Recent vulnerabilities
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-2921 |
7.8 (3.0)
|
GStreamer RIFF Palette Integer Overflow Remote Code Ex… |
GStreamer |
GStreamer |
2026-03-13T20:41:50.780Z | 2026-03-13T20:41:50.780Z |
| CVE-2026-3083 |
8.8 (3.0)
|
GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code… |
GStreamer |
GStreamer |
2026-03-13T20:41:31.185Z | 2026-03-13T20:41:31.185Z |
| CVE-2026-3086 |
7.8 (3.0)
|
GStreamer H.266 Codec Parser Out-Of-Bounds Write Remot… |
GStreamer |
GStreamer |
2026-03-13T20:40:12.973Z | 2026-03-13T20:40:12.973Z |
| CVE-2026-3085 |
8.8 (3.0)
|
GStreamer rtpqdm2depay Heap-based Buffer Overflow Remo… |
GStreamer |
GStreamer |
2026-03-13T20:40:02.186Z | 2026-03-13T20:40:02.186Z |
| CVE-2026-3082 |
7.8 (3.0)
|
GStreamer JPEG Parser Heap-based Buffer Overflow Remot… |
GStreamer |
GStreamer |
2026-03-13T20:39:33.772Z | 2026-03-13T20:39:33.772Z |
| CVE-2026-3081 |
7.8 (3.0)
|
GStreamer H.266 Codec Parser Stack-based Buffer Overfl… |
GStreamer |
GStreamer |
2026-03-13T20:39:20.596Z | 2026-03-13T20:39:20.596Z |
| CVE-2026-2923 |
7.8 (3.0)
|
GStreamer DVB Subtitles Out-Of-Bounds Write Remote Cod… |
GStreamer |
GStreamer |
2026-03-13T20:39:01.199Z | 2026-03-13T20:39:01.199Z |
| CVE-2026-2922 |
7.8 (3.0)
|
GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote… |
GStreamer |
GStreamer |
2026-03-13T20:38:49.124Z | 2026-03-13T20:38:49.124Z |
| CVE-2026-2920 |
7.8 (3.0)
|
GStreamer ASF Demuxer Heap-based Buffer Overflow Remot… |
GStreamer |
GStreamer |
2026-03-13T20:38:27.802Z | 2026-03-13T20:38:27.802Z |
| CVE-2026-3839 |
7.3 (3.0)
|
Unraid Authentication Request Path Traversal Authentic… |
Unraid |
Unraid |
2026-03-13T20:38:05.449Z | 2026-03-13T20:38:05.449Z |
| CVE-2026-3838 |
8.8 (3.0)
|
Unraid Update Request Path Traversal Remote Code Execu… |
Unraid |
Unraid |
2026-03-13T20:37:53.130Z | 2026-03-13T20:37:53.130Z |
| CVE-2026-3562 |
6.3 (3.0)
|
Philips Hue Bridge hk_hap Ed25519 Signature Verificati… |
Philips |
Hue Bridge |
2026-03-13T20:37:09.162Z | 2026-03-13T20:37:09.162Z |
| CVE-2026-3561 |
8 (3.0)
|
Philips Hue Bridge hk_hap characteristics Heap-based B… |
Philips |
Hue Bridge |
2026-03-13T20:37:05.625Z | 2026-03-13T20:37:05.625Z |
| CVE-2026-3560 |
8.8 (3.0)
|
Philips Hue Bridge HomeKit hk_hap_pair_storage_put Hea… |
Philips |
Hue Bridge |
2026-03-13T20:37:01.412Z | 2026-03-13T20:37:01.412Z |
| CVE-2026-3559 |
8.1 (3.0)
|
Philips Hue Bridge HomeKit Accessory Protocol Static N… |
Philips |
Hue Bridge |
2026-03-13T20:36:57.441Z | 2026-03-13T20:36:57.441Z |
| CVE-2026-3558 |
8.1 (3.0)
|
Philips Hue Bridge HomeKit Accessory Protocol Transien… |
Philips |
Hue Bridge |
2026-03-13T20:36:52.519Z | 2026-03-13T20:36:52.519Z |
| CVE-2026-3557 |
8 (3.0)
|
Philips Hue Bridge hap_pair_verify_handler Sub-TLV Par… |
Philips |
Hue Bridge |
2026-03-13T20:36:48.632Z | 2026-03-13T20:36:48.632Z |
| CVE-2026-3556 |
8.8 (3.0)
|
Philips Hue Bridge HomeKit Pair-Setup Heap-based Buffe… |
Philips |
Hue Bridge |
2026-03-13T20:36:44.408Z | 2026-03-13T20:36:44.408Z |
| CVE-2026-3555 |
8 (3.0)
|
Philips Hue Bridge Zigbee Stack Custom Command Handler… |
Philips |
Hue Bridge |
2026-03-13T20:36:40.448Z | 2026-03-13T20:36:40.448Z |
| CVE-2026-32621 |
9.9 (3.1)
|
Apollo Federation has prototype pollution via incomple… |
@apollo |
federation-internals |
2026-03-13T20:29:54.875Z | 2026-03-13T20:29:54.875Z |
| CVE-2026-32626 |
9.7 (3.1)
|
AnythingLLM has a Streaming Phase XSS to RCE via LLM … |
Mintplex-Labs |
anything-llm |
2026-03-13T20:14:30.437Z | 2026-03-13T20:14:30.437Z |
| CVE-2026-32614 |
7.5 (3.1)
|
Go ShangMi SM9 Infinity-Point Ciphertext Forgery Vulne… |
emmansun |
gmsm |
2026-03-13T20:14:05.750Z | 2026-03-13T20:14:05.750Z |
| CVE-2026-0977 |
5.1 (3.1)
|
IBM CICS Transaction Gateway for Multiplatforms Inform… |
IBM |
CICS Transaction Gateway for Multiplatforms |
2026-03-13T20:11:00.825Z | 2026-03-13T20:11:00.825Z |
| CVE-2026-32617 |
7.1 (3.1)
|
AnythingLLM Permissable CORS policy |
Mintplex-Labs |
anything-llm |
2026-03-13T20:07:57.446Z | 2026-03-13T20:07:57.446Z |
| CVE-2026-32600 |
8.2 (3.1)
|
xml-security is Missing AES-GCM Authentication Tag Val… |
simplesamlphp |
xml-security |
2026-03-13T19:58:41.692Z | 2026-03-13T19:58:41.692Z |
| CVE-2026-32594 |
6.9 (4.0)
|
Parse Server GraphQL WebSocket endpoint bypasses secur… |
parse-community |
parse-server |
2026-03-13T19:56:42.155Z | 2026-03-13T19:56:42.155Z |
| CVE-2025-13212 |
5.3 (3.1)
|
IBM Aspera Console Denial of Service |
IBM |
Aspera Console |
2026-03-13T19:54:10.521Z | 2026-03-13T19:54:10.521Z |
| CVE-2025-13459 |
2.7 (3.1)
|
IBM Aspera Console Denial of Service |
IBM |
Aspera Console |
2026-03-13T19:54:05.962Z | 2026-03-13T19:54:05.962Z |
| CVE-2025-13460 |
5.3 (3.1)
|
IBM Aspera Console Information Disclosure |
IBM |
Aspera Console |
2026-03-13T19:54:04.254Z | 2026-03-13T19:54:04.254Z |
| CVE-2026-32314 |
8.7 (4.0)
|
Yamux remote Panic via malformed Data frame with SYN s… |
libp2p |
rust-yamux |
2026-03-13T19:53:08.823Z | 2026-03-13T19:53:08.823Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-32451 |
6.3 (3.1)
|
WordPress Fusion Builder plugin < 3.15.0 - Broken Acce… |
ThemeFusion |
Fusion Builder |
2026-03-13T11:42:21.480Z | 2026-03-13T18:51:32.066Z |
| CVE-2026-32450 |
6.5 (3.1)
|
WordPress Active Products Tables for WooCommerce plugi… |
RealMag777 |
Active Products Tables for WooCommerce |
2026-03-13T11:42:21.288Z | 2026-03-13T14:34:11.364Z |
| CVE-2026-32449 |
6.5 (3.1)
|
WordPress Themify Event Post plugin <= 1.3.4 - Cross S… |
themifyme |
Themify Event Post |
2026-03-13T11:42:21.103Z | 2026-03-13T19:23:47.856Z |
| CVE-2026-32448 |
6.5 (3.1)
|
WordPress Podlove Podcast Publisher plugin <= 4.3.3 - … |
Eric Teubert |
Podlove Podcast Publisher |
2026-03-13T11:42:20.912Z | 2026-03-13T14:39:35.485Z |
| CVE-2026-32447 |
4.3 (3.1)
|
WordPress Atarim plugin <= 4.3.2 - Broken Access Contr… |
Vito Peleg |
Atarim |
2026-03-13T11:42:20.710Z | 2026-03-13T18:53:45.311Z |
| CVE-2026-32446 |
4.3 (3.1)
|
WordPress Contact Form by WPForms plugin <= 1.9.9.3 - … |
Syed Balkhi |
Contact Form by WPForms |
2026-03-13T11:42:20.527Z | 2026-03-13T15:33:27.342Z |
| CVE-2026-32445 |
2.7 (3.1)
|
WordPress Elementor Website Builder plugin <= 3.35.5 -… |
Elementor |
Elementor Website Builder |
2026-03-13T11:42:20.356Z | 2026-03-13T18:50:11.050Z |
| CVE-2026-32443 |
6.5 (3.1)
|
WordPress Product Feed PRO for WooCommerce plugin <= 1… |
Josh Kohlbach |
Product Feed PRO for WooCommerce |
2026-03-13T11:42:20.167Z | 2026-03-13T15:37:58.357Z |
| CVE-2026-32442 |
4.3 (3.1)
|
WordPress e2pdf plugin <= 1.28.15 - Broken Access Cont… |
E2Pdf |
e2pdf |
2026-03-13T11:42:19.991Z | 2026-03-13T18:53:34.496Z |
| CVE-2026-32440 |
5.3 (3.1)
|
WordPress WP Food plugin < 2.7.1 - Broken Access Contr… |
Ex-Themes |
WP Food |
2026-03-13T11:42:19.810Z | 2026-03-13T15:40:37.844Z |
| CVE-2026-32439 |
5.3 (3.1)
|
WordPress BigHearts theme <= 3.1.14 - Broken Access Co… |
WebGeniusLab |
BigHearts |
2026-03-13T11:42:19.604Z | 2026-03-13T18:53:33.774Z |
| CVE-2026-32438 |
5.3 (3.1)
|
WordPress VW School Education theme <= 1.4.6 - Broken … |
vowelweb |
VW School Education |
2026-03-13T11:42:19.358Z | 2026-03-13T15:44:53.276Z |
| CVE-2026-32437 |
5.3 (3.1)
|
WordPress VW Portfolio theme <= 1.3.3 - Broken Access … |
vowelweb |
VW Portfolio |
2026-03-13T11:42:19.177Z | 2026-03-13T18:53:33.607Z |
| CVE-2026-32436 |
5.3 (3.1)
|
WordPress VW Photography theme <= 1.3.8 - Broken Acces… |
vowelweb |
VW Photography |
2026-03-13T11:42:19.005Z | 2026-03-13T15:48:15.864Z |
| CVE-2026-32435 |
5.3 (3.1)
|
WordPress VW Pet Shop theme <= 1.4.7 - Broken Access C… |
vowelweb |
VW Pet Shop |
2026-03-13T11:42:18.837Z | 2026-03-13T18:53:33.454Z |
| CVE-2026-32434 |
5.3 (3.1)
|
WordPress VW Fitness theme <= 4.3.4 - Broken Access Co… |
vowelweb |
VW Fitness |
2026-03-13T11:42:18.658Z | 2026-03-13T15:54:53.168Z |
| CVE-2026-32433 |
8.5 (3.1)
|
WordPress CP Contact Form with Paypal plugin <= 1.3.61… |
codepeople |
CP Contact Form with Paypal |
2026-03-13T11:42:18.460Z | 2026-03-13T19:33:50.826Z |
| CVE-2026-32432 |
5.3 (3.1)
|
WordPress WP Time Slots Booking Form plugin <= 1.2.42 … |
codepeople |
WP Time Slots Booking Form |
2026-03-13T11:42:18.279Z | 2026-03-13T15:57:49.043Z |
| CVE-2026-32431 |
6.5 (3.1)
|
WordPress Astra Bulk Edit plugin <= 1.2.10 - Cross Sit… |
Brainstorm Force |
Astra Bulk Edit |
2026-03-13T11:42:18.080Z | 2026-03-13T19:23:48.861Z |
| CVE-2026-32430 |
6.5 (3.1)
|
WordPress PowerPack Addons for Elementor plugin <= 2.9… |
IdeaBox Creations |
PowerPack Addons for Elementor |
2026-03-13T11:42:17.868Z | 2026-03-13T16:02:27.320Z |
| CVE-2026-32429 |
6.5 (3.1)
|
WordPress Magical Addons For Elementor plugin <= 1.4.1… |
Noor Alam |
Magical Addons For Elementor |
2026-03-13T11:42:17.710Z | 2026-03-13T19:23:47.980Z |
| CVE-2026-32428 |
5.3 (3.1)
|
WordPress Popup Like box plugin <= 3.7.7 - Broken Acce… |
Ays Pro |
Popup Like box |
2026-03-13T11:42:17.541Z | 2026-03-13T17:53:07.918Z |
| CVE-2026-32427 |
5.3 (3.1)
|
WordPress VW Education Lite plugin <= 2.2.0 - Broken A… |
vowelweb |
VW Education Lite |
2026-03-13T11:42:17.358Z | 2026-03-13T18:53:33.301Z |
| CVE-2026-32426 |
7.5 (3.1)
|
WordPress Medilazar Core plugin < 1.4.7 - Local File I… |
themelexus |
Medilazar Core |
2026-03-13T11:42:17.181Z | 2026-03-13T17:59:04.378Z |
| CVE-2026-32425 |
5.3 (3.1)
|
WordPress Payment Gateway Pix For GiveWP plugin <= 2.2… |
linknacional |
Payment Gateway Pix For GiveWP |
2026-03-13T11:42:17.005Z | 2026-03-13T18:53:33.143Z |
| CVE-2026-32424 |
6.5 (3.1)
|
WordPress Sprout Clients plugin <= 3.2.2 - Cross Site … |
BoldGrid |
Sprout Clients |
2026-03-13T11:42:16.828Z | 2026-03-13T18:01:53.120Z |
| CVE-2026-32423 |
5.4 (3.1)
|
WordPress Admin and Site Enhancements (ASE) plugin <= … |
Bowo |
Admin and Site Enhancements (ASE) |
2026-03-13T11:42:16.662Z | 2026-03-13T18:54:27.531Z |
| CVE-2026-32422 |
8.5 (3.1)
|
WordPress WP EasyCart plugin <= 5.8.13 - SQL Injection… |
levelfourdevelopment |
WP EasyCart |
2026-03-13T11:42:16.471Z | 2026-03-13T18:06:07.361Z |
| CVE-2026-32421 |
5.3 (3.1)
|
WordPress Post Timeline plugin <= 2.4.1 - Broken Acces… |
Agile Logix |
Post Timeline |
2026-03-13T11:42:16.295Z | 2026-03-13T18:53:32.978Z |
| CVE-2026-32420 |
5.4 (3.1)
|
WordPress GamiPress plugin <= 7.6.6 - Cross Site Reque… |
Ruben Garcia |
GamiPress |
2026-03-13T11:42:16.126Z | 2026-03-13T18:10:20.502Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| fkie_cve-2026-2101 | A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm … | 2026-02-16T17:18:09.003 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-26930 | SmarterTools SmarterMail before 9526 allows XSS via MAPI requests. | 2026-02-16T17:18:08.813 | 2026-02-22T20:15:59.023 |
| fkie_cve-2026-2563 | A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the f… | 2026-02-16T16:19:18.070 | 2026-02-23T11:16:32.330 |
| fkie_cve-2026-1783 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued i… | 2026-02-16T16:19:17.880 | 2026-02-16T16:19:17.880 |
| fkie_cve-2025-65717 | An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files v… | 2026-02-16T16:19:17.510 | 2026-02-25T18:43:19.847 |
| fkie_cve-2025-65716 | An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to exe… | 2026-02-16T16:19:17.403 | 2026-02-25T18:46:08.703 |
| fkie_cve-2025-65715 | An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.… | 2026-02-16T16:19:17.287 | 2026-02-25T15:21:49.487 |
| fkie_cve-2026-2562 | A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the … | 2026-02-16T15:18:35.020 | 2026-02-23T11:16:32.100 |
| fkie_cve-2026-2561 | A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the funct… | 2026-02-16T15:18:34.840 | 2026-02-23T11:16:31.870 |
| fkie_cve-2026-2447 | Heap buffer overflow in libvpx. This vulnerability affects Firefox < 147.0.4, Firefox ESR < 140.7.1… | 2026-02-16T15:18:34.740 | 2026-02-22T21:16:00.017 |
| fkie_cve-2026-2032 | Malicious scripts that interrupt new tab page loading could cause desynchronization between the add… | 2026-02-16T15:18:34.620 | 2026-02-18T20:48:12.960 |
| fkie_cve-2026-2560 | A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The impacted element is the funct… | 2026-02-16T14:16:18.840 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2558 | A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the f… | 2026-02-16T14:16:18.650 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2557 | A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com… | 2026-02-16T14:16:18.440 | 2026-02-20T17:56:15.777 |
| fkie_cve-2026-1335 | An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawi… | 2026-02-16T14:16:18.303 | 2026-02-26T18:15:57.777 |
| fkie_cve-2026-1334 | An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawin… | 2026-02-16T14:16:18.160 | 2026-02-26T18:16:03.453 |
| fkie_cve-2026-1333 | A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWOR… | 2026-02-16T14:16:18.003 | 2026-02-26T18:15:50.280 |
| fkie_cve-2026-2556 | A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown p… | 2026-02-16T13:16:00.940 | 2026-02-20T17:57:52.997 |
| fkie_cve-2026-1046 | Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a mal… | 2026-02-16T13:16:00.793 | 2026-02-18T17:52:22.253 |
| fkie_cve-2025-14573 | Mattermost versions 10.11.x <= 10.11.9 fail to enforce invite permissions when updating team settin… | 2026-02-16T13:16:00.623 | 2026-02-18T20:18:01.113 |
| fkie_cve-2025-14350 | Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validat… | 2026-02-16T13:15:59.953 | 2026-02-18T20:19:20.907 |
| fkie_cve-2026-2555 | A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDo… | 2026-02-16T12:16:22.667 | 2026-02-18T21:43:53.793 |
| fkie_cve-2026-2553 | A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f… | 2026-02-16T12:16:22.480 | 2026-02-18T17:52:22.253 |
| fkie_cve-2026-2552 | A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delet… | 2026-02-16T12:16:22.277 | 2026-02-20T18:00:00.757 |
| fkie_cve-2025-2418 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in TR7 Cyber Defense Inc. Web A… | 2026-02-16T12:16:22.093 | 2026-02-18T17:52:22.253 |
| fkie_cve-2025-13821 | Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to sanitize sensiti… | 2026-02-16T12:16:21.423 | 2026-02-18T21:44:27.573 |
| fkie_cve-2026-2551 | A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the functi… | 2026-02-16T11:15:56.550 | 2026-02-20T19:06:41.460 |
| fkie_cve-2026-2452 | Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… | 2026-02-16T11:15:56.420 | 2026-03-12T17:29:01.843 |
| fkie_cve-2026-2451 | Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… | 2026-02-16T11:15:56.290 | 2026-03-13T12:39:56.690 |
| fkie_cve-2026-2415 | Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… | 2026-02-16T11:15:56.047 | 2026-03-13T12:47:32.733 |
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-hqpr-9vfh-4vgr |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-hfxj-xgvq-fqxv |
4.3 (3.1)
|
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploit… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-h8jm-wwc9-qxgj |
5.3 (3.1)
|
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons) for … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:51Z |
| ghsa-gr2f-jhj9-5mhq |
7.6 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:51Z |
| ghsa-gm36-gp26-9m6w |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-ghv5-43g7-224w |
7.5 (3.1)
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-g53r-489w-p2mf |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-fv25-wjjf-q2wr |
5.3 (3.1)
|
Missing Authorization vulnerability in WebGeniusLab BigHearts bighearts allows Exploiting Incorrect… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-fcmh-8r9j-5762 |
2.7 (3.1)
|
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploit… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-f3qh-mx42-8m58 |
4.3 (3.1)
|
Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Expl… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-cgh7-7jvj-846c |
8.5 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-9ww5-h4wh-qq2j |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-9w23-wxvg-hw8g |
5.3 (3.1)
|
Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorre… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-8rm3-c9m3-vvrx |
8.5 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:51Z |
| ghsa-7q9c-72v7-cvhg |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-73rg-h54g-x9w7 |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-6v38-q3q9-62pv |
5.3 (3.1)
|
Missing Authorization vulnerability in vowelweb VW School Education vw-school-education allows Expl… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-5962-78vp-wh3j |
5.3 (3.1)
|
Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Conf… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-576x-8q98-gh4m |
5.3 (3.1)
|
Missing Authorization vulnerability in vowelweb VW Pet Shop vw-pet-shop allows Exploiting Incorrect… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-4cgf-g8j7-xw5c |
5.3 (3.1)
|
Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment-gateway-… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-3phx-j4jx-m3fr |
5.3 (3.1)
|
Missing Authorization vulnerability in vowelweb VW Photography vw-photography allows Exploiting Inc… | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-37jf-ph38-h4vx |
6.3 (3.1)
|
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-29xj-6jjp-m927 |
8.5 (3.1)
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability … | 2026-03-13T21:31:50Z | 2026-03-13T21:31:50Z |
| ghsa-whpv-3r4p-274m |
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi… | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ghsa-w9p9-xcrg-c8jv |
|
Missing Authorization vulnerability in PublishPress PublishPress Capabilities capability-manager-en… | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ghsa-w59g-5675-pp8h |
|
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos … | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ghsa-w48h-3qp2-pxm9 |
6.5 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ghsa-vxgf-95mj-9phw |
5.9 (3.1)
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability … | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ghsa-vfvq-vr53-w2jg |
5.3 (3.1)
|
Missing Authorization vulnerability in WBW Plugins WBW Currency Switcher for WooCommerce woo-curren… | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ghsa-rrj8-527g-2w3m |
|
Missing Authorization vulnerability in raratheme Ridhi ridhi allows Exploiting Incorrectly Configur… | 2026-03-13T21:31:49Z | 2026-03-13T21:31:49Z |
| ID | Severity | Description | Package | Published | Updated |
|---|---|---|---|---|---|
| pysec-2025-41 |
9.8 (3.1)
|
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… | torch | 2025-04-18T16:15:23+00:00 | 2025-05-28T15:23:37.843138+00:00 |
| pysec-2025-35 |
7.5 (3.1)
|
Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… | weblate | 2025-04-15T21:16:04+00:00 | 2025-04-30T17:22:51.467257+00:00 |
| pysec-2025-32 |
9.8 (3.1)
|
BentoML is a Python library for building online serving systems optimized for AI apps and… | bentoml | 2025-04-09T16:15:25+00:00 | 2025-04-22T19:21:34.073355+00:00 |
| pysec-2025-36 |
9.8 (3.1)
|
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… | langflow | 2025-04-07T15:15:44+00:00 | 2025-05-07T19:22:44.993642+00:00 |
| pysec-2025-16 |
7.5 (3.1)
|
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… | lnbits | 2025-04-06T20:15:15+00:00 | 2025-04-09T17:27:25.872691+00:00 |
| pysec-2025-14 |
|
An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normal… | django | 2025-04-02T13:15:44+00:00 | 2025-04-09T17:27:25.169049+00:00 |
| pysec-2025-48 |
9.8 (3.1)
|
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… | mobsf | 2025-03-31T17:15:42+00:00 | 2025-06-12T22:23:10.476087+00:00 |
| pysec-2025-17 |
5.5 (3.1)
|
In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… | mlflow | 2025-03-20T10:15:54+00:00 | 2025-04-09T17:27:26.322333+00:00 |
| pysec-2025-57 |
|
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… | zenml | 2025-03-20T10:15:48+00:00 | 2025-06-27T17:22:55.175431+00:00 |
| pysec-2025-10 |
9.1 (3.1)
|
A vulnerability in the `download_model` function of the onnx/onnx framework, before and i… | onnx | 2025-03-20T10:15:37+00:00 | 2025-03-26T19:21:38.843396+00:00 |
| pysec-2025-11 |
5.9 (3.1)
|
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi… | llama-index | 2025-03-20T10:15:31+00:00 | 2025-04-01T23:22:47.294256+00:00 |
| pysec-2025-9 |
|
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through… | invokeai | 2025-03-20T10:15:26+00:00 | 2025-03-20T11:21:37.872971+00:00 |
| pysec-2025-63 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… | vllm | 2025-03-19T16:15:32+00:00 | 2025-07-01T23:22:49.176005+00:00 |
| pysec-2025-22 |
9.8 (3.1)
|
A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… | plotai | 2025-03-10T14:15:24+00:00 | 2025-04-09T17:27:27.203714+00:00 |
| pysec-2025-21 |
9.8 (3.1)
|
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… | picklescan | 2025-03-10T12:15:12+00:00 | 2025-04-09T17:27:27.016747+00:00 |
| pysec-2025-20 |
6.5 (3.1)
|
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… | picklescan | 2025-03-10T12:15:10+00:00 | 2025-04-09T17:27:26.966215+00:00 |
| pysec-2025-13 |
|
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2… | django | 2025-03-06T19:15:27+00:00 | 2025-04-09T17:27:25.095679+00:00 |
| pysec-2025-23 |
|
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… | ray | 2025-03-06T05:15:16+00:00 | 2025-04-09T17:27:27.434099+00:00 |
| pysec-2025-19 |
9.8 (3.1)
|
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … | picklescan | 2025-03-03T19:15:34+00:00 | 2025-04-09T17:27:26.916350+00:00 |
| pysec-2025-25 |
6.5 (3.1)
|
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… | rembg | 2025-03-03T17:15:14+00:00 | 2025-04-09T17:27:27.532849+00:00 |
| pysec-2025-24 |
7.5 (3.1)
|
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… | rembg | 2025-03-03T17:15:14+00:00 | 2025-04-09T17:27:27.486485+00:00 |
| pysec-2025-15 |
5.3 (3.1)
|
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilde… | flask-appbuilder | 2025-03-03T16:15:41+00:00 | 2025-04-09T17:27:25.227116+00:00 |
| pysec-2025-66 |
|
Improper privilege management in a REST interface allowed registered users to access unau… | streampipes | 2025-03-03T11:15:11+00:00 | 2025-07-08T15:23:46.628375+00:00 |
| pysec-2025-18 |
|
picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… | picklescan | 2025-02-26T15:15:24+00:00 | 2025-04-09T17:27:26.867210+00:00 |
| pysec-2025-31 |
|
vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.116292+00:00 |
| pysec-2025-30 |
|
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.064106+00:00 |
| pysec-2025-29 |
|
vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … | vyper | 2025-02-21T22:15:13+00:00 | 2025-04-09T17:27:28.005382+00:00 |
| pysec-2025-62 |
|
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… | vllm | 2025-02-07T20:15:34+00:00 | 2025-07-01T23:22:49.083695+00:00 |
| pysec-2025-28 |
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.772920+00:00 |
| pysec-2025-27 |
|
The Snowflake Connector for Python provides an interface for developing Python applicatio… | snowflake-connector-python | 2025-01-29T21:15:21+00:00 | 2025-04-09T17:27:27.711157+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2026-1396 | Malicious code in dell-internal-auth-drzak (npm) | 2026-03-13T06:47:06Z | 2026-03-13T06:47:14Z |
| mal-2026-1395 | Malicious code in dell-fusion-core-drzak (npm) | 2026-03-13T06:47:06Z | 2026-03-13T06:47:14Z |
| mal-2026-1394 | Malicious code in dell-emc-internal-api-drzak (npm) | 2026-03-13T06:47:06Z | 2026-03-13T06:47:13Z |
| mal-2026-1382 | Malicious code in @immuta/flag-providers-web (npm) | 2026-03-13T05:53:14Z | 2026-03-13T05:53:14Z |
| mal-2026-1386 | Malicious code in tachyon-spade-reporter (npm) | 2026-03-13T05:39:05Z | 2026-03-13T11:27:13Z |
| mal-2026-1387 | Malicious code in tahoe-tap (npm) | 2026-03-13T05:38:17Z | 2026-03-13T11:27:13Z |
| mal-2026-1388 | Malicious code in tourney-sdk-react (npm) | 2026-03-13T05:37:58Z | 2026-03-13T11:27:13Z |
| mal-2026-1389 | Malicious code in twitch-twilight-intl (npm) | 2026-03-13T05:37:47Z | 2026-03-13T11:27:13Z |
| mal-2026-1385 | Malicious code in conductor-managed-airflow-environment (npm) | 2026-03-13T05:37:35Z | 2026-03-13T11:27:09Z |
| mal-2026-1384 | Malicious code in @lux2/ssr-catalogue-sfcc (npm) | 2026-03-13T05:37:08Z | 2026-03-13T05:37:08Z |
| mal-2026-1381 | Malicious code in @immuta/feature-flags-core (npm) | 2026-03-13T05:34:26Z | 2026-03-13T05:34:26Z |
| mal-2026-1383 | Malicious code in @immuta/pxl-components (npm) | 2026-03-13T05:32:55Z | 2026-03-13T05:32:55Z |
| mal-2026-1379 | Malicious code in 8x8-developer-docs (npm) | 2026-03-13T02:21:45Z | 2026-03-13T02:21:46Z |
| mal-2026-1378 | Malicious code in f0-service-address-doctor (npm) | 2026-03-13T00:40:57Z | 2026-03-13T00:40:57Z |
| mal-2026-1377 | Malicious code in adroit-websdk-server (npm) | 2026-03-13T00:40:56Z | 2026-03-13T00:40:56Z |
| mal-2026-1380 | Malicious code in cline (npm) | 2026-03-12T22:33:41Z | 2026-03-12T22:33:41Z |
| mal-2026-1374 | Malicious code in spectral-corsair-my-backdoor (npm) | 2026-03-12T18:09:11Z | 2026-03-12T18:09:11Z |
| mal-2026-1373 | Malicious code in @sky-it-livedata-libraries/livedata-commons-client (npm) | 2026-03-12T15:46:36Z | 2026-03-12T15:46:36Z |
| mal-2026-1372 | Malicious code in @sky-it-livedata-libraries/livedata-commons (npm) | 2026-03-12T15:46:35Z | 2026-03-12T15:46:36Z |
| mal-2026-1371 | Malicious code in collecters (PyPI) | 2026-03-12T15:25:30Z | 2026-03-12T15:25:30Z |
| mal-2026-1375 | Malicious code in @adamallana0909/apple-research-test (npm) | 2026-03-12T14:05:43Z | 2026-03-12T22:45:40Z |
| mal-2026-1376 | Malicious code in @appleseed-apple/ac-sasskit (npm) | 2026-03-12T11:35:51Z | 2026-03-12T11:35:51Z |
| mal-2026-1368 | Malicious code in json-specparse (npm) | 2026-03-12T05:15:33Z | 2026-03-12T05:15:39Z |
| mal-2026-1370 | Malicious code in mezukabil (npm) | 2026-03-12T05:14:53Z | 2026-03-12T05:14:54Z |
| mal-2026-1369 | Malicious code in kinggupong (npm) | 2026-03-12T05:13:07Z | 2026-03-12T05:13:13Z |
| mal-2026-1367 | Malicious code in @kinggupong/libsignal-node (npm) | 2026-03-12T05:13:07Z | 2026-03-12T05:13:13Z |
| mal-2026-1366 | Malicious code in @kinggupong/baileys (npm) | 2026-03-12T05:13:07Z | 2026-03-12T05:13:08Z |
| mal-2026-1365 | Malicious code in unibody (npm) | 2026-03-12T02:18:38Z | 2026-03-12T02:18:48Z |
| mal-2026-1362 | Malicious code in praxis-scripts (npm) | 2026-03-12T02:18:38Z | 2026-03-12T02:18:48Z |
| mal-2026-1361 | Malicious code in pcl-build-docroot (npm) | 2026-03-12T02:18:38Z | 2026-03-12T02:18:48Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| 9akk108471a0021 | ELSB/BLBA ASPECT advisory several CVEs | 2025-05-22T00:30:00.000Z | 2025-05-23T10:30:00.000Z |
| 2crt000006 | ANC – ABB Network Card Multiple vulnerabilities in ANC | 2025-04-30T00:30:00.000Z | 2025-04-30T00:30:00.000Z |
| 3adr011407 | ABB Automation Builder Vulnerabilities in user management and access control | 2025-04-30T00:00:00.000Z | 2025-07-25T00:00:00.000Z |
| 2crt000007 | Ekip Com IEC61850 Vulnerability in 3rd Party Library | 2025-04-29T00:30:00.000Z | 2025-04-29T00:30:00.000Z |
| 3kxg200000r4801 | CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability | 2025-04-16T00:30:00.000Z | 2025-10-20T00:30:00.000Z |
| 9akk108470a9989 | ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities | 2025-04-10T08:30:00.000Z | 2025-04-10T08:30:00.000Z |
| 2nga002579 | ABB Arctic communication solution ARM600 Vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 2nga002427 | ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities | 2025-04-07T10:30:00.000Z | 2025-04-07T10:30:00.000Z |
| 9akk108470a9494 | Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| 9akk108470a9491 | ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities | 2025-03-26T00:30:00.000Z | 2025-03-27T00:30:00.000Z |
| sa24p015 | B&R APROL Potential Privilege Escalation and Information Disclosure | 2025-03-24T00:30:00.000Z | 2025-03-24T00:30:00.000Z |
| 9akk108470a8565 | RMC-100 Vulnerability in the Web UI (REST Interface) | 2025-03-11T00:30:00.000Z | 2025-03-11T00:30:00.000Z |
| 7paa012159 | System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text | 2025-02-10T00:30:00.000Z | 2025-02-10T00:30:00.000Z |
| 9akk108470a6775 | Hardcoded credentials in ASPECT Energy Management System | 2025-02-05T00:30:00.000Z | 2025-02-06T00:30:00.000Z |
| 9akk108470a5466 | Drive Composer Path Traversal Vulnerability | 2025-02-05T00:30:00.000Z | 2025-01-10T00:30:00.000Z |
| 9akk108470a5684 | FLXeon Controllers Cyber Security Advisory | 2025-01-20T00:30:00.000Z | 2025-02-14T00:30:00.000Z |
| sa25p001 | Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates | 2025-01-15T00:30:00.000Z | 2025-01-16T00:30:00.000Z |
| 3adr011377 | AC500 V3 Multiple vulnerabilities | 2025-01-07T00:30:00.000Z | 2025-01-07T00:30:00.000Z |
| 7paa013309 | System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability | 2024-06-05T00:30:00.000Z | 2026-01-23T00:30:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2026-0452 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2026-02-18T23:00:00.000+00:00 | 2026-03-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0448 | Red Hat Enterprise Linux (MUNGE): Schwachstelle ermöglicht Privilegieneskalation | 2026-02-17T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0446 | libssh: Mehrere Schwachstellen ermöglichen Manipulation von Dateien und DoS | 2026-02-17T23:00:00.000+00:00 | 2026-02-23T23:00:00.000+00:00 |
| wid-sec-w-2026-0441 | OpenClaw: Mehrere Schwachstellen | 2026-02-17T23:00:00.000+00:00 | 2026-03-05T23:00:00.000+00:00 |
| wid-sec-w-2026-0437 | Dell RecoverPoint for Virtual Machines: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen und potenziell Privilegieneskalation | 2026-02-17T23:00:00.000+00:00 | 2026-02-18T23:00:00.000+00:00 |
| wid-sec-w-2026-0427 | Mozilla Firefox, Firefox ESR und Thunderbird: Mehrere Schwachstellen | 2026-02-16T23:00:00.000+00:00 | 2026-03-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0425 | SmarterTools SmarterMail: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0424 | OpenClaw: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-03-05T23:00:00.000+00:00 |
| wid-sec-w-2026-0423 | Gogs: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0422 | Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2026-02-15T23:00:00.000+00:00 | 2026-03-02T23:00:00.000+00:00 |
| wid-sec-w-2026-0421 | Linux Kernel: Mehrere Schwachstellen | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0420 | Google Chrome und Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2026-02-15T23:00:00.000+00:00 | 2026-02-17T23:00:00.000+00:00 |
| wid-sec-w-2026-0419 | vim (NetBeans): Schwachstelle ermöglicht Codeausführung | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0418 | Google Cloud Platform (Apigee): Schwachstelle ermöglicht Privilegieneskalation | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0417 | IBM Sterling Connect:Direct: Schwachstelle ermöglicht Denial of Service | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0416 | Keycloak: Schwachstelle ermöglicht Denial of Service | 2026-02-15T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0410 | HAProxy Enterprise, Community und ALOHA (QUIC): Mehrere Schwachstellen ermöglichen Denial of Service | 2026-02-12T23:00:00.000+00:00 | 2026-03-02T23:00:00.000+00:00 |
| wid-sec-w-2026-0409 | PostgreSQL: Mehrere Schwachstellen | 2026-02-12T23:00:00.000+00:00 | 2026-02-15T23:00:00.000+00:00 |
| wid-sec-w-2026-0401 | Google Chrome: Mehrere Schwachstellen | 2026-02-11T23:00:00.000+00:00 | 2026-02-16T23:00:00.000+00:00 |
| wid-sec-w-2026-0383 | AMD Radeon: Mehrere Schwachstellen | 2026-02-10T23:00:00.000+00:00 | 2026-02-12T23:00:00.000+00:00 |
| wid-sec-w-2026-0379 | Intel Prozessoren: Mehrere Schwachstellen | 2026-02-10T23:00:00.000+00:00 | 2026-03-02T23:00:00.000+00:00 |
| wid-sec-w-2026-0378 | IBM WebSphere Application Server: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2026-02-10T23:00:00.000+00:00 | 2026-02-16T23:00:00.000+00:00 |
| wid-sec-w-2026-0377 | Ivanti Endpoint Manager: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen | 2026-02-10T23:00:00.000+00:00 | 2026-03-09T23:00:00.000+00:00 |
| wid-sec-w-2026-0369 | Microsoft Windows: Mehrere Schwachstellen | 2026-02-10T23:00:00.000+00:00 | 2026-02-12T23:00:00.000+00:00 |
| wid-sec-w-2026-0367 | Microsoft DeveloperTools (Visual Studio Code und .NET): Mehrere Schwachstellen | 2026-02-10T23:00:00.000+00:00 | 2026-02-16T23:00:00.000+00:00 |
| wid-sec-w-2026-0364 | Microsoft Defender für Endpoint Linux Extension: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten | 2026-02-10T23:00:00.000+00:00 | 2026-02-10T23:00:00.000+00:00 |
| wid-sec-w-2026-0363 | Microsoft Power BI: Schwachstelle ermöglicht Erlangen von Benutzerrechten und Codeausführung | 2026-02-10T23:00:00.000+00:00 | 2026-02-10T23:00:00.000+00:00 |
| wid-sec-w-2026-0362 | Red Hat Enterprise Linux (Lodash): Schwachstelle ermöglicht Denial of Service | 2026-02-10T23:00:00.000+00:00 | 2026-03-08T23:00:00.000+00:00 |
| wid-sec-w-2026-0359 | GnuTLS: Mehrere Schwachstellen ermöglichen Denial of Service | 2026-02-09T23:00:00.000+00:00 | 2026-03-02T23:00:00.000+00:00 |
| wid-sec-w-2026-0357 | Roundcube: Mehrere Schwachstellen | 2026-02-09T23:00:00.000+00:00 | 2026-03-08T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-26-062-02 | Hitachi Energy Relion REB500 Product | 2026-02-24T00:00:00.000000Z | 2026-03-03T07:00:00.000000Z |
| icsa-26-050-04 | Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller | 2026-02-19T07:00:00.000000Z | 2026-02-19T07:00:00.000000Z |
| icsa-26-050-03 | Jinan USR IOT Technology Limited (PUSR) USR-W610 | 2026-02-19T07:00:00.000000Z | 2026-02-19T07:00:00.000000Z |
| icsa-26-050-02 | Valmet DNA Engineering Web Tools | 2026-02-19T07:00:00.000000Z | 2026-02-19T07:00:00.000000Z |
| icsa-26-050-01 | EnOcean SmartServer IoT | 2026-02-19T07:00:00.000000Z | 2026-02-19T07:00:00.000000Z |
| icsa-26-048-04 | Honeywell HIB2PI CCTV Camera (Update B) | 2026-02-17T07:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-26-048-03 | GE Vernova Enervista UR Setup | 2026-02-17T07:00:00.000000Z | 2026-02-17T07:00:00.000000Z |
| icsa-26-048-02 | Delta Electronics ASDA-Soft | 2026-02-17T07:00:00.000000Z | 2026-02-17T07:00:00.000000Z |
| icsa-26-043-10 | Airleader Master | 2026-02-12T07:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-055-02 | Schneider Electric EcoStruxure Building Operation Workstation | 2026-02-10T08:00:00.000000Z | 2026-02-24T07:00:00.000000Z |
| icsma-26-041-01 | ZOLL ePCR IOS Mobile Application | 2026-02-10T07:00:00.000000Z | 2026-02-10T07:00:00.000000Z |
| icsa-26-041-04 | AVEVA PI to CONNECT Agent | 2026-02-10T07:00:00.000000Z | 2026-02-10T07:00:00.000000Z |
| icsa-26-041-03 | AVEVA PI Data Archive | 2026-02-10T07:00:00.000000Z | 2026-02-10T07:00:00.000000Z |
| icsa-26-041-02 | ZLAN Information Technology Co. ZLAN5143D | 2026-02-10T07:00:00.000000Z | 2026-02-10T07:00:00.000000Z |
| icsa-26-041-01 | Yokogawa FAST/TOOLS | 2026-02-10T07:00:00.000000Z | 2026-02-10T07:00:00.000000Z |
| icsa-26-048-01 | Siemens Simcenter Femap and Nastran | 2026-02-10T00:00:00.000000Z | 2026-02-17T07:00:00.000000Z |
| icsa-26-043-08 | Siemens NX | 2026-02-10T00:00:00.000000Z | 2026-03-12T06:00:00.000000Z |
| icsa-26-043-07 | Siemens Siveillance Video Management Servers | 2026-02-10T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-043-05 | Siemens Solid Edge | 2026-02-10T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-043-04 | Siemens Desigo CC Product Family and SENTRON Powermanager | 2026-02-10T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-043-02 | Siemens Polarion | 2026-02-10T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-043-01 | Siemens SINEC NMS | 2026-02-10T00:00:00.000000Z | 2026-02-12T07:00:00.000000Z |
| icsa-26-036-04 | Ilevia EVE X1 Server | 2026-02-05T07:00:00.000000Z | 2026-02-05T07:00:00.000000Z |
| icsa-26-036-03 | o6 Automation GmbH Open62541 | 2026-02-05T07:00:00.000000Z | 2026-02-05T07:00:00.000000Z |
| icsa-26-036-02 | Mitsubishi Electric MELSEC iQ-R Series | 2026-02-05T07:00:00.000000Z | 2026-02-05T07:00:00.000000Z |
| icsa-26-036-01 | TP-Link Systems Inc. VIGI Series IP Camera | 2026-02-05T06:00:00.000000Z | 2026-02-11T06:00:00.000000Z |
| icsa-26-034-04 | Synectix LAN 232 TRIO | 2026-02-03T07:00:00.000000Z | 2026-02-03T07:00:00.000000Z |
| icsa-26-034-03 | RISS SRL MOMA Seismic Station | 2026-02-03T07:00:00.000000Z | 2026-02-03T07:00:00.000000Z |
| icsa-26-034-02 | *Avation Light Engine Pro * | 2026-02-03T07:00:00.000000Z | 2026-02-03T07:00:00.000000Z |
| icsa-26-034-01 | Mitsubishi Electric FREQSHIP-mini for Windows | 2026-02-03T07:00:00.000000Z | 2026-02-03T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-tce-roomos-dos-9v9jrc2q | Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-12T17:37:39+00:00 |
| cisco-sa-pi-xss-byevkcd | Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-04T16:00:00+00:00 |
| cisco-sa-epnm-pi-redirect-6sx82dn | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-04T16:00:00+00:00 |
| cisco-sa-cmm-file-up-ky47n8kk | Cisco Meeting Management Arbitrary File Upload Vulnerability | 2026-02-04T16:00:00+00:00 | 2026-02-04T16:00:00+00:00 |
| cisco-sa-voice-rce-morhqy4b | Cisco Unified Communications Products Remote Code Execution Vulnerability | 2026-01-21T16:00:00+00:00 | 2026-02-13T15:21:01+00:00 |
| cisco-sa-ucce-pcce-xss-2jvyg3ud | Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities | 2026-01-21T16:00:00+00:00 | 2026-01-21T16:00:00+00:00 |
| cisco-sa-intersight-privesc-p6tbm6jk | Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability | 2026-01-21T16:00:00+00:00 | 2026-01-21T16:00:00+00:00 |
| cisco-sa-iec6400-pem5uq7v | Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability | 2026-01-21T16:00:00+00:00 | 2026-01-21T16:00:00+00:00 |
| cisco-sa-ise-xss-9tdh2kx | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-ise-xss-964cdxw5 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-epnm-pi-stored-xss-gekx8ywk | Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | 2026-01-15T16:00:00+00:00 | 2026-01-15T16:00:00+00:00 |
| cisco-sa-snort3-dcerpc-vulns-j9hnf4th | Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities | 2026-01-07T16:00:00+00:00 | 2026-02-10T20:42:07+00:00 |
| cisco-sa-ise-xxe-jwsbsdkt | Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability | 2026-01-07T16:00:00+00:00 | 2026-01-07T16:00:00+00:00 |
| cisco-sa-sma-attack-n9bf4 | Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager | 2025-12-17T16:00:00+00:00 | 2026-01-15T16:01:43+00:00 |
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-17T22:37:17+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2026-02-12T18:38:13+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-cv-xss-rwrakaj9 | Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-cucm-stored-xss-fnj66yly | Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability | 2025-10-01T16:00:00+00:00 | 2025-10-01T16:00:00+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2026-25185 | Windows Shell Link Processing Spoofing Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25181 | GDI+ Information Disclosure Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25180 | Windows Graphics Component Information Disclosure Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25179 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25178 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25177 | Active Directory Domain Services Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25176 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25175 | Windows NTFS Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25174 | Windows Extensible File Allocation Table Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25173 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-13T07:00:00.000Z |
| msrc_cve-2026-25172 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-13T07:00:00.000Z |
| msrc_cve-2026-25171 | Windows Authentication Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25170 | Windows Hyper-V Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25169 | Windows Graphics Component Denial of Service Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25168 | Windows Graphics Component Denial of Service Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25167 | Microsoft Brokering File System Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25166 | Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-25165 | Performance Counters for Windows Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24297 | Windows Kerberos Security Feature Bypass Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24296 | Windows Device Association Service Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24295 | Windows Device Association Service Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24294 | Windows SMB Server Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24293 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-11T07:00:00.000Z |
| msrc_cve-2026-24292 | Windows Connected Devices Platform Service Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24291 | Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24290 | Windows Projected File System Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24289 | Windows Kernel Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24288 | Windows Mobile Broadband Driver Remote Code Execution Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24287 | Windows Kernel Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| msrc_cve-2026-24285 | Win32k Elevation of Privilege Vulnerability | 2026-03-10T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ncsc-2026-0068 | Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform | 2026-02-23T14:27:28.865278Z | 2026-02-23T14:27:28.865278Z |
| ncsc-2026-0067 | Kwetsbaarheden verholpen in GitHub Enterprise Server | 2026-02-20T10:13:39.540778Z | 2026-02-20T10:13:39.540778Z |
| ncsc-2026-0066 | Kwetsbaarheid verholpen in Google Chrome | 2026-02-19T08:29:30.712590Z | 2026-02-19T08:29:30.712590Z |
| ncsc-2026-0065 | Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines | 2026-02-18T13:18:23.815384Z | 2026-02-18T13:18:23.815384Z |
| ncsc-2026-0064 | Kwetsbaarheden verholpen in Apple iOS en iPadOS | 2026-02-13T13:35:03.870920Z | 2026-02-13T13:35:03.870920Z |
| ncsc-2026-0063 | Kwetsbaarheden verholpen in Apple macOS | 2026-02-13T13:24:06.433550Z | 2026-02-13T13:24:06.433550Z |
| ncsc-2026-0062 | Kwetsbaarheden verholpen in GitLab CE/EE | 2026-02-11T11:45:05.986313Z | 2026-02-11T11:45:05.986313Z |
| ncsc-2026-0061 | Kwetsbaarheden verholpen in Fortinet FortiOS | 2026-02-11T11:34:50.888067Z | 2026-02-11T11:34:50.888067Z |
| ncsc-2026-0060 | Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient | 2026-02-11T11:34:36.684955Z | 2026-02-11T11:34:36.684955Z |
| ncsc-2026-0059 | Kwetsbaarheden verholpen in Ivanti Endpoint Manager | 2026-02-11T08:16:27.583936Z | 2026-03-10T14:20:48.176282Z |
| ncsc-2026-0058 | Kwetsbaarheden verholpen in Microsoft Office | 2026-02-10T19:11:42.825147Z | 2026-02-10T19:11:42.825147Z |
| ncsc-2026-0057 | Kwetsbaarheden verholpen in Microsoft Azure | 2026-02-10T19:08:27.878305Z | 2026-02-10T19:08:27.878305Z |
| ncsc-2026-0056 | Kwetsbaarheden verholpen in Microsoft Developer Tools | 2026-02-10T19:07:16.028511Z | 2026-02-10T19:07:16.028511Z |
| ncsc-2026-0055 | Kwetsbaarheid verholpen in Microsoft SQL Server | 2026-02-10T19:05:45.729972Z | 2026-02-10T19:05:45.729972Z |
| ncsc-2026-0054 | Kwetsbaarheid verholpen in Microsoft Exchange | 2026-02-10T19:04:51.366294Z | 2026-02-10T19:04:51.366294Z |
| ncsc-2026-0053 | Kwetsbaarheden verholpen in Microsoft Windows | 2026-02-10T19:01:45.561771Z | 2026-02-10T19:01:45.561771Z |
| ncsc-2026-0052 | Kwetsbaarheden verholpen in SAP producten | 2026-02-10T12:28:40.531069Z | 2026-02-10T12:28:40.531069Z |
| ncsc-2026-0051 | Kwetsbaarheden verholpen in Siemens producten | 2026-02-10T12:27:40.637581Z | 2026-02-10T12:27:40.637581Z |
| ncsc-2026-0050 | Kwetsbaarheid verholpen in PEAR | 2026-02-09T10:41:43.856342Z | 2026-02-09T10:41:43.856342Z |
| ncsc-2026-0049 | Kwetsbaarheden verholpen in n8n | 2026-02-09T10:39:40.792744Z | 2026-02-09T10:39:40.792744Z |
| ncsc-2026-0048 | Kwetsbaarheid verholpen in BeyondTrust Remote Support | 2026-02-09T10:27:57.867529Z | 2026-02-13T12:54:32.614217Z |
| ncsc-2026-0047 | Kwetsbaarheid verholpen in Fortinet FortiClient EMS | 2026-02-09T10:16:18.048622Z | 2026-02-09T10:16:18.048622Z |
| ncsc-2026-0046 | Kwetsbaarheden verholpen in Samsung mobile | 2026-02-09T07:48:28.751473Z | 2026-02-09T07:48:28.751473Z |
| ncsc-2026-0045 | Kwetsbaarheid verholpen in Cisco Meeting Management | 2026-02-06T09:22:16.831778Z | 2026-02-06T09:22:16.831778Z |
| ncsc-2026-0044 | Kwetsbaarheid verholpen in Cisco TelePresence Collaboration Endpoint | 2026-02-06T09:20:11.629058Z | 2026-02-06T09:20:11.629058Z |
| ncsc-2026-0043 | Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile | 2026-01-29T19:15:04.575371Z | 2026-02-20T14:47:02.047999Z |
| ncsc-2026-0042 | Kwetsbaarheden verholpen in SolarWinds Web Help Desk | 2026-01-28T16:37:21.114054Z | 2026-02-02T09:47:54.857445Z |
| ncsc-2026-0041 | Kwetsbaarheid verholpen in Fortinet producten | 2026-01-28T09:32:41.752905Z | 2026-01-28T09:32:41.752905Z |
| ncsc-2026-0040 | Kwetsbaarheid verholpen in SmarterTools SmarterMail | 2026-01-27T10:51:39.476320Z | 2026-02-06T09:25:57.008166Z |
| ncsc-2026-0039 | ZeroDay kwetsbaarheid verholpen in Microsoft Office | 2026-01-27T07:27:52.867415Z | 2026-01-27T07:27:52.867415Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2023_8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:8-01 | Session Fixation in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:7-01 | DoS via SAML configuration in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:6-01 | Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:5-01 | Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:4-01 | Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:3-01 | Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:2-01 | Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 | 2023-08-09T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023_1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2023:1-01 | Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 | 2023-05-03T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022_2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022_2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022:2-02 | Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2022:2-01 | Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 | 2022-02-14T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021_2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021_1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021:2-01 | Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2021:1-01 | Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 | 2021-02-22T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020_3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020_2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020:3-01 | Angular template injection on custom report name field | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2020:2-01 | Cross-site request forgery attack on change password form | 2020-05-26T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2019_2-01 | CSV Injection on node label | 2019-11-11T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| nn-2019_1-01 | Stored XSS in field name data model | 2019-11-11T11:00:00.000Z | 2023-11-16T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| opensuse-su-2026:20330-1 | Security update for python-uv | 2026-03-06T14:43:28Z | 2026-03-06T14:43:28Z |
| opensuse-su-2026:10288-1 | libblkid-devel-2.41.3-4.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10287-1 | sdbootutil-1+git20260303.90d816d-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10286-1 | ruby4.0-rubygem-rack-2.2-2.2.22-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10285-1 | python311-pillow-heif-1.3.0-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10284-1 | python311-PyPDF2-2.11.1-5.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10283-1 | python313-Django6-6.0.3-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10282-1 | python311-Django4-4.2.29-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10281-1 | mchange-commons-0.4.0-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10280-1 | incus-6.22-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10279-1 | c3p0-0.12.0-1.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10278-1 | ImageMagick-7.1.2.15-2.1 on GA media | 2026-03-04T00:00:00Z | 2026-03-04T00:00:00Z |
| opensuse-su-2026:10276-1 | libsoup-3_0-0-3.6.6-2.1 on GA media | 2026-03-01T00:00:00Z | 2026-03-01T00:00:00Z |
| opensuse-su-2026:10275-1 | gvfs-1.58.2-1.1 on GA media | 2026-03-01T00:00:00Z | 2026-03-01T00:00:00Z |
| opensuse-su-2026:20273-1 | Security update for 7zip | 2026-02-26T11:53:30Z | 2026-02-26T11:53:30Z |
| opensuse-su-2026:20277-1 | Security update for chromium | 2026-02-26T11:50:46Z | 2026-02-26T11:50:46Z |
| opensuse-su-2026:20271-1 | Security update for python-urllib3_1 | 2026-02-26T09:45:23Z | 2026-02-26T09:45:23Z |
| opensuse-su-2026:20270-1 | Security update for autogen | 2026-02-26T09:10:10Z | 2026-02-26T09:10:10Z |
| opensuse-su-2026:10266-1 | valkey-9.0.3-1.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10265-1 | qemu-10.2.1-1.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10264-1 | python311-Flask-3.1.3-1.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10263-1 | heroic-games-launcher-2.20.0-2.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10262-1 | evolution-data-server-3.58.3-2.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10261-1 | docker-29.2.1_ce-37.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10260-1 | digger-cli-0.6.143-1.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10259-1 | chromedriver-145.0.7632.116-1.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10258-1 | busybox-1.37.0-10.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10257-1 | MozillaFirefox-148.0-1.1 on GA media | 2026-02-26T00:00:00Z | 2026-02-26T00:00:00Z |
| opensuse-su-2026:10247-1 | python311-Django4-4.2.28-1.1 on GA media | 2026-02-24T00:00:00Z | 2026-02-24T00:00:00Z |
| opensuse-su-2026:10246-1 | libsoup-2_4-1-2.74.3-17.1 on GA media | 2026-02-24T00:00:00Z | 2026-02-24T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2026:4500 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.2.9 | 2026-03-12T14:45:08+00:00 | 2026-03-14T00:38:27+00:00 |
| rhsa-2026:4498 | Red Hat Security Advisory: Logging for Red Hat OpenShift - 6.4.3 | 2026-03-12T14:43:54+00:00 | 2026-03-14T00:38:26+00:00 |
| rhsa-2026:4489 | Red Hat Security Advisory: freerdp security update | 2026-03-12T14:31:57+00:00 | 2026-03-12T19:15:34+00:00 |
| rhsa-2026:4473 | Red Hat Security Advisory: python3.11 security update | 2026-03-12T13:40:42+00:00 | 2026-03-12T19:09:19+00:00 |
| rhsa-2026:4471 | Red Hat Security Advisory: freerdp security update | 2026-03-12T13:35:09+00:00 | 2026-03-12T19:15:36+00:00 |
| rhsa-2026:4475 | Red Hat Security Advisory: postgresql security update | 2026-03-12T13:32:12+00:00 | 2026-03-13T00:37:46+00:00 |
| rhsa-2026:4477 | Red Hat Security Advisory: vsftpd security update | 2026-03-12T13:23:57+00:00 | 2026-03-13T00:37:40+00:00 |
| rhsa-2026:4470 | Red Hat Security Advisory: vsftpd security update | 2026-03-12T13:16:27+00:00 | 2026-03-13T00:37:40+00:00 |
| rhsa-2026:4463 | Red Hat Security Advisory: python3.12 security update | 2026-03-12T12:38:17+00:00 | 2026-03-12T19:09:18+00:00 |
| rhsa-2026:4467 | Red Hat Security Advisory: RHACS 4.9.4 security and bug fix update | 2026-03-12T11:53:58+00:00 | 2026-03-14T00:59:11+00:00 |
| rhsa-2026:4466 | Red Hat Security Advisory: RHACS 4.8.9 security and bug fix update | 2026-03-12T11:53:42+00:00 | 2026-03-14T00:59:11+00:00 |
| rhsa-2026:4460 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2026-03-12T11:03:20+00:00 | 2026-03-14T00:38:26+00:00 |
| rhsa-2026:4458 | Red Hat Security Advisory: .NET 10.0 security update | 2026-03-12T10:29:50+00:00 | 2026-03-12T19:15:15+00:00 |
| rhsa-2026:4455 | Red Hat Security Advisory: .NET 8.0 security update | 2026-03-12T10:26:26+00:00 | 2026-03-12T19:15:13+00:00 |
| rhsa-2026:4443 | Red Hat Security Advisory: .NET 9.0 security update | 2026-03-12T09:50:45+00:00 | 2026-03-12T19:15:15+00:00 |
| rhsa-2026:4451 | Red Hat Security Advisory: .NET 8.0 security update | 2026-03-12T09:34:25+00:00 | 2026-03-12T19:15:18+00:00 |
| rhsa-2026:4453 | Red Hat Security Advisory: .NET 10.0 security update | 2026-03-12T09:33:33+00:00 | 2026-03-12T19:15:19+00:00 |
| rhsa-2026:4442 | Red Hat Security Advisory: vim security update | 2026-03-12T09:28:40+00:00 | 2026-03-12T19:15:32+00:00 |
| rhsa-2026:4450 | Red Hat Security Advisory: .NET 9.0 security update | 2026-03-12T09:24:35+00:00 | 2026-03-12T19:15:18+00:00 |
| rhsa-2026:4446 | Red Hat Security Advisory: freerdp security update | 2026-03-12T09:17:25+00:00 | 2026-03-12T19:15:23+00:00 |
| rhsa-2026:4440 | Red Hat Security Advisory: freerdp security update | 2026-03-12T09:11:30+00:00 | 2026-03-12T19:15:33+00:00 |
| rhsa-2026:4438 | Red Hat Security Advisory: freerdp security update | 2026-03-12T09:04:15+00:00 | 2026-03-12T19:15:33+00:00 |
| rhsa-2026:4444 | Red Hat Security Advisory: kernel security update | 2026-03-12T08:59:20+00:00 | 2026-03-12T19:08:33+00:00 |
| rhsa-2026:4441 | Red Hat Security Advisory: postgresql16 security update | 2026-03-12T08:59:05+00:00 | 2026-03-13T00:37:46+00:00 |
| rhsa-2026:4439 | Red Hat Security Advisory: freerdp security update | 2026-03-12T08:52:56+00:00 | 2026-03-12T19:15:31+00:00 |
| rhsa-2026:4437 | Red Hat Security Advisory: freerdp security update | 2026-03-12T08:32:56+00:00 | 2026-03-12T19:15:30+00:00 |
| rhsa-2026:4433 | Red Hat Security Advisory: freerdp security update | 2026-03-12T08:24:35+00:00 | 2026-03-12T19:15:28+00:00 |
| rhsa-2026:4432 | Red Hat Security Advisory: thunderbird security update | 2026-03-12T08:19:25+00:00 | 2026-03-12T19:08:49+00:00 |
| rhsa-2026:3861 | Red Hat Security Advisory: OpenShift Container Platform 4.12.86 bug fix and security update | 2026-03-12T02:50:14+00:00 | 2026-03-12T19:01:50+00:00 |
| rhsa-2026:3870 | Red Hat Security Advisory: OpenShift Container Platform 4.12.86 bug fix and security update | 2026-03-12T02:09:09+00:00 | 2026-03-13T01:03:01+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sevd-2025-161-01 | Insight Home and Insight Facility | 2025-06-10T04:00:00.000Z | 2025-06-10T04:00:00.000Z |
| sevd-2025-133-05 | Galaxy VS, Galaxy VL, Galaxy VXL | 2025-05-13T04:00:00.000Z | 2025-09-24T04:00:00.000Z |
| sevd-2025-133-04 | Schneider Electric PrismaSeT Active - Wireless Panel Server | 2025-05-13T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-133-03 | EcoStruxure Power Build Rapsody | 2025-05-13T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-133-02 | Wiser Home Automation | 2025-05-13T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-133-01 | Modicon Controllers M241/M251/M258/LMC058 | 2025-05-13T04:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2025-098-02 | Trio™ Q Licensed Data Radios | 2025-04-08T04:00:00.000Z | 2025-04-08T04:00:00.000Z |
| sevd-2025-098-01 | ConneXium Network Manager Software | 2025-04-08T04:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-070-03 | WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large | 2025-03-11T04:00:00.000Z | 2025-03-11T04:00:00.000Z |
| sevd-2025-070-02 | EPAS-UI & EcoSUI | 2025-03-11T04:00:00.000Z | 2025-03-11T04:00:00.000Z |
| sevd-2025-070-01 | EcoStruxure™ Panel Server | 2025-03-11T04:00:00.000Z | 2025-03-11T04:00:00.000Z |
| sevd-2025-042-04 | Enerlin'X IFE and eIFE | 2025-02-11T06:00:00.000Z | 2025-02-11T06:00:00.000Z |
| sevd-2025-042-03 | EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform | 2025-02-11T06:00:00.000Z | 2025-02-11T06:00:00.000Z |
| sevd-2025-042-01 | ASCO 5310 / 5350 Remote Annunciator | 2025-02-11T06:00:00.000Z | 2025-02-11T06:00:00.000Z |
| sevd-2025-042-02 | Improper Input Validation Vulnerability in Uni-Telway Driver | 2025-02-11T05:00:00.000Z | 2026-02-10T08:00:00.000Z |
| sevd-2025-014-07 | FlexNet Publisher Vulnerability | 2025-01-14T07:00:00.000Z | 2026-03-10T07:00:00.000Z |
| sevd-2025-014-03 | Wind River VxWorks DHCP Server Vulnerability | 2025-01-14T05:00:00.000Z | 2025-08-12T04:00:00.000Z |
| sevd-2025-014-01 | Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC | 2025-01-14T05:00:00.000Z | 2025-04-08T04:00:00.000Z |
| sevd-2025-014-09 | EcoStruxure™ Power Build Rapsody | 2025-01-14T00:00:00.000Z | 2025-05-13T04:00:00.000Z |
| sevd-2025-014-08 | Power Logic HDPM6000 High-Density Metering System | 2025-01-14T00:00:00.000Z | 2025-01-14T00:00:00.000Z |
| sevd-2025-014-06 | RemoteConnect and SCADAPack™ x70 Utilities | 2025-01-14T00:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2025-014-05 | Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules | 2025-01-14T00:00:00.000Z | 2025-08-12T04:00:00.000Z |
| sevd-2025-014-04 | Web Designer for Modicon Communication Modules | 2025-01-14T00:00:00.000Z | 2025-01-14T00:00:00.000Z |
| sevd-2025-014-02 | Pro-face GP-Pro EX and Remote HMI | 2025-01-14T00:00:00.000Z | 2025-09-09T04:00:00.000Z |
| sevd-2024-345-03 | Modicon M241 / M251 / M258 / LMC058 | 2024-12-10T05:00:00.000Z | 2025-10-14T07:00:00.000Z |
| sevd-2024-345-02 | Harmony HMI and Pro-face HMI products | 2024-12-10T00:00:00.000Z | 2024-12-10T00:00:00.000Z |
| sevd-2024-345-01 | PowerChute Serial Shutdown | 2024-12-10T00:00:00.000Z | 2024-12-10T00:00:00.000Z |
| sevd-2024-317-03 | Modicon Controllers M340 / Momentum / MC80 | 2024-11-12T05:00:00.000Z | 2026-01-13T08:00:00.000Z |
| sevd-2024-317-04 | EcoStruxure™ IT Gateway | 2024-11-12T00:00:00.000Z | 2024-11-12T00:00:00.000Z |
| sevd-2024-317-02 | Modicon Controllers M340 / Momentum / MC80 | 2024-11-12T00:00:00.000Z | 2024-11-12T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2023-0009 | Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products | 2023-09-29T10:00:00.000Z | 2023-09-29T10:00:00.000Z |
| sca-2023-0007 | Vulnerabilities in SICK LMS5xx | 2023-08-25T11:00:00.000Z | 2023-08-25T11:00:00.000Z |
| sca-2023-0006 | Vulnerabilities in SICK ICR890-4 | 2023-07-10T13:00:00.000Z | 2023-07-10T13:00:00.000Z |
| sca-2023-0005 | Vulnerabilities in SICK EventCam App | 2023-06-19T11:00:00.000Z | 2023-06-19T11:00:00.000Z |
| sca-2023-0004 | Vulnerabilities in SICK FTMg | 2023-05-11T13:00:00.000Z | 2023-05-11T13:00:00.000Z |
| sca-2023-0003 | Vulnerability in SICK Flexi Soft and Flexi Classic Gateways | 2023-05-03T13:00:00.000Z | 2023-05-03T13:00:00.000Z |
| sca-2023-0002 | Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways | 2023-04-11T10:00:00.000Z | 2023-04-11T10:00:00.000Z |
| sca-2023-0001 | Bootloader mode vulnerability in Flexi Soft Gateways v3 | 2023-02-20T14:00:00.000Z | 2023-02-20T14:00:00.000Z |
| sca-2022-0015 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR | 2022-12-08T16:00:00.000Z | 2022-12-08T16:00:00.000Z |
| sca-2022-0014 | SICK FlexiCompact affected by Denial of Service vulnerability | 2022-10-31T11:00:00.000Z | 2022-10-31T11:00:00.000Z |
| sca-2022-0013 | Password recovery vulnerability affects multiple SICK SIMs | 2022-10-21T13:00:00.000Z | 2022-11-04T14:00:00.000Z |
| sca-2022-0012 | OpenSSL vulnerability affects multiple SICK SIMs | 2022-08-08T13:00:00.000Z | 2022-08-03T13:00:00.000Z |
| sca-2022-0011 | Vulnerabilities in SICK Package Analytics | 2022-06-08T15:00:00.000Z | 2022-06-08T15:00:00.000Z |
| sca-2022-0010 | Vulnerability in SICK Flexi Soft Designer & Safety Designer | 2022-05-16T10:00:00.000Z | 2022-07-19T10:00:00.000Z |
| sca-2022-0009 | Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0008 | Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 | 2022-04-29T15:00:00.000Z | 2022-04-29T15:00:00.000Z |
| sca-2022-0007 | Vulnerabilities in SICK MARSIC300 | 2022-04-21T15:00:00.000Z | 2022-04-21T15:00:00.000Z |
| sca-2022-0006 | Vulnerability in SICK MSC800 | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0005 | Vulnerability in SICK Overall Equipment Effectiveness (OEE) | 2022-04-11T15:00:00.000Z | 2022-04-11T15:00:00.000Z |
| sca-2022-0004 | Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC | 2022-04-11T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0003 | Vulnerabilities in SICK FTMg | 2022-03-31T15:00:00.000Z | 2022-03-31T15:00:00.000Z |
| sca-2022-0002 | PwnKit vulnerability affects multiple SICK IPCs | 2022-02-23T16:00:00.000Z | 2022-02-23T16:00:00.000Z |
| sca-2022-0001 | Vulnerability in SICK FieldEcho | 2022-02-17T16:00:00.000Z | 2022-02-17T16:00:00.000Z |
| sca-2021-0004 | Vulnerabilities in SICK SOPAS ET | 2021-12-16T08:00:00.000Z | 2021-12-17T08:00:00.000Z |
| sca-2021-0003 | SICK Security Advisory for Apache Log4j (CVE-2021-44228) | 2021-12-14T17:00:00.000Z | 2021-12-17T12:00:00.000Z |
| sca-2021-0002 | MEAC affected by Windows SMBv1 vulnerability | 2021-08-04T10:00:00.000Z | 2021-08-04T10:00:00.000Z |
| sca-2021-0001 | Inadequate SSH configuration in SICK Visionary-S CX | 2021-06-25T10:00:00.000Z | 2021-06-25T10:00:00.000Z |
| sca-2020-0005 | Package Analytics affected by Windows TCP/IP vulnerability | 2020-10-29T11:00:00.000Z | 2020-10-29T11:00:00.000Z |
| sca-2020-0004 | Vulnerability in Platform Mechanism AutoIP | 2020-08-31T10:00:00.000Z | 2020-08-31T10:00:00.000Z |
| sca-2020-0003 | MEAC affected by Windows SMBv3 vulnerability | 2020-08-07T10:00:00.000Z | 2020-08-07T10:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-202008 | SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-599451 | SSA-599451: Multiple Vulnerabilities in SiPass integrated | 2025-10-14T00:00:00Z | 2026-02-10T00:00:00Z |
| ssa-541582 | SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-486936 | SSA-486936: Authentication Vulnerability in SIMATIC ET 200SP Communication Processors | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-365200 | SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products | 2025-10-14T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-318832 | SSA-318832: SQL Injection Vulnerability in SINEC NMS | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-062309 | SSA-062309: Information Disclosure Vulnerability in TeleControl Server Basic V3.1 | 2025-10-14T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-916339 | SSA-916339: Information Disclosure Vulnerability in Apogee PXC and Talon TC Devices | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-722410 | SSA-722410: Multiple Vulnerabilities in User Management Component (UMC) | 2025-09-09T00:00:00Z | 2025-10-14T00:00:00Z |
| ssa-640476 | SSA-640476: Denial of Service Vulnerability in Industrial Edge Management | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-563922 | SSA-563922: Local Privilege Escalation Vulnerability in SIMOTION Tools | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-534283 | SSA-534283: Insecure File Share Vulnerability in SIMATIC Virtualization as a Service (SIVaaS) | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-494539 | SSA-494539: Multiple Vulnerabilities in SINEC OS | 2025-09-09T00:00:00Z | 2025-09-09T00:00:00Z |
| ssa-027652 | SSA-027652: Privilege Escalation Vulnerability in SINAMICS Drives | 2025-09-09T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-395458 | SSA-395458: Account Hijacking Vulnerability in Mendix SAML Module | 2025-08-14T00:00:00Z | 2025-08-14T00:00:00Z |
| ssa-201595 | SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager | 2025-08-14T00:00:00.000Z | 2026-03-10T00:00:00.000Z |
| ssa-994087 | SSA-994087: Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.7 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2026-01-13T00:00:00Z |
| ssa-894058 | SSA-894058: Improper Bandwidth Limitation of Network Packets Over Local USB Port Vulnerability in SIPROTEC 5 | 2025-08-12T00:00:00Z | 2025-08-12T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| suse-su-2026:0812-1 | Security update for MozillaFirefox | 2026-03-05T08:31:43Z | 2026-03-05T08:31:43Z |
| suse-su-2026:0811-1 | Security update for libsoup2 | 2026-03-05T03:05:23Z | 2026-03-05T03:05:23Z |
| suse-su-2026:0790-1 | Security update for go1.25-openssl | 2026-03-03T15:52:22Z | 2026-03-03T15:52:22Z |
| suse-su-2026:0789-1 | Security update for go1.24-openssl | 2026-03-03T15:51:34Z | 2026-03-03T15:51:34Z |
| suse-su-2026:0788-1 | Security update for libsoup | 2026-03-03T15:15:16Z | 2026-03-03T15:15:16Z |
| suse-su-2026:0787-1 | Security update for postgresql17 | 2026-03-03T14:48:34Z | 2026-03-03T14:48:34Z |
| suse-su-2026:0786-1 | Security update for postgresql14 | 2026-03-03T14:47:10Z | 2026-03-03T14:47:10Z |
| suse-su-2026:0785-1 | Security update for postgresql18 | 2026-03-03T14:01:35Z | 2026-03-03T14:01:35Z |
| suse-su-2026:0784-1 | Security update for postgresql16 | 2026-03-03T13:42:32Z | 2026-03-03T13:42:32Z |
| suse-su-2026:0783-1 | Security update for zlib | 2026-03-03T13:36:20Z | 2026-03-03T13:36:20Z |
| suse-su-2026:0782-1 | Security update for libxml2 | 2026-03-03T13:35:15Z | 2026-03-03T13:35:15Z |
| suse-su-2026:0781-1 | Security update for patch | 2026-03-03T13:28:08Z | 2026-03-03T13:28:08Z |
| suse-su-2026:0780-1 | Security update for tracker-miners | 2026-03-03T13:25:57Z | 2026-03-03T13:25:57Z |
| suse-su-2026:0779-1 | Security update for libssh | 2026-03-03T13:25:08Z | 2026-03-03T13:25:08Z |
| suse-su-2026:0778-1 | Security update for libssh | 2026-03-03T13:24:29Z | 2026-03-03T13:24:29Z |
| suse-su-2026:0777-1 | Security update for cosign | 2026-03-03T13:22:27Z | 2026-03-03T13:22:27Z |
| suse-su-2026:0776-1 | Security update for evolution-data-server | 2026-03-03T13:20:26Z | 2026-03-03T13:20:26Z |
| suse-su-2026:0775-1 | Security update for evolution-data-server | 2026-03-03T13:19:14Z | 2026-03-03T13:19:14Z |
| suse-su-2026:0774-1 | Security update for python | 2026-03-03T13:18:14Z | 2026-03-03T13:18:14Z |
| suse-su-2026:0772-1 | Security update for docker | 2026-03-03T13:14:59Z | 2026-03-03T13:14:59Z |
| suse-su-2026:0771-1 | Security update for postgresql15 | 2026-03-03T13:13:43Z | 2026-03-03T13:13:43Z |
| suse-su-2026:0770-1 | Security update for postgresql15 | 2026-03-03T13:12:48Z | 2026-03-03T13:12:48Z |
| suse-su-2026:0769-1 | Security update for postgresql18 | 2026-03-03T13:11:44Z | 2026-03-03T13:11:44Z |
| suse-su-2026:0768-1 | Security update for postgresql14 | 2026-03-03T13:10:00Z | 2026-03-03T13:10:00Z |
| suse-su-2026:0767-1 | Security update for python311 | 2026-03-03T13:05:43Z | 2026-03-03T13:05:43Z |
| suse-su-2026:0766-1 | Security update for gnome-remote-desktop | 2026-03-03T13:02:47Z | 2026-03-03T13:02:47Z |
| suse-su-2026:0765-1 | Security update for smc-tools | 2026-03-03T12:59:51Z | 2026-03-03T12:59:51Z |
| suse-su-2026:0763-1 | Security update for freerdp | 2026-03-03T12:49:14Z | 2026-03-03T12:49:14Z |
| suse-su-2026:0748-1 | Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) | 2026-03-02T12:04:07Z | 2026-03-02T12:04:07Z |
| suse-su-2026:0745-1 | Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP6) | 2026-03-02T09:34:17Z | 2026-03-02T09:34:17Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| alsa-2026:3517 | Important: thunderbird security update | 2026-03-02T00:00:00Z | 2026-03-05T07:45:44Z |
| alsa-2026:3516 | Important: thunderbird security update | 2026-03-02T00:00:00Z | 2026-03-04T10:23:48Z |
| alsa-2026:3515 | Important: thunderbird security update | 2026-03-02T00:00:00Z | 2026-03-04T11:54:18Z |
| alsa-2026:3507 | Important: valkey security update | 2026-03-02T00:00:00Z | 2026-03-04T10:26:29Z |
| alsa-2026:3488 | Moderate: kernel security update | 2026-03-02T00:00:00Z | 2026-03-04T10:30:56Z |
| alsa-2026:3477 | Moderate: gnutls security update | 2026-03-02T00:00:00Z | 2026-03-02T13:35:48Z |
| alsa-2026:3476 | Important: udisks2 security update | 2026-03-02T00:00:00Z | 2026-03-05T07:49:03Z |
| alsa-2026:3464 | Moderate: kernel security update | 2026-03-02T00:00:00Z | 2026-03-03T15:09:58Z |
| alsa-2026:3463 | Moderate: kernel-rt security update | 2026-03-02T00:00:00Z | 2026-03-03T15:13:38Z |
| alsa-2026:3443 | Important: valkey security update | 2026-02-26T00:00:00Z | 2026-03-05T07:52:10Z |
| alsa-2026:3428 | Important: container-tools:rhel8 security update | 2026-02-26T00:00:00Z | 2026-03-02T15:20:08Z |
| alsa-2026:3407 | Important: mingw-fontconfig security update | 2026-02-26T00:00:00Z | 2026-03-02T15:16:03Z |
| alsa-2026:3405 | Important: libpng security update | 2026-02-26T00:00:00Z | 2026-03-02T13:11:42Z |
| alsa-2026:3361 | Important: firefox security update | 2026-02-25T00:00:00Z | 2026-02-26T10:18:27Z |
| alsa-2026:3359 | Important: python-pyasn1 security update | 2026-02-25T00:00:00Z | 2026-02-26T10:19:52Z |
| alsa-2026:3354 | Important: python-pyasn1 security update | 2026-02-25T00:00:00Z | 2026-02-26T13:28:33Z |
| alsa-2026:3343 | Important: skopeo security update | 2026-02-25T00:00:00Z | 2026-02-26T13:30:14Z |
| alsa-2026:3341 | Important: containernetworking-plugins security update | 2026-02-25T00:00:00Z | 2026-03-02T12:59:54Z |
| alsa-2026:3340 | Important: skopeo security update | 2026-02-25T00:00:00Z | 2026-03-02T12:57:45Z |
| alsa-2026:3339 | Important: firefox security update | 2026-02-25T00:00:00Z | 2026-02-26T10:21:52Z |
| alsa-2026:3338 | Important: firefox security update | 2026-02-25T00:00:00Z | 2026-03-02T12:54:29Z |
| alsa-2026:3337 | Important: podman security update | 2026-02-25T00:00:00Z | 2026-02-26T10:23:45Z |
| alsa-2026:3336 | Important: podman security update | 2026-02-25T00:00:00Z | 2026-02-26T13:31:46Z |
| alsa-2026:3334 | Important: freerdp security update | 2026-02-25T00:00:00Z | 2026-02-26T09:39:13Z |
| alsa-2026:3298 | Important: buildah security update | 2026-02-25T00:00:00Z | 2026-02-26T10:25:19Z |
| alsa-2026:3297 | Important: buildah security update | 2026-02-25T00:00:00Z | 2026-02-26T10:26:55Z |
| alsa-2026:3291 | Important: runc security update | 2026-02-25T00:00:00Z | 2026-02-26T10:27:56Z |
| alsa-2026:3275 | Moderate: kernel security update | 2026-02-25T00:00:00Z | 2026-03-02T13:07:09Z |
| alsa-2026:3208 | Moderate: 389-ds-base security update | 2026-02-24T00:00:00Z | 2026-02-26T10:30:07Z |
| alsa-2026:3189 | Moderate: 389-ds-base security update | 2026-02-24T00:00:00Z | 2026-02-26T10:31:32Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| osv-2026-156 | Segv on unknown address in aivdm_analyze | 2026-01-28T00:06:24.327227Z | 2026-01-28T00:06:24.327712Z |
| osv-2026-150 | Null-dereference READ in wasm_runtime_invoke_native | 2026-01-27T00:02:06.850780Z | 2026-01-27T00:02:06.851098Z |
| osv-2026-144 | Use-of-uninitialized-value in initFilter | 2026-01-26T00:05:57.473672Z | 2026-01-26T00:05:57.473958Z |
| osv-2026-141 | Segv on unknown address in yuv2rgb4_X_c | 2026-01-26T00:03:47.552290Z | 2026-01-26T00:03:47.552807Z |
| osv-2026-136 | Memcpy-param-overlap in grk::memStreamRead | 2026-01-25T00:10:48.352834Z | 2026-01-25T00:10:48.353140Z |
| osv-2026-122 | Use-of-uninitialized-value in rtcm2_unpack | 2026-01-24T00:18:15.169881Z | 2026-01-24T00:18:15.170285Z |
| osv-2026-121 | Use-of-uninitialized-value in trySubset | 2026-01-24T00:15:22.824642Z | 2026-01-24T14:24:01.498986Z |
| osv-2026-119 | Segv on unknown address in gpsd_poll | 2026-01-23T00:09:08.434854Z | 2026-01-23T00:09:08.435286Z |
| osv-2026-112 | Use-of-uninitialized-value in PrintSERPacket | 2026-01-23T00:01:50.403598Z | 2026-01-23T00:01:50.404362Z |
| osv-2026-105 | Use-of-uninitialized-value in pcpp::SSLServerHelloMessage::ServerHelloTLSFingerprint::toString | 2026-01-22T00:08:03.696405Z | 2026-01-22T00:08:03.696709Z |
| osv-2026-98 | Heap-buffer-overflow in hostname_issubdomain | 2026-01-21T00:16:59.551255Z | 2026-01-21T00:16:59.551548Z |
| osv-2026-97 | Heap-buffer-overflow in vpx_wb_write_literal | 2026-01-21T00:09:09.897624Z | 2026-01-28T14:23:52.198239Z |
| osv-2026-91 | Use-after-poison in compress.cc | 2026-01-20T00:09:07.159786Z | 2026-01-20T00:09:07.160128Z |
| osv-2026-87 | Security exception in org.apache.poi.util.IOUtils.safelyAllocate | 2026-01-18T00:18:36.932063Z | 2026-01-20T14:24:38.539978Z |
| osv-2026-86 | Security exception in java.base/java.util.Arrays.copyOfRange | 2026-01-18T00:18:18.214799Z | 2026-01-18T00:18:18.215108Z |
| osv-2025-1061 | Security exception in org.apache.poi.hssf.record.aggregates.SharedValueManager$SharedFormulaGroup.<ini | 2026-01-18T00:03:40.245475Z | 2026-01-21T14:26:21.135983Z |
| osv-2026-74 | Heap-buffer-overflow in ___interceptor_strtol | 2026-01-17T00:19:48.575833Z | 2026-01-17T00:19:48.576151Z |
| osv-2026-55 | Use-of-uninitialized-value in vp9_quantize_fp_avx2 | 2026-01-15T00:19:29.465463Z | 2026-01-15T00:19:29.465794Z |
| osv-2026-54 | Heap-use-after-free in _dwarf_exec_frame_instr | 2026-01-15T00:17:17.477757Z | 2026-01-15T00:17:17.478056Z |
| osv-2026-53 | Heap-use-after-free in graph::LigatureSubstFormat1::shrink | 2026-01-15T00:16:26.117926Z | 2026-01-15T00:16:26.118291Z |
| osv-2026-30 | Use-of-uninitialized-value in vp9_quantize_fp_avx2 | 2026-01-11T00:08:32.391680Z | 2026-01-11T00:08:32.392050Z |
| osv-2026-21 | Use-of-uninitialized-value in processTLSBlock | 2026-01-09T00:20:25.200679Z | 2026-01-09T00:20:25.201303Z |
| osv-2026-2 | Heap-buffer-overflow in cmt_mpack_consume_uint_tag | 2026-01-03T00:15:15.907754Z | 2026-01-03T00:15:15.908130Z |
| osv-2025-1049 | Heap-buffer-overflow in unsigned char* std::__1::vector<unsigned char, std::__1::allocator<unsigned char | 2025-12-31T00:18:06.669541Z | 2025-12-31T00:18:06.670109Z |
| osv-2025-1004 | Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal | 2025-12-21T00:18:27.214786Z | 2025-12-21T00:18:27.215115Z |
| osv-2025-1001 | Dynamic-stack-buffer-overflow in _ox_err_set_with_location | 2025-12-21T00:04:56.743119Z | 2025-12-21T00:04:56.743638Z |
| osv-2025-994 | Heap-buffer-overflow in rx_icmp | 2025-12-18T00:00:43.710332Z | 2025-12-21T14:32:46.078182Z |
| osv-2025-989 | Bad-cast to UT_hash_bucket' (aka 'struct UT_hash_bucket')password_file__cleanup | 2025-12-17T00:01:12.806838Z | 2025-12-17T00:01:12.807184Z |
| osv-2025-983 | Dynamic-stack-buffer-overflow in _ox_err_set_with_location | 2025-12-14T00:14:21.963982Z | 2025-12-14T00:14:21.964726Z |
| osv-2025-970 | Heap-buffer-overflow in check_sync_pes | 2025-12-05T00:18:22.703657Z | 2025-12-05T00:18:22.704029Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rustsec-2026-0008 | Potential undefined behavior when dereferencing Buf struct | 2026-02-02T12:00:00Z | 2026-02-05T06:08:13Z |
| rustsec-2026-0024 | Incorrect X25519 clamping check rejects all secrets on import | 2026-01-26T12:00:00Z | 2026-02-25T17:22:43Z |
| rustsec-2026-0023 | X25519 secret validation did not check buffer length or clamping | 2026-01-26T12:00:00Z | 2026-02-25T17:22:43Z |
| rustsec-2026-0006 | Wasmtime segfault or unused out-of-sandbox load with `f64.copysign` operator on x86-64 | 2026-01-26T12:00:00Z | 2026-01-30T05:41:11Z |
| rustsec-2026-0005 | Potential use-after-free in `oneshot` when used asynchronously | 2026-01-25T12:00:00Z | 2026-01-27T05:50:51Z |
| rustsec-2026-0004 | Triton VM Soundness Vulnerability due to Improper Sampling of Randomness | 2026-01-21T12:00:00Z | 2026-01-23T05:50:29Z |
| rustsec-2026-0003 | Non-constant-time code generation on ARM32 targets | 2026-01-14T12:00:00Z | 2026-01-15T17:45:42Z |
| rustsec-2026-0002 | `IterMut` violates Stacked Borrows by invalidating internal pointer | 2026-01-07T12:00:00Z | 2026-01-08T05:46:06Z |
| rustsec-2026-0001 | Potential Undefined Behaviors in `Arc<T>`/`Rc<T>` impls of `from_value` on OOM | 2026-01-05T12:00:00Z | 2026-01-06T15:33:19Z |
| rustsec-2025-0139 | theshit vulnerable to unsafe loading of user-owned Python rules when running as root | 2025-12-30T12:00:00Z | 2026-01-04T20:34:25Z |
| rustsec-2025-0140 | Non-utf8 String can be created with `TimeBuf::as_str` | 2025-12-29T12:00:00Z | 2026-03-04T07:42:48Z |
| rustsec-2025-0143 | Unsound APIs of public `constant::Reader` and `StructSchema` | 2025-12-24T12:00:00Z | 2026-01-29T05:56:50Z |
| rustsec-2025-0137 | Unsoundness of safe `reciprocal_mg10` | 2025-12-22T12:00:00Z | 2025-12-28T09:42:26Z |
| rustsec-2025-0141 | Bincode is unmaintained | 2025-12-16T12:00:00Z | 2026-01-16T11:04:42Z |
| rustsec-2025-0144 | Timing side-channel in ML-DSA decomposition | 2025-12-12T12:00:00Z | 2026-01-27T22:28:37Z |
| rustsec-2025-0152 | `finch_cli_rust` was removed from crates.io for malicious code | 2025-12-09T12:00:00Z | 2026-02-13T04:43:42Z |
| rustsec-2025-0151 | `sha-rst` was removed from crates.io for malicious code | 2025-12-09T12:00:00Z | 2026-02-13T04:43:42Z |
| rustsec-2025-0150 | `finch-rst` was removed from crates.io for malicious code | 2025-12-09T12:00:00Z | 2026-02-13T04:43:42Z |
| rustsec-2025-0135 | matrix-sdk-base: Denial of service due to custom `m.room.join_rules` events | 2025-12-08T12:00:00Z | 2025-12-08T12:23:54Z |
| rustsec-2025-0148 | `finch-rust` was removed from crates.io for malicious code | 2025-12-05T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0146 | `sha-rust` was removed from crates.io for malicious code | 2025-12-05T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0133 | Incorrect calculation on aarch64 | 2025-12-04T12:00:00Z | 2025-12-06T07:36:56Z |
| rustsec-2025-0147 | `evm-units` was removed from crates.io for malicious code | 2025-12-03T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0145 | `uniswap-utils` was removed from crates.io for malicious code | 2025-12-03T12:00:00Z | 2026-02-23T07:15:28Z |
| rustsec-2025-0134 | rustls-pemfile is unmaintained | 2025-11-28T12:00:00Z | 2025-12-05T19:07:24Z |
| rustsec-2025-0132 | `Reader::open_mmap` unsoundly marks unsafe memmap operation as safe | 2025-11-28T12:00:00Z | 2025-12-02T06:03:09Z |
| rustsec-2025-0130 | Missing check in ZK proof in CGGMP21 Threshold Signing Protocol | 2025-11-24T12:00:00Z | 2025-11-26T06:00:45Z |
| rustsec-2025-0129 | Missing check in ZK proof in CGGMP21 Threshold Signing Protocol | 2025-11-24T12:00:00Z | 2025-11-26T06:00:45Z |
| rustsec-2025-0128 | CGGMP21 presignatures can be used in the way that significantly reduces security | 2025-11-24T12:00:00Z | 2025-11-26T06:00:45Z |
| rustsec-2025-0127 | CGGMP21 presignatures can be used in the way that significantly reduces security | 2025-11-24T12:00:00Z | 2025-11-26T06:00:45Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| bit-parse-2026-30965 | Parse Server session token exfiltration via `redirectClassNameForKey` query parameter | 2026-03-12T14:48:09.696Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30962 | Parse Server has a protected fields bypass via logical query operators | 2026-03-12T14:48:07.977Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30949 | Parse Server is missing audience validation in Keycloak authentication adapter | 2026-03-12T14:48:06.075Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30948 | Parse Server has stored cross-site scripting (XSS) via SVG file upload | 2026-03-12T14:48:04.274Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30947 | Parse Server ha a bypass of class-level permissions in LiveQuery | 2026-03-12T14:48:02.496Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30946 | Parse Server affected by denial-of-service via unbounded query complexity in REST and GraphQL API | 2026-03-12T14:48:00.783Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30941 | Parse Server has a NoSQL injection via token type in password reset and email verification endpoints | 2026-03-12T14:47:58.977Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30939 | Parse Server has Denial of Service (DoS) and Cloud Function Dispatch Bypass via Prototype Chain Resolution | 2026-03-12T14:47:57.281Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30938 | Parse Server has denylist `requestKeywordDenylist` keyword scan bypass through nested object placement | 2026-03-12T14:47:55.401Z | 2026-03-12T15:11:51.041Z |
| bit-parse-2026-30925 | Parse Server affected by Regular Expression Denial of Service (ReDoS) via `$regex` query in LiveQuery | 2026-03-12T14:47:53.415Z | 2026-03-12T15:11:51.041Z |
| bit-envoy-2026-26330 | Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly | 2026-03-12T08:39:47.564Z | 2026-03-12T09:10:07.191Z |
| bit-envoy-2026-26311 | Envoy HTTP: filter chain execution on reset streams causing UAF crash | 2026-03-12T08:39:46.109Z | 2026-03-12T09:10:07.191Z |
| bit-envoy-2026-26310 | Crash for scoped ip address in Envoy during DNS | 2026-03-12T08:39:44.551Z | 2026-03-12T09:10:07.191Z |
| bit-envoy-2026-26309 | Envoy has an off-by-one write in JsonEscaper::escapeString() | 2026-03-12T08:39:42.871Z | 2026-03-12T09:10:07.191Z |
| bit-envoy-2026-26308 | Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation | 2026-03-12T08:39:41.078Z | 2026-03-12T09:10:07.191Z |
| bit-appsmith-2026-30862 | Critical Stored XSS & Privilege Escalation in Appsmith | 2026-03-12T08:36:03.908Z | 2026-03-12T09:10:07.191Z |
| bit-parse-2026-30863 | Parse Server: JWT audience validation bypass in Google, Apple, and Facebook authentication adapters | 2026-03-11T15:49:05.551Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-30854 | Parse Server: GraphQL `__type` introspection bypass via inline fragments when public introspection is disabled | 2026-03-11T15:49:02.829Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-30850 | Parse Server: File metadata endpoint bypasses `beforeFind` / `afterFind` trigger authorization | 2026-03-11T15:48:59.848Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-30848 | Parse Server: `PagesRouter` path traversal allows reading files outside configured pages directory | 2026-03-11T15:48:57.194Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-30835 | Parse Server: Malformed `$regex` query leaks database error details in API response | 2026-03-11T15:48:54.398Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-30229 | Parse Server: Endpoint `/loginAs` allows `readOnlyMasterKey` to gain full read and write access as any user | 2026-03-11T15:48:51.922Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-30228 | Parse Server: File creation and deletion bypasses `readOnlyMasterKey` write restriction | 2026-03-11T15:48:49.330Z | 2026-03-11T18:56:50.865Z |
| bit-parse-2026-29182 | Parse Server: Cloud Hooks and Cloud Jobs bypass `readOnlyMasterKey` write restriction | 2026-03-11T15:48:46.637Z | 2026-03-11T18:56:50.865Z |
| bit-zookeeper-2026-24308 | Apache ZooKeeper: Sensitive information disclosure in client configuration handling | 2026-03-10T08:52:17.946Z | 2026-03-11T09:11:40.352Z |
| bit-zookeeper-2026-24281 | Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager | 2026-03-10T08:52:16.699Z | 2026-03-11T09:11:40.352Z |
| bit-mariadb-2026-3494 | MariaDB Server Audit Plugin Comment Handling Bypass | 2026-03-10T08:46:18.025Z | 2026-03-10T09:11:39.609Z |
| bit-golang-2026-27142 | URLs in meta content attribute actions are not escaped in html/template | 2026-03-10T08:44:16.859Z | 2026-03-11T09:11:40.352Z |
| bit-golang-2026-27139 | FileInfo can escape from a Root in os | 2026-03-10T08:44:14.844Z | 2026-03-10T09:11:39.609Z |
| bit-golang-2026-27138 | Panic in name constraint checking for malformed certificates in crypto/x509 | 2026-03-10T08:44:12.992Z | 2026-03-11T09:11:40.352Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cleanstart-2026-xz04425 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-27T00:43:38.553069Z | 2026-02-26T12:09:56Z |
| cleanstart-2026-ny12442 | node-tar is a full-featured Tar for Node | 2026-02-27T00:41:38.733387Z | 2026-02-26T12:09:56Z |
| cleanstart-2026-vu62737 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-26T00:41:56.473097Z | 2026-02-25T07:34:17Z |
| cleanstart-2026-kk99760 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-26T00:41:27.004859Z | 2026-02-25T07:34:17Z |
| cleanstart-2026-dc63423 | Within HostnameError | 2026-02-26T00:40:26.756005Z | 2026-02-25T07:34:17Z |
| cleanstart-2026-rd09851 | net/url package does not set a limit on the number of query parameters in a query | 2026-02-25T00:53:44.039015Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-cy44461 | Within HostnameError | 2026-02-25T00:53:13.101959Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-uk11127 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-25T00:52:43.391940Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-wk32717 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-25T00:52:13.178542Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-vi85055 | Within HostnameError | 2026-02-25T00:51:12.873948Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-pm90259 | Cancelling a query (e | 2026-02-25T00:50:43.010672Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-vz85637 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-25T00:50:42.986205Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-ig94553 | excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate | 2026-02-25T00:49:42.735675Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-ha44046 | Within HostnameError | 2026-02-25T00:49:42.693487Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-oo47906 | Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0 | 2026-02-25T00:49:14.177631Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-zs11519 | Security fixes for GHSA-vc5p-v9hr-52mj applied in versions: 4.1.1-r0 | 2026-02-25T00:49:13.663387Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-fm65506 | html | 2026-02-25T00:49:12.988018Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-ds30740 | go-git is a highly extensible git implementation library written in pure Go | 2026-02-25T00:46:12.495329Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-oa82425 | go-git is a highly extensible git implementation library written in pure Go | 2026-02-25T00:44:42.034173Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-uq43569 | go-git is a highly extensible git implementation library written in pure Go | 2026-02-25T00:44:12.116432Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-ia56615 | go-git is a highly extensible git implementation library written in pure Go | 2026-02-25T00:44:12.047442Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-rh10099 | When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11 | 2026-02-25T00:43:12.068903Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-lo42921 | Within HostnameError | 2026-02-25T00:42:42.699243Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-dv04077 | go-git is a highly extensible git implementation library written in pure Go | 2026-02-25T00:42:42.369607Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-dc27717 | OpenVPN version 2 | 2026-02-25T00:39:42.192253Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-dn18334 | During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... | 2026-02-25T00:39:41.622120Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-xk29348 | Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 8.4.0-r0 | 2026-02-25T00:39:11.477214Z | 2026-02-24T09:23:19Z |
| cleanstart-2026-hw19594 | Within HostnameError | 2026-02-24T00:45:50.891263Z | 2026-02-23T12:58:32Z |
| cleanstart-2026-uo76615 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-02-24T00:45:21.009333Z | 2026-02-23T12:58:32Z |
| cleanstart-2026-yq79300 | Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate | 2026-02-24T00:45:20.890998Z | 2026-02-23T12:58:32Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| CERTFR-2024-ALE-013 | Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) | 2025-03-31T00:00:00.000000 | 2024-10-25T00:00:00.000000 |
| certfr-2025-ale-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| CERTFR-2025-ALE-001 | [MàJ] Vulnérabilité dans les produits Ivanti | 2025-01-09T00:00:00.000000 | 2025-04-01T00:00:00.000000 |
| certfr-2024-ale-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| CERTFR-2024-ALE-015 | [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks | 2024-11-15T00:00:00.000000 | 2024-11-18T00:00:00.000000 |
| certfr-2024-ale-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| CERTFR-2024-ALE-014 | [MàJ] Multiples vulnérabilités dans Fortinet FortiManager | 2024-10-30T00:00:00.000000 | 2024-10-23T00:00:00.000000 |
| certfr-2024-ale-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-ALE-012 | [MàJ] Vulnérabilités affectant OpenPrinting CUPS | 2024-09-27T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| CERTFR-2024-ALE-011 | Vulnérabilité dans SonicWall | 2024-09-10T00:00:00.000000 | 2024-11-21T00:00:00.000000 |
| certfr-2024-ale-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| CERTFR-2024-ALE-010 | Multiples vulnérabilités dans Roundcube | 2024-08-09T00:00:00.000000 | 2024-10-07T00:00:00.000000 |
| certfr-2024-ale-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| CERTFR-2024-ALE-009 | Vulnérabilité dans OpenSSH | 2024-07-01T00:00:00.000000 | 2024-07-03T00:00:00.000000 |
| certfr-2024-ale-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-008 | [MàJ] Vulnérabilité dans les produits Check Point | 2024-05-30T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-007 | Multiples vulnérabilités dans les produits Cisco | 2024-04-25T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-006 | [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect | 2024-04-12T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-ALE-005 | [MàJ] Vulnérabilité dans Microsoft Outlook | 2024-02-15T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| CERTFR-2024-ALE-004 | [MàJ] Vulnérabilité dans Fortinet FortiOS | 2024-02-09T00:00:00.000000 | 2024-07-01T00:00:00.000000 |
| certfr-2024-ale-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| CERTFR-2024-ALE-003 | [MàJ] Incident affectant les solutions AnyDesk | 2024-02-05T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| certfr-2024-ale-002 | [MàJ] Multiples Vulnérabilités dans GitLab | 2024-01-12T00:00:00.000000 | 2024-02-22T00:00:00.000000 |
| CERTFR-2024-ALE-002 | [MàJ] Multiples Vulnérabilités dans GitLab | 2024-01-12T00:00:00.000000 | 2024-02-22T00:00:00.000000 |
| certfr-2024-ale-001 | [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways | 2024-01-11T00:00:00.000000 | 2024-04-15T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| certfr-2026-avi-0265 | Multiples vulnérabilités dans les produits Fortinet | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0264 | Multiples vulnérabilités dans les produits Adobe | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0263 | Vulnérabilité dans Ivanti Desktop and Server Management (DSM) | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0262 | Multiples vulnérabilités dans HPE Aruba Networking AOS-CX | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0261 | Multiples vulnérabilités dans les produits Intel | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0260 | Multiples vulnérabilités dans WordPress | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0259 | Multiples vulnérabilités dans Stormshield Network Security | 2026-03-11T00:00:00.000000 | 2026-03-11T00:00:00.000000 |
| certfr-2026-avi-0258 | Vulnérabilité dans Microsoft CBL-Mariner | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0257 | Vulnérabilité dans Mozilla Focus | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0256 | Multiples vulnérabilités dans les produits SAP | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0255 | Multiples vulnérabilités dans les produits Siemens | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0254 | Multiples vulnérabilités dans les produits Schneider Electric | 2026-03-10T00:00:00.000000 | 2026-03-10T00:00:00.000000 |
| certfr-2026-avi-0253 | Multiples vulnérabilités dans Microsoft Edge | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0252 | Multiples vulnérabilités dans les produits Moxa | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0251 | Multiples vulnérabilités dans Apache Zookeeper | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0250 | Vulnérabilité dans Apereo CAS | 2026-03-09T00:00:00.000000 | 2026-03-09T00:00:00.000000 |
| certfr-2026-avi-0249 | Multiples vulnérabilités dans les produits IBM | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0248 | Multiples vulnérabilités dans le noyau Linux de Red Hat | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0247 | Multiples vulnérabilités dans le noyau Linux de SUSE | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0246 | Multiples vulnérabilités dans le noyau Linux d'Ubuntu | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0245 | Vulnérabilité dans Zabbix | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0244 | Vulnérabilité dans Nextcloud Flow | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0243 | Vulnérabilité dans SPIP | 2026-03-06T00:00:00.000000 | 2026-03-06T00:00:00.000000 |
| certfr-2026-avi-0242 | Multiples vulnérabilités dans les produits Cisco | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0241 | Vulnérabilité dans ClamAV | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0240 | Vulnérabilité dans CPython | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0239 | Multiples vulnérabilités dans Google Chrome | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0238 | Vulnérabilité dans NetApp ONTAP 9 | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0237 | Multiples vulnérabilités dans les produits Microsoft | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| certfr-2026-avi-0236 | Multiples vulnérabilités dans Traefik | 2026-03-05T00:00:00.000000 | 2026-03-05T00:00:00.000000 |
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2026-000022 | Oki Electric Industry products and OEM products register Windows services with unquoted file paths | 2026-02-09T15:21+09:00 | 2026-02-09T15:21+09:00 |
| jvndb-2026-000021 | web2py vulnerable to open redirect | 2026-02-05T15:01+09:00 | 2026-02-05T15:01+09:00 |
| jvndb-2026-000020 | Multiple vulnerabilities in Movable Type | 2026-02-04T16:15+09:00 | 2026-02-04T16:15+09:00 |
| jvndb-2026-000019 | Multiple vulnerabilities in ELECOM wireless LAN products | 2026-02-03T14:57+09:00 | 2026-02-03T14:57+09:00 |
| jvndb-2026-000017 | Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows | 2026-02-03T14:57+09:00 | 2026-02-05T14:41+09:00 |
| jvndb-2026-000016 | Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries | 2026-02-03T14:57+09:00 | 2026-02-04T12:39+09:00 |
| jvndb-2026-000015 | Sonatype Nexus Repository vulnerable to server-side request forgery | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000014 | OS command injection in raspap-webgui | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000013 | Multiple Microsoft Office products vulnerable to untrusted search path | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000012 | Multiple vulnerabilities in Cybozu Garoon | 2026-02-02T15:18+09:00 | 2026-02-02T15:18+09:00 |
| jvndb-2026-000018 | Undocumented "TelnetEnable" functionality of End of Service NETGEAR products | 2026-01-30T14:23+09:00 | 2026-01-30T14:23+09:00 |
| jvndb-2026-002119 | Multiple vulnerabilities in BROTHER MFPs (multifunction printers) | 2026-01-30T11:26+09:00 | 2026-01-30T11:26+09:00 |
| jvndb-2026-002030 | Multiple Vulnerabilities in Cosminexus | 2026-01-29T10:32+09:00 | 2026-01-29T10:32+09:00 |
| jvndb-2026-001972 | Archer MR600 vulnerable to OS command injection | 2026-01-28T10:41+09:00 | 2026-01-28T10:41+09:00 |
| jvndb-2026-000011 | beat-access for Windows may insecurely load Dynamic Link Libraries | 2026-01-27T18:22+09:00 | 2026-01-27T18:22+09:00 |
| jvndb-2026-001732 | Multiple Brother software installers may insecurely load Dynamic Link Libraries | 2026-01-26T16:04+09:00 | 2026-01-26T16:04+09:00 |
| jvndb-2026-000010 | Command injection vulnerability in ASUS routers | 2026-01-23T15:22+09:00 | 2026-01-23T15:22+09:00 |
| jvndb-2026-001663 | "iRMC S5/S6" implemented in PRIMERGY vulnerable to incorrect authorization | 2026-01-23T11:29+09:00 | 2026-01-23T11:29+09:00 |
| jvndb-2026-001662 | Multiple vulnerabilities in Trend Micro Apex Central (January 2026) | 2026-01-23T11:29+09:00 | 2026-01-23T11:29+09:00 |
| jvndb-2026-000009 | Installer of Fujitsu ServerView Agents for Windows may insecurely load Dynamic Link Libraries | 2026-01-21T15:17+09:00 | 2026-01-21T15:17+09:00 |
| jvndb-2026-000008 | Ruijie Networks AP180 series vulnerable to OS command injection | 2026-01-21T15:17+09:00 | 2026-01-21T15:17+09:00 |
| jvndb-2026-001582 | Security information for Hitachi Disk Array Systems | 2026-01-21T12:11+09:00 | 2026-01-21T12:11+09:00 |
| jvndb-2026-001578 | ETERNUS SF vulnerable to insertion of sensitive information into maintenance data | 2026-01-20T20:00+09:00 | 2026-01-20T20:00+09:00 |
| jvndb-2026-001380 | Multiple vulnerabilities in Canon Small Office Multifunction Printers and Laser Printers | 2026-01-19T10:08+09:00 | 2026-01-19T10:08+09:00 |
| jvndb-2026-000007 | Multiple Vulnerabilities in TOA Network Cameras TRIFORA 3 series | 2026-01-16T15:06+09:00 | 2026-01-16T15:06+09:00 |
| jvndb-2026-000006 | Chainlit vulnerable to improper access restriction | 2026-01-14T17:03+09:00 | 2026-01-14T17:03+09:00 |
| jvndb-2026-000005 | Multiple vulnerabilities in EATON UPS Companion | 2026-01-13T19:01+09:00 | 2026-01-13T19:01+09:00 |
| jvndb-2026-000003 | RICOH Streamline NX vulnerable to improper authorization | 2026-01-09T18:17+09:00 | 2026-01-09T18:17+09:00 |
| jvndb-2026-000004 | The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries | 2026-01-08T13:47+09:00 | 2026-01-08T13:47+09:00 |
| jvndb-2026-000001 | Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2 | 2026-01-07T14:19+09:00 | 2026-01-07T14:19+09:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| cnvd-2026-12558 | Microsoft Windows Kernel竞争条件漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12557 | Microsoft Outlook信息泄露漏洞(CNVD-2026-12557) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12556 | Microsoft Hyper-V缓冲区溢出漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12555 | Microsoft Hyper-V访问控制错误漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12554 | Microsoft GitHub Copilot for JetBrains命令注入漏洞 | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12553 | Microsoft Excel缓冲区溢出漏洞(CNVD-2026-12553) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12552 | Microsoft Excel缓冲区溢出漏洞(CNVD-2026-12552) | 2026-03-02 | 2026-03-04 |
| cnvd-2026-12893 | Apache Superset输入验证漏洞 | 2026-02-27 | 2026-03-04 |
| cnvd-2026-12561 | Microsoft Defender for Linux代码执行漏洞 | 2026-02-25 | 2026-03-04 |
| cnvd-2026-12894 | Apache Druid认证绕过漏洞 | 2026-02-13 | 2026-03-04 |
| cnvd-2026-12766 | Huawei EMUI和Huawei HarmonyOS通信模块地址读取漏洞 | 2026-02-11 | 2026-03-06 |
| cnvd-2026-12765 | Huawei EMUI和Huawei HarmonyOS AMS模块权限控制类漏洞 | 2026-02-11 | 2026-03-06 |
| cnvd-2026-12764 | Huawei HarmonyOS HDC模块缓冲区溢出漏洞 | 2026-02-11 | 2026-03-06 |
| cnvd-2026-12687 | IBM PowerVM Hypervisor存在未明漏洞 | 2026-02-11 | 2026-03-05 |
| cnvd-2026-12685 | IBM Concert存在信息泄露漏洞 | 2026-02-11 | 2026-03-05 |
| cnvd-2026-12672 | IBM Cloud Pak for Business Automation存在XSS漏洞 | 2026-02-11 | 2026-03-05 |
| cnvd-2026-12671 | IBM Concert存在弱密码算法漏洞 | 2026-02-11 | 2026-03-05 |
| cnvd-2026-12670 | IBM Cloud Pak for Business Automation存在拒绝服务漏洞 | 2026-02-11 | 2026-03-05 |
| cnvd-2026-12669 | IBM Business Automation Workflow containers和IBM Business Automation Workflow traditional存… | 2026-02-11 | 2026-03-05 |
| cnvd-2026-12562 | D-Link DIR-600命令注入漏洞 | 2026-02-11 | 2026-03-04 |
| cnvd-2026-11780 | Huawei EMUI和Huawei HarmonyOS DFX模块越界写入漏洞 | 2026-02-11 | 2026-02-27 |
| cnvd-2026-11779 | Huawei EMUI和Huawei HarmonyOS文件系统模块越界写入漏洞 | 2026-02-11 | 2026-02-27 |
| cnvd-2026-11765 | Huawei HarmonyOS相机模块越界写入漏洞 | 2026-02-11 | 2026-02-26 |
| cnvd-2026-11764 | Huawei HarmonyOS图像模块缓冲区溢出漏洞 | 2026-02-11 | 2026-02-26 |
| cnvd-2026-11763 | Huawei HarmonyOS媒体子系统越界读取漏洞 | 2026-02-11 | 2026-02-26 |
| cnvd-2026-11762 | Huawei HarmonyOS相机模块类型混淆漏洞 | 2026-02-11 | 2026-02-26 |
| cnvd-2026-11761 | Huawei HarmonyOS HDC模块权限控制漏洞 | 2026-02-11 | 2026-02-26 |
| cnvd-2026-11760 | Huawei HarmonyOS窗口模块身份认证绕过漏洞 | 2026-02-11 | 2026-02-26 |
| cnvd-2026-11749 | Tenda TX9 goform/SetStaticRouteCfg文件缓冲区溢出漏洞 | 2026-02-11 | 2026-02-25 |
| cnvd-2026-11748 | WeKan存在未明漏洞(CNVD-2026-11748) | 2026-02-11 | 2026-02-25 |
| ID | Description | Published | Updated |
|---|---|---|---|
| bdu:2026-01814 | Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01813 | Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01812 | Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01811 | Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01810 | Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01809 | Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01808 | Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01807 | Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01806 | Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01805 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01804 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01803 | Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … | 16.02.2026 | 16.02.2026 |
| bdu:2026-01802 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01801 | Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01800 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии | 16.02.2026 | 16.02.2026 |
| bdu:2026-01799 | Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01798 | Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01797 | Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01796 | Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01795 | Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01794 | Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… | 16.02.2026 | 16.02.2026 |
| bdu:2026-01792 | Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… | 13.02.2026 | 16.02.2026 |
| bdu:2026-01791 | Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанна… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01790 | Уязвимость Защитника Microsoft (Microsoft Defender for Endpoint) операционных систем Linu… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01789 | Уязвимость редактора исходного кода Microsoft Visual Studio Code, связанная с ошибками си… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01788 | Уязвимость сервиса Azure AI Language Authoring, связанная с недостатками механизма десери… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01787 | Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанна… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01786 | Уязвимость компонента Windows Installer приложения Windows App, позволяющая нарушителю по… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01785 | Уязвимость редактора исходного кода Microsoft Visual Studio Code, связанная с непринятием… | 13.02.2026 | 13.02.2026 |
| bdu:2026-01784 | Уязвимость средства разработки программного обеспечения Azure DevOps Server, связанная с … | 13.02.2026 | 13.02.2026 |
| ID | Description | Updated |
|---|---|---|
| var-202001-0832 | A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… | 2024-07-23T22:37:43.319000Z |
| var-201208-0222 | Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… | 2024-07-23T22:37:43.393000Z |
| var-202108-1148 | An access issue was addressed with improved access restrictions. This issue is fixed in m… | 2024-07-23T22:36:01.656000Z |
| var-200202-0006 | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… | 2024-07-23T22:34:48.127000Z |
| var-202007-0395 | Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities … | 2024-07-23T22:33:57.481000Z |
| var-201805-1147 | WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… | 2024-07-23T22:32:10.966000Z |
| var-201902-0647 | LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening … | 2024-07-23T22:32:09.990000Z |
| var-201908-0863 | Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… | 2024-07-23T22:30:33.144000Z |
| var-201912-0120 | A memory corruption issue was addressed with improved validation. This issue is fixed in … | 2024-07-23T22:30:32.761000Z |
| var-201912-0114 | A memory corruption issue was addressed with improved validation. This issue is fixed in … | 2024-07-23T22:30:32.792000Z |
| var-202305-1589 | D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulne… | 2024-07-23T22:30:26.856000Z |
| var-202407-0235 | Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… | 2024-07-23T22:30:24.825000Z |
| var-202407-0234 | Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … | 2024-07-23T22:30:24.699000Z |
| var-202407-0233 | Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … | 2024-07-23T22:30:24.731000Z |
| var-202407-0232 | Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… | 2024-07-23T22:30:24.657000Z |
| var-201112-0097 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… | 2024-07-23T22:29:05.132000Z |
| var-201801-0152 | An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri… | 2024-07-23T22:28:30.754000Z |
| var-201801-0151 | A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior … | 2024-07-23T22:28:30.640000Z |
| var-201807-0341 | ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… | 2024-07-23T22:28:27.949000Z |
| var-201806-1058 | Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… | 2024-07-23T22:28:27.641000Z |
| var-201906-1029 | In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… | 2024-07-23T22:28:26.009000Z |
| var-202004-0077 | There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc… | 2024-07-23T22:28:24.545000Z |
| var-202206-2050 | The affected product is vulnerable to multiple SQL injections, which may allow an unautho… | 2024-07-23T22:27:49.515000Z |
| var-202305-1981 | D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution V… | 2024-07-23T22:27:44.287000Z |
| var-202305-0214 | D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerabilit… | 2024-07-23T22:27:44.496000Z |
| var-202305-0130 | D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vul… | 2024-07-23T22:27:44.522000Z |
| var-202407-0441 | A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC R… | 2024-07-23T22:27:41.577000Z |
| var-201105-0156 | Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 30… | 2024-07-23T22:25:52.955000Z |
| var-201402-0028 | The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… | 2024-07-23T22:25:48.624000Z |
| var-201402-0027 | The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… | 2024-07-23T22:25:48.742000Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2025-0026 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:35:00.000Z | 2025-12-02T08:50:46.381572Z |
| GCVE-1-2025-0025 |
9.4 (4.0)
|
Reflected cross-site scripting (XSS) vulnerability in … |
misp |
misp |
2025-11-26T16:27:00.000Z | 2025-12-02T08:50:18.897756Z |
| GCVE-1-2025-0024 |
9.4 (4.0)
|
cross-site scripting (XSS) vulnerability in the MISP s… |
misp |
misp |
2025-11-26T16:14:00.000Z | 2025-12-02T08:50:01.482327Z |
| GCVE-1-2025-0023 |
9.4 (4.0)
|
XSS in MISP server comparison tool |
misp |
misp |
2025-11-26T16:10:00.000Z | 2025-12-02T08:49:24.626168Z |
| GCVE-1-2025-0022 |
9.4 (4.0)
|
Clarified setting's impact on download_attachments_on_load |
misp |
misp |
2025-11-26T16:04:00.000Z | 2025-12-02T08:49:04.510294Z |
| GCVE-1-2025-0021 |
9.4 (4.0)
|
XSS in MISP ReST client in HTML view |
misp |
misp |
2025-11-26T15:55:00.000Z | 2025-12-02T08:48:41.869838Z |
| GCVE-1-2025-0020 |
9.4 (4.0)
|
cross-site scripting (XSS) in Galaxy element JSON view |
misp |
misp |
2025-11-26T15:49:00.000Z | 2025-12-02T08:47:41.151429Z |
| GCVE-1-2025-0019 |
4 (4.0)
|
Path traversal vulnerability in EventReport for site-admin |
misp |
misp |
2025-11-26T14:47:00.000Z | 2025-11-28T07:27:42.721350Z |
| GCVE-1-2025-0018 |
9.4 (4.0)
|
HTML injection issue was identified in Lookyloo’s web … |
lookyloo |
lookyloo |
2025-11-18T15:33:00.000Z | 2025-11-18T20:39:45.579295Z |
| GCVE-1-2025-0017 |
9.4 (4.0)
|
Privilege escalation in Cerebrate allows an authentica… |
cerebrate |
cerebrate |
2025-11-12T08:15:00.000Z | 2025-11-28T07:22:08.205835Z |
| GCVE-1-2025-0016 |
6 (4.0)
|
Local file inclusion in [ImportFromUrl() URL hand… |
misp |
misp |
2025-11-04T09:20:00.000Z | 2025-11-04T09:56:38.383646Z |
| GCVE-1-2025-0015 |
9 (4.0)
|
Potential XSS in decaying simulation tool |
misp |
misp |
2025-11-04T09:06:00.000Z | 2025-11-04T09:06:59.216121Z |
| GCVE-1-2025-0014 |
9.4 (4.0)
|
XSS in event report via Mermaid diagram |
misp |
misp |
2025-11-04T08:58:00.024516Z | 2025-11-04T08:58:00.024516Z |
| GCVE-1-2025-0013 |
9.4 (4.0)
|
Vulnerability in sharing group blueprints allowing sha… |
misp |
misp |
2025-11-04T08:49:21.558087Z | 2025-11-04T08:49:21.558087Z |
| GCVE-1-2025-0012 |
N/A
|
Potential vulnerability in file check upload but non-e… |
misp |
misp |
2025-11-04T07:20:00.000Z | 2025-11-28T07:16:21.589449Z |
| GCVE-1-2025-0011 |
9.4 (4.0)
|
Arbitrary file inclusion / deletion via import modules… |
misp |
misp |
2025-11-04T07:01:25.464225Z | 2025-11-04T07:01:25.464225Z |
| GCVE-1-2025-0010 |
6.3 (4.0)
|
Arbitrary file hash inclusion via templates accessible… |
misp |
misp |
2025-11-04T06:25:11.108987Z | 2025-11-04T06:25:11.108987Z |
| GCVE-1-2025-0009 |
6.4 (4.0)
|
A pre-auth user could self-assign a reporter without b… |
CIRCL |
vulnerability-lookup |
2025-10-13T09:20:24.800890Z | 2025-10-13T09:20:24.800890Z |
| GCVE-1-2025-0008 |
7 (4.0)
|
Logged users can view vulnerability disclosure comment… |
CIRCL |
vulnerability-lookup |
2025-10-13T09:10:00.000Z | 2025-10-13T09:15:31.637686Z |
| GCVE-1-2025-0007 |
4.5 (4.0)
|
Missing email validation on user management |
CIRCL |
vulnerability-lookup |
2025-10-13T08:37:00.000Z | 2025-10-13T08:51:37.408861Z |
| GCVE-1-2025-0006 |
9.3 (4.0)
|
Potential XSS in admin CPE in organization model |
CIRCL |
vulnerability-lookup |
2025-10-13T08:29:00.000Z | 2025-10-13T08:52:23.411325Z |
| GCVE-1-2025-0005 |
9.4 (4.0)
|
Reflected XSS due to insecure use of Markup |
CIRCL |
vulnerability-lookup |
2025-10-13T08:23:29.812914Z | 2025-10-13T08:23:29.812914Z |
| GCVE-1-2025-0004 |
10 (4.0)
|
XSS in Comments, Bundles, and Sightings component of v… |
CIRCL |
vulnerability-lookup |
2025-09-25T14:10:00.000Z | 2025-11-19T10:16:47.656802Z |
| GCVE-1-2025-0003 |
9.3 (4.0)
|
Incorrect ACL for user settings edit, which previ… |
cerebrate |
cerebrate |
2025-08-22T12:33:00.000Z | 2025-08-23T07:55:10.950332Z |
| GCVE-1-2025-0002 |
8.9 (4.0)
|
Command Injection in Cl0p Exfiltration Python Script |
Cl0p ransomware |
exfiltration |
2025-07-01T08:19:00.000Z | 2025-07-01T10:58:58.443468Z |
| GCVE-1-2025-0001 |
5.3 (4.0)
|
The absence of a password confirmation step when deact… |
CIRCL |
Vulnerability-Lookup |
2025-05-27T08:58:00.000Z | 2025-05-30T14:27:56.273945Z |