Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-vjcx-2xxh-mc9h | OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of prope… | 2025-12-13T03:30:10Z | 2025-12-13T03:30:10Z |
| ghsa-w8rj-5g22-x32j | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-r9xx-rmrv-8vpg | A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-r9x3-jhcx-h8m8 | A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown fu… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-33w4-5frm-xxvg | A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown fu… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-33jh-2f37-89xc | A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unk… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-vx9q-rhv9-3jvg | aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reuse… | 2025-12-12T22:12:22Z | 2025-12-12T22:12:22Z |
| ghsa-xgv8-hj8c-q8g5 | A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma 14.… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-x99h-3hw3-9936 | An information disclosure issue was addressed with improved privacy controls. This issue is fixed i… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-w499-9j2p-8m3w | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-v8cp-m2g2-whfj | An information disclosure issue was addressed with improved privacy controls. This issue is fixed i… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-rm5f-hw9v-gxx7 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-rjjj-vg83-2j3w | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing re… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-r8ww-q8x3-4wc9 | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-p5pj-g9wc-c3v2 | An integer overflow was addressed by adopting 64-bit timestamps. This issue is fixed in macOS Sonom… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-mwm2-pvv7-x7ch | An inconsistent user interface issue was addressed with improved state management. This issue is fi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-mq2v-chph-r4rp | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-m8x7-m39c-62g2 | The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may b… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-jwqp-m44c-cw7x | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-jw27-39xw-8fjx | A memory corruption issue was addressed with improved lock state checking. This issue is fixed in w… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-hxrq-3q3q-73qm | A logic error was addressed with improved error handling. This issue is fixed in macOS Tahoe 26.1. … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-hr7m-hf2x-j4vh | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-hg42-5fw6-5rj9 | A parsing issue in the handling of directory paths was addressed with improved path validation. Thi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-g7qx-4r9v-657r | A session management issue was addressed with improved checks. This issue is fixed in macOS Sonoma … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-fqh2-qgmv-w3w8 | This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-f9j9-m66j-c8p5 | A privacy issue was addressed with improved private data redaction for log entries. This issue is f… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-f6q6-cgpm-5wr2 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-cx5h-j8w3-whpr | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing re… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-cqf3-9crc-rw2h | A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Son… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-cpgx-69vf-4936 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ta… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-14607 | OFFIS DCMTK dcmdata dcbytstr.cc makeDicomByteString me… |
OFFIS |
DCMTK |
2025-12-13T13:02:07.302Z | 2025-12-13T13:02:07.302Z | |
| cve-2025-14606 | tiny-rdm Tiny RDM Pickle Decoding pickle_convert.go pi… |
tiny-rdm |
Tiny RDM |
2025-12-13T12:32:06.262Z | 2025-12-13T12:32:06.262Z | |
| cve-2025-14590 | code-projects Prison Management System search1.php sql… |
code-projects |
Prison Management System |
2025-12-13T12:02:06.694Z | 2025-12-13T12:02:06.694Z | |
| cve-2025-14589 | code-projects Prison Management System search.php sql … |
code-projects |
Prison Management System |
2025-12-13T10:32:07.091Z | 2025-12-13T10:32:07.091Z | |
