Recent vulnerabilities

ID	Description	Published	Updated
ghsa-jx54-629h-v4m4	Server-Side Request Forgery (SSRF) vulnerability in HETWORKS WordPress Image shrinker allows Server…	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-j684-xhfg-8929	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-gjrj-58f4-pgrh	An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attack…	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-g3fh-r5q2-x687	An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allow…	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-fp65-99h2-h27f	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-fg2q-6f3h-w7w8	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-cw44-2fxg-4q3m	Improper Control of Generation of Code ('Code Injection') vulnerability in Mohammad I. Okfie IF AS …	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-97m2-wmvc-crmh	Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8.	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-5qcm-c65c-c4f2	CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-59vq-r2p7-239g	A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affe…	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-535h-mv4w-87cj	CWE-434 Unrestricted Upload of File with Dangerous Type	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-4rr4-crgj-v968	CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-4gpw-hw2g-ph5w	CWE-601 URL Redirection to Untrusted Site ('Open Redirect')	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-366r-cgmr-hgv3	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-2g7v-6q7q-7mp6	A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and Ne…	2025-12-29T18:30:55Z	2025-12-29T18:30:55Z
ghsa-vjmh-x5rx-92fx	Reflected Cross site scripting (xss) in machsol machpanel 8.0.32 allows attackers to execute arbitr…	2025-12-29T15:30:21Z	2025-12-29T18:30:54Z
ghsa-jrvx-v9w9-54rr	A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected by this vulnerability is an u…	2025-12-29T18:30:54Z	2025-12-29T18:30:54Z
ghsa-h9cp-8vj7-rfrc	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T18:30:54Z	2025-12-29T18:30:54Z
ghsa-fm5v-x688-f2q9	UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted …	2025-12-29T15:30:21Z	2025-12-29T18:30:54Z
ghsa-cvjw-pf3j-qxvj	A vulnerability was determined in code-projects Assessment Management 1.0. Affected by this issue i…	2025-12-29T18:30:54Z	2025-12-29T18:30:54Z
ghsa-cj5p-mv79-727v	An issue in Fossorial fosrl/pangolin v.1.6.2 and before allows a remote attacker to escalate privil…	2025-12-29T18:30:54Z	2025-12-29T18:30:54Z
ghsa-9g2m-6xr2-f659	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-29T18:30:54Z	2025-12-29T18:30:54Z
ghsa-6c3p-2cc4-9r7p	DOM-based Cross-Site Scripting (XSS) vulnerability in 201206030 novel V3.5.0 allows remote attacker…	2025-12-29T15:30:21Z	2025-12-29T18:30:54Z
ghsa-mfq8-ww9j-9c8g	The YaMaps for WordPress Plugin WordPress plugin before 0.6.40 does not validate and escape some of…	2025-12-29T06:30:24Z	2025-12-29T18:30:51Z
ghsa-74hv-hc8x-rcwg	The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize and escape a parameter before…	2025-12-29T06:30:24Z	2025-12-29T18:30:51Z
ghsa-2pr5-qxg3-pfqf	openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.	2025-08-07T15:33:13Z	2025-12-29T18:30:18Z
ghsa-hm5p-x4rq-38w4	httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage	2025-12-23T19:31:10Z	2025-12-29T16:57:54Z
ghsa-9p2w-rmx4-9mw7	Command Injection in strapi	2020-09-04T16:54:02Z	2025-12-29T15:34:55Z
ghsa-49vv-6q7q-w5cf	Duplicate Advisory: OS Command Injection in Strapi	2021-12-10T17:22:12Z	2025-12-29T15:34:37Z
ghsa-x975-56vp-498f	A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This affects the function sub_423848 …	2025-12-29T15:30:21Z	2025-12-29T15:30:22Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-15087		youlaitech youlai-mall OrderController.java submitOrde…	youlaitech	youlai-mall	2025-12-25T21:02:07.632Z	2025-12-29T19:07:55.386Z
cve-2025-15088		ketr JEPaaS loadPostil postilService.loadPostils sql i…	ketr	JEPaaS	2025-12-25T22:02:06.408Z	2025-12-29T19:07:06.727Z
cve-2025-15089		UTT 进取 512W APSecurity strcpy buffer overflow	UTT	进取 512W	2025-12-25T22:32:07.032Z	2025-12-29T19:06:28.668Z
cve-2025-15090		UTT 进取 512W formConfigNoticeConfig strcpy buffer overflow	UTT	进取 512W	2025-12-25T23:02:05.854Z	2025-12-29T19:05:39.792Z
cve-2025-15119		JeecgBoot list queryPageList improper authorization	n/a	JeecgBoot	2025-12-28T03:32:06.719Z	2025-12-29T19:04:57.949Z
cve-2025-14728	6.8 (v3.1)	Rapid7 Velociraptor Directory Traversal Vulnerability	Rapid7	Velociraptor	2025-12-29T19:04:27.820Z	2025-12-29T19:04:27.820Z
cve-2025-68973	7.8 (v3.1)	In GnuPG through 2.4.8, armor_filter in g10/armor…	GnuPG	GnuPG	2025-12-28T16:19:11.019Z	2025-12-29T19:03:39.496Z
cve-2025-15201		SohuTV CacheCloud WebResourceController.java redirectN…	SohuTV	CacheCloud	2025-12-29T19:02:07.207Z	2025-12-29T19:02:07.207Z
cve-2025-15166		itsourcecode Online Cake Ordering System updatesupplie…	itsourcecode	Online Cake Ordering System	2025-12-29T01:32:07.201Z	2025-12-29T18:57:13.054Z
cve-2025-15129		ChenJinchuang Lin-CMS-TP5 File Upload LocalUploader.ph…	ChenJinchuang	Lin-CMS-TP5	2025-12-28T09:02:10.127Z	2025-12-29T18:55:29.222Z
cve-2025-68861	7.1 (v3.1)	WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac…	Plugin Optimizer	Plugin Optimizer	2025-12-29T17:23:08.542Z	2025-12-29T18:54:46.003Z
cve-2025-55064	4.8 (v3.1)	Priority - CWE-79 Improper Neutralization of Input Dur…	Priority	Web	2025-12-29T17:23:31.236Z	2025-12-29T18:54:19.110Z
cve-2025-68706	N/A	A stack-based buffer overflow exists in the GoAhe…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T18:39:44.855Z
cve-2025-15200		SohuTV CacheCloud AppClientDataShowController.java doI…	SohuTV	CacheCloud	2025-12-29T18:32:06.529Z	2025-12-29T18:32:06.529Z
cve-2025-13592		Advanced Ads <= 2.0.14 - Authenticated (Editor+) Remot…	monetizemore	Advanced Ads – Ad Manager & AdSense	2025-12-29T18:20:50.576Z	2025-12-29T18:20:50.576Z
cve-2025-14280		PixelYourSite <= 11.1.5 - Sensitive Information Exposu…	pixelyoursite	PixelYourSite – Your smart PIXEL (TAG) & API Manager	2025-12-29T18:20:49.929Z	2025-12-29T18:20:49.929Z
cve-2025-67255	N/A	In NagiosXI 2026R1.0.1 build 1762361101, Dashboar…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T18:14:15.414Z
cve-2025-67254	N/A	NagiosXI 2026R1.0.1 build 1762361101 is vulnerabl…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T18:13:17.215Z
cve-2025-15198		code-projects College Notes Uploading System login.php…	code-projects	College Notes Uploading System	2025-12-29T17:32:05.041Z	2025-12-29T18:08:48.753Z
cve-2025-14499	8.8 (v3.0)	IceWarp gmaps Cross-Site Scripting Authentication Bypa…	IceWarp	IceWarp	2025-12-23T21:19:13.295Z	2025-12-29T18:05:23.359Z
cve-2025-14501	7.5 (v3.0)	Sante PACS Server HTTP Content-Length Header Handling …	Sante	PACS Server	2025-12-23T21:18:40.087Z	2025-12-29T18:04:50.177Z
cve-2025-14491	7.8 (v3.0)	RealDefense SUPERAntiSpyware Exposed Dangerous Functio…	RealDefense	SUPERAntiSpyware	2025-12-23T21:17:10.386Z	2025-12-29T18:04:07.661Z
