Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-m9qv-jv94-ch3q | WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remot… | 2025-12-29T09:30:23Z | 2025-12-29T09:30:24Z |
| ghsa-hmh7-992g-3462 | A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of th… | 2025-12-29T09:30:24Z | 2025-12-29T09:30:24Z |
| ghsa-g344-h4p6-wpq9 | A vulnerability was identified in Tenda WH450 1.0.0.18. The affected element is an unknown function… | 2025-12-29T09:30:24Z | 2025-12-29T09:30:24Z |
| ghsa-62p4-493g-4423 | A vulnerability was determined in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file… | 2025-12-29T09:30:24Z | 2025-12-29T09:30:24Z |
| ghsa-29c2-7qg3-7c74 | BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Read vulnerability, allowing un… | 2025-12-29T09:30:24Z | 2025-12-29T09:30:24Z |
| ghsa-qvjf-wrj2-9pj8 | WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote… | 2025-12-29T09:30:23Z | 2025-12-29T09:30:23Z |
| ghsa-mxx2-735j-g9gp | A vulnerability has been found in Tenda WH450 1.0.0.18. This vulnerability affects unknown code of … | 2025-12-29T09:30:23Z | 2025-12-29T09:30:23Z |
| ghsa-229x-w52j-6f5m | A flaw has been found in Open5GS up to 2.7.5. This affects the function decode_ipv6_header/ogs_pfcp… | 2025-12-29T09:30:23Z | 2025-12-29T09:30:23Z |
| ghsa-x78m-hxx2-v34v | Missing Authorization vulnerability in Gmission Web Fax allows Privilege Abuse, Session Credential … | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-wv78-2995-7xgf | Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue af… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-rqv7-99wg-986m | A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up to 2.1. This affect… | 2025-12-29T06:30:23Z | 2025-12-29T06:30:24Z |
| ghsa-mfq8-ww9j-9c8g | The YaMaps for WordPress Plugin WordPress plugin before 0.6.40 does not validate and escape some of… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-m25v-pprh-9m5m | A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this vulne… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-gg4m-38pj-gwmc | A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-8jv6-h799-v689 | A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function pre… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-88mr-q29h-43g6 | A weakness has been identified in SohuTV CacheCloud up to 3.2.0. Affected is the function advancedA… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-74hv-hc8x-rcwg | The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-53q9-538q-rmmw | Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in … | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-4jhr-55hq-jhcw | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the functi… | 2025-12-29T06:30:24Z | 2025-12-29T06:30:24Z |
| ghsa-rq63-8xjc-f72r | A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unk… | 2025-12-29T06:30:23Z | 2025-12-29T06:30:23Z |
| ghsa-r83m-ghv4-r378 | A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unk… | 2025-12-29T03:30:25Z | 2025-12-29T03:30:26Z |
| ghsa-hp9p-9hpg-4rpv | A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknow… | 2025-12-29T03:30:26Z | 2025-12-29T03:30:26Z |
| ghsa-c9vj-8fwr-4gvq | Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbi… | 2025-12-29T03:30:26Z | 2025-12-29T03:30:26Z |
| ghsa-qvph-8rch-f939 | A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted elemen… | 2025-12-29T03:30:25Z | 2025-12-29T03:30:25Z |
| ghsa-j7cw-4mwg-5fw5 | A vulnerability was identified in Tenda WH450 1.0.0.18. Affected by this issue is some unknown func… | 2025-12-29T03:30:25Z | 2025-12-29T03:30:25Z |
| ghsa-gjm8-9h85-538q | A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown … | 2025-12-29T03:30:25Z | 2025-12-29T03:30:25Z |
| ghsa-89fx-3w93-77f2 | A security flaw has been discovered in Tenda WH450 1.0.0.18. This affects an unknown part of the fi… | 2025-12-29T03:30:25Z | 2025-12-29T03:30:25Z |
| ghsa-rpm9-rv74-f53f | Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a… | 2025-12-29T03:30:24Z | 2025-12-29T03:30:24Z |
| ghsa-h867-r9h7-gw3j | Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, F… | 2025-12-29T03:30:24Z | 2025-12-29T03:30:24Z |
| ghsa-69jh-5qjp-fcx9 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing Authorizati… | 2025-12-29T03:30:24Z | 2025-12-29T03:30:24Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-15151 | TaleLin Lin-CMS Tests Folder config.py password in con… |
TaleLin |
Lin-CMS |
2025-12-28T19:32:05.944Z | 2025-12-29T15:52:38.176Z | |
| cve-2025-69201 | Tugtainer has RCE in Agent Command Execution Api |
Quenary |
tugtainer |
2025-12-29T15:51:41.461Z | 2025-12-29T15:51:41.461Z | |
| cve-2025-15152 | h-moses moga-mall PmsProductController.java addProduct… |
h-moses |
moga-mall |
2025-12-28T20:02:08.188Z | 2025-12-29T15:50:24.977Z | |
| cve-2025-15194 | D-Link DIR-600 HTTP Header hedwig.cgi stack-based overflow |
D-Link |
DIR-600 |
2025-12-29T15:32:09.818Z | 2025-12-29T15:32:09.818Z | |
| cve-2025-69200 | phpMyFAQ has unauthenticated config backup download vi… |
thorsten |
phpMyFAQ |
2025-12-29T15:24:51.844Z | 2025-12-29T15:24:51.844Z | |
| cve-2023-54161 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:22:41.047Z'}} | N/A | N/A | 2025-12-24T13:07:09.692Z | 2025-12-29T15:22:41.047Z |
| cve-2023-53469 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:22:17.258Z'}} | N/A | N/A | 2025-10-01T11:42:39.467Z | 2025-12-29T15:22:17.258Z |
| cve-2023-54082 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:21:52.231Z'}} | N/A | N/A | 2025-12-24T13:06:14.011Z | 2025-12-29T15:21:52.231Z |
| cve-2025-68951 | phpMyFAQ has stored XSS in admin "List of users" via d… |
thorsten |
phpMyFAQ |
2025-12-29T15:18:58.000Z | 2025-12-29T15:18:58.000Z | |
| cve-2025-68929 | Frappe may be vulnerable remote code execution due to … |
frappe |
frappe |
2025-12-29T15:10:59.510Z | 2025-12-29T15:10:59.510Z | |
| cve-2025-68928 | Frappe CRM vulnerable to authenticated XSS via website field |
frappe |
crm |
2025-12-29T15:06:31.756Z | 2025-12-29T15:06:31.756Z | |
| cve-2024-47683 | N/A | drm/amd/display: Skip Recompute DSC Params if no Strea… |
Linux |
Linux |
2024-10-21T11:53:25.118Z | 2025-12-29T15:02:40.578Z |
| cve-2024-43895 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T15:02:19.009Z'}} | N/A | N/A | 2024-08-26T10:10:50.934Z | 2025-12-29T15:02:19.009Z |
| cve-2025-15193 | D-Link DWR-M920 formParentControl sub_423848 buffer overflow |
D-Link |
DWR-M920 |
2025-12-29T15:02:08.698Z | 2025-12-29T15:02:08.698Z | |
| cve-2023-53749 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T14:56:30.742Z'}} | N/A | N/A | 2025-12-08T01:19:08.617Z | 2025-12-29T14:56:30.742Z |
| cve-2023-54061 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T14:55:54.287Z'}} | N/A | N/A | 2025-12-24T12:23:07.954Z | 2025-12-29T14:55:54.287Z |
| cve-2025-15153 | PbootCMS SQLite Database pbootcms.db file access |
n/a |
PbootCMS |
2025-12-28T20:32:07.587Z | 2025-12-29T14:55:49.904Z | |
| cve-2023-53642 | N/A | x86: fix clear_user_rep_good() exception handling annotation |
Linux |
Linux |
2025-10-07T15:19:41.693Z | 2025-12-29T14:55:24.493Z |
| cve-2025-60458 | N/A | UxPlay 1.72 contains a double free vulnerability … |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T14:49:59.550Z |
| cve-2022-48843 | N/A | {'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}], 'providerMetadata': {'orgId': '416baaa9-dc9f-4396-8d5f-8c081fb06d67', 'shortName': 'Linux', 'dateUpdated': '2025-12-29T14:48:08.310Z'}} | N/A | N/A | 2024-07-16T12:25:13.159Z | 2025-12-29T14:48:08.310Z |
| cve-2025-15154 | PbootCMS Header handle.php get_user_ip less trusted source |
n/a |
PbootCMS |
2025-12-28T21:02:07.992Z | 2025-12-29T14:48:02.795Z | |
| cve-2025-65442 | N/A | DOM-based Cross-Site Scripting (XSS) vulnerabilit… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T14:45:48.319Z |
| cve-2025-65570 | N/A | A type confusion in jsish 2.0 allows incorrect co… |
n/a |
n/a |
2025-12-29T00:00:00.000Z | 2025-12-29T14:44:10.558Z |
| cve-2025-15155 | floooh sokol sokol_gfx.h _sg_pipeline_desc_defaults st… |
