Recent vulnerabilities

Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-41900
8.8 (3.1)
OpenLearnX has Critical Remote Code Execution Through … th30d4y
 OpenLearnX
 2026-05-08T03:25:50.286Z 2026-05-08T03:25:50.286Z
CVE-2026-42150
5.1 (3.1)
wlc: print_html outputs API data without HTML escaping… WeblateOrg
 wlc
 2026-05-08T03:23:12.234Z 2026-05-08T03:23:12.234Z
CVE-2026-42264
7.4 (3.1)
Axios: Prototype pollution read-side gadgets in HTTP a… axios
 axios
 2026-05-08T03:20:24.248Z 2026-05-08T03:20:24.248Z
CVE-2026-41645
5.3 (3.1)
Nuclei: Environment variable disclosure via Response-D… projectdiscovery
 nuclei
 2026-05-08T03:17:19.302Z 2026-05-08T03:17:19.302Z
CVE-2026-8132
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
CodeAstro Leave Management System login.php sql injection CodeAstro
 Leave Management System
 2026-05-08T03:15:09.496Z 2026-05-08T03:15:09.496Z
CVE-2026-41646
5.5 (3.1)
Nuclei: Local File Read via require() Module Loader Bypass projectdiscovery
 nuclei
 2026-05-08T03:14:49.908Z 2026-05-08T03:14:49.908Z
CVE-2026-42261
7.1 (3.1)
PromptHub: Authenticated SSRF via IPv6 filter bypass i… legeling
 PromptHub
 2026-05-08T03:11:25.305Z 2026-05-08T03:11:25.305Z
CVE-2026-43944
9.4 (4.0)
electerm: dangerous code can be run through links or c… electerm
 electerm
 2026-05-08T03:08:09.046Z 2026-05-08T03:08:09.046Z
CVE-2026-43942
5.5 (3.1)
electerm: Full process.env exposed to renderer via win… electerm
 electerm
 2026-05-08T03:03:54.752Z 2026-05-08T03:03:54.752Z
CVE-2026-43941
9.6 (3.1)
Unvalidated shell.openExternal in electerm allows arbi… electerm
 electerm
 2026-05-08T03:01:12.461Z 2026-05-08T03:01:12.461Z
CVE-2026-8131
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping replymsg.php sql in… SourceCodester
 SUP Online Shopping
 2026-05-08T03:00:18.891Z 2026-05-08T03:00:18.891Z
CVE-2026-43940
8.4 (3.1)
electerm: Path traversal in electerm runWidget leads t… electerm
 electerm
 2026-05-08T02:58:05.646Z 2026-05-08T02:58:05.646Z
CVE-2026-43943
7.8 (3.1)
electerm: RCE via malicious SSH server filename in ope… electerm
 electerm
 2026-05-08T02:55:51.285Z 2026-05-08T02:55:51.285Z
CVE-2026-41500
9.8 (3.1)
electerm has Command Injection Vulnerability via runMa… electerm
 electerm
 2026-05-08T02:53:44.494Z 2026-05-08T02:53:44.494Z
CVE-2026-41501
9.8 (3.1)
electerm has Command Injection Vulnerability via runLi… electerm
 electerm
 2026-05-08T02:51:10.144Z 2026-05-08T02:51:10.144Z
CVE-2026-8130
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping message.php sql injection SourceCodester
 SUP Online Shopping
 2026-05-08T02:45:09.771Z 2026-05-08T02:45:09.771Z
CVE-2026-8129
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping wishlist.php sql in… SourceCodester
 SUP Online Shopping
 2026-05-08T02:30:11.130Z 2026-05-08T02:30:11.130Z
CVE-2026-8128
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping viewmsg.php sql injection SourceCodester
 SUP Online Shopping
 2026-05-08T02:15:09.625Z 2026-05-08T02:15:09.625Z
CVE-2026-3508
6.8 (4.0)
An Out-of-bounds Read vulnerability in the IOCTL … ASUS
 ASUS System Control Interface
 2026-05-08T02:00:53.822Z 2026-05-08T02:00:53.822Z
CVE-2026-6737
2 (4.0)
An Exposed IOCTL with Insufficient Access Control… ASUS
 AsusPTPFilter
 2026-05-08T02:00:26.422Z 2026-05-08T02:00:26.422Z
CVE-2026-8127
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
eladmin Users API Endpoint UserController.java checkLe… n/a
 eladmin
 2026-05-08T02:00:14.462Z 2026-05-08T02:00:14.462Z
CVE-2026-8126
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester Comment System post_comment.php sql injection SourceCodester
 Comment System
 2026-05-08T01:45:11.083Z 2026-05-08T01:45:11.083Z
CVE-2026-8125
5.3 (4.0)
6.3 (3.1)
6.3 (3.0)
code-projects Simple Chat System sendMessage.php sql i… code-projects
 Simple Chat System
 2026-05-08T01:30:10.489Z 2026-05-08T01:30:10.489Z
CVE-2026-8124
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
GPAC box_code_base.c sidx_box_read allocation of resources n/a
 GPAC
 2026-05-08T01:15:10.347Z 2026-05-08T01:15:10.347Z
CVE-2026-8123
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
Open5GS NSSF message.c ogs_sbi_discovery_option_add_sn… n/a
 Open5GS
 2026-05-08T01:00:12.670Z 2026-05-08T01:00:12.670Z
CVE-2026-8122
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
Open5GS NSSF message.c ogs_sbi_discovery_option_add_se… n/a
 Open5GS
 2026-05-08T00:45:09.870Z 2026-05-08T00:45:09.870Z
CVE-2026-8121
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
Open5GS NSSF conv.c ogs_sbi_parse_plmn_list denial of … n/a
 Open5GS
 2026-05-08T00:30:10.368Z 2026-05-08T00:30:10.368Z
CVE-2026-8120
5.3 (4.0)
4.3 (3.1)
4.3 (3.0)
Open5GS NSSF nnssf-handler.c denial of service n/a
 Open5GS
 2026-05-08T00:15:09.713Z 2026-05-08T00:15:09.713Z
CVE-2026-8119
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
Open5GS NSSF nghttp2-server.c ogs_sbi_stream_find_by_i… n/a
 Open5GS
 2026-05-08T00:00:21.852Z 2026-05-08T00:00:21.852Z
CVE-2025-69691
N/A
Netgate pfSense CE 2.8.0 allows code execution in… n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T05:51:51.358Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-8138
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Tenda CX12L SetPptpServerCfg” formSetPPTPServer stack-… Tenda
 CX12L
 2026-05-08T04:15:10.228Z 2026-05-08T04:15:10.228Z
CVE-2026-8137
8.7 (4.0)
8.8 (3.1)
8.8 (3.0)
Totolink X5000R formDdns sub_458E40 buffer overflow Totolink
 X5000R
 2026-05-08T04:00:13.042Z 2026-05-08T04:00:13.042Z
CVE-2026-42279
5.8 (3.1)
solidtime: Time entry update endpoint allows cross-org… solidtime-io
 solidtime
 2026-05-08T03:57:31.727Z 2026-05-08T03:57:31.727Z
CVE-2026-42278
8.8 (4.0)
UltraDAG: Smart Account Spending Policy Bypass via Pockets UltraDAGcom
 core
 2026-05-08T03:55:01.093Z 2026-05-08T03:55:01.093Z
CVE-2026-42277
6.5 (3.1)
Onyx: IDOR in /chat/file/{file_id} allows any authenti… onyx-dot-app
 onyx
 2026-05-08T03:51:11.520Z 2026-05-08T03:51:11.520Z
CVE-2026-42276
4.3 (3.1)
Onyx: IDOR in /chat/stop-chat-session allows any authe… onyx-dot-app
 onyx
 2026-05-08T03:49:56.765Z 2026-05-08T03:51:03.272Z
CVE-2023-42346
N/A
Alkacon OpenCms before 16 allows XXE when the <!D… n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:46:17.859Z
CVE-2023-42345
N/A
A Cross Site Scripting vulnerability in Alkacon O… n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:43:08.243Z
CVE-2023-42344
N/A
Alkacon OpenCms before 10.5.1 allows remote unaut… n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:37:40.242Z
CVE-2023-42343
N/A
A Cross Site Scripting vulnerability in Alkacon O… n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:41:10.719Z
CVE-2022-45899
N/A
Nokia Broadcast Message Center (BMC) before 13.1 … n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:29:40.863Z
CVE-2022-26523
N/A
The socket connection handler in aswArPot.sys in … n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:25:27.339Z
CVE-2022-26522
N/A
The socket connection handler in aswArPot.sys in … n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:23:50.475Z
CVE-2022-23961
N/A
In Thruk Monitoring through 2.46.3, the login fie… n/a
 n/a
 2026-05-08T00:00:00.000Z 2026-05-08T04:18:23.670Z
CVE-2026-8136
4.8 (4.0)
2.4 (3.1)
2.4 (3.0)
SourceCodester Pharmacy Sales and Inventory System ind… SourceCodester
 Pharmacy Sales and Inventory System
 2026-05-08T03:45:08.503Z 2026-05-08T03:45:08.503Z
CVE-2026-8133
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
zyx0814 FilePress Shares Filelist API admin.php sql in… zyx0814
 FilePress
 2026-05-08T03:30:13.832Z 2026-05-08T03:30:13.832Z
CVE-2026-8132
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
CodeAstro Leave Management System login.php sql injection CodeAstro
 Leave Management System
 2026-05-08T03:15:09.496Z 2026-05-08T03:15:09.496Z
CVE-2026-8131
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping replymsg.php sql in… SourceCodester
 SUP Online Shopping
 2026-05-08T03:00:18.891Z 2026-05-08T03:00:18.891Z
CVE-2026-8130
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping message.php sql injection SourceCodester
 SUP Online Shopping
 2026-05-08T02:45:09.771Z 2026-05-08T02:45:09.771Z
CVE-2026-8129
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester SUP Online Shopping wishlist.php sql in… SourceCodester
 SUP Online Shopping
 2026-05-08T02:30:11.130Z 2026-05-08T02:30:11.130Z
CVE-2026-44298
4.1 (3.1)
Kimai: Arbitrary file read in invoice PDF renderer (admin) kimai
 kimai
 2026-05-08T03:32:06.672Z 2026-05-08T03:32:06.672Z
CVE-2026-43944
9.4 (4.0)
electerm: dangerous code can be run through links or c… electerm
 electerm
 2026-05-08T03:08:09.046Z 2026-05-08T03:08:09.046Z
CVE-2026-43943
7.8 (3.1)
electerm: RCE via malicious SSH server filename in ope… electerm
 electerm
 2026-05-08T02:55:51.285Z 2026-05-08T02:55:51.285Z
CVE-2026-43942
5.5 (3.1)
electerm: Full process.env exposed to renderer via win… electerm
 electerm
 2026-05-08T03:03:54.752Z 2026-05-08T03:03:54.752Z
CVE-2026-43941
9.6 (3.1)
Unvalidated shell.openExternal in electerm allows arbi… electerm
 electerm
 2026-05-08T03:01:12.461Z 2026-05-08T03:01:12.461Z
CVE-2026-43940
8.4 (3.1)
electerm: Path traversal in electerm runWidget leads t… electerm
 electerm
 2026-05-08T02:58:05.646Z 2026-05-08T02:58:05.646Z
CVE-2026-42275
8.7 (3.1)
zrok: WebDAV drive backend follows symlinks outside Dr… openziti
 zrok
 2026-05-08T03:45:57.209Z 2026-05-08T03:45:57.209Z
CVE-2026-42274
7.8 (4.0)
Heimdall: Authorization bypass via path normalization … dadrus
 heimdall
 2026-05-08T03:43:41.597Z 2026-05-08T03:43:41.597Z
CVE-2026-42273
7.8 (4.0)
Heimdall: Case-sensitive host matching may lead to pol… dadrus
 heimdall
 2026-05-08T03:42:50.312Z 2026-05-08T03:42:50.312Z
CVE-2026-42272
7.8 (4.0)
Heimdall: Case-sensitive handling of URL-encoded slash… dadrus
 heimdall
 2026-05-08T03:40:17.541Z 2026-05-08T03:40:17.541Z
ID Description Published Updated
fkie_cve-2026-2101 A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm … 2026-02-16T17:18:09.003 2026-04-15T00:35:42.020
fkie_cve-2026-26930 SmarterTools SmarterMail before 9526 allows XSS via MAPI requests. 2026-02-16T17:18:08.813 2026-04-15T00:35:42.020
fkie_cve-2026-2563 A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the f… 2026-02-16T16:19:18.070 2026-04-29T01:00:01.613
fkie_cve-2026-1783 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued i… 2026-02-16T16:19:17.880 2026-02-16T16:19:17.880
fkie_cve-2025-65717 An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files v… 2026-02-16T16:19:17.510 2026-05-05T18:16:01.887
fkie_cve-2025-65716 An issue in Visual Studio Code Extensions Markdown Preview Enhanced v0.8.18 allows attackers to exe… 2026-02-16T16:19:17.403 2026-02-25T18:46:08.703
fkie_cve-2025-65715 An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.… 2026-02-16T16:19:17.287 2026-02-25T15:21:49.487
fkie_cve-2026-2562 A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the … 2026-02-16T15:18:35.020 2026-04-29T01:00:01.613
fkie_cve-2026-2561 A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the funct… 2026-02-16T15:18:34.840 2026-04-29T01:00:01.613
fkie_cve-2026-2447 Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.… 2026-02-16T15:18:34.740 2026-04-13T15:17:19.983
fkie_cve-2026-2032 Malicious scripts that interrupt new tab page loading could cause desynchronization between the add… 2026-02-16T15:18:34.620 2026-04-13T15:17:19.800
fkie_cve-2026-2560 A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The impacted element is the funct… 2026-02-16T14:16:18.840 2026-04-29T01:00:01.613
fkie_cve-2026-2558 A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the f… 2026-02-16T14:16:18.650 2026-04-29T01:00:01.613
fkie_cve-2026-2557 A vulnerability was detected in cskefu up to 8.0.1. Impacted is the function Upload of the file com… 2026-02-16T14:16:18.440 2026-04-29T01:00:01.613
fkie_cve-2026-1335 An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawi… 2026-02-16T14:16:18.303 2026-02-26T18:15:57.777
fkie_cve-2026-1334 An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawin… 2026-02-16T14:16:18.160 2026-02-26T18:16:03.453
fkie_cve-2026-1333 A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWOR… 2026-02-16T14:16:18.003 2026-02-26T18:15:50.280
fkie_cve-2026-2556 A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown p… 2026-02-16T13:16:00.940 2026-04-29T01:00:01.613
fkie_cve-2026-1046 Mattermost Desktop App versions <=6.0 6.2.0 5.2.13.0 fail to validate help links which allows a mal… 2026-02-16T13:16:00.793 2026-03-23T17:27:17.083
fkie_cve-2025-14573 Mattermost versions 10.11.x <= 10.11.9 fail to enforce invite permissions when updating team settin… 2026-02-16T13:16:00.623 2026-02-18T20:18:01.113
fkie_cve-2025-14350 Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to properly validat… 2026-02-16T13:15:59.953 2026-02-18T20:19:20.907
fkie_cve-2026-2555 A weakness has been identified in JeecgBoot 3.9.1. This vulnerability affects the function importDo… 2026-02-16T12:16:22.667 2026-02-18T21:43:53.793
fkie_cve-2026-2553 A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f… 2026-02-16T12:16:22.480 2026-04-29T01:00:01.613
fkie_cve-2026-2552 A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delet… 2026-02-16T12:16:22.277 2026-02-20T18:00:00.757
fkie_cve-2025-2418 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in TR7 Cyber ​​Defense Inc. Web A… 2026-02-16T12:16:22.093 2026-05-07T08:15:59.830
fkie_cve-2025-13821 Mattermost versions 11.1.x <= 11.1.2, 10.11.x <= 10.11.9, 11.2.x <= 11.2.1 fail to sanitize sensiti… 2026-02-16T12:16:21.423 2026-02-18T21:44:27.573
fkie_cve-2026-2551 A vulnerability was determined in ZenTao up to 21.7.8. Affected by this vulnerability is the functi… 2026-02-16T11:15:56.550 2026-04-29T01:00:01.613
fkie_cve-2026-2452 Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… 2026-02-16T11:15:56.420 2026-03-12T17:29:01.843
fkie_cve-2026-2451 Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… 2026-02-16T11:15:56.290 2026-03-13T12:39:56.690
fkie_cve-2026-2415 Emails sent by pretix can utilize placeholders that will be filled with customer data. For example,… 2026-02-16T11:15:56.047 2026-03-13T12:47:32.733
ID Severity Description Published Updated
ghsa-rcc6-6q2f-m2cw
Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive informati… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-qm5g-9237-pg9r
7.3 (3.1)
5.5 (4.0)
A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unkn… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-pxqj-577f-7xfv
7.3 (3.1)
5.5 (4.0)
A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulne… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-pj6p-9p8x-5mfc
Alkacon OpenCms before 16 allows XXE when the <!DOCTYPE> refers to an external host. 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-hqhv-x7gw-gg62