cve-2025-14489	7.8 (v3.0)	RealDefense SUPERAntiSpyware Exposed Dangerous Functio…	RealDefense	SUPERAntiSpyware	2025-12-23T21:17:00.522Z	2025-12-29T18:03:31.524Z
cve-2025-55060	6.1 (v3.1)	Priority - CWE-601: URL Redirection to Untrusted Site …	Priority	Web	2025-12-29T17:11:10.544Z	2025-12-29T18:03:14.911Z
cve-2025-14490	7.8 (v3.0)	RealDefense SUPERAntiSpyware Exposed Dangerous Functio…	RealDefense	SUPERAntiSpyware	2025-12-23T21:16:55.806Z	2025-12-29T18:03:05.605Z
cve-2025-55061	8.8 (v3.1)	Priority - CWE-434 Unrestricted Upload of File with Da…	Priority	Web	2025-12-29T17:14:36.328Z	2025-12-29T18:02:34.082Z
cve-2025-15199		code-projects College Notes Uploading System userprofi…	code-projects	College Notes Uploading System	2025-12-29T18:02:06.000Z	2025-12-29T18:02:06.000Z
cve-2025-15130		shanyu SyCms Administrative Panel FileManageController…	shanyu	SyCms	2025-12-28T09:32:10.325Z	2025-12-29T18:01:53.351Z
cve-2025-15131		ZSPACE Z4Pro+ HTTP POST Request status zfilev2_api_Saf…	ZSPACE	Z4Pro+	2025-12-28T10:02:06.337Z	2025-12-29T18:01:13.797Z
cve-2025-55062	4.8 (v3.1)	Priority - CWE-79 Improper Neutralization of Input Dur…	Priority	Web	2025-12-29T17:18:00.526Z	2025-12-29T18:01:06.869Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2025-62190	4.3 (v3.1)	CSRF Allows Call Initiation and Message Delivery	Mattermost	Mattermost	2025-12-17T12:07:37.516Z	2025-12-17T15:47:20.828Z
cve-2025-13352	3 (v3.1)	Mattermost GitHub Plugin allows unauthorized GitHub re…	Mattermost	Mattermost	2025-12-17T12:11:25.563Z	2025-12-17T16:48:08.118Z
cve-2025-14273	7.2 (v3.1)	Mattermost Jira plugin user spoofing enables Jira requ…	Mattermost	Mattermost	2025-12-22T11:24:55.893Z	2025-12-22T12:59:27.938Z
cve-2025-13324	3.7 (v3.1)	Lack of Invalidation of Legacy Remote Cluster Invite T…	Mattermost	Mattermost	2025-12-17T18:14:13.347Z	2025-12-24T10:16:53.096Z
cve-2025-12689	6.5 (v3.1)	DoS in Calls plugin via malformed UTF-8 in WebSocket request	Mattermost	Mattermost	2025-12-17T18:14:10.973Z	2025-12-17T19:29:54.734Z
cve-2025-12771	7.8 (v3.1)	IBM Concert Software Improper Restriction of Operation…	IBM	Concert	2025-12-26T13:01:23.145Z	2025-12-30T04:55:29.012Z
cve-2025-1721	5.9 (v3.1)	BM Concert Software Improper Clearing of Heap Memory B…	IBM	Concert	2025-12-26T12:55:56.448Z	2025-12-26T14:47:17.326Z
cve-2025-68861	7.1 (v3.1)	WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac…	Plugin Optimizer	Plugin Optimizer	2025-12-29T17:23:08.542Z	2025-12-29T18:54:46.003Z
cve-2025-66877	N/A	Buffer overflow vulnerability in function dcputch…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-29T17:25:42.946Z
cve-2025-55064	4.8 (v3.1)	Priority - CWE-79 Improper Neutralization of Input Dur…	Priority	Web	2025-12-29T17:23:31.236Z	2025-12-29T18:54:19.110Z
cve-2025-55063	4.8 (v3.1)	Priority - CWE-79 Improper Neutralization of Input Dur…	Priority	Web	2025-12-29T17:19:52.718Z	2025-12-29T18:00:32.074Z
cve-2025-55062	4.8 (v3.1)	Priority - CWE-79 Improper Neutralization of Input Dur…	Priority	Web	2025-12-29T17:18:00.526Z	2025-12-29T18:01:06.869Z
cve-2025-55061	8.8 (v3.1)	Priority - CWE-434 Unrestricted Upload of File with Da…	Priority	Web	2025-12-29T17:14:36.328Z	2025-12-29T18:02:34.082Z
cve-2025-55060	6.1 (v3.1)	Priority - CWE-601: URL Redirection to Untrusted Site …	Priority	Web	2025-12-29T17:11:10.544Z	2025-12-29T18:03:14.911Z
cve-2025-15198		code-projects College Notes Uploading System login.php…	code-projects	College Notes Uploading System	2025-12-29T17:32:05.041Z	2025-12-29T18:08:48.753Z
cve-2025-36228	3.8 (v3.1)	Incorrect Execution-Assigned Permissions in IBM Aspera…	IBM	Aspera Faspex 5	2025-12-26T14:11:45.492Z	2025-12-26T15:15:06.304Z
cve-2025-36229	3.1 (v3.1)	Exposure of Sensitive System Information to an Unautho…	IBM	Aspera Faspex 5	2025-12-26T14:15:03.417Z	2025-12-26T15:14:58.269Z
cve-2025-36230	5.4 (v3.1)	XSS in IBM Aspera Faspex	IBM	Aspera Faspex 5	2025-12-26T14:22:46.035Z	2025-12-26T15:14:53.108Z
cve-2025-64645	7.7 (v3.1)	Time-of-check Time-of-use (TOCTOU) in IBM Concert Software.	IBM	Concert	2025-12-26T14:24:57.880Z	2025-12-30T04:55:27.810Z
cve-2025-26866		Apache HugeGraph-Server: RAFT and deserialization vuln…	Apache Software Foundation	Apache HugeGraph-Server	2025-12-12T09:23:07.681Z	2025-12-13T04:55:17.667Z
cve-2025-11621	8.1 (v3.1)	Vault AWS auth method bypass due to AWS client cache	HashiCorp	Vault	2025-10-23T19:08:54.989Z	2025-10-24T03:55:22.629Z
cve-2024-12289	5.9 (v3.1)	Boundary Controller Incorrectly Handles HTTP Requests …	HashiCorp	Boundary	2024-12-12T22:42:01.595Z	2024-12-13T19:35:10.676Z
cve-2024-10975	7.7 (v3.1)	Nomad Vulnerable To Cross-Namespace Volume Creation Ab…	HashiCorp	Nomad	2024-11-07T21:04:43.804Z	2024-11-07T21:22:50.668Z
cve-2024-7625	5.8 (v3.1)	Nomad Vulnerable to Allocation Directory Escape On Non…	HashiCorp	Nomad	2024-08-14T23:20:17.888Z	2025-01-09T19:19:01.219Z
cve-2025-69206		Hemmelig has SSRF Filter bypass in Secret Request func…	HemmeligOrg	Hemmelig.app	2025-12-29T15:55:12.761Z	2025-12-29T16:50:43.152Z
cve-2025-68972	5.9 (v3.1)	In GnuPG through 2.4.8, if a signed message has \…	GnuPG	GnuPG	2025-12-27T22:52:30.957Z	2025-12-29T16:51:02.621Z
cve-2025-68948		SiYuan: Information Disclosure and Authentication Bypa…	siyuan-note	siyuan	2025-12-27T00:21:31.864Z	2025-12-29T16:51:19.102Z
cve-2025-68932		FreshRSS has weak cryptographic randomness in remember…	FreshRSS	FreshRSS	2025-12-26T23:43:34.693Z	2025-12-29T16:51:53.481Z
cve-2025-68927		Improper Neutralization of HTML Tags in a Web Page in…	abhinavxd	libredesk	2025-12-27T00:04:49.621Z	2025-12-29T16:51:24.522Z
cve-2025-68870	7.5 (v3.1)	WordPress CookieHint WP plugin <= 1.0.0 - Local File I…	reDim GmbH	CookieHint WP	2025-12-29T16:09:05.270Z	2025-12-29T16:50:40.971Z

ID	Description	Published	Updated
fkie_cve-2025-66877	Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8.	2025-12-29T18:15:43.633	2025-12-29T18:15:43.633
fkie_cve-2025-55064	CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')	2025-12-29T18:15:43.500	2025-12-29T18:15:43.500
fkie_cve-2025-55063	CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')	2025-12-29T18:15:43.350	2025-12-29T18:15:43.350
fkie_cve-2025-55062	CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')	2025-12-29T18:15:43.210	2025-12-29T18:15:43.210
fkie_cve-2025-55061	CWE-434 Unrestricted Upload of File with Dangerous Type	2025-12-29T18:15:43.070	2025-12-29T18:15:43.070
fkie_cve-2025-55060	CWE-601 URL Redirection to Untrusted Site ('Open Redirect')	2025-12-29T18:15:42.913	2025-12-29T18:15:42.913
fkie_cve-2025-15198	A weakness has been identified in code-projects College Notes Uploading System 1.0. This issue affe…	2025-12-29T18:15:42.333	2025-12-29T18:15:42.333
fkie_cve-2025-36228	IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user inte…	2025-12-26T15:15:46.540	2025-12-29T18:15:10.767
fkie_cve-2025-36229	IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 could allow authenticated users to enumerate sensitive i…	2025-12-26T15:15:46.697	2025-12-29T18:10:45.550
fkie_cve-2025-36230	IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 is vulnerable to HTML injection. A remote attacker could…	2025-12-26T15:15:46.830	2025-12-29T17:42:46.707
