:36+00:00 2026-03-30T02:41:45+00:00
rhsa-2026:5463 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T16:40:06+00:00 2026-03-30T02:41:45+00:00
rhsa-2026:5452 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T16:13:04+00:00 2026-03-30T02:41:45+00:00
rhsa-2026:5447 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T16:03:55+00:00 2026-03-30T02:41:43+00:00
rhsa-2026:5444 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T15:45:35+00:00 2026-03-30T02:41:43+00:00
rhsa-2026:5439 Red Hat Security Advisory: RHTAS 1.3.3 - Red Hat Trusted Artifact Signer Release 2026-03-23T15:37:52+00:00 2026-03-30T02:41:43+00:00
rhsa-2026:5394 Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 director Operator container images 2026-03-23T13:04:11+00:00 2026-03-30T02:41:43+00:00
rhsa-2026:5327 Red Hat Security Advisory: osbuild-composer security update 2026-03-23T07:40:40+00:00 2026-03-30T02:41:43+00:00
rhsa-2026:5168 Red Hat Security Advisory: Red Hat Quay 3.9.19 2026-03-19T19:18:06+00:00 2026-03-30T02:41:42+00:00
rhsa-2026:5146 Red Hat Security Advisory: yggdrasil security update 2026-03-19T16:04:46+00:00 2026-03-30T02:41:42+00:00
rhsa-2026:5145 Red Hat Security Advisory: yggdrasil-worker-package-manager security update 2026-03-19T15:42:26+00:00 2026-03-30T02:41:42+00:00
rhsa-2026:5132 Red Hat Security Advisory: Kiali 1.73.28 for Red Hat OpenShift Service Mesh 2.6 2026-03-19T14:09:55+00:00 2026-03-30T02:41:42+00:00
rhsa-2026:5131 Red Hat Security Advisory: Kiali 2.11.8 for Red Hat OpenShift Service Mesh 3.1 2026-03-19T14:08:55+00:00 2026-03-30T02:41:41+00:00
rhsa-2026:5130 Red Hat Security Advisory: Kiali 2.17.5 for Red Hat OpenShift Service Mesh 3.2 2026-03-19T14:08:59+00:00 2026-03-30T02:41:41+00:00
rhsa-2026:5129 Red Hat Security Advisory: Kiali 2.4.14 for Red Hat OpenShift Service Mesh 3.0 2026-03-19T14:08:51+00:00 2026-03-30T02:41:40+00:00
ID Description Published Updated
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxure™ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxure™ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxure™ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxure™ Building Operation Workstation and EcoStruxure™ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-343-01 EcoStruxure™ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-03 EcoStruxure™ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxure™ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2024-317-03 Modicon Controllers M340 / Momentum / MC80 2024-11-12T05:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-343-02 EcoStruxure™ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2023-192-04 CODESYS Runtime Vulnerabilities 2023-07-11T07:15:18.000Z 2025-12-09T08:00:00.000Z
sevd-2021-159-04 ISaGRAF Vulnerabilities in IEC 61131-3 Programming and Engineering Tools 2021-06-08T04:36:25.000Z 2025-11-15T00:00:00.000Z
sevd-2022-284-03 ISaGRAF Workbench for SAGE RTU 2022-10-10T22:13:16.000Z 2025-11-14T06:30:00.000Z
sevd-2025-315-02 EcoStruxure™ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-01 PowerChute™ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-02 EcoStruxure™ Power Monitoring Expert Software & EcoStruxure™ Power Operation (EPO) and EcoStruxure™ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-287-01 EcoStruxure™ OPC UA Server Expert and EcoStruxure™ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
ID Description Published Updated
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2025-05-20T11:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
SCA-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
ID Description Published Updated
ssa-246443 SSA-246443: Multiple Vulnerabilities in SICAM 8 Products 2026-03-26T00:00:00.000Z 2026-03-26T00:00:00.000Z
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-770770 SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices 2025-02-11T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-513708 SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-485750 SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-430425 SSA-430425: Multiple Vulnerabilities in SINEC Security Monitor before V4.9.0 2024-10-08T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-282044 SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery 2025-08-12T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-201595 SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2025-08-14T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-126399 SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-082556 SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 2025-06-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-027652 SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives 2025-09-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-613116 SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-355557 SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2 2025-08-12T00:00:00Z 2026-02-24T00:00:00Z
ssa-089022 SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 2026-01-28T00:00:00Z 2026-02-24T00:00:00Z
ssa-965753 SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-864900 SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2025-05-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-783261 SSA-783261: Denial of Service Vulnerability in Automation License Manager (ALM) Before V5.2 2012-12-12T00:00:00Z 2026-02-10T00:00:00Z
ssa-674753 SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices 2026-01-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-625934 SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-599451 SSA-599451: Multiple Vulnerabilities in SiPass integrated 2025-10-14T00:00:00Z 2026-02-10T00:00:00Z
ssa-507364 SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-445819 SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-265688 SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 2024-04-09T00:00:00Z 2026-02-10T00:00:00Z
ID Description Published Updated