floooh |
sokol |
2025-12-28T21:32:10.957Z | 2025-12-29T14:43:28.566Z | |
| cve-2025-15170 | Advaya Softech GEMS ERP Portal Error Message home.jsp … |
Advaya Softech |
GEMS ERP Portal |
2025-12-29T03:32:07.618Z | 2025-12-29T14:40:15.648Z | |
| cve-2025-15171 | SohuTV CacheCloud ServerController.java index cross si… |
SohuTV |
CacheCloud |
2025-12-29T04:02:05.763Z | 2025-12-29T14:39:27.399Z | |
| cve-2025-15176 | Open5GS PFCP Session Establishment Request rule-match.… |
n/a |
Open5GS |
2025-12-29T06:32:06.957Z | 2025-12-29T14:38:33.043Z | |
| cve-2025-15226 | 9.3 (v4.0) 9.8 (v3.1) | Sunnet|WMPro - Arbitrary File Upload |
Sunnet |
WMPro |
2025-12-29T06:39:27.426Z | 2025-12-29T14:34:29.835Z |
| cve-2025-15177 | Tenda WH450 HTTP Request SetIpBind stack-based overflow |
Tenda |
WH450 |
2025-12-29T07:02:07.082Z | 2025-12-29T14:33:44.092Z | |
| cve-2025-15192 | D-Link DWR-M920 formLtefotaUpgradeQuectel sub_415328 c… |
D-Link |
DWR-M920 |
2025-12-29T14:32:08.392Z | 2025-12-29T14:32:08.392Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-33222 | 9.8 (v3.1) | NVIDIA Isaac Launchable contains a vulnerability … |
NVIDIA |
Isaac Launchable |
2025-12-23T17:10:59.459Z | 2025-12-23T20:34:15.411Z |
| cve-2025-29229 | N/A | linksys E5600 V1.1.0.26 is vulnerable to command … |
n/a |
n/a |
2025-12-23T00:00:00.000Z | 2025-12-23T16:40:50.929Z |
| cve-2025-29228 | N/A | Linksys E5600 V1.1.0.26 is vulnerable to command … |
n/a |
n/a |
2025-12-23T00:00:00.000Z | 2025-12-23T19:05:21.918Z |
| cve-2025-25364 | N/A | A command injection vulnerability in the me.conne… |
n/a |
n/a |
2025-12-23T00:00:00.000Z | 2025-12-23T18:37:14.259Z |
| cve-2024-9684 | 7.5 (v3.1) | FreyrSCADA/IEC-60870-5-104 server v21.06.008 allo… |
FreyrSCADA |
IEC-60870-5-104 |
2025-12-23T14:39:30.301Z | 2025-12-23T14:55:54.038Z |
| cve-2024-57521 | N/A | SQL Injection vulnerability in RuoYi v.4.7.9 and … |
n/a |
n/a |
2025-12-23T00:00:00.000Z | 2025-12-23T19:13:19.913Z |
| cve-2021-47733 | 5.1 (v4.0) 6.1 (v3.1) | CMSimple 5.4 Cross-Site Scripting via HTML Unicode Encoding |
Cmsimple |
CMSimple |
2025-12-23T19:35:44.454Z | 2025-12-26T13:35:48.283Z |
| cve-2021-47732 | 5.1 (v4.0) 7.2 (v3.1) | CMSimple 5.2 Stored Cross-Site Scripting via Filebrows… |
CMSimple |
CMSimple |
2025-12-23T19:34:07.775Z | 2025-12-23T20:45:29.630Z |
| cve-2021-47722 | 5.1 (v4.0) 3.5 (v3.1) | Zucchetti Axess CLOKI Access Control 1.64 Cross-Site R… |
Axesstmc |
Zucchetti Axess CLOKI Access Control |
2025-12-23T19:34:07.307Z | 2025-12-23T20:05:03.518Z |
| cve-2021-47721 | 8.7 (v4.0) 8.8 (v3.1) | Orangescrum 1.8.0 Authenticated Privilege Escalation v… |
Orangescrum |
orangescrum |
2025-12-23T19:34:06.849Z | 2025-12-23T20:03:15.402Z |
| cve-2021-47720 | 8.7 (v4.0) 7.1 (v3.1) | Orangescrum 1.8.0 Authenticated SQL Injection via Mult… |
Orangescrum |
orangescrum |
2025-12-23T19:34:06.379Z | 2025-12-23T20:01:17.259Z |
| cve-2021-47716 | 5.1 (v4.0) 5.4 (v3.1) | Orangescrum 1.8.0 Cross-Site Scripting via Authenticat… |
Orangescrum |
orangescrum |
2025-12-23T19:35:40.507Z | 2025-12-26T13:33:25.739Z |
| cve-2025-68696 | httparty Has Potential SSRF Vulnerability That Leads t… |
jnunemaker |
httparty |
2025-12-23T22:59:04.201Z | 2025-12-24T14:31:58.017Z | |
| cve-2025-68669 | 5ire vulnerable to Remote Code Execution (RCE) via mermaid |
nanbingxyz |
5ire |
2025-12-23T22:51:35.848Z | 2025-12-24T14:39:38.656Z | |
| cve-2025-68667 | Conduit-derived homeservers are affected by a Confused… |
continuwuity |
continuwuity |
2025-12-23T22:45:25.958Z | 2025-12-26T20:49:02.208Z | |
| cve-2025-68665 | LangChain serialization injection vulnerability enable… |
langchain-ai |
langchainjs |
2025-12-23T22:56:04.837Z | 2025-12-24T14:38:40.268Z | |
| cve-2025-68664 | LangChain serialization injection vulnerability enable… |
langchain-ai |
langchain |
2025-12-23T22:47:44.084Z | 2025-12-24T14:40:58.427Z | |
| cve-2025-68617 | Use after free in fluidsynth |
FluidSynth |
fluidsynth |
2025-12-23T22:41:28.861Z | 2025-12-24T14:53:35.537Z | |
| cve-2025-68358 | N/A | btrfs: fix racy bitfield write in btrfs_clear_space_in… |
Linux |
Linux |
2025-12-24T10:32:47.692Z | 2025-12-24T10:32:47.692Z |
| cve-2025-68357 | N/A | iomap: allocate s_dio_done_wq for async reads as well |
Linux |
Linux |
2025-12-24T10:32:46.974Z | 2025-12-24T10:32:46.974Z |
| cve-2025-68356 | N/A | gfs2: Prevent recursive memory reclaim |
Linux |
Linux |
2025-12-24T10:32:46.275Z | 2025-12-24T10:32:46.275Z |
| cve-2025-68355 | N/A | bpf: Fix exclusive map memory leak |
Linux |
Linux |
2025-12-24T10:32:45.505Z | 2025-12-24T10:32:45.505Z |
| cve-2025-68354 | N/A | regulator: core: Protect regulator_supply_alias_list w… |
Linux |
Linux |
2025-12-24T10:32:44.840Z | 2025-12-24T10:32:44.840Z |
| cve-2025-68353 | N/A | net: vxlan: prevent NULL deref in vxlan_xmit_one |
Linux |
Linux |
2025-12-24T10:32:44.068Z | 2025-12-24T10:32:44.068Z |
| cve-2025-68352 | N/A | spi: ch341: fix out-of-bounds memory access in ch341_t… |
Linux |
Linux |
2025-12-24T10:32:43.366Z | 2025-12-24T10:32:43.366Z |
| cve-2025-68351 | N/A | exfat: fix refcount leak in exfat_find |
Linux |
Linux |
2025-12-24T10:32:42.683Z | 2025-12-24T10:32:42.683Z |
| cve-2025-68350 | N/A | exfat: fix divide-by-zero in exfat_allocate_bitmap |
Linux |
Linux |
2025-12-24T10:32:41.931Z | 2025-12-24T10:32:41.931Z |
| cve-2025-68349 | N/A | NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_la… |
Linux |
Linux |
2025-12-24T10:32:41.253Z | 2025-12-24T10:32:41.253Z |
| cve-2025-68348 | N/A | block: fix memory leak in __blkdev_issue_zero_pages |
Linux |
Linux |
2025-12-24T10:32:40.561Z | 2025-12-24T10:32:40.561Z |
| cve-2025-68347 | N/A | ALSA: firewire-motu: fix buffer overflow in hwdep read… |
Linux |
Linux |
2025-12-24T10:32:39.804Z | 2025-12-24T10:32:39.804Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2025-15172 | A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function pre… | 2025-12-29T05:15:59.187 | 2025-12-29T05:15:59.187 |
| fkie_cve-2025-15171 | A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of… | 2025-12-29T05:15:57.627 | 2025-12-29T05:15:57.627 |
| fkie_cve-2025-15170 | A security vulnerability has been detected in Advaya Softech GEMS ERP Portal up to 2.1. This affect… | 2025-12-29T04:15:49.990 | 2025-12-29T04:15:49.990 |
| fkie_cve-2025-15169 | A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unk… | 2025-12-29T04:15:49.780 | 2025-12-29T04:15:49.780 |
| fkie_cve-2025-52691 | Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbi… | 2025-12-29T03:15:42.837 | 2025-12-29T03:15:42.837 |
| fkie_cve-2025-15168 | A vulnerability was identified in itsourcecode Student Management System 1.0. Affected is an unknow… | 2025-12-29T03:15:42.647 | 2025-12-29T03:15:42.647 |
| fkie_cve-2025-15167 | A vulnerability was determined in itsourcecode Online Cake Ordering System 1.0. This impacts an unk… | 2025-12-29T03:15:41.660 | 2025-12-29T03:15:41.660 |
| fkie_cve-2025-15166 | A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. This affects an unknown … | 2025-12-29T02:15:42.727 | 2025-12-29T02:15:42.727 |
| fkie_cve-2025-15165 | A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0. The impacted elemen… | 2025-12-29T01:15:53.730 | 2025-12-29T01:15:53.730 |
| fkie_cve-2025-15164 | A security flaw has been discovered in Tenda WH450 1.0.0.18. This affects an unknown part of the fi… | 2025-12-29T01:15:53.540 | 2025-12-29T01:15:53.540 |
| fkie_cve-2025-15163 | A vulnerability was identified in Tenda WH450 1.0.0.18. Affected by this issue is some unknown func… | 2025-12-29T01:15:53.347 | 2025-12-29T01:15:53.347 |
| fkie_cve-2025-15067 | Unrestricted Upload of File with Dangerous Type vulnerability in Innorix Innorix WP allows Upload a… | 2025-12-29T01:15:53.173 | 2025-12-29T01:15:53.173 |
| fkie_cve-2025-15066 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing Authorizati… | 2025-12-29T01:15:52.990 | 2025-12-29T01:15:52.990 |
| fkie_cve-2025-15065 | Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, F… | 2025-12-29T01:15:52.680 | 2025-12-29T01:15:52.680 |
| fkie_cve-2025-15162 | A vulnerability was determined in Tenda WH450 1.0.0.18. Affected by this vulnerability is an unknow… | 2025-12-29T00:15:51.127 | 2025-12-29T00:15:51.127 |
| fkie_cve-2025-15161 | A vulnerability was found in Tenda WH450 1.0.0.18. Affected is an unknown function of the file /gof… | 2025-12-28T23:15:52.947 | 2025-12-28T23:15:52.947 |
| fkie_cve-2025-15160 | A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts an unknown function of the fil… | 2025-12-28T23:15:52.747 | 2025-12-28T23:15:52.747 |
| fkie_cve-2025-15156 | A flaw has been found in omec-project UPF up to 2.1.3-dev. This affects the function handleSessionE… | 2025-12-28T22:15:43.910 | 2025-12-28T22:15:43.910 |
| fkie_cve-2025-15155 | A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The im… | 2025-12-28T22:15:43.123 | 2025-12-28T22:15:43.123 |
| fkie_cve-2025-15154 | A security vulnerability has been detected in PbootCMS up to 3.2.12. The affected element is the fu… | 2025-12-28T21:15:54.907 | 2025-12-28T21:15:54.907 |
| fkie_cve-2025-15153 | A weakness has been identified in PbootCMS up to 3.2.12. Impacted is an unknown function of the fil… | 2025-12-28T21:15:54.107 | 2025-12-28T21:15:54.107 |
| fkie_cve-2025-15152 | A vulnerability was identified in h-moses moga-mall up to 392d631a5ef15962a9bddeeb9f1269b9085473fa.… | 2025-12-28T20:15:40.950 | 2025-12-28T20:15:40.950 |
| fkie_cve-2025-15151 | A vulnerability was determined in TaleLin Lin-CMS up to 0.6.0. This affects an unknown part of the … | 2025-12-28T20:15:40.740 | 2025-12-28T20:15:40.740 |
| fkie_cve-2025-15150 | A vulnerability was found in PX4 PX4-Autopilot up to 1.16.0. Affected by this issue is the function… | 2025-12-28T19:15:48.570 | 2025-12-28T19:15:48.570 |
| fkie_cve-2025-15149 | A vulnerability has been found in rawchen ecms up to b59d7feaa9094234e8aa6c8c6b290621ca575ded. Affe… | 2025-12-28T19:15:48.330 | 2025-12-28T19:15:48.330 |
| fkie_cve-2025-15148 | A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetemp_action in the libra… | 2025-12-28T18:15:47.393 | 2025-12-28T18:15:47.393 |
| fkie_cve-2025-15146 | A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This impacts the function doUserList… | 2025-12-28T18:15:47.197 | 2025-12-28T18:15:47.197 |
| fkie_cve-2025-68973 | In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where o… | 2025-12-28T17:16:01.500 | 2025-12-28T17:16:01.500 |
| fkie_cve-2025-15145 | A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. This affects the funct… | 2025-12-28T17:16:01.310 | 2025-12-28T17:16:01.310 |
| fkie_cve-2025-15144 | A weakness has been identified in dayrui XunRuiCMS up to 4.7.1. The impacted element is the functio… | 2025-12-28T17:16:00.650 | 2025-12-28T17:16:00.650 |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2025-53 | vLLM is an inference and serving engine for large language models (LLMs). Prior to versio… | vllm | 2025-05-29T17:15:21+00:00 | 2025-06-26T21:23:06.231251+00:00 |
| pysec-2025-51 | Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) v… | apache-airflow-providers-snowflake | 2025-06-24T08:15:24+00:00 | 2025-06-26T21:23:03.132527+00:00 |
| pysec-2025-50 | vLLM, an inference and serving engine for large language models (LLMs), has a Regular Exp… | vllm | 2025-05-30T18:15:32+00:00 | 2025-06-19T03:02:28.572160+00:00 |
| pysec-2024-255 | Gradio before 4.20 allows credential leakage on Windows. | gradio | 2024-05-05T20:15:07+00:00 | 2025-06-17T19:21:48.983901+00:00 |
| pysec-2024-254 | A session fixation vulnerability exists in the zenml-io/zenml application, where JWT toke… | zenml | 2024-04-16T00:15:11+00:00 | 2025-06-13T00:48:41.806476+00:00 |
| pysec-2025-49 | setuptools is a package that allows users to download, build, install, upgrade, and unins… | setuptools | 2025-05-17T16:15:19+00:00 | 2025-06-12T22:23:11.115559+00:00 |
| pysec-2025-48 | Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2025-03-31T17:15:42+00:00 | 2025-06-12T22:23:10.476087+00:00 |
| pysec-2024-253 | pretix before 2024.1.1 mishandles file validation. | pretix | 2024-02-26T16:28:00+00:00 | 2025-06-11T15:23:51.683422+00:00 |
| pysec-2024-252 | PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in t… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T19:22:08.948962+00:00 |
| pysec-2024-251 | Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in… | torch | 2024-04-17T19:15:07+00:00 | 2025-06-10T03:12:59.077932+00:00 |
| pysec-2025-47 | An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2… | django | 2025-06-05T03:15:25+00:00 | 2025-06-05T05:23:28.296596+00:00 |
| pysec-2025-46 | A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as cri… | pypickle | 2025-05-26T08:15:19+00:00 | 2025-06-03T17:36:58.579358+00:00 |
| pysec-2025-45 | A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.… | pypickle | 2025-05-26T07:15:26+00:00 | 2025-06-03T17:36:58.528116+00:00 |
| pysec-2024-250 | Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csr… | torch | 2024-04-19T21:15:08+00:00 | 2025-06-03T15:23:56.072490+00:00 |
| pysec-2023-312 | Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server b… | redis | 2023-07-15T23:15:09Z | 2025-06-02T11:48:06.372423Z |
| pysec-2025-44 | django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in mod… | django-helpdesk | 2025-05-31T01:15:19+00:00 | 2025-05-31T03:09:35.357757+00:00 |
| pysec-2025-43 | vLLM is an inference and serving engine for large language models (LLMs). In versions sta… | vllm | 2025-05-29T17:15:21+00:00 | 2025-05-29T19:21:01.611587+00:00 |
| pysec-2025-42 | vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Ver… | vllm | 2025-04-30T01:15:51+00:00 | 2025-05-28T21:23:12.396609+00:00 |
| pysec-2025-41 | PyTorch is a Python package that provides tensor computation with strong GPU acceleration… | torch | 2025-04-18T16:15:23+00:00 | 2025-05-28T15:23:37.843138+00:00 |
| pysec-2025-40 | A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`… | transformers | 2025-05-19T12:15:19+00:00 | 2025-05-21T19:22:10.801823+00:00 |
| pysec-2024-249 | ### Summary On all Label Studio versions prior to 1.11.0, data imported via file upload f… | label-studio | 2024-02-22T22:15:47+00:00 | 2025-05-19T11:22:35.312280+00:00 |
| pysec-2024-248 | OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its … | opencanary | 2024-10-14T21:15:12+00:00 | 2025-05-16T14:23:05.150356+00:00 |
| pysec-2025-39 | motionEye is an online interface for the software motion, a video surveillance program wi… | motioneye | 2025-05-14T16:15:29+00:00 | 2025-05-14T17:22:51.050788+00:00 |
| pysec-2025-38 | OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during im… | ironic | 2025-05-08T17:16:01Z | 2025-05-13T04:24:03.083929Z |
| pysec-2024-247 | A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically… | zenml | 2024-04-16T00:15:11+00:00 | 2025-05-12T15:23:53.861001+00:00 |
| pysec-2025-37 | An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2… | django | 2025-05-08T04:17:18+00:00 | 2025-05-08T05:23:16.210893+00:00 |
| pysec-2025-36 | Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… | langflow | 2025-04-07T15:15:44+00:00 | 2025-05-07T19:22:44.993642+00:00 |
| pysec-2024-246 | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in… | vyper | 2024-04-25T17:15:50+00:00 | 2025-05-05T19:21:20.899426+00:00 |
| pysec-2024-111 | A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha… | langchain | 2024-10-29T13:15:00Z | 2025-05-02T18:39:47.588215Z |
| pysec-2024-245 | Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated user… | apache-airflow | 2024-02-29T11:15:08+00:00 | 2025-05-01T21:22:38.598048+00:00 |
| ID | Description | Updated |
|---|---|---|
| gsd-2024-33874 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.959238Z |
| gsd-2024-33861 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.958057Z |
| gsd-2024-33850 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.952536Z |
| gsd-2024-33856 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.944669Z |
| gsd-2024-33870 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.943118Z |
| gsd-2024-33849 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.924449Z |
| gsd-2024-33854 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.916266Z |
| gsd-2024-33868 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.896638Z |
| gsd-2024-33881 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.886591Z |
| gsd-2024-33880 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.882744Z |
| gsd-2024-33877 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.871220Z |
| gsd-2024-33873 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.870402Z |
| gsd-2024-33859 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.867340Z |
| gsd-2024-33875 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.862083Z |
| gsd-2024-33878 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.850311Z |
| gsd-2024-33858 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.848478Z |
| gsd-2024-33872 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.839468Z |
| gsd-2024-33857 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.834866Z |
| gsd-2024-33853 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.825026Z |
| gsd-2024-33863 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.824810Z |
| gsd-2024-33852 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.824312Z |
| gsd-2024-33866 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.819755Z |
| gsd-2024-33867 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.808129Z |
| gsd-2024-33882 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.803998Z |
| gsd-2024-33871 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.800751Z |
| gsd-2024-33862 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.799465Z |
| gsd-2024-33864 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.792101Z |
| gsd-2024-33865 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.790923Z |
| gsd-2024-33869 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.784255Z |
| gsd-2024-33860 | The format of the source doesn't require a description, click on the link for more details. | 2024-04-28T05:02:07.777612Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192932 | Malicious code in cc-raiesy (npm) | 2025-12-25T18:19:57Z | 2025-12-25T18:19:57Z |
| mal-2025-192931 | Malicious code in aiogram-sever-patch (PyPI) | 2025-12-25T14:18:44Z | 2025-12-25T17:08:16Z |
| mal-2025-192930 | Malicious code in pxdbench (PyPI) | 2025-12-25T11:04:53Z | 2025-12-25T11:04:53Z |
| mal-2025-192686 | Malicious code in runtimeutils (PyPI) | 2025-12-21T14:03:13Z | 2025-12-24T23:09:05Z |
| mal-2025-192929 | Malicious code in envtoolsx (PyPI) | 2025-12-24T22:45:19Z | 2025-12-24T22:45:19Z |
| mal-2025-192928 | Malicious code in livekit-agents-hedra (PyPI) | 2025-12-24T20:38:01Z | 2025-12-24T20:38:01Z |
| mal-2025-192927 | Malicious code in adril7123 (npm) | 2025-12-24T17:05:44Z | 2025-12-24T17:05:45Z |
| mal-2025-192926 | Malicious code in @airtel-web/clickstream (npm) | 2025-12-24T12:20:46Z | 2025-12-24T13:17:43Z |
| mal-2025-6629 | Malicious code in webpack-dev-server (RubyGems) | 2025-07-31T19:17:14Z | 2025-12-24T10:09:32Z |
| mal-2025-6628 | Malicious code in maventa_utils (RubyGems) | 2025-07-31T19:17:12Z | 2025-12-24T10:09:32Z |
| mal-2025-6627 | Malicious code in maventa_common (RubyGems) | 2025-07-31T19:17:11Z | 2025-12-24T10:09:32Z |
| mal-2025-5129 | Malicious code in requestsdev (PyPI) | 2025-06-18T10:15:20Z | 2025-12-24T10:09:32Z |
| mal-2025-5109 | Malicious code in dbgpkg (PyPI) | 2025-06-18T10:15:07Z | 2025-12-24T10:09:32Z |
| mal-2025-5096 | Malicious code in aliyun-ai-labs-snippets-sdk (PyPI) | 2025-05-19T15:43:26Z | 2025-12-24T10:09:32Z |
| mal-2025-5095 | Malicious code in aliyun-ai-labs-sdk (PyPI) | 2025-06-18T10:15:00Z | 2025-12-24T10:09:32Z |
| mal-2025-5094 | Malicious code in ai-labs-snippets-sdk (PyPI) | 2025-05-19T15:43:26Z | 2025-12-24T10:09:32Z |
| mal-2025-47815 | Malicious code in sqlcommenter_rails (RubyGems) | 2025-09-26T09:15:02Z | 2025-12-24T10:09:32Z |
| mal-2025-41805 | Malicious code in omniauth-pro-sante-connect (RubyGems) | 2025-08-28T07:12:29Z | 2025-12-24T10:09:32Z |
| mal-2025-192657 | Malicious code in yt-smm (npm) | 2025-12-19T08:41:06Z | 2025-12-24T10:09:32Z |
| mal-2025-192349 | Malicious code in qt-main (PyPI) | 2025-12-05T22:52:28Z | 2025-12-24T10:09:32Z |
| mal-2025-191940 | Malicious code in zakuchienne (PyPI) | 2025-11-24T06:34:51Z | 2025-12-24T10:09:32Z |
| mal-2025-191937 | Malicious code in xsltproc (PyPI) | 2025-11-14T07:57:01Z | 2025-12-24T10:09:32Z |
| mal-2025-191898 | Malicious code in threading-helper (PyPI) | 2025-11-27T07:11:52Z | 2025-12-24T10:09:32Z |
| mal-2025-191897 | Malicious code in tgeffect (PyPI) | 2025-11-22T15:12:29Z | 2025-12-24T10:09:32Z |
| mal-2025-191894 | Malicious code in testingpkgja (PyPI) | 2025-11-23T21:05:33Z | 2025-12-24T10:09:32Z |
| mal-2025-191867 | Malicious code in siitoogether (PyPI) | 2025-11-20T11:29:04Z | 2025-12-24T10:09:32Z |
| mal-2025-191860 | Malicious code in rtcpy (PyPI) | 2025-11-24T23:29:43Z | 2025-12-24T10:09:32Z |
| mal-2025-191859 | Malicious code in rtcpstream (PyPI) | 2025-11-25T22:02:58Z | 2025-12-24T10:09:32Z |
| mal-2025-191858 | Malicious code in rtcplogin (PyPI) | 2025-11-26T16:19:39Z | 2025-12-24T10:09:32Z |
| mal-2025-191857 | Malicious code in requtils (PyPI) | 2025-11-18T00:29:33Z | 2025-12-24T10:09:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2564 | Microsoft Windows und Windows Server: Mehrere Schwachstellen | 2025-11-11T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2449 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-10-29T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2246 | Linux Kernel: Mehrere Schwachstellen | 2025-10-08T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2230 | Python (CPython Zipfile Module): Schwachstelle ermöglicht Manipulation von Dateien | 2025-10-07T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2227 | Golang Go: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2166 | OpenSSL und LibreSSL: Mehrere Schwachstellen | 2025-09-30T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2129 | GIMP: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-09-24T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2092 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-18T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2087 | Linux Kernel: Mehrere Schwachstellen | 2025-09-17T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2083 | Ruby: Schwachstelle ermöglicht Denial of Service | 2025-09-17T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2077 | Linux Kernel: Mehrere Schwachstellen | 2025-09-16T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2053 | Linux Kernel: Mehrere Schwachstellen | 2025-09-15T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2040 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-11T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-1976 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-09-04T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-1529 | Apache HTTP Server: Mehrere Schwachstellen | 2025-07-10T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-1472 | Ruby: Schwachstelle ermöglicht Denial of Service | 2025-07-07T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0754 | Red Hat Enterprise Linux (opentelemetry-collector): Schwachstelle ermöglicht Denial of Service | 2025-04-08T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0633 | Gitea: Mehrere Schwachstellen | 2025-03-25T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-0084 | Rsync: Mehrere Schwachstellen | 2025-01-14T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2024-2040 | OpenSSL: Schwachstelle ermöglicht Denial of Service | 2024-09-03T22:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2024-0585 | Grafana: Schwachstelle ermöglicht Privilegieneskalation | 2024-03-07T23:00:00.000+00:00 | 2025-12-22T23:00:00.000+00:00 |
| wid-sec-w-2025-2904 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2887 | PHP: Mehrere Schwachstellen | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2885 | Mozilla Firefox: Mehrere Schwachstellen | 2025-12-18T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2881 | Red Hat Enterprise Linux (multicluster global hub): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-17T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2868 | Linux Kernel: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2866 | Dropbear SSH: Schwachstelle ermöglicht Erlangen von Administratorrechten | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2858 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-12-16T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2854 | Roundcube: Mehrere Schwachstellen | 2025-12-15T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| wid-sec-w-2025-2849 | Red Hat Enterprise Linux (Keylime): Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-12-15T23:00:00.000+00:00 | 2025-12-21T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-750499 | SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-726617 | SSA-726617: Incorrect Privilege Assignment Vulnerability in Mendix OIDC SSO Module | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-711309 | SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products | 2023-09-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-698820 | SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-687955 | SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5 | 2025-02-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-631336 | SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 | 2022-06-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-552874 | SSA-552874: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2022-12-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-322980 | SSA-322980: Denial of Service Vulnerability in SIPROTEC 5 Devices | 2023-04-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-301229 | SSA-301229: Client-Side Enforcement of Server-Side Security Vulnerabilities in RUGGEDCOM ROX II | 2025-05-13T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-225578 | SSA-225578: Improper Access Control Vulnerability in SICAM GridEdge Before V2.7.3 | 2022-07-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-216014 | SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs | 2025-03-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-194557 | SSA-194557: Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5 | 2025-01-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-876787 | SSA-876787: Open Redirect Vulnerability in SIMATIC S7-1500 and S7-1200 CPUs | 2024-10-08T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-722410 | SSA-722410: Multiple Vulnerabilities in User Management Component (UMC) | 2025-09-09T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-625789 | SSA-625789: Multiple Vulnerabilities in SIMATIC S7-1200 CPU V1/V2 Devices | 2011-06-10T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-614723 | SSA-614723: Denial of Service Vulnerabilities in User Management Component (UMC) | 2025-05-13T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-599451 | SSA-599451: Multiple Vulnerabilities in SiPass integrated Before V3.0 | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-541582 | SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-513708 | SSA-513708: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices | 2025-06-10T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-486936 | SSA-486936: Authentication Vulnerability in SIMATIC ET 200SP Communication Processors | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-373591 | SSA-373591: Buffer Overflow Vulnerability in RUGGEDCOM ROS Devices | 2021-07-13T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-367714 | SSA-367714: Improper Integrity Check of Firmware Updates in SiPass integrated AC5102 / ACC-G2 and ACC-AP | 2025-05-23T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-365200 | SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:8267 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-28T15:24:18+00:00 | 2025-11-29T06:54:51+00:00 |
| rhsa-2025:8244 | Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.21.0 release | 2025-05-28T02:39:39+00:00 | 2025-11-29T06:54:51+00:00 |
| rhsa-2025:8224 | Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.18.1 product release | 2025-05-27T17:21:15+00:00 | 2025-11-29T06:54:49+00:00 |
| rhsa-2025:8075 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-21T15:37:30+00:00 | 2025-11-29T06:54:49+00:00 |
| rhsa-2025:7863 | Red Hat Security Advisory: OpenShift Container Platform 4.18.14 bug fix and security update | 2025-05-20T17:17:48+00:00 | 2025-11-29T06:54:49+00:00 |
| rhsa-2025:8059 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.7 Bug Fix Update | 2025-05-21T06:13:16+00:00 | 2025-11-29T06:54:48+00:00 |
| rhsa-2025:7967 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-19T09:52:50+00:00 | 2025-11-29T06:54:47+00:00 |
| rhsa-2025:7753 | Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.15.2 security update | 2025-05-15T17:09:32+00:00 | 2025-11-29T06:54:46+00:00 |
| rhsa-2025:7702 | Red Hat Security Advisory: OpenShift Container Platform 4.14.52 bug fix and security update | 2025-05-21T14:54:27+00:00 | 2025-11-29T06:54:45+00:00 |
| rhsa-2025:7698 | Red Hat Security Advisory: OpenShift Container Platform 4.15.51 bug fix and security update | 2025-05-21T14:00:14+00:00 | 2025-11-29T06:54:45+00:00 |
| rhsa-2025:7669 | Red Hat Security Advisory: OpenShift Container Platform 4.17.30 bug fix and security update | 2025-05-21T13:50:02+00:00 | 2025-11-29T06:54:45+00:00 |
| rhsa-2025:7616 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.3 Bug Fix Update | 2025-05-14T14:49:22+00:00 | 2025-11-29T06:54:44+00:00 |
| rhsa-2025:7503 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-13T17:31:03+00:00 | 2025-11-29T06:54:43+00:00 |
| rhsa-2025:7484 | Red Hat Security Advisory: gvisor-tap-vsock security update | 2025-05-13T16:00:36+00:00 | 2025-11-29T06:54:43+00:00 |
| rhsa-2025:7479 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-05-13T17:18:27+00:00 | 2025-11-29T06:54:42+00:00 |
| rhsa-2025:7475 | Red Hat Security Advisory: grafana security update | 2025-05-13T16:00:56+00:00 | 2025-11-29T06:54:42+00:00 |
| rhsa-2025:7425 | Red Hat Security Advisory: osbuild-composer security update | 2025-05-13T13:57:39+00:00 | 2025-11-29T06:54:42+00:00 |
| rhsa-2025:7467 | Red Hat Security Advisory: skopeo security update | 2025-05-13T17:18:51+00:00 | 2025-11-29T06:54:41+00:00 |
| rhsa-2025:7462 | Red Hat Security Advisory: podman security update | 2025-05-13T16:04:06+00:00 | 2025-11-29T06:54:41+00:00 |
| rhsa-2025:7459 | Red Hat Security Advisory: buildah security update | 2025-05-13T17:19:11+00:00 | 2025-11-29T06:54:40+00:00 |
| rhsa-2025:7416 | Red Hat Security Advisory: gvisor-tap-vsock security update | 2025-05-13T13:59:06+00:00 | 2025-11-29T06:54:39+00:00 |
| rhsa-2025:7407 | Red Hat Security Advisory: opentelemetry-collector security update | 2025-05-13T13:53:53+00:00 | 2025-11-29T06:54:39+00:00 |
| rhsa-2025:7397 | Red Hat Security Advisory: skopeo security update | 2025-05-13T13:31:37+00:00 | 2025-11-29T06:54:38+00:00 |
| rhsa-2025:7404 | Red Hat Security Advisory: grafana security update | 2025-05-13T13:59:07+00:00 | 2025-11-29T06:54:37+00:00 |
| rhsa-2025:7391 | Red Hat Security Advisory: podman security update | 2025-05-13T13:31:19+00:00 | 2025-11-29T06:54:37+00:00 |
| rhsa-2025:7389 | Red Hat Security Advisory: buildah security update | 2025-05-13T13:28:19+00:00 | 2025-11-29T06:54:36+00:00 |
| rhsa-2025:4810 | Red Hat Security Advisory: RHSA: Submariner 0.18.5 - bug and security update | 2025-05-12T15:04:37+00:00 | 2025-11-29T06:54:34+00:00 |
| rhsa-2025:4731 | Red Hat Security Advisory: OpenShift Container Platform 4.16.40 bug fix and security update | 2025-05-15T00:44:29+00:00 | 2025-11-29T06:54:34+00:00 |
| rhsa-2025:4712 | Red Hat Security Advisory: OpenShift Container Platform 4.18.13 bug fix and security update | 2025-05-14T02:10:27+00:00 | 2025-11-29T06:54:34+00:00 |
| rhsa-2025:4677 | Red Hat Security Advisory: OpenShift Container Platform 4.13.58 bug fix and security update | 2025-05-15T16:34:38+00:00 | 2025-11-29T06:54:33+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-68729 | wifi: ath12k: Fix MSDU buffer types handling in RX error path | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:50.000Z |
| msrc_cve-2025-68745 | scsi: qla2xxx: Clear cmds after chip reset | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:45.000Z |
| msrc_cve-2025-68736 | landlock: Fix handling of disconnected directories | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:40.000Z |
| msrc_cve-2025-68366 | nbd: defer config unlock in nbd_genl_connect | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:35.000Z |
| msrc_cve-2025-68357 | iomap: allocate s_dio_done_wq for async reads as well | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:30.000Z |
| msrc_cve-2023-54161 | af_unix: Fix null-ptr-deref in unix_stream_sendpage(). | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:26.000Z |
| msrc_cve-2025-68732 | gpu: host1x: Fix race in syncpt alloc/free | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:21.000Z |
| msrc_cve-2025-68741 | scsi: qla2xxx: Fix improper freeing of purex item | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:16.000Z |
| msrc_cve-2025-68345 | ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:11.000Z |
| msrc_cve-2025-68362 | wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:06.000Z |
| msrc_cve-2025-68354 | regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex | 2025-12-02T00:00:00.000Z | 2025-12-26T14:36:01.000Z |
| msrc_cve-2025-68349 | NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid | 2025-12-02T00:00:00.000Z | 2025-12-26T14:35:56.000Z |
| msrc_cve-2025-68371 | scsi: smartpqi: Fix device resources accessed after device removal | 2025-12-02T00:00:00.000Z | 2025-12-26T14:35:51.000Z |
| msrc_cve-2025-3001 | PyTorch torch.lstm_cell memory corruption | 2025-03-02T00:00:00.000Z | 2025-12-25T01:38:09.000Z |
| msrc_cve-2025-68615 | Net-SNMP snmptrapd crash | 2025-12-02T00:00:00.000Z | 2025-12-25T01:38:02.000Z |
| msrc_cve-2025-68476 | KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential | 2025-12-02T00:00:00.000Z | 2025-12-25T01:37:57.000Z |
| msrc_cve-2025-38478 | comedi: Fix initialization of data for instructions that write to subdevice | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:40.000Z |
| msrc_cve-2025-38477 | net/sched: sch_qfq: Fix race condition on qfq_aggregate | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:36.000Z |
| msrc_cve-2025-38425 | i2c: tegra: check msg length in SMBUS block read | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:31.000Z |
| msrc_cve-2025-38422 | net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:26.000Z |
| msrc_cve-2025-38412 | platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:21.000Z |
| msrc_cve-2025-38410 | drm/msm: Fix a fence leak in submit error path | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:16.000Z |
| msrc_cve-2025-38409 | drm/msm: Fix another leak in the submit error path | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:11.000Z |
| msrc_cve-2025-38406 | wifi: ath6kl: remove WARN on bad firmware input | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:06.000Z |
| msrc_cve-2025-38403 | vsock/vmci: Clear the vmci transport packet properly when initializing it | 2025-07-02T00:00:00.000Z | 2025-12-25T01:02:01.000Z |
| msrc_cve-2025-38401 | mtk-sd: Prevent memory corruption from DMA map failure | 2025-07-02T00:00:00.000Z | 2025-12-25T01:01:55.000Z |
| msrc_cve-2025-38400 | nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. | 2025-07-02T00:00:00.000Z | 2025-12-25T01:01:51.000Z |
| msrc_cve-2025-38399 | scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() | 2025-07-02T00:00:00.000Z | 2025-12-25T01:01:45.000Z |
| msrc_cve-2025-38395 | regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods | 2025-07-02T00:00:00.000Z | 2025-12-25T01:01:40.000Z |
| msrc_cve-2025-38393 | NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN | 2025-07-02T00:00:00.000Z | 2025-12-25T01:01:35.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-345-06 | Siemens SINEMA Remote Connect Server | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-05 | Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-04 | Siemens IAM Client | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-22 | Siemens Web Installer (SSA-282044) | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-11 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-03 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-347-02 | Siemens Engineering Platforms | 2024-12-10T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-256-16 | Siemens Third-Party Component in SICAM and SITIPE Products | 2024-09-10T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-193-05 | Siemens SCALANCE, RUGGEDCOM | 2024-07-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-22-349-09 | Siemens OpenSSL 3.0 Affecting Products | 2022-12-13T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-338-07 | Advantech iView | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-06 | SolisCloud Monitoring Platform | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-05 | Sunbird DCIM dcTrack and Power IQ | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-04 | Johnson Controls iSTAR | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-03 | Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-02 | MAXHUB Pivot | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-01 | Mitsubishi Electric GX Works2 | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-219-02 | Johnson Controls FX Server, FX80 and FX90 (Update A) | 2025-08-07T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-148-03 | Consilium Safety CS5000 Fire Panel (Update A) | 2025-05-29T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsma-25-336-01 | Mirion Medical EC2 Software NMIS BioDose | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-02 | Iskra iHUB and iHUB Lite | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-01 | Industrial Video & Control Longwatch | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-205-01 | Mitsubishi Electric CNC Series (Update A) | 2025-07-24T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-23-157-02 | Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update C) | 2023-06-06T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-329-06 | SiRcom SMART Alert (SiSA) | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-05 | Festo Compact Vision System, Control Block, Controller, and Operator Unit products | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-03 | Zenitel TCIV-3+ | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-02 | Rockwell Automation Arena Simulation | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-01 | Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-22-333-05 | Mitsubishi Electric FA Engineering Software (Update C) | 2022-12-05T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-ios-invalid-url-dos-nvxszf6u | Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-ios-cli-eb7cz6yo | Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-defaultacl-psjk9nvf | Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-cat9k-acl-l4k7vxgd | Cisco IOS XE Software on Cisco Catalyst 9500X and 9600X Series Switches Virtual Interface Access Control List Bypass Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-action-frame-inj-qqcncz8h | Cisco Wireless Access Point Software Device Analytics Action Frame Injection Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-9800cl-openscep-sb4xtxzp | Cisco IOS XE Software for Catalyst 9800 Series Wireless Controller for Cloud Unauthenticated Access to Certificate Enrollment Service Vulnerability | 2025-09-24T16:00:00+00:00 | 2025-09-24T16:00:00+00:00 |
| cisco-sa-snmp-bypass-hhuvujdn | Cisco IOS XE SD-WAN Software Packet Filtering Bypass Vulnerability | 2025-05-07T16:00:00+00:00 | 2025-09-22T14:12:28+00:00 |
