Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-jmhc-vxg9-h2g4 | A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environm… | 2021-12-09T00:01:13Z | 2025-10-22T00:32:26Z |
| ghsa-jfh8-c2jp-5v3q | Remote code injection in Log4j | 2021-12-10T00:40:56Z | 2025-10-22T19:13:24Z |
| ghsa-wrwj-r75g-4vx9 | Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code ex… | 2021-12-13T00:00:34Z | 2025-10-22T00:32:26Z |
| ghsa-mx9v-6qg3-92rp | CPAN 2.28 allows Signature Verification Bypass. | 2021-12-14T00:00:33Z | 2025-11-04T00:30:30Z |
| ghsa-7rjr-3q55-vv33 | Incomplete fix for Apache Log4j vulnerability | 2021-12-14T18:01:28Z | 2025-10-22T19:12:17Z |
| ghsa-r535-rfwp-fm57 | In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after … | 2021-12-16T00:00:45Z | 2025-10-22T00:32:27Z |
| ghsa-r93f-j2vf-vmc4 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. Th… | 2021-12-16T00:01:31Z | 2025-10-22T00:32:27Z |
| ghsa-hvcq-2mcq-rg5f | Windows AppX Installer Spoofing Vulnerability | 2021-12-16T00:01:44Z | 2025-10-22T00:32:26Z |
| ghsa-98jh-5xvm-p5ph | Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique fr… | 2021-12-16T00:01:58Z | 2025-10-22T00:32:26Z |
| ghsa-cfcf-x7x2-gpf8 | An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based sig… | 2021-12-17T00:00:32Z | 2025-11-03T21:30:36Z |
| ghsa-7g56-f7p4-fmcq | Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an … | 2021-12-21T00:00:50Z | 2025-11-03T21:30:36Z |
| ghsa-qc3g-2wrf-8fcw | Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. | 2021-12-22T00:00:30Z | 2025-10-22T00:32:27Z |
| ghsa-93mm-w2p9-c6mq | Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter i… | 2021-12-23T00:01:27Z | 2025-10-29T18:30:26Z |
| ghsa-ghrr-459c-37qq | In ProjectWorlds Online Shopping System PHP 1.0, a CSRF vulnerability in cart_remove.php allows a r… | 2021-12-23T00:01:27Z | 2025-10-29T18:30:26Z |
| ghsa-g527-g4q2-57xc | A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via th… | 2021-12-24T00:00:21Z | 2025-11-03T21:30:36Z |
| ghsa-g9gv-9646-jvp8 | GEGL before 0.4.34, as used (for example) in GIMP before 2.10.30, allows shell expansion when a pat… | 2021-12-24T00:00:45Z | 2025-11-03T18:31:10Z |
| ghsa-h3r6-368v-w6xc | vim is vulnerable to Use After Free | 2021-12-28T00:00:33Z | 2025-11-03T21:30:36Z |
| ghsa-wh99-p8pv-5qjw | vim is vulnerable to Use After Free | 2021-12-30T00:00:20Z | 2025-11-03T21:30:36Z |
| ghsa-7c4g-8373-rcp3 | Crash in the Gryphon dissector in Wireshark 3.4.0 to 3.4.10 allows denial of service via packet inj… | 2021-12-31T00:00:19Z | 2025-11-04T00:30:30Z |
| ghsa-pmc4-9968-jrp7 | Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection … | 2021-12-31T00:00:19Z | 2025-11-04T00:30:30Z |
| ghsa-wm4g-hw88-g25h | Infinite loop in the RTMPT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of servic… | 2021-12-31T00:00:19Z | 2025-11-04T00:30:30Z |
| ghsa-3hwx-vc7v-fw2m | Crash in the RFC 7468 dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service via… | 2021-12-31T00:00:20Z | 2025-11-04T00:30:30Z |
| ghsa-g3fh-c7h3-x56j | Infinite loop in the BitTorrent DHT dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial … | 2021-12-31T00:00:20Z | 2025-11-04T00:30:30Z |
| ghsa-jr2g-cv62-4vcw | Crash in the Sysdig Event dissector in Wireshark 3.6.0 and 3.4.0 to 3.4.10 allows denial of service… | 2021-12-31T00:00:20Z | 2025-11-04T00:30:30Z |
| ghsa-h53v-fr53-7vvj | A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. Thi… | 2022-01-04T00:00:32Z | 2025-11-03T21:30:36Z |
| ghsa-689x-phc2-9p4m | A download of code without integrity check vulnerability in the "execute restore src-vis" command o… | 2022-01-05T00:00:59Z | 2025-10-22T00:32:27Z |
| ghsa-cwfw-4gq5-mrqx | Regular Expression Denial of Service (ReDoS) in braces | 2022-01-06T20:42:03Z | 2025-11-26T16:25:50Z |
| ghsa-9fvj-4grr-mv9j | An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release… | 2022-01-11T00:00:57Z | 2025-10-22T00:32:27Z |
| ghsa-jqwj-9jvg-583v | Serv-U web login screen was allowing characters that were not sanitized by the authentication mecha… | 2022-01-11T00:01:34Z | 2025-10-22T00:32:27Z |
| ghsa-wmfg-rc3x-58v3 | Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2… | 2022-01-12T00:00:30Z | 2025-10-22T00:32:27Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2012-1710 | N/A | Unspecified vulnerability in the Oracle WebCenter… |
n/a |
n/a |
2012-05-03T22:00:00.000Z | 2025-10-22T00:05:47.717Z |
| cve-2012-1823 | N/A | sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.… |
n/a |
n/a |
2012-05-11T10:00:00.000Z | 2025-11-04T17:11:54.860Z |
| cve-2012-0507 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2012-06-07T22:00:00.000Z | 2025-10-22T00:05:47.423Z |
| cve-2012-2034 | N/A | Adobe Flash Player before 10.3.183.20 and 11.x be… |
n/a |
n/a |
2012-06-09T00:00:00.000Z | 2025-10-22T00:05:47.286Z |
| cve-2012-1889 | N/A | Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.… |
n/a |
n/a |
2012-06-13T01:00:00.000Z | 2025-10-22T00:05:47.142Z |