fkie_cve-2025-64645	IBM Concert 1.0.0 through 2.1.0 could allow a local user to escalate their privileges due to a race…	2025-12-26T15:15:47.213	2025-12-29T17:38:35.060
fkie_cve-2025-26866	A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessi…	2025-12-12T10:15:49.053	2025-12-29T17:20:58.370
fkie_cve-2025-11621	Vault and Vault Enterprise’s (“Vault”) AWS Auth method may be susceptible to authentication bypass …	2025-10-23T19:15:48.893	2025-12-29T17:17:56.107
fkie_cve-2024-12289	Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests du…	2024-12-12T23:15:10.500	2025-12-29T17:17:19.510
fkie_cve-2024-10975	Nomad Community and Nomad Enterprise ("Nomad") volume specification is vulnerable to arbitrary cros…	2024-11-07T21:15:06.383	2025-12-29T17:17:03.110
fkie_cve-2024-7625	In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unp…	2024-08-15T00:15:13.127	2025-12-29T17:16:05.853
fkie_cve-2025-69206	Hemmelig is a messing app with with client-side encryption and self-destructing messages. Prior to …	2025-12-29T16:15:44.090	2025-12-29T17:15:48.313
fkie_cve-2025-68972	In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can…	2025-12-27T23:15:40.900	2025-12-29T17:15:47.977
fkie_cve-2025-68948	SiYuan is self-hosted, open source personal knowledge management software. In versions 3.5.1 and pr…	2025-12-27T01:15:42.720	2025-12-29T17:15:47.817
fkie_cve-2025-68932	FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptograp…	2025-12-27T00:15:42.633	2025-12-29T17:15:47.707
fkie_cve-2025-68927	Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnera…	2025-12-27T01:15:42.570	2025-12-29T17:15:47.500
fkie_cve-2025-68870	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-29T17:15:47.067	2025-12-29T17:15:47.067
fkie_cve-2025-68868	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T17:15:46.903	2025-12-29T17:15:46.903
fkie_cve-2025-68148	FreshRSS is a free, self-hostable RSS aggregator. From version 1.27.0 to before 1.28.0, An attacker…	2025-12-27T00:15:42.167	2025-12-29T17:15:46.700
fkie_cve-2025-66869	Buffer overflow vulnerability in function strcat in asan_interceptors.cpp in libming 0.4.8.	2025-12-29T17:15:46.603	2025-12-29T17:15:46.603
fkie_cve-2025-66866	An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attack…	2025-12-29T17:15:46.500	2025-12-29T17:15:46.500
fkie_cve-2025-66865	An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allow…	2025-12-29T17:15:46.400	2025-12-29T17:15:46.400
fkie_cve-2025-66864	An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allow…	2025-12-29T17:15:46.303	2025-12-29T17:15:46.303
fkie_cve-2025-66863	An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows a…	2025-12-29T17:15:46.203	2025-12-29T17:15:46.203
fkie_cve-2025-66862	A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows…	2025-12-29T17:15:46.100	2025-12-29T17:15:46.100

ID	Description	Package	Published	Updated
pysec-2022-43177	Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40…	azure-cli	2022-10-25T17:15:56+00:00	2025-04-09T17:27:24.642962+00:00
pysec-2024-244	A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a by…	mlflow	2024-05-16T09:15:14+00:00	2025-04-08T10:23:25.092581+00:00
pysec-2024-243	mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs…	mlflow	2024-04-16T00:15:12+00:00	2025-04-08T10:23:25.044416+00:00
pysec-2024-242	A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically …	mlflow	2024-06-06T19:15:55+00:00	2025-04-08T10:23:24.995743+00:00
pysec-2024-241	Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untru…	mlflow	2024-02-23T22:15:55+00:00	2025-04-08T10:23:24.946136+00:00
pysec-2024-240	Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This …	mlflow	2024-02-23T22:15:55+00:00	2025-04-08T10:23:24.900947+00:00
pysec-2024-239	A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im…	mlflow	2024-06-06T19:15:51+00:00	2025-04-08T10:23:24.852109+00:00
pysec-2025-12	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St…	codechecker	2025-01-21T15:15:13+00:00	2025-04-08T10:23:23.899726+00:00
pysec-2024-238	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St…	codechecker	2024-11-06T15:15:11+00:00	2025-04-08T10:23:23.857960+00:00
pysec-2025-11	A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi…	llama-index	2025-03-20T10:15:31+00:00	2025-04-01T23:22:47.294256+00:00
pysec-2025-10	A vulnerability in the `download_model` function of the onnx/onnx framework, before and i…	onnx	2025-03-20T10:15:37+00:00	2025-03-26T19:21:38.843396+00:00
pysec-2025-9	A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through…	invokeai	2025-03-20T10:15:26+00:00	2025-03-20T11:21:37.872971+00:00
pysec-2025-8	The `pygments-style-solarized` project was removed from PyPI by its owner on 2021-08-26. …	pygments-style-solarized		2025-03-17T16:35:37+00:00
pysec-2024-237	OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio…	octoprint	2024-05-14T16:17:12+00:00	2025-03-05T17:22:29.121263+00:00
pysec-2024-236	Jupyter Server Proxy allows users to run arbitrary external processes alongside their not…	jupyter-server-proxy	2024-06-11T22:15:09+00:00	2025-02-26T23:22:41.524251+00:00
pysec-2025-7	Published in 2021, the imblog package is a Python library that scrapes data from a blog p…	imblog		2025-02-26T21:19:19+00:00
pysec-2025-6	Published in 2021, the colabrun package is a Python library that exfiltrates user cookies…	colabrun		2025-02-26T20:59:48+00:00
pysec-2025-5	Published in 2020, the autodzee package is a Python library that bypasses Deezer API rest…	browsercmdhbt2		2025-02-26T20:57:11+00:00
pysec-2025-3	Published in 2019, the autodzee package is a Python library that bypasses Deezer API rest…	autodzee		2025-02-26T20:54:20+00:00
pysec-2025-4	Published in 2019, the automslc package is a Python library that bypasses Deezer API rest…	automslc		2025-02-26T19:26:49+00:00
pysec-2024-235	With the following crawler configuration: ```python from bs4 import BeautifulSoup as Sou…	langchain-exa	2024-02-26T16:27:49+00:00	2025-02-26T02:48:56.937312+00:00
pysec-2023-194	langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe…	langchain-experimental	2023-10-09T20:15:00Z	2025-02-23T07:46:11Z
pysec-2024-234	Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jup…	jupyter-server-proxy	2024-03-20T20:15:08+00:00	2025-02-21T18:23:35.992501+00:00
pysec-2023-163	An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary…	numexpr	2023-09-01T16:15:00Z	2025-02-20T09:11:38.521949Z
pysec-2024-233	python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump…	python-jose	2024-04-26T00:15:09+00:00	2025-02-18T19:20:15.511369+00:00
pysec-2024-232	python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f…	python-jose	2024-04-26T00:15:09+00:00	2025-02-18T19:20:15.468012+00:00
pysec-2024-231	LightGBM Remote Code Execution Vulnerability	lightgbm	2024-11-12T18:15:28+00:00	2025-02-15T07:20:34.246161+00:00
pysec-2024-230	Certifi is a curated collection of Root Certificates for validating the trustworthiness o…	certifi	2024-07-05T19:15:10+00:00	2025-02-12T21:21:51.559667+00:00