suse-su-2026:1130-1 Security update for the Linux Kernel 2026-03-27T15:47:44Z 2026-03-27T15:47:44Z
suse-su-2026:1129-1 Security update for freerdp 2026-03-27T15:05:09Z 2026-03-27T15:05:09Z
suse-su-2026:1127-1 Security update for MozillaFirefox 2026-03-27T14:43:04Z 2026-03-27T14:43:04Z
suse-su-2026:1126-1 Security update for MozillaFirefox 2026-03-27T14:42:09Z 2026-03-27T14:42:09Z
suse-su-2026:1124-1 Security update for LibVNCServer 2026-03-27T14:22:08Z 2026-03-27T14:22:08Z
suse-su-2026:1125-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) 2026-03-27T14:04:13Z 2026-03-27T14:04:13Z
suse-su-2026:1118-1 Security update for docker-stable 2026-03-27T12:26:18Z 2026-03-27T12:26:18Z
suse-su-2026:1117-1 Security update for python311 2026-03-27T11:34:35Z 2026-03-27T11:34:35Z
suse-su-2026:1107-1 Security update for python312 2026-03-27T09:04:01Z 2026-03-27T09:04:01Z
suse-su-2026:1102-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) 2026-03-27T08:05:21Z 2026-03-27T08:05:21Z
suse-su-2026:1105-1 Security update for containerd 2026-03-27T07:03:20Z 2026-03-27T07:03:20Z
suse-su-2026:1099-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) 2026-03-27T04:33:50Z 2026-03-27T04:33:50Z
suse-su-2026:1096-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7) 2026-03-27T04:04:40Z 2026-03-27T04:04:40Z
suse-su-2026:1101-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7) 2026-03-27T01:33:43Z 2026-03-27T01:33:43Z
suse-su-2026:1100-1 Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6) 2026-03-26T23:08:12Z 2026-03-26T23:08:12Z
suse-su-2026:1098-1 Security update for cosign 2026-03-26T21:23:31Z 2026-03-26T21:23:31Z
suse-su-2026:1095-1 Security update for vim 2026-03-26T18:05:14Z 2026-03-26T18:05:14Z
suse-su-2026:1094-1 Security update for python-deepdiff 2026-03-26T17:56:23Z 2026-03-26T17:56:23Z
suse-su-2026:1093-1 Security update for xen 2026-03-26T17:52:21Z 2026-03-26T17:52:21Z
suse-su-2026:1092-1 Security update for xen 2026-03-26T17:51:51Z 2026-03-26T17:51:51Z
suse-su-2026:1091-1 Security update for kea 2026-03-26T17:48:22Z 2026-03-26T17:48:22Z
suse-su-2026:1090-1 Security update for python3 2026-03-26T17:45:14Z 2026-03-26T17:45:14Z
suse-su-2026:1089-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6) 2026-03-26T17:34:58Z 2026-03-26T17:34:58Z
suse-su-2026:1088-1 Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) 2026-03-26T17:03:58Z 2026-03-26T17:03:58Z
suse-su-2026:1083-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6) 2026-03-26T15:03:57Z 2026-03-26T15:03:57Z
suse-su-2026:1081-1 Security update for the Linux Kernel 2026-03-26T13:23:51Z 2026-03-26T13:23:51Z
suse-su-2026:1078-1 Security update for the Linux Kernel 2026-03-26T12:43:07Z 2026-03-26T12:43:07Z
suse-su-2026:1077-1 Security update for the Linux Kernel 2026-03-26T12:42:31Z 2026-03-26T12:42:31Z
suse-su-2026:1076-1 Security update for python-pyasn1 2026-03-26T12:42:05Z 2026-03-26T12:42:05Z
suse-su-2026:1075-1 Security update for python-pyasn1 2026-03-26T12:41:27Z 2026-03-26T12:41:27Z
ID Description Published Updated
alsa-2026:5599 Moderate: nginx security update 2026-03-24T00:00:00Z 2026-03-26T13:22:57Z
alsa-2026:5581 Moderate: nginx:1.24 security update 2026-03-24T00:00:00Z 2026-03-26T13:17:49Z
alsa-2026:5578 Moderate: virt:rhel and virt-devel:rhel security update 2026-03-24T00:00:00Z 2026-03-26T13:09:57Z
alsa-2026:5640 Moderate: mysql:8.4 security update 2026-03-24T00:00:00Z 2026-03-26T11:56:07Z
alsa-2026:5513 Moderate: 389-ds:1.4 security update 2026-03-24T00:00:00Z 2026-03-26T11:22:25Z
alsa-2026:5580 Moderate: mysql:8.0 security update 2026-03-24T00:00:00Z 2026-03-26T11:12:21Z
alsa-2026:5585 Moderate: gnutls security update 2026-03-24T00:00:00Z 2026-03-26T11:01:10Z
alsa-2026:5587 Moderate: opencryptoki security update 2026-03-24T00:00:00Z 2026-03-26T10:48:17Z
alsa-2026:5588 Moderate: python3 security update 2026-03-24T00:00:00Z 2026-03-26T10:36:35Z
alsa-2026:5602 Moderate: vim security update 2026-03-24T00:00:00Z 2026-03-26T10:18:47Z
alsa-2026:5603 Moderate: opencryptoki security update 2026-03-24T00:00:00Z 2026-03-26T10:00:53Z
alsa-2026:5113 Important: gimp:2.8 security update 2026-03-19T00:00:00Z 2026-03-20T13:31:59Z
alsa-2026:5145 Important: yggdrasil-worker-package-manager security update 2026-03-19T00:00:00Z 2026-03-20T07:40:23Z
alsa-2026:5146 Important: yggdrasil security update 2026-03-19T00:00:00Z 2026-03-20T07:36:24Z
alsa-2026:4759 Moderate: kernel security update 2026-03-17T00:00:00Z 2026-03-20T07:32:09Z
alsa-2026:5063 Important: libarchive security update 2026-03-19T00:00:00Z 2026-03-20T07:26:23Z
alsa-2026:5080 Important: libarchive security update 2026-03-19T00:00:00Z 2026-03-20T07:21:56Z
alsa-2026:4715 Moderate: vim security update 2026-03-17T00:00:00Z 2026-03-20T07:17:19Z
alsa-2026:4898 Important: capstone security update 2026-03-18T00:00:00Z 2026-03-19T15:08:06Z
alsa-2026:4828 Moderate: mysql security update 2026-03-17T00:00:00Z 2026-03-19T15:05:35Z
alsa-2026:4717 Moderate: opencryptoki security update 2026-03-17T00:00:00Z 2026-03-19T15:03:25Z
alsa-2026:4649 Moderate: grub2 security update 2026-03-16T00:00:00Z 2026-03-19T15:01:35Z
alsa-2026:4713 Moderate: python3.12 security update 2026-03-17T00:00:00Z 2026-03-19T14:56:58Z
alsa-2026:4723 Moderate: kernel security update 2026-03-17T00:00:00Z 2026-03-19T14:50:26Z
alsa-2026:4760 Moderate: grub2 security update 2026-03-17T00:00:00Z 2026-03-19T14:40:59Z
alsa-2026:4705 Moderate: nginx security update 2026-03-17T00:00:00Z 2026-03-19T12:47:53Z
alsa-2026:4629 Important: libvpx security update 2026-03-16T00:00:00Z 2026-03-19T12:45:22Z
alsa-2026:4772 Moderate: glibc security update 2026-03-17T00:00:00Z 2026-03-19T12:43:04Z
alsa-2026:4728 Important: libpng security update 2026-03-17T00:00:00Z 2026-03-19T12:37:34Z
alsa-2026:4473 Moderate: python3.11 security update 2026-03-12T00:00:00Z 2026-03-19T12:33:18Z
ID Description Published Updated
hsec-2026-0004 Hackage package metadata stored XSS vulnerability 2026-03-28T16:05:12Z 2026-03-28T16:05:12Z