In Thruk Monitoring through 2.46.3, the login field of the login form is vulnerable to reflected XS… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-h488-x5g3-rjr5
The socket connection handler in aswArPot.sys in the Avast and AVG Windows Anti Rootkit driver befo… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-gxmg-m8j9-9hxw
7.3 (3.1)
5.5 (4.0)
A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown f… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-gggm-v39x-cpg8
7.3 (3.1)
5.5 (4.0)
A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown fun… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-8gpv-c454-3hfc
A Cross Site Scripting vulnerability in Alkacon OpenCms before 10.5.1 exists via cmis-online/type. 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-6f3j-w8c5-257p
Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-3h5f-583p-w5vj
2.4 (3.1)
1.9 (4.0)
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an un… 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-2887-f3v6-6rjf
A Cross Site Scripting vulnerability in Alkacon OpenCms before 16 exists via updateModelGroups.jsp. 2026-05-08T06:32:37Z 2026-05-08T06:32:37Z
ghsa-rw2q-pc53-f59p
7.3 (3.1)
5.5 (4.0)
A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown process… 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-qvg3-xf4r-fgqm
3.3 (3.1)
1.9 (4.0)
A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_bo… 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-q74f-j88c-7g46
2.0 (4.0)
An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local use… 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-pj2x-r6wc-476j
6.3 (3.1)
2.1 (4.0)
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects un… 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-m3gg-rqf2-7qcj
6.8 (4.0)
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a … 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-93h2-p56q-h6jc
7.3 (3.1)
5.5 (4.0)
A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unk… 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-7rvc-3rgf-7589
6.3 (3.1)
2.1 (4.0)
A vulnerability has been found in eladmin up to 2.7. Impacted is the function checkLevel of the fil… 2026-05-08T03:30:24Z 2026-05-08T03:30:24Z
ghsa-x7c4-pm53-48h6
4.3 (3.1)
2.1 (4.0)
A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nssele… 2026-05-08T03:30:23Z 2026-05-08T03:30:23Z
ghsa-w88m-grx2-xwvr
3.3 (3.1)
1.9 (4.0)
A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogs_sbi_stream_find_b… 2026-05-08T03:30:23Z 2026-05-08T03:30:23Z
ghsa-m782-cq9r-w5vf
4.3 (3.1)
2.1 (4.0)
A vulnerability has been found in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi… 2026-05-08T03:30:23Z 2026-05-08T03:30:23Z
ghsa-ghx3-pgmg-h9fc
4.3 (3.1)
2.1 (4.0)
A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogs_sbi_discovery_optio… 2026-05-08T03:30:23Z 2026-05-08T03:30:23Z
ghsa-fxh4-4qxc-cq82
4.3 (3.1)
2.1 (4.0)
A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogs_sbi_discovery_… 2026-05-08T03:30:23Z 2026-05-08T03:30:23Z
ghsa-m8jc-jjj9-hgc8
7.3 (3.1)
This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an… 2026-05-08T00:31:35Z 2026-05-08T00:31:35Z
ghsa-h65h-28xw-w79q
6.3 (3.1)
2.1 (4.0)
A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability af… 2026-05-08T00:31:35Z 2026-05-08T00:31:35Z
ghsa-935g-9rq5-q95c
5.3 (3.1)
5.5 (4.0)
A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an un… 2026-05-08T00:31:35Z 2026-05-08T00:31:35Z
ghsa-6f56-6pvf-gp4j
4.3 (3.1)
2.1 (4.0)
A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This iss… 2026-05-08T00:31:35Z 2026-05-08T00:31:35Z
ghsa-xqmx-3vx6-fm88
5.9 (4.0)
A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management … 2026-05-08T00:31:34Z 2026-05-08T00:31:34Z
ghsa-w548-vv26-rff6
7.9 (4.0)
A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server n… 2026-05-08T00:31:34Z 2026-05-08T00:31:34Z
ID Severity Description Package Published Updated
pysec-2025-34
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… picklescan 2025-04-24T01:15:49+00:00 2025-04-24T03:08:15.436691+00:00
pysec-2025-56
4.3 (3.1)
OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t… octoprint 2025-04-22T18:15:59+00:00 2025-06-27T17:22:53.513680+00:00
pysec-2025-41
9.8 (3.1)
PyTorch is a Python package that provides tensor computation with strong GPU acceleration… torch 2025-04-18T16:15:23+00:00 2025-05-28T15:23:37.843138+00:00
pysec-2025-35
7.5 (3.1)
Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… weblate 2025-04-15T21:16:04+00:00 2025-04-30T17:22:51.467257+00:00
pysec-2025-32
9.8 (3.1)
BentoML is a Python library for building online serving systems optimized for AI apps and… bentoml 2025-04-09T16:15:25+00:00 2025-04-22T19:21:34.073355+00:00
pysec-2025-36
9.8 (3.1)
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… langflow 2025-04-07T15:15:44+00:00 2025-05-07T19:22:44.993642+00:00
pysec-2025-16
7.5 (3.1)
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… lnbits 2025-04-06T20:15:15+00:00 2025-04-09T17:27:25.872691+00:00
pysec-2025-14
An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normal… django 2025-04-02T13:15:44+00:00 2025-04-09T17:27:25.169049+00:00
pysec-2025-48
9.8 (3.1)
Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm… mobsf 2025-03-31T17:15:42+00:00 2025-06-12T22:23:10.476087+00:00
pysec-2025-17
5.5 (3.1)
In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… mlflow 2025-03-20T10:15:54+00:00 2025-04-09T17:27:26.322333+00:00
pysec-2025-57
A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent… zenml 2025-03-20T10:15:48+00:00 2025-06-27T17:22:55.175431+00:00
pysec-2025-10
9.1 (3.1)
A vulnerability in the `download_model` function of the onnx/onnx framework, before and i… onnx 2025-03-20T10:15:37+00:00 2025-03-26T19:21:38.843396+00:00
pysec-2025-11
5.9 (3.1)
A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi… llama-index 2025-03-20T10:15:31+00:00 2025-04-01T23:22:47.294256+00:00
pysec-2025-9
A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through… invokeai 2025-03-20T10:15:26+00:00 2025-03-20T11:21:37.872971+00:00
pysec-2025-63
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe… vllm 2025-03-19T16:15:32+00:00 2025-07-01T23:22:49.176005+00:00
pysec-2025-22
9.8 (3.1)
A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… plotai 2025-03-10T14:15:24+00:00 2025-04-09T17:27:27.203714+00:00
pysec-2025-21
9.8 (3.1)
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… picklescan 2025-03-10T12:15:12+00:00 2025-04-09T17:27:27.016747+00:00
pysec-2025-20
6.5 (3.1)
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… picklescan 2025-03-10T12:15:10+00:00 2025-04-09T17:27:26.966215+00:00
pysec-2025-13
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2… django 2025-03-06T19:15:27+00:00 2025-04-09T17:27:25.095679+00:00
pysec-2025-23
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… ray 2025-03-06T05:15:16+00:00 2025-04-09T17:27:27.434099+00:00
pysec-2025-19
9.8 (3.1)
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … picklescan 2025-03-03T19:15:34+00:00 2025-04-09T17:27:26.916350+00:00
pysec-2025-25
6.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.532849+00:00
pysec-2025-24
7.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.486485+00:00
pysec-2025-15
5.3 (3.1)
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilde… flask-appbuilder 2025-03-03T16:15:41+00:00 2025-04-09T17:27:25.227116+00:00
pysec-2025-66
Improper privilege management in a REST interface allowed registered users to access unau… streampipes 2025-03-03T11:15:11+00:00 2025-07-08T15:23:46.628375+00:00
pysec-2025-18
picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… picklescan 2025-02-26T15:15:24+00:00 2025-04-09T17:27:26.867210+00:00
pysec-2025-31
vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.116292+00:00
pysec-2025-30
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.064106+00:00
pysec-2025-29
vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.005382+00:00
pysec-2025-62
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal… vllm 2025-02-07T20:15:34+00:00 2025-07-01T23:22:49.083695+00:00
ID Description Updated
ID Description Published Updated
mal-2026-3356 Malicious code in test-py-conn (PyPI) 2026-05-06T20:28:38Z 2026-05-06T20:28:38Z
mal-2026-3355 Malicious code in playwright-atoned (PyPI) 2026-05-06T20:07:00Z 2026-05-06T20:07:00Z
mal-2026-3354 Malicious code in playwright-acustomed (PyPI) 2026-05-06T13:46:28Z 2026-05-06T20:59:10Z
mal-2026-3353 Malicious code in money-badger-open-rpc (npm) 2026-05-06T09:15:52Z 2026-05-06T10:20:15Z
mal-2026-3352 Malicious code in carbonite-internal (npm) 2026-05-06T06:20:35Z 2026-05-06T06:20:35Z
mal-2026-3348 Malicious code in @rivianlabs/bedrock (npm) 2026-05-05T19:10:36Z 2026-05-05T19:10:36Z
mal-2026-3349 Malicious code in @rivianlabs/dc-fe-app-web-rivian-com (npm) 2026-05-05T19:03:30Z 2026-05-05T19:03:30Z
mal-2026-3351 Malicious code in @rivianlabs/dt-shop-bag-v0 (npm) 2026-05-05T19:00:46Z 2026-05-05T19:00:46Z
mal-2026-3350 Malicious code in @rivianlabs/dt-lib-lumberjack (npm) 2026-05-05T18:50:28Z 2026-05-05T18:50:28Z
mal-2026-3347 Malicious code in gemini-analyzer (PyPI) 2026-05-05T18:30:44Z 2026-05-05T19:38:21Z
mal-2026-3346 Malicious code in generator-go-circleci (npm) 2026-05-05T15:33:36Z 2026-05-05T15:33:36Z
mal-2026-3345 Malicious code in deployment-core (npm) 2026-05-05T15:33:36Z 2026-05-05T15:33:37Z
mal-2026-3344 Malicious code in @bold-commerce/stacks-ui (npm) 2026-05-05T15:27:44Z 2026-05-05T15:27:44Z
mal-2026-3343 Malicious code in @atlan/connectors (npm) 2026-05-05T15:27:44Z 2026-05-05T15:27:44Z
mal-2026-3341 Malicious code in runtime-probe (PyPI) 2026-05-05T15:20:52Z 2026-05-05T15:20:52Z
mal-2026-3342 Malicious code in runtime-readout (PyPI) 2026-05-05T15:14:31Z 2026-05-05T15:14:31Z
mal-2026-3340 Malicious code in trevlo (npm) 2026-05-05T11:51:48Z 2026-05-05T11:51:48Z
mal-2026-3339 Malicious code in nf-ui-components (npm) 2026-05-05T11:40:12Z 2026-05-05T11:40:13Z
mal-2026-3334 Malicious code in fanduel (npm) 2026-05-04T21:55:51Z 2026-05-04T21:55:51Z
mal-2026-3333 Malicious code in rogiant-quick-install (PyPI) 2026-05-04T21:10:00Z 2026-05-04T21:10:00Z
mal-2026-3332 Malicious code in rogiant (PyPI) 2026-05-04T20:53:10Z 2026-05-04T20:53:50Z
mal-2026-3331 Malicious code in lazyhtml-scripts (npm) 2026-05-04T19:42:20Z 2026-05-04T19:42:20Z
mal-2026-3338 Malicious code in ms.analytics-web (npm) 2026-05-04T19:06:03Z 2026-05-04T19:06:03Z
mal-2026-3329 Malicious code in api-typings (npm) 2026-05-04T16:46:38Z 2026-05-04T16:46:38Z
mal-2026-3330 Malicious code in seek-pass (npm) 2026-05-04T16:40:53Z 2026-05-04T16:40:53Z
mal-2026-3328 Malicious code in pocpoc2626 (npm) 2026-05-04T16:36:10Z 2026-05-04T17:38:11Z
mal-2026-3327 Malicious code in capacitor-plugin-service-worker (npm) 2026-05-04T16:15:46Z 2026-05-04T16:40:52Z
mal-2026-3336 Malicious code in @channel_bot/xa0 (npm) 2026-05-04T13:51:12Z 2026-05-04T23:51:15Z
mal-2026-3326 Malicious code in paychex-common-vendor-lib (npm) 2026-05-04T13:20:41Z 2026-05-04T13:20:41Z
mal-2026-3325 Malicious code in cloudauth-sdk (PyPI) 2026-05-04T11:30:49Z 2026-05-04T11:30:49Z
ID Description Published Updated
9akk108471a3623 RMC - 100 Vulnerabilities in web UI (REST Interface) 2025-07-03T00:30:00.000Z 2025-08-18T00:30:00.000Z
2crt000008 Lite Panel Pro Vulnerability in Session Management 2025-06-26T00:30:00.000Z 2025-06-26T00:30:00.000Z
9akk108471a1621 EIBPORT Session Management Fail 2025-06-02T00:30:00.000Z 2025-06-04T00:30:00.000Z
9akk108470a8948 ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway. 2025-05-29T00:30:00.000Z 2025-06-05T00:30:00.000Z
9akk108471a0021 ELSB/BLBA ASPECT advisory several CVEs 2025-05-22T00:30:00.000Z 2025-05-23T10:30:00.000Z
2crt000006 ANC – ABB Network Card Multiple vulnerabilities in ANC 2025-04-30T00:30:00.000Z 2025-04-30T00:30:00.000Z
3adr011407 ABB Automation Builder Vulnerabilities in user management and access control 2025-04-30T00:00:00.000Z 2025-07-25T00:00:00.000Z
2crt000007 Ekip Com IEC61850 Vulnerability in 3rd Party Library 2025-04-29T00:30:00.000Z 2025-04-29T00:30:00.000Z
3kxg200000r4801 CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability 2025-04-16T00:30:00.000Z 2025-10-20T00:30:00.000Z
9akk108470a9989 ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities 2025-04-10T08:30:00.000Z 2025-04-10T08:30:00.000Z
2nga002579 ABB Arctic communication solution ARM600 Vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
2nga002427 ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities 2025-04-07T10:30:00.000Z 2025-04-07T10:30:00.000Z
9akk108470a9494 Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
9akk108470a9491 ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities 2025-03-26T00:30:00.000Z 2025-03-27T00:30:00.000Z
sa24p015 B&R APROL Potential Privilege Escalation and Information Disclosure 2025-03-24T00:30:00.000Z 2025-03-24T00:30:00.000Z
9akk108470a8565 RMC-100 Vulnerability in the Web UI (REST Interface) 2025-03-11T00:30:00.000Z 2025-03-11T00:30:00.000Z
7paa012159 System 800xA 5.1.x, 6.0.3.x, 6.1.1.x, 6.2.x - VideONet Camera passwords stored in clear text 2025-02-10T00:30:00.000Z 2025-02-10T00:30:00.000Z
9akk108470a6775 Hardcoded credentials in ASPECT Energy Management System 2025-02-05T00:30:00.000Z 2025-02-06T00:30:00.000Z
9akk108470a5466 Drive Composer Path Traversal Vulnerability 2025-02-05T00:30:00.000Z 2025-01-10T00:30:00.000Z
9akk108470a5684 FLXeon Controllers Cyber Security Advisory 2025-01-20T00:30:00.000Z 2025-02-14T00:30:00.000Z
sa25p001 Automation Runtime and mapp View Use of insecure algorithm for self-signed certificates 2025-01-15T00:30:00.000Z 2025-01-16T00:30:00.000Z
3adr011377 AC500 V3 Multiple vulnerabilities 2025-01-07T00:30:00.000Z 2025-01-07T00:30:00.000Z
7paa013309 System 800xA SECURITY Advisory - ABB 800xA Base 6.0.x, 6.1.x CSLib communication DoS vulnerability 2024-06-05T00:30:00.000Z 2026-01-23T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-1118 Dell PowerProtect Data Domain OS: Mehrere Schwachstellen 2026-04-14T22:00:00.000+00:00 2026-04-19T22:00:00.000+00:00
wid-sec-w-2026-1084 BigBlueButton: Mehrere Schwachstellen 2026-04-13T22:00:00.000+00:00 2026-04-21T22:00:00.000+00:00
wid-sec-w-2026-1081 MinIO: Mehrere Schwachstellen ermöglichen Umgehen von Sicherheitsvorkehrungen 2026-04-13T22:00:00.000+00:00 2026-04-21T22:00:00.000+00:00
wid-sec-w-2026-1054 Apache log4net: Schwachstelle ermöglicht Manipulation von Dateien 2026-04-12T22:00:00.000+00:00 2026-04-14T22:00:00.000+00:00
wid-sec-w-2026-1047 Adobe Acrobat Reader: Schwachstelle ermöglicht Offenlegung von Informationen und Codeausführung 2026-04-09T22:00:00.000+00:00 2026-04-12T22:00:00.000+00:00