pysec-2024-229	Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execut…	transformers	2024-11-22T22:15:07+00:00	2025-02-10T23:22:41.499413+00:00
pysec-2024-228	Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code …	transformers	2024-11-22T22:15:07+00:00	2025-02-10T23:22:41.449105+00:00

ID	Description	Updated
gsd-2024-33822	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.561810Z
gsd-2024-33773	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.560326Z
gsd-2024-33769	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.558897Z
gsd-2024-33794	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.557396Z
gsd-2024-33818	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.556720Z
gsd-2024-33793	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.552273Z
gsd-2024-33833	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.551960Z
gsd-2024-33835	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.550838Z
gsd-2024-33744	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.543395Z
gsd-2024-33789	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.534336Z
gsd-2024-33760	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.533361Z
gsd-2024-33702	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.530768Z
gsd-2024-33797	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.530297Z
gsd-2024-33684	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.529859Z
gsd-2024-33827	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.528643Z
gsd-2024-33810	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.527741Z
gsd-2024-33729	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.527542Z
gsd-2024-33807	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.526483Z
gsd-2024-33688	Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affect…	2024-04-27T05:02:18.524420Z
gsd-2024-33685	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.523707Z
gsd-2024-33713	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.522989Z
gsd-2024-33768	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.521409Z
gsd-2024-33720	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.519711Z
gsd-2024-33809	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.516352Z
gsd-2024-33727	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.514916Z
gsd-2024-33770	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.514460Z
gsd-2024-33732	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.513959Z
gsd-2024-33829	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.511177Z
gsd-2024-33714	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.510684Z
gsd-2024-33693	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-27T05:02:18.509326Z

ID	Description	Published	Updated
mal-2024-5326	Malicious code in libsocks5 (PyPI)	2024-06-25T13:36:56Z	2025-12-24T10:09:32Z
mal-2024-5325	Malicious code in libsock (PyPI)	2024-06-25T13:36:56Z	2025-12-24T10:09:32Z
mal-2024-5323	Malicious code in libproxy (PyPI)	2024-06-25T13:36:55Z	2025-12-24T10:09:32Z
mal-2024-5221	Malicious code in httprequesthub (PyPI)	2024-06-25T13:36:05Z	2025-12-24T10:09:32Z
mal-2024-5101	Malicious code in easyhttprequest (PyPI)	2024-06-25T13:35:06Z	2025-12-24T10:09:32Z
mal-2024-11518	Malicious code in aiocpa (PyPI)	2024-12-09T06:49:42Z	2025-12-24T10:09:32Z
mal-2024-10163	Malicious code in solana-token (PyPI)	2024-10-16T14:51:34Z	2025-12-24T10:09:32Z
mal-2025-66552	Malicious code in vite-plugin-postcss-tools (npm)	2025-11-11T00:04:35Z	2025-12-24T10:09:31Z
mal-2025-66551	Malicious code in tensor-fi-utils-lib (npm)	2025-11-11T00:09:38Z	2025-12-24T10:09:31Z
mal-2025-49372	Malicious code in vite-smart-chunk (npm)	2025-11-05T23:17:31Z	2025-12-24T10:09:31Z
mal-2025-48951	Malicious code in xdater (npm)	2025-10-29T01:46:43Z	2025-12-24T10:09:31Z
mal-2025-48915	Malicious code in vite-plugin-es6-compat (npm)	2025-10-28T01:39:47Z	2025-12-24T10:09:31Z
mal-2025-48914	Malicious code in vite-manual-chunker (npm)	2025-10-28T01:44:03Z	2025-12-24T10:09:31Z
mal-2025-48784	Malicious code in vite-plugin-parsify (npm)	2025-10-27T07:09:08Z	2025-12-24T10:09:31Z
mal-2025-48599	Malicious code in vite-compiler-tools (npm)	2025-10-24T02:49:26Z	2025-12-24T10:09:31Z
mal-2025-48426	Malicious code in vite-plugin-parseflow (npm)	2025-10-15T13:05:55Z	2025-12-24T10:09:31Z
mal-2025-192656	Malicious code in xvxx (npm)	2025-12-19T08:41:06Z	2025-12-24T10:09:31Z
mal-2025-192645	Malicious code in vdous (npm)	2025-12-19T08:41:06Z	2025-12-24T10:09:31Z
mal-2025-192402	Malicious code in wartsila-text-csv (npm)	2025-12-10T01:44:48Z	2025-12-24T10:09:31Z
mal-2025-192375	Malicious code in tensor-fi-utils-core (npm)	2025-12-08T03:36:17Z	2025-12-24T10:09:31Z
mal-2025-191669	Malicious code in wfui-dsm-react-ui (npm)	2025-12-02T17:30:50Z	2025-12-24T10:09:31Z
mal-2025-191668	Malicious code in wfui-dbd-react-ui (npm)	2025-12-02T17:36:00Z	2025-12-24T10:09:31Z
mal-2025-191600	Malicious code in vite-dynamic-chunks (npm)	2025-12-01T13:29:03Z	2025-12-24T10:09:31Z
mal-2025-191504	Malicious code in testhaus (npm)	2025-12-01T16:00:47Z	2025-12-24T10:09:31Z
mal-2025-191474	Malicious code in vite-dynachunk (npm)	2025-11-26T04:53:42Z	2025-12-24T10:09:31Z
mal-2025-191447	Malicious code in vf-oss-template (npm)	2025-11-25T00:16:49Z	2025-12-24T10:09:31Z
mal-2025-190498	Malicious code in validator-node (npm)	2025-11-14T03:35:19Z	2025-12-24T10:09:31Z
mal-2025-66550	Malicious code in szsec-infos-report (npm)	2025-11-11T00:02:04Z	2025-12-24T10:09:30Z
mal-2025-49446	Malicious code in supxmlparser (npm)	2025-11-09T00:17:09Z	2025-12-24T10:09:30Z
mal-2025-49441	Malicious code in superbankxmlparser (npm)	2025-11-09T00:17:09Z	2025-12-24T10:09:30Z

ID	Description	Published	Updated
wid-sec-w-2025-2268	Linux Kernel: Mehrere Schwachstellen	2025-10-13T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2198	MediaWiki: Mehrere Schwachstellen	2025-10-05T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2170	Linux Kernel: Mehrere Schwachstellen	2025-09-30T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2144	binutils: Mehrere Schwachstellen	2025-09-28T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2115	WordPress Core: Mehrere Schwachstellen	2025-09-23T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2099	Linux Kernel: Mehrere Schwachstellen	2025-09-21T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1898	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-08-24T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1870	Keycloak: Schwachstelle ermöglicht Versand beliebiger E-Mails	2025-08-19T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1833	IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service	2025-08-13T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1822	Ruby on Rails: Mehrere Schwachstellen	2025-08-13T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1807	IBM WebSphere Application Server Liberty: Mehrere Schwachstellen	2025-08-12T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1757	Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsmechanismen	2025-08-11T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1591	IBM WebSphere Application Server: Schwachstelle