hsec-2026-0002 Hackage CSRF vulnerability 2026-03-28T16:04:58Z 2026-03-28T16:04:58Z
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0003 code injection in xmonad-contrib 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
ID Description Published Updated
osv-2023-307 Heap-buffer-overflow in bit_read_BB 2023-04-13T14:02:09.774988Z 2026-03-29T14:23:19.051218Z
osv-2022-714 Heap-buffer-overflow in dynapi_set_helper 2022-08-15T00:00:47.794062Z 2026-03-29T14:20:30.260741Z
osv-2022-653 Heap-double-free in dwg_free_common_entity_data 2022-07-30T00:01:52.491112Z 2026-03-29T14:19:50.560935Z
osv-2022-388 Segv on unknown address in dwg_ref_get_object 2022-05-01T00:01:54.904711Z 2026-03-29T14:19:38.152088Z
osv-2022-379 Segv on unknown address in bit_write_TV 2022-04-27T00:00:44.539231Z 2026-03-29T14:18:55.806106Z
osv-2022-372 Heap-buffer-overflow in dwg_encode_VERTEX_2D 2022-04-26T00:00:09.352798Z 2026-03-29T14:18:46.360844Z
osv-2022-400 Heap-double-free in dwg_free_XRECORD_private 2022-05-08T00:00:40.782520Z 2026-03-29T14:17:06.573979Z
osv-2022-1176 Heap-double-free in dwg_free 2022-11-18T13:00:26.857477Z 2026-03-29T14:16:34.751942Z
osv-2022-1259 Heap-buffer-overflow in dwg_decode_INSERT_private 2022-12-13T13:00:46.870838Z 2026-03-29T14:16:31.941810Z
osv-2021-1343 Heap-buffer-overflow in get_next_owned_entity 2021-09-21T00:01:33.177403Z 2026-03-29T14:16:03.446470Z
osv-2021-1086 Heap-buffer-overflow in dwg_convert_SAB_to_SAT1 2021-08-02T00:00:31.888461Z 2026-03-29T14:12:41.172021Z
osv-2024-245 Security exception in com.github.javaparser.ast.validator.TreeVisitorValidator.accept 2024-04-08T00:11:03.595756Z 2026-03-28T14:18:46.703731Z
osv-2022-776 Heap-buffer-overflow in do_job 2022-08-24T00:00:48.440951Z 2026-03-28T14:13:55.545096Z
osv-2022-1198 Heap-buffer-overflow in dwg_json_LTYPE 2022-11-23T13:02:06.623044Z 2026-03-28T14:13:33.339320Z
osv-2025-312 Heap-buffer-overflow in ZSTD_decompressMultiFrame 2025-05-02T00:14:14.459388Z 2026-03-27T14:26:26.446866Z
osv-2023-606 Heap-buffer-overflow in ZSTD_decompressMultiFrame 2023-07-23T14:01:02.159160Z 2026-03-27T14:21:24.837066Z
osv-2023-319 Heap-buffer-overflow in ZSTD_decompressSequencesLong_bmi2 2023-04-16T14:01:58.406534Z 2026-03-27T14:20:54.241339Z
osv-2022-675 Heap-buffer-overflow in void RDKit::ParseV3000AtomProps<std::__1::vector<std::__1::basic_string_view<cha 2022-08-06T00:00:51.363676Z 2026-03-27T14:20:04.040838Z
osv-2021-1672 Heap-buffer-overflow in blosc_d 2021-12-12T00:01:29.747137Z 2026-03-27T14:18:17.523662Z
osv-2022-1288 Stack-buffer-overflow in bool SmilesParseOps::parser::parse_atom_props<std::__1::__wrap_iter<char const*> 2024-11-04T00:16:22.516312Z 2026-03-27T14:17:53.064285Z
osv-2023-1350 Heap-buffer-overflow in inflate 2023-12-23T00:12:38.562149Z 2026-03-27T14:16:43.884162Z
osv-2022-312 Heap-buffer-overflow in dhcp_reply 2022-04-07T00:00:40.457052Z 2026-03-27T14:16:28.231864Z
osv-2022-1134 Heap-buffer-overflow in ndlz8_decompress 2022-11-04T00:02:11.463429Z 2026-03-27T14:15:56.573716Z
osv-2021-1070 Heap-buffer-overflow in ZSTD_decompressBlock_internal 2021-07-29T00:01:10.187569Z 2026-03-27T14:15:27.197578Z
osv-2026-461 UNKNOWN READ in XRef::constructObjectEntry 2026-03-26T00:17:47.551046Z 2026-03-26T00:17:47.551361Z
osv-2023-390 Heap-buffer-overflow in sdhci_write 2023-05-12T14:00:08.854823Z 2026-03-25T14:36:40.217425Z
osv-2022-581 Heap-buffer-overflow in megasas_map_sgl 2022-07-14T00:00:45.644503Z 2026-03-25T14:34:54.340377Z
osv-2021-820 UNKNOWN READ in virtio_gpu_disable_scanout 2021-06-02T00:00:31.619765Z 2026-03-25T14:31:38.431905Z
osv-2022-834 Heap-use-after-free in mk_event_timeout_destroy 2022-09-04T00:00:31.605787Z 2026-03-25T14:14:57.538276Z
osv-2022-1277 Heap-use-after-free in mk_event_timeout_destroy 2023-06-26T14:01:01.876870Z 2026-03-25T14:11:32.468786Z
ID Description Published Updated
rustsec-2026-0077 Incorrect Check of Signer Response Norm During Verification 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0076 Panic in Signature Hint Decoding During Verification 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0075 All-Zero Key Generation on Catastrophic RNG Failure 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0074 Incorrect Output of Incremental Portable SHAKE API 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2026-0073 Panic in Standalone MAC Operations 2026-03-04T12:00:00Z 2026-03-27T05:55:06Z
rustsec-2025-0155 `rands` was removed from crates.io for malicious code 2025-02-10T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0124 `bit-flags` was removed from crates.io for malicious code 2023-12-22T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0123 `hann-rs-service` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0122 `winx-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0121 `libusb1-main` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0120 `windows-service-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0119 `openvpn-plugin-rs` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0118 `win_run_rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0117 `tauri-winrt-notifications` was removed from crates.io for malicious code 2023-11-20T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0116 `registry-win` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0115 `acceptxmr-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0114 `tiny-server` was removed from crates.io for malicious code 2023-11-06T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0113 `win-base64-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0112 `monero-rpc-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0111 `monero-api` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0110 `postgresderive` was removed from crates.io for malicious code 2023-08-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0109 `win-crypto` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0108 `tauri-win-rt-notification` was removed from crates.io for malicious code 2023-11-20T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0107 `lasso-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0106 `lfest-main` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0105 `windowsservice` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0104 `littest` was removed from crates.io for malicious code 2023-11-06T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2025-0154 `replit_ruspty` was removed from crates.io for malicious code 2025-11-04T12:00:00Z 2026-03-25T08:37:19Z