| cve-2025-14588 | itsourcecode Student Management System update_program.… |
itsourcecode |
Student Management System |
2025-12-13T10:02:06.526Z | 2025-12-13T10:02:06.526Z | |
| cve-2025-14542 | 7.5 (v3.1) | Command execution in python-utcp allows attackers to a… |
|
|
2025-12-13T09:59:41.376Z | 2025-12-13T09:59:41.376Z |
| cve-2025-14587 | itsourcecode Online Pet Shop Management System availab… |
itsourcecode |
Online Pet Shop Management System |
2025-12-13T09:32:06.619Z | 2025-12-13T09:32:06.619Z | |
| cve-2025-8780 | Livemesh SiteOrigin Widgets <= 3.9.1 - Authenticated (… |
livemesh |
Livemesh SiteOrigin Widgets |
2025-12-13T08:21:15.695Z | 2025-12-13T08:21:15.695Z | |
| cve-2025-9856 | Popup Builder – Create highly converting, mobile frien… |
popupbuilder |
Popup Builder – Create highly converting, mobile friendly marketing popups. |
2025-12-13T08:21:15.324Z | 2025-12-13T08:21:15.324Z | |
| cve-2025-8687 | Enter Addons <= 2.2.7 - Authenticated (Contributor+) S… |
themelooks |
Enter Addons – Ultimate Template Builder for Elementor |
2025-12-13T08:21:14.931Z | 2025-12-13T08:21:14.931Z | |
| cve-2025-8199 | MarqueeAddons <= 2.4.3 - Authenticated (Contributor+) … |
debuggersstudio |
Marquee Addons for Elementor – Advanced Elements & Modern Motion Widgets |
2025-12-13T08:21:14.556Z | 2025-12-13T08:21:14.556Z | |
| cve-2025-8195 | JetWidgets For Elementor <= 1.0.20 - Authenticated (Co… |
jetmonsters |
JetWidgets For Elementor |
2025-12-13T08:21:14.169Z | 2025-12-13T08:21:14.169Z | |
| cve-2025-0969 | Brizy – Page Builder <= 2.7.16 - Authenticated (Contri… |
themefusecom |
Brizy – Page Builder |
2025-12-13T08:21:13.768Z | 2025-12-13T08:21:13.768Z | |
| cve-2025-7960 | King Addons for Elementor <= 51.1.39 - Authenticated (… |
kingaddons |
King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets for Elementor |
2025-12-13T08:21:13.187Z | 2025-12-13T08:21:13.187Z | |
| cve-2025-36747 | 9.4 (v4.0) | Hardcoded FTP Credentials within the firmware |
Growatt |
ShineLan-X |
2025-12-13T08:16:25.804Z | 2025-12-13T08:16:25.804Z |
| cve-2025-36752 | 9.4 (v4.0) | Undocumented backup Account and No Password Configurat… |
Growatt |
ShineLan-X |
2025-12-13T08:16:25.088Z | 2025-12-13T08:16:25.088Z |
| cve-2025-36754 | 9.3 (v4.0) | Authentication bypass on web interface |
Growatt |
ShineLan-X |
2025-12-13T08:16:24.266Z | 2025-12-13T08:16:24.266Z |
| cve-2025-36748 | 8.4 (v4.0) | Stored Cross-Site Scripting (XSS) vulnerability in Gro… |
Growatt |
ShineLan-X |
2025-12-13T08:16:23.523Z | 2025-12-13T08:16:23.523Z |
| cve-2025-36750 | 8.5 (v4.0) | Stored cross site scripting (XSS) vulnerability in Gro… |
Growatt |
ShineLan-X |
2025-12-13T08:16:22.832Z | 2025-12-13T08:16:22.832Z |
| cve-2025-36753 | 8.6 (v4.0) | SWD Interface Open on Growatt ShineLan-X |
Growatt |
ShineLan-X |
2025-12-13T08:16:22.056Z | 2025-12-13T08:16:22.056Z |
| cve-2025-36751 | 9.4 (v4.0) | Missing encryption on Local Configuration Interface or… |
Growatt |
ShineLan-X |
2025-12-13T08:16:21.309Z | 2025-12-13T08:16:21.309Z |
| cve-2025-10289 | Filter & Grids <= 3.2.0 - Unauthenticated SQL Injection |
wssoffice21 |
Filter & Grids |
2025-12-13T07:21:05.480Z | 2025-12-13T07:21:05.480Z | |
| cve-2025-8779 | All-in-One Addons for Elementor – WidgetKit <= 2.5.6 -… |
shamsbd71 |
All-in-One Addons for Elementor – WidgetKit |
2025-12-13T07:21:05.080Z | 2025-12-13T07:21:05.080Z | |
| cve-2025-9207 | TI WooCommerce Wishlist <= 2.10.0 - Unauthenticated HT… |
templateinvaders |
TI WooCommerce Wishlist |
2025-12-13T07:21:04.397Z | 2025-12-13T07:21:04.397Z | |
| cve-2025-10738 | URL Shortener Plugin For WordPress <= 3.0.7 - Unauthen… |
rupok98 |
URL Shortener Plugin For WordPress |
2025-12-13T06:33:55.887Z | 2025-12-13T06:33:55.887Z | |
| cve-2025-14586 | TOTOLINK X5000R cstecgi.cgi snprintf os command injection |
TOTOLINK |
X5000R |
2025-12-13T06:32:10.624Z | 2025-12-13T06:32:10.624Z | |
| cve-2025-9116 | N/A | WPS Visitor Counter Plugin <= 1.4.8 - Reflected XSS vi… |
Unknown |
WPS Visitor Counter Plugin |
2025-12-13T06:00:08.052Z | 2025-12-13T06:00:08.052Z |
| cve-2025-12362 | myCred – Points Management System For Gamification, Ra… |
saadiqbal |
myCred – Points Management System For Gamification, Ranks, Badges, and Loyalty Program. |
2025-12-13T05:42:41.229Z | 2025-12-13T05:42:41.229Z | |
| cve-2025-14446 | Popup Builder <= 1.1.37 - Missing Authorization to Aut… |
ghozylab |
Popup Builder |