ermöglicht Offenlegung von Informationen	2025-07-17T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1582	IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service	2025-07-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1460	PHP: Mehrere Schwachstellen	2025-07-03T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1335	Apache Tomcat: Mehrere Schwachstellen	2025-06-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1334	Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service	2025-06-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1169	Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-05-29T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1144	GIMP: Mehrere Schwachstellen ermöglichen Codeausführung	2025-05-25T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1114	Linux Kernel: Mehrere Schwachstellen	2025-05-20T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0944	GIMP: Schwachstelle ermöglicht Codeausführung	2025-05-05T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0879	BusyBox: Mehrere Schwachstellen	2025-04-23T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0813	Oracle MySQL: Mehrere Schwachstellen	2025-04-15T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0562	expat: Schwachstelle ermöglicht Denial of Service	2025-03-13T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0545	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-11T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0524	Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung	2025-03-11T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0507	MariaDB: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-09T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0233	Python: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-02-02T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3762	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2024-12-29T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2024-3528	Linux Kernel: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff	2024-11-21T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00

ID	Description	Published	Updated
ssa-787941	SSA-787941: Denial of Service Vulnerability in RUGGEDCOM ROS devices	2022-11-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-770902	SSA-770902: Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices	2023-08-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-769791	SSA-769791: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-767615	SSA-767615: Information Disclosure Vulnerability in SIPROTEC 5 Devices	2025-02-11T00:00:00Z	2025-08-12T00:00:00Z
ssa-764417	SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-674084	SSA-674084: File Parsing Vulnerabilities in Simcenter Femap Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-665108	SSA-665108: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-613116	SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-529291	SSA-529291: Information Disclosure Vulnerabilities in SICAM Q100/Q200	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-517338	SSA-517338: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-493787	SSA-493787: Arbitrary Code Execution Vulnerability in SIMATIC RTLS Locating Manager Before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-460466	SSA-460466: Denial of Service Vulnerability in TIA Project-Server and TIA Portal	2025-07-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-446307	SSA-446307: Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A	2025-05-13T00:00:00Z	2025-08-12T00:00:00Z
ssa-400089	SSA-400089: Denial of Service Vulnerability in SIPROTEC 4 and SIPROTEC 4 Compact	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-398330	SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP >= V3.1.0 and < V3.1.5	2023-12-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-382999	SSA-382999: Multiple Vulnerabilities in Opcenter Quality Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-355557	SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-353002	SSA-353002: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family	2024-03-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-256353	SSA-256353: Third-Party Component Vulnerabilities in RUGGEDCOM ROS	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-177847	SSA-177847: Improper VNC Password Check Vulnerability in SINUMERIK Controllers	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-170375	SSA-170375: Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9	2024-07-09T00:00:00Z	2025-08-12T00:00:00Z
ssa-097435	SSA-097435: Usernames Disclosure Vulnerability in Mendix Runtime	2024-09-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-094954	SSA-094954: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-725549	SSA-725549: Denial of Service of ICMP in Industrial Devices	2025-04-08T00:00:00Z	2025-07-21T00:00:00Z
ssa-183963	SSA-183963: Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11	2025-07-08T00:00:00Z	2025-07-18T00:00:00Z
ssa-938066	SSA-938066: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-904646	SSA-904646: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-763427	SSA-763427: Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices	2015-11-27T00:00:00Z	2025-07-08T00:00:00Z
ssa-634640	SSA-634640: Weak Authentication Vulnerability in Siemens Industrial Edge Devices	2025-04-08T00:00:00Z	2025-07-08T00:00:00Z

ID	Description	Published	Updated
rhsa-2025:3813	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:56:45+00:00	2025-11-29T06:54:09+00:00
rhsa-2025:3811	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:32:08+00:00	2025-11-29T06:54:09+00:00
rhsa-2025:3775	Red Hat Security Advisory: OpenShift Container Platform 4.18.9 bug fix and security update	2025-04-16T06:12:24+00:00	2025-11-29T06:54:08+00:00
rhsa-2025:3763	Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.13.2 container image updates	2025-04-09T16:37:37+00:00	2025-11-29T06:54:07+00:00
rhsa-2025:3808	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:26:28+00:00	2025-11-29T06:54:04+00:00
rhsa-2025:3798	Red Hat Security Advisory: OpenShift Container Platform 4.17.25 bug fix and security update	2025-04-16T17:46:00+00:00	2025-11-29T06:54:04+00:00
rhsa-2025:3743	Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.5.1 release	2025-04-09T09:53:12+00:00	2025-11-29T06:54:02+00:00
rhsa-2025:3740	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release	2025-04-09T08:52:08+00:00	2025-11-29T06:54:02+00:00
rhsa-2025:3720	Red Hat Security Advisory: multicluster engine for Kubernetes 2.8.1 container image updates	2025-04-08T23:25:49+00:00	2025-11-29T06:54:01+00:00
rhsa-2025:3698	Red Hat Security Advisory: opentelemetry-collector security update	2025-04-08T15:23:59+00:00	2025-11-29T06:54:01+00:00
rhsa-2025:3685	Red Hat Security Advisory: Red Hat Edge Manager Version 0.5.1 (Technology Preview) security fixes	2025-04-08T13:01:54+00:00	2025-11-29T06:54:00+00:00
rhsa-2025:3618	Red Hat Security Advisory: grafana security update	2025-04-07T02:07:30+00:00	2025-11-29T06:53:59+00:00