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0072 Missing Check for All-Zero X25519 Shared Secret 2026-02-04T12:00:00Z 2026-03-24T08:16:07Z
ID Description Published Updated
bit-nats-2026-33248 NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching 2026-03-27T17:45:26.680Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33247 NATS credentials are exposed in monitoring port via command-line argv 2026-03-27T17:45:24.871Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33246 NATS: Leafnode connections allow spoofing of Nats-Request-Info identity headers 2026-03-27T17:45:23.082Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33223 NATS Server: Incomplete Stripping of Nats-Request-Info Header Allows Identity Spoofing 2026-03-27T17:45:21.527Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33222 NATS JetStream has an authorization bypass through its Management API 2026-03-27T17:45:19.827Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33219 NATS is vulnerable to pre-auth DoS through WebSockets client service 2026-03-27T17:45:18.190Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33218 NATS has pre-auth server panic via leafnode handling 2026-03-27T17:45:16.655Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33217 NATS allows MQTT clients to bypass ACL checks 2026-03-27T17:45:15.042Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33216 NATS has MQTT plaintext password disclosure 2026-03-27T17:45:13.444Z 2026-03-27T18:14:10.313Z
bit-nats-2026-29785 NATS Server panic via malicious compression on leafnode port 2026-03-27T17:45:10.061Z 2026-03-27T18:14:10.313Z
bit-nats-2026-33215 NATS is vulnerable to MQTT hijacking via Client ID 2026-03-27T07:08:53.339Z 2026-03-27T12:16:52.978Z
bit-nats-2026-27889 NATS: Pre-auth remote server crash via WebSocket frame length overflow in wsRead 2026-03-27T11:47:22.988Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-4363 Incorrect Authorization in GitLab 2026-03-27T12:15:19.935Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-3988 Inefficient Algorithmic Complexity in GitLab 2026-03-27T12:15:17.809Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-3857 Cross-Site Request Forgery (CSRF) in GitLab 2026-03-27T12:15:15.885Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-2995 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in GitLab 2026-03-27T12:15:11.976Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-2973 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab 2026-03-27T12:15:10.065Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-2745 Authentication Bypass Using an Alternate Path or Channel in GitLab 2026-03-27T12:15:06.072Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-2726 Incorrect Authorization in GitLab 2026-03-27T12:15:04.107Z 2026-03-27T12:16:52.978Z
bit-gitlab-2026-1724 Missing Authentication for Critical Function in GitLab 2026-03-27T12:14:54.117Z 2026-03-27T12:16:52.978Z
bit-gitlab-2025-14595 Missing Authorization in GitLab 2026-03-27T12:11:45.074Z 2026-03-27T12:16:52.978Z
bit-gitlab-2025-13436 Allocation of Resources Without Limits or Throttling in GitLab 2026-03-27T12:11:11.989Z 2026-03-27T12:16:52.978Z
bit-gitlab-2025-13078 Improper Validation of Specified Quantity in Input in GitLab 2026-03-27T12:11:08.026Z 2026-03-27T12:16:52.978Z
bit-etcd-2026-33413 etcd: Authorization bypasses in multiple APIs 2026-03-27T11:39:27.916Z 2026-03-27T12:16:52.978Z
bit-etcd-2026-33343 etcd: Nested etcd transactions bypass RBAC authorization checks 2026-03-27T11:39:26.076Z 2026-03-27T12:16:52.978Z
bit-parse-2026-33627 Parse Server: Auth data exposed via /users/me endpoint 2026-03-27T07:14:47.660Z 2026-03-27T07:40:55.991Z
bit-parse-2026-33624 Parse Server: MFA recovery code single-use bypass via concurrent requests 2026-03-27T07:14:44.950Z 2026-03-27T07:40:55.991Z
bit-parse-2026-33539 Parse Server: SQL injection via aggregate and distinct field names in PostgreSQL adapter 2026-03-27T07:14:42.086Z 2026-03-27T07:40:55.991Z
bit-parse-2026-33538 Parse Server: Denial of service via unindexed database query for unconfigured auth providers 2026-03-27T07:14:39.195Z 2026-03-27T07:40:55.991Z
bit-parse-2026-33527 Parse Server: Session update endpoint allows overwriting server-generated session fields 2026-03-27T07:14:36.431Z 2026-03-27T07:40:55.991Z
ID Description Published Updated
cleanstart-2026-zv38826 Within HostnameError 2026-03-10T01:00:05.764793Z 2026-03-09T13:15:34Z
cleanstart-2026-xh31600 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:58:05.974960Z 2026-03-09T13:15:34Z
cleanstart-2026-ra63757 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:56:05.142237Z 2026-03-09T13:15:34Z
cleanstart-2026-qk48981 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:00:35.988532Z 2026-03-09T13:15:34Z
cleanstart-2026-oh74241 Security fixes for GHSA-mqqf-5wvp-8fh8 applied in versions: 0.122-r0 2026-03-10T00:58:07.551022Z 2026-03-09T13:15:34Z
cleanstart-2026-od98869 Within HostnameError 2026-03-10T00:59:05.580952Z 2026-03-09T13:15:34Z
cleanstart-2026-mo83449 Within HostnameError 2026-03-10T00:59:35.550450Z 2026-03-09T13:15:34Z
cleanstart-2026-jz91219 Within HostnameError 2026-03-10T00:59:35.590693Z 2026-03-09T13:15:34Z
cleanstart-2026-ir62391 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:48:33.059735Z 2026-03-09T13:15:34Z
cleanstart-2026-gj95666 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:04:41.222114Z 2026-03-09T13:15:34Z