| cve-2012-1723 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2012-06-16T21:00:00.000Z | 2025-10-22T00:05:47.007Z |
| cve-2012-1571 | N/A | file before 5.11 and libmagic allow remote attack… |
n/a |
n/a |
2012-07-17T21:00:00.000Z | 2025-12-04T20:31:00.745Z |
| cve-2012-1856 | N/A | The TabStrip ActiveX control in the Common Contro… |
n/a |
n/a |
2012-08-15T01:00:00.000Z | 2025-10-22T00:05:46.865Z |
| cve-2012-1535 | N/A | Unspecified vulnerability in Adobe Flash Player b… |
n/a |
n/a |
2012-08-15T10:00:00.000Z | 2025-10-22T00:05:46.712Z |
| cve-2012-4681 | N/A | Multiple vulnerabilities in the Java Runtime Envi… |
n/a |
n/a |
2012-08-28T00:00:00.000Z | 2025-10-22T00:05:46.560Z |
| cve-2012-4969 | N/A | Use-after-free vulnerability in the CMshtmlEd::Ex… |
n/a |
n/a |
2012-09-18T10:00:00.000Z | 2025-10-22T00:05:46.392Z |
| cve-2012-5054 | N/A | Integer overflow in the copyRawDataTo method in t… |
n/a |
n/a |
2012-09-24T17:00:00.000Z | 2025-10-22T00:05:46.256Z |
| cve-2012-5076 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2012-10-16T21:29:00.000Z | 2025-10-22T00:05:46.105Z |
| cve-2012-0518 | N/A | Unspecified vulnerability in the Oracle Applicati… |
n/a |
n/a |
2012-10-16T23:00:00.000Z | 2025-10-22T00:05:45.957Z |
| cve-2012-3152 | N/A | Unspecified vulnerability in the Oracle Reports D… |
n/a |
n/a |
2012-10-16T23:00:00.000Z | 2025-10-22T00:05:45.789Z |
| cve-2012-2539 | N/A | Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 20… |
n/a |
n/a |
2012-12-12T00:00:00.000Z | 2025-10-22T00:05:45.640Z |
| cve-2012-4792 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2012-12-30T18:00:00.000Z | 2025-10-22T00:05:45.500Z |
| cve-2013-0625 | N/A | Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a pa… |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:45.325Z |
| cve-2013-0629 | N/A | Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when … |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:45.146Z |
| cve-2013-0631 | N/A | Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows att… |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:44.936Z |
| cve-2013-0422 | N/A | Multiple vulnerabilities in Oracle Java 7 before … |
n/a |
n/a |
2013-01-10T21:23:00.000Z | 2025-10-22T00:05:44.798Z |
| cve-2013-0632 | N/A | administrator.cfc in Adobe ColdFusion 9.0, 9.0.1,… |
n/a |
n/a |
2013-01-17T00:00:00.000Z | 2025-10-22T00:05:44.628Z |
| cve-2013-0431 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2013-01-31T14:10:00.000Z | 2025-10-22T00:05:44.308Z |
| cve-2013-0640 | N/A | Adobe Reader and Acrobat 9.x before 9.5.4, 10.x b… |
n/a |
n/a |
2013-02-14T01:00:00.000Z | 2025-10-22T00:05:44.167Z |
| cve-2013-0641 | N/A | Buffer overflow in Adobe Reader and Acrobat 9.x b… |
n/a |
n/a |
2013-02-14T01:00:00.000Z | 2025-10-22T00:05:44.030Z |
| cve-2013-0643 | N/A | The Firefox sandbox in Adobe Flash Player before … |
n/a |
n/a |
2013-02-27T00:00:00.000Z | 2025-10-22T00:05:43.876Z |
| cve-2013-0648 | N/A | Unspecified vulnerability in the ExternalInterfac… |
n/a |
n/a |
2013-02-27T00:00:00.000Z | 2025-10-22T00:05:43.736Z |
| cve-2013-2551 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2013-03-11T10:00:00.000Z | 2025-10-22T00:05:43.584Z |
| cve-2013-0074 | N/A | Microsoft Silverlight 5, and 5 Developer Runtime,… |
n/a |
n/a |
2013-03-13T00:00:00.000Z | 2025-10-22T00:05:43.423Z |
| cve-2013-2596 | N/A | Integer overflow in the fb_mmap function in drive… |
n/a |
n/a |
2013-04-13T01:00:00.000Z | 2025-10-22T00:05:43.277Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2011-3402 | N/A | Unspecified vulnerability in the TrueType font pa… |
n/a |
n/a |
2011-11-04T21:00:00.000Z | 2025-10-22T00:05:48.983Z |
| cve-2011-2462 | N/A | Unspecified vulnerability in the U3D component in… |
n/a |
n/a |
2011-12-07T19:00:00.000Z | 2025-11-21T15:56:38.224Z |
| cve-2011-4723 | N/A | The D-Link DIR-300 router stores cleartext passwo… |
n/a |
n/a |
2011-12-20T11:00:00.000Z | 2025-10-22T00:05:48.669Z |
| cve-2012-0391 | N/A | The ExceptionDelegator component in Apache Struts… |
n/a |
n/a |
2012-01-08T15:00:00.000Z | 2025-10-22T00:05:48.504Z |
| cve-2012-0754 | N/A | Adobe Flash Player before 10.3.183.15 and 11.x be… |
n/a |
n/a |
2012-02-16T19:00:00.000Z | 2025-11-17T20:14:29.301Z |
| cve-2012-0767 | N/A | Cross-site scripting (XSS) vulnerability in Adobe… |
n/a |
n/a |
2012-02-16T19:00:00.000Z | 2025-10-22T00:05:48.202Z |
| cve-2012-0151 | N/A | The Authenticode Signature Verification function … |
n/a |
n/a |
2012-04-10T21:00:00.000Z | 2025-10-22T00:05:48.035Z |
| cve-2012-0158 | N/A | The (1) ListView, (2) ListView2, (3) TreeView, an… |
n/a |
n/a |
2012-04-10T21:00:00.000Z | 2025-10-22T00:05:47.862Z |
| cve-2011-3079 | N/A | The Inter-process Communication (IPC) implementat… |
n/a |
n/a |
2012-05-01T10:00:00 | 2024-08-06T23:22:27.368Z |
| cve-2012-1710 | N/A | Unspecified vulnerability in the Oracle WebCenter… |
n/a |
n/a |
2012-05-03T22:00:00.000Z | 2025-10-22T00:05:47.717Z |
| cve-2012-1823 | N/A | sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.… |
n/a |
n/a |
