Recent vulnerabilities

Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-33811
N/A
Crash when handling long CNAME response in net Go standard library
 net
 2026-05-07T19:41:19.285Z 2026-05-07T19:41:19.285Z
CVE-2026-39826
N/A
Escaper bypass leads to XSS in html/template Go standard library
 html/template
 2026-05-07T19:41:19.138Z 2026-05-07T19:41:19.138Z
CVE-2026-39817
N/A
Invoking "go tool pack" does not sanitize output paths… Go toolchain
 cmd/go
 2026-05-07T19:41:18.993Z 2026-05-07T19:41:18.993Z
CVE-2026-39819
N/A
Invoking "go bug" follows symlinks in predictable temp… Go toolchain
 cmd/go
 2026-05-07T19:41:18.849Z 2026-05-07T19:41:18.849Z
CVE-2026-42499
N/A
Quadratic string concatenation in consumePhrase in net/mail Go standard library
 net/mail
 2026-05-07T19:41:18.615Z 2026-05-07T19:41:18.615Z
CVE-2026-39825
N/A
ReverseProxy forwards queries with more than urlmaxque… Go standard library
 net/http/httputil
 2026-05-07T19:41:18.453Z 2026-05-07T19:41:18.453Z
CVE-2026-39836
N/A
Panic in Dial and LookupPort when handling NUL byte on… Go standard library
 net
 2026-05-07T19:41:18.300Z 2026-05-07T19:41:18.300Z
CVE-2026-33814
N/A
Infinite loop in HTTP/2 transport when given bad SETTI… golang.org/x/net
 golang.org/x/net/http2
 2026-05-07T19:41:17.631Z 2026-05-07T19:41:17.631Z
CVE-2025-10900
7.8 (3.1)
MODEL File Parsing Out-of-Bounds Write Vulnerability Autodesk
 Shared Components
 2025-12-15T23:45:26.861Z 2026-05-07T19:40:50.876Z
CVE-2025-10899
7.8 (3.1)
MODEL File Parsing Out-of-Bounds Write Vulnerability Autodesk
 Shared Components
 2025-12-15T23:45:00.819Z 2026-05-07T19:40:25.329Z
CVE-2025-10898
7.8 (3.1)
MODEL File Parsing Out-of-Bounds Write Vulnerability Autodesk
 Shared Components
 2025-12-15T23:44:26.564Z 2026-05-07T19:39:53.637Z
CVE-2026-42239
8.1 (3.1)
Budibase auth session cookies are set with httpOnly:fa… Budibase
 budibase
 2026-05-07T18:49:59.180Z 2026-05-07T19:39:45.605Z
CVE-2025-10889
7.8 (3.1)
CATPART File Parsing Memory Corruption Vulnerability Autodesk
 Shared Components
 2025-12-15T23:43:57.696Z 2026-05-07T19:39:29.209Z
CVE-2025-10888
7.8 (3.1)
MODEL File Parsing Out-of-Bounds Write Vulnerability Autodesk
 Shared Components
 2025-12-15T23:43:22.374Z 2026-05-07T19:39:03.711Z
CVE-2025-10887
7.8 (3.1)
MODEL File Parsing Memory Corruption Vulnerability Autodesk
 Shared Components
 2025-12-15T23:42:44.395Z 2026-05-07T19:38:36.933Z
CVE-2025-10886
7.8 (3.1)
MODEL File Parsing Memory Corruption Vulnerability Autodesk
 Shared Components
 2025-12-15T23:42:09.029Z 2026-05-07T19:38:13.076Z
CVE-2025-10884
7.8 (3.1)
CATPART File Parsing Out-of-Bounds Write Vulnerability Autodesk
 Shared Components
 2025-12-15T23:41:34.185Z 2026-05-07T19:37:32.087Z
CVE-2025-10883
7.8 (3.1)
CATPRODUCT File Parsing Out-of-Bounds Read Vulnerability Autodesk
 Shared Components
 2025-12-15T23:40:59.980Z 2026-05-07T19:37:01.345Z
CVE-2025-10882
7.8 (3.1)
X_T File Parsing Out-of-Bounds Write Vulnerability Autodesk
 Shared Components
 2025-12-15T23:40:24.134Z 2026-05-07T19:36:13.740Z
CVE-2026-8088
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
OSGeo gdal GDapi.c GDfieldinfo out-of-bounds OSGeo
 gdal
 2026-05-07T19:30:11.704Z 2026-05-07T19:30:11.704Z
CVE-2025-10881
7.8 (3.1)
CATPRODUCT File Parsing Heap-Based Overflow Vulnerability Autodesk
 Shared Components
 2025-12-15T23:39:49.830Z 2026-05-07T19:28:35.838Z
CVE-2026-41904
7.6 (3.1)
FreeScout Stored XSS vulnerability in mailbox auto-rep… freescout-help-desk
 freescout
 2026-05-07T18:05:43.541Z 2026-05-07T19:16:53.481Z
CVE-2026-8083
6.9 (4.0)
7.3 (3.1)
7.3 (3.0)
SourceCodester Pharmacy Sales and Inventory System aja… SourceCodester
 Pharmacy Sales and Inventory System
 2026-05-07T18:15:09.651Z 2026-05-07T19:14:18.598Z
CVE-2026-44243
7.8 (4.0)
GitPython: Path traversal in GitPython reference APIs … gitpython-developers
 GitPython
 2026-05-07T18:22:53.622Z 2026-05-07T19:12:49.856Z
CVE-2026-41653
7 (4.0)
BentoPDF: Stored XSS via Markdown Editor Leading to Pe… alam00000
 bentopdf
 2026-05-07T18:43:17.797Z 2026-05-07T19:01:30.967Z
CVE-2026-42214
7.8 (3.1)
Improper Control of Generation of Code ('Code Injectio… dail8859
 NotepadNext
 2026-05-07T18:14:20.246Z 2026-05-07T19:00:57.276Z
CVE-2026-44742
7.2 (3.1)
Postorius through 1.3.13 does not escape HTML in … Postorius project
 Postorius
 2026-05-07T18:09:20.069Z 2026-05-07T19:00:19.149Z
CVE-2026-8087
4.8 (4.0)
5.3 (3.1)
5.3 (3.0)
OSGeo gdal GDapi.c GDnentries heap-based overflow OSGeo
 gdal
 2026-05-07T19:00:15.040Z 2026-05-07T19:00:15.040Z
CVE-2026-42259
5.1 (4.0)
Saltcorn: Open Redirect in `POST /auth/login` due to i… saltcorn
 saltcorn
 2026-05-07T18:54:57.234Z 2026-05-07T18:54:57.234Z
CVE-2026-42241
5.3 (3.1)
ParquetSharp: Possible Stack Overflow When Reading a P… G-Research
 ParquetSharp
 2026-05-07T18:52:06.773Z 2026-05-07T18:52:06.773Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-39820
N/A
Quadratic string concatentation in consumeComment in n… Go standard library
 net/mail
 2026-05-07T19:41:19.854Z 2026-05-07T19:41:19.854Z
CVE-2026-39819
N/A
Invoking "go bug" follows symlinks in predictable temp… Go toolchain
 cmd/go
 2026-05-07T19:41:18.849Z 2026-05-07T19:41:18.849Z
CVE-2026-39817
N/A
Invoking "go tool pack" does not sanitize output paths… Go toolchain
 cmd/go
 2026-05-07T19:41:18.993Z 2026-05-07T19:41:18.993Z
CVE-2026-33814
N/A
Infinite loop in HTTP/2 transport when given bad SETTI… golang.org/x/net
 golang.org/x/net/http2
 2026-05-07T19:41:17.631Z 2026-05-07T19:41:17.631Z
CVE-2026-33811
N/A
Crash when handling long CNAME response in net Go standard library
 net
 2026-05-07T19:41:19.285Z 2026-05-07T19:41:19.285Z
CVE-2026-42259
5.1 (4.0)
Saltcorn: Open Redirect in `POST /auth/login` due to i… saltcorn
 saltcorn
 2026-05-07T18:54:57.234Z 2026-05-07T18:54:57.234Z
CVE-2026-42241
5.3 (3.1)
ParquetSharp: Possible Stack Overflow When Reading a P… G-Research
 ParquetSharp
 2026-05-07T18:52:06.773Z 2026-05-07T18:52:06.773Z
CVE-2026-42225
8.2 (4.0)
GnuTLS backend silently skips certificate chain verifi… pjsip
 pjproject
 2026-05-07T18:47:26.563Z 2026-05-07T18:47:26.563Z
CVE-2026-42239
8.1 (3.1)
Budibase auth session cookies are set with httpOnly:fa… Budibase
 budibase
 2026-05-07T18:49:59.180Z 2026-05-07T19:39:45.605Z
CVE-2026-3843
9.8 (3.1)
9.3 (4.0)
SQL Injection in Nefteprodukttekhnika BUK TS-G Allows … Nefteprodukttekhnika LLC
 BUK TS-G Gas Station Automation System
 2026-03-10T11:07:07.393Z 2026-03-10T14:10:41.086Z
CVE-2026-42501
N/A
Malicious module proxy can bypass checksum database in… Go toolchain
 cmd/go
 2026-05-07T19:41:19.691Z 2026-05-07T19:41:19.691Z
CVE-2026-42499
N/A
Quadratic string concatenation in consumePhrase in net/mail Go standard library
 net/mail
 2026-05-07T19:41:18.615Z 2026-05-07T19:41:18.615Z
CVE-2026-8142
N/A
CVE-2026-8142 CERT/CC
 VINCE
 2026-05-07T19:54:49.275Z 2026-05-07T19:54:49.275Z
CVE-2026-26801
7.5 (3.1)
Server-Side Request Forgery (SSRF) vulnerability … n/a
 n/a
 2026-03-10T00:00:00.000Z 2026-03-17T16:36:36.743Z
CVE-2026-8088
4.8 (4.0)
3.3 (3.1)
3.3 (3.0)
OSGeo gdal GDapi.c GDfieldinfo out-of-bounds OSGeo
 gdal
 2026-05-07T19:30:11.704Z 2026-05-07T19:30:11.704Z
CVE-2026-8087
4.8 (4.0)
5.3 (3.1)
5.3 (3.0)
OSGeo gdal GDapi.c GDnentries heap-based overflow OSGeo
 gdal
 2026-05-07T19:00:15.040Z 2026-05-07T19:00:15.040Z
CVE-2026-43510
7 (4.0)
7.6 (3.1)
CISA manage.get.gov insecure portfolio administrative … CISA
 manage.get.gov
 2026-05-07T18:50:56.944Z 2026-05-07T18:50:56.944Z
CVE-2026-43016
7.8 (3.1)
bpf: sockmap: Fix use-after-free of sk->sk_socket in s… Linux
 Linux
 2026-05-01T14:15:20.887Z 2026-05-03T05:46:04.549Z
CVE-2026-43015
N/A
net: macb: fix clk handling on PCI glue driver removal Linux
 Linux
 2026-05-01T14:15:20.242Z 2026-05-01T14:15:20.242Z
CVE-2026-43014
N/A
net: macb: properly unregister fixed rate clocks Linux
 Linux
 2026-05-01T14:15:19.571Z 2026-05-01T14:15:19.571Z
CVE-2026-6823
8.3 (4.0)
8.2 (3.1)
HKUDS OpenHarness Insecure Default Remote Channel Allowlist HKUDS
 OpenHarness
 2026-04-21T20:36:45.867Z 2026-04-22T13:50:01.661Z
CVE-2026-43013
N/A
net/mlx5: lag: Check for LAG device before creating debugfs Linux
 Linux
 2026-05-01T14:15:18.907Z 2026-05-01T14:15:18.907Z
CVE-2026-43012
N/A
net/mlx5: Fix switchdev mode rollback in case of failure Linux
 Linux
 2026-05-01T14:15:18.256Z 2026-05-01T14:15:18.256Z
CVE-2026-6819
8.7 (4.0)
8.8 (3.1)
HKUDS OpenHarness Plugin Management Command Exposure HKUDS
 OpenHarness
 2026-04-21T19:41:16.229Z 2026-04-22T14:23:44.338Z
CVE-2026-43011
9.8 (3.1)
net/x25: Fix potential double free of skb Linux
 Linux
 2026-05-01T14:15:17.597Z 2026-05-03T05:46:03.430Z
CVE-2026-43010
N/A
bpf: Reject sleepable kprobe_multi programs at attach time Linux
 Linux
 2026-05-01T14:15:16.947Z 2026-05-01T14:15:16.947Z
CVE-2026-43009
7.8 (3.1)
bpf: Fix incorrect pruning due to atomic fetch precisi… Linux
 Linux
 2026-05-01T14:15:16.271Z 2026-05-03T05:46:02.230Z
CVE-2026-43008
N/A
gpio: qixis-fpga: Fix error handling for devm_regmap_i… Linux
 Linux
 2026-05-01T14:15:15.580Z 2026-05-01T14:15:15.580Z
CVE-2026-43007
N/A
accel/qaic: Handle DBC deactivation if the owner went away Linux
 Linux
 2026-05-01T14:15:14.914Z 2026-05-01T14:15:14.914Z
CVE-2026-41641
7.2 (3.1)
NocoBase Vulnerable to SQL Validation Bypass via `sqlC… nocobase
 nocobase
 2026-05-07T04:13:33.609Z 2026-05-07T14:14:23.539Z
ID Description Published Updated
fkie_cve-2026-42241 ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to… 2026-05-07T20:16:44.247 2026-05-07T20:37:54.060
fkie_cve-2026-42225 PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.1… 2026-05-07T20:16:43.960 2026-05-07T20:36:31.717
fkie_cve-2026-42239 Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie co… 2026-05-07T20:16:44.097 2026-05-07T20:35:58.117
fkie_cve-2026-3843 Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 on Linux contains a SQL Injection… 2026-03-10T18:19:05.287 2026-05-07T20:34:27.667
fkie_cve-2026-42501 A malicious module proxy can exploit a flaw in the go command's validation of module checksums to b… 2026-05-07T20:16:44.643 2026-05-07T20:33:39.270
fkie_cve-2026-42499 Pathological inputs could cause DoS through consumePhrase when parsing an email address according t… 2026-05-07T20:16:44.540 2026-05-07T20:33:39.270
fkie_cve-2026-8142 VINCE versions 3.0.38 and earlier do not properly verify the From address authenticity due to encod… 2026-05-07T20:16:45.670 2026-05-07T20:32:47.823
fkie_cve-2026-26801 Server-Side Request Forgery (SSRF) vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 all… 2026-03-10T19:17:17.430 2026-05-07T20:32:39.693
fkie_cve-2026-8088 A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the functio… 2026-05-07T20:16:45.510 2026-05-07T20:32:03.640
fkie_cve-2026-8087 A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnen… 2026-05-07T20:16:45.343 2026-05-07T20:32:03.640
fkie_cve-2026-43510 manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization … 2026-05-07T20:16:44.753 2026-05-07T20:32:03.640
fkie_cve-2026-43016 In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-fr… 2026-05-01T15:16:45.677 2026-05-07T20:31:20.753
fkie_cve-2026-43015 In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on… 2026-05-01T15:16:45.500 2026-05-07T20:31:01.960
fkie_cve-2026-43014 In the Linux kernel, the following vulnerability has been resolved: net: macb: properly unregister… 2026-05-01T15:16:45.367 2026-05-07T20:29:24.053
fkie_cve-2026-6823 HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerabi… 2026-04-21T21:16:48.827 2026-05-07T20:29:09.890
fkie_cve-2026-43013 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: lag: Check for LAG d… 2026-05-01T15:16:45.243 2026-05-07T20:28:55.537
fkie_cve-2026-43012 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode r… 2026-05-01T15:16:45.117 2026-05-07T20:28:15.953
fkie_cve-2026-6819 HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin … 2026-04-21T20:17:05.780 2026-05-07T20:28:15.453
fkie_cve-2026-43011 In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double … 2026-05-01T15:16:44.993 2026-05-07T20:26:58.903
fkie_cve-2026-43010 In the Linux kernel, the following vulnerability has been resolved: bpf: Reject sleepable kprobe_m… 2026-05-01T15:16:44.887 2026-05-07T20:26:12.200
fkie_cve-2026-43009 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due… 2026-05-01T15:16:44.770 2026-05-07T20:25:52.587
fkie_cve-2026-43008 In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error ha… 2026-05-01T15:16:44.670 2026-05-07T20:24:50.790
fkie_cve-2026-43007 In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactiv… 2026-05-01T15:16:44.553 2026-05-07T20:24:32.047
fkie_cve-2026-41641 NocoBase is an AI-powered no-code/low-code platform for building business applications and enterpri… 2026-05-07T06:16:05.073 2026-05-07T20:23:22.440
fkie_cve-2026-28201 An improper input validation, together with an overly permissive default CORS configuration in Open… 2026-05-07T11:16:00.747 2026-05-07T20:20:10.207
fkie_cve-2026-8086 A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWn… 2026-05-07T19:16:03.110 2026-05-07T20:16:45.190
fkie_cve-2026-42214 Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext… 2026-05-07T19:16:01.497 2026-05-07T20:16:43.850
fkie_cve-2026-41904 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version… 2026-05-07T19:16:01.087 2026-05-07T20:16:43.753
fkie_cve-2026-33587 Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Pyth… 2026-05-07T11:16:00.887 2026-05-07T20:13:33.540
fkie_cve-2026-5786 An Improper Access Control vulnerability in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.… 2026-05-07T16:16:22.483 2026-05-07T20:12:47.773
ID Severity Description Published Updated
ghsa-c75f-55f6-f63q
7.5 (3.1)
A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archiv… 2026-03-19T15:31:21Z 2026-05-08T00:31:33Z
ghsa-2vwv-vqpv-v8vc
9.8 (3.1)
A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the … 2026-03-30T09:31:29Z 2026-05-08T00:31:33Z
ghsa-cm99-m826-vgg7
7.8 (3.1)
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow … 2026-03-24T15:30:29Z 2026-05-08T00:31:32Z
ghsa-xv59-967r-8726
5.1 (4.0)
rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding 2026-05-07T22:33:51Z 2026-05-07T22:33:51Z
ghsa-39j6-4867-gg4w