cleanstart-2026-dt66006 Within HostnameError 2026-03-10T00:58:35.493841Z 2026-03-09T13:15:34Z
cleanstart-2026-av02020 Redis is an open source, in-memory database that persists on disk 2026-03-10T00:58:05.928030Z 2026-03-09T13:15:34Z
cleanstart-2026-af35851 Redis is an open source, in-memory database that persists on disk 2026-03-10T01:02:37.708854Z 2026-03-09T13:15:34Z
cleanstart-2026-ab04032 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-10T00:58:35.570783Z 2026-03-09T13:15:34Z
cleanstart-2026-qy24299 @octokit/endpoint turns REST API endpoints into generic request options 2026-03-07T00:39:47.646997Z 2026-03-06T13:08:41Z
cleanstart-2026-pp62083 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-07T00:39:46.558367Z 2026-03-06T13:08:41Z
cleanstart-2026-gi57625 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-07T00:39:46.578400Z 2026-03-06T13:08:41Z
cleanstart-2026-yp32652 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:42:01.150900Z 2026-03-03T12:59:01Z
cleanstart-2026-xj84245 Rack is a modular Ruby web server interface 2026-03-04T00:43:02.364521Z 2026-03-03T12:59:01Z
cleanstart-2026-wy43835 PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access 2026-03-04T00:41:31.079681Z 2026-03-03T12:59:01Z
cleanstart-2026-vc01496 Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 0.8.4-r0 2026-03-04T00:39:30.734261Z 2026-03-03T12:59:01Z
cleanstart-2026-sm37781 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic 2026-03-04T00:45:05.719125Z 2026-03-03T12:59:01Z
cleanstart-2026-na21773 GNU patch through 2 2026-03-04T00:42:01.122309Z 2026-03-03T12:59:01Z
cleanstart-2026-ew93264 Security fixes for GHSA-4cx2-fc23-5wg6, GHSA-6xw4-3v39-52mm, GHSA-72qj-48g4-5xgx, GHSA-mr3q-g2mv-mr4q, GHSA-p543-xpfm-54cp, GHSA-vc5p-v9hr-52mj, GHSA-vqg5-3255-v292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2 2026-03-04T00:39:32.590174Z 2026-03-03T12:59:01Z
cleanstart-2026-cq83284 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:43:01.818359Z 2026-03-03T12:59:01Z
cleanstart-2026-bz70876 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:42:00.996564Z 2026-03-03T12:59:01Z
cleanstart-2026-ay29369 Redis is an open source, in-memory database that persists on disk 2026-03-04T00:43:31.868035Z 2026-03-03T12:59:01Z
cleanstart-2026-mw73882 filippo 2026-03-03T00:39:03.237072Z 2026-03-02T17:13:50Z
cleanstart-2026-by85815 OpenTelemetry-Go is the Go implementation of OpenTelemetry 2026-03-03T00:39:03.275022Z 2026-03-02T17:13:50Z
cleanstart-2026-zn32454 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers 2026-02-27T00:50:08.716833Z 2026-02-26T12:09:56Z
ID Description Published Updated
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-26T19:50:52.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-26T19:43:59.000Z
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ts-2026-001 TS-2026-001 2026-01-15T00:00
ts-2025-008 TS-2025-008 2025-11-19T00:00
ts-2025-007 TS-2025-007 2025-11-07T00:00
ts-2025-006 TS-2025-006 2025-10-28T00:00
ts-2025-005 TS-2025-005 2025-08-07T00:00
ts-2025-004 TS-2025-004 2025-05-27T00:00
ts-2025-003 TS-2025-003 2025-05-21T00:00
ts-2025-002 TS-2025-002 2025-05-15T00:00
ts-2025-001 TS-2025-001 2025-03-07T00:00
ts-2024-013 TS-2024-013 2024-12-04T00:00
ts-2024-012 TS-2024-012 2024-10-02T00:00
ts-2024-011 TS-2024-011 2024-07-22T00:00
ts-2024-010 TS-2024-010 2024-07-19T00:00
ts-2024-009 TS-2024-009 2024-06-27T00:00
ts-2024-008 TS-2024-008 2024-06-14T00:00
ts-2024-007 TS-2024-007 2024-06-12T00:00
ts-2024-006 TS-2024-006 2024-05-22T00:00
ts-2024-005 TS-2024-005 2024-05-08T00:00
ts-2024-004 TS-2024-004 2024-05-06T00:00
ts-2024-003 TS-2024-003 2024-04-23T00:00
ts-2024-002 TS-2024-002 2024-01-30T00:00
ts-2024-001 TS-2024-001 2024-01-08T00:00
ts-2023-009 TS-2023-009 2023-12-22T00:00
ts-2023-008 TS-2023-008 2023-11-01T00:00
ts-2023-007 TS-2023-007 2023-10-26T00:00
ts-2023-006 TS-2023-006 2023-08-22T00:00
ts-2023-005 TS-2023-005 2023-04-28T00:00
ts-2023-004 TS-2023-004 2023-04-04T00:00
ts-2023-003 TS-2023-003 2023-03-22T00:00
ts-2023-002 TS-2023-002 2023-01-24T00:00
ID Description Published Updated
certfr-2026-ale-002 [MàJ] Vulnérabilité dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-ale-003 Note d’alerte – Ciblage des messageries instantanées 2026-03-20T00:00:00.000000 2026-03-20T00:00:00.000000
certfr-2025-ale-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MàJ] Vulnérabilité dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2026-ale-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MàJ] Multiples vulnérabilités dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MàJ] Multiples vulnérabilités dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sécurité dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 Activités de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MàJ] Vulnérabilité dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 Vulnérabilité dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 Vulnérabilité dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2025-ale-002 [MàJ] Vulnérabilité dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
certfr-2025-ale-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0372 Multiples vulnérabilités dans les produits IBM 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0371 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0370 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0369 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0368 Vulnérabilité dans les produits Microsoft 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0367 Multiples vulnérabilités dans Zabbix 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0366 Multiples vulnérabilités dans Traefik 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0365 Multiples vulnérabilités dans Spring AI 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0364 Multiples vulnérabilités dans les produits Siemens 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0363 Multiples vulnérabilités dans les produits NetApp 2026-03-27T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0300 Multiples vulnérabilités dans Mattermost Server 2026-03-17T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0133 Multiples vulnérabilités dans Roundcube 2026-02-09T00:00:00.000000 2026-03-27T00:00:00.000000