rhsa-2025:3616	Red Hat Security Advisory: grafana security update	2025-04-07T01:59:15+00:00	2025-11-29T06:53:59+00:00
rhsa-2025:3607	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release	2025-04-04T13:38:55+00:00	2025-11-29T06:53:58+00:00
rhsa-2025:3593	Red Hat Security Advisory: opentelemetry-collector security update	2025-04-03T13:38:52+00:00	2025-11-29T06:53:57+00:00
rhsa-2025:3577	Red Hat Security Advisory: OpenShift Container Platform 4.18.8 bug fix and security update	2025-04-10T11:37:31+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3565	Red Hat Security Advisory: OpenShift Container Platform 4.17.24 bug fix and security update	2025-04-09T04:47:09+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3560	Red Hat Security Advisory: RHODF-4.14-RHEL-9 security update	2025-04-03T05:09:02+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3542	Red Hat Security Advisory: RHODF-4.15-RHEL-9 security update	2025-04-02T19:51:02+00:00	2025-11-29T06:53:55+00:00
rhsa-2025:3503	Red Hat Security Advisory: Red Hat build of Cryostat security update	2025-04-02T04:03:14+00:00	2025-11-29T06:53:54+00:00
rhsa-2025:3501	Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update	2025-04-01T20:50:35+00:00	2025-11-29T06:53:54+00:00
rhsa-2025:3439	Red Hat Security Advisory: ACS 4.6 enhancement and security update	2025-04-01T04:55:49+00:00	2025-11-29T06:53:53+00:00
rhsa-2025:3438	Red Hat Security Advisory: ACS 4.7 enhancement and security update	2025-04-01T04:50:23+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3437	Red Hat Security Advisory: ACS 4.5 enhancement and security update	2025-04-01T04:50:24+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3411	Red Hat Security Advisory: opentelemetry-collector security update	2025-03-31T14:36:15+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3344	Red Hat Security Advisory: grafana security update	2025-03-27T15:46:43+00:00	2025-11-29T06:53:50+00:00
rhsa-2025:3336	Red Hat Security Advisory: podman security update	2025-03-27T15:01:22+00:00	2025-11-29T06:53:50+00:00
rhsa-2025:3335	Red Hat Security Advisory: opentelemetry-collector security update	2025-03-27T15:00:22+00:00	2025-11-29T06:53:48+00:00
rhsa-2025:3301	Red Hat Security Advisory: OpenShift Container Platform 4.16.38 bug fix and security update	2025-04-03T00:21:28+00:00	2025-11-29T06:53:47+00:00
rhsa-2025:3268	Red Hat Security Advisory: container-tools:rhel8 security update	2025-03-26T14:31:13+00:00	2025-11-29T06:53:47+00:00

ID	Description	Published	Updated
msrc_cve-2025-38460	atm: clip: Fix potential null-ptr-deref in to_atmarpd().	2025-07-02T00:00:00.000Z	2025-12-24T01:03:28.000Z
msrc_cve-2025-38459	atm: clip: Fix infinite recursive call of clip_push().	2025-07-02T00:00:00.000Z	2025-12-24T01:03:23.000Z
msrc_cve-2025-38458	atm: clip: Fix NULL pointer dereference in vcc_sendmsg()	2025-07-02T00:00:00.000Z	2025-12-24T01:03:18.000Z
msrc_cve-2025-38457	net/sched: Abort __tc_modify_qdisc if parent class does not exist	2025-07-02T00:00:00.000Z	2025-12-24T01:03:13.000Z
msrc_cve-2025-38448	usb: gadget: u_serial: Fix race condition in TTY wakeup	2025-07-02T00:00:00.000Z	2025-12-24T01:03:08.000Z
msrc_cve-2025-38445	md/raid1: Fix stack memory use after return in raid1_reshape	2025-07-02T00:00:00.000Z	2025-12-24T01:03:03.000Z
msrc_cve-2025-38444	raid10: cleanup memleak at raid10_make_request	2025-07-02T00:00:00.000Z	2025-12-24T01:02:58.000Z
msrc_cve-2025-38443	nbd: fix uaf in nbd_genl_connect() error path	2025-07-02T00:00:00.000Z	2025-12-24T01:02:53.000Z
msrc_cve-2025-38441	netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()	2025-07-02T00:00:00.000Z	2025-12-24T01:02:49.000Z
msrc_cve-2025-38439	bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT	2025-07-02T00:00:00.000Z	2025-12-24T01:02:43.000Z
msrc_cve-2025-38437	ksmbd: fix potential use-after-free in oplock/lease break ack	2025-07-02T00:00:00.000Z	2025-12-24T01:02:38.000Z
msrc_cve-2025-62230	Xorg: xwayland: use-after-free in xkb client resource removal	2025-10-02T00:00:00.000Z	2025-12-24T01:02:33.000Z
msrc_cve-2025-62231	Xorg: xmayland: value overflow in xkbsetcompatmap()	2025-10-02T00:00:00.000Z	2025-12-24T01:02:28.000Z
msrc_cve-2025-62229	Xorg: xmayland: use-after-free in xpresentnotify structure creation	2025-10-02T00:00:00.000Z	2025-12-24T01:02:23.000Z
msrc_cve-2025-68334	platform/x86/amd/pmc: Add support for Van Gogh SoC	2025-12-02T00:00:00.000Z	2025-12-24T01:02:13.000Z
msrc_cve-2025-68328	firmware: stratix10-svc: fix bug in saving controller data	2025-12-02T00:00:00.000Z	2025-12-24T01:02:08.000Z
msrc_cve-2025-68330	iio: accel: bmc150: Fix irq assumption regression	2025-12-02T00:00:00.000Z	2025-12-24T01:02:02.000Z
msrc_cve-2025-68336	locking/spinlock/debug: Fix data-race in do_raw_write_lock	2025-12-02T00:00:00.000Z	2025-12-24T01:01:57.000Z
msrc_cve-2025-68333	sched_ext: Fix possible deadlock in the deferred_irq_workfn()	2025-12-02T00:00:00.000Z	2025-12-24T01:01:51.000Z
msrc_cve-2025-68327	usb: renesas_usbhs: Fix synchronous external abort on unbind	2025-12-02T00:00:00.000Z	2025-12-24T01:01:46.000Z
msrc_cve-2025-68335	comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()	2025-12-02T00:00:00.000Z	2025-12-24T01:01:41.000Z
msrc_cve-2025-68332	comedi: c6xdigio: Fix invalid PNP driver unregistration	2025-12-02T00:00:00.000Z	2025-12-24T01:01:35.000Z
msrc_cve-2025-68337	jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted	2025-12-02T00:00:00.000Z	2025-12-24T01:01:30.000Z
msrc_cve-2025-68331	usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer	2025-12-02T00:00:00.000Z	2025-12-24T01:01:24.000Z
msrc_cve-2025-64680	Windows DWM Core Library Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2025-12-23T08:00:00.000Z
msrc_cve-2025-55319	Agentic AI and Visual Studio Code Remote Code Execution Vulnerability	2025-09-09T07:00:00.000Z	2025-12-23T08:00:00.000Z
msrc_cve-2025-66471	urllib3 Streaming API improperly handles highly compressed data	2025-12-02T00:00:00.000Z	2025-12-23T01:38:16.000Z
msrc_cve-2025-66418	urllib3 allows an unbounded number of links in the decompression chain	2025-12-02T00:00:00.000Z	2025-12-23T01:38:10.000Z
msrc_cve-2025-12819	Untrusted search path in auth_query connection in PgBouncer	2025-12-02T00:00:00.000Z	2025-12-23T01:37:37.000Z
msrc_cve-2025-68114	Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow	2025-12-02T00:00:00.000Z	2025-12-23T01:37:34.000Z

ID	Description	Published	Updated