2025-12-13T04:31:34.148Z | 2025-12-13T04:31:34.148Z | |
| cve-2025-11693 | Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthe… |
recorp |
Export WP Pages to HTML & PDF – Simply Create a Static Website |
2025-12-13T04:31:33.724Z | 2025-12-13T04:31:33.724Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13970 | 8 (v3.1) 7 (v4.0) | OpenPLC_V3 Cross-Site Request Forgery |
OpenPLC_V3 |
OpenPLC_V3 |
2025-12-13T00:03:20.869Z | 2025-12-13T00:03:20.869Z |
| cve-2025-67749 | PCSX2 has an Out-of-bounds Read due to unchecked offse… |
PCSX2 |
pcsx2 |
2025-12-12T22:24:57.520Z | 2025-12-12T22:24:57.520Z | |
| cve-2025-67721 | Aircompressor's Snappy and LZ4 Java-based decompressor… |
airlift |
aircompressor |
2025-12-12T22:11:10.971Z | 2025-12-12T22:11:10.971Z | |
| cve-2025-14585 | itsourcecode COVID Tracking System page sql injection |
itsourcecode |
COVID Tracking System |
2025-12-12T22:32:08.732Z | 2025-12-12T22:32:08.732Z | |
| cve-2025-14584 | itsourcecode COVID Tracking System Admin Login login.p… |
itsourcecode |
COVID Tracking System |
2025-12-12T22:32:05.904Z | 2025-12-12T22:32:05.904Z | |
| cve-2025-14066 | N/A | {'providerMetadata': {'orgId': 'ceab7361-8a18-47b1-92ba-4d7d25f6715a', 'shortName': 'GitLab', 'dateUpdated': '2025-12-12T22:19:35.266Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]} | N/A | N/A | 2025-12-12T22:19:35.266Z | |
| cve-2025-14583 | campcodes Online Student Enrollment System register.ph… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:09.974Z | 2025-12-12T22:02:09.974Z | |
| cve-2025-14582 | campcodes Online Student Enrollment System index.php u… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:07.303Z | 2025-12-12T22:02:07.303Z | |
| cve-2025-67750 | Lightning Flow Scanner is Vulnerable to Code Injection… |
Flow-Scanner |
lightning-flow-scanner |
2025-12-12T20:14:21.004Z | 2025-12-12T20:50:57.161Z | |
| cve-2025-67634 | Software Acquisition Guide Supplier Response Web Tool XSS |
CISA |
Software Acquisition Guide Tool |
2025-12-12T20:36:25.597Z | 2025-12-12T20:36:25.597Z | |
| cve-2025-46289 | N/A | A logic issue was addressed with improved file ha… |
Apple |
macOS |
2025-12-12T20:56:34.997Z | 2025-12-12T20:56:34.997Z |
| cve-2025-46287 | N/A | An inconsistent user interface issue was addresse… |
Apple |
macOS |
2025-12-12T20:56:48.646Z | 2025-12-12T20:56:48.646Z |
| cve-2025-46285 | N/A | An integer overflow was addressed by adopting 64-… |
Apple |
macOS |
2025-12-12T20:56:40.352Z | 2025-12-12T20:56:40.352Z |
| cve-2025-46276 | N/A | An information disclosure issue was addressed wit… |
Apple |
macOS |
2025-12-12T20:56:27.674Z | 2025-12-12T20:56:27.674Z |
| cve-2025-43542 | N/A | This issue was addressed with improved state mana… |
Apple |
macOS |
2025-12-12T20:56:57.008Z | 2025-12-12T20:56:57.008Z |
| cve-2025-43539 | N/A | The issue was addressed with improved bounds chec… |
Apple |
macOS |
2025-12-12T20:56:58.101Z | 2025-12-12T20:56:58.101Z |
| cve-2025-43538 | N/A | A logging issue was addressed with improved data … |
Apple |
macOS |
2025-12-12T20:56:59.178Z | 2025-12-12T20:56:59.178Z |
| cve-2025-43532 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2025-12-12T20:56:45.545Z | 2025-12-12T20:56:45.545Z |
| cve-2025-43530 | N/A | This issue was addressed with improved checks. Th… |
Apple |
macOS |
2025-12-12T20:56:36.039Z | 2025-12-12T20:56:36.039Z |
| cve-2025-43527 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:31.854Z | 2025-12-12T20:56:31.854Z |
| cve-2025-43523 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:54.939Z | 2025-12-12T20:56:54.939Z |
| cve-2025-43522 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-12-12T20:57:04.786Z | 2025-12-12T20:57:04.786Z |
| cve-2025-43521 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-12-12T20:56:17.101Z | 2025-12-12T20:56:17.101Z |
| cve-2025-43520 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2025-12-12T20:56:25.542Z | 2025-12-12T20:56:25.542Z |
| cve-2025-43519 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:52.823Z | 2025-12-12T20:56:52.823Z |
| cve-2025-43518 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:57:05.818Z | 2025-12-12T20:57:05.818Z |
| cve-2025-43517 | N/A | A privacy issue was addressed with improved priva… |
Apple |
macOS |
2025-12-12T20:56:19.259Z | 2025-12-12T20:56:19.259Z |
| cve-2025-43516 | N/A | A session management issue was addressed with imp… |
Apple |
macOS |