certfr-2026-avi-0362 Multiples vulnérabilités dans les produits Microsoft 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0361 Multiples vulnérabilités dans Cisco IOS et IOS XE 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0360 Multiples vulnérabilités dans ISC BIND 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0359 Multiples vulnérabilités dans Grafana 2026-03-26T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0201 Multiples vulnérabilités dans Mattermost Server 2026-02-24T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-avi-0358 Vulnérabilité dans Citrix XenServer 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0357 Multiples vulnérabilités dans GitLab 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0356 Vulnérabilité dans ISC Kea 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0355 Multiples vulnérabilités dans les produits Apple 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0354 Multiples vulnérabilités dans les produits Mozilla 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0353 Multiples vulnérabilités dans Zabbix 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0352 Multiples vulnérabilités dans les produits F5 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0351 Vulnérabilité dans Tenable OT Platform 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0350 Multiples vulnérabilités dans Squid 2026-03-25T00:00:00.000000 2026-03-25T00:00:00.000000
certfr-2026-avi-0349 Multiples vulnérabilités dans Ruby on Rails 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0348 Vulnérabilité dans Trend Micro Deep Discovery Inspector 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0347 Vulnérabilité dans Xen 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
certfr-2026-avi-0346 Vulnérabilité dans VMware Tanzu pour Postgres 2026-03-24T00:00:00.000000 2026-03-24T00:00:00.000000
ID Description Published Updated
jvndb-2026-009147 Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2026-03-27T18:18+09:00 2026-03-27T18:18+09:00
jvndb-2026-009148 Open Redirect Vulnerability in Hitachi Ops Center Administrator 2026-03-27T18:17+09:00 2026-03-27T18:17+09:00
jvndb-2026-000047 Multiple vulnerabilities in baserCMS 2026-03-27T18:00+09:00 2026-03-27T18:00+09:00
jvndb-2026-000045 WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting 2026-03-27T17:34+09:00 2026-03-27T17:34+09:00
jvndb-2026-000046 Multiple vulnerabilities in BUFFALO Wi-Fi routers 2026-03-27T17:18+09:00 2026-03-27T17:18+09:00
jvndb-2026-000044 Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000042 Digital Photo Frame GH-WDF10A vulnerable to improper access restriction 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000043 SHARP routers missing authentication for some web APIs 2026-03-25T18:41+09:00 2026-03-25T18:41+09:00
jvndb-2026-000040 Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries 2026-03-25T18:13+09:00 2026-03-25T18:13+09:00
jvndb-2026-000041 SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths 2026-03-25T17:58+09:00 2026-03-25T17:58+09:00
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-03-23T14:54+09:00
jvndb-2026-007524 Vulnerability in Hitachi Command Suite 2026-03-17T16:42+09:00 2026-03-17T16:42+09:00
jvndb-2026-000038 Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries 2026-03-17T14:57+09:00 2026-03-17T14:57+09:00
jvndb-2026-000039 Missing authorization in the OpenAI thread/message API endpoints of GROWI 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-000037 OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-006887 Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 2026-03-12T17:22+09:00 2026-03-12T17:22+09:00
jvndb-2026-000036 Improper file access permission settings in multiple Digital Arts products 2026-03-09T14:57+09:00 2026-03-09T16:23+09:00
jvndb-2026-000035 Installer for Qsee Client may insecurely load Dynamic Link Libraries 2026-03-09T14:57+09:00 2026-03-09T14:57+09:00
jvndb-2026-006102 Security issues in ESC/POS 2026-03-06T10:31+09:00 2026-03-06T10:31+09:00
jvndb-2026-000034 django-allauth vulnerable to open redirect 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000033 EC-CUBE vulnerable to multi-factor authentication bypass 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000032 Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) 2026-03-04T12:20+09:00 2026-03-04T12:20+09:00
jvndb-2026-005746 Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005744 Canon IJ Scan Utility registers Windows services with unquoted file paths 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-000030 IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization 2026-02-27T15:41+09:00 2026-03-03T10:06+09:00
jvndb-2026-005259 Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) 2026-03-02T11:46+09:00 2026-03-02T11:46+09:00
jvndb-2026-000031 Improper file access permission settings in the installers for multiple Soliton Systems products 2026-02-27T15:41+09:00 2026-02-27T15:41+09:00
jvndb-2026-000029 Multiple vulnerabilities in the installer of FinalCode Client 2026-02-26T14:24+09:00 2026-02-26T14:24+09:00
jvndb-2026-004811 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-004810 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
ID Description Published Updated
cnvd-2026-11369 厦门熵基科技有限公司人证魔方身份认证管理系统存在SQL注入漏洞 2026-02-05 2026-03-22
cnvd-2026-11389 用友网络科技股份有限公司U8 Cloud存在SQL注入漏洞(CNVD-C-2026-72551) 2026-02-04 2026-03-21
cnvd-2026-14410 Microsoft Exchange Server欺骗漏洞(CNVD-2026-14410) 2025-12-12 2026-03-20
cnvd-2026-14409 UTT 520W goform/formIpGroupConfig文件缓冲区溢出漏洞 2026-02-11 2026-03-20