2012-05-11T10:00:00.000Z | 2025-11-04T17:11:54.860Z |
| cve-2012-1987 | N/A | Unspecified vulnerability in Puppet 2.6.x before … |
n/a |
n/a |
2012-05-29T20:00:00 | 2024-08-06T19:17:27.604Z |
| cve-2012-0507 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2012-06-07T22:00:00.000Z | 2025-10-22T00:05:47.423Z |
| cve-2012-2034 | N/A | Adobe Flash Player before 10.3.183.20 and 11.x be… |
n/a |
n/a |
2012-06-09T00:00:00.000Z | 2025-10-22T00:05:47.286Z |
| cve-2012-1889 | N/A | Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.… |
n/a |
n/a |
2012-06-13T01:00:00.000Z | 2025-10-22T00:05:47.142Z |
| cve-2012-1723 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2012-06-16T21:00:00.000Z | 2025-10-22T00:05:47.007Z |
| cve-2012-3842 | N/A | Multiple cross-site scripting (XSS) vulnerabiliti… |
n/a |
n/a |
2012-07-03T22:00:00Z | 2024-09-16T23:46:32.392Z |
| cve-2012-1571 | N/A | file before 5.11 and libmagic allow remote attack… |
n/a |
n/a |
2012-07-17T21:00:00.000Z | 2025-12-04T20:31:00.745Z |
| cve-2012-1856 | N/A | The TabStrip ActiveX control in the Common Contro… |
n/a |
n/a |
2012-08-15T01:00:00.000Z | 2025-10-22T00:05:46.865Z |
| cve-2012-1535 | N/A | Unspecified vulnerability in Adobe Flash Player b… |
n/a |
n/a |
2012-08-15T10:00:00.000Z | 2025-10-22T00:05:46.712Z |
| cve-2012-4681 | N/A | Multiple vulnerabilities in the Java Runtime Envi… |
n/a |
n/a |
2012-08-28T00:00:00.000Z | 2025-10-22T00:05:46.560Z |
| cve-2012-4969 | N/A | Use-after-free vulnerability in the CMshtmlEd::Ex… |
n/a |
n/a |
2012-09-18T10:00:00.000Z | 2025-10-22T00:05:46.392Z |
| cve-2012-5054 | N/A | Integer overflow in the copyRawDataTo method in t… |
n/a |
n/a |
2012-09-24T17:00:00.000Z | 2025-10-22T00:05:46.256Z |
| cve-2012-5076 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2012-10-16T21:29:00.000Z | 2025-10-22T00:05:46.105Z |
| cve-2012-0518 | N/A | Unspecified vulnerability in the Oracle Applicati… |
n/a |
n/a |
2012-10-16T23:00:00.000Z | 2025-10-22T00:05:45.957Z |
| cve-2012-3152 | N/A | Unspecified vulnerability in the Oracle Reports D… |
n/a |
n/a |
2012-10-16T23:00:00.000Z | 2025-10-22T00:05:45.789Z |
| cve-2012-5887 | N/A | The HTTP Digest Access Authentication implementat… |
n/a |
n/a |
2012-11-17T19:00:00 | 2024-08-06T21:21:27.681Z |
| cve-2012-2539 | N/A | Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 20… |
n/a |
n/a |
2012-12-12T00:00:00.000Z | 2025-10-22T00:05:45.640Z |
| cve-2012-4792 | N/A | Use-after-free vulnerability in Microsoft Interne… |
n/a |
n/a |
2012-12-30T18:00:00.000Z | 2025-10-22T00:05:45.500Z |
| cve-2013-0625 | N/A | Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a pa… |
n/a |
n/a |
2013-01-09T01:00:00.000Z | 2025-10-22T00:05:45.325Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2024-1058 | Malicious code in jaas-jwt (npm) | 2024-03-07T12:45:43Z | 2025-03-01T00:37:01Z |
| mal-2024-9968 | Malicious code in discord-react (PyPI) | 2024-05-25T20:07:47Z | 2025-02-11T06:38:33Z |
| mal-2024-1613 | Malicious code in airbnb-o2 (npm) | 2024-06-17T00:09:33Z | 2025-03-21T00:35:10Z |
| mal-2024-1625 | Malicious code in nt4padyp3 (PyPI) | 2024-06-17T12:35:54Z | 2025-12-11T09:27:53Z |
| mal-2024-1624 | Malicious code in importlib-metadate (PyPI) | 2024-06-17T12:41:40Z | 2025-12-11T09:27:53Z |
| mal-2024-1647 | Malicious code in tyk-developer-portal (npm) | 2024-06-20T14:11:05Z | 2025-01-21T00:31:58Z |
| mal-2024-1738 | Malicious code in ai-chatbot-starter (npm) | 2024-06-25T12:25:09Z | 2025-06-18T15:07:35Z |
| mal-2024-9499 | Malicious code in alloy-icons (npm) | 2024-06-25T12:25:49Z | 2024-12-09T14:39:21Z |
| mal-2024-1769 | Malicious code in arangodb (npm) | 2024-06-25T12:28:19Z | 2024-12-09T14:39:21Z |
| mal-2024-1798 | Malicious code in azure-rest-api-specs-eng-tools (npm) | 2024-06-25T12:29:08Z | 2025-09-26T11:06:44Z |
| mal-2024-1832 | Malicious code in bootstrap-sass-official (npm) | 2024-06-25T12:30:03Z | 2025-03-31T07:07:49Z |
| mal-2024-1847 | Malicious code in business-kpi-manager (npm) | 2024-06-25T12:30:21Z | 2025-05-22T14:07:46Z |
| mal-2024-2007 | Malicious code in compassrnsampleapp (npm) | 2024-06-25T12:34:09Z | 2025-04-28T05:47:09Z |
| mal-2024-2021 | Malicious code in consul-nspaces (npm) | 2024-06-25T12:34:22Z | 2025-10-27T18:09:48Z |
| mal-2024-2035 | Malicious code in cta-onboard-express (npm) | 2024-06-25T12:34:42Z | 2025-04-28T05:47:09Z |
| mal-2024-2037 | Malicious code in cuenta-ahorro (npm) | 2024-06-25T12:34:49Z | 2025-04-28T05:47:09Z |
| mal-2024-2048 | Malicious code in custom-proxy (npm) | 2024-06-25T12:35:04Z | 2025-02-03T18:38:39Z |
| mal-2024-2055 | Malicious code in d11-foo (npm) | 2024-06-25T12:35:11Z | 2025-02-03T18:38:39Z |
| mal-2024-2067 | Malicious code in decode-2021-fe (npm) | 2024-06-25T12:35:23Z | 2025-02-03T18:38:39Z |
| mal-2024-2092 | Malicious code in dialog-holder (npm) | 2024-06-25T12:36:07Z | 2025-08-01T10:42:04Z |
| mal-2024-2287 | Malicious code in egstore-ctx (npm) | 2024-06-25T12:41:07Z | 2025-02-03T18:38:39Z |
| mal-2024-2294 | Malicious code in ember-nf-graph-examples (npm) | 2024-06-25T12:41:12Z | 2025-03-31T07:07:49Z |
| mal-2024-2325 | Malicious code in eslint-disable-line (npm) | 2024-06-25T12:41:50Z | 2025-08-01T10:42:05Z |
| mal-2024-2327 | Malicious code in eslint-plugin-cdp-project (npm) | 2024-06-25T12:41:51Z | 2025-04-28T05:47:09Z |
| mal-2024-2347 | Malicious code in example-arc-server (npm) | 2024-06-25T12:42:18Z | 2025-06-18T15:07:35Z |
| mal-2024-2348 | Malicious code in example-arc-server-request-local (npm) | 2024-06-25T12:42:19Z | 2025-06-18T15:07:35Z |
| mal-2024-2350 | Malicious code in exceptiongroup (npm) | 2024-06-25T12:42:21Z | 2025-12-02T09:12:14Z |
| mal-2024-2369 | Malicious code in financialforce (npm) | 2024-06-25T12:42:58Z | 2025-08-29T06:43:16Z |
| mal-2024-2377 | Malicious code in flipper-plugins (npm) | 2024-06-25T12:43:10Z | 2025-06-18T15:07:35Z |
| mal-2024-2379 | Malicious code in float-kit (npm) | 2024-06-25T12:43:12Z | 2025-02-03T18:38:40Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-0047 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-01-12T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0084 | Rsync: Mehrere Schwachstellen | 2025-01-14T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-0119 | Linux Kernel: Mehrere Schwachstellen | 2025-01-19T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0132 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2025-01-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-0201 | Apple macOS, iPadOS und iOS: Mehrere Schwachstellen | 2025-01-27T23:00:00.000+00:00 | 2025-11-23T23:00:00.000+00:00 |
| wid-sec-w-2025-0232 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-01-30T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0284 | Apache Camel for Spring Boot: Mehrere Schwachstellen | 2025-02-05T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0302 | GnuTLS: Schwachstelle ermöglicht Denial of Service | 2025-02-09T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0309 | Linux Kernel: Mehrere Schwachstellen | 2025-02-10T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0362 | Linux Kernel: Mehrere Schwachstellen | 2025-02-12T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0396 | Grub: Mehrere Schwachstellen | 2025-02-18T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0403 | libxml2: Mehrere Schwachstellen | 2025-02-18T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-0411 | Linux Kernel: Mehrere Schwachstellen | 2025-02-18T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0453 | Linux Kernel: Mehrere Schwachstellen | 2025-02-26T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0461 | Linux Kernel: Mehrere Schwachstellen | 2025-02-27T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0499 | Linux Kernel: Mehrere Schwachstellen | 2025-03-06T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0503 | Apache Cassandra: Schwachstelle ermöglicht Codeausführung | 2025-03-06T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0542 | Webkit/Apple : Schwachstelle ermöglicht Umgehung von Sicherheitsmechanismen | 2025-03-11T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0545 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-03-11T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0562 | expat: Schwachstelle ermöglicht Denial of Service | 2025-03-13T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0572 | X.Org X11: Schwachstelle ermöglicht Denial of Service | 2025-03-16T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0600 | GnuPG: Schwachstelle ermöglicht Denial of Service | 2025-03-19T23:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0607 | WebKitGTK and WPE WebKit: Mehrere Schwachstellen | 2025-03-20T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0625 | Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Denial of Service | 2025-03-24T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-0649 | Linux Kernel: Mehrere Schwachstellen | 2025-03-27T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0683 | Linux Kernel: Mehrere Schwachstellen | 2025-04-01T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-0708 | pgAdmin: Mehrere Schwachstellen | 2025-04-03T22:00:00.000+00:00 | 2025-11-11T23:00:00.000+00:00 |
| wid-sec-w-2025-0712 | GNU libc: Schwachstelle ermöglicht Denial of Service | 2025-04-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0713 | poppler: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-04-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-0718 | Red Hat Enterprise Linux (libxslt): Schwachstelle ermöglicht DoS und Codeausführung | 2025-04-06T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-434534 | SSA-434534: Memory Protection Bypass Vulnerability in SIMATIC S7-1200 and S7-1500 CPU Families | 2021-05-28T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-133038 | SSA-133038: Multiple Modfem File Parsing Vulnerabilities in Simcenter Femap | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-208356 | SSA-208356: DFT File Parsing Vulnerabilities in Solid Edge | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-211752 | SSA-211752: Multiple NTP-Client Related Vulnerabilities in SIMATIC CP 443-1 OPC UA | 2021-06-08T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-419820 | SSA-419820: Denial-of-Service Vulnerability in TIM 1531 IRC | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-522654 | SSA-522654: Privilege Escalation Vulnerability in Mendix SAML Module | 2021-06-08T00:00:00Z | 2021-06-08T00:00:00Z |
| ssa-787292 | SSA-787292: Denial of Service Vulnerability in SIMATIC RFID Readers | 2021-06-08T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-173615 | SSA-173615: Multiple PAR and ASM File Parsing Vulnerabilities in Solid Edge | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-209268 | SSA-209268: Multiple JT File Parsing Vulnerabilities in JT Utilities before V13.0.2.0 | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-352521 | SSA-352521: Access Check Bypass Vulnerability in Mendix | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-434535 | SSA-434535: Memory Protection Bypass Vulnerability in SINAMICS PERFECT HARMONY GH180 Drives | 2021-07-13T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-434536 | SSA-434536: Memory Protection Bypass Vulnerability in SINUMERIK ONE and SINUMERIK MC | 2021-07-13T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-448291 | SSA-448291: Denial-of-Service Vulnerability in ARP Protocol of RWG Universal Controllers | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-483182 | SSA-483182: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2 | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-560465 | SSA-560465: DHCP Client Vulnerability in VxWorks-based Industrial Products | 2021-07-13T00:00:00Z | 2022-05-10T00:00:00Z |
| ssa-599968 | SSA-599968: Denial of Service Vulnerability in Profinet Devices | 2021-07-13T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-622535 | SSA-622535: Multiple Vulnerabilities in Teamcenter Active Workspace | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-641963 | SSA-641963: Remote Code Execution Vulnerability in Multiple SIMATIC Software Products | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-661034 | SSA-661034: Incorrect Permission Assignment in Multiple SIMATIC Software Products | 2021-07-13T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-675303 | SSA-675303: WIBU Systems CodeMeter Runtime Vulnerabilities in Siemens Products | 2021-07-13T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-729965 | SSA-729965: TLS Certificate Validation Vulnerability in SINUMERIK Integrate Operate Client | 2021-07-13T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-913875 | SSA-913875: Frame Aggregation and Fragmentation Vulnerabilities in 802.11 | 2021-07-13T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-789208 | SSA-789208: Multiple Vulnerabilities (INFRA:HALT) in Interniche IP-Stack based Low Voltage Devices | 2021-08-04T00:00:00Z | 2022-01-11T00:00:00Z |
| ssa-158827 | SSA-158827: Denial-of-Service Vulnerability in Automation License Manager | 2021-08-10T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-365397 | SSA-365397: Multiple File Parsing Vulnerabilities in JT2Go and Teamcenter Visualization before V13.2.0.1 | 2021-08-10T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-553445 | SSA-553445: DNS "Name:Wreck" Vulnerabilities in Multiple Siemens Energy AGT and SGT solutions | 2021-08-10T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-679335 | SSA-679335: Multiple Vulnerabilities in Embedded FTP Server of SIMATIC CP Modules | 2021-08-10T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-756744 | SSA-756744: OS Command Injection Vulnerability in SINEC NMS | 2021-08-10T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-818688 | SSA-818688: Multiple Vulnerabilities in Solid Edge before SE2021MP7 | 2021-08-10T00:00:00Z | 2021-08-10T00:00:00Z |
| ssa-830194 | SSA-830194: Missing Authentication Vulnerability in S7-1200 Devices | 2021-08-10T00:00:00Z | 2021-09-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2002:124 | Red Hat Security Advisory: xchat security update | 2002-08-05T21:04:00+00:00 | 2025-11-21T17:24:51+00:00 |
| rhsa-2002:167 | Red Hat Security Advisory: glibc security update | 2002-08-06T07:25:00+00:00 | 2025-11-21T17:24:59+00:00 |
| rhsa-2002:160 | Red Hat Security Advisory: : Updated openssl packages fix protocol parsing bugs | 2002-08-06T07:34:00+00:00 | 2025-11-21T17:24:57+00:00 |
| rhsa-2002:163 | Red Hat Security Advisory: openssl, mm security update for Stronghold | 2002-08-08T09:20:00+00:00 | 2025-11-21T17:24:59+00:00 |
| rhsa-2002:133 | Red Hat Security Advisory: : Updated bind packages fix buffer overflow in resolver library | 2002-08-09T16:23:00+00:00 | 2025-11-21T17:24:53+00:00 |
| rhsa-2002:172 | Red Hat Security Advisory: : : : Updated krb5 packages fix remote buffer overflow | 2002-08-15T21:01:00+00:00 | 2025-11-21T17:25:00+00:00 |
| rhsa-2002:120 | Red Hat Security Advisory: LPRng security update | 2002-08-19T07:48:00+00:00 | 2025-11-21T17:24:50+00:00 |