2025-12-12T20:56:22.471Z | 2025-12-12T20:56:22.471Z |
| cve-2025-43513 | N/A | A permissions issue was addressed by removing the… |
Apple |
macOS |
2025-12-12T20:56:41.283Z | 2025-12-12T20:56:41.283Z |
| cve-2025-43512 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:56:51.767Z | 2025-12-12T20:56:51.767Z |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2025-52 | gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2024-85 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:05:38.757067Z |
| pysec-2024-84 | Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:23:14.975110Z |
| pysec-2024-83 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:05:38.565488Z |
| pysec-2024-82 | Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:23:14.749401Z |
| pysec-2023-278 | MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2025-12-09T17:05:38.354023Z |
| pysec-2020-220 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192560 | Malicious code in kashif-mallah-fca (npm) | 2025-12-12T06:36:00Z | 2025-12-12T06:36:00Z |
| mal-2025-192559 | Malicious code in iraza2-fca (npm) | 2025-12-12T06:35:59Z | 2025-12-12T06:36:00Z |
| mal-2025-192567 | Malicious code in uba-plugins (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:06Z |
| mal-2025-192563 | Malicious code in sd-pay-ts (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:06Z |
| mal-2025-192562 | Malicious code in sd-pay (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192561 | Malicious code in pp-js-lib (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192558 | Malicious code in eslint-config-zoo (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192556 | Malicious code in cms_comp_static (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192555 | Malicious code in cms_comp (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192554 | Malicious code in camscanner-seo (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192565 | Malicious code in sdbao-content-sems (npm) | 2025-12-12T06:34:05Z | 2025-12-12T06:34:06Z |
| mal-2025-192564 | Malicious code in sdbao-content-report (npm) | 2025-12-12T06:34:05Z | 2025-12-12T06:34:06Z |
| mal-2025-192557 | Malicious code in cos-js-sdk-v6 (npm) | 2025-12-12T06:34:05Z | 2025-12-12T06:34:06Z |
| mal-2025-192553 | Malicious code in abrhide (npm) | 2025-12-12T06:31:55Z | 2025-12-12T06:31:56Z |
| mal-2025-192566 | Malicious code in shopify-monorail (npm) | 2025-12-12T06:31:00Z | 2025-12-12T06:31:06Z |
| mal-2025-192552 | Malicious code in hfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:27Z |
| mal-2025-192551 | Malicious code in gfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:32Z |
| mal-2025-192550 | Malicious code in fruit-malicious-xml-parser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192549 | Malicious code in ffruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:27Z |
| mal-2025-192548 | Malicious code in efruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:31Z |
| mal-2025-192547 | Malicious code in dfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:31Z |
| mal-2025-192546 | Malicious code in cfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192545 | Malicious code in bfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192544 | Malicious code in afruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192540 | Malicious code in elf-stats-twinkling-wishlist-283 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192539 | Malicious code in elf-stats-twinkling-bell-867 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192538 | Malicious code in elf-stats-tinsel-sleigh-669 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192537 | Malicious code in elf-stats-tinsel-cookiejar-315 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192536 | Malicious code in elf-stats-sugarplum-wishlist-141 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192535 | Malicious code in elf-stats-sugarplum-toolkit-176 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2814 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-11T23:00:00.000+00:00 |
| wid-sec-w-2025-2789 | Adobe Experience Manager: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-10T23:00:00.000+00:00 |