icsa-25-135-05	Siemens SIPROTEC and SICAM	2025-05-13T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-072-11	Siemens SIMATIC IPC Family, ITP1000, and Field PGs	2025-03-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-044-06	Siemens RUGGEDCOM APE1808 Devices	2025-02-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-044-04	Siemens SIPROTEC 5	2025-02-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-016-04	Siemens SIPROTEC 5 Products	2025-01-14T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-193-14	Siemens SIPROTEC	2024-07-09T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-193-02	Siemens RUGGEDCOM APE 1808	2024-07-09T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-074-05	Siemens RUGGEDCOM APE1808	2024-03-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-23-257-01	Siemens SIMATIC, SIPLUS Products	2023-09-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-23-103-06	Siemens SIPROTEC 5 Devices	2023-04-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-349-11	Siemens SIPROTEC 5 Devices	2022-12-13T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-195-02	Siemens SICAM GridEdge	2022-07-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-167-08	Siemens SICAM GridEdge	2022-06-14T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-310-03	ABB FLXeon Controllers	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-310-02	Ubia Ubox	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-310-01	Advantech DeviceOn/iEdge	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-308-05	IDIS ICM Viewer	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-04	Radiometrics VizAir	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-03	Delta Electronics CNCSoft-G2	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-02	Survision License Plate Recognition Camera	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
va-25-304-02	Restaurant Brands International assistant platform multiple vulnerabilities	2025-10-31T17:02:13Z	2025-10-31T17:02:13Z
va-25-304-01	ELOG multiple vulnerabilities	2025-10-31T16:57:24Z	2025-10-31T16:57:24Z
icsa-25-303-02	Hitachi Energy TropOS	2025-10-30T06:00:00.000000Z	2025-10-30T06:00:00.000000Z
icsa-25-303-01	International Standards Organization ISO 15118	2025-10-30T05:00:00.000000Z	2025-10-30T05:00:00.000000Z
icsa-25-282-01	Hitachi Energy Asset Suite (Update A)	2025-09-30T08:50:13.000000Z	2025-10-28T09:50:00.000000Z
icsma-25-301-01	Vertikal Systems Hospital Manager Backend Services	2025-10-28T06:00:00.000000Z	2025-10-28T06:00:00.000000Z
icsma-25-296-01	NIHON KOHDEN Central Monitor CNS-6201	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-04	Delta Electronics ASDA-Soft	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-03	Veeder-Root TLS4B Automatic Tank Gauge System	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-02	ASKI Energy ALS-Mini-S8 and ALS-Mini-S4	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-cuis-file-upload-uhnetstm	Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-spaces-conn-privesc-kgd2ccdu	Cisco Spaces Connector Privilege Escalation Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ece-xss-cbtkteyc	Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-cucm-ssh-m4ubdpe7	Cisco Unified Communications Manager Static SSH Credentials Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ise-stored-xss-yff54m73	Cisco Identity Services Stored Cross-Site Scripting Vulnerability	2025-05-21T16:00:00+00:00	2025-06-30T15:08:59+00:00
cisco-sa-ise-auth-bypass-mvfkvqau	Cisco Identity Services Engine Authorization Bypass Vulnerability	2025-06-25T16:00:00+00:00	2025-06-25T16:00:00+00:00
cisco-sa-ise-file-upload-p4m8vwxy	Cisco Identity Services Engine Arbitrary File Upload Vulnerability	2025-06-04T16:00:00+00:00	2025-06-23T19:16:21+00:00
cisco-sa-meraki-mx-vpn-dos-sm5gcfm7	Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability	2025-06-18T16:00:00+00:00	2025-06-18T16:00:00+00:00
cisco-sa-clamav-udf-hmwd9ndy	ClamAV UDF File Parsing Out-of-Bounds Read Information Disclosure Vulnerability	2025-06-18T16:00:00+00:00	2025-06-18T16:00:00+00:00
cisco-sa-erlang-otp-ssh-xyzzy	Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server: April 2025	2025-04-22T21:45:00+00:00	2025-06-11T14:40:37+00:00
cisco-sa-wlc-file-uplpd-rhzg9ufc	Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability	2025-05-07T16:00:00+00:00	2025-06-06T20:02:48+00:00
cisco-sa-ise-aws-static-cred-fpmjucm7	Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability	2025-06-04T16:00:00+00:00	2025-06-05T17:26:25+00:00
cisco-sa-vos-command-inject-65s2ucyy	Cisco Unified Communications Products Command Injection Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ucs-ssh-priv-esc-2mzdtdjm	Cisco Integrated Management Controller Privilege Escalation Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-uccx-multi-uhotvpgl	Cisco Unified Contact Center Express Vulnerabilities	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-uccx-editor-rce-ezyyzte8	Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-te-endagent-filewrt-zncdqnrj	Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Delete Vulnerabilities	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ndfc-shkv-snqjtjrp	Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-icm-xss-cfcqhxag	Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ccp-info-disc-zygerqpd	Cisco Customer Collaboration Platform Information Disclosure Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-meraki-mx-vpn-dos-qtrhzg2	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities	2024-10-02T16:00:00+00:00	2025-06-02T14:22:28+00:00
cisco-sa-meraki-mx-vpn-dos-by-qwukqv7x	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability	2024-10-02T16:00:00+00:00	2025-06-02T14:22:27+00:00
cisco-sa-webex-xss-7teqtfn8	Cisco Webex Services Cross-Site Scripting Vulnerabilities	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-webex-cache-q4xbkqbg	Cisco Webex Meetings Services HTTP Cache Poisoning Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-sna-ssti-dpulqsmz	Cisco Secure Network Analytics Manager Privilege Escalation Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-sna-apiacv-4b6x5ysw	Cisco Secure Network Analytics Manager API Authorization Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-ise-restart-ss-uf986g2q	Cisco Identity Services Engine RADIUS Denial of Service Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-duo-ssp-cmd-inj-rcmyrna	Cisco Duo Self-Service Portal Command Injection Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-cuis-priv-esc-3pk96su4	Cisco Unified Intelligence Center Privilege Escalation Vulnerabilities	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-cucm-kkhzbhr5	Cisco Unified Communications Products Privilege Escalation Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00

ID	Description	Published	Updated
SCA-2020-0002	Vulnerabilities in SICK Package Analytics	2020-08-07T10:00:00.000Z	2020-07-28T10:00:00.000Z
sca-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
SCA-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
sca-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
SCA-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
sca-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z
SCA-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z

ID	Description	Published	Updated
NN-2021:2-01	Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2021:1-01	Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:3-01	Angular template injection on custom report name field	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:2-01	Cross-site request forgery attack on change password form	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:2-01	CSV Injection on node label	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:1-01	Stored XSS in field name data model	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-201912-0636	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:41.849000Z