cnvd-2026-14408 Microsoft Excel代码执行漏洞(CNVD-2026-14408) 2026-03-17 2026-03-20
cnvd-2026-14407 TeamViewer DEX Client权限提升漏洞 2025-12-18 2026-03-20
cnvd-2026-14406 MailEnable不安全DLL加载漏洞(CNVD-2026-14406) 2025-12-18 2026-03-20
cnvd-2026-14405 MailEnableMailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14405) 2025-12-18 2026-03-20
cnvd-2026-14404 MailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14404) 2025-12-18 2026-03-20
cnvd-2026-14403 MailEnableMailEnable不安全DLL加载漏洞(CNVD-2026-14403) 2025-12-18 2026-03-20
cnvd-2026-14402 MailEnable不安全DLL加载漏洞(CNVD-2026-14402) 2025-12-18 2026-03-20
cnvd-2026-14401 MailEnable不安全DLL加载漏洞(CNVD-2026-14401) 2025-12-18 2026-03-20
cnvd-2026-14400 MailEnable不安全DLL加载漏洞(CNVD-2026-14400) 2025-12-18 2026-03-20
cnvd-2026-14399 MailEnable不安全DLL加载漏洞(CNVD-2026-14399) 2025-12-18 2026-03-20
cnvd-2026-14398 MailEnable不安全DLL加载漏洞 2025-12-18 2026-03-20
cnvd-2026-14397 OpenClaw安全绕过漏洞 2026-03-12 2026-03-20
cnvd-2026-14396 OpenClaw文件包含漏洞 2026-03-12 2026-03-20
cnvd-2026-14395 OpenClaw访问控制错误漏洞(CNVD-2026-14395) 2026-03-12 2026-03-20
cnvd-2026-14394 OpenClaw目录遍历漏洞(CNVD-2026-14394) 2026-03-17 2026-03-20
cnvd-2026-14393 OpenClaw远程代码执行漏洞(CNVD-2026-14393) 2026-03-17 2026-03-20
cnvd-2026-14392 OpenClaw目录遍历漏洞(CNVD-2026-14392) 2026-03-17 2026-03-20
cnvd-2026-14391 OpenClaw代码注入漏洞(CNVD-2026-14391) 2026-03-17 2026-03-20
cnvd-2026-14390 OpenClaw访问控制错误漏洞(CNVD-2026-14390) 2026-03-19 2026-03-20
cnvd-2026-14389 OpenClaw信息泄露漏洞(CNVD-2026-14389) 2026-03-19 2026-03-20
cnvd-2026-14388 OpenClaw目录遍历漏洞 2026-03-17 2026-03-20
cnvd-2026-14387 WordPress插件Calculated Fields Form跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14386 WordPress插件Avada Core跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14385 WordPress插件Astra Bulk Edit跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14384 WordPress插件Active Products Tables for WooCommerce跨站脚本漏洞 2026-03-19 2026-03-20
cnvd-2026-14383 WordPress插件Aardvark跨站脚本漏洞 2026-03-02 2026-03-20
ID Description Published Updated
bdu:2026-01844 Уязвимость сервиса безопасности Advanced DNS Security (ADNS) операционной системы PAN-OS,… 16.02.2026 16.02.2026
bdu:2026-01843 Уязвимость функции loadRLE() загрузчика TGA-изображений (PluginTARGA.cpp) графической биб… 16.02.2026 16.02.2026
bdu:2026-01842 Уязвимость функции ws_user_gerList() сценария pwg.users.php системы управления контентом … 16.02.2026 16.02.2026
bdu:2026-01841 Уязвимость компонента Updater облачной платформы управления контейнерами Arcane, позволяю… 16.02.2026 16.02.2026
bdu:2026-01840 Уязвимость ИИ-агента OpenClaw (ранее - ClawdBot или MoltBot), связанная с отсутствием про… 16.02.2026 16.02.2026
bdu:2026-01839 Уязвимость функции blocked_path() пакета Python для создания приложений для моделей машин… 16.02.2026 16.02.2026
bdu:2026-01838 Уязвимость драйверов графических процессоров NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, свя… 16.02.2026 16.02.2026
bdu:2026-01837 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01836 Уязвимость микропрограммного обеспечения графических процессоров Imagination, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01835 Уязвимость драйвера ESXi base микропрограммного обеспечения сетевых контроллеров Intel 80… 16.02.2026 16.02.2026
bdu:2026-01834 Уязвимость микропрограммного обеспечения контроллеров Intel Ethernet серии E810, связанна… 16.02.2026 16.02.2026
bdu:2026-01833 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01832 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01831 Уязвимость технологий Intel Active Management Technology (AMT) и Intel Standard Manageabi… 16.02.2026 16.02.2026
bdu:2026-01830 Уязвимость компонента File input браузера Google Chrome, позволяющая нарушителю осуществи… 16.02.2026 16.02.2026
bdu:2026-01829 Уязвимость компонента PictureInPicture браузера Google Chrome, позволяющая нарушителю ока… 16.02.2026 16.02.2026
bdu:2026-01828 Уязвимость компонента Animation браузера Google Chrome, позволяющая нарушителю оказать во… 16.02.2026 16.02.2026
bdu:2026-01827 Уязвимость функции конфиденциальности Fenced Frames браузера Google Chrome, позволяющая н… 16.02.2026 16.02.2026
bdu:2026-01826 Уязвимость компонента WebGPU браузера Google Chrome, позволяющая нарушителю вызвать отказ… 16.02.2026 16.02.2026
bdu:2026-01825 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01824 Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связ… 16.02.2026 16.02.2026
bdu:2026-01823 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01822 Уязвимость операционных систем Fortinet FortiOS, связанная с недостаточной проверкой исто… 16.02.2026 16.02.2026
bdu:2026-01821 Уязвимость функции межсетевых экранов SSL-VPN операционных систем Fortinet FortiOS, позво… 16.02.2026 16.02.2026
bdu:2026-01820 Уязвимость интерфейса командной строки операционных систем Fortinet FortiOS, позволяющая … 16.02.2026 16.02.2026
bdu:2026-01819 Уязвимость графического пользовательского интерфейса операционных систем Fortinet FortiOS… 16.02.2026 16.02.2026
bdu:2026-01818 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01817 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01816 Уязвимость программного обеспечения для разработки 3D-моделей Autodesk Fusion, связанная … 16.02.2026 16.02.2026
bdu:2026-01815 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с не… 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-s… 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E ha… 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digita… 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobile… 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications … 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6… 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of … 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulnera… 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution … 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monter… 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used… 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 … 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent … 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Ne… 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includ… 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial … 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vul… 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft… 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilit… 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, … 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d… 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClie… 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vul… 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP … 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili… 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2018-003 PHOENIX CONTACT: addressing Meltdown and Spectre vulnerabilities 2018-03-23T09:43:00.000Z 2025-10-01T08:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2019-015 PHOENIX CONTACT: Security Advisory for multiple Industrial Controllers 2019-08-07T00:00:00.000Z 2025-07-11T07:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2020-002 PHOENIX CONTACT: Advisory for multiple FL Switch GHS utilising VxWorks 2020-02-25T09:07:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-051 PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family 2022-11-15T09:27:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
ID Description Published Updated
advisory2026-03_vde-2026-018 CODESYS Control V3 - Externally-controlled format string in Auditlog 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-02_vde-2026-011 CODESYS Control V3 - Untrusted boot application 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
ID Description Published Updated
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL – Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI – devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* – Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
ID Description Published Updated
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
ID Description Published Updated
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2018-013 WAGO: 750-8xx Controller Denial of Service 2018-08-17T09:45:00.000Z 2025-09-22T10:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-011 WAGO: Multiple Vulnerabilities in I/O-Check Service 2020-03-09T09:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-009 WAGO: e!Cockpit Two Update Package Vulnerabilities 2020-03-09T09:18:00.000Z 2025-05-22T13:03:10.000Z
vde-2018-010 WAGO: Multiple vulnerabilities in e!DISPLAY products 2018-07-10T09:50:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-036 WAGO: Multiple Vulnerabilities in I/O-Check Service 2021-06-29T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-044 WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX 2021-08-31T07:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-042 WAGO: PLC families 750-88x and 750-352 prone to DoS attack, versions < FW10 (Update A) 2020-10-27T10:28:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-024 Auma: SIMA² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2025-12-05T11:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0021
10 (4.0)
Critical RCE Vulnerability reported in Windchill windchill
 FlexPLM
 2026-03-23T12:30:40.249187Z 2026-03-23T12:30:40.249187Z
GCVE-1-2026-0020
10 (4.0)
Remote Code Execution Attack Against Eircom D1000 Router Eir
 D1000
 2026-03-11T14:12:00.000Z 2026-03-11T14:23:24.609831Z
GCVE-1-2026-0019
6.4 (4.0)
Improper URL validation in MISP dashboard button widge… misp
 misp
 2026-02-27T14:55:00.000Z 2026-02-27T15:44:29.998063Z
GCVE-1-2026-0018
6.5 (4.0)
Improper access control in MISP user contact form allo… misp
 misp
 2026-02-27T13:25:32.632362Z 2026-02-27T13:25:32.632362Z
GCVE-1-2026-0017
7.2 (4.0)
Improper Neutralization of Raw HTML in MISP modules Ma… misp
 misp-modules
 2026-02-27T13:10:24.641948Z 2026-02-27T13:10:24.641948Z
GCVE-1-2026-0016
7 (4.0)
Server-Side Request Forgery via Event Report Import Fr… misp
 misp
 2026-02-27T10:56:32.745676Z 2026-02-27T10:56:32.745676Z
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDA… fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifi… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Rese… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enum… vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet … EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer ha… EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer ne… EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authentication… gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encry… cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model A… cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlle… cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URL… misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)… typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identif… misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was id… misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Du… misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Ad… misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped … misp
 misp
 2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036
8.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability w… misp
 misp
 2025-12-10T13:46:07.170083Z 2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035
8.3 (4.0)
Insufficient sanitization of bundle metadata (availabl… CIRCL
 vulnerability-lookup
 2025-12-08T10:25:00.000Z 2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034
7 (4.0)
Missing CSRF protection on state-changing endpoints in… CIRCL
 vulnerability-lookup
 2025-12-08T10:19:00.000Z 2025-12-08T12:13:24.197294Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectin… Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z