| wid-sec-w-2025-2751 | WebKitGTK: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2750 | Apache HTTP Server: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2746 | IBM InfoSphere Information Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2738 | Vercel Next.js und React Server Components (React2Shell): Schwachstelle ermöglicht Codeausführung | 2025-12-03T23:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2730 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-02T23:00:00.000+00:00 | 2025-12-03T23:00:00.000+00:00 |
| wid-sec-w-2025-2717 | Django: Mehrere Schwachstellen | 2025-12-02T23:00:00.000+00:00 | 2025-12-02T23:00:00.000+00:00 |
| wid-sec-w-2025-2711 | Android Patchday Dezember 2025: Mehrere Schwachstellen | 2025-12-01T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2703 | Zabbix: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2701 | xwiki (XJetty): Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2700 | CODESYS Control und Development System: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2697 | Devolutions Remote Desktop Manager und Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-11-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2687 | Apache CloudStack: Mehrere Schwachstellen | 2025-11-26T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2676 | GeoServer: Mehrere Schwachstellen | 2025-11-25T23:00:00.000+00:00 | 2025-12-11T23:00:00.000+00:00 |
| wid-sec-w-2025-2670 | Fluent Bit: Mehrere Schwachstellen | 2025-11-24T23:00:00.000+00:00 | 2025-11-25T23:00:00.000+00:00 |
| wid-sec-w-2025-2667 | Janitza UMG 96-PA und UMG 96-PA-MID+: Schwachstelle ermöglicht Denial of Service | 2025-11-23T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2663 | libpng: Mehrere Schwachstellen | 2025-11-23T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2661 | Google Cloud Platform (Looker): Schwachstelle ermöglicht Ausführen von beliebigem Programmcode | 2025-11-23T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2655 | CUPS-Filters: Schwachstelle ermöglicht Codeausführung | 2025-11-20T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2654 | MongoDB (Server): Schwachstelle ermöglicht Denial of Service | 2025-11-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2653 | Microsoft Visual Studio Code: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-11-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2652 | Red Hat Satellite: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2651 | GnuTLS: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-11-19T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2649 | Google Cloud Platform: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-11-19T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2647 | SonicWall Email Security: Mehrere Schwachstellen | 2025-11-19T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2643 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-11-19T23:00:00.000+00:00 | 2025-11-26T23:00:00.000+00:00 |
| wid-sec-w-2025-2640 | SonicWall SSL-VPN: Schwachstelle ermöglicht Denial of Service | 2025-11-19T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2638 | Grub: Mehrere Schwachstellen | 2025-11-18T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2636 | OpenVPN: Mehrere Schwachstellen | 2025-11-18T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-416652 | SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-202008 | SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-693808 | SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-493396 | SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-693776 | SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2 | 2025-06-10T00:00:00Z | 2025-06-10T00:00:00Z |
| ssa-633269 | SSA-633269: Incorrect Authorization Check Vulnerability in Industrial Communication Devices based on SINEC OS before V3.1 | 2025-06-10T00:00:00Z | 2025-06-10T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:22345 | Red Hat Security Advisory: Red Hat OpenShift Developer Tools - Source-to-Image 1.5.2 | 2025-11-27T22:06:09+00:00 | 2025-11-27T23:59:25+00:00 |
| rhsa-2025:22287 | Red Hat Security Advisory: Red Hat Quay 3.9 | 2025-11-27T14:54:51+00:00 | 2025-11-29T06:53:27+00:00 |
| rhsa-2025:21829 | Red Hat Security Advisory: OpenShift Container Platform 4.12.83 bug fix and security update | 2025-11-27T12:20:57+00:00 | 2025-11-27T17:38:04+00:00 |
| rhsa-2025:21824 | Red Hat Security Advisory: OpenShift Container Platform 4.16.53 bug fix and security update | 2025-11-27T11:08:51+00:00 | 2025-11-27T17:38:15+00:00 |
| rhsa-2025:21795 | Red Hat Security Advisory: OpenShift Container Platform 4.18.29 bug fix and security update | 2025-11-27T04:24:21+00:00 | 2025-11-27T17:38:14+00:00 |
| rhsa-2025:22205 | Red Hat Security Advisory: bind security update | 2025-11-26T21:38:30+00:00 | 2025-11-27T11:41:16+00:00 |
| rhsa-2025:22190 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update | 2025-11-26T17:02:38+00:00 | 2025-11-26T21:26:25+00:00 |
| rhsa-2025:22188 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 Security update | 2025-11-26T16:59:23+00:00 | 2025-11-26T21:26:20+00:00 |
| rhsa-2025:22187 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update | 2025-11-26T16:59:20+00:00 | 2025-11-26T21:26:20+00:00 |
| rhsa-2025:22181 | Red Hat Security Advisory: golang security update | 2025-11-26T15:05:54+00:00 | 2025-11-27T23:59:23+00:00 |
| rhsa-2025:22182 | Red Hat Security Advisory: Red Hat Quay 3.10.16 | 2025-11-26T14:52:57+00:00 | 2025-11-29T06:53:26+00:00 |
| rhsa-2025:22179 | Red Hat Security Advisory: RHSA 4.8.6 security and bug fix update | 2025-11-26T13:57:08+00:00 | 2025-11-26T15:51:13+00:00 |
| rhsa-2025:22177 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T13:19:45+00:00 | 2025-11-27T14:15:58+00:00 |
| rhsa-2025:22175 | Red Hat Security Advisory: expat security update | 2025-11-26T11:07:19+00:00 | 2025-11-27T11:41:12+00:00 |
| rhsa-2025:22168 | Red Hat Security Advisory: bind9.16 security update | 2025-11-26T07:25:14+00:00 | 2025-11-27T03:24:39+00:00 |
| rhsa-2025:22167 | Red Hat Security Advisory: tigervnc security update | 2025-11-26T07:17:26+00:00 | 2025-11-26T15:30:40+00:00 |
| rhsa-2025:22163 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T05:49:49+00:00 | 2025-11-27T14:15:58+00:00 |
| rhsa-2025:22164 | Red Hat Security Advisory: tigervnc security update | 2025-11-26T05:26:30+00:00 | 2025-11-26T09:25:19+00:00 |
| rhsa-2025:22162 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T05:26:29+00:00 | 2025-11-27T14:16:01+00:00 |
| rhsa-2025:22124 | Red Hat Security Advisory: kernel-rt security update | 2025-11-25T18:17:51+00:00 | 2025-11-25T21:29:42+00:00 |
| rhsa-2025:22095 | Red Hat Security Advisory: kernel security update | 2025-11-25T17:26:16+00:00 | 2025-11-25T21:29:44+00:00 |
| rhsa-2025:22096 | Red Hat Security Advisory: tigervnc security update | 2025-11-25T17:25:56+00:00 | 2025-11-26T09:25:17+00:00 |
| rhsa-2025:22087 | Red Hat Security Advisory: kernel-rt security update | 2025-11-25T16:42:52+00:00 | 2025-11-25T21:29:43+00:00 |
| rhsa-2025:22090 | Red Hat Security Advisory: Red Hat build of Keycloak 26.4.6 Images Security Update | 2025-11-25T16:24:09+00:00 | 2025-11-27T06:34:39+00:00 |
| rhsa-2025:22088 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.11 Images Security Update | 2025-11-25T16:12:38+00:00 | 2025-11-28T05:32:35+00:00 |
| rhsa-2025:22091 | Red Hat Security Advisory: Red Hat build of Keycloak 26.4.6 Security Update | 2025-11-25T16:07:25+00:00 | 2025-11-27T06:34:41+00:00 |
| rhsa-2025:22089 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.11 Security Update | 2025-11-25T16:06:13+00:00 | 2025-11-28T05:32:35+00:00 |
| rhsa-2025:22077 | Red Hat Security Advisory: tigervnc security update | 2025-11-25T13:07:15+00:00 | 2025-11-26T09:25:18+00:00 |
| rhsa-2025:22072 | Red Hat Security Advisory: kernel security update | 2025-11-25T12:37:05+00:00 | 2025-11-25T21:29:42+00:00 |
| rhsa-2025:22068 | Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release of Model Transparency | 2025-11-25T11:12:13+00:00 | 2025-11-25T15:44:17+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-64680 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64679 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64678 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64673 | Windows Storage VSP Driver Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64672 | Microsoft SharePoint Server Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64671 | GitHub Copilot for Jetbrains Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64670 | Windows DirectX Information Disclosure Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64669 | Windows Admin Center Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-11T08:00:00.000Z |
| msrc_cve-2025-64667 | Microsoft Exchange Server Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64666 | Microsoft Exchange Server Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64661 | Windows Shell Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64658 | Windows File Explorer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62573 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62572 | Application Information Service Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62571 | Windows Installer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62570 | Windows Camera Frame Server Monitor Information Disclosure Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62569 | Microsoft Brokering File System Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62567 | Windows Hyper-V Denial of Service Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62565 | Windows File Explorer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62564 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62563 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62562 | Microsoft Outlook Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62561 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62560 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62559 | Microsoft Word Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62558 | Microsoft Word Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62557 | Microsoft Office Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62556 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62555 | Microsoft Word Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62554 | Microsoft Office Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsma-25-345-02 | Varex Imaging Panoramic Dental Imaging Software | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsma-25-345-01 | Grassroots DICOM (GDCM) | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-10 | OpenPLC_V3 | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-03 | AzeoTech DAQFactory | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-02 | Johnson Controls iSTAR Ultra | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-01 | Johnson Controls iSTAR | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| va-25-343-01 | Windscribe for Linux 'changeMTU' local privilege escalation | 2025-12-10T16:46:41Z | 2025-12-10T16:46:41Z |
| icsa-25-343-01 | Universal Boot Loader (U-Boot) | 2025-12-09T07:00:00.000000Z | 2025-12-09T07:00:00.000000Z |
| icsa-25-343-03 | Multiple India-based CCTV Cameras** | 2025-12-09T05:00:00.000000Z | 2025-12-09T05:00:00.000000Z |
| icsa-25-345-09 | Siemens Gridscale X Prepay | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-08 | Siemens Energy Services | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-07 | Siemens Building X - Security Manager Edge Controller | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-06 | Siemens SINEMA Remote Connect Server | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-05 | Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-04 | Siemens IAM Client | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-338-07 | Advantech iView | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-06 | SolisCloud Monitoring Platform | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-05 | Sunbird DCIM dcTrack and Power IQ | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-04 | Johnson Controls iSTAR | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-03 | Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-02 | MAXHUB Pivot | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-01 | Mitsubishi Electric GX Works2 | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsma-25-336-01 | Mirion Medical EC2 Software NMIS BioDose | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-02 | Iskra iHUB and iHUB Lite | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-01 | Industrial Video & Control Longwatch | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-329-06 | SiRcom SMART Alert (SiSA) | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-05 | Festo Compact Vision System, Control Block, Controller, and Operator Unit products | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-03 | Zenitel TCIV-3+ | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-02 | Rockwell Automation Arena Simulation | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-01 | Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-11T22:12:34+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-broadworks-xss-o696ymra | Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-10-21T15:13:31+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000115 | QND vulnerable to privilege escalation | 2025-12-11T14:33+09:00 | 2025-12-11T14:33+09:00 |
| jvndb-2025-021305 | Android App "Brother iPrint&Scan" improper use of an external cache directory | 2025-12-09T17:25+09:00 | 2025-12-09T17:25+09:00 |
| jvndb-2025-000114 | ELECOM Clone for Windows registers a Windows service with an unquoted file path | 2025-12-09T17:16+09:00 | 2025-12-09T17:16+09:00 |
| jvndb-2025-000113 | Multiple vulnerabilities in GroupSession | 2025-12-08T17:48+09:00 | 2025-12-11T11:30+09:00 |
| jvndb-2025-000116 | GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths | 2025-12-08T14:06+09:00 | 2025-12-08T14:06+09:00 |
| jvndb-2025-000094 | Multiple vulnerabilities in ABB Terra AC Wallbox | 2025-12-05T14:12+09:00 | 2025-12-05T14:12+09:00 |
| jvndb-2025-000112 | Installer of INZONE Hub may insecurely load Dynamic Link Libraries | 2025-11-28T13:36+09:00 | 2025-11-28T13:36+09:00 |
| jvndb-2025-000111 | SwitchBot Smart Video Doorbell vulnerable to active debug code | 2025-11-26T14:35+09:00 | 2025-11-26T14:35+09:00 |
| jvndb-2025-000110 | Multiple vulnerabilities in Security Point (Windows) of MaLion | 2025-11-25T17:17+09:00 | 2025-11-25T17:17+09:00 |
| jvndb-2025-000109 | Multiple vulnerabilities in SNC-CX600W | 2025-11-25T14:59+09:00 | 2025-11-25T14:59+09:00 |
| jvndb-2025-000108 | "FOD" App uses hard-coded cryptographic keys | 2025-11-25T14:15+09:00 | 2025-11-25T14:15+09:00 |
| jvndb-2025-000106 | Multiple vulnerabilities in LogStare Collector | 2025-11-21T16:27+09:00 | 2025-11-21T16:27+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-11-21T15:31+09:00 |
| jvndb-2025-000107 | Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries | 2025-11-19T16:22+09:00 | 2025-11-19T16:22+09:00 |
| jvndb-2025-000097 | "Dejira" App for iOS vulnerable to improper server certificate verification | 2025-11-17T14:09+09:00 | 2025-11-17T14:09+09:00 |
| jvndb-2025-000105 | NCP-HG100 vulnerable to OS command injection | 2025-11-14T15:26+09:00 | 2025-11-14T15:26+09:00 |
| jvndb-2025-000104 | Multiple vulnerabilities in GNU Libmicrohttpd | 2025-11-10T15:07+09:00 | 2025-11-10T15:07+09:00 |
| jvndb-2025-000103 | Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series" | 2025-11-07T15:39+09:00 | 2025-11-07T15:39+09:00 |
| jvndb-2025-000102 | CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection | 2025-11-07T14:55+09:00 | 2025-11-07T14:55+09:00 |
| jvndb-2025-000101 | GROWI vulnerable to stored cross-site scripting | 2025-11-06T13:45+09:00 | 2025-11-06T13:45+09:00 |
| jvndb-2025-017972 | Multiple vulnerabilities in Century Systems FutureNet MA and IP-K series | 2025-11-04T16:37+09:00 | 2025-11-04T16:37+09:00 |
| jvndb-2025-000100 | Multiple Roboticsware products register Windows services with unquoted file paths | 2025-11-04T14:17+09:00 | 2025-11-04T14:17+09:00 |
| jvndb-2025-000098 | Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path | 2025-11-04T13:51+09:00 | 2025-11-04T13:51+09:00 |
| jvndb-2025-000099 | Progress Flowmon vulnerable to authenticated OS command injection | 2025-11-04T12:47+09:00 | 2025-11-04T12:47+09:00 |
| jvndb-2025-000096 | Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries | 2025-10-29T14:17+09:00 | 2025-10-29T14:17+09:00 |
| jvndb-2025-000095 | MZK-DP300N uses hard-coded credentials | 2025-10-28T14:04+09:00 | 2025-10-28T14:04+09:00 |
| jvndb-2025-000093 | Multiple stored cross-site scripting vulnerabilities in Pleasanter | 2025-10-24T15:11+09:00 | 2025-10-24T15:11+09:00 |
| jvndb-2025-000084 | GROWI vulnerable to cross-site scripting | 2025-10-22T15:44+09:00 | 2025-10-22T15:44+09:00 |
| jvndb-2025-000091 | Multiple I-O DATA NAS management applications register Windows services with unquoted file paths | 2025-10-22T15:04+09:00 | 2025-12-10T16:20+09:00 |
| jvndb-2025-000090 | Multiple stored cross-site scripting vulnerabilities in Movable Type | 2025-10-22T13:54+09:00 | 2025-10-22T13:54+09:00 |
| ID | Description | Updated |
|---|
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010 | 7.3 (v3.1) | Unitree Multiple Robotic Products Command Injection |
Unitree |
Go2 |
2025-09-26T06:53:49.585Z | 2025-09-26T15:16:57.586Z |
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 | 4.3 (v3.1) | Unauthenticated leak of sensitive information affectin… |
Brother Industries, Ltd |
HL-L8260CDN |
2025-08-12T15:23:00.577Z | 2025-08-15T05:53:23.017Z |