var-201302-0303	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on …	2024-11-29T22:36:41.699000Z
var-200106-0168	Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows lo…	2024-11-29T22:36:38.066000Z
var-202105-1461	A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in fun…	2024-11-29T22:36:05.822000Z
var-201904-0745	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:04.982000Z
var-200501-0287	Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a…	2024-11-29T22:36:04.792000Z
var-202010-1511	A use after free issue was addressed with improved memory management. This issue is fixed…	2024-11-29T22:36:04.718000Z
var-202206-1961	When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification fa…	2024-11-29T22:36:04.578000Z
var-200901-0466	The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for co…	2024-11-29T22:35:53.826000Z
var-202001-1433	When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data sm…	2024-11-29T22:35:51.750000Z
var-202109-1804	A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocate…	2024-11-29T22:35:51.033000Z
var-201609-0597	The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other pr…	2024-11-29T22:35:49.265000Z
var-201011-0178	The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and poss…	2024-11-29T22:35:48.998000Z
var-201310-0370	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 an…	2024-11-29T22:35:48.557000Z
var-201901-1586	In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 1…	2024-11-29T22:35:46.547000Z
var-201006-0051	Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4…	2024-11-29T22:35:44.571000Z
var-201908-0421	Some HTTP/2 implementations are vulnerable to window size manipulation and stream priorit…	2024-11-29T22:35:38.045000Z
var-202112-0562	It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete…	2024-11-29T22:35:35.830000Z
var-200102-0007	WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood…	2024-11-29T22:35:30.307000Z
var-201404-0374	Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an…	2024-11-29T22:35:28.945000Z
var-201412-0516	The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apach…	2024-11-29T22:34:53.956000Z
var-201310-0355	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, a…	2024-11-29T22:34:53.303000Z
var-201912-0592	An input validation issue was addressed with improved memory handling. This issue is fixe…	2024-11-29T22:34:47.182000Z
var-201910-1485	The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdum…	2024-11-29T22:34:46.805000Z
var-201410-1319	Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attack…	2024-11-29T22:34:46.272000Z
var-200906-0598	Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in…	2024-11-29T22:34:44.074000Z
var-200608-0038	Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers …	2024-11-29T22:34:43.959000Z
var-201007-0949	WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before…	2024-11-29T22:34:42.765000Z
var-201906-1176	Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragme…	2024-11-29T22:34:41.605000Z
var-202201-0104	In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtt…	2024-11-29T22:34:09.849000Z

ID	Description	Published	Updated
jvndb-2025-000054	Apache Jena Fuseki vulnerable to path traversal	2025-07-30T14:17+09:00	2025-07-30T14:17+09:00
jvndb-2025-000053	"SwitchBot" App vulnerable to insertion of sensitive information into log file	2025-07-29T13:44+09:00	2025-07-29T13:44+09:00
jvndb-2025-010056	TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection	2025-07-28T17:53+09:00	2025-07-28T17:53+09:00
jvndb-2025-000052	TP-Link Archer C1200 vulnerable to clickjacking	2025-07-24T14:16+09:00	2025-07-24T14:16+09:00
jvndb-2025-000051	Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input	2025-07-23T13:54+09:00	2025-07-23T13:54+09:00
jvndb-2025-009576	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-07-23T11:13+09:00	2025-07-23T11:13+09:00
jvndb-2025-000050	"region PAY" App for Android vulnerable to insertion of sensitive information into log file	2025-07-22T13:33+09:00	2025-07-22T13:33+09:00
jvndb-2025-009150	Security updates for Trend Micro products (June 2025)	2025-07-17T17:03+09:00	2025-07-17T17:03+09:00
jvndb-2025-000030	Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor	2025-05-12T18:00+09:00	2025-07-17T10:06+09:00
jvndb-2025-000049	ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials	2025-07-16T13:54+09:00	2025-07-16T13:54+09:00
jvndb-2025-008881	Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers	2025-07-15T15:54+09:00	2025-07-15T15:54+09:00
jvndb-2025-008783	Firebox T15 contains an issue with hidden functionality	2025-07-14T17:22+09:00	2025-07-14T17:22+09:00
jvndb-2025-008145	Epson Web Installer for Mac vulnerable to missing authentication for critical function	2025-07-08T14:08+09:00	2025-07-08T14:08+09:00
jvndb-2025-008106	Heap-based buffer overflow vulnerability in V-SFT and TELLUS	2025-07-07T16:26+09:00	2025-07-07T16:26+09:00
jvndb-2025-008105	Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)	2025-07-07T16:04+09:00	2025-07-07T16:04+09:00
jvndb-2025-000047	Multiple vulnerabilities in Nimesa Backup and Recovery	2025-07-07T15:26+09:00	2025-07-07T15:26+09:00
jvndb-2025-007978	Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)	2025-07-04T13:28+09:00	2025-07-04T13:28+09:00
jvndb-2025-000045	Multiple vulnerabilities in Active! mail	2025-07-02T14:13+09:00	2025-07-02T14:13+09:00
jvndb-2025-007754	Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)	2025-07-02T11:31+09:00	2025-07-02T11:31+09:00
jvndb-2025-007607	Pass-Back Attack vulnerability in Konica Minorta bizhub series	2025-07-01T14:09+09:00	2025-07-01T14:09+09:00
jvndb-2025-007595	Multiple vulnerabilities in Web Connection of Konica Minolta MFPs	2025-07-01T14:02+09:00	2025-07-01T14:02+09:00
jvndb-2025-000046	SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting	2025-06-30T15:45+09:00	2025-06-30T15:45+09:00
jvndb-2025-007552	Multiple vulnerabilities in TB-eye network recorders and AHD recorders	2025-06-30T14:45+09:00	2025-06-30T14:45+09:00
jvndb-2024-004595	Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series	2024-07-29T17:51+09:00	2025-06-30T09:56+09:00
jvndb-2025-000043	Multiple vulnerabilities in iroha Board	2025-06-26T15:13+09:00	2025-06-26T15:13+09:00
jvndb-2025-000042	Inefficient regular expressions in GROWI	2025-06-24T15:25+09:00	2025-06-24T15:25+09:00
jvndb-2025-000041	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-06-24T14:50+09:00	2025-06-24T14:50+09:00
jvndb-2025-007390	Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)	2025-06-24T11:18+09:00	2025-06-24T11:18+09:00
jvndb-2025-000040	KCM3100 vulnerable to authentication bypass using an alternate path or channel	2025-06-18T13:42+09:00	2025-06-18T13:42+09:00
jvndb-2025-000039	Multiple vulnerabilities in RICOH Streamline NX PC Client	2025-06-13T16:09+09:00	2025-06-13T16:09+09:00

ID	Description	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated