Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-9fjm-6w64-76r7 | Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remo… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-94jm-p5xh-jj8r | Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection vulnerabi… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-7qcj-ww2g-7w6j | An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is tr… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-7pjr-w6wm-m432 | The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.1. An … | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-6vjc-8c8h-2mp3 | A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macO… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-6jcc-g9h6-fghc | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-662h-839m-x83f | Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers … | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-65w8-f62m-jvph | Online Shopping System Advanced 1.0 contains a SQL injection vulnerability in the payment_success.p… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-639x-fqcm-vj6w | A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vul… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-4xqm-vpgx-qhwx | A weakness has been identified in itsourcecode Student Management System 1.0. The affected element … | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-4v69-cg9p-ggfp | PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remo… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-4f42-626f-cqm7 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.1. An… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-3jp5-5f8r-q2wg | Vuetify has a Prototype Pollution vulnerability | 2025-12-12T21:31:38Z | 2025-12-12T22:14:53Z |
| ghsa-3fj4-wqjh-c2vp | A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an un… | 2025-12-12T21:31:38Z | 2025-12-12T21:31:38Z |
| ghsa-m5gv-vj3f-6v2p | Liferay Portal and DXP Instance Admin can execute code using Objects Actions and Validations | 2025-12-12T21:31:30Z | 2025-12-12T22:12:32Z |
| ghsa-55jh-84jv-8mx8 | Lightning Flow Scanner Vulnerable to Code Injection via Unsafe Use of `new Function()` in APIVersion Rule | 2025-12-12T20:20:34Z | 2025-12-12T21:37:29Z |
| ghsa-4jmp-x7mh-rgmr | Finality Provider vulnerable to anti-slashing bypassing due to misconfiguration | 2025-12-12T20:15:03Z | 2025-12-12T20:15:03Z |
| ghsa-4jj9-cgqc-x9h5 | NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM) | 2025-12-12T19:22:04Z | 2025-12-12T19:22:04Z |
| ghsa-x6mh-4w8x-p34v | MineAdmin has an insecure default password | 2025-12-12T18:30:35Z | 2025-12-12T22:13:22Z |
| ghsa-w37p-hc4m-chqj | Malwarebytes 1.0.14 for Linux doesn't properly compute signatures in some scenarios. This allows a … | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-v455-wrvf-mv55 | An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allo… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-r6m5-94xr-hjvj | Plesk 18.0 has Incorrect Access Control. | 2025-12-12T18:30:35Z | 2025-12-12T21:31:38Z |
| ghsa-p3j9-r399-qwr2 | Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects wave… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-mc2j-c984-23q4 | jshERP versions 3.5 and earlier are affected by a stored XSS vulnerability. This vulnerability allo… | 2025-12-12T18:30:35Z | 2025-12-12T21:31:38Z |
| ghsa-hmmh-292h-3364 | Weaviate OSS has path traversal vulnerability via the Shard Movement API | 2025-12-12T18:30:35Z | 2025-12-12T20:25:07Z |
| ghsa-h6j9-6xjq-44c4 | Nextcloud Server 30.0.0 is vulnerable to an Insecure Direct Object Reference (IDOR) in the /core/pr… | 2025-12-12T18:30:35Z | 2025-12-12T21:31:38Z |
| ghsa-g9jw-93wv-fj7v | BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their p… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-chgc-xwgh-x2f3 | A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-9r78-47qh-www2 | In the Linux kernel, the following vulnerability has been resolved: usb: storage: sddr55: Reject o… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-7v39-2hx7-7c43 | Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip | 2025-12-12T18:30:35Z | 2025-12-12T20:25:25Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13089 | WP Directory Kit <= 1.4.7 - Unauthenticated SQL Injection |
listingthemes |
WP Directory Kit |
2025-12-13T03:20:26.243Z | 2025-12-13T03:20:26.243Z | |
| cve-2025-14278 | HT Slider for Elementor <= 1.7.4 - Authenticated (Cont… |
htplugins |
HT Slider For Elementor |
2025-12-13T03:20:25.867Z | 2025-12-13T03:20:25.867Z | |
| cve-2025-14056 | Custom Post Type UI <= 1.18.1 - Authenticated (Adminis… |
webdevstudios |
Custom Post Type UI |
2025-12-13T03:20:25.501Z | 2025-12-13T03:20:25.501Z | |
| cve-2025-12512 | GenerateBlocks <= 2.1.2 - Authenticated (Contributor+)… |
edge22 |
GenerateBlocks |
2025-12-13T03:20:25.130Z | 2025-12-13T03:20:25.130Z | |
| cve-2025-14581 | HAPPY – Helpdesk Support Ticket System <= 1.0.9 - Miss… |
villatheme |
HAPPY – Helpdesk Support Ticket System |
2025-12-13T03:20:24.738Z | 2025-12-13T03:20:24.738Z | |
| cve-2025-14477 | 404 Solution <= 3.1.0 - Authenticated (Admin+) SQL Inj… |
aaron13100 |
404 Solution |
2025-12-13T03:20:24.348Z | 2025-12-13T03:20:24.348Z | |
| cve-2025-13403 | Employee Spotlight – Team Member Showcase & Meet the T… |
emarket-design |
Employee Spotlight – Team Member Showcase & Meet the Team Plugin |
2025-12-13T03:20:23.767Z | 2025-12-13T03:20:23.767Z | |
| cve-2025-13970 | 8 (v3.1) 7 (v4.0) | OpenPLC_V3 Cross-Site Request Forgery |
OpenPLC_V3 |
OpenPLC_V3 |
2025-12-13T00:03:20.869Z | 2025-12-13T00:03:20.869Z |
| cve-2025-54369 | Node-SAML SAML Authentication Bypass |
node-saml |
node-saml |
2025-12-12T23:03:52.427Z | 2025-12-12T23:03:52.427Z | |
| cve-2025-14585 | itsourcecode COVID Tracking System page sql injection |
itsourcecode |
COVID Tracking System |
2025-12-12T22:32:08.732Z | 2025-12-12T22:32:08.732Z | |
| cve-2025-14584 | itsourcecode COVID Tracking System Admin Login login.p… |
itsourcecode |
COVID Tracking System |
2025-12-12T22:32:05.904Z | 2025-12-12T22:32:05.904Z | |
| cve-2025-67749 | PCSX2 has an Out-of-bounds Read due to unchecked offse… |
PCSX2 |
pcsx2 |
2025-12-12T22:24:57.520Z | 2025-12-12T22:24:57.520Z | |
| cve-2025-67721 | Aircompressor's Snappy and LZ4 Java-based decompressor… |
airlift |
aircompressor |
2025-12-12T22:11:10.971Z | 2025-12-12T22:11:10.971Z | |
| cve-2025-14583 | campcodes Online Student Enrollment System register.ph… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:09.974Z | 2025-12-12T22:02:09.974Z | |
| cve-2025-14582 | campcodes Online Student Enrollment System index.php u… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:07.303Z | 2025-12-12T22:02:07.303Z | |
| cve-2025-14611 | 7.1 (v4.0) | Gladinet CentreStack and TrioFox Hard Coded AES Keys |
Gladinet |
CentreStack and TrioFox |
2025-12-12T21:01:13.116Z | 2025-12-12T21:01:13.116Z |
| cve-2025-43518 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:57:05.818Z | 2025-12-12T20:57:05.818Z |
| cve-2025-43522 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-12-12T20:57:04.786Z | 2025-12-12T20:57:04.786Z |
| cve-2025-43467 | N/A | This issue was addressed with improved checks. Th… |
Apple |
macOS |
2025-12-12T20:57:03.725Z | 2025-12-12T20:57:03.725Z |
| cve-2025-43471 | N/A | The issue was addressed with improved checks. Thi… |
Apple |
macOS |
2025-12-12T20:57:02.690Z | 2025-12-12T20:57:02.690Z |
| cve-2025-43406 | N/A | A logic issue was addressed with improved restric… |
Apple |
macOS |
2025-12-12T20:57:01.545Z | 2025-12-12T20:57:01.545Z |
| cve-2025-43410 | N/A | The issue was addressed with improved handling of… |
Apple |
macOS |
2025-12-12T20:57:00.378Z | 2025-12-12T20:57:00.378Z |
| cve-2025-43538 | N/A | A logging issue was addressed with improved data … |
Apple |
macOS |
2025-12-12T20:56:59.178Z | 2025-12-12T20:56:59.178Z |
| cve-2025-43539 | N/A | The issue was addressed with improved bounds chec… |
Apple |
macOS |
2025-12-12T20:56:58.101Z | 2025-12-12T20:56:58.101Z |
| cve-2025-43542 | N/A | This issue was addressed with improved state mana… |
Apple |
macOS |
2025-12-12T20:56:57.008Z | 2025-12-12T20:56:57.008Z |
| cve-2025-43470 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:55.963Z | 2025-12-12T20:56:55.963Z |
| cve-2025-43523 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:54.939Z | 2025-12-12T20:56:54.939Z |
| cve-2025-43466 | N/A | An injection issue was addressed with improved va… |
Apple |
macOS |
2025-12-12T20:56:53.865Z | 2025-12-12T20:56:53.865Z |
| cve-2025-43519 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:52.823Z | 2025-12-12T20:56:52.823Z |
| cve-2025-43512 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:56:51.767Z | 2025-12-12T20:56:51.767Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2024-58316 | 8.7 (v4.0) 7.5 (v3.1) | Online Shopping System Advanced 1.0 SQL Injection via … |
PuneethReddyHC |
online-shopping-system-advanced |
2025-12-12T20:14:23.741Z | 2025-12-12T20:49:46.349Z |
| cve-2025-8083 | 8.6 (v3.1) | Vuetify Prototype Pollution via Preset options |
N/A |
Vuetify |
2025-12-12T19:29:06.926Z | 2025-12-12T19:39:20.731Z |
| cve-2025-67734 | Frappe Authenticated Users can Execute JavaScript thro… |
frappe |
lms |
2025-12-12T19:48:58.721Z | 2025-12-12T20:01:48.581Z | |
| cve-2025-14578 | itsourcecode Student Management System update_account.… |
itsourcecode |
Student Management System |
2025-12-12T20:02:06.076Z | 2025-12-12T20:02:06.076Z | |
| cve-2025-14572 | UTT 进取 512W formWebAuthGlobalConfig memory corruption |
UTT |
进取 512W |
2025-12-12T19:32:06.657Z | 2025-12-12T20:06:23.309Z | |
| cve-2025-14373 | N/A | Inappropriate implementation in Toolbar in Google… |
Google |
Chrome |
2025-12-12T19:20:42.687Z | 2025-12-12T20:42:06.781Z |
| cve-2025-14372 | N/A | Use after free in Password Manager in Google Chro… |
Google |
Chrome |
2025-12-12T19:20:42.308Z | 2025-12-12T20:27:11.139Z |
| cve-2025-14174 | N/A | Out of bounds memory access in ANGLE in Google Ch… |
Google |
Chrome |
2025-12-12T19:20:41.809Z | 2025-12-13T04:55:18.790Z |
| cve-2024-58314 | 8.7 (v4.0) 8.8 (v3.1) | Atcom 2.7.x.x Authenticated Command Injection via Web … |
ATCOM Technology co., LTD. |
100M IP Phones |
2025-12-12T19:57:07.938Z | 2025-12-12T20:13:23.849Z |
| cve-2024-58311 | 8.7 (v4.0) 9.8 (v3.1) | Dormakaba Saflok System 6000 Key Generation Cryptograp… |
dormakaba |
Dormakaba Saflok System 6000 |
2025-12-12T19:57:03.119Z | 2025-12-12T19:57:03.119Z |
| cve-2024-58305 | 8.6 (v4.0) 8.8 (v3.1) | WonderCMS 4.3.2 Cross-Site Scripting Remote Code Execu… |
wondercms |
WonderCMS |
2025-12-12T19:56:58.058Z | 2025-12-12T19:56:58.058Z |
| cve-2024-58299 | 9.3 (v4.0) 9.8 (v3.1) | PCMan FTP Server 2.0 Remote Buffer Overflow via 'pwd' … |
PCMan |
FTP Server |
2025-12-12T19:56:39.145Z | 2025-12-12T19:56:39.145Z |
| cve-2024-14010 | 8.5 (v4.0) 9.8 (v3.1) | Typora 1.7.4 OS Command Injection via Export PDF Preferences |
Unknown |
Typora |
2025-12-12T19:55:03.584Z | 2025-12-12T19:56:12.077Z |
| cve-2025-8082 | 6.3 (v3.1) | Vuetify XSS via unsanitized 'titleDateFormat' in 'VDat… |
N/A |
Vuetify |
2025-12-12T18:33:07.244Z | 2025-12-12T19:08:54.180Z |
| cve-2025-14571 | projectworlds Advanced Library Management System borro… |
projectworlds |
Advanced Library Management System |
2025-12-12T18:32:08.515Z | 2025-12-12T19:13:05.037Z | |
| cve-2025-14570 | projectworlds Advanced Library Management System view_… |
projectworlds |
Advanced Library Management System |
2025-12-12T18:32:06.354Z | 2025-12-12T19:14:59.496Z | |
| cve-2025-14569 | ggml-org whisper.cpp common-whisper.cpp read_audio_dat… |
ggml-org |
whisper.cpp |
2025-12-12T18:02:09.274Z | 2025-12-12T19:22:15.061Z | |
| cve-2025-14568 | haxxorsid Stock-Management-System User.php sql injection |
haxxorsid |
Stock-Management-System |
2025-12-12T18:02:06.640Z | 2025-12-12T19:24:47.913Z | |
| cve-2025-40345 | N/A | usb: storage: sddr55: Reject out-of-bound new_pba |
Linux |
Linux |
2025-12-12T17:53:06.853Z | 2025-12-12T17:53:06.853Z |
| cve-2025-67819 | N/A | An issue was discovered in Weaviate OSS before 1.… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:14:30.844Z |
| cve-2025-67818 | N/A | An issue was discovered in Weaviate OSS before 1.… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:15:25.886Z |
| cve-2025-67342 | N/A | RuoYi versions 4.8.1 and earlier is affected by a… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:16:42.421Z |
| cve-2025-64011 | N/A | Nextcloud Server 30.0.0 is vulnerable to an Insec… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:12:34.083Z |
| cve-2023-29144 | N/A | Malwarebytes 1.0.14 for Linux doesn't properly co… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T16:55:25.681Z |
| cve-2025-67344 | N/A | jshERP v3.5 and earlier is affected by a stored C… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:25:45.680Z |
| cve-2025-67341 | N/A | jshERP versions 3.5 and earlier are affected by a… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:25:06.670Z |
| cve-2025-66430 | N/A | Plesk 18.0 has Incorrect Access Control. |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T20:03:32.319Z |
| cve-2025-65854 | N/A | Insecure permissions in the scheduled tasks featu… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T19:57:56.229Z |
| cve-2025-65530 | N/A | An eval injection in the malware de-obfuscation r… |
n/a |
n/a |
2025-12-12T00:00:00.000Z | 2025-12-12T16:19:45.962Z |
| cve-2025-53960 | Apache StreamPark: Uses the user’s password as the sec… |
Apache Software Foundation |
Apache StreamPark |
2025-12-12T15:15:49.443Z | 2025-12-12T18:47:22.376Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192504 | Malicious code in elf-stats-ginger-hollyberry-135 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192503 | Malicious code in elf-stats-fuzzy-workbench-102 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192502 | Malicious code in elf-stats-fuzzy-fireplace-615 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192501 | Malicious code in elf-stats-frostbitten-muffin-867 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192500 | Malicious code in elf-stats-frostbitten-cookie-757 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192499 | Malicious code in elf-stats-festive-sleigh-368 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192498 | Malicious code in elf-stats-festive-hollyberry-475 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192497 | Malicious code in elf-stats-evergreen-workbench-842 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192496 | Malicious code in elf-stats-evergreen-satchel-868 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192495 | Malicious code in elf-stats-evergreen-nightcap-747 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192494 | Malicious code in elf-stats-ember-stocking-807 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192493 | Malicious code in elf-stats-ember-cookiejar-768 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192492 | Malicious code in elf-stats-cranberry-saddlebag-402 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192491 | Malicious code in elf-stats-cosy-sparkler-518 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192490 | Malicious code in elf-stats-cosy-ribbon-689 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192489 | Malicious code in elf-stats-cosy-chimney-268 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192488 | Malicious code in elf-stats-cocoa-pinecone-118 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192487 | Malicious code in elf-stats-cheery-sparkler-521 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192486 | Malicious code in elf-stats-cheery-sleigh-538 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192485 | Malicious code in elf-stats-cheery-northstar-345 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192484 | Malicious code in elf-stats-cheery-muffin-949 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192483 | Malicious code in elf-stats-caroling-workshop-885 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192482 | Malicious code in elf-stats-caroling-sparkler-130 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192481 | Malicious code in elf-stats-caroling-sled-530 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192480 | Malicious code in elf-stats-caroling-hammer-382 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192479 | Malicious code in elf-stats-caroling-bow-570 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192478 | Malicious code in elf-stats-candystriped-workbench-865 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192477 | Malicious code in elf-stats-candystriped-star-592 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192476 | Malicious code in elf-stats-candystriped-muffin-773 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192475 | Malicious code in elf-stats-candystriped-cookiejar-799 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2449 | GIMP: Schwachstelle ermöglicht Codeausführung | 2025-10-29T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2445 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-10-29T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2444 | Dell Secure Connect Gateway: Mehrere Schwachstellen | 2025-10-29T23:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2441 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-29T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2436 | Xwayland und X.Org X11: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-10-28T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2431 | Linux Kernel: Mehrere Schwachstellen | 2025-10-28T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2427 | strongSwan (eap-mschapv2 plugin): Schwachstelle ermöglicht Codeausführung und DoS | 2025-10-27T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2420 | Apache Tomcat: Mehrere Schwachstellen | 2025-10-27T23:00:00.000+00:00 | 2025-10-28T23:00:00.000+00:00 |
| wid-sec-w-2025-2416 | Proxmox Backup Server: Mehrere Schwachstellen | 2025-10-26T23:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2407 | Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-10-26T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2403 | Ubiquiti UniFi: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-10-23T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2398 | Moxa Switch: Mehrere Schwachstellen | 2025-10-23T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2396 | Hashicorp Vault: Mehrere Schwachstellen | 2025-10-23T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2395 | Rancher Manager: Mehrere Schwachstellen | 2025-10-23T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2394 | Linux Kernel: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2392 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2391 | OpenBao: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-2390 | PowerDNS Recursor: Mehrere Schwachstellen ermöglichen Manipulation von Dateien | 2025-10-22T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2388 | MongoDB: Schwachstelle ermöglicht Privilegieneskalation | 2025-10-22T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-2386 | Unbound: Schwachstelle ermöglicht Manipulation von Dateien | 2025-10-22T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2385 | Drupal Module: Mehrere Schwachstellen | 2025-10-22T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2379 | Dell BIOS: Schwachstelle ermöglicht Manipulation von Daten | 2025-10-21T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2375 | Google Chrome: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-10-21T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2370 | Oracle Systems: Mehrere Schwachstellen | 2025-10-21T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2365 | Oracle Java SE: Mehrere Schwachstellen | 2025-10-21T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2363 | Oracle MySQL: Mehrere Schwachstellen | 2025-10-21T22:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2361 | Oracle Communications: Mehrere Schwachstellen | 2025-10-21T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2360 | Oracle Communications Applications: Mehrere Schwachstellen | 2025-10-21T22:00:00.000+00:00 | 2025-11-17T23:00:00.000+00:00 |
| wid-sec-w-2025-2350 | Linux Kernel: Mehrere Schwachstellen | 2025-10-20T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2344 | Checkmk: Schwachstelle ermöglicht Cross-Site Scripting | 2025-10-20T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-216014 | SSA-216014: Vulnerabilities in EFI variable of SIMATIC IPCs, SIMATIC Tablet PCs, and SIMATIC Field PGs | 2025-03-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-075201 | SSA-075201: Multiple Vulnerabilities in SCALANCE LPE9403 Before V4.0 | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-073066 | SSA-073066: Multiple Vulnerabilities in SINEMA Remote Connect Server Before V3.2 SP3 | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-050438 | SSA-050438: Multiple File Parsing Vulnerabilities in Teamcenter Visualization and Tecnomatix Plant Simulation | 2025-03-11T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-992434 | SSA-992434: Directory Traversal Vulnerability in Third-Party Component in SiPass integrated | 2025-02-17T00:00:00Z | 2025-02-17T00:00:00Z |
| ssa-770770 | SSA-770770: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-769027 | SSA-769027: Multiple Vulnerabilities fixed in SCALANCE W700 IEEE 802.11ax devices before V3.0.0 | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-687955 | SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5 | 2025-02-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-656895 | SSA-656895: Open Redirect Vulnerability in Teamcenter | 2025-02-11T00:00:00Z | 2025-06-10T00:00:00Z |
| ssa-647005 | SSA-647005: Memory Corruption Vulnerability in OpenV2G | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-637914 | SSA-637914: Local Code Execution Vulnerability in Questa and ModelSim Before V2025.1 | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-615116 | SSA-615116: Multiple Vulnerabilities in Apogee PXC and Talon TC Devices | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-369369 | SSA-369369: Weak Registry Permission Vulnerability in SIMATIC IPC DiagBase and SIMATIC IPC DiagMonitor | 2025-02-11T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-342348 | SSA-342348: Insufficient Session Expiration Vulnerability in Siemens Products | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-246355 | SSA-246355: Multiple Vulnerabilities in Tableau Server Component of Opcenter Intelligence | 2025-02-11T00:00:00Z | 2025-02-14T00:00:00Z |
| ssa-224824 | SSA-224824: Denial of Service Vulnerabilities in SIMATIC S7-1200 CPU Family Before V4.7 | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-195895 | SSA-195895: User Enumeration Vulnerability in the Webserver of SIMATIC Products | 2025-02-11T00:00:00Z | 2025-04-08T00:00:00Z |
| ssa-111547 | SSA-111547: Cleartext Storage of Sensitive Information Vulnerability in SIPROTEC 5 | 2025-02-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-717113 | SSA-717113: Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPUs before V4.7 | 2025-01-14T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-416411 | SSA-416411: Cross-Site Scripting Vulnerability in Industrial Edge Management | 2025-01-14T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-404759 | SSA-404759: Information Disclosure Vulnerability in Siveillance Video Camera Drivers | 2025-01-14T00:00:00Z | 2025-01-15T00:00:00Z |
| ssa-314390 | SSA-314390: LDAP Injection Vulnerability in Mendix LDAP Module | 2025-01-14T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-194557 | SSA-194557: Improper Limitation of Filesystem Access through Web Server Vulnerability in SIPROTEC 5 | 2025-01-14T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-928984 | SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC) | 2024-12-16T00:00:00Z | 2025-06-10T00:00:00Z |
| ssa-979056 | SSA-979056: Out of Bounds Write Vulnerability in Parasolid | 2024-12-10T00:00:00Z | 2024-12-12T00:00:00Z |
| ssa-881356 | SSA-881356: Multiple Memory Corruption Vulnerabilities in Simcenter Femap | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-800126 | SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20 | 2024-12-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-730188 | SSA-730188: Multiple File Parsing Vulnerabilities in Solid Edge V2024 | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-701627 | SSA-701627: XXE Injection Vulnerabilities in COMOS | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-645131 | SSA-645131: Multiple WRL File Parsing Vulnerabilities in Teamcenter Visualization | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:21933 | Red Hat Security Advisory: kernel security update | 2025-11-24T10:44:17+00:00 | 2025-11-24T15:04:19+00:00 |
| rhsa-2025:21939 | Red Hat Security Advisory: bind9.16 security update | 2025-11-24T10:36:41+00:00 | 2025-11-27T03:24:31+00:00 |
| rhsa-2025:21926 | Red Hat Security Advisory: kernel security update | 2025-11-24T10:33:16+00:00 | 2025-11-24T15:04:34+00:00 |
| rhsa-2025:21936 | Red Hat Security Advisory: valkey security update | 2025-11-24T09:46:26+00:00 | 2025-11-28T11:32:59+00:00 |
| rhsa-2025:21931 | Red Hat Security Advisory: kernel security update | 2025-11-24T09:38:32+00:00 | 2025-11-25T21:29:47+00:00 |
| rhsa-2025:21929 | Red Hat Security Advisory: RHSA 4.9.1 security and bug fix update | 2025-11-24T08:28:34+00:00 | 2025-11-26T15:30:21+00:00 |
| rhsa-2025:21920 | Red Hat Security Advisory: kernel-rt security update | 2025-11-24T06:25:11+00:00 | 2025-11-25T03:05:52+00:00 |
| rhsa-2025:21917 | Red Hat Security Advisory: kernel security update | 2025-11-24T02:50:01+00:00 | 2025-11-25T03:05:51+00:00 |
| rhsa-2025:21916 | Red Hat Security Advisory: valkey security update | 2025-11-24T02:05:30+00:00 | 2025-11-28T11:33:07+00:00 |
| rhsa-2025:21915 | Red Hat Security Advisory: ghostscript security update | 2025-11-24T02:04:55+00:00 | 2025-11-24T03:01:35+00:00 |
| rhsa-2025:21913 | Red Hat Security Advisory: OpenShift File Integrity Operator bug fix and enhancement update | 2025-11-21T21:19:46+00:00 | 2025-11-25T13:46:14+00:00 |
| rhsa-2025:21897 | Red Hat Security Advisory: Satellite 6.15.5.7 Async Update | 2025-11-20T21:27:37+00:00 | 2025-11-26T21:26:52+00:00 |
| rhsa-2025:21894 | Red Hat Security Advisory: Satellite 6.16.5.6 Async Update | 2025-11-20T21:22:30+00:00 | 2025-11-21T19:32:02+00:00 |
| rhsa-2025:21893 | Red Hat Security Advisory: Satellite 6.17.6.1 Async Update | 2025-11-20T21:18:54+00:00 | 2025-11-21T19:32:02+00:00 |
| rhsa-2025:21889 | Red Hat Security Advisory: bind security update | 2025-11-20T21:12:54+00:00 | 2025-11-27T03:24:38+00:00 |
| rhsa-2025:21892 | Red Hat Security Advisory: Submariner v0.21 security fixes and container updates | 2025-11-20T21:12:16+00:00 | 2025-11-25T17:53:08+00:00 |
| rhsa-2025:21887 | Red Hat Security Advisory: bind security update | 2025-11-20T20:47:47+00:00 | 2025-11-27T03:24:34+00:00 |
| rhsa-2025:21886 | Red Hat Security Advisory: Satellite 6.18.1 Async Update | 2025-11-20T20:43:24+00:00 | 2025-11-21T19:32:01+00:00 |
| rhsa-2025:21885 | Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update | 2025-11-20T19:56:52+00:00 | 2025-11-29T08:07:16+00:00 |
| rhsa-2025:21881 | Red Hat Security Advisory: thunderbird security update | 2025-11-20T19:28:11+00:00 | 2025-11-21T19:32:00+00:00 |
| rhsa-2025:21856 | Red Hat Security Advisory: golang security update | 2025-11-20T15:48:22+00:00 | 2025-11-27T23:59:20+00:00 |
| rhsa-2025:21842 | Red Hat Security Advisory: thunderbird security update | 2025-11-20T11:52:01+00:00 | 2025-11-21T19:32:02+00:00 |
| rhsa-2025:21844 | Red Hat Security Advisory: thunderbird security update | 2025-11-20T11:43:11+00:00 | 2025-11-21T19:32:00+00:00 |
| rhsa-2025:21841 | Red Hat Security Advisory: thunderbird security update | 2025-11-20T11:43:04+00:00 | 2025-11-21T19:31:58+00:00 |
| rhsa-2025:21843 | Red Hat Security Advisory: thunderbird security update | 2025-11-20T11:40:51+00:00 | 2025-11-21T19:31:59+00:00 |
| rhsa-2025:21815 | Red Hat Security Advisory: delve and golang security update | 2025-11-20T08:45:31+00:00 | 2025-11-27T23:59:19+00:00 |
| rhsa-2025:21819 | Red Hat Security Advisory: idm:DL1 security update | 2025-11-20T08:18:01+00:00 | 2025-11-27T03:24:32+00:00 |
| rhsa-2025:21818 | Red Hat Security Advisory: idm:DL1 security update | 2025-11-20T08:15:13+00:00 | 2025-11-27T03:24:42+00:00 |
| rhsa-2025:21820 | Red Hat Security Advisory: idm:DL1 security update | 2025-11-20T08:10:36+00:00 | 2025-11-27T03:24:28+00:00 |
| rhsa-2025:21817 | Red Hat Security Advisory: bind security update | 2025-11-20T08:05:31+00:00 | 2025-11-27T03:24:31+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-66418 | urllib3 allows an unbounded number of links in the decompression chain | 2025-12-02T00:00:00.000Z | 2025-12-11T01:01:31.000Z |
| msrc_cve-2025-66293 | LIBPNG has an out-of-bounds read in png_image_read_composite | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:02.000Z |
| msrc_cve-2025-66200 | Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo | 2025-12-02T00:00:00.000Z | 2025-12-08T14:37:44.000Z |
| msrc_cve-2025-65637 | A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. | 2025-12-02T00:00:00.000Z | 2025-12-09T01:39:50.000Z |
| msrc_cve-2025-65082 | Apache HTTP Server: CGI environment variable override | 2025-12-02T00:00:00.000Z | 2025-12-08T14:37:36.000Z |
| msrc_cve-2025-62408 | c-ares has a Use After Free vulnerability when connection is cleaned up after error | 2025-12-02T00:00:00.000Z | 2025-12-11T01:01:47.000Z |
| msrc_cve-2025-61729 | Excessive resource consumption when printing error string for host certificate validation in crypto/x509 | 2025-12-02T00:00:00.000Z | 2025-12-12T01:38:08.000Z |
| msrc_cve-2025-61727 | Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 | 2025-12-02T00:00:00.000Z | 2025-12-12T01:38:32.000Z |
| msrc_cve-2025-59775 | Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF | 2025-12-02T00:00:00.000Z | 2025-12-08T14:37:51.000Z |
| msrc_cve-2025-58098 | Apache HTTP Server: Server Side Includes adds query string to #exec cmd=... | 2025-12-02T00:00:00.000Z | 2025-12-11T01:01:55.000Z |
| msrc_cve-2025-55753 | Apache HTTP Server: mod_md (ACME), unintended retry intervals | 2025-12-02T00:00:00.000Z | 2025-12-11T01:02:04.000Z |
| msrc_cve-2025-40343 | nvmet-fc: avoid scheduling association deletion twice | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:35.000Z |
| msrc_cve-2025-40342 | nvme-fc: use lock accessing port_state and rport state | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:17.000Z |
| msrc_cve-2025-40341 | futex: Don't leak robust_list pointer on exec race | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:29.000Z |
| msrc_cve-2025-40340 | drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test. | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:33.000Z |
| msrc_cve-2025-40339 | drm/amdgpu: fix nullptr err of vm_handle_moved | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:52.000Z |
| msrc_cve-2025-40338 | ASoC: Intel: avs: Do not share the name pointer between components | 2025-12-02T00:00:00.000Z | 2025-12-11T01:36:32.000Z |
| msrc_cve-2025-40337 | net: stmmac: Correctly handle Rx checksum offload errors | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:44.000Z |
| msrc_cve-2025-40336 | drm/gpusvm: fix hmm_pfn_to_map_order() usage | 2025-12-02T00:00:00.000Z | 2025-12-11T01:36:26.000Z |
| msrc_cve-2025-40335 | drm/amdgpu: validate userq input args | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:46.000Z |
| msrc_cve-2025-40334 | drm/amdgpu: validate userq buffer virtual address and size | 2025-12-02T00:00:00.000Z | 2025-12-11T01:36:37.000Z |
| msrc_cve-2025-40333 | f2fs: fix infinite loop in __insert_extent_tree() | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:28.000Z |
| msrc_cve-2025-40332 | drm/amdkfd: Fix mmap write lock not release | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:09.000Z |
| msrc_cve-2025-40331 | sctp: Prevent TOCTOU out-of-bounds write | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:41.000Z |
| msrc_cve-2025-40329 | drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb | 2025-12-02T00:00:00.000Z | 2025-12-10T01:02:22.000Z |
| msrc_cve-2025-40328 | smb: client: fix potential UAF in smb2_close_cached_fid() | 2025-12-02T00:00:00.000Z | 2025-12-10T01:01:57.000Z |
| msrc_cve-2025-40324 | NFSD: Fix crash in nfsd4_read_release() | 2025-12-02T00:00:00.000Z | 2025-12-09T01:03:29.000Z |
| msrc_cve-2025-40323 | fbcon: Set fb_display[i]->mode to NULL when the mode is released | 2025-12-02T00:00:00.000Z | 2025-12-09T01:03:02.000Z |
| msrc_cve-2025-40322 | fbdev: bitblit: bound-check glyph index in bit_putcs* | 2025-12-02T00:00:00.000Z | 2025-12-09T01:03:13.000Z |
| msrc_cve-2025-40321 | wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:30.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-308-04 | Radiometrics VizAir | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-03 | Delta Electronics CNCSoft-G2 | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-02 | Survision License Plate Recognition Camera | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| icsa-25-308-01 | Fuji Electric Monitouch V-SFT-6 | 2025-11-04T07:00:00.000000Z | 2025-11-04T07:00:00.000000Z |
| va-25-304-02 | Restaurant Brands International assistant platform multiple vulnerabilities | 2025-10-31T17:02:13Z | 2025-10-31T17:02:13Z |
| va-25-304-01 | ELOG multiple vulnerabilities | 2025-10-31T16:57:24Z | 2025-10-31T16:57:24Z |
| icsa-25-303-02 | Hitachi Energy TropOS | 2025-10-30T06:00:00.000000Z | 2025-10-30T06:00:00.000000Z |
| icsa-25-303-01 | International Standards Organization ISO 15118 | 2025-10-30T05:00:00.000000Z | 2025-10-30T05:00:00.000000Z |
| icsma-25-301-01 | Vertikal Systems Hospital Manager Backend Services | 2025-10-28T06:00:00.000000Z | 2025-10-28T06:00:00.000000Z |
| icsma-25-296-01 | NIHON KOHDEN Central Monitor CNS-6201 | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-04 | Delta Electronics ASDA-Soft | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-03 | Veeder-Root TLS4B Automatic Tank Gauge System | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-02 | ASKI Energy ALS-Mini-S8 and ALS-Mini-S4 | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-296-01 | AutomationDirect Productivity Suite | 2025-10-23T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| va-25-296-01 | Frontier Airlines website publicly available email address validation | 2025-10-23T00:00:00Z | 2025-10-23T00:00:00Z |
| va-25-297-01 | IBM DOORS Next Generation multiple vulnerabilities | 2025-10-22T18:45:47Z | 2025-10-22T18:45:47Z |
| icsma-25-294-01 | Oxford Nanopore Technologies MinKNOW | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-06 | Raisecomm RAX701-GC Series | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-05 | CloudEdge Online Cameras and App | 2025-10-21T06:00:00.000000Z | 2025-10-21T06:00:00.000000Z |
| icsa-25-294-02 | Rockwell Automation Compact GuardLogix 5370 | 2025-10-21T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-294-01 | Rockwell Automation 1783-NATR | 2025-10-21T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-04 | Rockwell Automation ArmorStart AOP | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-289-03 | Rockwell Automation FactoryTalk ViewPoint | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-289-02 | Rockwell Automation FactoryTalk Linx | 2025-10-16T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-01 | Rockwell Automation FactoryTalk View Machine Edition and PanelView Plus 7 | 2025-10-16T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-25-301-01 | Schneider Electric EcoStruxure | 2025-10-14T07:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-289-10 | Siemens HyperLynx and Industrial Edge App Publisher | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-09 | Siemens TeleControl Server Basic | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-08 | Siemens SINEC NMS | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-07 | Siemens SIMATIC ET 200SP Communication Processors | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000068 | Seiko Solutions SkyBridge BASIC MB-A130 vulnerable to OS command injection | 2025-09-01T16:21+09:00 | 2025-09-01T16:21+09:00 |
| jvndb-2025-012659 | Denial-of-service (DoS) vulnerability in Konica Minolta bizhub series | 2025-09-01T15:22+09:00 | 2025-09-01T15:22+09:00 |
| jvndb-2025-000067 | Multiple vulnerabilities in multiple iND products | 2025-08-29T14:47+09:00 | 2025-08-29T14:47+09:00 |
| jvndb-2025-000066 | Improper file access permission settings in multiple i-FILTER products | 2025-08-27T19:50+09:00 | 2025-09-29T13:45+09:00 |
| jvndb-2025-000064 | Multiple vulnerabilities in SS1 | 2025-08-27T15:13+09:00 | 2025-08-27T15:13+09:00 |
| jvndb-2025-000065 | ScanSnap Manager installers vulnerable to privilege escalation | 2025-08-27T14:22+09:00 | 2025-08-27T14:22+09:00 |
| jvndb-2025-000063 | Western Digital Kitfox registers a Windows service with an unquoted file path | 2025-08-22T13:37+09:00 | 2025-08-22T13:37+09:00 |
| jvndb-2025-000062 | Multiple vulnerabilities in Group-Office | 2025-08-21T14:03+09:00 | 2025-08-21T14:03+09:00 |
| jvndb-2025-011884 | FUJIFILM Healthcare Americas Synapse Mobility vulnerable to Privilege Escalation | 2025-08-21T11:49+09:00 | 2025-08-25T10:38+09:00 |
| jvndb-2025-000061 | Multiple vulnerabilities in Movable Type | 2025-08-20T15:30+09:00 | 2025-08-20T15:30+09:00 |
| jvndb-2025-000060 | PgManage vulnerable to injection | 2025-08-18T13:40+09:00 | 2025-08-18T13:40+09:00 |
| jvndb-2025-000059 | Seagate Toolkit registers a Windows service with an unquoted file path | 2025-08-14T12:32+09:00 | 2025-08-19T14:40+09:00 |
| jvndb-2025-000058 | WordPress plugin "Advanced Custom Fields" vulnerable to HTML injection | 2025-08-08T15:29+09:00 | 2025-08-08T15:29+09:00 |
| jvndb-2025-010972 | Multiple SEIKO EPSON products use weak initial passwords | 2025-08-08T14:50+09:00 | 2025-08-08T14:50+09:00 |
| jvndb-2025-000057 | Multiple vulnerabilities in Mubit Powered BLUE 870 | 2025-08-08T14:47+09:00 | 2025-08-08T14:47+09:00 |
| jvndb-2025-010854 | Trend Micro Endpoint security products for enterprises vulnerable to multiple OS command injection | 2025-08-07T12:25+09:00 | 2025-08-19T11:36+09:00 |
| jvndb-2025-000056 | Multiple vulnerabilities in Sato label printers CL4/6NX Plus and CL4/6NX-J Plus series | 2025-08-06T16:38+09:00 | 2025-08-06T16:38+09:00 |
| jvndb-2025-010603 | Out-of-bounds write vulnerability in FUJIFILM Business Innovation MFPs | 2025-08-05T11:29+09:00 | 2025-08-05T11:29+09:00 |
| jvndb-2025-010408 | Multiple vulnerabilities in PowerCMS | 2025-08-01T12:05+09:00 | 2025-08-01T12:05+09:00 |
| jvndb-2025-000055 | ZXHN-F660T and ZXHN-F660A use a common credential for all installations | 2025-07-31T15:12+09:00 | 2025-07-31T15:12+09:00 |
| jvndb-2025-000054 | Apache Jena Fuseki vulnerable to path traversal | 2025-07-30T14:17+09:00 | 2025-07-30T14:17+09:00 |
| jvndb-2025-000053 | "SwitchBot" App vulnerable to insertion of sensitive information into log file | 2025-07-29T13:44+09:00 | 2025-07-29T13:44+09:00 |
| jvndb-2025-010056 | TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection | 2025-07-28T17:53+09:00 | 2025-07-28T17:53+09:00 |
| jvndb-2025-000052 | TP-Link Archer C1200 vulnerable to clickjacking | 2025-07-24T14:16+09:00 | 2025-07-24T14:16+09:00 |
| jvndb-2025-000051 | Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input | 2025-07-23T13:54+09:00 | 2025-07-23T13:54+09:00 |
| jvndb-2025-009576 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-07-23T11:13+09:00 | 2025-07-23T11:13+09:00 |
| jvndb-2025-000050 | "region PAY" App for Android vulnerable to insertion of sensitive information into log file | 2025-07-22T13:33+09:00 | 2025-07-22T13:33+09:00 |
| jvndb-2025-009150 | Security updates for Trend Micro products (June 2025) | 2025-07-17T17:03+09:00 | 2025-07-17T17:03+09:00 |
| jvndb-2025-000049 | ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials | 2025-07-16T13:54+09:00 | 2025-07-16T13:54+09:00 |
| jvndb-2025-008881 | Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers | 2025-07-15T15:54+09:00 | 2025-07-15T15:54+09:00 |
| ID | Description | Updated |
|---|