4.7 (3.1)
utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication p… 2026-05-07T22:32:54Z 2026-05-07T22:32:54Z
ghsa-v7qw-hx66-4w9x
8.7 (3.1)
netbox-data-flows has stored XSS in ObjectAlias names rendered inside DataFlow tables 2026-05-07T22:31:32Z 2026-05-07T22:31:32Z
ghsa-jggh-5rmh-r6h5
3.7 (3.1)
2.9 (4.0)
Dolibarr has Insufficient Verification of Data Authenticity 2026-05-03T12:30:26Z 2026-05-07T22:30:07Z
ghsa-j7h9-2jh7-g967
8.7 (4.0)
mcp-ssh-tool has file transfer path policy bypass and bearer token comparison hardening 2026-05-07T21:45:16Z 2026-05-07T21:45:17Z
ghsa-xhrw-5qxx-jpwr
7.1 (3.1)
Microsoft APM CLI's plugin.json component paths escape plugin root and copy arbitrary host files du… 2026-05-07T21:41:08Z 2026-05-07T21:41:08Z
ghsa-fpw6-hrg5-q5x5
7.4 (3.1)
ech0's acess tokens with expiry=never cannot be revoked: logout panics, delete does not blacklist JTI 2026-05-07T21:34:01Z 2026-05-07T21:34:01Z
ghsa-p64j-f4x9-wq66
8.0 (3.1)
Ech0's OAuth redirect URI validation ignores path component, enables exchange-code theft 2026-05-07T21:30:45Z 2026-05-07T21:30:45Z
ghsa-xq5j-9r39-c3vf
Pathological inputs could cause DoS through consumePhrase when parsing an email address according t… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-v8g3-5j4v-2ghv
VINCE versions 3.0.38 and earlier do not properly verify the From address authenticity due to encod… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-qf3q-3h68-mmh2
A malicious module proxy can exploit a flaw in the go command's validation of module checksums to b… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-p9h5-jm8x-mjm5
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger exc… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-j3f5-rw74-g4rv
3.3 (3.1)
1.9 (4.0)
A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the functio… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-h9rh-5ffh-h669
5.3 (3.1)
1.9 (4.0)
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnen… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-h74g-238j-357m
ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used … 2026-05-07T21:30:29Z 2026-05-07T21:30:30Z
ghsa-g323-63gp-7v74
7.3 (3.1)
5.5 (4.0)
A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unk… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-8g2r-hhvj-mv99
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0). 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-5m4p-2gjx-p2g8
The "go bug" command writes to two files with predictable names in the system temporary directory (… 2026-05-07T21:30:29Z 2026-05-07T21:30:30Z
ghsa-3v2c-x6q9-f697
If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a… 2026-05-07T21:30:29Z 2026-05-07T21:30:30Z
ghsa-34v6-h57v-gx5f
6.3 (3.1)
2.1 (4.0)
A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects u… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-2283-wf8c-rw8r
CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> ta… 2026-05-07T21:30:30Z 2026-05-07T21:30:30Z
ghsa-r7c9-7pjq-hmm8
7.2 (3.1)
Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held … 2026-05-07T21:30:29Z 2026-05-07T21:30:29Z
ghsa-qc64-m6c2-v4x7
The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-goo… 2026-05-07T21:30:29Z 2026-05-07T21:30:29Z
ghsa-mv88-fcpc-wrmw
7.3 (3.1)
5.5 (4.0)
A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects a… 2026-05-07T21:30:29Z 2026-05-07T21:30:29Z
ghsa-jmvp-7877-wr2f
3.3 (3.1)
1.9 (4.0)
A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the func… 2026-05-07T21:30:29Z 2026-05-07T21:30:29Z
ghsa-72pg-5w29-wjx6
5.3 (3.1)
1.9 (4.0)
A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWn… 2026-05-07T21:30:29Z 2026-05-07T21:30:29Z
ghsa-497x-jcxf-m478
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-f… 2026-05-07T21:30:29Z 2026-05-07T21:30:29Z
ID Severity Description Package Published Updated
pysec-2025-36
9.8 (3.1)
Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/valida… langflow 2025-04-07T15:15:44+00:00 2025-05-07T19:22:44.993642+00:00
pysec-2024-246
5.3 (3.1)
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in… vyper 2024-04-25T17:15:50+00:00 2025-05-05T19:21:20.899426+00:00
pysec-2024-111
9.1 (3.1)
A path traversal vulnerability exists in the `getFullPath` method of langchain-ai/langcha… langchain 2024-10-29T13:15:00Z 2025-05-02T18:39:47.588215Z
pysec-2024-245
Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated user… apache-airflow 2024-02-29T11:15:08+00:00 2025-05-01T21:22:38.598048+00:00
pysec-2025-35
7.5 (3.1)
Weblate is a web based localization tool. Prior to version 5.11, when creating a new comp… weblate 2025-04-15T21:16:04+00:00 2025-04-30T17:22:51.467257+00:00
pysec-2025-34
The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_… picklescan 2025-04-24T01:15:49+00:00 2025-04-24T03:08:15.436691+00:00
pysec-2025-33
7.5 (3.1)
Vyper is a Pythonic Smart Contract Language for the EVM. When the Vyper Compiler uses the… vyper 2025-01-14T18:16:05+00:00 2025-04-23T21:23:01.322686+00:00
pysec-2025-32
9.8 (3.1)
BentoML is a Python library for building online serving systems optimized for AI apps and… bentoml 2025-04-09T16:15:25+00:00 2025-04-22T19:21:34.073355+00:00
pysec-2025-31
vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statemen… vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.116292+00:00
pysec-2025-30
vyper is a Pythonic Smart Contract Language for the EVM. Multiple evaluation of a single … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.064106+00:00
pysec-2025-29
vyper is a Pythonic Smart Contract Language for the EVM. Vyper `sqrt()` builtin uses the … vyper 2025-02-21T22:15:13+00:00 2025-04-09T17:27:28.005382+00:00
pysec-2025-28
The Snowflake Connector for Python provides an interface for developing Python applicatio… snowflake-connector-python 2025-01-29T21:15:21+00:00 2025-04-09T17:27:27.772920+00:00
pysec-2025-27
The Snowflake Connector for Python provides an interface for developing Python applicatio… snowflake-connector-python 2025-01-29T21:15:21+00:00 2025-04-09T17:27:27.711157+00:00
pysec-2025-26
The Snowflake Connector for Python provides an interface for developing Python applicatio… snowflake-connector-python 2025-01-29T21:15:21+00:00 2025-04-09T17:27:27.645758+00:00
pysec-2025-25
6.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middle… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.532849+00:00
pysec-2025-24
7.5 (3.1)
Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove… rembg 2025-03-03T17:15:14+00:00 2025-04-09T17:27:27.486485+00:00
pysec-2025-23
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Inform… ray 2025-03-06T05:15:16+00:00 2025-04-09T17:27:27.434099+00:00
pysec-2025-22
9.8 (3.1)
A vulnerability, that could result in Remote Code Execution (RCE), has been found in Plot… plotai 2025-03-10T14:15:24+00:00 2025-04-09T17:27:27.203714+00:00
pysec-2025-21
9.8 (3.1)
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model arch… picklescan 2025-03-10T12:15:12+00:00 2025-04-09T17:27:27.016747+00:00
pysec-2023-311
5.4 (3.1)
plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depen… plone-namedfile 2023-09-21T15:15:10+00:00 2025-04-09T17:27:27.153848+00:00
pysec-2022-43179
7.3 (3.1)
Poetry is a dependency manager for Python. To handle dependencies that come from a Git re… poetry 2022-09-07T19:15:08+00:00 2025-04-09T17:27:27.255151+00:00
pysec-2021-891
7.8 (3.1)
CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 S… salt 2021-03-03T10:15:13+00:00 2025-04-09T17:27:27.582884+00:00
pysec-2025-20
6.5 (3.1)
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes i… picklescan 2025-03-10T12:15:10+00:00 2025-04-09T17:27:26.966215+00:00
pysec-2025-19
9.8 (3.1)
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for … picklescan 2025-03-03T19:15:34+00:00 2025-04-09T17:27:26.916350+00:00
pysec-2025-18
picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craf… picklescan 2025-02-26T15:15:24+00:00 2025-04-09T17:27:26.867210+00:00
pysec-2025-17
5.5 (3.1)
In mlflow/mlflow version 2.18, an admin is able to create a new user account without sett… mlflow 2025-03-20T10:15:54+00:00 2025-04-09T17:27:26.322333+00:00
pysec-2023-310
7.5 (3.1)
Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NO… mobsf 2023-09-21T22:15:11+00:00 2025-04-09T17:27:26.663665+00:00
pysec-2023-309
8.8 (3.1)
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. mlflow 2023-12-13T00:15:07+00:00 2025-04-09T17:27:26.271200+00:00
pysec-2023-308
10.0 (3.1)
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0. mlflow 2023-07-19T01:15:10+00:00 2025-04-09T17:27:26.223213+00:00
pysec-2025-16
7.5 (3.1)
LNbits is a Lightning wallet and accounts system. A Server-Side Request Forgery (SSRF) vu… lnbits 2025-04-06T20:15:15+00:00 2025-04-09T17:27:25.872691+00:00
ID Description Updated
gsd-2024-33851 phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point… 2024-04-28T05:02:07.732559Z
gsd-2024-33850 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.952536Z
gsd-2024-33849 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:07.924449Z
gsd-2024-4295 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:02:06.068263Z
gsd-2024-4294 A vulnerability, which was classified as critical, has been found in PHPGurukul Doctor Ap… 2024-04-28T05:02:06.079201Z
gsd-2024-4293 A vulnerability classified as problematic was found in PHPGurukul Doctor Appointment Mana… 2024-04-28T05:02:06.052534Z
gsd-2024-4292 A vulnerability classified as critical has been found in Contemporary Controls BASrouter … 2024-04-28T05:02:06.073286Z
gsd-2024-4291 A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as cri… 2024-04-28T05:02:06.058388Z
gsd-2023-52722 An issue was discovered in Artifex Ghostscript through 10.01.0. psi/zmisc1.c, when SAFER … 2024-04-28T05:01:28.746814Z
gsd-2022-48685 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:00:27.870720Z
gsd-2022-48684 The format of the source doesn't require a description, click on the link for more details. 2024-04-28T05:00:27.715598Z
gsd-2024-24777 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:24.547536Z
gsd-2024-28875 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:20.401696Z
gsd-2024-33846 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.353086Z
gsd-2024-33845 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.569462Z
gsd-2024-33844 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.384822Z
gsd-2024-33843 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.393431Z
gsd-2024-33842 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.286185Z
gsd-2024-33841 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.393169Z
gsd-2024-33840 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.586722Z
gsd-2024-33839 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.579161Z
gsd-2024-33838 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.585807Z
gsd-2024-33837 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.377806Z
gsd-2024-33836 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.309729Z
gsd-2024-33835 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.550838Z
gsd-2024-33834 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.333945Z
gsd-2024-33833 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.551960Z
gsd-2024-33832 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.298682Z
gsd-2024-33831 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.326184Z
gsd-2024-33830 The format of the source doesn't require a description, click on the link for more details. 2024-04-27T05:02:18.395389Z
ID Description Published Updated
mal-2026-3296 Malicious code in ally-badges (npm) 2026-05-03T12:19:16Z 2026-05-04T23:51:16Z
mal-2026-3295 Malicious code in ally-antivirus (npm) 2026-05-03T12:39:19Z 2026-05-04T23:51:16Z
mal-2026-3294 Malicious code in ally-allowlist (npm) 2026-05-03T12:49:22Z 2026-05-04T23:51:16Z
mal-2026-3079 Malicious code in axis-ui-generator (npm) 2026-04-25T09:55:54Z 2026-05-04T23:51:16Z
mal-2026-3078 Malicious code in axis-notification (npm) 2026-04-25T09:45:43Z 2026-05-04T23:51:16Z
mal-2026-3077 Malicious code in axis-charts (npm) 2026-04-25T09:45:42Z 2026-05-04T23:51:16Z
mal-2026-3076 Malicious code in axis-abc-search-address (npm) 2026-04-25T09:45:58Z 2026-05-04T23:51:16Z
mal-2026-3075 Malicious code in axis-abc-search-account (npm) 2026-04-25T09:45:48Z 2026-05-04T23:51:16Z
mal-2026-3074 Malicious code in axis-abc-portal-menu (npm) 2026-04-25T09:45:52Z 2026-05-04T23:51:16Z
mal-2026-3336 Malicious code in @channel_bot/xa0 (npm) 2026-05-04T13:51:12Z 2026-05-04T23:51:15Z
mal-2026-3293 Malicious code in @breezeai-frontend/i18n-config (npm) 2026-05-03T12:35:44Z 2026-05-04T23:51:15Z
mal-2026-3292 Malicious code in @breeze-ai/ui-library (npm) 2026-05-03T12:37:25Z 2026-05-04T23:51:15Z
mal-2026-3291 Malicious code in @athena-portal/themes (npm) 2026-05-03T12:45:35Z 2026-05-04T23:51:15Z
mal-2026-3290 Malicious code in @allyfinancial/allyfinancial-api (npm) 2026-05-03T12:19:27Z 2026-05-04T23:51:15Z
mal-2026-3289 Malicious code in @allybank/ally-sdk (npm) 2026-05-03T12:59:27Z 2026-05-04T23:51:15Z
mal-2026-3184 Malicious code in @breezeai-frontend/tailwind-config (npm) 2026-04-29T21:15:52Z 2026-05-04T23:51:15Z
mal-2026-3183 Malicious code in @breezeai-frontend/cargo-ui (npm) 2026-04-29T21:25:50Z 2026-05-04T23:51:15Z
mal-2026-3059 Malicious code in @clearpool/utils (npm) 2026-04-26T17:25:37Z 2026-05-04T23:51:15Z
mal-2026-3058 Malicious code in @clearpool/table (npm) 2026-04-26T17:45:45Z 2026-05-04T23:51:15Z
mal-2026-3057 Malicious code in @clearpool/streaming (npm) 2026-04-26T18:08:13Z 2026-05-04T23:51:15Z
mal-2026-3056 Malicious code in @clearpool/comms (npm) 2026-04-26T17:35:39Z 2026-05-04T23:51:15Z
mal-2026-3334 Malicious code in fanduel (npm) 2026-05-04T21:55:51Z 2026-05-04T21:55:51Z
mal-2026-3333 Malicious code in rogiant-quick-install (PyPI) 2026-05-04T21:10:00Z 2026-05-04T21:10:00Z
mal-2026-3332 Malicious code in rogiant (PyPI) 2026-05-04T20:53:10Z 2026-05-04T20:53:50Z
mal-2026-3331 Malicious code in lazyhtml-scripts (npm) 2026-05-04T19:42:20Z 2026-05-04T19:42:20Z
mal-2026-3338 Malicious code in ms.analytics-web (npm) 2026-05-04T19:06:03Z 2026-05-04T19:06:03Z
mal-2026-3328 Malicious code in pocpoc2626 (npm) 2026-05-04T16:36:10Z 2026-05-04T17:38:11Z