| cisco-sa-xrsig-uy4zrucg | Cisco IOS XR Software Image Verification Bypass Vulnerability | 2025-09-10T16:00:00+00:00 | 2025-09-10T16:00:00+00:00 |
| cisco-sa-iosxr-arp-storm-ejuu55ym | Cisco IOS XR ARP Broadcast Storm Denial of Service Vulnerability | 2025-09-10T16:00:00+00:00 | 2025-09-10T16:00:00+00:00 |
| cisco-sa-acl-packetio-swjhhbtz | Cisco IOS XR Software Management Interface ACL Bypass Vulnerability | 2025-09-10T16:00:00+00:00 | 2025-09-10T16:00:00+00:00 |
| cisco-sa-fp2k-ipsec-dos-tjwgdzco | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-09-09T21:22:34+00:00 |
| cisco-sa-webex-xss-55bv8hhm | Cisco Webex Meetings Cross-Site Scripting Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-webex-urlredirect-uk8ddjsz | Cisco Webex Meetings URL Redirection Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-phone-write-g3kcc5df | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-imp-xss-xqgu4hsg | Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-epnm-pi-stored-xss-xjqzsycp | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-epnm-info-dis-zhppmfgz | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Information Disclosure Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-epni-arb-file-upload-jjdm2p83 | Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-cucm-csrf-w762pryd | Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability | 2025-09-03T16:00:00+00:00 | 2025-09-03T16:00:00+00:00 |
| cisco-sa-3100_4200_tlsdos-2ynscd54 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial of Service Vulnerability | 2025-08-14T16:00:00+00:00 | 2025-09-03T13:37:50+00:00 |
| cisco-sa-ucs-xss-ey6xhyps | Cisco UCS Manager Software Stored Cross-Site Scripting Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-ucs-vkvmorv-cnkrv7hk | Cisco Integrated Management Controller Virtual Keyboard Video Monitor Open Redirect Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-ucs-multi-cmdinj-e4ukjyrz | Cisco UCS Manager Software Command Injection Vulnerabilities | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-ucs-kvmsxss-6h7anuyk | Cisco Integrated Management Controller Virtual Keyboard Video Monitor Stored Cross-Site Scripting Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-nxospc-pim6-vg4jfph | Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-nxos-infodis-tectysfg | Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-nxos-cmdinj-qhnze5ss | Cisco NX-OS Software Command Injection Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-nshs-urapi-gjubvfpu | Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-nd-ptrs-xu2fm2wb | Cisco Nexus Dashboard Path Traversal Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| cisco-sa-n39k-isis-dos-jhja8rfx | Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability | 2025-08-27T16:00:00+00:00 | 2025-08-27T16:00:00+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| SCA-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| sca-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| SCA-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| sca-2023-0006 | Vulnerabilities in SICK ICR890-4 | 2023-07-10T13:00:00.000Z | 2023-07-10T13:00:00.000Z |
| SCA-2023-0006 | Vulnerabilities in SICK ICR890-4 | 2023-07-10T13:00:00.000Z | 2023-07-10T13:00:00.000Z |
| sca-2023-0005 | Vulnerabilities in SICK EventCam App | 2023-06-19T11:00:00.000Z | 2023-06-19T11:00:00.000Z |
| SCA-2023-0005 | Vulnerabilities in SICK EventCam App | 2023-06-19T11:00:00.000Z | 2023-06-19T11:00:00.000Z |
| sca-2023-0004 | Vulnerabilities in SICK FTMg | 2023-05-11T13:00:00.000Z | 2023-05-11T13:00:00.000Z |
| SCA-2023-0004 | Vulnerabilities in SICK FTMg | 2023-05-11T13:00:00.000Z | 2023-05-11T13:00:00.000Z |
| sca-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| SCA-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| sca-2023-0002 | Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways | 2023-04-11T10:00:00.000Z | 2023-04-11T10:00:00.000Z |
| SCA-2023-0002 | Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways | 2023-04-11T10:00:00.000Z | 2023-04-11T10:00:00.000Z |
| sca-2023-0001 | Bootloader mode vulnerability in Flexi Soft Gateways v3 | 2023-02-20T14:00:00.000Z | 2023-02-20T14:00:00.000Z |
| SCA-2023-0001 | Bootloader mode vulnerability in Flexi Soft Gateways v3 | 2023-02-20T14:00:00.000Z | 2023-02-20T14:00:00.000Z |
| sca-2022-0015 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR | 2022-12-08T16:00:00.000Z | 2022-12-08T16:00:00.000Z |
| SCA-2022-0015 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR | 2022-12-08T16:00:00.000Z | 2022-12-08T16:00:00.000Z |
| sca-2022-0013 | Password recovery vulnerability affects multiple SICK SIMs | 2022-10-21T13:00:00.000Z | 2022-11-04T14:00:00.000Z |
| SCA-2022-0013 | Password recovery vulnerability affects multiple SICK SIMs | 2022-10-21T13:00:00.000Z | 2022-11-04T14:00:00.000Z |
| sca-2022-0014 | SICK FlexiCompact affected by Denial of Service vulnerability | 2022-10-31T11:00:00.000Z | 2022-10-31T11:00:00.000Z |
| SCA-2022-0014 | SICK FlexiCompact affected by Denial of Service vulnerability | 2022-10-31T11:00:00.000Z | 2022-10-31T11:00:00.000Z |
| sca-2022-0012 | OpenSSL vulnerability affects multiple SICK SIMs | 2022-08-08T13:00:00.000Z | 2022-08-03T13:00:00.000Z |
| SCA-2022-0012 | OpenSSL vulnerability affects multiple SICK SIMs | 2022-08-08T13:00:00.000Z | 2022-08-03T13:00:00.000Z |
| sca-2022-0010 | Vulnerability in SICK Flexi Soft Designer & Safety Designer | 2022-05-16T10:00:00.000Z | 2022-07-19T10:00:00.000Z |
| SCA-2022-0010 | Vulnerability in SICK Flexi Soft Designer & Safety Designer | 2022-05-16T10:00:00.000Z | 2022-07-19T10:00:00.000Z |
| sca-2022-0011 | Vulnerabilities in SICK Package Analytics | 2022-06-08T15:00:00.000Z | 2022-06-08T15:00:00.000Z |
| SCA-2022-0011 | Vulnerabilities in SICK Package Analytics | 2022-06-08T15:00:00.000Z | 2022-06-08T15:00:00.000Z |
| sca-2022-0009 | Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0008 | Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| SCA-2022-0009 | Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2023_10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:15-01 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2023:10-01 | DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2022_2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2022_2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2022:2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| nn-2022:2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2024:2-01 | Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0 | 2024-09-11T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2024:1-01 | DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:9-01 | Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:17-01 | Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 | 2024-04-10T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:15-01 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 | 2024-05-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:12-01 | Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 | 2024-01-15T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| NN-2023:11-01 | SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 | 2023-09-18T11:00:00.000Z | 2024-09-19T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| OXAS-ADV-2023-0006 | OX App Suite Security Advisory OXAS-ADV-2023-0006 | 2023-09-25T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2023-0005 | OX App Suite Security Advisory OXAS-ADV-2023-0005 | 2023-09-19T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2023-0004 | OX App Suite Security Advisory OXAS-ADV-2023-0004 | 2023-08-01T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2023-0003 | OX App Suite Security Advisory OXAS-ADV-2023-0003 | 2023-05-02T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2023-0002 | OX App Suite Security Advisory OXAS-ADV-2023-0002 | 2023-03-20T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2023-0001 | OX App Suite Security Advisory OXAS-ADV-2023-0001 | 2023-02-06T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2022-0002 | OX App Suite Security Advisory OXAS-ADV-2022-0002 | 2022-11-02T00:00:00+01:00 | 2024-01-22T00:00:00+00:00 |
| OXAS-ADV-2022-0001 | OX App Suite Security Advisory OXAS-ADV-2022-0001 | 2022-08-10T00:00:00+02:00 | 2024-01-22T00:00:00+00:00 |
| ID | Description | Updated |
|---|---|---|
| var-201801-0152 | An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri… | 2024-11-29T22:49:44.989000Z |
| var-202004-0077 | There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc… | 2024-11-29T22:49:10.471000Z |
| var-202411-1369 | A parameter within a command does not properly validate input within myPRO Manager which … | 2024-11-29T22:48:08.493000Z |
| var-202411-1372 | The web application uses a weak authentication mechanism to verify that a request is comi… | 2024-11-29T22:48:08.477000Z |
| var-202411-1370 | An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a c… | 2024-11-29T22:48:08.461000Z |
| var-202411-1371 | The administrative interface listens by default on all interfaces on a TCP port and does … | 2024-11-29T22:48:08.445000Z |
| var-202411-1373 | The back-end does not sufficiently verify the user-controlled filename parameter which ma… | 2024-11-29T22:48:08.429000Z |
| var-200512-0300 | Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe… | 2024-11-29T22:47:57.596000Z |
| var-200512-0643 | Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe… | 2024-11-29T22:47:55.749000Z |
| var-200512-0297 | Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit… | 2024-11-29T22:47:55.685000Z |
| var-200512-0611 | Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and… | 2024-11-29T22:47:55.607000Z |
| var-200512-0294 | Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitr… | 2024-11-29T22:47:55.530000Z |
| var-201112-0097 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… | 2024-11-29T22:47:02.572000Z |
| var-201805-1143 | In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and pr… | 2024-11-29T22:46:30.150000Z |
| var-201805-1144 | In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and pr… | 2024-11-29T22:46:30.043000Z |
| var-201806-1058 | Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… | 2024-11-29T22:46:29.795000Z |
| var-201902-0647 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening … | 2024-11-29T22:46:28.037000Z |
| var-200202-0006 | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… | 2024-11-29T22:46:09.598000Z |
| var-200107-0035 | slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cau… | 2024-11-29T22:45:37.258000Z |
| var-200607-0396 | Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b… | 2024-11-29T22:45:25.291000Z |
| var-201601-0038 | Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote atta… | 2024-11-29T22:42:17.893000Z |
| var-201801-0394 | TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbi… | 2024-11-29T22:41:34.504000Z |
| var-201805-1147 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… | 2024-11-29T22:41:28.661000Z |
| var-201904-0181 | Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow… | 2024-11-29T22:41:17.815000Z |
| var-202001-0833 | A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo… | 2024-11-29T22:41:12.131000Z |
| var-202001-0832 | A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… | 2024-11-29T22:41:12.054000Z |
| var-201208-0222 | Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… | 2024-11-29T22:41:11.980000Z |
| var-202005-0008 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf… | 2024-11-29T22:41:10.312000Z |
| var-202007-0395 | Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities … | 2024-11-29T22:41:08.364000Z |
| var-202106-0542 | A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic … | 2024-11-29T22:41:05.439000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000100 | Multiple Roboticsware products register Windows services with unquoted file paths | 2025-11-04T14:17+09:00 | 2025-11-04T14:17+09:00 |
| jvndb-2025-000098 | Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path | 2025-11-04T13:51+09:00 | 2025-11-04T13:51+09:00 |
| jvndb-2025-000099 | Progress Flowmon vulnerable to authenticated OS command injection | 2025-11-04T12:47+09:00 | 2025-11-04T12:47+09:00 |
| jvndb-2025-000096 | Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries | 2025-10-29T14:17+09:00 | 2025-10-29T14:17+09:00 |
| jvndb-2025-000095 | MZK-DP300N uses hard-coded credentials | 2025-10-28T14:04+09:00 | 2025-10-28T14:04+09:00 |
| jvndb-2025-014793 | NIHON KOHDEN Central Monitor CNS-6201 vulnerable to NULL pointer dereference | 2025-10-01T11:35+09:00 | 2025-10-27T12:28+09:00 |
| jvndb-2025-000093 | Multiple stored cross-site scripting vulnerabilities in Pleasanter | 2025-10-24T15:11+09:00 | 2025-10-24T15:11+09:00 |
| jvndb-2025-000084 | GROWI vulnerable to cross-site scripting | 2025-10-22T15:44+09:00 | 2025-10-22T15:44+09:00 |
| jvndb-2025-000090 | Multiple stored cross-site scripting vulnerabilities in Movable Type | 2025-10-22T13:54+09:00 | 2025-10-22T13:54+09:00 |
| jvndb-2025-000088 | Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel | 2025-10-20T16:17+09:00 | 2025-10-22T10:06+09:00 |
| jvndb-2025-000092 | ETERNUS SF vulnerable to incorrect default permissions | 2025-10-20T14:20+09:00 | 2025-10-20T14:20+09:00 |
| jvndb-2025-000089 | Installer of AutoDownloader may insecurely load Dynamic Link Libraries | 2025-10-17T13:38+09:00 | 2025-10-17T13:38+09:00 |
| jvndb-2025-000074 | Multiple vulnerabilities in desknet's NEO | 2025-10-16T17:30+09:00 | 2025-10-16T17:30+09:00 |
| jvndb-2025-000076 | Multiple vulnerabilities in ChatLuck | 2025-10-16T17:17+09:00 | 2025-10-16T17:17+09:00 |
| jvndb-2025-000087 | Ruijie Networks RG-EST300 undocumented SSH functionality | 2025-10-16T14:19+09:00 | 2025-10-16T14:19+09:00 |
| jvndb-2025-016124 | Buffalo Wi-Fi router WXR9300BE6P series vulnerable to path traversal | 2025-10-16T11:16+09:00 | 2025-10-16T11:16+09:00 |
| jvndb-2025-000085 | Multiple RSUPPORT products may insecurely load Dynamic Link Libraries | 2025-10-15T15:55+09:00 | 2025-10-15T15:55+09:00 |
| jvndb-2025-000086 | Phoenix Contact CHARX SEC-3xxx vulnerable to code injection | 2025-10-15T15:54+09:00 | 2025-10-15T15:54+09:00 |
| jvndb-2025-000083 | BUFFALO NAS Navigator2 registers a Windows service with an unquoted file path | 2025-10-10T13:56+09:00 | 2025-10-10T13:56+09:00 |
| jvndb-2025-015451 | Multiple vulnerabilities in FUJI Electric V-SFT | 2025-10-09T13:39+09:00 | 2025-10-09T13:39+09:00 |
| jvndb-2025-000081 | DataSpider Servista improper restriction of XML external entity references | 2025-09-29T14:44+09:00 | 2025-10-07T16:54+09:00 |
| jvndb-2025-000082 | The installers of DENSO TEN drive recorder viewer may insecurely load Dynamic Link Libraries | 2025-10-06T15:38+09:00 | 2025-10-06T15:38+09:00 |
| jvndb-2025-015061 | Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation | 2025-10-06T13:52+09:00 | 2025-10-06T13:52+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-014642 | Multiple vulnerabilities in Canon Printer Drivers for Production Printers, Office/Small Office Multifunction Printers and Laser Printers | 2025-09-30T11:50+09:00 | 2025-09-30T11:50+09:00 |
| jvndb-2025-000066 | Improper file access permission settings in multiple i-FILTER products | 2025-08-27T19:50+09:00 | 2025-09-29T13:45+09:00 |
| jvndb-2025-000077 | RICOH Streamline NX vulnerable to tampering with operation history | 2025-09-08T13:42+09:00 | 2025-09-24T16:53+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-014105 | OMRON SOCIAL SOLUTIONS Uninterruptible Power Supply (UPS) management application registers a Windows service with an unquoted file path | 2025-09-19T16:21+09:00 | 2025-09-19T16:21+09:00 |
| jvndb-2025-014104 | Multiple vulnerabilities in I-O DATA wireless LAN routers | 2025-09-19T14:58+09:00 | 2025-09-19T14:58+09:00 |
| ID | Description | Updated |
|---|---|---|
| ts-2022-005 | TS-2022-005 | 2022-11-21T00:00 |
| ts-2022-004 | TS-2022-004 | 2022-11-21T00:00 |
| ts-2022-003 | TS-2022-003 | 2022-06-14T00:00 |
| ts-2022-002 | TS-2022-002 | 2022-05-11T00:00 |
| ts-2022-001 | TS-2022-001 | 2022-02-07T00:00 |