| rhsa-2002:151 | Red Hat Security Advisory: : Updated libpng packages fix buffer overflow | 2002-08-19T08:21:00+00:00 | 2025-11-21T17:24:57+00:00 |
| rhsa-2002:184 | Red Hat Security Advisory: openssl security update for Stronghold | 2002-08-19T14:40:00+00:00 | 2025-11-21T17:25:04+00:00 |
| rhsa-2002:123 | Red Hat Security Advisory: ghostscript security update | 2002-08-20T18:57:00+00:00 | 2025-11-21T17:24:51+00:00 |
| rhsa-2002:176 | Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability | 2002-08-23T17:05:00+00:00 | 2025-11-21T17:25:01+00:00 |
| rhsa-2002:177 | Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability | 2002-08-23T17:08:00+00:00 | 2025-11-21T17:25:02+00:00 |
| rhsa-2002:178 | Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability | 2002-08-27T13:58:00+00:00 | 2025-11-21T17:25:07+00:00 |
| rhsa-2002:181 | Red Hat Security Advisory: mailman security update | 2002-08-28T09:40:00+00:00 | 2025-11-21T17:25:03+00:00 |
| rhsa-2002:169 | Red Hat Security Advisory: : Updated ethereal packages are available | 2002-08-29T14:41:00+00:00 | 2025-11-21T17:25:00+00:00 |
| rhsa-2002:162 | Red Hat Security Advisory: : PXE server crashes from certain DHCP packets | 2002-08-30T13:16:00+00:00 | 2025-11-21T17:24:58+00:00 |
| rhsa-2002:165 | Red Hat Security Advisory: pxe security update | 2002-08-30T14:35:00+00:00 | 2025-11-21T17:25:01+00:00 |
| rhsa-2002:193 | Red Hat Security Advisory: openssl security update for Stronghold | 2002-09-02T12:10:00+00:00 | 2025-11-21T17:25:09+00:00 |
| rhsa-2002:173 | Red Hat Security Advisory: krb5 security update | 2002-09-05T07:34:00+00:00 | 2025-11-21T17:25:00+00:00 |
| rhsa-2002:191 | Red Hat Security Advisory: gaim security update | 2002-09-09T17:37:00+00:00 | 2025-11-21T17:25:04+00:00 |
| rhsa-2002:189 | Red Hat Security Advisory: : Updated gaim client fixes URL vulnerability | 2002-09-10T08:59:00+00:00 | 2025-11-21T17:25:04+00:00 |
| rhsa-2002:190 | Red Hat Security Advisory: : Updated gaim client fixes URL vulnerability | 2002-09-10T09:00:00+00:00 | 2025-11-21T17:25:04+00:00 |
| rhsa-2002:170 | Red Hat Security Advisory: ethereal security update | 2002-09-13T14:23:00+00:00 | 2025-11-21T17:25:00+00:00 |
| rhsa-2002:036 | Red Hat Security Advisory: : Updated ethereal packages available | 2002-09-13T19:09:00+00:00 | 2025-11-21T17:24:45+00:00 |
| rhsa-2002:096 | Red Hat Security Advisory: : : : Updated unzip and tar packages fix vulnerabilities | 2002-09-29T08:40:00+00:00 | 2025-11-21T17:24:48+00:00 |
| rhsa-2002:138 | Red Hat Security Advisory: unzip security update | 2002-10-02T18:44:00+00:00 | 2025-11-21T17:24:54+00:00 |
| rhsa-2002:197 | Red Hat Security Advisory: : Updated glibc packages fix vulnerabilities in resolver | 2002-10-04T06:17:00+00:00 | 2025-11-21T17:25:06+00:00 |
| rhsa-2002:175 | Red Hat Security Advisory: : Updated nss_ldap packages fix buffer overflow | 2002-10-04T07:19:00+00:00 | 2025-11-21T17:25:01+00:00 |
| rhsa-2002:180 | Red Hat Security Advisory: nss_ldap ecurity update | 2002-10-04T07:20:00+00:00 | 2025-11-21T17:25:03+00:00 |
| rhsa-2002:215 | Red Hat Security Advisory: : Updated fetchmail packages fix vulnerabilities | 2002-10-07T20:29:00+00:00 | 2025-11-21T17:25:08+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2011-3045 | Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. | 2012-03-02T00:00:00.000Z | 2025-06-13T00:00:00.000Z |
| msrc_cve-2012-0883 | envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl. | 2012-04-02T00:00:00.000Z | 2025-09-03T20:26:28.000Z |
| msrc_cve-2011-3048 | The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. | 2012-05-02T00:00:00.000Z | 2025-09-03T22:14:56.000Z |
| msrc_cve-2012-2653 | arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon. | 2012-07-02T00:00:00.000Z | 2025-10-01T23:10:52.000Z |
| msrc_cve-2012-2677 | Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool | 2012-07-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| msrc_cve-2012-3381 | sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | 2012-08-02T00:00:00.000Z | 2025-10-01T23:10:53.000Z |
| msrc_cve-2012-3425 | The png_push_read_zTXt function allows remote attackers to cause a denial of service | 2012-08-02T00:00:00.000Z | 2025-04-16T00:00:00.000Z |
| msrc_cve-2011-0433 | Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642. | 2012-11-02T00:00:00.000Z | 2025-10-01T23:10:51.000Z |
| msrc_cve-2011-5244 | Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433. | 2012-11-02T00:00:00.000Z | 2025-10-01T23:10:52.000Z |
| msrc_cve-2012-4575 | The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request. | 2012-11-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2011-4966 | modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password. | 2013-03-02T00:00:00.000Z | 2025-10-01T23:10:52.000Z |
| msrc_cve-2011-4969 | Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag. | 2013-03-02T00:00:00.000Z | 2025-09-03T21:57:55.000Z |
| msrc_cve-2013-2094 | The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type which allows local users to gain privileges via a crafted perf_event_open system call. | 2013-05-02T00:00:00.000Z | 2025-02-05T00:00:00.000Z |
| msrc_cve-2012-5627 | Oracle MySQL and MariaDB 5.5.x before 5.5.29 5.3.x before 5.3.12 and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks. | 2013-10-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-2013-4342 | xinetd does not enforce the user and group configuration directives for TCPMUX services which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. | 2013-10-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2013-0221 | The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command when using the (1) -d or (2) -M switch which triggers a stack-based buffer overflow in the alloca function. | 2013-11-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2013-0222 | The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command which triggers a stack-based buffer overflow in the alloca function. | 2013-11-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2013-0223 | The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command when using the -i switch which triggers a stack-based buffer overflow in the alloca function. | 2013-11-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2013-4416 | The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply. | 2013-11-02T00:00:00.000Z | 2025-09-03T23:21:14.000Z |
| msrc_cve-2013-6381 | Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size. | 2013-11-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2011-2519 | Xen in the Linux kernel when running a guest on a host without hardware assisted paging (HAP) allows guest users to cause a denial of service (invalid pointer dereference and hypervisor crash) via the SAHF instruction. | 2013-12-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2013-0340 | expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function which allows remote attackers to cause a denial of service (resource consumption) send HTTP requests to intranet servers or read arbitrary files via a crafted XML document aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion the responsibility for resolving this issue lies with application developers; according to this argument this entry should be REJECTed and each affected application would need its own CVE. | 2014-01-02T00:00:00.000Z | 2021-12-01T00:00:00.000Z |
| msrc_cve-2010-4226 | cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. | 2014-02-02T00:00:00.000Z | 2025-09-03T20:26:05.000Z |
| msrc_cve-2013-4420 | Multiple directory traversal vulnerabilities in the (1) tar_extract_glob and (2) tar_extract_all functions in libtar 1.2.20 and earlier allow remote attackers to overwrite arbitrary files via a .. (dot dot) in a crafted tar file. | 2014-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2014-0069 | The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes which allows local users to obtain sensitive information from kernel memory cause a denial of service (memory corruption and system crash) or possibly gain privileges via a writev system call with a crafted pointer. | 2014-02-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2013-6418 | PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate. | 2014-05-02T00:00:00.000Z | 2025-09-03T23:39:48.000Z |
| msrc_cve-2014-3185 | Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response. | 2014-09-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2014-3618 | Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header related to "unbalanced quotes." | 2014-09-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2014-5461 | Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments. | 2014-09-02T00:00:00.000Z | 2025-09-03T21:01:20.000Z |
| msrc_cve-2014-7204 | jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service (infinite loop and CPU and disk consumption) via a crafted JavaScript file. | 2014-10-02T00:00:00.000Z | 2021-07-30T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-280-01 | Delta Electronics DIAScreen | 2025-10-07T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-05 | Siemens Solid Edge | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-06 | Siemens SiPass | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-07 | Siemens SIMATIC ET 200SP Communication Processors | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-08 | Siemens SINEC NMS | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-09 | Siemens TeleControl Server Basic | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-10 | Siemens HyperLynx and Industrial Edge App Publisher | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-301-01 | Schneider Electric EcoStruxure | 2025-10-14T07:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-289-01 | Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7 | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-289-02 | Rockwell Automation FactoryTalk Linx | 2025-10-16T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-03 | Rockwell Automation FactoryTalk ViewPoint | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-289-04 | Rockwell Automation ArmorStart AOP | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-294-01 | Rockwell Automation 1783-NATR | 2025-10-21T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-294-02 | Rockwell Automation Compact GuardLogix 5370 | 2025-10-21T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-294-05 | CloudEdge Online Cameras and App | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-06 | Raisecomm RAX701-GC Series | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsma-25-294-01 | Oxford Nanopore Technologies MinKNOW | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| va-25-297-01 | IBM DOORS Next Generation multiple vulnerabilities | 2025-10-22T18:45:47Z | 2025-10-22T18:45:47Z |
| va-25-296-01 | Frontier Airlines website publicly available email address validation | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| icsa-25-296-01 | AutomationDirect Productivity Suite | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-02 | ASKI Energy ALS-Mini-S8 and ALS-Mini-S4 | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-03 | Veeder-Root TLS4B Automatic Tank Gauge System | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-04 | Delta Electronics ASDA-Soft | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsma-25-296-01 | NIHON KOHDEN Central Monitor CNS-6201 | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsma-25-301-01 | Vertikal Systems Hospital Manager Backend Services | 2025-10-28T06:00:00.000000Z | 2025-10-28T06:00:00.000000Z |
| icsa-25-303-01 | International Standards Organization ISO 15118 | 2025-10-30T05:00:00.000000Z | 2025-10-30T05:00:00.000000Z |
| icsa-25-303-02 | Hitachi Energy TropOS | 2025-10-30T06:00:00.000000Z | 2025-10-30T06:00:00.000000Z |
| va-25-304-01 | ELOG multiple vulnerabilities | 2025-10-31T16:57:24Z | 2025-10-31T16:57:24Z |
| va-25-304-02 | Restaurant Brands International assistant platform multiple vulnerabilities | 2025-10-31T17:02:13Z | 2025-10-31T17:02:13Z |
| icsa-25-308-01 | Fuji Electric Monitouch V-SFT-6 | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2005-000775 | Vulnerability involving security zone handling in applications using Internet Explorer components | 2008-05-21T00:00+09:00 | 2010-10-12T16:44+09:00 |
| jvndb-2005-000776 | Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000777 | tDiary cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000778 | QRcode Perl CGI & PHP script vulnerable to denial of service attack | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000779 | Hiki cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000780 | Hiki cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000781 | Common Management Agent 3.x vulnerable to information leakage | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000782 | WirelessIP5000 has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000783 | WirelessIP5000 has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000784 | WirelessIP5000 has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000785 | WirelessIP5000 has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000786 | WirelessIP5000 has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000787 | Pochy denial-of-service (DoS) vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000788 | FreeStyleWiki command injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000789 | Hyper NIKKI System cross-site request forgery vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000791 | Cross-site scripting vulnerability in the Unicode version of msearch | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000792 | eBASEweb SQL injection vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000793 | Hyper Estraier directory traversal/denial of service vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000794 | Kent Web PostMail vulnerable to third party mail relay | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000795 | HTTPD-User-Manage cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000796 | Multiple vulnerabilities in FreeStyleWiki including cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000797 | Multiple vulnerabilities in FreeStyleWiki including cross-site scripting | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000798 | MitakeSearch cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000799 | Problem with referer header handling on mobile phone web browsers | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000800 | Opera bookmark function vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000801 | WebNote Clip vulnerable to OS command injection | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000802 | BBSNote cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000804 | Tomcat vulnerable in request processing | 2008-05-21T00:00+09:00 | 2008-07-07T18:04+09:00 |
| jvndb-2005-000805 | nProtect Netizen has multiple vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000864 | XOOPS cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|