wid-sec-w-2026-1036 OpenCTI: Schwachstelle ermöglicht Codeausführung 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1035 OpenClaw: Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-28T22:00:00.000+00:00
wid-sec-w-2026-1027 LangChain: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1023 libpng: Schwachstelle ermöglicht Offenlegung von Informationen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1022 Juniper Patchday April 2026: Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1020 Intel Prozessoren (Pentium Silver Series, Celeron J Series, und Celeron N series): Schwachstelle ermöglicht Privilegieneskalation 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1012 SonicWall SMA1000 : Mehrere Schwachstellen 2026-04-08T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1006 Golang Go: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-1005 OpenClaw: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-28T22:00:00.000+00:00
wid-sec-w-2026-1002 Django: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0997 Mozilla Firefox und Thunderbird: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0995 OpenSSL: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0991 Apache ActiveMQ, Client, Broker und Web: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-15T22:00:00.000+00:00
wid-sec-w-2026-0982 OpenBSD: Schwachstelle ermöglicht nicht spezifizierten Angriff 2026-04-06T22:00:00.000+00:00 2026-04-07T22:00:00.000+00:00
wid-sec-w-2026-0980 OpenClaw: Mehrere Schwachstellen 2026-04-06T22:00:00.000+00:00 2026-04-28T22:00:00.000+00:00
wid-sec-w-2026-0967 Red Hat Enterprise Linux (fontforge): Schwachstelle ermöglicht Codeausführung 2026-04-06T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0966 Red Hat Enterprise Linux (crun): Schwachstelle ermöglicht Privilegieneskalation 2026-04-06T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0950 Linux Kernel: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-14T22:00:00.000+00:00
wid-sec-w-2026-0948 OpenClaw: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-28T22:00:00.000+00:00
wid-sec-w-2026-0939 cPanel cPanel/WHM (perl-YAML-Syck): Schwachstelle ermöglicht Codeausführung und DoS 2026-03-31T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0937 Google Chrome und Microsoft Edge: Mehrere Schwachstellen 2026-03-31T22:00:00.000+00:00 2026-04-06T22:00:00.000+00:00
wid-sec-w-2026-0930 OpenClaw: Mehrere Schwachstellen 2026-03-30T22:00:00.000+00:00 2026-04-28T22:00:00.000+00:00
wid-sec-w-2026-0915 Kyocera Drucker: Mehrere Schwachstellen 2026-03-30T22:00:00.000+00:00 2026-04-15T22:00:00.000+00:00
wid-sec-w-2026-0909 Tinyproxy: Schwachstelle ermöglicht Denial of Service 2026-03-29T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
wid-sec-w-2026-0904 vim: Schwachstelle ermöglicht Codeausführung 2026-03-29T22:00:00.000+00:00 2026-03-30T22:00:00.000+00:00
ID Description Published Updated
icsa-26-099-01 Contemporary Controls BASC 20T 2026-04-09T06:00:00.000000Z 2026-04-09T06:00:00.000000Z
va-26-097-02 IBM Maximo Application Suite Sensitive Tokens without 'Secure' Attribute 2026-04-07T20:51:13Z 2026-04-07T20:51:13Z
va-26-097-01 Thales Sentinel LDK Runtime Stored XSS 2026-04-07T20:50:15Z 2026-04-07T20:50:15Z
icsa-26-097-01 Mitsubishi Electric GENESIS64 and ICONICS Suite products 2026-04-07T00:00:00.000000Z 2026-04-07T06:00:00.000000Z
va-26-092-01 Bentley Systems iTwin Platform exposed access token 2026-04-02T17:11:43Z 2026-04-02T17:11:43Z
va-26-092-02 Zscaler Client Connector hard-coded proxy configuration domain 2026-04-02T13:54:30Z 2026-04-02T13:54:30Z
icsa-26-092-02 Yokogawa CENTUM VP 2026-04-02T06:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-090-02 PX4 Autopilot 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-26-090-01 Anritsu Remote Spectrum Monitor 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-26-085-02 OC Messaging and Custom Messaging Gateway 2026-03-26T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-092-01 Siemens SICAM 8 Products 2026-03-26T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
va-26-084-01 Nanoleaf Lines unauthenticated firmware file store 2026-03-25T00:00:00Z 2026-04-02T00:00:00Z
icsma-26-083-01 Grassroots DICOM (GDCM) 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-01 Pharos Controls Mosaic Show Controller 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-07 IGL-Technologies eParking.fi 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-078-06 CTEK Chargeportal 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-120-05 ABB AWIN Gateways 2026-03-13T00:30:00.000000Z 2026-04-30T06:00:00.000000Z
icsa-26-071-06 Inductive Automation Ignition Software 2026-03-12T06:00:00.000000Z 2026-03-13T06:00:00.000000Z
icsa-26-071-01 Trane Tracer SC, Tracer SC+, and Tracer Concierge 2026-03-12T06:00:00.000000Z 2026-03-12T06:00:00.000000Z
icsa-26-083-02 Schneider Electric EcoStruxure Foxboro DCS 2026-03-10T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-02 Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-01 Schneider Electric Modicon M241, M251, and M262 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-076-03 Schneider Electric EcoStruxure Data Center Expert 2026-03-10T07:00:00.000000Z 2026-03-17T06:00:00.000000Z
icsa-26-069-03 Honeywell IQ4x BMS Controller 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-02 Lantronix EDS3000PS and EDS5000 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-01 Apeman Cameras 2026-03-10T06:00:00.000000Z 2026-03-10T06:00:00.000000Z
icsa-26-069-04 Ceragon Siklu MultiHaul and EtherHaul Series 2026-03-10T05:00:00.000000Z 2026-03-10T05:00:00.000000Z
ID Description Published Updated
cisco-sa-vmanage-xss-zqkhp9w9 Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-scp-dos-duadxtcg Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-xss-lpgkzwtj Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iox-crlf-nvgktkjz Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe_infodis-6j847ueb Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-tls-dos-tvgldezl Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-iosxe-mntc-dos-lzweqcyq Cisco IOS XE Software Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-04-02T19:43:54+00:00
cisco-sa-iosxe-lobby-privesc-kwxbqjy Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-ios-http-dos-sbv8xrpl Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-bootp-wubhnbxa Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-asa-ftd-ios-dos-kpepqggk Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-xrncs-epni-int-dos-twmffusn Cisco IOS XR Egress Packet Network Interface Aligner Interrupt Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-isis-dos-kdmxpszk Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-iosxr-privesc-bf8d5u4w Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-cc-xss-mrnah5jh Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities 2026-03-11T16:00:00+00:00 2026-03-11T16:00:00+00:00
cisco-sa-snort3-multi-dos-xfwkwswz Multiple Cisco Products Snort 3 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-onprem-fmc-authbypass-5jpp45v2 Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftdfmc-dir-trav-wergjhwq Cisco Secure Firewall Management Center and Secure Firewall Threat Defense Software Path Traversal Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-tcp-dos-rhfqnwrg Cisco Secure Firewall Threat Defense Software TLS with Snort 3 Detection Engine Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-snort-bypass-rlggkzvf Cisco Secure Firewall Threat Defense Software Snort Deep Inspection Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-dnd-dos-bpecg7b7 Cisco Secure Firewall Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-ftd-cmd-inj-mtzgzexf Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-sql-injection-2qh6ccjd Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-fmc-rce-nkhnuljh Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability 2026-03-04T16:00:00+00:00 2026-03-25T14:21:24+00:00
cisco-sa-asaftd-webvpn-xss-uwjc4hr Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-vpn-m9sx6mbc Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-saml-lkttrwzp Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ospf-zh8phbsw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-luainject-vescqgms Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ikev2-dos-ebuegdeg Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-43216 net: Drop the lock in skb_may_tx_timestamp() 2026-05-02T00:00:00.000Z 2026-05-07T14:42:02.000Z
msrc_cve-2026-43213 wifi: rtw89: pci: validate sequence number of TX release report 2026-05-02T00:00:00.000Z 2026-05-07T14:41:51.000Z
msrc_cve-2026-43204 ASoC: qcom: q6asm: drop DSP responses for closed data streams 2026-05-02T00:00:00.000Z 2026-05-07T14:39:05.000Z
msrc_cve-2026-43201 APEI/GHES: ARM processor Error: don't go past allocated memory 2026-05-02T00:00:00.000Z 2026-05-07T01:08:28.000Z
msrc_cve-2026-43199 net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query 2026-05-02T00:00:00.000Z 2026-05-08T01:39:58.000Z
msrc_cve-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock() 2026-05-02T00:00:00.000Z 2026-05-08T01:43:19.000Z
msrc_cve-2026-43197 netconsole: avoid OOB reads, msg is not nul-terminated 2026-05-02T00:00:00.000Z 2026-05-07T14:40:06.000Z
msrc_cve-2026-43195 drm/amdgpu: validate user queue size constraints 2026-05-02T00:00:00.000Z 2026-05-08T01:39:28.000Z
msrc_cve-2026-43191 drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 2026-05-02T00:00:00.000Z 2026-05-07T14:40:51.000Z
msrc_cve-2026-43185 ksmbd: fix signededness bug in smb_direct_prepare_negotiation() 2026-05-02T00:00:00.000Z 2026-05-07T14:40:11.000Z
msrc_cve-2026-43176 wifi: rtw89: pci: validate release report content before using for RTL8922DE 2026-05-02T00:00:00.000Z 2026-05-07T14:39:00.000Z
msrc_cve-2026-43172 wifi: iwlwifi: fix 22000 series SMEM parsing 2026-05-02T00:00:00.000Z 2026-05-08T01:43:38.000Z
msrc_cve-2026-43165 hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin 2026-05-02T00:00:00.000Z 2026-05-07T14:41:36.000Z
msrc_cve-2026-43161 iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode 2026-05-02T00:00:00.000Z 2026-05-08T01:43:14.000Z
msrc_cve-2026-43153 xfs: remove xfs_attr_leaf_hasname 2026-05-02T00:00:00.000Z 2026-05-08T01:43:55.000Z
msrc_cve-2026-43137 ASoC: SOF: Intel: hda: Fix NULL pointer dereference 2026-05-02T00:00:00.000Z 2026-05-07T14:39:46.000Z
msrc_cve-2026-43131 drm/amd/pm: Fix null pointer dereference issue 2026-05-02T00:00:00.000Z 2026-05-07T14:39:11.000Z
msrc_cve-2026-43129 ima: verify the previous kernel's IMA buffer lies in addressable RAM 2026-05-02T00:00:00.000Z 2026-05-07T14:40:26.000Z
msrc_cve-2026-43127 ntfs3: fix circular locking dependency in run_unpack_ex 2026-05-02T00:00:00.000Z 2026-05-07T14:39:21.000Z
msrc_cve-2026-43126 ALSA: mixer: oss: Add card disconnect checkpoints 2026-05-02T00:00:00.000Z 2026-05-07T14:39:16.000Z
msrc_cve-2026-43125 dlm: validate length in dlm_search_rsb_tree 2026-05-02T00:00:00.000Z 2026-05-08T01:42:53.000Z
msrc_cve-2026-43119 Bluetooth: hci_sync: annotate data-races around hdev->req_status 2026-05-02T00:00:00.000Z 2026-05-08T01:39:44.000Z
msrc_cve-2026-43118 btrfs: fix zero size inode with non-zero size after log replay 2026-05-02T00:00:00.000Z 2026-05-07T01:07:05.000Z
msrc_cve-2026-43116 netfilter: ctnetlink: ensure safe access to master conntrack 2026-05-02T00:00:00.000Z 2026-05-08T01:44:02.000Z
msrc_cve-2026-43115 srcu: Use irq_work to start GP in tiny SRCU 2026-05-02T00:00:00.000Z 2026-05-07T14:39:51.000Z
msrc_cve-2026-43109 x86: shadow stacks: proper error handling for mmap lock 2026-05-02T00:00:00.000Z 2026-05-07T01:07:11.000Z
msrc_cve-2026-43107 xfrm: account XFRMA_IF_ID in aevent size calculation 2026-05-02T00:00:00.000Z 2026-05-07T14:41:06.000Z
msrc_cve-2026-43101 ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() 2026-05-02T00:00:00.000Z 2026-05-08T01:39:53.000Z
msrc_cve-2026-43088 net: af_key: zero aligned sockaddr tail in PF_KEY exports 2026-05-02T00:00:00.000Z 2026-05-07T01:08:44.000Z
msrc_cve-2026-43083 net: ioam6: fix OOB and missing lock 2026-05-02T00:00:00.000Z 2026-05-08T01:40:04.000Z
ID Description Published Updated
ncsc-2026-0105 Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights 2026-04-03T08:20:48.187725Z 2026-04-03T08:20:48.187725Z
ncsc-2026-0104 Kwetsbaarheden verholpen in Cisco IOS XE Software 2026-03-26T09:50:03.269095Z 2026-03-26T09:50:03.269095Z
ncsc-2026-0103 Kwetsbaarheden verholpen in GitLab 2026-03-26T09:48:10.874427Z 2026-03-26T09:48:10.874427Z
ncsc-2026-0102 Kwetsbaarheden verholpen in Apple macOS 2026-03-25T14:15:56.073353Z 2026-03-25T14:15:56.073353Z
ncsc-2026-0101 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-25T14:02:07.392994Z 2026-03-25T14:02:07.392994Z
ncsc-2026-0100 Kwetsbaarheden verholpen in Citrix Netscaler ADC en Netscaler Gateway 2026-03-23T13:43:30.957806Z 2026-03-23T13:43:30.957806Z
ncsc-2026-0099 Kwetsbaarheid verholpen in Oracle Identity Manager en Oracle Web Services Manager 2026-03-20T15:56:12.716324Z 2026-03-20T15:56:12.716324Z
ncsc-2026-0098 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-03-13T08:41:19.155490Z 2026-03-13T08:41:19.155490Z
ncsc-2026-0097 Kwetsbaarheden verholpen in Google Chrome 2026-03-13T08:33:43.877125Z 2026-03-13T08:33:43.877125Z
ncsc-2026-0096 Kwetsbaarheden verholpen in Veeam Backup & Replication 2026-03-12T14:54:08.200676Z 2026-03-12T14:54:08.200676Z
ncsc-2026-0095 Kwetsbaarheid verholpen in pac4j-jwt 2026-03-12T14:45:51.156512Z 2026-03-12T14:45:51.156512Z
ncsc-2026-0094 Kwetsbaarheden verholpen in Cisco IOS XR 2026-03-12T14:44:08.106602Z 2026-03-12T14:44:08.106602Z
ncsc-2026-0093 Kwetsbaarheden verholpen in GitLab 2026-03-12T14:42:46.936248Z 2026-03-12T14:42:46.936248Z
ncsc-2026-0092 Kwetsbaarheden verholpen in Fortinet FortiWeb 2026-03-12T07:46:15.529522Z 2026-03-12T07:46:15.529522Z
ncsc-2026-0091 Kwetsbaarheden verholpen in SAP-producten 2026-03-12T07:24:16.575638Z 2026-03-12T07:24:16.575638Z
ncsc-2026-0090 Kwetsbaarheden verholpen in Adobe Experience Manager 2026-03-12T07:12:51.952931Z 2026-03-12T07:12:51.952931Z
ncsc-2026-0089 Kwetsbaarheden verholpen in Adobe Acrobat Reader 2026-03-12T07:03:24.148324Z 2026-03-12T07:03:24.148324Z
ncsc-2026-0088 Kwetsbaarheden verholpen in Adobe Illustrator 2026-03-12T06:55:39.712240Z 2026-03-12T06:55:39.712240Z
ncsc-2026-0087 Kwetsbaarheden verholpen in Adobe Commerce 2026-03-12T06:49:56.459199Z 2026-03-12T06:49:56.459199Z
ncsc-2026-0086 Kwetsbaarheden verholpen in Fortinet FortiManager en FortiAnalyzer 2026-03-11T09:19:38.777277Z 2026-03-11T09:19:38.777277Z
ncsc-2026-0085 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-03-10T20:35:10.478398Z 2026-03-10T20:35:10.478398Z
ncsc-2026-0084 Kwetsbaarheden verholpen in Microsoft Office 2026-03-10T20:20:08.157658Z 2026-03-10T20:20:08.157658Z