mal-2026-3329 Malicious code in api-typings (npm) 2026-05-04T16:46:38Z 2026-05-04T16:46:38Z
mal-2026-3330 Malicious code in seek-pass (npm) 2026-05-04T16:40:53Z 2026-05-04T16:40:53Z
mal-2026-3327 Malicious code in capacitor-plugin-service-worker (npm) 2026-05-04T16:15:46Z 2026-05-04T16:40:52Z
ID Description Published Updated
ID Description Published Updated
wid-sec-w-2026-0995 OpenSSL: Mehrere Schwachstellen 2026-04-07T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0967 Red Hat Enterprise Linux (fontforge): Schwachstelle ermöglicht Codeausführung 2026-04-06T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0966 Red Hat Enterprise Linux (crun): Schwachstelle ermöglicht Privilegieneskalation 2026-04-06T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0939 cPanel cPanel/WHM (perl-YAML-Syck): Schwachstelle ermöglicht Codeausführung und DoS 2026-03-31T22:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0888 tigervnc: Schwachstelle ermöglicht Offenlegung von Informationen, Manipulation von Dateien, und Denial of Service 2026-03-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0887 Internet Systems Consortium Kea: Schwachstelle ermöglicht Denial of Service 2026-03-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0875 Red Hat Enterprise Linux (ncurses): Schwachstelle ermöglicht Codeausführung 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0870 libpng: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0863 Internet Systems Consortium BIND: Mehrere Schwachstellen 2026-03-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0860 NGINX und NGINX Plus: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0850 Mozilla Firefox und Mozilla Thunderbird: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0843 Node.js: Mehrere Schwachstellen 2026-03-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0824 Python: Schwachstelle ermöglicht Codeausführung 2026-03-22T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0790 Linux Kernel: Mehrere Schwachstellen 2026-03-18T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0769 Red Hat Enterprise Linux (capstone) und OpenShift (rhcos): Mehrere Schwachstellen 2026-03-17T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0733 libexpat: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-15T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0729 OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 2026-03-15T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0725 FreeRDP: Mehrere Schwachstellen 2026-03-12T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0716 OpenSSH GSSAPI delta: Schwachstelle ermöglicht nicht spezifizierten Angriff 2026-03-12T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0692 Mattermost MS Teams plugin: Mehrere Schwachstellen ermöglichen Denial of Service 2026-03-10T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0614 Linux Kernel: Mehrere Schwachstellen 2026-03-04T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0548 Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff 2026-02-26T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0525 GStreamer: Mehrere Schwachstellen 2026-02-25T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0514 FreeRDP: Mehrere Schwachstellen 2026-02-24T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0443 Apache Tomcat und Tomcat Native: Mehrere Schwachstellen 2026-02-17T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0421 Linux Kernel: Mehrere Schwachstellen 2026-02-15T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0409 PostgreSQL: Mehrere Schwachstellen 2026-02-12T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0378 IBM WebSphere Application Server: Schwachstelle ermöglicht nicht spezifizierten Angriff 2026-02-10T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0359 GnuTLS: Mehrere Schwachstellen ermöglichen Denial of Service 2026-02-09T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
wid-sec-w-2026-0324 Linux Kernel: Mehrere Schwachstellen 2026-02-04T23:00:00.000+00:00 2026-04-09T22:00:00.000+00:00
ID Description Published Updated
va-26-097-01 Thales Sentinel LDK Runtime Stored XSS 2026-04-07T20:50:15Z 2026-04-07T20:50:15Z
icsa-26-097-01 Mitsubishi Electric GENESIS64 and ICONICS Suite products 2026-04-07T00:00:00.000000Z 2026-04-07T06:00:00.000000Z
icsa-24-338-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C) 2024-12-03T00:00:00.000000Z 2026-04-07T06:00:00.000000Z
icsa-24-184-03 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D) 2024-07-02T06:00:00.000000Z 2026-04-07T06:00:00.000000Z
icsa-25-217-01 Mitsubishi Electric Iconics Digital Solutions Multiple Products (Update B) 2025-08-05T05:00:00.000000Z 2026-04-07T05:00:00.000000Z
icsa-25-140-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update F) 2025-05-20T04:00:00.000000Z 2026-04-07T05:00:00.000000Z
va-26-092-01 Bentley Systems iTwin Platform exposed access token 2026-04-02T17:11:43Z 2026-04-02T17:11:43Z
va-26-092-02 Zscaler Client Connector hard-coded proxy configuration domain 2026-04-02T13:54:30Z 2026-04-02T13:54:30Z
icsa-26-092-03 Hitachi Energy Ellipse 2026-02-24T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-092-02 Yokogawa CENTUM VP 2026-04-02T06:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-092-01 Siemens SICAM 8 Products 2026-03-26T00:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-25-037-02 Schneider Electric EcoStruxure (Update D) 2025-01-14T07:00:00.000000Z 2026-04-02T06:00:00.000000Z
icsa-26-055-03 Gardyn Home Kit (Update A) 2026-02-24T06:00:00.000000Z 2026-04-02T05:00:00.000000Z
va-26-084-01 Nanoleaf Lines unauthenticated firmware file store 2026-03-25T00:00:00Z 2026-04-02T00:00:00Z
icsa-26-090-02 PX4 Autopilot 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-26-090-01 Anritsu Remote Spectrum Monitor 2026-03-31T06:00:00.000000Z 2026-03-31T06:00:00.000000Z
icsa-24-324-01 Mitsubishi Electric MELSEC iQ-F Series (Update A) 2024-11-19T00:00:00.000Z 2026-03-31T00:00:00.000000Z
icsma-26-083-01 Grassroots DICOM (GDCM) 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsma-25-364-01 WHILL Model C2 Electric Wheelchairs and Model F Power Chairs (Update A) 2025-12-30T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-03 "Schneider Electric Plant iT/Brewmaxx" 2026-01-13T08:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-02 Schneider Electric EcoStruxure Foxboro DCS 2026-03-10T07:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-083-01 Pharos Controls Mosaic Show Controller 2026-03-24T06:00:00.000000Z 2026-03-24T06:00:00.000000Z
icsa-26-078-08 Automated Logic WebCTRL Premium Server 2026-03-19T06:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-05 Mitsubishi Electric CNC Series 2026-03-10T00:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-04 Schneider Electric EcoStruxure PME and EPO 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-03 Schneider Electric EcoStruxure Automation Expert 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-02 Schneider Electric Modicon Controllers M241, M251, M258, and LMC058 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-01 Schneider Electric Modicon M241, M251, and M262 2026-03-10T07:00:00.000000Z 2026-03-19T06:00:00.000000Z
icsa-26-078-07 IGL-Technologies eParking.fi 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
icsa-26-078-06 CTEK Chargeportal 2026-03-19T05:00:00.000000Z 2026-03-19T05:00:00.000000Z
ID Description Published Updated
cisco-sa-asaftd-webvpn-xss-uwjc4hr Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-vpn-m9sx6mbc Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-saml-lkttrwzp Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software SAML Reflected Cross-Site Scripting Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ospf-zh8phbsw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-luainject-vescqgms Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Lua Code Injection Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-ikev2-dos-ebuegdeg Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asaftd-desync-n5avzeqw Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-asa-ssh-keybypass-cr5xpusf Cisco Secure Firewall Adaptive Security Appliance Software SSH Partial Private Key Authentication Bypass Vulnerability 2026-03-04T16:00:00+00:00 2026-03-04T16:00:00+00:00
cisco-sa-sdwan-rpa-ehchtzk Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 2026-02-25T16:00:00+00:00 2026-03-03T00:38:56+00:00
cisco-sa-sd-wan-priv-e6e8tedf Cisco SD-WAN Software Privilege Escalation Vulnerabilities 2022-09-28T16:00:00+00:00 2026-02-25T20:29:00+00:00
cisco-sa-ucsm-cmdinj-gvxlpesb Cisco UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsm-afwae-mogufyln Cisco UCS Manager Software Privilege Escalation Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsfxosxss-7skve8zv Cisco FXOS and UCS Manager Software Stored Cross-Site Scripting Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-ucsciv-wgytc78q Cisco FXOS and UCS Manager Software Command Injection Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-ether-dos-kv8ynwz4 Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-dsnmp-cnn39uh Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-nxos-cpdos-qlsv6pfd Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-n3kn9k_aci_lldp_dos-ndgrrra3 Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-apic-dos-rnus8efw Cisco Application Policy Infrastructure Controller Denial of Service Vulnerability 2026-02-25T16:00:00+00:00 2026-02-25T16:00:00+00:00
cisco-sa-wsa-archive-bypass-scx2e8zf Cisco Secure Web Appliance Real-Time Scanning Archive File Bypass Vulnerability 2026-02-04T16:00:00+00:00 2026-02-20T21:08:47+00:00
cisco-sa-voice-rce-morhqy4b Cisco Unified Communications Products Remote Code Execution Vulnerability 2026-01-21T16:00:00+00:00 2026-02-13T15:21:01+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities 2025-10-15T16:00:00+00:00 2026-02-12T18:38:13+00:00
cisco-sa-tce-roomos-dos-9v9jrc2q Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability 2026-02-04T16:00:00+00:00 2026-02-12T17:37:39+00:00
cisco-sa-snort3-dcerpc-vulns-j9hnf4th Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities 2026-01-07T16:00:00+00:00 2026-02-10T20:42:07+00:00
cisco-sa-pi-xss-byevkcd Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-epnm-pi-redirect-6sx82dn Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-cmm-file-up-ky47n8kk Cisco Meeting Management Arbitrary File Upload Vulnerability 2026-02-04T16:00:00+00:00 2026-02-04T16:00:00+00:00
cisco-sa-ucce-pcce-xss-2jvyg3ud Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-intersight-privesc-p6tbm6jk Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
cisco-sa-iec6400-pem5uq7v Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability 2026-01-21T16:00:00+00:00 2026-01-21T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-43243 drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src 2026-05-02T00:00:00.000Z 2026-05-07T01:08:07.000Z
msrc_cve-2026-43107 xfrm: account XFRMA_IF_ID in aevent size calculation 2026-05-02T00:00:00.000Z 2026-05-07T01:08:01.000Z
msrc_cve-2025-71289 fs/ntfs3: handle attr_set_size() errors when truncating files 2026-05-02T00:00:00.000Z 2026-05-07T01:07:55.000Z
msrc_cve-2026-43258 alpha: fix user-space corruption during memory compaction 2026-05-02T00:00:00.000Z 2026-05-07T01:07:50.000Z
msrc_cve-2026-43191 drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 2026-05-02T00:00:00.000Z 2026-05-07T01:07:44.000Z
msrc_cve-2026-43244 kcm: fix zero-frag skb in frag_list on partial sendmsg error 2026-05-02T00:00:00.000Z 2026-05-07T01:07:39.000Z
msrc_cve-2026-43274 mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() 2026-05-02T00:00:00.000Z 2026-05-07T01:07:34.000Z
msrc_cve-2026-43116 netfilter: ctnetlink: ensure safe access to master conntrack 2026-05-02T00:00:00.000Z 2026-05-07T01:07:28.000Z
msrc_cve-2026-43129 ima: verify the previous kernel's IMA buffer lies in addressable RAM 2026-05-02T00:00:00.000Z 2026-05-07T01:07:23.000Z
msrc_cve-2026-43153 xfs: remove xfs_attr_leaf_hasname 2026-05-02T00:00:00.000Z 2026-05-07T01:07:17.000Z
msrc_cve-2026-43109 x86: shadow stacks: proper error handling for mmap lock 2026-05-02T00:00:00.000Z 2026-05-07T01:07:11.000Z
msrc_cve-2026-43118 btrfs: fix zero size inode with non-zero size after log replay 2026-05-02T00:00:00.000Z 2026-05-07T01:07:05.000Z
msrc_cve-2025-71273 wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() 2026-05-02T00:00:00.000Z 2026-05-07T01:06:59.000Z
msrc_cve-2026-43185 ksmbd: fix signededness bug in smb_direct_prepare_negotiation() 2026-05-02T00:00:00.000Z 2026-05-07T01:06:52.000Z
msrc_cve-2026-43197 netconsole: avoid OOB reads, msg is not nul-terminated 2026-05-02T00:00:00.000Z 2026-05-07T01:06:45.000Z
msrc_cve-2025-71285 net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels 2026-05-02T00:00:00.000Z 2026-05-07T01:06:39.000Z
msrc_cve-2026-43172 wifi: iwlwifi: fix 22000 series SMEM parsing 2026-05-02T00:00:00.000Z 2026-05-07T01:06:32.000Z
msrc_cve-2025-71293 drm/amdgpu/ras: Move ras data alloc before bad page check 2026-05-02T00:00:00.000Z 2026-05-07T01:06:24.000Z
msrc_cve-2026-43234 team: avoid NETDEV_CHANGEMTU event when unregistering slave 2026-05-02T00:00:00.000Z 2026-05-07T01:06:17.000Z
msrc_cve-2026-43115 srcu: Use irq_work to start GP in tiny SRCU 2026-05-02T00:00:00.000Z 2026-05-07T01:06:10.000Z
msrc_cve-2026-43137 ASoC: SOF: Intel: hda: Fix NULL pointer dereference 2026-05-02T00:00:00.000Z 2026-05-07T01:06:02.000Z
msrc_cve-2025-71290 misc: ti_fpc202: fix a potential memory leak in probe function 2026-05-02T00:00:00.000Z 2026-05-07T01:05:55.000Z
msrc_cve-2026-43245 ntfs: ->d_compare() must not block 2026-05-02T00:00:00.000Z 2026-05-07T01:05:48.000Z
msrc_cve-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock() 2026-05-02T00:00:00.000Z 2026-05-07T01:05:40.000Z
msrc_cve-2026-43161 iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode 2026-05-02T00:00:00.000Z 2026-05-07T01:05:01.000Z
msrc_cve-2026-43127 ntfs3: fix circular locking dependency in run_unpack_ex 2026-05-02T00:00:00.000Z 2026-05-07T01:04:54.000Z
msrc_cve-2026-43126 ALSA: mixer: oss: Add card disconnect checkpoints 2026-05-02T00:00:00.000Z 2026-05-07T01:04:46.000Z
msrc_cve-2026-43131 drm/amd/pm: Fix null pointer dereference issue 2026-05-02T00:00:00.000Z 2026-05-07T01:04:39.000Z
msrc_cve-2026-43204 ASoC: qcom: q6asm: drop DSP responses for closed data streams 2026-05-02T00:00:00.000Z 2026-05-07T01:04:27.000Z
msrc_cve-2026-43176 wifi: rtw89: pci: validate release report content before using for RTL8922DE 2026-05-02T00:00:00.000Z 2026-05-07T01:04:19.000Z
ID Description Published Updated
ncsc-2026-0080 Kwetsbaarheden verholpen in Microsoft Windows 2026-03-10T20:07:55.976638Z 2026-03-10T20:07:55.976638Z
ncsc-2026-0059 Kwetsbaarheden verholpen in Ivanti Endpoint Manager 2026-02-11T08:16:27.583936Z 2026-03-10T14:20:48.176282Z
ncsc-2026-0079 Kwetsbaarheden verholpen in Siemens producten 2026-03-10T12:39:14.474522Z 2026-03-10T12:39:14.474522Z
ncsc-2026-0071 Kwetsbaarheden verholpen in Cisco Catalyst SD-WAN Manager 2026-02-25T17:11:09.013125Z 2026-03-06T12:07:02.595940Z
ncsc-2026-0078 Kwetsbaarheden verholpen in Kibana 2026-03-05T09:36:49.056247Z 2026-03-05T09:36:49.056247Z
ncsc-2026-0077 Kwetsbaarheden verholpen in Cisco Secure Firewall systemen 2026-03-05T09:05:21.646499Z 2026-03-05T09:05:21.646499Z
ncsc-2026-0075 Kwetsbaarheid verholpen in n8n Automation Platform 2026-03-04T14:03:54.207583Z 2026-03-04T14:03:54.207583Z
ncsc-2026-0070 Kwetsbaarheden verholpen in VMware Aria Operations 2026-02-25T11:24:46.807867Z 2026-03-04T08:54:08.940512Z
ncsc-2026-0074 Kwetsbaarheden verholpen in Google Android en Samsung Mobile 2026-03-03T09:07:09.279353Z 2026-03-03T09:07:09.279353Z
ncsc-2026-0073 Kwetsbaarheid verholpen in Juniper Junos OS Evolved 2026-02-27T09:48:51.845864Z 2026-02-27T09:48:51.845864Z
ncsc-2026-0072 Kwetsbaarheden verholpen in GitLab 2026-02-27T07:15:18.318821Z 2026-02-27T07:15:18.318821Z
ncsc-2026-0069 Kwetsbaarheden verholpen in SolarWinds Serv-U 2026-02-25T10:39:38.154815Z 2026-02-25T10:39:38.154815Z
ncsc-2026-0068 Kwetsbaarheden verholpen in Splunk Enterprise en Splunk Cloud Platform 2026-02-23T14:27:28.865278Z 2026-02-23T14:27:28.865278Z
ncsc-2026-0043 Zeroday-kwetsbaarheden verholpen in Ivanti Endpoint Manager Mobile 2026-01-29T19:15:04.575371Z 2026-02-20T14:47:02.047999Z
ncsc-2026-0067 Kwetsbaarheden verholpen in GitHub Enterprise Server 2026-02-20T10:13:39.540778Z 2026-02-20T10:13:39.540778Z
ncsc-2026-0066 Kwetsbaarheid verholpen in Google Chrome 2026-02-19T08:29:30.712590Z 2026-02-19T08:29:30.712590Z
ncsc-2026-0065 Kwetsbaarheid verholpen in Dell RecoverPoint for Virtual Machines 2026-02-18T13:18:23.815384Z 2026-02-18T13:18:23.815384Z
ncsc-2026-0064 Kwetsbaarheden verholpen in Apple iOS en iPadOS 2026-02-13T13:35:03.870920Z 2026-02-13T13:35:03.870920Z
ncsc-2026-0063 Kwetsbaarheden verholpen in Apple macOS 2026-02-13T13:24:06.433550Z 2026-02-13T13:24:06.433550Z
ncsc-2026-0048 Kwetsbaarheid verholpen in BeyondTrust Remote Support 2026-02-09T10:27:57.867529Z 2026-02-13T12:54:32.614217Z
ncsc-2026-0062 Kwetsbaarheden verholpen in GitLab CE/EE 2026-02-11T11:45:05.986313Z 2026-02-11T11:45:05.986313Z
ncsc-2026-0061 Kwetsbaarheden verholpen in Fortinet FortiOS 2026-02-11T11:34:50.888067Z 2026-02-11T11:34:50.888067Z
ncsc-2026-0060 Kwetsbaarheden verholpen in Fortinet FortiSandbox, FortiAuthenticator en FortiClient 2026-02-11T11:34:36.684955Z 2026-02-11T11:34:36.684955Z
ncsc-2026-0058 Kwetsbaarheden verholpen in Microsoft Office 2026-02-10T19:11:42.825147Z 2026-02-10T19:11:42.825147Z
ncsc-2026-0057 Kwetsbaarheden verholpen in Microsoft Azure 2026-02-10T19:08:27.878305Z 2026-02-10T19:08:27.878305Z
ncsc-2026-0056 Kwetsbaarheden verholpen in Microsoft Developer Tools 2026-02-10T19:07:16.028511Z 2026-02-10T19:07:16.028511Z
ncsc-2026-0055 Kwetsbaarheid verholpen in Microsoft SQL Server 2026-02-10T19:05:45.729972Z 2026-02-10T19:05:45.729972Z
ncsc-2026-0054 Kwetsbaarheid verholpen in Microsoft Exchange 2026-02-10T19:04:51.366294Z 2026-02-10T19:04:51.366294Z
ncsc-2026-0053 Kwetsbaarheden verholpen in Microsoft Windows 2026-02-10T19:01:45.561771Z 2026-02-10T19:01:45.561771Z
ncsc-2026-0052 Kwetsbaarheden verholpen in SAP producten 2026-02-10T12:28:40.531069Z 2026-02-10T12:28:40.531069Z
ID Description Published Updated
nn-2019_2-01 CSV Injection on node label 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019_1-01 Stored XSS in field name data model 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019:2-01 CSV Injection on node label 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2019:1-01 Stored XSS in field name data model 2019-11-11T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10645-1 python311-pip-26.1-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10644-1 prometheus-postgres_exporter-0.10.1-6.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10643-1 php-composer2-2.9.7-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10642-1 libmozjs-140-0-140.10.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10641-1 libixml11-1.18.5-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10640-1 libpng12-0-1.2.59-5.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10639-1 java-25-openjdk-25.0.3.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10638-1 java-21-openjdk-21.0.11.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10637-1 java-17-openjdk-17.0.19.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10636-1 java-11-openjdk-11.0.31.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10635-1 hauler-1.4.2-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10634-1 golang-github-QubitProducts-exporter_exporter-0.4.0-16.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10633-1 freerdp-3.24.2-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10632-1 dnsdist-2.0.5-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10631-1 distribution-registry-3.1.0-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10630-1 azure-storage-azcopy-10.32.2-2.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:10629-1 PackageKit-1.3.5-1.1 on GA media 2026-04-28T00:00:00Z 2026-04-28T00:00:00Z
opensuse-su-2026:20629-1 Security update for mariadb 2026-04-27T14:44:48Z 2026-04-27T14:44:48Z
opensuse-su-2026:20632-1 Security update for freerdp2 2026-04-27T13:16:46Z 2026-04-27T13:16:46Z
opensuse-su-2026:20628-1 Security update for container-suseconnect 2026-04-27T11:20:01Z 2026-04-27T11:20:01Z
opensuse-su-2026:10625-1 xdg-dbus-proxy-0.1.7-1.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10624-1 libsystemd0-259.5-1.3 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10623-1 strongswan-6.0.6-1.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10622-1 python313-mitmproxy-12.2.2-1.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10621-1 libngtcp2-16-1.22.1-1.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10620-1 libmozjs-115-0-115.15.0-8.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10619-1 emacs-30.2-8.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10618-1 alloy-1.15.1-1.1 on GA media 2026-04-26T00:00:00Z 2026-04-26T00:00:00Z
opensuse-su-2026:10610-1 MozillaThunderbird-140.9.1-1.1 on GA media 2026-04-24T00:00:00Z 2026-04-24T00:00:00Z
opensuse-su-2026:20620-1 Security update for rclone 2026-04-23T16:22:47Z 2026-04-23T16:22:47Z
ID Description Published Updated
ID Description Published Updated
rhsa-2026:9108 Red Hat Security Advisory: gvisor-tap-vsock security update 2026-04-20T19:56:47+00:00 2026-05-07T21:44:56+00:00
rhsa-2026:9098 Red Hat Security Advisory: skopeo security update 2026-04-20T18:55:22+00:00 2026-05-07T21:44:56+00:00
rhsa-2026:8229 Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.13.6 security update 2026-04-15T02:15:09+00:00 2026-05-07T21:44:56+00:00
rhsa-2026:9097 Red Hat Security Advisory: runc security update 2026-04-20T18:53:07+00:00 2026-05-07T21:44:55+00:00
rhsa-2026:8431 Red Hat Security Advisory: OpenShift Container Platform 4.20.19 security and extras update 2026-04-22T06:59:10+00:00 2026-05-07T21:44:54+00:00
rhsa-2026:8337 Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release. 2026-04-15T18:11:57+00:00 2026-05-07T21:44:54+00:00
rhsa-2026:8218 Red Hat Security Advisory: multicluster engine for Kubernetes v2.8.5 security update 2026-04-15T01:45:31+00:00 2026-05-07T21:44:54+00:00
rhsa-2026:8167 Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release. 2026-04-14T18:58:52+00:00 2026-05-07T21:44:53+00:00
rhsa-2026:7854 Red Hat Security Advisory: podman security update 2026-04-13T12:51:03+00:00 2026-05-07T21:44:51+00:00
rhsa-2026:14868 Red Hat Security Advisory: buildah security update 2026-05-07T18:15:36+00:00 2026-05-07T21:44:50+00:00
rhsa-2026:7942 Red Hat Security Advisory: HawtIO 4.3.1 for Red Hat build of Apache Camel 4 Release and security update. 2026-04-13T21:59:31+00:00 2026-05-07T21:44:49+00:00
rhsa-2026:7676 Red Hat Security Advisory: rhc security update 2026-04-13T02:21:56+00:00 2026-05-07T21:44:48+00:00
rhsa-2026:7249 Red Hat Security Advisory: OpenShift Container Platform 4.19.28 bug fix and security update 2026-04-16T10:18:08+00:00 2026-05-07T21:44:48+00:00
rhsa-2026:6554 Red Hat Security Advisory: OpenShift Container Platform 4.18.37 bug fix and security update 2026-04-09T07:52:48+00:00 2026-05-07T21:44:48+00:00
rhsa-2026:13545 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update 2026-05-04T17:14:54+00:00 2026-05-07T21:44:46+00:00
rhsa-2026:12282 Red Hat Security Advisory: OpenShift Container Platform 4.12.88 bug fix and security update 2026-05-06T13:32:35+00:00 2026-05-07T21:44:46+00:00
rhsa-2026:12032 Red Hat Security Advisory: containernetworking-plugins security update 2026-04-30T03:33:54+00:00 2026-05-07T21:44:46+00:00
rhsa-2026:12033 Red Hat Security Advisory: gvisor-tap-vsock security update 2026-04-30T03:35:28+00:00 2026-05-07T21:44:44+00:00
rhsa-2026:12031 Red Hat Security Advisory: runc security update 2026-04-30T03:29:55+00:00 2026-05-07T21:44:44+00:00
rhsa-2026:12030 Red Hat Security Advisory: buildah security update 2026-04-30T03:33:47+00:00 2026-05-07T21:44:44+00:00
rhsa-2026:12029 Red Hat Security Advisory: skopeo security update 2026-04-30T03:01:07+00:00 2026-05-07T21:44:43+00:00
rhsa-2026:12028 Red Hat Security Advisory: podman security update 2026-04-30T03:03:35+00:00 2026-05-07T21:44:42+00:00
rhsa-2026:11749 Red Hat Security Advisory: buildah security update 2026-04-29T14:31:52+00:00 2026-05-07T21:44:41+00:00
rhsa-2026:11747 Red Hat Security Advisory: Release of containers for RHOSO 18.0.18 security update 2026-04-29T13:59:22+00:00 2026-05-07T21:44:41+00:00
rhsa-2026:11688 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.6.15 2026-04-29T12:20:23+00:00 2026-05-07T21:44:41+00:00
rhsa-2026:10250 Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.0 release. 2026-04-23T20:17:23+00:00 2026-05-07T21:44:39+00:00
rhsa-2026:10225 Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.0 release. 2026-04-23T18:54:04+00:00 2026-05-07T21:44:38+00:00
rhsa-2026:10184 Red Hat Security Advisory: RHOAI 2.25.5 - Red Hat OpenShift AI 2026-04-23T14:53:58+00:00 2026-05-07T21:44:38+00:00
rhsa-2026:10096 Red Hat Security Advisory: OpenShift Container Platform 4.16.60 packages and security update 2026-04-30T12:29:03+00:00 2026-05-07T21:44:37+00:00
rhsa-2026:8868 Red Hat Security Advisory: nghttp2 security update 2026-04-20T02:56:54+00:00 2026-05-07T21:44:34+00:00
ID Description Published Updated
sevd-2025-014-09 EcoStruxure™ Power Build Rapsody 2025-01-14T00:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2024-282-05 EcoStruxure™ Power Monitoring Expert (PME) 2024-10-08T04:00:00.000Z 2025-05-13T04:00:00.000Z
sevd-2025-098-02 Trio™ Q Licensed Data Radios 2025-04-08T04:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-014-01 Modicon M580 PLCs, BMENOR2200H and EVLink Pro AC 2025-01-14T05:00:00.000Z 2025-04-08T04:00:00.000Z
sevd-2025-070-03 WebHMI Component For EcoStruxure™ Power Automation System User Interface and EcoStruxure™ Microgrid Operation Large 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-02 EPAS-UI & EcoSUI 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-070-01 EcoStruxure™ Panel Server 2025-03-11T04:00:00.000Z 2025-03-11T04:00:00.000Z
sevd-2025-042-04 Enerlin'X IFE and eIFE 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-03 EcoStruxure™ Process Expert, EcoStruxure™ Process Expert for AVEVA System Platform 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-042-01 ASCO 5310 / 5350 Remote Annunciator 2025-02-11T06:00:00.000Z 2025-02-11T06:00:00.000Z
sevd-2025-014-08 Power Logic HDPM6000 High-Density Metering System 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2025-014-04 Web Designer for Modicon Communication Modules 2025-01-14T00:00:00.000Z 2025-01-14T00:00:00.000Z
sevd-2024-345-02 Harmony HMI and Pro-face HMI products 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-345-01 PowerChute Serial Shutdown 2024-12-10T00:00:00.000Z 2024-12-10T00:00:00.000Z
sevd-2024-317-04 EcoStruxure™ IT Gateway 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-317-01 PowerLogic PM5300 Series 2024-11-12T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2021-159-02 PowerLogic PM5500 and PowerLogic PM8ECC 2021-06-08T00:00:00.000Z 2024-11-12T00:00:00.000Z
sevd-2024-282-08 EcoStruxure EV Charging Expert 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-07 System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-06 Zelio Soft 2 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-04 EVlink Home Smart and Schneider Charge 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-03 Easergy Studio 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-02 Harmony iPC – HMIBSC IIoT Edge Box Core 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-282-01 Data Center Expert 2024-10-08T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2022-102-02 Modicon M340 Controller and Communication Modules 2022-04-12T00:00:00.000Z 2024-10-08T00:00:00.000Z
sevd-2024-254-02 EcoStruxure™ Power Monitoring Expert and EcoStruxure™ Power Operation or EcoStruxure™ Power SCADA Operation with Advanced Reporting and Dashboards 2024-09-10T00:00:00.000Z 2024-09-10T00:00:00.000Z
sevd-2024-163-02 PowerLogic P5 2024-06-11T00:00:00.000Z 2024-09-10T00:00:00.000Z
sevd-2023-073-01 EcoStruxure™ Power Monitoring Expert 2023-03-14T00:00:00.000Z 2024-09-10T00:00:00.000Z
sevd-2023-192-02 ​​EcoStruxure™ OPC UA Server Expert​ 2023-07-11T07:01:56.000Z 2024-08-13T07:00:00.000Z
sevd-2024-226-02 EcoStruxure™ Machine SCADA Expert / BLUE Open Studio 2024-08-13T00:00:00.000Z 2024-08-13T00:00:00.000Z
ID Description Published Updated
sca-2022-0003 Vulnerabilities in SICK FTMg 2022-03-31T15:00:00.000Z 2022-03-31T15:00:00.000Z
sca-2022-0002 PwnKit vulnerability affects multiple SICK IPCs 2022-02-23T16:00:00.000Z 2022-02-23T16:00:00.000Z
sca-2022-0001 Vulnerability in SICK FieldEcho 2022-02-17T16:00:00.000Z 2022-02-17T16:00:00.000Z
sca-2021-0003 SICK Security Advisory for Apache Log4j (CVE-2021-44228) 2021-12-14T17:00:00.000Z 2021-12-17T12:00:00.000Z
sca-2021-0004 Vulnerabilities in SICK SOPAS ET 2021-12-16T08:00:00.000Z 2021-12-17T08:00:00.000Z
sca-2021-0002 MEAC affected by Windows SMBv1 vulnerability 2021-08-04T10:00:00.000Z 2021-08-04T10:00:00.000Z
sca-2021-0001 Inadequate SSH configuration in SICK Visionary-S CX 2021-06-25T10:00:00.000Z 2021-06-25T10:00:00.000Z
sca-2020-0005 Package Analytics affected by Windows TCP/IP vulnerability 2020-10-29T11:00:00.000Z 2020-10-29T11:00:00.000Z
sca-2020-0004 Vulnerability in Platform Mechanism AutoIP 2020-08-31T10:00:00.000Z 2020-08-31T10:00:00.000Z
sca-2020-0003 MEAC affected by Windows SMBv3 vulnerability 2020-08-07T10:00:00.000Z 2020-08-07T10:00:00.000Z
sca-2020-0002 Vulnerabilities in SICK Package Analytics 2020-08-07T10:00:00.000Z 2020-07-28T10:00:00.000Z
sca-2020-0001 Security Information Regarding "Profile Programming" 2020-05-31T10:00:00.000Z 2020-05-31T10:00:00.000Z
sca-2019-0002 Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000 2019-09-20T10:00:00.000Z 2019-09-20T10:00:00.000Z
sca-2019-0001 MSC800 affected by hard-coded credentials vulnerability 2019-06-21T10:00:00.000Z 2019-06-21T10:00:00.000Z
ID Description Published Updated
ssa-365200 SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products 2025-10-14T00:00:00Z 2026-01-13T00:00:00Z
ssa-364175 SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 2024-07-09T00:00:00Z 2026-01-13T00:00:00Z
ssa-192617 SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-014678 SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-001536 SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-512988 SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 2025-12-12T00:00:00Z 2025-12-12T00:00:00Z
ssa-915282 SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-882673 SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-800126 SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-763474 SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-734261 SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-723487 SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products 2024-07-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-693808 SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-673996 SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products 2024-09-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-626856 SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-493396 SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms 2025-08-12T00:00:00Z 2025-12-09T00:00:00Z
ssa-471761 SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-420375 SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-416652 SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-392859 SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20 2024-12-10T00:00:00Z 2025-12-09T00:00:00Z
ssa-356310 SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-202008 SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-241605 SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-190588 SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget 2025-11-17T00:00:00Z 2025-11-17T00:00:00Z
ssa-794185 SSA-794185: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SIPROTEC, SICAM and Related Products 2025-05-13T00:00:00Z 2025-11-11T00:00:00Z
ssa-750499 SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices 2024-07-09T00:00:00Z 2025-11-11T00:00:00Z
ssa-711309 SSA-711309: Denial of Service Vulnerability in the OPC UA Implementations of SIMATIC Products 2023-09-12T00:00:00Z 2025-11-11T00:00:00Z
ssa-687955 SSA-687955: Accessible Development Shell via Physical Interface in SIPROTEC 5 2025-02-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-682326 SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 2025-11-11T00:00:00Z 2025-11-11T00:00:00Z
ssa-631336 SSA-631336: Multiple Web Server Vulnerabilities in SICAM GridEdge Before V2.6.6 2022-06-14T00:00:00Z 2025-11-11T00:00:00Z
ID Description Published Updated
suse-su-2026:21463-1 Security update for the Linux Kernel 2026-05-02T08:18:13Z 2026-05-02T08:18:13Z
suse-su-2026:21439-1 Security update for the Linux Kernel 2026-05-02T08:18:13Z 2026-05-02T08:18:13Z
suse-su-2026:21454-1 Security update for the Linux Kernel 2026-05-02T08:10:07Z 2026-05-02T08:10:07Z
suse-su-2026:1676-1 Security update for the Linux Kernel 2026-05-02T07:19:34Z 2026-05-02T07:19:34Z
suse-su-2026:1675-1 Security update for the Linux Kernel 2026-05-02T07:19:20Z 2026-05-02T07:19:20Z
suse-su-2026:1674-1 Security update for the Linux Kernel 2026-05-02T07:19:11Z 2026-05-02T07:19:11Z
suse-su-2026:21421-1 Security update for the Linux Kernel 2026-05-02T07:09:30Z 2026-05-02T07:09:30Z
suse-su-2026:1672-1 Security update for the Linux Kernel 2026-05-02T06:02:50Z 2026-05-02T06:02:50Z
suse-su-2026:1671-1 Security update for the Linux Kernel 2026-05-02T06:01:05Z 2026-05-02T06:01:05Z
suse-su-2026:1670-1 Security update for the Linux Kernel 2026-05-02T05:53:40Z 2026-05-02T05:53:40Z
suse-su-2026:1669-1 Security update for the Linux Kernel 2026-05-02T05:38:43Z 2026-05-02T05:38:43Z
suse-su-2026:21442-1 Security update for the Linux Kernel 2026-05-01T23:16:53Z 2026-05-01T23:16:53Z
suse-su-2026:21453-1 Security update for the Linux Kernel 2026-05-01T22:29:58Z 2026-05-01T22:29:58Z
suse-su-2026:21456-1 Security update for kernel-livepatch-MICRO-6-0_Update_19 2026-05-01T21:26:43Z 2026-05-01T21:26:43Z
suse-su-2026:21441-1 Security update for kernel-livepatch-MICRO-6-0_Update_19 2026-05-01T21:26:43Z 2026-05-01T21:26:43Z
suse-su-2026:1668-1 Security update for the Linux Kernel 2026-05-01T08:37:51Z 2026-05-01T08:37:51Z
suse-su-2026:1667-1 Security update for python-Pygments 2026-04-30T17:22:44Z 2026-04-30T17:22:44Z
suse-su-2026:1666-1 Security update for python-Pygments 2026-04-30T17:22:16Z 2026-04-30T17:22:16Z
suse-su-2026:21437-1 Security update for himmelblau 2026-04-30T17:06:48Z 2026-04-30T17:06:48Z
suse-su-2026:21436-1 Security update for freerdp 2026-04-30T16:54:05Z 2026-04-30T16:54:05Z
suse-su-2026:21452-1 Security update for curl 2026-04-30T14:46:10Z 2026-04-30T14:46:10Z
suse-su-2026:21461-1 Security update for helm 2026-04-30T13:22:50Z 2026-04-30T13:22:50Z
suse-su-2026:21434-1 Security update for helm 2026-04-30T13:22:50Z 2026-04-30T13:22:50Z
suse-su-2026:1662-1 Security update for glibc-livepatches 2026-04-30T13:16:20Z 2026-04-30T13:16:20Z
suse-su-2026:1661-1 Security update for the Linux Kernel 2026-04-30T12:05:10Z 2026-04-30T12:05:10Z
suse-su-2026:21428-1 Security update for libssh 2026-04-30T09:40:57Z 2026-04-30T09:40:57Z
suse-su-2026:21396-1 Security update for libssh 2026-04-30T09:40:57Z 2026-04-30T09:40:57Z
suse-su-2026:1660-1 Security update for libheif 2026-04-29T14:38:03Z 2026-04-29T14:38:03Z
suse-su-2026:21433-1 Security update for openexr 2026-04-29T14:30:55Z 2026-04-29T14:30:55Z
suse-su-2026:21432-1 Security update for ntfs-3g_ntfsprogs 2026-04-29T14:20:44Z 2026-04-29T14:20:44Z
ID Description Published Updated
alsa-2026:10767 Important: firefox security update 2026-04-27T00:00:00Z 2026-04-29T08:55:20Z
alsa-2026:11349 Moderate: libxml2 security update 2026-04-28T00:00:00Z 2026-04-29T08:51:02Z
alsa-2026:11352 Important: xorg-x11-server-Xwayland security update 2026-04-28T00:00:00Z 2026-04-29T08:49:14Z
alsa-2026:11360 Important: LibRaw security update 2026-04-28T00:00:00Z 2026-04-29T08:47:37Z
alsa-2026:11369 Important: xorg-x11-server-Xwayland security update 2026-04-28T00:00:00Z 2026-04-29T08:45:59Z
alsa-2026:11388 Important: xorg-x11-server security update 2026-04-28T00:00:00Z 2026-04-29T08:43:57Z
alsa-2026:11389 Important: vim security update 2026-04-28T00:00:00Z 2026-04-29T08:41:26Z
alsa-2026:10713 Important: pcs security update 2026-04-27T00:00:00Z 2026-04-29T08:19:01Z
alsa-2026:11062 Important: python3.11 security update 2026-04-27T00:00:00Z 2026-04-28T13:42:34Z
alsa-2026:10950 Important: python3.12 security update 2026-04-27T00:00:00Z 2026-04-28T13:40:19Z
alsa-2026:10949 Important: python3.9 security update 2026-04-27T00:00:00Z 2026-04-28T13:38:08Z
alsa-2026:10774 Important: python3.11 security update 2026-04-27T00:00:00Z 2026-04-28T13:35:54Z
alsa-2026:10758 Important: sudo security update 2026-04-27T00:00:00Z 2026-04-28T13:33:57Z
alsa-2026:10745 Important: python3.12 security update 2026-04-27T00:00:00Z 2026-04-28T13:32:18Z
alsa-2026:10741 Important: gdk-pixbuf2 security update 2026-04-27T00:00:00Z 2026-04-28T13:29:07Z
alsa-2026:10739 Important: tigervnc security update 2026-04-27T00:00:00Z 2026-04-28T13:27:18Z
alsa-2026:10710 Important: pcs security update 2026-04-27T00:00:00Z 2026-04-28T13:25:52Z
alsa-2026:10707 Important: gdk-pixbuf2 security update 2026-04-27T00:00:00Z 2026-04-28T13:24:49Z
alsa-2026:10702 Important: webkit2gtk3 security update 2026-04-27T00:00:00Z 2026-04-28T13:23:05Z
alsa-2026:9686 Important: java-17-openjdk security update 2026-04-23T00:00:00Z 2026-04-28T13:20:41Z
alsa-2026:10223 Important: grafana security update 2026-04-23T00:00:00Z 2026-04-28T13:15:16Z
alsa-2026:8456 Important: osbuild-composer security update 2026-04-16T00:00:00Z 2026-04-24T10:09:11Z
alsa-2026:9264 Important: kernel security update 2026-04-21T00:00:00Z 2026-04-24T10:07:33Z
alsa-2026:9692 Important: webkit2gtk3 security update 2026-04-22T00:00:00Z 2026-04-24T10:02:57Z
alsa-2026:9666 Moderate: wireshark security update 2026-04-22T00:00:00Z 2026-04-24T10:01:40Z
alsa-2026:9638 Important: thunderbird security update 2026-04-22T00:00:00Z 2026-04-24T10:00:18Z
alsa-2026:9693 Important: java-25-openjdk security update 2026-04-22T00:00:00Z 2026-04-24T09:58:24Z
alsa-2026:9044 Important: osbuild-composer security update 2026-04-20T00:00:00Z 2026-04-22T11:48:37Z
alsa-2026:8921 Important: kernel security update 2026-04-20T00:00:00Z 2026-04-22T10:40:57Z
alsa-2026:9345 Important: thunderbird security update 2026-04-21T00:00:00Z 2026-04-22T07:34:30Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
osv-2025-580 UNKNOWN READ in signed char Assimp::StreamReader<false, false>::Get<signed char> 2025-07-29T00:16:41.422221Z 2026-04-30T14:29:31.343013Z
osv-2026-650 Use-of-uninitialized-value in Mat_int32Swap 2026-04-29T00:19:17.230021Z 2026-04-29T14:32:22.076704Z
osv-2026-623 Use-of-uninitialized-value in Mat_PrintNumber 2026-04-25T00:20:05.313883Z 2026-04-29T14:30:10.451501Z
osv-2026-649 Container-overflow in OGRGeometryFactory::organizePolygons 2026-04-29T00:10:47.581403Z 2026-04-29T00:10:47.581821Z
osv-2026-646 Heap-buffer-overflow in sentencepiece::unigram::Model::EncodeOptimized 2026-04-29T00:04:02.164830Z 2026-04-29T00:04:02.165140Z
osv-2026-629 Security exception in org.apache.thrift.protocol.TProtocolUtil.skip 2026-04-26T00:19:19.237477Z 2026-04-28T14:18:36.402139Z
osv-2026-630 Use-of-uninitialized-value in JXRHandlerPrivate::readTextMeta 2026-04-27T00:02:58.068470Z 2026-04-27T00:02:58.068916Z
osv-2022-763 Heap-buffer-overflow in sqlite3VdbeExec 2022-08-21T00:00:23.656015Z 2026-04-26T14:19:51.633996Z
osv-2024-440 UNKNOWN READ 2024-05-07T00:06:11.033336Z 2026-04-25T14:18:51.314914Z
osv-2026-621 Use-of-uninitialized-value in vcardtime_from_string 2026-04-25T00:17:10.236683Z 2026-04-25T00:17:10.237046Z
osv-2024-396 UNKNOWN READ in jvp_object_free 2024-05-01T00:11:24.552935Z 2026-04-24T14:19:17.552379Z
osv-2024-914 UNKNOWN READ in boost::re_detail_500::basic_regex_formatter<std::__1::ostream_iterator<char, cha 2024-08-16T00:08:20.277708Z 2026-04-24T14:18:54.995966Z
osv-2024-112 Stack-overflow in boost::read_graphviz_detail::parser::parse_subgraph 2024-02-16T00:05:47.896843Z 2026-04-24T14:13:21.773842Z
osv-2020-1611 Heap-buffer-overflow in yaml_emitter_emit_flow_mapping_key 2020-08-14T00:01:51.615528Z 2026-04-24T14:08:19.312442Z
osv-2026-616 Use-of-uninitialized-value in JXRHandlerPrivate::colorSpace 2026-04-24T00:20:25.044744Z 2026-04-24T00:20:25.045135Z
osv-2025-266 Heap-buffer-overflow in lj_buf_ruleb128 2025-04-08T00:17:06.279554Z 2026-04-23T14:27:49.452133Z
osv-2025-1020 Heap-buffer-overflow in mmcall 2025-12-25T00:17:49.020029Z 2026-04-23T14:26:53.545771Z
osv-2025-312 Heap-buffer-overflow in ZSTD_decompressMultiFrame 2025-05-02T00:14:14.459388Z 2026-04-23T14:09:47.792625Z
osv-2023-390 Heap-buffer-overflow in sdhci_write 2023-05-12T14:00:08.854823Z 2026-04-22T14:35:41.637005Z
osv-2022-581 Heap-buffer-overflow in megasas_map_sgl 2022-07-14T00:00:45.644503Z 2026-04-22T14:35:33.317656Z
osv-2021-820 UNKNOWN READ in virtio_gpu_disable_scanout 2021-06-02T00:00:31.619765Z 2026-04-22T14:32:37.244679Z
osv-2022-312 Heap-buffer-overflow in dhcp_reply 2022-04-07T00:00:40.457052Z 2026-04-22T14:08:42.726114Z
osv-2026-611 Heap-buffer-overflow in ParseOpaqueMetadata 2026-04-22T00:09:09.767586Z 2026-04-22T00:09:09.767978Z
osv-2026-608 Stack-buffer-overflow in is_http 2026-04-22T00:04:16.715949Z 2026-04-22T00:04:16.716488Z
osv-2026-603 UNKNOWN READ in <wasmtime::runtime::func::Func>::call_unchecked_raw::< 2026-04-21T00:05:37.586369Z 2026-04-21T00:05:37.586785Z
osv-2026-600 Heap-buffer-overflow in skcms_private::baseline::clut 2026-04-21T00:03:54.845282Z 2026-04-21T00:03:54.845623Z
osv-2025-1059 Security exception in com.google.re2j.Machine.add 2026-01-18T00:02:23.827422Z 2026-04-20T14:15:42.315180Z
osv-2022-652 Use-of-uninitialized-value in udiv 2022-07-29T00:02:04.321859Z 2026-04-20T14:10:26.566278Z
osv-2022-599 Use-of-uninitialized-value in mrb_bint_as_int 2022-07-20T00:00:11.865502Z 2026-04-20T14:10:24.129976Z
osv-2022-679 Heap-buffer-overflow in udiv 2022-08-07T00:01:59.645310Z 2026-04-20T14:06:31.342885Z
ID Description Published Updated
rustsec-2023-0122 `winx-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0121 `libusb1-main` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0120 `windows-service-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0119 `openvpn-plugin-rs` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0118 `win_run_rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0117 `tauri-winrt-notifications` was removed from crates.io for malicious code 2023-11-20T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0116 `registry-win` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0115 `acceptxmr-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0114 `tiny-server` was removed from crates.io for malicious code 2023-11-06T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0113 `win-base64-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0112 `monero-rpc-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0111 `monero-api` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0110 `postgresderive` was removed from crates.io for malicious code 2023-08-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0109 `win-crypto` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0108 `tauri-win-rt-notification` was removed from crates.io for malicious code 2023-11-20T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0107 `lasso-rs` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0106 `lfest-main` was removed from crates.io for malicious code 2023-11-15T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0105 `windowsservice` was removed from crates.io for malicious code 2023-11-18T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2023-0104 `littest` was removed from crates.io for malicious code 2023-11-06T12:00:00Z 2026-03-26T06:26:31Z
rustsec-2025-0154 `replit_ruspty` was removed from crates.io for malicious code 2025-11-04T12:00:00Z 2026-03-25T08:37:19Z
rustsec-2026-0049 CRLs not considered authoritative by Distribution Point due to faulty matching logic 2026-03-20T12:00:00Z 2026-03-24T08:22:29Z
rustsec-2026-0072 Missing Check for All-Zero X25519 Shared Secret 2026-02-04T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0071 Nonce Reuse in HPKE Context 2026-02-05T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0070 Panic When Opening or Sealing on Export-Only Context 2026-02-11T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0069 Incorrect Length Encoding on KDF Export 2026-02-11T12:00:00Z 2026-03-24T08:16:07Z
rustsec-2026-0068 tar-rs incorrectly ignores PAX size headers if header size is nonzero 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0067 `unpack_in` can chmod arbitrary directories by following symlinks 2026-03-19T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0066 Insufficient validation of PAX extensions during extraction 2026-03-17T12:00:00Z 2026-03-23T09:31:59Z
rustsec-2026-0047 PKCS7_verify Signature Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
rustsec-2026-0046 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC 2026-03-02T12:00:00Z 2026-03-21T06:45:35Z
ID Description Published Updated
bit-java-2025-30749 2026-05-06T14:45:25.824Z 2026-05-06T15:10:05.412Z
bit-java-2025-30698 2026-05-06T14:45:24.584Z 2026-05-06T15:10:05.412Z
bit-java-2025-30691 2026-05-06T14:45:23.157Z 2026-05-06T15:10:05.412Z
bit-java-2025-27113 2026-05-06T14:45:21.731Z 2026-05-06T15:10:05.412Z
bit-java-2025-24928 2026-05-06T14:45:20.148Z 2026-05-06T15:10:05.412Z
bit-java-2025-24855 2026-05-06T14:45:18.662Z 2026-05-06T15:10:05.412Z
bit-java-2025-21587 2026-05-06T14:45:17.182Z 2026-05-06T15:10:05.412Z
bit-java-2025-21502 2026-05-06T14:45:15.746Z 2026-05-06T15:10:05.412Z
bit-java-2025-10911 Libxslt: use-after-free with key data stored cross-rvt 2026-05-06T14:45:14.224Z 2026-05-06T15:10:05.412Z
bit-java-2025-0509 Signing Checks Bypass 2026-05-06T14:45:12.781Z 2026-05-06T15:10:05.412Z
bit-java-2024-56171 2026-05-06T14:45:11.536Z 2026-05-06T15:10:05.412Z
bit-java-2024-55549 2026-05-06T14:45:10.140Z 2026-05-06T15:10:05.412Z
bit-java-2024-54534 2026-05-06T14:45:08.551Z 2026-05-06T15:10:05.412Z
bit-java-2024-47778 GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk 2026-05-06T14:45:07.074Z 2026-05-06T15:10:05.412Z
bit-java-2024-47777 GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk 2026-05-06T14:45:05.604Z 2026-05-06T15:10:05.412Z
bit-java-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk 2026-05-06T14:45:04.040Z 2026-05-06T15:10:05.412Z
bit-java-2024-47775 GHSL-2024-261: GStreamer has an OOB-read in parse_ds64 2026-05-06T14:45:02.492Z 2026-05-06T15:10:05.412Z
bit-java-2024-47606 GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes 2026-05-06T14:45:01.107Z 2026-05-06T15:10:05.412Z
bit-java-2024-47597 GHSL-2024-245: GStreamer has an OOB-read in qtdemux_parse_samples 2026-05-06T14:44:59.658Z 2026-05-06T15:10:05.412Z
bit-java-2024-47596 GHSL-2024-244: GStreamer has an OOB-read in FOURCC_SMI_ parsing 2026-05-06T14:44:58.317Z 2026-05-06T15:10:05.412Z
bit-java-2024-47546 GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read 2026-05-06T14:44:56.653Z 2026-05-06T15:10:05.412Z
bit-java-2024-47545 GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read 2026-05-06T14:44:55.155Z 2026-05-06T15:10:05.412Z
bit-java-2024-47544 GHSL-2024-238: GStreamer has NULL-pointer dereferences in MP4/MOV demuxer CENC handling 2026-05-06T14:44:53.678Z 2026-05-06T15:10:05.412Z
bit-java-2024-40896 2026-05-06T14:44:52.133Z 2026-05-06T15:10:05.412Z
bit-java-2024-25062 2026-05-06T14:44:50.635Z 2026-05-06T15:10:05.412Z
bit-java-2024-21235 2026-05-06T14:44:49.268Z 2026-05-06T15:10:05.412Z
bit-java-2024-21217 2026-05-06T14:44:47.881Z 2026-05-06T15:10:05.412Z
bit-java-2024-21211 2026-05-06T14:44:46.500Z 2026-05-06T15:10:05.412Z
bit-java-2024-21210 2026-05-06T14:44:45.069Z 2026-05-06T15:10:05.412Z
bit-java-2024-21208 2026-05-06T14:44:43.591Z 2026-05-06T15:10:05.412Z
ID Description Published Updated
cleanstart-2026-ec57959 protojson 2026-04-15T00:38:38.411296Z 2026-04-14T11:35:55Z
cleanstart-2026-bz28794 Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service 2026-04-15T00:41:09.072733Z 2026-04-14T10:03:45Z
cleanstart-2026-fa60324 It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session 2026-04-15T00:42:39.375533Z 2026-04-14T09:27:59Z
cleanstart-2026-kc83705 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-15T00:53:10.163760Z 2026-04-14T09:04:57Z
cleanstart-2026-fz27876 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-15T00:44:39.850466Z 2026-04-14T08:58:37Z
cleanstart-2026-fd98843 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-15T00:43:03.053896Z 2026-04-14T08:58:37Z
cleanstart-2026-eo57061 In libexpat before 2 2026-04-15T00:45:38.991412Z 2026-04-14T08:58:37Z
cleanstart-2026-mw52599 OpenVPN version 2 2026-04-15T00:50:39.610141Z 2026-04-14T06:07:21Z
cleanstart-2026-nh62318 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-14T00:38:02.309746Z 2026-04-13T11:37:38Z
cleanstart-2026-ka64649 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-14T00:38:03.199310Z 2026-04-13T11:37:38Z
cleanstart-2026-jh41080 In libexpat before 2 2026-04-14T00:41:12.662437Z 2026-04-13T11:37:38Z
cleanstart-2026-nj21771 png_image_free in png 2026-04-14T00:41:12.278705Z 2026-04-13T10:08:55Z
cleanstart-2026-fh63386 When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint 2026-04-14T00:44:12.807187Z 2026-04-13T10:06:48Z
cleanstart-2026-lk73694 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-14T00:43:42.897096Z 2026-04-13T05:21:32Z
cleanstart-2026-ne70100 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-12T00:36:10.440964Z 2026-04-11T06:04:40Z
cleanstart-2026-mz25894 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-12T00:36:10.207025Z 2026-04-11T06:04:40Z
cleanstart-2026-hu81793 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-12T00:36:09.840766Z 2026-04-11T06:04:40Z
cleanstart-2026-jt73156 protojson 2026-04-11T00:42:17.168521Z 2026-04-10T12:27:18Z
cleanstart-2026-ei21238 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-11T00:37:54.711613Z 2026-04-10T10:45:58Z
cleanstart-2026-lb69194 In libexpat before 2 2026-04-11T00:39:42.680532Z 2026-04-10T05:48:24Z
cleanstart-2026-ay21238 security issue was discovered in Kubernetes where a malicious or compromised pod could bypass network restrictions enforced by network policies during namespace deletion 2026-04-10T00:37:58.214935Z 2026-04-09T11:56:50Z
cleanstart-2026-ng75665 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-10T00:56:28.527348Z 2026-04-09T11:53:35Z
cleanstart-2026-bm53321 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-10T00:51:58.426076Z 2026-04-09T11:53:35Z
cleanstart-2026-ng28268 gRPC-Go is the Go language implementation of gRPC 2026-04-10T00:47:58.418185Z 2026-04-09T11:52:13Z
cleanstart-2026-jy63371 Delete function fails to properly validate offsets when processing malformed JSON input 2026-04-10T00:45:58.478015Z 2026-04-09T11:52:13Z
cleanstart-2026-cd13174 gRPC-Go is the Go language implementation of gRPC 2026-04-10T00:49:58.731115Z 2026-04-09T11:52:13Z
cleanstart-2026-dk61762 filippo 2026-04-10T00:51:28.611547Z 2026-04-09T11:46:58Z
cleanstart-2026-ar20742 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-10T00:51:28.608050Z 2026-04-09T11:46:58Z
cleanstart-2026-in87004 In libexpat before 2 2026-04-10T00:52:28.484967Z 2026-04-09T11:45:48Z
cleanstart-2026-ag20129 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-10T00:51:29.221302Z 2026-04-09T11:45:48Z
ID Description Published Updated
ID Description Updated
ID Description Published Updated
CERTFR-2024-ALE-001 [MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways 2024-01-11T00:00:00.000000 2024-04-15T00:00:00.000000
certfr-2024-ale-002 [MàJ] Multiples Vulnérabilités dans GitLab 2024-01-12T00:00:00.000000 2024-02-22T00:00:00.000000
CERTFR-2024-ALE-002 [MàJ] Multiples Vulnérabilités dans GitLab 2024-01-12T00:00:00.000000 2024-02-22T00:00:00.000000
certfr-2023-ale-013 Vulnérabilité dans Apache Struts 2 2023-12-13T00:00:00.000000 2024-02-16T00:00:00.000000
certfr-2023-ale-012 [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2023-10-23T00:00:00.000000 2024-02-16T00:00:00.000000
certfr-2023-ale-011 [MàJ] Multiples vulnérabilités dans Cisco IOS XE 2023-10-17T00:00:00.000000 2024-02-16T00:00:00.000000
certfr-2023-ale-010 Multiples vulnérabilités dans Exim 2023-10-02T00:00:00.000000 2024-02-16T00:00:00.000000
CERTFR-2023-ALE-013 Vulnérabilité dans Apache Struts 2 2023-12-13T00:00:00.000000 2024-02-16T00:00:00.000000
CERTFR-2023-ALE-012 [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2023-10-23T00:00:00.000000 2024-02-16T00:00:00.000000
CERTFR-2023-ALE-011 [MàJ] Multiples vulnérabilités dans Cisco IOS XE 2023-10-17T00:00:00.000000 2024-02-16T00:00:00.000000
CERTFR-2023-ALE-010 Multiples vulnérabilités dans Exim 2023-10-02T00:00:00.000000 2024-02-16T00:00:00.000000
certfr-2023-ale-008 [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2023-07-19T00:00:00.000000 2024-01-02T00:00:00.000000
certfr-2023-ale-007 [MàJ] Vulnérabilité dans Zimbra Collaboration Suite 2023-07-17T00:00:00.000000 2024-01-02T00:00:00.000000
CERTFR-2023-ALE-008 [MàJ] Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway 2023-07-19T00:00:00.000000 2024-01-02T00:00:00.000000
CERTFR-2023-ALE-007 [MàJ] Vulnérabilité dans Zimbra Collaboration Suite 2023-07-17T00:00:00.000000 2024-01-02T00:00:00.000000
certfr-2023-ale-006 Vulnérabilité dans les produits Microsoft 2023-12-12T00:00:00.000000 2023-07-12T00:00:00.000000
CERTFR-2023-ALE-006 Vulnérabilité dans les produits Microsoft 2023-12-12T00:00:00.000000 2023-07-12T00:00:00.000000
certfr-2023-ale-009 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2023-07-26T00:00:00.000000 2023-09-15T00:00:00.000000
CERTFR-2023-ALE-009 [MàJ] Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile 2023-07-26T00:00:00.000000 2023-09-15T00:00:00.000000
certfr-2023-ale-005 Synthèse sur l'exploitation d'une vulnérabilité dans MOVEit Transfer 2023-07-05T00:00:00.000000 2023-09-11T00:00:00.000000
certfr-2023-ale-004 Vulnérabilité dans les produits Fortinet 2023-06-13T00:00:00.000000 2023-09-11T00:00:00.000000
certfr-2022-ale-014 Multiples vulnérabilités dans AMI MegaRAC 2022-12-16T00:00:00.000000 2023-09-11T00:00:00.000000
CERTFR-2023-ALE-005 Synthèse sur l'exploitation d'une vulnérabilité dans MOVEit Transfer 2023-07-05T00:00:00.000000 2023-09-11T00:00:00.000000
CERTFR-2023-ALE-004 Vulnérabilité dans les produits Fortinet 2023-06-13T00:00:00.000000 2023-09-11T00:00:00.000000
CERTFR-2022-ALE-014 Multiples vulnérabilités dans AMI MegaRAC 2022-12-16T00:00:00.000000 2023-09-11T00:00:00.000000
certfr-2023-ale-002 [MàJ] Vulnérabilité dans Microsoft Outlook 2023-03-15T00:00:00.000000 2023-05-11T00:00:00.000000
CERTFR-2023-ALE-002 [MàJ] Vulnérabilité dans Microsoft Outlook 2023-03-15T00:00:00.000000 2023-05-11T00:00:00.000000
certfr-2023-ale-003 [MàJ] Compromission de l'application 3CX Desktop App 2023-03-31T00:00:00.000000 2023-04-12T00:00:00.000000
CERTFR-2023-ALE-003 [MàJ] Compromission de l'application 3CX Desktop App 2023-03-31T00:00:00.000000 2023-04-12T00:00:00.000000
certfr-2023-ale-015 [MàJ] Campagne d'exploitation d'une vulnérabilité affectant VMware ESXi 2023-02-03T00:00:00.000000 2023-03-14T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0493 Vulnérabilité dans Microsoft Edge 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0492 Multiples vulnérabilités dans les produits IBM 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0491 Multiples vulnérabilités dans Synology DSM 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0490 Multiples vulnérabilités dans Traefik 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0489 Vulnérabilité dans les produits Tenable 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0488 Multiples vulnérabilités dans Spring Boot 2026-04-24T00:00:00.000000 2026-04-24T00:00:00.000000
certfr-2026-avi-0486 Multiples vulnérabilités dans les produits Microsoft 2026-04-23T00:00:00.000000 2026-04-23T00:00:00.000000
certfr-2026-avi-0485 Vulnérabilité dans Mattermost Server 2026-04-23T00:00:00.000000 2026-04-23T00:00:00.000000
certfr-2026-avi-0484 Multiples vulnérabilités dans strongSwan 2026-04-23T00:00:00.000000 2026-04-23T00:00:00.000000
certfr-2026-avi-0483 Multiples vulnérabilités dans Stormshield Management Center 2026-04-23T00:00:00.000000 2026-04-23T00:00:00.000000
certfr-2026-avi-0482 Vulnérabilité dans CPython 2026-04-23T00:00:00.000000 2026-04-23T00:00:00.000000
certfr-2026-avi-0481 Vulnérabilité dans les produits Apple 2026-04-23T00:00:00.000000 2026-04-23T00:00:00.000000
certfr-2026-avi-0480 Multiples vulnérabilités dans les produits Mozilla 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0479 Multiples vulnérabilités dans les produits Atlassian 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0478 Vulnérabilité dans Microsoft .Net 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0477 Multiples vulnérabilités dans les produits Spring 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0476 Multiples vulnérabilités dans les produits NetApp 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0475 Multiples vulnérabilités dans GitLab 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0474 Vulnérabilité dans Python 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0473 Multiples vulnérabilités dans Oracle Weblogic 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0472 Multiples vulnérabilités dans Oracle Virtualization 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0471 Multiples vulnérabilités dans Oracle Systems 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0470 Multiples vulnérabilités dans Oracle PeopleSoft 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0469 Multiples vulnérabilités dans Oracle MySQL 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0468 Multiples vulnérabilités dans Oracle Java SE 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0467 Multiples vulnérabilités dans Oracle Database Server 2026-04-22T00:00:00.000000 2026-04-22T00:00:00.000000
certfr-2026-avi-0466 Multiples vulnérabilités dans les produits Microsoft 2026-04-21T00:00:00.000000 2026-04-21T00:00:00.000000
certfr-2026-avi-0465 Vulnérabilité dans Mattermost Server 2026-04-21T00:00:00.000000 2026-04-21T00:00:00.000000
certfr-2026-avi-0464 Vulnérabilité dans Typo3 2026-04-21T00:00:00.000000 2026-04-21T00:00:00.000000
certfr-2026-avi-0463 Multiples vulnérabilités dans les produits Microsoft 2026-04-20T00:00:00.000000 2026-04-20T00:00:00.000000
ID Description Published Updated
jvndb-2026-000026 Lanscope Endpoint Manager (On-Premises) vulnerable to path traversal 2026-02-25T15:14+09:00 2026-02-25T15:14+09:00
jvndb-2026-004359 Security information for Hitachi Disk Array Systems 2026-02-20T18:35+09:00 2026-02-20T18:35+09:00
jvndb-2026-000027 WordPress Plugin "Survey Maker" vulnerable to cross-site scripting 2026-02-20T12:32+09:00 2026-02-20T12:32+09:00
jvndb-2026-000028 Installer for Job log aggregation/analysis software RICOH Job Log Aggregation Tool may insecurely load Dynamic Link Libraries 2026-02-20T12:31+09:00 2026-02-20T12:31+09:00
jvndb-2026-003912 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003911 Vulnerability in Cosminexus HTTP Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003910 Multiple Vulnerabilities in Cosminexus HTTP Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003909 Multiple Vulnerabilities in Hitachi Command Suite products 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003908 Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003907 Multiple Vulnerabilities in JP1 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003906 Multiple Vulnerabilities in Cosminexus 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-003905 Multiple Vulnerabilities in Cosminexus HTTP Server and Hitachi Web Server 2026-02-17T20:46+09:00 2026-02-17T20:46+09:00
jvndb-2026-000025 Joomla! CMS vulnerable to cross-site scripting 2026-02-17T12:46+09:00 2026-02-17T12:46+09:00
jvndb-2026-000023 FileZen vulnerable to OS command injection 2026-02-13T16:51+09:00 2026-02-13T17:08+09:00
jvndb-2026-000024 Installer of M-Audio M-Track Duo HD may insecurely load Dynamic Link Libraries 2026-02-12T13:32+09:00 2026-02-12T13:32+09:00
jvndb-2026-000022 Oki Electric Industry products and OEM products register Windows services with unquoted file paths 2026-02-09T15:21+09:00 2026-02-09T15:21+09:00
jvndb-2026-000021 web2py vulnerable to open redirect 2026-02-05T15:01+09:00 2026-02-05T15:01+09:00
jvndb-2026-000017 Improper file access permission settings in Mitsubishi Small-Capacity UPS Shutdown Software FREQSHIP-mini for Windows 2026-02-03T14:57+09:00 2026-02-05T14:41+09:00
jvndb-2026-000020 Multiple vulnerabilities in Movable Type 2026-02-04T16:15+09:00 2026-02-04T16:15+09:00
jvndb-2026-000016 Installer for Roland Cloud Manager may insecurely load Dynamic Link Libraries 2026-02-03T14:57+09:00 2026-02-04T12:39+09:00
jvndb-2024-002831 ELECOM wireless LAN routers vulnerable to OS command injection 2024-02-22T08:15+09:00 2026-02-04T12:02+09:00
jvndb-2025-000041 Multiple vulnerabilities in ELECOM wireless LAN routers 2025-06-24T14:50+09:00 2026-02-03T15:35+09:00
jvndb-2024-000078 Multiple vulnerabilities in ELECOM wireless LAN routers 2024-07-30T15:34+09:00 2026-02-03T15:35+09:00
jvndb-2026-000019 Multiple vulnerabilities in ELECOM wireless LAN products 2026-02-03T14:57+09:00 2026-02-03T14:57+09:00
jvndb-2026-000015 Sonatype Nexus Repository vulnerable to server-side request forgery 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000014 OS command injection in raspap-webgui 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000013 Multiple Microsoft Office products vulnerable to untrusted search path 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000012 Multiple vulnerabilities in Cybozu Garoon 2026-02-02T15:18+09:00 2026-02-02T15:18+09:00
jvndb-2026-000018 Undocumented "TelnetEnable" functionality of End of Service NETGEAR products 2026-01-30T14:23+09:00 2026-01-30T14:23+09:00
jvndb-2026-002119 Multiple vulnerabilities in BROTHER MFPs (multifunction printers) 2026-01-30T11:26+09:00 2026-01-30T11:26+09:00
ID Description Published Updated
cnvd-2026-18681 Adobe Connect跨站脚本漏洞(CNVD-2026-18681) 2026-04-15 2026-04-27
cnvd-2026-18680 Adobe Connect跨站脚本漏洞(CNVD-2026-18680) 2026-04-15 2026-04-27
cnvd-2026-18679 Adobe Bridge数字错误漏洞 2026-04-15 2026-04-27
cnvd-2026-18678 Adobe Connect跨站脚本漏洞(CNVD-2026-18678) 2026-04-15 2026-04-27
cnvd-2026-18677 Adobe Commerce授权不当漏洞 2026-03-17 2026-04-27
cnvd-2026-18676 Adobe DNG SDK输入验证错误漏洞 2026-03-16 2026-04-27
cnvd-2026-18675 Adobe DNG SDK越界写入漏洞 2026-03-16 2026-04-27
cnvd-2026-18674 Adobe Substance3D Stager越界读取漏洞(CNVD-2026-18674) 2026-02-12 2026-04-27
cnvd-2026-18673 Adobe Substance3D Modeler越界读取漏洞(CNVD-2026-18673) 2026-02-12 2026-04-27
cnvd-2026-18672 Adobe Lightroom Desktop越界写入漏洞 2026-02-12 2026-04-27
cnvd-2026-18601 OpenClaw远程代码执行漏洞(CNVD-2026-18601) 2026-04-24 2026-04-24
cnvd-2026-18591 Microsoft Partner Center访问控制漏洞 2026-04-24 2026-04-24
cnvd-2026-18578 Oracle MySQL Server Optimizer拒绝服务漏洞(CNVD-2026-18578) 2026-04-22 2026-04-24
cnvd-2026-18577 Oracle Solaris内核拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18576 Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18576) 2026-04-22 2026-04-24
cnvd-2026-18575 Oracle MySQL Server JSON组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18574 Oracle MySQL Shell Core Client拒绝服务漏洞(CNVD-2026-18574) 2026-04-22 2026-04-24
cnvd-2026-18573 Oracle MySQL Shell Core Client拒绝服务漏洞(CNVD-2026-18573) 2026-04-22 2026-04-24
cnvd-2026-18572 Oracle Database Server Java VM组件数据泄露漏洞 2026-04-22 2026-04-24
cnvd-2026-18571 Oracle MySQL Server Partition组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18570 Oracle MySQL Server GIS组件拒绝服务漏洞 2026-04-22 2026-04-24
cnvd-2026-18569 Oracle VM VirtualBox Core组件拒绝服务漏洞(CNVD-2026-18569) 2026-04-22 2026-04-24
cnvd-2026-18539 Oracle VM VirtualBox Core组件权限提升漏洞(CNVD-2026-18539) 2026-04-22 2026-04-24
cnvd-2026-18538 Oracle Fusion Middleware Dynamic Monitoring Service跨站脚本漏洞 2026-04-22 2026-04-24
cnvd-2026-18537 IBM Guardium Data Protection目录遍历漏洞 2026-04-23 2026-04-24
cnvd-2026-18536 IBM Guardium Data Protection Web UI跨站脚本漏洞 2026-04-23 2026-04-24
cnvd-2026-18535 IBM Verify Identity Access Container弱加密算法漏洞 2026-04-23 2026-04-24
cnvd-2026-18432 Oracle MySQL Server InnoDB拒绝服务漏洞(CNVD-2026-18432) 2026-04-22 2026-04-24
cnvd-2026-18431 Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18431) 2026-04-22 2026-04-24
cnvd-2026-18430 Oracle MySQL Server InnoDB组件拒绝服务漏洞(CNVD-2026-18430) 2026-04-22 2026-04-24
ID Description Published Updated
bdu:2025-15829 Уязвимость системы управления базами данных MySQL и MariaDB, связанная с раскрытием инфор… 15.12.2025 16.02.2026
bdu:2025-15825 Уязвимость компонентов mm ядра операционной системы Linux, позволяющая нарушителю получит… 15.12.2025 16.02.2026
bdu:2025-15824 Уязвимость компонента hugetlb.c ядра операционной системы Linux, позволяющая нарушителю п… 15.12.2025 16.02.2026
bdu:2025-15822 Уязвимость ядра операционной системы Linux, связанная с неправильной проверкой возвращаем… 15.12.2025 16.02.2026
bdu:2025-15821 Уязвимость компонента drm/sched ядра операционной системы Linux, позволяющая нарушителю в… 15.12.2025 16.02.2026
bdu:2025-15820 Уязвимость компонента pinctrl-msm ядра операционной системы Linux, позволяющая нарушителю… 15.12.2025 16.02.2026
bdu:2025-15816 Уязвимость компонента smb ядра операционной системы Linux, позволяющая нарушителю нарушит… 15.12.2025 16.02.2026
bdu:2025-15815 Уязвимость ядра операционной системы Linux, связанная с чтением за допустимыми границами … 15.12.2025 16.02.2026
bdu:2025-15814 Уязвимость ядра операционной системы Linux, связанная с чтением за границами буфера данны… 15.12.2025 16.02.2026
bdu:2025-15811 Уязвимость компонента xusb ядра операционной системы Linux, позволяющая нарушителю вызват… 15.12.2025 16.02.2026
bdu:2025-15810 Уязвимость ядра операционной системы Linux, связанная с одновременным выполнением с испол… 15.12.2025 16.02.2026
bdu:2025-15809 Уязвимость компонента appletalk ядра операционной системы Linux, позволяющая нарушителю н… 15.12.2025 16.02.2026
bdu:2025-15808 Уязвимость компонента drm/tegra ядра операционной системы Linux, позволяющая нарушителю в… 15.12.2025 16.02.2026
bdu:2025-15806 Уязвимость компонента atm ядра операционной системы Linux, позволяющая нарушителю вызвать… 15.12.2025 16.02.2026
bdu:2025-15804 Уязвимость компонента mcast ядра операционной системы Linux, позволяющая нарушителю вызва… 15.12.2025 16.02.2026
bdu:2025-15803 Уязвимость компонентов tmptcp ядра операционной системы Linux, позволяющая нарушителю пол… 15.12.2025 16.02.2026
bdu:2025-15802 Уязвимость компонента perf/core ядра операционной системы Linux, позволяющая нарушителю в… 15.12.2025 16.02.2026
bdu:2025-15800 Уязвимость компонента mm/vmalloc.c ядра операционной системы Linux, позволяющая нарушител… 15.12.2025 16.02.2026
bdu:2025-15799 Уязвимость модуля powerpc/eeh ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
bdu:2025-15798 Уязвимость компонента crypto ядра операционной системы Linux, позволяющая нарушителю вызв… 15.12.2025 16.02.2026
bdu:2025-15797 Уязвимость компонента xilinx ядра операционной системы Linux, позволяющая нарушителю вызв… 15.12.2025 16.02.2026
bdu:2025-15796 Уязвимость компонента iwlwifi ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
bdu:2025-15795 Уязвимость ядра операционной системы Linux, связанная с ошибками разыменования указателя,… 15.12.2025 16.02.2026
bdu:2025-15794 Уязвимость компонента dtpm_cpu ядра операционной системы Linux, позволяющая нарушителю вы… 15.12.2025 16.02.2026
bdu:2025-15793 Уязвимость компонента fbtft ядра операционной системы Linux, позволяющая нарушителю вызва… 15.12.2025 16.02.2026
bdu:2025-15792 Уязвимость компонента net/tls ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
bdu:2025-15791 Уязвимость компонента net/packet/af_packet.c ядра операционной системы Linux, позволяющая… 15.12.2025 16.02.2026
bdu:2025-15790 Уязвимость компонента net ядра операционной системы Linux, позволяющая нарушителю вызвать… 15.12.2025 16.02.2026
bdu:2025-15789 Уязвимость компонента pnv_php операционной системы Linux, позволяющая нарушителю вызвать … 15.12.2025 16.02.2026
bdu:2025-15788 Уязвимость компонента pnv_php ядра операционной системы Linux, позволяющая нарушителю выз… 15.12.2025 16.02.2026
ID Description Updated
var-201402-0026 Buffer overflow in the process_ra function in the router advertisement daemon (radvd) bef… 2024-07-23T22:25:48.682000Z
var-201805-1144 In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and pr… 2024-07-23T22:25:33.529000Z
var-201805-1143 In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and pr… 2024-07-23T22:25:33.635000Z
var-202005-0008 Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf… 2024-07-23T22:25:28.455000Z
var-202407-0704 A vulnerability has been identified in CPCI85 Central Processing/Communication (All versi… 2024-07-23T22:25:01.735000Z
var-200107-0035 slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cau… 2024-07-23T22:24:58.858000Z
var-200512-0643 Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe… 2024-07-23T22:24:53.371000Z
var-200512-0611 Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and… 2024-07-23T22:24:53.455000Z
var-200512-0300 Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe… 2024-07-23T22:24:53.297000Z
var-200512-0297 Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit… 2024-07-23T22:24:53.525000Z
var-200512-0294 Buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitr… 2024-07-23T22:24:53.234000Z
var-201407-0233 Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote atta… 2024-07-23T22:22:21.013000Z
var-201601-0038 Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote atta… 2024-07-23T22:22:04.421000Z
var-201801-0394 TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbi… 2024-07-23T22:21:46.499000Z
var-201904-0181 Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow… 2024-07-23T22:21:36.530000Z
var-202108-1160 Description: A permissions issue was addressed with improved validation. This issue is fi… 2024-07-23T22:20:46.081000Z
var-202305-0218 D-Link DAP-1360 webproc WEB_DisplayPage Stack-based Buffer Overflow Remote Code Execution… 2024-07-23T22:20:18.349000Z
var-202305-0217 D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerabi… 2024-07-23T22:20:18.369000Z
var-202305-0216 D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vul… 2024-07-23T22:20:18.413000Z
var-202305-0177 D-Link DAP-1360 webproc Stack-based Buffer Overflow Remote Code Execution Vulnerability. … 2024-07-23T22:20:18.434000Z
var-202305-0176 D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vu… 2024-07-23T22:20:18.458000Z
var-202305-0166 D-Link DAP-1360 webproc var:menu Stack-based Buffer Overflow Remote Code Execution Vulner… 2024-07-23T22:20:18.326000Z
var-202305-0154 D-Link DAP-1360 webproc var:page Stack-based Buffer Overflow Remote Code Execution Vulner… 2024-07-23T22:20:18.503000Z
var-202305-0153 D-Link DAP-1360 webupg UPGCGI_CheckAuth Numeric Truncation Remote Code Execution Vulnerab… 2024-07-23T22:20:18.392000Z
var-202305-0071 D-Link DAP-1360 webproc Heap-based Buffer Overflow Remote Code Execution Vulnerability. T… 2024-07-23T22:20:18.481000Z
var-202305-0070 D-Link DAP-1360 webproc COMM_MakeCustomMsg Stack-based Buffer Overflow Remote Code Execut… 2024-07-23T22:20:18.303000Z
var-202308-3323 D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote C… 2024-07-23T22:20:12.387000Z
var-202308-3185 D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code… 2024-07-23T22:20:12.455000Z
var-202308-3131 D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code E… 2024-07-23T22:20:12.487000Z
var-202308-3130 D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remot… 2024-07-23T22:20:12.431000Z
ID Description Published Updated
ID Description Published Updated
vde-2024-070 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2025-01-14T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-067 Phoenix Contact: Multiple Vulnerabilities in PLCnext Engineer 2024-10-08T12:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-052 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-051 Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-010 PHOENIX CONTACT: FL MGUARD affected by two vulnerabilities 2023-06-13T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-001 PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment 2022-01-25T08:05:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-019 PHOENIX CONTACT: Security Advisory for ILC1x1 Industrial controllers 2021-06-23T12:16:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-003 PHOENIX CONTACT: Multiple Vulnerabilities in MEVIEW3 2019-03-05T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2017-006 PHOENIX CONTACT: FL SWITCH 3xxx/4xxx/48xx series web-service authentication bypass 2018-01-10T09:36:00.000Z 2025-05-14T13:00:14.000Z
vde-2025-029 Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers 2025-05-13T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-036 PHOENIX CONTACT: Products utilizing WIBU SYSTEMS CodeMeter components in versions prior to V7.21a 2021-08-04T07:56:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-029 PHOENIX CONTACT: DoS for PLCnext Control devices in versions <2021.0.5 LTS 2021-08-04T07:58:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-025 PHOENIX CONTACT: Security Advisory for PLCNext, ILC 2050 BI, FL MGUARD DM UNLIMITED, TC ROUTER und CLOUD CLIENT products 2021-06-23T12:19:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-024 PHOENIX CONTACT: Security Advisory for PLCNext, SMARTRTU AXC, CHARX control modular and EEM-SB37x 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-023 PHOENIX CONTACT: Security Advisory for FL SWITCH SMCS series 2021-06-23T12:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-022 PHOENIX CONTACT: Security Advisory for FL COMSERVER UNI 2021-06-23T12:16:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-021 PHOENIX CONTACT: Security Advisory for AXL F BK and IL BK products 2021-06-23T12:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-020 PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite 2021-06-23T11:10:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-047 PHOENIX CONTACT: BTP Touch Panels uncontrolled resource consumption 2020-12-02T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-046 PHOENIX CONTACT: mGuard <8.8.3 products missing initialization of resource 2020-12-17T09:01:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-025 PHOENIX CONTACT: Improper path sanitation on import of project files in PLCnext Engineer 2020-07-21T09:38:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-023 PHOENIX CONTACT: Two Vulnerabilities in Automation Worx Suite 2020-07-01T08:25:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-003 PHOENIX CONTACT: TC Router and TC Cloud Client multiple vulnerabilities 2020-03-05T15:58:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-016 PHOENIX CONTACT: Security Advisory for Automation Worx Software Suite 2019-10-15T06:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-014 PHOENIX CONTACT: Multiple Vulnerabilities in Automation Worx Software Suite 2019-06-19T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-007 PHOENIX CONTACT: command injection on RAD-80211-XD(/HP-BUS) 2019-03-25T11:45:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-006 PHOENIX CONTACT: unauthorized access to WEB-UI on FL NAT SMx 2019-03-25T11:40:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-004 Phoenix Contact: FL SWITCH 3xxx/4xxx/48xx series through 1.33 allows Command Injection 2018-05-16T05:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-001 PHOENIX CONTACT: Advisory for mGuard products 2018-01-30T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2017-004 PHOENIX CONTACT: FL COMSERVER cross-site scripting (XSS) vulnerability 2017-12-05T08:50:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
vde-2023-015 WAGO: Improper privilege management in web-based management 2023-11-20T07:00:00.000Z 2023-11-20T07:00:00.000Z
vde-2022-040 WAGO: Multiple Vulnerabilities in Controller with WAGO I/O-Pro / CODESYS 2.3 Runtime 2022-10-17T08:00:00.000Z 2023-09-22T12:39:00.000Z
vde-2023-014 WAGO: Bluetooth LE vulnerability in WLAN-ETHERNET-Gateway 2023-07-31T07:00:00.000Z 2023-07-31T07:00:00.000Z
vde-2023-005 WAGO: Series 750-3x/-8x prone to MODBUS server DoS 2023-06-25T06:00:00.000Z 2023-06-25T06:00:00.000Z
vde-2022-060 WAGO: Multiple vulnerabilities in web-based management of multiple products 2023-02-27T11:00:00.000Z 2023-02-27T11:00:00.000Z
vde-2022-055 WAGO: Exposure of configuration interface in unmanaged switches 2023-02-16T13:43:00.000Z 2023-02-16T13:43:00.000Z
vde-2022-054 WAGO: Unauthenticated Configuration Export in web-based management in multiple devices 2023-01-12T07:52:00.000Z 2023-01-12T07:52:00.000Z
vde-2022-042 WAGO: Multiple products - Loss of MAC-Address-Filtering after reboot 2022-10-17T08:00:00.000Z 2022-10-17T08:00:00.000Z
vde-2022-047 WAGO: FTP-Server - Denial-of-Service 2022-10-12T08:00:00.000Z 2022-10-12T08:00:00.000Z
vde-2022-035 WAGO: Multiple product series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-031 WAGO: Multiple Products Series affected by multiple CODESYS vulnerabilities 2022-08-17T08:00:00.000Z 2022-08-17T08:00:00.000Z
vde-2022-004 WAGO: Web-Based Management Cross-Site Scripting 2022-03-09T07:00:00.000Z 2022-03-09T07:00:00.000Z
vde-2021-050 WAGO: Multiple devices affected by Vulnerabilities in NUCLEUS TCP Stack. 2021-11-16T11:02:00.000Z 2021-11-16T11:02:00.000Z
vde-2020-048 M&M Software (WAGO): Deserialisation of untrusted data in fdtContainer 2021-01-14T14:57:00.000Z 2021-01-14T14:57:00.000Z
vde-2020-015 WAGO: Web Based Management - Code Execution Vulnerability 2020-06-10T08:00:00.000Z 2020-06-10T08:00:00.000Z
vde-2020-010 WAGO: Cloud Connectivity Remote Code Execution Vulnerability 2020-03-09T09:25:00.000Z 2020-03-09T09:25:00.000Z
vde-2020-007 WAGO: Web-Based Management Denial of Service 2020-03-09T09:10:00.000Z 2020-03-09T09:10:00.000Z
vde-2019-022 WAGO: Multiple Vulnerabilities in I/O-Check Service in Multiple Devices 2019-12-16T09:00:00.000Z 2019-12-16T09:00:00.000Z
vde-2019-013 WAGO: Multiple Vulnerabilities in industrial managed switches 2019-06-12T10:25:00.000Z 2019-06-12T10:25:00.000Z
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID Description Published Updated
ID CVSS Description Vendor Product Published Updated
MOKSHA-2026-0029
7.1 (3.1)
5.3 (4.0)
SR-IOV VIF Whitelist Bypass via VIF.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0028
7.1 (3.1)
8.3 (4.0)
VDI Lifecycle Corruption via VBD.other_config owner Key Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0027
7.2 (3.1)
7.0 (4.0)
Gateway/DNS Routing Hijack via PIF.other_config defaul… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0026
7.2 (3.1)
7.5 (4.0)
Python Module Import Injection via Host.other_config m… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0025
7.2 (3.1)
8.4 (4.0)
Storage Protocol Metadata Poisoning via SR.sm_config (… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0024
7.2 (3.1)
7.3 (4.0)
NFS Mount Option Injection via PBD.device_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0023
7.2 (3.1)
8.2 (4.0)
Guest Agent Script Execution Enablement via Pool.other… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0022
7.5 (3.1)
8.3 (4.0)
Real-Time I/O Class Abuse via VBD.qos_algorithm_params… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0021
7.5 (3.1)
6.3 (4.0)
Cross-VM Traffic Sniffing via VIF.other_config Promisc… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0020
7.1 (3.1)
8.3 (4.0)
CBT Metadata Corruption via VDI.other_config content_id Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0019
7.5 (3.1)
5.3 (4.0)
Tapdisk Memory Pool Injection via VDI.other_config mem-pool Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0018
7.6 (3.1)
8.2 (4.0)
HA Timeout Manipulation via Pool.other_config (Split-B… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0017
7.6 (3.1)
7.0 (4.0)
Static Route Injection via Network.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0016
7.6 (3.1)
8.5 (4.0)
PVinPVH Xen Kernel Command-Line Injection via VM.platform Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0015
7.6 (3.1)
8.4 (4.0)
VHD Format Flag Corruption via SR.sm_config use_vhd Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0014
8.1 (3.1)
7.8 (4.0)
Local Initiator IQN Injection via PBD.device_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0013
8.2 (3.1)
8.2 (4.0)
Pool-Wide OVS Fail-Mode Denial of Service via Pool.oth… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0012
8.2 (3.1)
8.2 (4.0)
OVS Fail-Mode Denial of Service via Network.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0011
8.4 (3.1)
6.4 (4.0)
VIF Backend VM Hijack via Network.other_config backend_vm Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0010
8.4 (3.1)
8.1 (4.0)
Block Device Path Injection via PBD.device_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0009
8.5 (3.1)
8.5 (4.0)
QEMU Serial Host Filesystem Write via VM.platform hvm_serial Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0008
8.2 (3.1)
8.4 (4.0)
Storage Driver Domain PBD Detach DoS via VM.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0007
7.5 (3.1)
7.1 (4.0)
Backend-Kind I/O Driver Type Confusion via VBD.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0006
8.5 (3.1)
8.8 (4.0)
Storage Migration Redirection via VDI.other_config maps_to Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0005
9.1 (3.1)
8.7 (4.0)
NFS Server Redirection via PBD.device_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0004
9.1 (3.1)
8.7 (4.0)
iSCSI Target Redirection via PBD.device_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0003
9.9 (3.1)
8.6 (4.0)
System Domain Privilege Escalation via is_system_domain Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0002
9.9 (3.1)
8.6 (4.0)
Storage Protocol Injection via sm_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0001
9.9 (3.1)
9.4 (4.0)
Arbitrary Host Device Mount via VBD.other_config backe… Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2025-0015
9 (4.0)
Potential XSS in decaying simulation tool misp
 misp
 2025-11-04T09:06:00.000Z 2025-11-04T09:06:59.216121Z
GCVE-1-2025-0014
9.4 (4.0)
XSS in event report via Mermaid diagram misp
 misp
 2025-11-04T08:58:00.024516Z 2025-11-04T08:58:00.024516Z
GCVE-1-2025-0013
9.4 (4.0)
Vulnerability in sharing group blueprints allowing sha… misp
 misp
 2025-11-04T08:49:21.558087Z 2025-11-04T08:49:21.558087Z
GCVE-1-2025-0012
N/A
Potential vulnerability in file check upload but non-e… misp
 misp
 2025-11-04T07:20:00.000Z 2025-11-28T07:16:21.589449Z
GCVE-1-2025-0011
9.4 (4.0)
Arbitrary file inclusion / deletion via import modules… misp
 misp
 2025-11-04T07:01:25.464225Z 2025-11-04T07:01:25.464225Z
GCVE-1-2025-0010
6.3 (4.0)
Arbitrary file hash inclusion via templates accessible… misp
 misp
 2025-11-04T06:25:11.108987Z 2025-11-04T06:25:11.108987Z
GCVE-1-2025-0009
6.4 (4.0)
A pre-auth user could self-assign a reporter without b… CIRCL
 vulnerability-lookup
 2025-10-13T09:20:24.800890Z 2025-10-13T09:20:24.800890Z
GCVE-1-2025-0008
7 (4.0)
Logged users can view vulnerability disclosure comment… CIRCL
 vulnerability-lookup
 2025-10-13T09:10:00.000Z 2025-10-13T09:15:31.637686Z
GCVE-1-2025-0007
4.5 (4.0)
Missing email validation on user management CIRCL
 vulnerability-lookup
 2025-10-13T08:37:00.000Z 2025-10-13T08:51:37.408861Z
GCVE-1-2025-0006
9.3 (4.0)
Potential XSS in admin CPE in organization model CIRCL
 vulnerability-lookup
 2025-10-13T08:29:00.000Z 2025-10-13T08:52:23.411325Z
GCVE-1-2025-0005
9.4 (4.0)
Reflected XSS due to insecure use of Markup CIRCL
 vulnerability-lookup
 2025-10-13T08:23:29.812914Z 2025-10-13T08:23:29.812914Z
GCVE-1-2025-0004
10 (4.0)
XSS in Comments, Bundles, and Sightings component of v… CIRCL
 vulnerability-lookup
 2025-09-25T14:10:00.000Z 2025-11-19T10:16:47.656802Z
GCVE-1-2025-0003
9.3 (4.0)
Incorrect ACL for user settings edit, which previ… cerebrate
 cerebrate
 2025-08-22T12:33:00.000Z 2025-08-23T07:55:10.950332Z
GCVE-1-2025-0002
8.9 (4.0)
Command Injection in Cl0p Exfiltration Python Script Cl0p ransomware
 exfiltration
 2025-07-01T08:19:00.000Z 2025-07-01T10:58:58.443468Z
GCVE-1-2025-0001
5.3 (4.0)
The absence of a password confirmation step when deact… CIRCL
 Vulnerability-Lookup
 2025-05-27T08:58:00.000Z 2025-05-30T14:27:56.273945Z
ID CVSS Description Vendor Product Published Updated