ncsc-2026-0083 Kwetsbaarheid verholpen in Microsoft Authenticator app 2026-03-10T20:18:35.792755Z 2026-03-10T20:18:35.792755Z
ncsc-2026-0082 Kwetsbaarheden verholpen in Microsoft Azure 2026-03-10T20:15:41.528951Z 2026-03-10T20:15:41.528951Z
ncsc-2026-0081 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-03-10T20:12:56.032261Z 2026-03-10T20:12:56.032261Z
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ncsc-2026-0078 Kwetsbaarheden verholpen in Kibana 2026-03-05T09:36:49.056247Z 2026-03-05T09:36:49.056247Z
ncsc-2026-0077 Kwetsbaarheden verholpen in Cisco Secure Firewall systemen 2026-03-05T09:05:21.646499Z 2026-03-05T09:05:21.646499Z
ncsc-2026-0076 Kwetsbaarheden verholpen in Cisco Secure Firewall Management Center 2026-03-04T20:49:12.211658Z 2026-03-19T11:48:18.917205Z
ID Description Published Updated
nn-2023:11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:10-01 DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:8-01 Session Fixation in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:7-01 DoS via SAML configuration in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:6-01 Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:5-01 Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:4-01 Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:3-01 Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:2-01 Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2 2023-08-09T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_1-01 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 2023-05-03T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:1-01 Authenticated SQL Injection on Alerts in Guardian/CMC before 22.5.2 2023-05-03T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022_2-02 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022_2-01 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022:2-02 Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2022:2-01 Authenticated RCE on logo report upload in Guardian/CMC before 22.0.0 2022-02-14T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021_2-01 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021_1-01 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021:2-01 Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2021:1-01 Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4 2021-02-22T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020_3-01 Angular template injection on custom report name field 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020_2-01 Cross-site request forgery attack on change password form 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020:3-01 Angular template injection on custom report name field 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2020:2-01 Cross-site request forgery attack on change password form 2020-05-26T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10677-1 grafana-11.6.14+security01-2.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10676-1 golang-github-prometheus-prometheus-3.11.3-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10675-1 dpkg-1.22.22-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10674-1 curl-8.20.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10673-1 coredns-1.14.3-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10672-1 cmctl-2.5.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10671-1 bubblewrap-0.11.2-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10670-1 avahi-0.8-43.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10669-1 alloy-1.16.0-2.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10668-1 MozillaFirefox-150.0.1-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:20660-1 Security update for chromium 2026-05-01T22:48:13Z 2026-05-01T22:48:13Z
opensuse-su-2026:20664-1 Security update for MozillaThunderbird 2026-05-01T17:00:28Z 2026-05-01T17:00:28Z
opensuse-su-2026:10662-1 glibc-2.43-1.1 on GA media 2026-04-30T00:00:00Z 2026-04-30T00:00:00Z
opensuse-su-2026:10661-1 firefox-esr-140.10.1-1.1 on GA media 2026-04-30T00:00:00Z 2026-04-30T00:00:00Z
opensuse-su-2026:20654-1 Security update for grafana 2026-04-29T16:12:10Z 2026-04-29T16:12:10Z
opensuse-su-2026:20652-1 Security update for openexr 2026-04-29T14:35:24Z 2026-04-29T14:35:24Z
opensuse-su-2026:20651-1 Security update for ntfs-3g_ntfsprogs 2026-04-29T14:19:47Z 2026-04-29T14:19:47Z
opensuse-su-2026:20650-1 Security update for python-PyNaCl 2026-04-29T14:17:40Z 2026-04-29T14:17:40Z
opensuse-su-2026:20647-1 Security update for libssh 2026-04-29T11:20:23Z 2026-04-29T11:20:23Z
opensuse-su-2026:20646-1 Security update for PackageKit 2026-04-29T09:45:23Z 2026-04-29T09:45:23Z
opensuse-su-2026:20653-1 Security update for radare2 2026-04-29T08:45:46Z 2026-04-29T08:45:46Z
opensuse-su-2026:20645-1 Security update for python-Mako 2026-04-29T08:17:18Z 2026-04-29T08:17:18Z
opensuse-su-2026:20644-1 Security update for python-jwcrypto 2026-04-29T08:15:26Z 2026-04-29T08:15:26Z
opensuse-su-2026:10652-1 gvim-9.2.0398-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10651-1 trivy-0.70.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10650-1 libtiff-devel-32bit-4.7.1-5.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10649-1 sed-4.10-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10648-1 python315-3.15.0~a8-3.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10647-1 python310-3.10.20-6.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10646-1 python311-pyOpenSSL-26.1.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
ID Description Published Updated
ID Description Published Updated
rhsa-2026:14655 Red Hat Security Advisory: LibRaw security update 2026-05-07T04:41:48+00:00 2026-05-07T08:28:38+00:00
rhsa-2026:14437 Red Hat Security Advisory: sudo security update 2026-05-06T22:25:43+00:00 2026-05-07T02:29:04+00:00
rhsa-2026:14339 Red Hat Security Advisory: kernel security update 2026-05-06T21:19:48+00:00 2026-05-08T02:25:48+00:00
rhsa-2026:14391 Red Hat Security Advisory: Red Hat build of Cryostat security update 2026-05-06T21:10:06+00:00 2026-05-07T16:08:48+00:00
rhsa-2026:13727 Red Hat Security Advisory: OpenShift Container Platform 4.18.40 bug fix and security update 2026-05-06T20:47:28+00:00 2026-05-08T02:25:40+00:00
rhsa-2026:13736 Red Hat Security Advisory: OpenShift Container Platform 4.18.40 bug fix and security update 2026-05-06T19:58:31+00:00 2026-05-06T20:17:30+00:00
rhsa-2026:14303 Red Hat Security Advisory: thunderbird security update 2026-05-06T19:20:17+00:00 2026-05-07T21:42:23+00:00
rhsa-2026:14301 Red Hat Security Advisory: kernel-rt security update 2026-05-06T18:51:08+00:00 2026-05-08T02:25:24+00:00
rhsa-2026:14276 Red Hat Security Advisory: Red Hat AMQ Broker 7.12.7 release and security update 2026-05-06T17:59:07+00:00 2026-05-07T18:08:25+00:00
rhsa-2026:14272 Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update 2026-05-06T17:58:57+00:00 2026-05-07T18:08:20+00:00
rhsa-2026:14230 Red Hat Security Advisory: kernel security update 2026-05-06T17:34:12+00:00 2026-05-08T02:25:47+00:00
rhsa-2026:14228 Red Hat Security Advisory: sudo security update 2026-05-06T17:20:12+00:00 2026-05-07T02:28:31+00:00
rhsa-2026:14223 Red Hat Security Advisory: thunderbird security update 2026-05-06T16:58:32+00:00 2026-05-07T21:42:22+00:00
rhsa-2026:14224 Red Hat Security Advisory: LibRaw security update 2026-05-06T16:52:12+00:00 2026-05-07T08:28:37+00:00
rhsa-2026:14213 Red Hat Security Advisory: corosync security update 2026-05-06T16:44:11+00:00 2026-05-06T20:40:43+00:00
rhsa-2026:14212 Red Hat Security Advisory: corosync security update 2026-05-06T16:37:32+00:00 2026-05-06T20:40:50+00:00
rhsa-2026:14216 Red Hat Security Advisory: corosync security update 2026-05-06T16:30:52+00:00 2026-05-06T20:40:48+00:00
rhsa-2026:14214 Red Hat Security Advisory: corosync security update 2026-05-06T16:26:06+00:00 2026-05-06T20:40:46+00:00
rhsa-2026:14210 Red Hat Security Advisory: corosync security update 2026-05-06T16:21:57+00:00 2026-05-06T20:40:45+00:00
rhsa-2026:14215 Red Hat Security Advisory: corosync security update 2026-05-06T16:18:02+00:00 2026-05-06T20:40:47+00:00
rhsa-2026:14211 Red Hat Security Advisory: corosync security update 2026-05-06T16:14:02+00:00 2026-05-06T20:40:45+00:00
rhsa-2026:14217 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update 2026-05-06T15:56:53+00:00 2026-05-07T21:41:01+00:00
rhsa-2026:14205 Red Hat Security Advisory: corosync security update 2026-05-06T15:54:12+00:00 2026-05-06T20:40:44+00:00
rhsa-2026:14200 Red Hat Security Advisory: git-lfs security update 2026-05-06T15:34:47+00:00 2026-05-07T15:36:01+00:00
rhsa-2026:13690 Red Hat Security Advisory: OpenShift Container Platform 4.19.30 bug fix and security update 2026-05-06T14:18:17+00:00 2026-05-08T02:25:38+00:00
rhsa-2026:14165 Red Hat Security Advisory: kernel security update 2026-05-06T14:14:57+00:00 2026-05-08T02:25:46+00:00
rhsa-2026:13862 Red Hat Security Advisory: OpenShift Container Platform 4.20.21 bug fix and security update 2026-05-06T14:06:02+00:00 2026-05-08T02:25:43+00:00
rhsa-2026:14162 Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.3 release 2026-05-06T13:54:24+00:00 2026-05-07T21:44:20+00:00
rhsa-2026:14137 Red Hat Security Advisory: kernel-rt security update 2026-05-06T13:41:11+00:00 2026-05-08T02:25:33+00:00
rhsa-2026:12282 Red Hat Security Advisory: OpenShift Container Platform 4.12.88 bug fix and security update 2026-05-06T13:32:35+00:00 2026-05-08T09:02:02+00:00
ID Description Published Updated
sevd-2025-189-01 EcoStruxure™ IT Data Center Expert 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-03 EVLink WallBox 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-02 Modicon Controllers M241/M251/M258/LMC058/M262 2025-06-10T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-161-01 Insight Home and Insight Facility 2025-06-10T04:00:00.000Z 2025-06-10T04:00:00.000Z
sevd-2025-133-05 Galaxy VS, Galaxy VL, Galaxy VXL 2025-05-13T04:00:00.000Z 2025-09-24T04:00:00.000Z
sevd-2025-133-04 Schneider Electric PrismaSeT Active - Wireless Panel Server 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-03 EcoStruxure Power Build Rapsody 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-02 Wiser Home Automation 2025-05-13T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-133-01 Modicon Controllers M241/M251/M258/LMC058 2025-05-13T04:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-098-02 Trio™ Q Licensed Data Radios 2025-04-08T04:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-098-01 ConneXium Network Manager Software 2025-04-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-070-03 WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-02 EPAS-UI & EcoSUI 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-01 EcoStruxure™ Panel Server 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-042-04 Enerlin'X IFE and eIFE 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-03 EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-01 ASCO 5310 / 5350 Remote Annunciator 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-02 Improper Input Validation Vulnerability in Uni-Telway Driver 2025-02-11T05:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-014-07 FlexNet Publisher Vulnerability 2025-01-14T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-014-03 Wind River VxWorks DHCP Server Vulnerability 2025-01-14T05:00:00.000Z 2025-08-12T04:00:00.000Z
sevd-2025-014-01 Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC 2025-01-14T05:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-014-09 EcoStruxure™ Power Build Rapsody 2025-01-14T00:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-014-08 Power Logic HDPM6000 High-Density Metering System 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-06 RemoteConnect and SCADAPack™ x70 Utilities 2025-01-14T00:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2025-014-05 Web Server on Modicon M340, Modbus/TCP Ethernet Modicon M340 module, Modbus/TCP Ethernet Modicon M340 FactoryCast module and Ethernet / Serial RTU communication modules 2025-01-14T00:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2025-014-04 Web Designer for Modicon Communication Modules 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-02 Pro-face GP-Pro EX and Remote HMI 2025-01-14T00:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2024-345-03 Modicon M241 / M251 / M258 / LMC058 2024-12-10T05:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2024-345-02 Harmony HMI and Pro-face HMI products 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-345-01 PowerChute Serial Shutdown 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
ID Description Published Updated
sca-2023-0008 Vulnerability in SICK SIM1012 2023-09-29T13:00:00.000Z 2023-09-29T13:00:00.000Z
sca-2023-0009 Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products 2023-09-29T10:00:00.000Z 2023-09-29T10:00:00.000Z
sca-2023-0007 Vulnerabilities in SICK LMS5xx 2023-08-25T11:00:00.000Z 2023-08-25T11:00:00.000Z
sca-2023-0006 Vulnerabilities in SICK ICR890-4 2023-07-10T13:00:00.000Z 2023-07-10T13:00:00.000Z
sca-2023-0005 Vulnerabilities in SICK EventCam App 2023-06-19T11:00:00.000Z 2023-06-19T11:00:00.000Z
sca-2023-0004 Vulnerabilities in SICK FTMg 2023-05-11T13:00:00.000Z 2023-05-11T13:00:00.000Z
sca-2023-0003 Vulnerability in SICK Flexi Soft and Flexi Classic Gateways 2023-05-03T13:00:00.000Z 2023-05-03T13:00:00.000Z
sca-2023-0002 Use of Telnet in multiple SICK Flexi Soft and Flexi Classic Gateways 2023-04-11T10:00:00.000Z 2023-04-11T10:00:00.000Z
sca-2023-0001 Bootloader mode vulnerability in Flexi Soft Gateways v3 2023-02-20T14:00:00.000Z 2023-02-20T14:00:00.000Z
sca-2022-0015 Use of a Broken or Risky Cryptographic Algorithm in SICK RFU6xx RADIO FREQUEN. SENSOR 2022-12-08T16:00:00.000Z 2022-12-08T16:00:00.000Z
sca-2022-0014 SICK FlexiCompact affected by Denial of Service vulnerability 2022-10-31T11:00:00.000Z 2022-10-31T11:00:00.000Z
sca-2022-0013 Password recovery vulnerability affects multiple SICK SIMs 2022-10-21T13:00:00.000Z 2022-11-04T14:00:00.000Z
sca-2022-0012 OpenSSL vulnerability affects multiple SICK SIMs 2022-08-08T13:00:00.000Z 2022-08-03T13:00:00.000Z
sca-2022-0011 Vulnerabilities in SICK Package Analytics 2022-06-08T15:00:00.000Z 2022-06-08T15:00:00.000Z
sca-2022-0010 Vulnerability in SICK Flexi Soft Designer & Safety Designer 2022-05-16T10:00:00.000Z 2022-07-19T10:00:00.000Z
sca-2022-0009 Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET 2022-04-29T15:00:00.000Z 2022-04-29T15:00:00.000Z
sca-2022-0008 Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3 2022-04-29T15:00:00.000Z 2022-04-29T15:00:00.000Z
sca-2022-0007 Vulnerabilities in SICK MARSIC300 2022-04-21T15:00:00.000Z 2022-04-21T15:00:00.000Z
sca-2022-0006 Vulnerability in SICK MSC800 2022-04-11T15:00:00.000Z 2022-04-11T15:00:00.000Z
sca-2022-0005 Vulnerability in SICK Overall Equipment Effectiveness (OEE) 2022-04-11T15:00:00.000Z 2022-04-11T15:00:00.000Z
sca-2022-0004 Microsoft vulnerability affects multiple SICK IPCs with SICK MEAC 2022-04-11T15:00:00.000Z 2022-03-31T15:00:00.000Z
sca-2022-0003 Vulnerabilities in SICK FTMg 2022-03-31T15:00:00.000Z 2022-03-31T15:00:00.000Z
sca-2022-0002 PwnKit vulnerability affects multiple SICK IPCs 2022-02-23T16:00:00.000Z 2022-02-23T16:00:00.000Z
sca-2022-0001 Vulnerability in SICK FieldEcho 2022-02-17T16:00:00.000Z 2022-02-17T16:00:00.000Z
sca-2021-0004 Vulnerabilities in SICK SOPAS ET 2021-12-16T08:00:00.000Z 2021-12-17T08:00:00.000Z
sca-2021-0003 SICK Security Advisory for Apache Log4j (CVE-2021-44228) 2021-12-14T17:00:00.000Z 2021-12-17T12:00:00.000Z
sca-2021-0002 MEAC affected by Windows SMBv1 vulnerability 2021-08-04T10:00:00.000Z 2021-08-04T10:00:00.000Z
sca-2021-0001 Inadequate SSH configuration in SICK Visionary-S CX 2021-06-25T10:00:00.000Z 2021-06-25T10:00:00.000Z
sca-2020-0005 Package Analytics affected by Windows TCP/IP vulnerability 2020-10-29T11:00:00.000Z 2020-10-29T11:00:00.000Z
sca-2020-0004 Vulnerability in Platform Mechanism AutoIP 2020-08-31T10:00:00.000Z 2020-08-31T10:00:00.000Z
ID Description Published Updated
ssa-882673 SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-868571 SSA-868571: Missing Server Certificate Validation in IAM Client 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-763474 SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-734261 SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-710408 SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-626856 SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-471761 SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-420375 SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-416652 SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-356310 SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-212953 SSA-212953: Multiple Vulnerabilities in COMOS 2025-12-09T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-202008 SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-241605 SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-190588 SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-682326 SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-522291 SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-514895 SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-365596 SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-339694 SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-267056 SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-201498 SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-599451 SSA-599451: Multiple Vulnerabilities in SiPass integrated 2025-10-14T00:00:00Z 2026-02-10T00:00:00Z
ssa-541582 SSA-541582: Multiple File Parsing Vulnerabilities in Solid Edge 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-486936 SSA-486936: Authentication Vulnerability in SIMATIC ET 200SP Communication Processors 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-365200 SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products 2025-10-14T00:00:00Z 2026-01-13T00:00:00Z
ssa-318832 SSA-318832: SQL Injection Vulnerability in SINEC NMS 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-062309 SSA-062309: Information Disclosure Vulnerability in TeleControl Server Basic V3.1 2025-10-14T00:00:00Z 2025-10-14T00:00:00Z
ssa-916339 SSA-916339: Information Disclosure Vulnerability in Apogee PXC and Talon TC Devices 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ssa-722410 SSA-722410: Multiple Vulnerabilities in User Management Component (UMC) 2025-09-09T00:00:00Z 2025-10-14T00:00:00Z
ssa-640476 SSA-640476: Denial of Service Vulnerability in Industrial Edge Management 2025-09-09T00:00:00Z 2025-09-09T00:00:00Z
ID Description Published Updated
suse-su-2026:1708-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) 2026-05-06T11:04:10Z 2026-05-06T11:04:10Z
suse-su-2026:1706-1 Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5) 2026-05-06T10:28:45Z 2026-05-06T10:28:45Z
suse-su-2026:1705-1 Security update for java-21-openjdk 2026-05-06T10:28:38Z 2026-05-06T10:28:38Z
suse-su-2026:1704-1 Security update for java-25-openjdk 2026-05-06T10:28:14Z 2026-05-06T10:28:14Z
suse-su-2026:1703-1 Security update for java-11-openjdk 2026-05-06T08:45:01Z 2026-05-06T08:45:01Z
suse-su-2026:1702-1 Security update for libpng12 2026-05-06T07:42:57Z 2026-05-06T07:42:57Z
suse-su-2026:1701-1 Security update for PackageKit 2026-05-06T07:42:44Z 2026-05-06T07:42:44Z
suse-su-2026:1700-1 Security update for PackageKit 2026-05-06T07:42:33Z 2026-05-06T07:42:33Z
suse-su-2026:1699-1 Security update for sed 2026-05-06T07:26:44Z 2026-05-06T07:26:44Z
suse-su-2026:1698-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) 2026-05-06T01:49:45Z 2026-05-06T01:49:45Z
suse-su-2026:1694-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP7) 2026-05-05T23:19:07Z 2026-05-05T23:19:07Z
suse-su-2026:21505-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T14:58:33Z 2026-05-05T14:58:33Z
suse-su-2026:21491-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T14:58:33Z 2026-05-05T14:58:33Z
suse-su-2026:21492-1 Security update for openCryptoki 2026-05-05T13:42:13Z 2026-05-05T13:42:13Z
suse-su-2026:21504-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:36:02Z 2026-05-05T13:36:02Z
suse-su-2026:21485-1 Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:36:02Z 2026-05-05T13:36:02Z
suse-su-2026:21490-1 Security update for containerd 2026-05-05T13:35:46Z 2026-05-05T13:35:46Z
suse-su-2026:21503-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:18:42Z 2026-05-05T13:18:42Z
suse-su-2026:21484-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:18:42Z 2026-05-05T13:18:42Z
suse-su-2026:21517-1 Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:18:14Z 2026-05-05T13:18:14Z
suse-su-2026:21489-1 Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:18:14Z 2026-05-05T13:18:14Z
suse-su-2026:21502-1 Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:15:07Z 2026-05-05T13:15:07Z
suse-su-2026:21501-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:15:07Z 2026-05-05T13:15:07Z
suse-su-2026:21488-1 Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:15:07Z 2026-05-05T13:15:07Z
suse-su-2026:21487-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:15:07Z 2026-05-05T13:15:07Z
suse-su-2026:21500-1 Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:14:11Z 2026-05-05T13:14:11Z
suse-su-2026:21486-1 Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:14:11Z 2026-05-05T13:14:11Z
suse-su-2026:21499-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:11:23Z 2026-05-05T13:11:23Z
suse-su-2026:21483-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:11:23Z 2026-05-05T13:11:23Z
suse-su-2026:21498-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) 2026-05-05T13:10:44Z 2026-05-05T13:10:44Z
ID Description Published Updated
alsa-2026:12423 Important: libcap security update 2026-04-30T00:00:00Z 2026-05-01T12:09:19Z
alsa-2026:12310 Important: sudo security update 2026-04-30T00:00:00Z 2026-05-01T06:38:28Z
alsa-2026:12285 Important: thunderbird security update 2026-04-30T00:00:00Z 2026-05-03T15:58:32Z
alsa-2026:12271 Important: libtiff security update 2026-04-30T00:00:00Z 2026-05-01T06:49:54Z
alsa-2026:12265 Important: libtiff security update 2026-04-30T00:00:00Z 2026-05-01T12:12:41Z
alsa-2026:12176 Important: fence-agents security update 2026-04-30T00:00:00Z 2026-04-30T11:54:21Z
alsa-2026:11692 Important: xorg-x11-server security update 2026-04-29T00:00:00Z 2026-04-30T07:07:01Z
alsa-2026:11656 Important: xorg-x11-server-Xwayland security update 2026-04-29T00:00:00Z 2026-04-30T07:03:37Z
alsa-2026:11635 Important: PackageKit security update 2026-04-29T00:00:00Z 2026-04-29T12:49:50Z
alsa-2026:11521 Important: sudo security update 2026-04-29T00:00:00Z 2026-04-29T09:51:31Z
alsa-2026:11510 Important: vim security update 2026-04-29T00:00:00Z 2026-04-29T10:04:42Z
alsa-2026:11509 Important: vim security update 2026-04-29T00:00:00Z 2026-04-30T07:09:12Z
alsa-2026:11504 Important: PackageKit security update 2026-04-29T00:00:00Z 2026-04-30T08:54:32Z
alsa-2026:11413 Important: yggdrasil security update 2026-04-28T00:00:00Z 2026-04-29T11:31:50Z
alsa-2026:11412 Important: yggdrasil-worker-package-manager security update 2026-04-28T00:00:00Z 2026-04-29T11:33:24Z
alsa-2026:11389 Important: vim security update 2026-04-28T00:00:00Z 2026-04-29T08:41:26Z
alsa-2026:11388 Important: xorg-x11-server security update 2026-04-28T00:00:00Z 2026-04-29T08:43:57Z
alsa-2026:11369 Important: xorg-x11-server-Xwayland security update 2026-04-28T00:00:00Z 2026-04-29T08:45:59Z
alsa-2026:11360 Important: LibRaw security update 2026-04-28T00:00:00Z 2026-04-29T08:47:37Z
alsa-2026:11352 Important: xorg-x11-server-Xwayland security update 2026-04-28T00:00:00Z 2026-04-29T08:49:14Z
alsa-2026:11349 Moderate: libxml2 security update 2026-04-28T00:00:00Z 2026-04-29T08:51:02Z
alsa-2026:11077 Important: python3 security update 2026-04-27T00:00:00Z 2026-04-29T09:05:11Z
alsa-2026:11062 Important: python3.11 security update 2026-04-27T00:00:00Z 2026-04-28T13:42:34Z
alsa-2026:10950 Important: python3.12 security update 2026-04-27T00:00:00Z 2026-04-28T13:40:19Z
alsa-2026:10949 Important: python3.9 security update 2026-04-27T00:00:00Z 2026-04-28T13:38:08Z
alsa-2026:10774 Important: python3.11 security update 2026-04-27T00:00:00Z 2026-04-28T13:35:54Z
alsa-2026:10767 Important: firefox security update 2026-04-27T00:00:00Z 2026-04-29T08:55:20Z
alsa-2026:10766 Important: firefox security update 2026-04-27T00:00:00Z 2026-04-29T08:56:50Z
alsa-2026:10758 Important: sudo security update 2026-04-27T00:00:00Z 2026-04-28T13:33:57Z
alsa-2026:10757 Important: firefox security update 2026-04-27T00:00:00Z 2026-04-29T08:58:25Z
ID Description Published Updated
hsec-2023-0003 code injection in xmonad-contrib 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0002 Improper Verification of Cryptographic Signature 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0001 Hash flooding vulnerability in aeson 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
ID Description Published Updated
osv-2026-461 UNKNOWN READ in XRef::constructObjectEntry 2026-03-26T00:17:47.551046Z 2026-03-26T00:17:47.551361Z
osv-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit 2026-03-25T00:20:51.448743Z 2026-03-25T00:20:51.449185Z
osv-2026-437 Heap-use-after-free in tf::Executor::_invoke 2026-03-23T00:02:28.277984Z 2026-03-23T14:25:41.819255Z
osv-2026-417 Segv on unknown address in arrow::Array::IsNull 2026-03-18T00:18:35.139866Z 2026-03-18T00:18:35.140154Z
osv-2026-371 Heap-buffer-overflow in tinyobj::tryParseDouble 2026-03-09T00:09:41.689616Z 2026-03-09T00:09:41.689926Z
osv-2026-359 Segv on unknown address in gpsd_vlog 2026-03-07T00:03:40.062221Z 2026-03-07T00:03:40.062505Z
osv-2026-350 UNKNOWN READ in bfd_getl32 2026-03-04T00:14:56.651284Z 2026-03-14T18:43:19.427139Z
osv-2026-344 UNKNOWN READ in void Assimp::Blender::ConvertDispatcher<float> 2026-03-03T00:20:14.572365Z 2026-03-03T00:20:14.572706Z
osv-2026-341 Security exception in com.code_intelligence.jazzer.sanitizers.RegexInjection.hookInternal 2026-03-03T00:17:38.109294Z 2026-03-03T00:17:38.109635Z
osv-2026-338 Use-of-uninitialized-value in pjsip_auth_clt_init_req 2026-03-03T00:09:55.520965Z 2026-03-03T00:09:55.521245Z
osv-2026-311 UNKNOWN READ in strncasecmp 2026-02-26T00:16:50.091819Z 2026-02-26T00:16:50.092121Z
osv-2026-308 Heap-buffer-overflow in vcardstructured_new_from_string 2026-02-25T00:19:49.963815Z 2026-02-25T00:19:49.964188Z
osv-2026-307 Global-buffer-overflow in navcom_parse 2026-02-25T00:16:23.864362Z 2026-02-25T00:16:23.864694Z
osv-2026-304 Heap-use-after-free in tf::Executor::_invoke 2026-02-25T00:09:10.290694Z 2026-02-25T00:09:10.291030Z
osv-2026-302 Use-of-uninitialized-value in BIO_new_file 2026-02-25T00:07:20.338981Z 2026-02-25T00:07:20.339278Z
osv-2026-300 UNKNOWN WRITE in nmeaid_to_prn 2026-02-25T00:06:00.225480Z 2026-02-25T00:06:00.225972Z
osv-2026-297 Security exception in org.apache.poi.util.IOUtils.safelyAllocate 2026-02-24T00:02:29.789817Z 2026-02-24T00:02:29.790144Z
osv-2026-292 UNKNOWN WRITE in <wasmtime::runtime::func::Func>::call_unchecked_raw::< 2026-02-23T00:19:15.717984Z 2026-02-23T00:19:15.718280Z
osv-2026-272 Heap-use-after-free in vcardproperty_get_value 2026-02-21T00:20:10.455944Z 2026-02-21T00:20:10.456357Z
osv-2026-261 Segv on unknown address in ___interceptor_strtol 2026-02-19T00:09:21.893775Z 2026-02-19T00:09:21.894076Z
osv-2026-259 Use-of-uninitialized-value in tsip_parse_input 2026-02-18T00:14:29.378028Z 2026-02-18T00:14:29.378341Z
osv-2026-255 UNKNOWN WRITE in nmeaid_to_prn 2026-02-17T00:17:19.574579Z 2026-02-17T00:17:19.574905Z
osv-2026-244 Use-of-uninitialized-value in ihevcd_fmt_conv 2026-02-15T00:03:36.246033Z 2026-02-15T00:03:36.246568Z
osv-2026-242 Use-of-uninitialized-value in ntrip_parse_url 2026-02-14T00:17:42.945923Z 2026-02-14T00:17:42.946299Z
osv-2026-240 Use-of-uninitialized-value in packet_get1 2026-02-14T00:09:50.559032Z 2026-02-14T00:09:50.559326Z
osv-2026-229 Segv on unknown address in aiAnimation::~aiAnimation 2026-02-11T00:12:18.313233Z 2026-02-11T00:12:18.313574Z
osv-2026-226 UNKNOWN WRITE in decode_xa2_00 2026-02-11T00:10:08.757600Z 2026-02-11T00:10:08.757920Z
osv-2026-216 Heap-buffer-overflow in mg_mqtt_next_prop 2026-02-10T00:08:51.349946Z 2026-02-11T14:08:38.238200Z
osv-2026-215 UNKNOWN READ in getTypeCacheHashTableBucket 2026-02-10T00:07:25.477890Z 2026-02-10T00:07:25.478286Z
osv-2026-212 UNKNOWN READ in gpsd_poll 2026-02-09T00:15:09.775765Z 2026-02-09T00:15:09.776491Z
ID Description Published Updated
rustsec-2026-0091 Out-of-bounds write or crash when transcoding component model strings 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0090 Use-after-free bug after cloning `wasmtime::Linker` 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0089 Host panic when Winch compiler executes `table.fill` 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0088 Data leakage between pooling allocator instances 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0087 Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0086 Host data leakage with 64-bit tables and Winch 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0085 Panic when lifting `flags` component value 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0084 `logprinter` was removed from crates.io for malicious code 2026-04-09T12:00:00Z 2026-04-09T11:23:07Z
rustsec-2026-0083 zantetsu-trainer is unmaintained 2026-04-07T12:00:00Z 2026-04-08T08:55:27Z
rustsec-2026-0082 zantetsu-ffi is unmaintained 2026-04-07T12:00:00Z 2026-04-08T08:55:27Z
rustsec-2026-0081 `logtrace` was removed from crates.io for malicious code 2026-04-05T12:00:00Z 2026-04-05T23:52:05Z
rustsec-2026-0078 Symbol confusion after hasher panic in `intaglio` interners 2026-03-30T12:00:00Z 2026-04-25T07:25:22Z
rustsec-2026-0065 `tokio-signal` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0064 `tokio-udp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0063 `tokio-executor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0062 `tokio-compat` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0061 `tokio-fs` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0060 `tokio-timer` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0059 `tokio-tcp` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0058 `tokio-io` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0057 `tokio-reactor` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0056 `tokio-codec` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0055 `tokio-process` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0054 `tokio-current-thread` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0053 `tokio-tls` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0052 `tokio-sync` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0051 `tokio-threadpool` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0050 `tokio-uds` is unmaintained 2026-03-20T12:00:00Z 2026-03-20T22:26:59Z
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
ID Description Published Updated
bit-jre-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes 2026-05-08T05:47:30.500Z 2026-05-08T06:11:36.072Z
bit-jre-2025-61748 2026-05-08T05:47:29.144Z 2026-05-08T06:11:36.072Z
bit-jre-2025-6052 Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring 2026-05-08T05:47:27.428Z 2026-05-08T06:11:36.072Z
bit-jre-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2 2026-05-08T05:47:25.732Z 2026-05-08T06:11:36.072Z
bit-jre-2025-53066 2026-05-08T05:47:24.374Z 2026-05-08T06:11:36.072Z
bit-jre-2025-53057 2026-05-08T05:47:23.090Z 2026-05-08T06:11:36.072Z
bit-jre-2025-50106 2026-05-08T05:47:21.548Z 2026-05-08T06:11:36.072Z
bit-jre-2025-50063 2026-05-08T05:47:19.959Z 2026-05-08T06:11:36.072Z
bit-jre-2025-50059 2026-05-08T05:47:18.354Z 2026-05-08T06:11:36.072Z
bit-jre-2025-47219 2026-05-08T05:47:16.770Z 2026-05-08T06:11:36.072Z
bit-jre-2025-43457 2026-05-08T05:47:15.209Z 2026-05-08T06:11:36.072Z
bit-jre-2025-32415 2026-05-08T05:47:13.623Z 2026-05-08T06:11:36.072Z
bit-jre-2025-32414 2026-05-08T05:47:12.215Z 2026-05-08T06:11:36.072Z
bit-jre-2025-30761 2026-05-08T05:47:10.677Z 2026-05-08T06:11:36.072Z
bit-jre-2025-30754 2026-05-08T05:47:09.070Z 2026-05-08T06:11:36.072Z
bit-jre-2025-30752 2026-05-08T05:47:07.297Z 2026-05-08T06:11:36.072Z
bit-jre-2025-30749 2026-05-08T05:47:05.600Z 2026-05-08T06:11:36.072Z
bit-jre-2025-30698 2026-05-08T05:47:03.777Z 2026-05-08T06:11:36.072Z
bit-jre-2025-30691 2026-05-08T05:47:02.114Z 2026-05-08T06:11:36.072Z
bit-jre-2025-27113 2026-05-08T05:47:00.707Z 2026-05-08T06:11:36.072Z
bit-jre-2025-24928 2026-05-08T05:46:59.239Z 2026-05-08T06:11:36.072Z
bit-jre-2025-24855 2026-05-08T05:46:57.533Z 2026-05-08T06:11:36.072Z
bit-jre-2025-21587 2026-05-08T05:46:55.826Z 2026-05-08T06:11:36.072Z
bit-jre-2025-21502 2026-05-08T05:46:54.153Z 2026-05-08T06:11:36.072Z
bit-jre-2025-10911 Libxslt: use-after-free with key data stored cross-rvt 2026-05-08T05:46:52.544Z 2026-05-08T06:11:36.072Z
bit-jre-2025-0509 Signing Checks Bypass 2026-05-08T05:46:50.932Z 2026-05-08T06:11:36.072Z
bit-jre-2024-56171 2026-05-08T05:46:49.430Z 2026-05-08T06:11:36.072Z
bit-jre-2024-55549 2026-05-08T05:46:48.037Z 2026-05-08T06:11:36.072Z
bit-jre-2024-54534 2026-05-08T05:46:46.642Z 2026-05-08T06:11:36.072Z
bit-jre-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk 2026-05-08T05:46:44.993Z 2026-05-08T06:11:36.072Z
ID Description Published Updated
cleanstart-2026-lt06489 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-22T00:37:51.095485Z 2026-04-21T07:42:07Z
cleanstart-2026-al68245 filippo 2026-04-22T00:37:28.755649Z 2026-04-21T09:29:42Z
cleanstart-2026-fo49462 Security fixes for ghsa-3xc5-wrhm-f963 applied in versions: 1.31.1-r0 2026-04-22T00:36:28.593230Z 2026-04-21T09:53:20Z
cleanstart-2026-af45008 When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers 2026-04-21T00:40:00.550928Z 2026-04-20T07:28:24Z
cleanstart-2026-dk70097 In libexpat before 2 2026-04-21T00:38:59.570153Z 2026-04-20T05:52:44Z
cleanstart-2026-cp08056 In libexpat before 2 2026-04-21T00:38:29.529453Z 2026-04-20T05:52:44Z
cleanstart-2026-dy53885 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-21T00:37:09.087233Z 2026-04-20T05:52:44Z
cleanstart-2026-ad31975 Security fixes for ghsa-72hv-8253-57qq, ghsa-pwqr-wmgm-9rr8, ghsa-w9fj-cfpg-grvv applied in versions: 26.5.6-r3 2026-04-21T00:36:59.139031Z 2026-04-20T07:28:24Z
cleanstart-2026-js27352 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-18T00:36:20.590981Z 2026-04-17T12:37:31Z
cleanstart-2026-mw34654 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-18T00:36:20.394488Z 2026-04-17T12:37:31Z
cleanstart-2026-bc44092 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-18T00:36:20.226066Z 2026-04-17T12:37:31Z
cleanstart-2026-co09549 In libexpat before 2 2026-04-17T00:39:07.237615Z 2026-04-16T05:00:01Z
cleanstart-2026-kf53276 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-17T00:38:05.902586Z 2026-04-16T05:00:01Z
cleanstart-2026-gw37659 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-17T00:38:05.744772Z 2026-04-16T05:00:01Z
cleanstart-2026-ak18460 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-17T00:38:05.524563Z 2026-04-16T05:00:01Z
cleanstart-2026-cr55131 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-16T01:01:17.387205Z 2026-04-15T04:54:42Z
cleanstart-2026-ks09647 Axios is a promise based HTTP client for the browser and Node 2026-04-16T00:55:51.498867Z 2026-04-15T07:43:47Z
cleanstart-2026-dr81473 HashiCorp’s go-getter library up to v1 2026-04-16T00:55:21.838513Z 2026-04-15T06:15:46Z
cleanstart-2026-iy92636 During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ... 2026-04-16T00:46:49.187187Z 2026-04-15T09:17:00Z
cleanstart-2026-bh97849 gRPC-Go is the Go language implementation of gRPC 2026-04-16T00:46:20.819037Z 2026-04-15T10:00:00Z
cleanstart-2026-jz43336 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-16T00:45:49.932786Z 2026-04-15T09:24:00Z
cleanstart-2026-an01004 filippo 2026-04-16T00:44:50.314232Z 2026-04-15T09:36:13Z
cleanstart-2026-cf62516 Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s... 2026-04-16T00:42:51.354420Z 2026-04-15T10:18:15Z
cleanstart-2026-ez90321 Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS (PTR) when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper s... 2026-04-16T00:40:49.655378Z 2026-04-15T10:23:29Z
cleanstart-2026-gn18755 gRPC-Go is the Go language implementation of gRPC 2026-04-16T00:38:55.766955Z 2026-04-15T10:06:08Z
cleanstart-2026-io64153 In libexpat before 2 2026-04-16T00:38:53.556040Z 2026-04-15T10:48:12Z
cleanstart-2026-hh39661 In libexpat before 2 2026-04-16T00:38:49.545664Z 2026-04-15T10:48:12Z
cleanstart-2026-mn70386 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-16T00:37:18.538311Z 2026-04-15T10:48:12Z
cleanstart-2026-kc83705 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-15T00:53:10.163760Z 2026-04-14T09:04:57Z
cleanstart-2026-mw52599 OpenVPN version 2 2026-04-15T00:50:39.610141Z 2026-04-14T06:07:21Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
CERTFR-2025-ALE-003 [MàJ] Vulnérabilité dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
certfr-2024-ale-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
CERTFR-2024-ALE-013 Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA) 2025-03-31T00:00:00.000000 2024-10-25T00:00:00.000000
certfr-2025-ale-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
CERTFR-2025-ALE-001 [MàJ] Vulnérabilité dans les produits Ivanti 2025-01-09T00:00:00.000000 2025-04-01T00:00:00.000000
certfr-2024-ale-015 [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks 2024-11-15T00:00:00.000000 2024-11-18T00:00:00.000000
CERTFR-2024-ALE-015 [MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks 2024-11-15T00:00:00.000000 2024-11-18T00:00:00.000000
certfr-2024-ale-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
CERTFR-2024-ALE-014 [MàJ] Multiples vulnérabilités dans Fortinet FortiManager 2024-10-30T00:00:00.000000 2024-10-23T00:00:00.000000
certfr-2024-ale-012 [MàJ] Vulnérabilités affectant OpenPrinting CUPS 2024-09-27T00:00:00.000000 2024-11-21T00:00:00.000000
CERTFR-2024-ALE-012 [MàJ] Vulnérabilités affectant OpenPrinting CUPS 2024-09-27T00:00:00.000000 2024-11-21T00:00:00.000000
certfr-2024-ale-011 Vulnérabilité dans SonicWall 2024-09-10T00:00:00.000000 2024-11-21T00:00:00.000000
CERTFR-2024-ALE-011 Vulnérabilité dans SonicWall 2024-09-10T00:00:00.000000 2024-11-21T00:00:00.000000
certfr-2024-ale-010 Multiples vulnérabilités dans Roundcube 2024-08-09T00:00:00.000000 2024-10-07T00:00:00.000000
CERTFR-2024-ALE-010 Multiples vulnérabilités dans Roundcube 2024-08-09T00:00:00.000000 2024-10-07T00:00:00.000000
certfr-2024-ale-009 Vulnérabilité dans OpenSSH 2024-07-01T00:00:00.000000 2024-07-03T00:00:00.000000
CERTFR-2024-ALE-009 Vulnérabilité dans OpenSSH 2024-07-01T00:00:00.000000 2024-07-03T00:00:00.000000
certfr-2024-ale-008 [MàJ] Vulnérabilité dans les produits Check Point 2024-05-30T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-008 [MàJ] Vulnérabilité dans les produits Check Point 2024-05-30T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-007 Multiples vulnérabilités dans les produits Cisco 2024-04-25T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-007 Multiples vulnérabilités dans les produits Cisco 2024-04-25T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-006 [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect 2024-04-12T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-006 [MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect 2024-04-12T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-005 [MàJ] Vulnérabilité dans Microsoft Outlook 2024-02-15T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-005 [MàJ] Vulnérabilité dans Microsoft Outlook 2024-02-15T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-004 [MàJ] Vulnérabilité dans Fortinet FortiOS 2024-02-09T00:00:00.000000 2024-07-01T00:00:00.000000
CERTFR-2024-ALE-004 [MàJ] Vulnérabilité dans Fortinet FortiOS 2024-02-09T00:00:00.000000 2024-07-01T00:00:00.000000
certfr-2024-ale-003 [MàJ] Incident affectant les solutions AnyDesk 2024-02-05T00:00:00.000000 2024-04-15T00:00:00.000000
CERTFR-2024-ALE-003 [MàJ] Incident affectant les solutions AnyDesk 2024-02-05T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-002 [MàJ] Multiples Vulnérabilités dans GitLab 2024-01-12T00:00:00.000000 2024-02-22T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0522 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0521 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0520 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0519 Multiples vulnérabilités dans Microsoft Azure Linux 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0518 Multiples vulnérabilités dans Wireshark 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0517 Multiples vulnérabilités dans les produits SonicWall 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0516 Vulnérabilité dans les produits Netgate 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0515 Multiples vulnérabilités dans MISP 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0514 Multiples vulnérabilités dans Curl 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0513 Multiples vulnérabilités dans les produits Microsoft 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0512 Vulnérabilité dans Microsoft Edge 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0511 Vulnérabilité dans Elastic Package Registry 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0510 Multiples vulnérabilités dans Citrix XenServer 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0509 Multiples vulnérabilités dans Xen 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0508 Multiples vulnérabilités dans Moodle 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0507 Multiples vulnérabilités dans les produits Mozilla 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0506 Multiples vulnérabilités dans Google Chrome 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0505 Vulnérabilité dans Python 2026-04-28T00:00:00.000000 2026-04-28T00:00:00.000000
certfr-2026-avi-0504 Multiples vulnérabilités dans Spring 2026-04-28T00:00:00.000000 2026-04-28T00:00:00.000000
certfr-2026-avi-0503 Multiples vulnérabilités dans les produits Microsoft 2026-04-27T00:00:00.000000 2026-04-27T00:00:00.000000
certfr-2026-avi-0502 Multiples vulnérabilités dans Microsoft Edge 2026-04-27T00:00:00.000000 2026-04-27T00:00:00.000000
certfr-2026-avi-0501 Multiples vulnérabilités dans les produits FoxIT 2026-04-27T00:00:00.000000 2026-04-27T00:00:00.000000
certfr-2026-avi-0500 Multiples vulnérabilités dans VMware Tanzu 2026-04-27T00:00:00.000000 2026-04-27T00:00:00.000000
certfr-2026-avi-0499 Multiples vulnérabilités dans les produits Moxa 2026-04-27T00:00:00.000000 2026-04-27T00:00:00.000000
certfr-2026-avi-0498 Multiples vulnérabilités dans Zabbix Agent2 2026-04-27T00:00:00.000000 2026-04-27T00:00:00.000000
certfr-2026-avi-0497 Multiples vulnérabilités dans le noyau Linux de SUSE 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0496 Multiples vulnérabilités dans le noyau Linux de Red Hat 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0495 Multiples vulnérabilités dans le noyau Linux d'Ubuntu 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0494 Vulnérabilité dans les produits Microsoft 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0493 Vulnérabilité dans Microsoft Edge 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
ID Description Published Updated
jvndb-2026-009147 Vulnerability in Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer 2026-03-27T18:18+09:00 2026-03-27T18:18+09:00
jvndb-2026-009148 Open Redirect Vulnerability in Hitachi Ops Center Administrator 2026-03-27T18:17+09:00 2026-03-27T18:17+09:00
jvndb-2026-000047 Multiple vulnerabilities in baserCMS 2026-03-27T18:00+09:00 2026-03-27T18:00+09:00
jvndb-2026-000045 WordPress Plugin "OpenStreetMap" vulnerable to cross-site scripting 2026-03-27T17:34+09:00 2026-03-27T17:34+09:00
jvndb-2026-000046 Multiple vulnerabilities in BUFFALO Wi-Fi routers 2026-03-27T17:18+09:00 2026-03-27T17:18+09:00
jvndb-2026-000044 Multiple vulnerabilities in the installer of RATOC RAID Monitoring Manager for Windows 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000042 Digital Photo Frame GH-WDF10A vulnerable to improper access restriction 2026-03-26T17:41+09:00 2026-03-26T17:41+09:00
jvndb-2026-000043 SHARP routers missing authentication for some web APIs 2026-03-25T18:41+09:00 2026-03-25T18:41+09:00
jvndb-2026-000040 Installer of OM Workspace (Windows Edition) may insecurely load Dynamic Link Libraries 2026-03-25T18:13+09:00 2026-03-25T18:13+09:00
jvndb-2026-000041 SANYO DENKI SANUPS SOFTWARE registers Windows services with unquoted file paths 2026-03-25T17:58+09:00 2026-03-25T17:58+09:00
jvndb-2026-007973 Multiple vulnerabilities in Xerox FreeFlow Core (XRX26-005) 2026-03-23T14:54+09:00 2026-04-09T13:55+09:00
jvndb-2026-007524 Vulnerability in Hitachi Command Suite 2026-03-17T16:42+09:00 2026-03-17T16:42+09:00
jvndb-2026-000038 Installer for IBM Trusteer Rapport may insecurely load Dynamic Link Libraries 2026-03-17T14:57+09:00 2026-03-17T14:57+09:00
jvndb-2026-000039 Missing authorization in the OpenAI thread/message API endpoints of GROWI 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-000037 OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection 2026-03-16T17:18+09:00 2026-03-16T17:18+09:00
jvndb-2026-006887 Multiple vulnerabilities in Micro Research MR-GM5L-S1 and MR-GM5A-L1 2026-03-12T17:22+09:00 2026-03-12T17:22+09:00
jvndb-2026-000036 Improper file access permission settings in multiple Digital Arts products 2026-03-09T14:57+09:00 2026-03-09T16:23+09:00
jvndb-2026-000035 Installer for Qsee Client may insecurely load Dynamic Link Libraries 2026-03-09T14:57+09:00 2026-03-09T14:57+09:00
jvndb-2026-006102 Security issues in ESC/POS 2026-03-06T10:31+09:00 2026-03-06T10:31+09:00
jvndb-2026-000034 django-allauth vulnerable to open redirect 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000033 EC-CUBE vulnerable to multi-factor authentication bypass 2026-03-05T12:36+09:00 2026-03-05T12:36+09:00
jvndb-2026-000032 Multiple vulnerabilities in Dell UPS Multi-UPS Management Console (MUMC) 2026-03-04T12:20+09:00 2026-03-04T12:20+09:00
jvndb-2026-005746 Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (February 2026) 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005744 Canon IJ Scan Utility registers Windows services with unquoted file paths 2026-03-04T10:40+09:00 2026-03-04T10:40+09:00
jvndb-2026-005259 Out-of-bounds write vulnerability in Fujitsu BIOS Driver (fbiosdrv.sys) 2026-03-02T11:46+09:00 2026-03-02T11:46+09:00
jvndb-2026-000031 Improper file access permission settings in the installers for multiple Soliton Systems products 2026-02-27T15:41+09:00 2026-02-27T15:41+09:00
jvndb-2026-000030 IM-LogicDesigner module of intra-mart Accel Platform vulnerable to untrusted data deserialization 2026-02-27T15:41+09:00 2026-03-03T10:06+09:00
jvndb-2026-000029 Multiple vulnerabilities in the installer of FinalCode Client 2026-02-26T14:24+09:00 2026-02-26T14:24+09:00
jvndb-2026-004811 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
jvndb-2026-004810 Vulnerability in Hitachi Configuration Manager and Hitachi Ops Center API Configuration Manager 2026-02-26T11:02+09:00 2026-02-26T11:02+09:00
ID Description Published Updated
cnvd-2026-18536 IBM Guardium Data Protection Web UI跨站脚本漏洞 2026-04-23 2026-04-24
cnvd-2026-18535 IBM Verify Identity Access Container弱加密算法漏洞 2026-04-23 2026-04-24
cnvd-2026-18578 Oracle MySQL Server Optimizer拒绝服务漏洞(CNVD-2026-18578) 2026-04-22 2026-04-24
cnvd-2026-18577 Oracle Solaris内核拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18576 Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18576) 2026-04-22 2026-04-24
cnvd-2026-18575 Oracle MySQL Server JSON组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18574 Oracle MySQL Shell Core Client拒绝服务漏洞(CNVD-2026-18574) 2026-04-22 2026-04-24
cnvd-2026-18573 Oracle MySQL Shell Core Client拒绝服务漏洞(CNVD-2026-18573) 2026-04-22 2026-04-24
cnvd-2026-18572 Oracle Database Server Java VM组件数据泄露漏洞 2026-04-22 2026-04-24
cnvd-2026-18571 Oracle MySQL Server Partition组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18570 Oracle MySQL Server GIS组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18569 Oracle VM VirtualBox Core组件拒绝服务漏洞(CNVD-2026-18569) 2026-04-22 2026-04-24
cnvd-2026-18539 Oracle VM VirtualBox Core组件权限提升漏洞(CNVD-2026-18539) 2026-04-22 2026-04-24
cnvd-2026-18538 Oracle Fusion Middleware Dynamic Monitoring Service跨站脚本漏洞 2026-04-22 2026-04-24
cnvd-2026-18432 Oracle MySQL Server InnoDB拒绝服务漏洞(CNVD-2026-18432) 2026-04-22 2026-04-24
cnvd-2026-18431 Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18431) 2026-04-22 2026-04-24
cnvd-2026-18430 Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18430) 2026-04-22 2026-04-24
cnvd-2026-18429 Oracle MySQL Server DML组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18428 Oracle MySQL Server Optimizer拒绝服务漏洞(CNVD-2026-18428) 2026-04-22 2026-04-24
cnvd-2026-18427 Oracle VM VirtualBox Core组件权限提升漏洞(CNVD-2026-18427) 2026-04-22 2026-04-24
cnvd-2026-18426 Oracle VM VirtualBox Core组件内存破坏漏洞(CNVD-2026-18426) 2026-04-22 2026-04-24
cnvd-2026-18425 Oracle VM VirtualBox Core组件权限提升漏洞(CNVD-2026-18425) 2026-04-22 2026-04-24
cnvd-2026-18408 Oracle VM VirtualBox Core组件内存破坏漏洞 2026-04-22 2026-04-24
cnvd-2026-18407 Oracle VM VirtualBox Core组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-19046 WordPress插件WCFM Marketplace SQL注入漏洞 2026-04-21 2026-04-30
cnvd-2026-19031 WordPress插件YouTube Showcase跨站脚本漏洞 2026-04-21 2026-04-30
cnvd-2026-18600 Microsoft Excel缓冲区溢出漏洞(CNVD-2026-18600) 2026-04-21 2026-04-21
cnvd-2026-18599 Microsoft Desktop Windows Manager资源管理错误漏洞(CNVD-2026-18599) 2026-04-21 2026-04-21
cnvd-2026-18598 Microsoft Desktop Windows Manager资源管理错误漏洞(CNVD-2026-18598) 2026-04-21 2026-04-21
cnvd-2026-18597 Microsoft Desktop Windows Manager资源管理错误漏洞 2026-04-21 2026-04-21
ID Description Published Updated
bdu:2026-01814 Уязвимость программного обеспечения Microsoft ACI Confidential Containers, связанная с хр… 16.02.2026 16.02.2026
bdu:2026-01813 Уязвимость программного обеспечения Azure IoT Explorer, связанная с привязкой к открытым … 16.02.2026 16.02.2026
bdu:2026-01812 Уязвимость почтового сервера Microsoft Exchange Server, связанная с ошибками представлени… 16.02.2026 16.02.2026
bdu:2026-01811 Уязвимость службы аналитики данных Azure HDInsights, связанная с непринятием мер по защит… 16.02.2026 16.02.2026
bdu:2026-01810 Уязвимость редактора электронных таблиц Microsoft Excel пакетов программ Microsoft Office… 16.02.2026 16.02.2026
bdu:2026-01809 Уязвимость службы хранилища данных Windows Storage Services операционных систем Windows, … 16.02.2026 16.02.2026
bdu:2026-01808 Уязвимость реализации протокола NTLM операционных систем Windows, позволяющая нарушителю … 16.02.2026 16.02.2026
bdu:2026-01807 Уязвимость системы аппаратной виртуализации Hyper-V операционной системы Windows, позволя… 16.02.2026 16.02.2026
bdu:2026-01806 Уязвимость механизма CCF (Cluster Client Failover) операционных систем Windows, позволяющ… 16.02.2026 16.02.2026
bdu:2026-01805 Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… 16.02.2026 16.02.2026
bdu:2026-01804 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01803 Уязвимость драйвера WinSock операционных систем Windows, позволяющая нарушителю повысить … 16.02.2026 16.02.2026
bdu:2026-01802 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01801 Уязвимость драйвера HTTP.sys операционных систем Windows, позволяющая нарушителю повысить… 16.02.2026 16.02.2026
bdu:2026-01800 Уязвимость ядра операционных систем Windows, позволяющая нарушителю повысить свои привилегии 16.02.2026 16.02.2026
bdu:2026-01799 Уязвимость ядра операционных систем Windows, позволяющая нарушителю раскрыть защищаемую и… 16.02.2026 16.02.2026
bdu:2026-01798 Уязвимость программы для шифрования информации и создания электронных цифровых подписей G… 16.02.2026 16.02.2026
bdu:2026-01797 Уязвимость функции _bfd_elf_slurp_version_tables() компонента bfd/elf.c программного сред… 16.02.2026 16.02.2026
bdu:2026-01796 Уязвимость компонента libbfd.c программного средства разработки GNU Binutils, позволяющая… 16.02.2026 16.02.2026
bdu:2026-01795 Уязвимость программного средства управления конечными точками Ivanti Endpoint Manager, св… 16.02.2026 16.02.2026
bdu:2026-01794 Уязвимость функции usbg_make_tpg() модуля drivers/usb/gadget/function/f_tcm.c драйвера га… 16.02.2026 16.02.2026
bdu:2026-01792 Уязвимость программного средства локальной инфраструктуры Azure Local, связанная с ошибка… 13.02.2026 16.02.2026
bdu:2026-01791 Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанна… 13.02.2026 13.02.2026
bdu:2026-01790 Уязвимость Защитника Microsoft (Microsoft Defender for Endpoint) операционных систем Linu… 13.02.2026 13.02.2026
bdu:2026-01789 Уязвимость редактора исходного кода Microsoft Visual Studio Code, связанная с ошибками си… 13.02.2026 13.02.2026
bdu:2026-01788 Уязвимость сервиса Azure AI Language Authoring, связанная с недостатками механизма десери… 13.02.2026 13.02.2026
bdu:2026-01787 Уязвимость средства разработки программного обеспечения Microsoft Visual Studio, связанна… 13.02.2026 13.02.2026
bdu:2026-01786 Уязвимость компонента Windows Installer приложения Windows App, позволяющая нарушителю по… 13.02.2026 13.02.2026
bdu:2026-01785 Уязвимость редактора исходного кода Microsoft Visual Studio Code, связанная с непринятием… 13.02.2026 13.02.2026
bdu:2026-01784 Уязвимость средства разработки программного обеспечения Azure DevOps Server, связанная с … 13.02.2026 13.02.2026
ID Description Updated
var-202001-0832 A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic… 2024-07-23T22:37:43.319000Z
var-201208-0222 Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r… 2024-07-23T22:37:43.393000Z
var-202108-1148 An access issue was addressed with improved access restrictions. This issue is fixed in m… 2024-07-23T22:36:01.656000Z
var-200202-0006 Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause… 2024-07-23T22:34:48.127000Z
var-202007-0395 Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities … 2024-07-23T22:33:57.481000Z
var-201805-1147 WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe… 2024-07-23T22:32:10.966000Z
var-201902-0647 LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening … 2024-07-23T22:32:09.990000Z
var-201908-0863 Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE… 2024-07-23T22:30:33.144000Z
var-201912-0120 A memory corruption issue was addressed with improved validation. This issue is fixed in … 2024-07-23T22:30:32.761000Z
var-201912-0114 A memory corruption issue was addressed with improved validation. This issue is fixed in … 2024-07-23T22:30:32.792000Z
var-202305-1589 D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulne… 2024-07-23T22:30:26.856000Z
var-202407-0235 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… 2024-07-23T22:30:24.825000Z
var-202407-0234 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … 2024-07-23T22:30:24.699000Z
var-202407-0233 Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data … 2024-07-23T22:30:24.731000Z
var-202407-0232 Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can res… 2024-07-23T22:30:24.657000Z
var-201112-0097 Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a… 2024-07-23T22:29:05.132000Z
var-201801-0152 An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions pri… 2024-07-23T22:28:30.754000Z
var-201801-0151 A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior … 2024-07-23T22:28:30.640000Z
var-201807-0341 ABB Panel Builder 800 all versions has an improper input validation vulnerability which m… 2024-07-23T22:28:27.949000Z
var-201806-1058 Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo… 2024-07-23T22:28:27.641000Z
var-201906-1029 In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne… 2024-07-23T22:28:26.009000Z
var-202004-0077 There are multiple ways an unauthenticated attacker could perform SQL injection on WebAcc… 2024-07-23T22:28:24.545000Z
var-202206-2050 The affected product is vulnerable to multiple SQL injections, which may allow an unautho… 2024-07-23T22:27:49.515000Z
var-202305-1981 D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution V… 2024-07-23T22:27:44.287000Z
var-202305-0214 D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerabilit… 2024-07-23T22:27:44.496000Z
var-202305-0130 D-Link DIR-2640 EmailFrom Command Injection Remote Code Execution Vulnerability. This vul… 2024-07-23T22:27:44.522000Z
var-202407-0441 A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC R… 2024-07-23T22:27:41.577000Z
var-201105-0156 Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 30… 2024-07-23T22:25:52.955000Z
var-201402-0028 The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni… 2024-07-23T22:25:48.624000Z
var-201402-0027 The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re… 2024-07-23T22:25:48.742000Z
ID Description Published Updated
ID Description Published Updated
vde-2023-055 Phoenix Contact: Automation Worx and classic line controllers prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2023-12-12T07:00:00.000Z
vde-2023-054 Phoenix Contact: ProConOS prone to Download of Code Without Integrity Check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-051 Phoenix Contact: MULTIPROG Engineering tool and ProConOS eCLR SDK prone to CWE-732 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-062 Phoenix Contact: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products 2023-11-21T08:15:00.000Z 2023-11-21T08:15:00.000Z
vde-2023-030 Phoenix Contact: Multiple products affected by WIBU Codemeter Vulnerability (Update A) 2023-09-19T06:50:00.000Z 2023-11-13T11:00:00.000Z
vde-2023-018 Phoenix Contact: Multiple vulnerabilities in WP 6xxx Web panels 2023-08-08T06:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-016 Phoenix Contact: PLCnext Engineer Vulnerabilities in LibGit2Sharp/LibGit2 2023-08-08T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-017 Phoenix Contact: Multiple vulnerabilities in TC ROUTER, TC CLOUD CLIENT and CLOUD CLIENT devices 2023-08-08T04:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-010 PHOENIX CONTACT: FL MGUARD affected by two vulnerabilities 2023-06-13T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-004 Phoenix Contact: Directory Traversal Vulnerability in ENERGY AXC PU Web service 2023-04-11T08:00:00.000Z 2023-04-11T08:00:00.000Z
vde-2023-003 PHOENIX CONTACT: Multiple vulnerabilities in ENERGY AXC PU 2023-03-14T09:14:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-053 PHOENIX CONTACT: Advisory for TC ROUTER and CLOUD CLIENT 2023-03-07T07:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2023-001 PHOENIX CONTACT: Multiple Vulnerabilities in PLCnext Firmware 2023-02-14T07:50:00.000Z 2025-06-05T13:28:12.000Z
vde-2022-058 PHOENIX CONTACT: Profinet SDK libexpat vulnerabilities 2022-12-13T07:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-051 PHOENIX CONTACT: Denial-of-Service vulnerability in mGuard product family 2022-11-15T09:27:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-048 PHOENIX CONTACT: Automationworx BCP File Parsing Vulnerabilities 2022-11-15T09:25:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-046 PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware 2022-11-10T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-028 PHOENIX CONTACT: Missing Authentication in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool 2022-06-21T05:18:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-026 PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool 2022-06-21T05:16:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-025 PHOENIX CONTACT: Vulnerability in classic line industrial controllers 2022-06-21T05:15:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-018 PHOENIX CONTACT: Multiple vulnerabilities in RAD-ISM-900-EN-BD devices 2022-05-11T14:20:00.000Z 2022-05-11T14:20:00.000Z
vde-2022-014 PHOENIX CONTACT: mGuard Device Manager affected by HTTP Request Smuggling of Apache Webserver 2022-04-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-013 PHOENIX CONTACT: Multiple products affected by possible infinite loop within OpenSSL library 2022-04-12T06:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2022-010 PHOENIX CONTACT: Multiple Linux component vulnerabilities fixed in latest AXC F x152 LTS release 2022-04-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-005 PHOENIX CONTACT: Vulnerabilities in XML parser library Expat (libexpat) 2022-03-30T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-007 PHOENIX CONTACT: Path Traversal in Library of PLCnext Technology Toolchain and FL Network Manager 2022-03-22T07:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-001 PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment 2022-01-25T08:05:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-059 PHOENIX CONTACT: BLUEMARK X1 / LED / CLED printers utilizing the Siemens Nucleus RTOS TCP/IP Stack 2022-01-11T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-056 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 and WebVisualisation 2021-11-16T14:11:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-046 PHOENIX CONTACT: XSS and memory-leak in FL MGUARD 1102/1105 2021-11-10T07:23:00.000Z 2021-11-10T07:23:00.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
vde-2018-008 Pepperl+Fuchs: Remote Code Execution Vulnerability in HMI Devices 2018-07-06T13:37:00.000Z 2018-07-06T13:37:00.000Z
vde-2018-002 Pepperl+Fuchs: HMI devices vulnerable to Meltdown and Spectre Attacks 2018-02-14T08:50:00.000Z 2025-05-14T12:28:19.000Z
vde-2017-005 Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption 2017-12-11T13:26:00.000Z 2018-10-23T10:00:00.000Z
ID Description Published Updated
ID Description Published Updated
vde-2023-015 WAGO: Improper privilege management in web-based management 2023-11-20T07:00:00.000Z 2023-11-20T07:00:00.000Z
vde-2023-046 WAGO: Multiple products vulnerable to local file inclusion 2023-10-23T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2023-042 Wago: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro (UPDATE B) 2023-09-25T10:00:00.000Z 2024-11-20T11:00:00.000Z
vde-2023-026 WAGO: Multiple products prone to multiple vulnerabilities in e!Runtime / CODESYS V3 Runtime 2023-07-31T07:36:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-014 WAGO: Bluetooth LE vulnerability in WLAN-ETHERNET-Gateway 2023-07-31T07:00:00.000Z 2023-07-31T07:00:00.000Z
vde-2023-006 WAGO: Controller with CODESYS 2.3 Runtime Denial-of-Service 2023-06-25T06:00:00.000Z 2024-07-08T10:00:00.000Z
vde-2023-005 WAGO: Series 750-3x/-8x prone to MODBUS server DoS 2023-06-25T06:00:00.000Z 2023-06-25T06:00:00.000Z
vde-2023-007 WAGO: Unauthenticated command execution via Web-based-management UPDATE A 2023-05-15T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-060 WAGO: Multiple vulnerabilities in web-based management of multiple products 2023-02-27T11:00:00.000Z 2023-02-27T11:00:00.000Z
vde-2022-055 WAGO: Exposure of configuration interface in unmanaged switches 2023-02-16T13:43:00.000Z 2023-02-16T13:43:00.000Z
vde-2022-054 WAGO: Unauthenticated Configuration Export in web-based management in multiple devices 2023-01-12T07:52:00.000Z 2023-01-12T07:52:00.000Z
vde-2022-042 WAGO: Multiple products - Loss of MAC-Address-Filtering after reboot 2022-10-17T08:00:00.000Z 2022-10-17T08:00:00.000Z
vde-2022-040 WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime 2022-10-17T08:00:00.000Z 2023-09-22T12:39:00.000Z
vde-2022-047 WAGO: FTP-Server - Denial-of-Service 2022-10-12T08:00:00.000Z 2022-10-12T08:00:00.000Z
vde-2022-035 WAGO: Multiple product series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-031 WAGO: Multiple Products Series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-009 WAGO: Multiple Products affected by Linux Kernel Vulnerability Dirty Pipe 2022-04-06T07:30:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-004 WAGO: Web-Based Management Cross-Site Scripting 2022-03-09T07:00:00.000Z 2022-03-09T07:00:00.000Z
vde-2022-002 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2022-01-31T13:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-060 WAGO: Smart Script affected by Log4Shell Vulnerability 2022-01-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-049 WAGO: Denial of Service Vulnerability in CODESYS Runtime 2.3 2021-11-16T12:05:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-050 WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack. 2021-11-16T11:02:00.000Z 2021-11-16T11:02:00.000Z
vde-2021-043 WAGO: Vulnerable WIBU-SYSTEMS Codemeter installed through e!COCKPIT and WAGO-I/O-Pro 2021-08-31T07:02:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-044 WAGO: Web-Based Management Authentication Vulnerability in WAGO 750-36X and WAGO 750-8XX 2021-08-31T07:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-038 WAGO: OpenSSL DoS Vulnerability in PLCs 2021-08-31T07:00:00.000Z 2025-05-14T12:53:43.000Z
vde-2020-036 WAGO: Multiple Vulnerabilities in I/O-Check Service 2021-06-29T10:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-014 WAGO: Multiple Vulnerabilities in CODESYS Runtime 2.3 2021-05-20T09:08:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-013 WAGO: Multiple Vulnerabilities in the Web-Based Management Interface 2021-05-05T08:54:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-048 M&M Software (WAGO): Deserialisation of untrusted data in fdtContainer 2021-01-14T14:57:00.000Z 2021-01-14T14:57:00.000Z
vde-2020-045 WAGO: Command Injection Vulnerability in I/O-Check Service of multiple products 2020-12-17T09:02:00.000Z 2025-05-14T12:53:43.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
MOKSHA-2026-0059
5.3 (3.1)
5.3 (4.0)
Multi-Tenant Trust Confusion via VM.xenstore_data Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0058
5.3 (3.1)
5.3 (4.0)
Xenstore Quota Exhaustion via VM.xenstore_data Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0057
5.3 (3.1)
5.3 (4.0)
FIST Namespace Exposure via VM.xenstore_data Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0056
5.3 (3.1)
5.3 (4.0)
Console Access Manipulation via VM.other_config disabl… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0055
5.3 (3.1)
7.1 (4.0)
set_other_config RBAC Bypass for PCI Passthrough Key Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0054
5.3 (3.1)
5.3 (4.0)
MAC Address Collision via VM.other_config mac_seed Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0053
5.3 (3.1)
5.3 (4.0)
MTU Manipulation (0-65535) via VIF.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0052
5.3 (3.1)
5.3 (4.0)
Leaked VBD Detection Spoofing via task_id/related_to Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0051
5.4 (3.1)
2.3 (4.0)
Config Drive Misidentification via VDI.other_config co… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0050
5.5 (3.1)
5.1 (4.0)
LUNperVDI Mode Manipulation via SR.sm_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0049
5.5 (3.1)
5.1 (4.0)
HIMN Identity Hijack + DHCP Manipulation via Network.o… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0048
5.5 (3.1)
7.0 (4.0)
Storage Availability Disruption via Host.other_config … Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0047
6.1 (3.1)
5.1 (4.0)
DNS Search Domain Injection via PIF.other_config domain Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0046
6.5 (3.1)
8.3 (4.0)
MTU Manipulation / Network Partition via PIF.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0045
6.5 (3.1)
5.1 (4.0)
Arbitrary Bond Property Injection via PIF.other_config… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0044
6.5 (3.1)
5.3 (4.0)
QEMU -parallel Path Traversal (VM DoS) via VM.platform Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0043
6.5 (3.1)
7.0 (4.0)
PBD Synchronization Bypass via Pool.other_config sync_… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0042
6.5 (3.1)
5.1 (4.0)
SMTP Server Redirection / Credential Exfiltration via … Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0041
6.5 (3.1)
5.1 (4.0)
Rolling Upgrade State Injection via Pool.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0040
6.5 (3.1)
6.9 (4.0)
CHAP Credential Exposure via PBD.device_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0039
6.5 (3.1)
7.0 (4.0)
Filesystem Layout Manipulation via SR.sm_config nosubd… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0038
6.5 (3.1)
8.3 (4.0)
Provisioning Type Manipulation via SR.sm_config allocation Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0037
6.5 (3.1)
7.0 (4.0)
VHD Test Mode and Failure Injection via SR.other_confi… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0036
6.7 (3.1)
7.0 (4.0)
LVM Configuration Injection via SR.other_config lvm-conf Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0035
6.8 (3.1)
6.9 (4.0)
iSCSI Initiator Identity Spoofing via Host.other_confi… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0034
6.8 (3.1)
7.1 (4.0)
Coalesce Blocking via VDI.other_config leaf-coalesce Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0033
7.1 (3.1)
5.3 (4.0)
Rate Limit Bypass via VIF.qos_algorithm_params Large k… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0032
7.1 (3.1)
8.3 (4.0)
Bidirectional Data Exfiltration via VM.xenstore_data G… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0031
7.1 (3.1)
8.3 (4.0)
Guest Agent Poisoning via VM.xenstore_data vm-data Injection Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0030
7.1 (3.1)
7.1 (4.0)
XML Injection in Template Provisioning via VM.other_co… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2025-0026
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-26T16:35:00.000Z 2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in … misp
 misp
 2025-11-26T16:27:00.000Z 2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024
9.4 (4.0)
cross-site scripting (XSS) vulnerability in the MISP s… misp
 misp
 2025-11-26T16:14:00.000Z 2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023
9.4 (4.0)
XSS in MISP server comparison tool misp
 misp
 2025-11-26T16:10:00.000Z 2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022
9.4 (4.0)
Clarified setting's impact on download_attachments_on_load misp
 misp
 2025-11-26T16:04:00.000Z 2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021
9.4 (4.0)
XSS in MISP ReST client in HTML view misp
 misp
 2025-11-26T15:55:00.000Z 2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020
9.4 (4.0)
cross-site scripting (XSS) in Galaxy element JSON view misp
 misp
 2025-11-26T15:49:00.000Z 2025-12-02T08:47:41.151429Z
GCVE-1-2025-0019
4 (4.0)
Path traversal vulnerability in EventReport for site-admin misp
 misp
 2025-11-26T14:47:00.000Z 2025-11-28T07:27:42.721350Z
GCVE-1-2025-0018
9.4 (4.0)
HTML injection issue was identified in Lookyloo’s web … lookyloo
 lookyloo
 2025-11-18T15:33:00.000Z 2025-11-18T20:39:45.579295Z
GCVE-1-2025-0017
9.4 (4.0)
Privilege escalation in Cerebrate allows an authentica… cerebrate
 cerebrate
 2025-11-12T08:15:00.000Z 2025-11-28T07:22:08.205835Z
GCVE-1-2025-0016
6 (4.0)
Local file inclusion in [ImportFromUrl() URL hand… misp
 misp
 2025-11-04T09:20:00.000Z 2025-11-04T09:56:38.383646Z
GCVE-1-2025-0015
9 (4.0)
Potential XSS in decaying simulation tool misp
 misp
 2025-11-04T09:06:00.000Z 2025-11-04T09:06:59.216121Z
GCVE-1-2025-0014
9.4 (4.0)
XSS in event report via Mermaid diagram misp
 misp
 2025-11-04T08:58:00.024516Z 2025-11-04T08:58:00.024516Z
GCVE-1-2025-0013
9.4 (4.0)
Vulnerability in sharing group blueprints allowing sha… misp
 misp
 2025-11-04T08:49:21.558087Z 2025-11-04T08:49:21.558087Z
GCVE-1-2025-0012
N/A
Potential vulnerability in file check upload but non-e… misp
 misp
 2025-11-04T07:20:00.000Z 2025-11-28T07:16:21.589449Z
GCVE-1-2025-0011
9.4 (4.0)
Arbitrary file inclusion / deletion via import modules… misp
 misp
 2025-11-04T07:01:25.464225Z 2025-11-04T07:01:25.464225Z
GCVE-1-2025-0010
6.3 (4.0)
Arbitrary file hash inclusion via templates accessible… misp
 misp
 2025-11-04T06:25:11.108987Z 2025-11-04T06:25:11.108987Z
GCVE-1-2025-0009
6.4 (4.0)
A pre-auth user could self-assign a reporter without b… CIRCL
 vulnerability-lookup
 2025-10-13T09:20:24.800890Z 2025-10-13T09:20:24.800890Z
GCVE-1-2025-0008
7 (4.0)
Logged users can view vulnerability disclosure comment… CIRCL
 vulnerability-lookup
 2025-10-13T09:10:00.000Z 2025-10-13T09:15:31.637686Z
GCVE-1-2025-0007
4.5 (4.0)
Missing email validation on user management CIRCL
 vulnerability-lookup
 2025-10-13T08:37:00.000Z 2025-10-13T08:51:37.408861Z
GCVE-1-2025-0006
9.3 (4.0)
Potential XSS in admin CPE in organization model CIRCL
 vulnerability-lookup
 2025-10-13T08:29:00.000Z 2025-10-13T08:52:23.411325Z
GCVE-1-2025-0005
9.4 (4.0)
Reflected XSS due to insecure use of Markup CIRCL
 vulnerability-lookup
 2025-10-13T08:23:29.812914Z 2025-10-13T08:23:29.812914Z
GCVE-1-2025-0004
10 (4.0)
XSS in Comments, Bundles, and Sightings component of v… CIRCL
 vulnerability-lookup
 2025-09-25T14:10:00.000Z 2025-11-19T10:16:47.656802Z
GCVE-1-2025-0003
9.3 (4.0)
Incorrect ACL for user settings edit, which previ… cerebrate
 cerebrate
 2025-08-22T12:33:00.000Z 2025-08-23T07:55:10.950332Z
GCVE-1-2025-0002
8.9 (4.0)
Command Injection in Cl0p Exfiltration Python Script Cl0p ransomware
 exfiltration
 2025-07-01T08:19:00.000Z 2025-07-01T10:58:58.443468Z
GCVE-1-2025-0001
5.3 (4.0)
The absence of a password confirmation step when deact… CIRCL
 Vulnerability-Lookup
 2025-05-27T08:58:00.000Z 2025-05-30T14:27:56.273945Z
ID CVSS Description Vendor Product Published Updated