Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-4c8r-385h-rf2x | A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-3r5x-6g7r-3p8p | jshERP v3.5 and earlier is affected by a stored Cross Site Scripting (XSS) vulnerability via the /m… | 2025-12-12T18:30:35Z | 2025-12-12T21:31:38Z |
| ghsa-3hg2-rh4r-8qf6 | Apache StreamPark: Use the user’s password as the secret key Vulnerability | 2025-12-12T18:30:35Z | 2025-12-12T20:19:56Z |
| ghsa-3cmr-m8h4-f7xj | RuoYi versions 4.8.1 and earlier is affected by a stored XSS vulnerability in the /system/menu/edit… | 2025-12-12T18:30:35Z | 2025-12-12T21:31:38Z |
| ghsa-325g-f49v-c2hf | A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f… | 2025-12-12T18:30:35Z | 2025-12-12T18:30:35Z |
| ghsa-5j59-xgg2-r9c4 | Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up | 2025-12-12T17:21:57Z | 2025-12-12T17:21:58Z |
| ghsa-c6m7-q6pr-c64r | Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components | 2025-12-12T16:41:58Z | 2025-12-12T16:41:58Z |
| ghsa-cpqf-f22c-r95x | Vite Plugin React has a Denial of Service Vulnerability in React Server Components | 2025-12-12T16:41:08Z | 2025-12-12T16:41:08Z |
| ghsa-7gmr-mq3h-m5h9 | Denial of Service Vulnerability in React Server Components | 2025-12-12T16:32:43Z | 2025-12-12T16:32:43Z |
| ghsa-749j-2hp6-8cxm | Apache StreamPark uses a Weak Encryption Algorithm | 2025-12-12T15:30:42Z | 2025-12-12T21:36:30Z |
| ghsa-5gw4-7cfm-h82q | APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient P… | 2025-12-12T15:30:42Z | 2025-12-12T15:30:42Z |
| ghsa-q7ph-73xr-mr6g | SolarEdge SE3680H has unauthenticated disclosure of sensitive information during the bootloader loo… | 2025-12-12T15:30:41Z | 2025-12-12T15:30:41Z |
| ghsa-prv5-c2px-j9q3 | Apache StreamPark has a hard-coded encryption key | 2025-12-12T15:30:41Z | 2025-12-12T21:36:13Z |
| ghsa-pmcm-fwgg-qxqr | The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed a… | 2025-12-12T15:30:41Z | 2025-12-12T15:30:41Z |
| ghsa-7738-gqcf-gx4x | Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services I… | 2025-12-12T15:30:41Z | 2025-12-12T15:30:41Z |
| ghsa-3v8j-7v8f-5qp2 | SolarEdge SE3680H has an exposed debug/test interface accessible to unauthenticated actors, allowin… | 2025-12-12T15:30:41Z | 2025-12-12T15:30:41Z |
| ghsa-37qv-3hw5-x3ph | SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that allows an authenticat… | 2025-12-12T15:30:41Z | 2025-12-12T15:30:41Z |
| ghsa-23vf-m99m-mvr7 | SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core… | 2025-12-12T15:30:41Z | 2025-12-12T15:30:41Z |
| ghsa-rgjm-h5hc-fhwv | Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache F… | 2025-12-12T12:30:25Z | 2025-12-12T21:31:37Z |
| ghsa-qqj8-52jc-qfhp | The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensit… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-q37j-3367-fwv7 | Apache HugeGraph-Server: RAFT and deserialization vulnerability | 2025-12-12T12:30:25Z | 2025-12-12T16:46:05Z |
| ghsa-pj5f-gwwf-fqcv | The Events Manager – Calendar, Bookings, Tickets, and more! plugin for WordPress is vulnerable to C… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-hg5h-qmqq-86x3 | The Magical Posts Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-gq7p-9g95-8rfx | The PDF for Contact Form 7 + Drag and Drop Template Builder plugin for WordPress is vulnerable to u… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-g2p2-28gc-94wx | The Simple Bike Rental plugin for WordPress is vulnerable to unauthorized access of data due to a m… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-cxq4-78fr-7wpg | The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for WordPress … | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-c565-3j89-9cp4 | The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauth… | 2025-12-12T12:30:25Z | 2025-12-12T18:30:34Z |
| ghsa-7m2h-m3fc-4qj7 | The WooMulti WordPress plugin through 17 does not validate a file parameter when deleting files, wh… | 2025-12-12T12:30:25Z | 2025-12-12T18:30:34Z |
| ghsa-6jvx-rr4c-j9j5 | Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: t… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ghsa-647v-r7p3-c33c | The MailerLite – Signup forms (official) plugin for WordPress is vulnerable to Stored Cross-Site Sc… | 2025-12-12T12:30:25Z | 2025-12-12T12:30:25Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-43542 | N/A | This issue was addressed with improved state mana… |
Apple |
macOS |
2025-12-12T20:56:57.008Z | 2025-12-12T20:56:57.008Z |
| cve-2025-43470 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:55.963Z | 2025-12-12T20:56:55.963Z |
| cve-2025-43523 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:54.939Z | 2025-12-12T20:56:54.939Z |
| cve-2025-43466 | N/A | An injection issue was addressed with improved va… |
Apple |
macOS |
2025-12-12T20:56:53.865Z | 2025-12-12T20:56:53.865Z |
| cve-2025-43519 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:52.823Z | 2025-12-12T20:56:52.823Z |
| cve-2025-43512 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:56:51.767Z | 2025-12-12T20:56:51.767Z |
| cve-2025-43416 | N/A | A logic issue was addressed with improved restric… |
Apple |
macOS |
2025-12-12T20:56:50.705Z | 2025-12-12T20:56:50.705Z |
| cve-2025-43482 | N/A | The issue was addressed with improved input valid… |
Apple |
macOS |
2025-12-12T20:56:49.675Z | 2025-12-12T20:56:49.675Z |
| cve-2025-46287 | N/A | An inconsistent user interface issue was addresse… |
Apple |
macOS |
2025-12-12T20:56:48.646Z | 2025-12-12T20:56:48.646Z |
| cve-2025-43494 | N/A | A mail header parsing issue was addressed with im… |
Apple |
macOS |
2025-12-12T20:56:47.563Z | 2025-12-12T20:56:47.563Z |
| cve-2025-43461 | N/A | This issue was addressed with improved validation… |
Apple |
macOS |
2025-12-12T20:56:46.542Z | 2025-12-12T20:56:46.542Z |
| cve-2025-43532 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2025-12-12T20:56:45.545Z | 2025-12-12T20:56:45.545Z |
| cve-2025-43437 | N/A | An information disclosure issue was addressed wit… |
Apple |
iOS and iPadOS |
2025-12-12T20:56:44.434Z | 2025-12-12T20:56:44.434Z |
| cve-2025-43509 | N/A | This issue was addressed with improved data prote… |
Apple |
macOS |
2025-12-12T20:56:43.368Z | 2025-12-12T20:56:43.368Z |
| cve-2025-43381 | N/A | This issue was addressed with improved handling o… |
Apple |
macOS |
2025-12-12T20:56:42.316Z | 2025-12-12T20:56:42.316Z |
| cve-2025-43513 | N/A | A permissions issue was addressed by removing the… |
Apple |
macOS |
2025-12-12T20:56:41.283Z | 2025-12-12T20:56:41.283Z |
| cve-2025-46285 | N/A | An integer overflow was addressed by adopting 64-… |
Apple |
macOS |
2025-12-12T20:56:40.352Z | 2025-12-12T20:56:40.352Z |
| cve-2025-43506 | N/A | A logic error was addressed with improved error h… |
Apple |
macOS |
2025-12-12T20:56:39.176Z | 2025-12-12T20:56:39.176Z |
| cve-2025-43510 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2025-12-12T20:56:38.131Z | 2025-12-12T20:56:38.131Z |
| cve-2025-43402 | N/A | The issue was addressed with improved memory hand… |
Apple |
macOS |
2025-12-12T20:56:37.079Z | 2025-12-12T20:56:37.079Z |
| cve-2025-43530 | N/A | This issue was addressed with improved checks. Th… |
Apple |
macOS |
2025-12-12T20:56:36.039Z | 2025-12-12T20:56:36.039Z |
| cve-2025-46289 | N/A | A logic issue was addressed with improved file ha… |
Apple |
macOS |
2025-12-12T20:56:34.997Z | 2025-12-12T20:56:34.997Z |
| cve-2025-43463 | N/A | A parsing issue in the handling of directory path… |
Apple |
macOS |
2025-12-12T20:56:33.979Z | 2025-12-12T20:56:33.979Z |
| cve-2025-43320 | N/A | The issue was addressed by adding additional logi… |
Apple |
macOS |
2025-12-12T20:56:32.868Z | 2025-12-12T20:56:32.868Z |
| cve-2025-43527 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:31.854Z | 2025-12-12T20:56:31.854Z |
| cve-2025-43511 | N/A | A use-after-free issue was addressed with improve… |
Apple |
iOS and iPadOS |
2025-12-12T20:56:30.795Z | 2025-12-12T20:56:30.795Z |
| cve-2025-43497 | N/A | An access issue was addressed with additional san… |
Apple |
macOS |
2025-12-12T20:56:29.746Z | 2025-12-12T20:56:29.746Z |
| cve-2025-43473 | N/A | This issue was addressed with improved state mana… |
Apple |
macOS |
2025-12-12T20:56:28.713Z | 2025-12-12T20:56:28.713Z |
| cve-2025-46276 | N/A | An information disclosure issue was addressed wit… |
Apple |
macOS |
2025-12-12T20:56:27.674Z | 2025-12-12T20:56:27.674Z |
| cve-2025-43465 | N/A | A parsing issue in the handling of directory path… |
Apple |
macOS |
2025-12-12T20:56:26.611Z | 2025-12-12T20:56:26.611Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-14567 | haxxorsid Stock-Management-System employees missing au… |
haxxorsid |
Stock-Management-System |
2025-12-12T16:02:05.771Z | 2025-12-12T16:02:05.771Z | |
| cve-2025-14566 | kidaze CourseSelectionSystem reg.php sql injection |
kidaze |
CourseSelectionSystem |
2025-12-12T15:32:08.420Z | 2025-12-12T15:32:08.420Z | |
| cve-2025-14565 | kidaze CourseSelectionSystem login1.php sql injection |
kidaze |
CourseSelectionSystem |
2025-12-12T15:32:06.269Z | 2025-12-12T15:32:06.269Z | |
| cve-2025-13733 | 8.4 (v4.0) | BuhoNTFS 1.3.2 - Local Privilege Escalation |
Dr.Buho |
BuhoNTFS |
2025-12-12T15:58:37.088Z | 2025-12-12T15:58:37.088Z |
| cve-2025-12843 | 6.9 (v4.0) | Code Injection in Wave Term v0.12.2 allowing TCC Bypass |
waveterm |
waveterm |
2025-12-12T15:23:58.165Z | 2025-12-12T15:23:58.165Z |
| cve-2025-58770 | 7.2 (v4.0) | TCG2 TPM RT Not Locked Issue |
AMI |
AptioV |
2025-12-12T15:03:16.408Z | 2025-12-12T18:53:12.605Z |
| cve-2025-54981 | Apache StreamPark: Weak Encryption Algorithm in StreamPark |
Apache Software Foundation |
Apache StreamPark |
2025-12-12T15:10:35.562Z | 2025-12-12T19:27:16.118Z | |
| cve-2025-54947 | Apache StreamPark: Use hard-coded key vulnerability |
Apache Software Foundation |
Apache StreamPark |
2025-12-12T15:11:38.279Z | 2025-12-12T18:48:51.364Z | |
| cve-2025-36755 | 2.4 (v4.0) | CleverDisplay BlueOne unauthorized BIOS access through… |
CleverDisplay B.V. |
BlueOne (CleverDisplay Hardware Player) |
2025-12-12T14:58:22.970Z | 2025-12-13T08:16:14.495Z |
| cve-2025-36746 | 4.8 (v4.0) | SolarEdge Monitoring Platform contains a XSS upon repo… |
SolarEdge |
SolarEdge Monitoring platform (SaaS) |
2025-12-12T15:05:40.479Z | 2025-12-12T15:05:40.479Z |
| cve-2025-36745 | 8.6 (v4.0) | SolarEdge SE3680H contains Linux Kernel vulnerabilities |
SolarEdge |
SE3680H |
2025-12-12T15:05:38.582Z | 2025-12-12T19:33:31.099Z |
| cve-2025-36744 | 2.4 (v4.0) | SolarEdge SE3680H - Information Exposure during Bootlo… |
SolarEdge |
SE3680H |
2025-12-12T15:05:39.214Z | 2025-12-12T19:31:36.831Z |
| cve-2025-36743 | 8.6 (v4.0) | SolarEdge SE3680H - Exposed Debug interface |
SolarEdge |
SE3680H |
2025-12-12T15:05:39.756Z | 2025-12-12T15:05:39.756Z |
| cve-2025-13506 | 8.8 (v3.1) | Improper Authorization in Nebim Neyir's Nebim V3 ERP |
Nebim Neyir Computer Industry and Services Inc. |
Nebim V3 ERP |
2025-12-12T12:19:37.226Z | 2025-12-12T14:30:42.870Z |
| cve-2025-14442 | Secure Copy Content Protection and Content Locking <= … |
ays-pro |
Secure Copy Content Protection and Content Locking |
2025-12-12T11:15:49.472Z | 2025-12-12T15:31:40.218Z | |
| cve-2025-14159 | Secure Copy Content Protection and Content Locking <= … |
ays-pro |
Secure Copy Content Protection and Content Locking |
2025-12-12T11:15:49.854Z | 2025-12-12T14:41:32.984Z | |
| cve-2025-14065 | Simple Bike Rental <= 1.0.6 - Missing Authorization to… |
rodolforizzo76 |
Simple Bike Rental |
2025-12-12T11:15:48.880Z | 2025-12-12T15:31:53.789Z | |
| cve-2025-14030 | AI Feeds <= 1.0.22 - Authenticated (Contributor+) Stor… |
soportecibeles |
AI Feeds |
2025-12-12T11:15:51.633Z | 2025-12-12T14:31:53.631Z | |
| cve-2025-12965 | Magical Posts Display <= 1.2.54 - Authenticated (Autho… |
nalam-1 |
Magical Posts Display – Elementor Advanced Posts widgets |
2025-12-12T11:15:50.299Z | 2025-12-12T14:40:30.857Z | |
| cve-2025-12408 | Events Manager <= 7.2.2.2 - Unauthenticated Informatio… |
netweblogic |
Events Manager – Calendar, Bookings, Tickets, and more! |
2025-12-12T11:15:50.794Z | 2025-12-12T15:31:14.953Z | |
| cve-2025-12407 | Events Manager – Calendar, Bookings, Tickets, and more… |
netweblogic |
Events Manager – Calendar, Bookings, Tickets, and more! |
2025-12-12T11:15:51.250Z | 2025-12-12T14:35:10.640Z | |
| cve-2025-12841 | N/A | Bookit < 2.5.1 – Unauthenticated Settings Update |
Unknown |
Bookit |
2025-12-12T10:17:08.541Z | 2025-12-12T17:50:21.613Z |
| cve-2025-12835 | N/A | WooMulti <= 1.7 - Subscriber+ Arbitrary File Deletion |
Unknown |
WooMulti |
2025-12-12T10:24:14.123Z | 2025-12-12T17:51:06.176Z |
| cve-2025-58137 | Apache Fineract: IDOR via self-service API |
Apache Software Foundation |
Apache Fineract |
2025-12-12T09:21:00.374Z | 2025-12-12T19:35:44.785Z | |
| cve-2025-58130 | Apache Fineract: Server Key not masked |
Apache Software Foundation |
Apache Fineract |
2025-12-12T09:20:06.930Z | 2025-12-12T19:38:02.717Z | |
| cve-2025-26866 | Apache HugeGraph-Server: RAFT and deserialization vuln… |
Apache Software Foundation |
Apache HugeGraph-Server |
2025-12-12T09:23:07.681Z | 2025-12-13T04:55:17.667Z | |
| cve-2025-23408 | 8.5 (v4.0) | Apache Fineract: weak password policy |
Apache Software Foundation |
Apache Fineract |
2025-12-12T09:18:59.147Z | 2025-12-12T10:06:07.346Z |
| cve-2025-14074 | PDF for Contact Form 7 + Drag and Drop Template Builde… |
addonsorg |
PDF for Contact Form 7 + Drag and Drop Template Builder |
2025-12-12T09:20:28.419Z | 2025-12-12T20:47:56.813Z | |
| cve-2025-13993 | MailerLite – Signup forms (official) <= 1.7.16 - Authe… |
mailerlite |
MailerLite – Signup forms (official) |
2025-12-12T09:20:29.070Z | 2025-12-12T20:48:32.453Z | |
| cve-2025-12348 | Email Subscribers & Newsletters <= 5.9.10 - Missing Au… |
icegram |
Email Subscribers & Newsletters – Powerful Email Marketing, Post Notification & Newsletter Plugin for WordPress & WooCommerce |
2025-12-12T09:20:29.470Z | 2025-12-12T20:49:12.755Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192474 | Malicious code in elf-stats-candystriped-bauble-740 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192473 | Malicious code in elf-stats-candlelit-train-228 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192472 | Malicious code in elf-stats-candlelit-nutcracker-184 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192471 | Malicious code in elf-stats-aurora-sparkler-752 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192470 | Malicious code in elf-stats-aurora-sleigh-694 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192469 | Malicious code in elf-stats (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192468 | Malicious code in yzip (PyPI) | 2025-12-11T15:53:42Z | 2025-12-11T17:12:54Z |
| mal-2025-192543 | Malicious code in mw-proto-ts (npm) | 2025-12-11T12:17:38Z | 2025-12-11T12:17:38Z |
| mal-2025-192541 | Malicious code in mui-wrapper-icons (npm) | 2025-12-11T12:17:23Z | 2025-12-11T12:17:23Z |
| mal-2025-192542 | Malicious code in mui-wrapper-styles (npm) | 2025-12-11T12:15:41Z | 2025-12-11T12:15:41Z |
| mal-0000-ossf-package-analysis-ba19fbf2e13483ed | Malicious code in @cheqplease/structured-logger (npm) | 2025-12-11T07:37:23Z | 2025-12-11T07:37:23Z |
| mal-0000-ossf-package-analysis-c6ef1fa05f2ae34a | Malicious code in @cheqplease/structured-logger (npm) | 2025-12-11T05:38:58Z | 2025-12-11T05:38:58Z |
| mal-2025-192466 | Malicious code in tnaxmlparserctf (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192465 | Malicious code in tnaparserxml (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192464 | Malicious code in ofjaaah12 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192463 | Malicious code in libxmlussr (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192462 | Malicious code in libxmlpupupu (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192461 | Malicious code in libxmljsololos (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192460 | Malicious code in libxmljsololo4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192459 | Malicious code in libxmljsololo3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192458 | Malicious code in libxmljsololo (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192457 | Malicious code in libxmljs2var234 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192456 | Malicious code in libxmljs10 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192455 | Malicious code in libxmlhere (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192454 | Malicious code in libxmlfinal5 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192453 | Malicious code in libxmlfinal4 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192452 | Malicious code in libxmlfinal3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192451 | Malicious code in libxmlfinal (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192450 | Malicious code in fadafas3 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| mal-2025-192449 | Malicious code in elf-stats-sugarplum-mitten-141 (npm) | 2025-12-11T01:47:51Z | 2025-12-11T01:47:51Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2339 | ImageMagick (BMP decoder): Schwachstelle ermöglicht Denial of Service | 2025-10-19T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2334 | Squid: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen und Offenlegung von Informationen | 2025-10-16T22:00:00.000+00:00 | 2025-11-02T23:00:00.000+00:00 |
| wid-sec-w-2025-2322 | Samba: Mehrere Schwachstellen | 2025-10-15T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2317 | Ubiquiti UniFi: Schwachstelle ermöglicht Ausführung von Debug-Funktionen | 2025-10-15T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2311 | Red Hat Enterprise Linux (libsoup3): Schwachstelle ermöglicht Offenlegung von Informationen | 2025-10-15T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2307 | Microsoft Windows: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2025-11-05T23:00:00.000+00:00 |
| wid-sec-w-2025-2301 | Red Hat Enterprise Linux: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2300 | Google Chrome/Microsoft Edge: Schwachstelle ermöglicht Codeausführung | 2025-10-14T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2298 | Linux Kernel: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2275 | Mozilla Firefox: Mehrere Schwachstellen | 2025-10-14T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2274 | Veeam Backup & Replication: Mehrere Schwachstellen | 2025-10-13T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2272 | Moodle: Mehrere Schwachstellen | 2025-10-13T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-2269 | WebKitGTK: Schwachstelle ermöglicht Denial of Service und potenziell Codeausführung | 2025-10-13T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2268 | Linux Kernel: Mehrere Schwachstellen | 2025-10-13T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2251 | Red Hat OpenShift GitOps: Mehrere Schwachstellen | 2025-10-09T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2247 | Nvidia GPU Display Treiber: Mehrere Schwachstellen | 2025-10-08T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2246 | Linux Kernel: Mehrere Schwachstellen | 2025-10-08T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2231 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2230 | Python (CPython Zipfile Module): Schwachstelle ermöglicht Manipulation von Dateien | 2025-10-07T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2229 | Linux Kernel: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2228 | ESRI ArcGIS: Schwachstelle ermöglicht SQL injection | 2025-10-07T22:00:00.000+00:00 | 2025-10-22T22:00:00.000+00:00 |
| wid-sec-w-2025-2227 | Golang Go: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2224 | Keycloak: Mehrere Schwachstellen | 2025-10-07T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-2212 | OpenSSH: Mehrere Schwachstellen ermöglichen Codeausführung | 2025-10-06T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2209 | HAProxy und HAProxy ALOHA: Schwachstelle ermöglicht Denial of Service | 2025-10-05T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2205 | QT: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2202 | fetchmail: Schwachstelle ermöglicht Denial of Service | 2025-10-05T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2025-2198 | MediaWiki: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-10-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2196 | Redis: Mehrere Schwachstellen | 2025-10-05T22:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2195 | Oracle E-Business Suite: Schwachstelle ermöglicht Codeausführung | 2025-10-05T22:00:00.000+00:00 | 2025-10-21T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-392859 | SSA-392859: Local Arbitrary Code Execution Vulnerability in Siemens Engineering Platforms before V20 | 2024-12-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-384652 | SSA-384652: Cross-Site Request Forgery (CSRF) Vulnerability in RUGGEDCOM ROX II | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-128393 | SSA-128393: Firmware Decryption Vulnerability in SICAM A8000 CP-8031 and CP-8050 | 2024-12-10T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-871035 | SSA-871035: Session-Memory Deserialization Vulnerability in Siemens Engineering Platforms Before V19 | 2024-11-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-583523 | SSA-583523: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation | 2024-10-08T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-773256 | SSA-773256: Impact of Socket.IO CVE-2024-38355 on Siemens Industrial Products | 2024-09-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-673996 | SSA-673996: Buffer Overflow Vulnerability in Third-Party Component in SICAM and SITIPE Products | 2024-09-10T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-629254 | SSA-629254: Remote Code Execution Vulnerability in SIMATIC SCADA and PCS 7 systems | 2024-09-10T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-103653 | SSA-103653: Denial-of-Service Vulnerability in Automation License Manager | 2024-09-10T00:00:00Z | 2025-05-13T00:00:00Z |
| ssa-750499 | SSA-750499: Weak Encryption Vulnerability in SIPROTEC 5 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-723487 | SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products | 2024-07-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-698820 | SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices | 2024-07-09T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-690517 | SSA-690517: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11ax Family | 2024-06-11T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-196737 | SSA-196737: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V1.2 | 2024-06-11T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-962515 | SSA-962515: Out of Bounds Read Vulnerability in Industrial Products | 2024-05-14T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-822518 | SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices | 2024-04-09T00:00:00Z | 2024-12-10T00:00:00Z |
| ssa-730482 | SSA-730482: Denial of Service Vulnerability in SIMATIC WinCC | 2024-04-09T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-455250 | SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3 | 2024-04-09T00:00:00Z | 2025-05-13T00:00:00Z |
| ssa-832273 | SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices | 2024-03-12T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-999588 | SSA-999588: Multiple Vulnerabilities in User Management Component (UMC) Before V2.11.2 | 2023-12-12T00:00:00Z | 2025-01-14T00:00:00Z |
| ssa-892915 | SSA-892915: Multiple Denial of Service Vulnerabilities in the Webserver of Industrial Products | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-887801 | SSA-887801: Information Disclosure Vulnerability in SIMATIC STEP 7 (TIA Portal) | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-118850 | SSA-118850: Denial of Service Vulnerability in the OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-077170 | SSA-077170: Multiple Vulnerabilities in SINEC INS before V1.0 SP2 Update 2 | 2023-12-12T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-887122 | SSA-887122: X_T File Parsing Vulnerabilities in Simcenter Femap | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-478780 | SSA-478780: Multiple WRL File Parsing Vulnerabilities in Tecnomatix Plant Simulation | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-456933 | SSA-456933: Multiple Vulnerabilities in SIMATIC PCS neo before V4.1 | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-268517 | SSA-268517: Code Execution Vulnerability (libwebp CVE-2023-4863) in Mendix Studio Pro | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-197270 | SSA-197270: Information Disclosure Vulnerability in Siemens OPC UA Modeling Editor (SiOME) | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ssa-150063 | SSA-150063: Multiple Vulnerabilities in SINEC PNI before V2.0 | 2023-11-14T00:00:00Z | 2023-11-14T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:21821 | Red Hat Security Advisory: idm:DL1 security update | 2025-11-20T08:05:06+00:00 | 2025-11-27T03:24:25+00:00 |
| rhsa-2025:21329 | Red Hat Security Advisory: OpenShift Container Platform 4.14.59 bug fix and security update | 2025-11-20T07:58:36+00:00 | 2025-11-27T17:37:54+00:00 |
| rhsa-2025:21328 | Red Hat Security Advisory: OpenShift Container Platform 4.14.59 packages and security update | 2025-11-20T07:57:21+00:00 | 2025-11-27T17:38:16+00:00 |
| rhsa-2025:21331 | Red Hat Security Advisory: OpenShift Container Platform 4.14.59 bug fix and security update | 2025-11-20T07:18:12+00:00 | 2025-11-25T21:54:53+00:00 |
| rhsa-2025:21816 | Red Hat Security Advisory: delve and golang security update | 2025-11-20T06:24:08+00:00 | 2025-11-27T23:59:20+00:00 |
| rhsa-2025:21806 | Red Hat Security Advisory: python-kdcproxy security update | 2025-11-20T05:58:44+00:00 | 2025-11-27T03:24:23+00:00 |
| rhsa-2025:21778 | Red Hat Security Advisory: golang security update | 2025-11-20T00:35:26+00:00 | 2025-11-27T23:59:18+00:00 |
| rhsa-2025:21779 | Red Hat Security Advisory: golang security update | 2025-11-20T00:22:25+00:00 | 2025-11-27T23:59:18+00:00 |
| rhsa-2025:21776 | Red Hat Security Advisory: expat security update | 2025-11-19T22:11:45+00:00 | 2025-11-26T15:30:36+00:00 |
| rhsa-2025:21775 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update | 2025-11-19T20:53:45+00:00 | 2025-11-25T17:53:06+00:00 |
| rhsa-2025:21773 | Red Hat Security Advisory: expat security update | 2025-11-19T20:10:25+00:00 | 2025-11-26T15:30:34+00:00 |
| rhsa-2025:21772 | Red Hat Security Advisory: libsoup security update | 2025-11-19T17:38:04+00:00 | 2025-11-25T10:22:47+00:00 |
| rhsa-2025:21768 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update | 2025-11-19T15:51:59+00:00 | 2025-11-25T17:53:05+00:00 |
| rhsa-2025:21760 | Red Hat Security Advisory: kernel security update | 2025-11-19T12:47:43+00:00 | 2025-11-25T21:29:38+00:00 |
| rhsa-2025:21748 | Red Hat Security Advisory: python-kdcproxy security update | 2025-11-19T08:16:29+00:00 | 2025-11-27T03:24:19+00:00 |
| rhsa-2025:21740 | Red Hat Security Advisory: bind security update | 2025-11-19T06:27:53+00:00 | 2025-11-27T03:24:35+00:00 |
| rhsa-2025:21741 | Red Hat Security Advisory: bind security update | 2025-11-19T06:20:03+00:00 | 2025-11-27T03:24:33+00:00 |
| rhsa-2025:21736 | Red Hat Security Advisory: bind security update | 2025-11-19T05:30:03+00:00 | 2025-11-27T03:24:35+00:00 |
| rhsa-2025:21735 | Red Hat Security Advisory: bind security update | 2025-11-19T04:04:48+00:00 | 2025-11-27T03:24:28+00:00 |
| rhsa-2025:21706 | Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update | 2025-11-18T17:47:02+00:00 | 2025-11-25T17:53:04+00:00 |
| rhsa-2025:21702 | Red Hat Security Advisory: podman security update | 2025-11-18T15:34:16+00:00 | 2025-11-27T17:37:55+00:00 |
| rhsa-2025:21704 | Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.20 security, enhancement & bug fix update | 2025-11-18T15:13:35+00:00 | 2025-11-29T06:53:24+00:00 |
| rhsa-2025:21696 | Red Hat Security Advisory: pcs security update | 2025-11-18T14:42:26+00:00 | 2025-11-21T19:31:51+00:00 |
| rhsa-2025:21694 | Red Hat Security Advisory: haproxy security update | 2025-11-18T14:01:06+00:00 | 2025-11-21T19:31:50+00:00 |
| rhsa-2025:21693 | Red Hat Security Advisory: haproxy security update | 2025-11-18T13:56:41+00:00 | 2025-11-21T19:31:50+00:00 |
| rhsa-2025:21692 | Red Hat Security Advisory: haproxy security update | 2025-11-18T13:44:31+00:00 | 2025-11-21T19:31:49+00:00 |
| rhsa-2025:21691 | Red Hat Security Advisory: haproxy security update | 2025-11-18T13:44:12+00:00 | 2025-11-21T19:31:49+00:00 |
| rhsa-2025:21666 | Red Hat Security Advisory: libsoup security update | 2025-11-18T09:11:35+00:00 | 2025-11-25T10:22:54+00:00 |
| rhsa-2025:21665 | Red Hat Security Advisory: libsoup security update | 2025-11-18T09:07:43+00:00 | 2025-11-25T10:22:45+00:00 |
| rhsa-2025:21667 | Red Hat Security Advisory: kernel security update | 2025-11-18T09:02:45+00:00 | 2025-11-25T21:27:09+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-40319 | bpf: Sync pending IRQ work before freeing ring buffer | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:03.000Z |
| msrc_cve-2025-40317 | regmap: slimbus: fix bus_context pointer in regmap init calls | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:25.000Z |
| msrc_cve-2025-40315 | usb: gadget: f_fs: Fix epfile null pointer access after ep enable. | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:15.000Z |
| msrc_cve-2025-40314 | usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:20.000Z |
| msrc_cve-2025-40313 | ntfs3: pretend $Extend records as regular files | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:47.000Z |
| msrc_cve-2025-40312 | jfs: Verify inode mode when loading from disk | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:09.000Z |
| msrc_cve-2025-40311 | accel/habanalabs: support mapping cb with vmalloc-backed coherent memory | 2025-12-02T00:00:00.000Z | 2025-12-09T01:03:08.000Z |
| msrc_cve-2025-40310 | amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:57.000Z |
| msrc_cve-2025-40309 | Bluetooth: SCO: Fix UAF on sco_conn_free | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:37.000Z |
| msrc_cve-2025-40308 | Bluetooth: bcsp: receive data only if registered | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:31.000Z |
| msrc_cve-2025-40307 | exfat: validate cluster allocation bits of the allocation bitmap | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:26.000Z |
| msrc_cve-2025-40306 | orangefs: fix xattr related buffer overflow... | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:58.000Z |
| msrc_cve-2025-40305 | 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:42.000Z |
| msrc_cve-2025-40304 | fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:41.000Z |
| msrc_cve-2025-40303 | btrfs: ensure no dirty metadata is written back for an fs with errors | 2025-12-02T00:00:00.000Z | 2025-12-09T01:03:24.000Z |
| msrc_cve-2025-40301 | Bluetooth: hci_event: validate skb length for unknown CC opcode | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:36.000Z |
| msrc_cve-2025-40297 | net: bridge: fix use-after-free due to MST port state bypass | 2025-12-02T00:00:00.000Z | 2025-12-09T01:03:18.000Z |
| msrc_cve-2025-40294 | Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern() | 2025-12-02T00:00:00.000Z | 2025-12-09T01:02:52.000Z |
| msrc_cve-2025-40293 | iommufd: Don't overflow during division for dirty tracking | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:47.000Z |
| msrc_cve-2025-40292 | virtio-net: fix received length check in big packets | 2025-12-02T00:00:00.000Z | 2025-12-09T01:01:52.000Z |
| msrc_cve-2025-40289 | drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM | 2025-12-02T00:00:00.000Z | 2025-12-08T14:38:27.000Z |
| msrc_cve-2025-40288 | drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:31.000Z |
| msrc_cve-2025-40287 | exfat: fix improper check of dentry.stream.valid_size | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:07.000Z |
| msrc_cve-2025-40286 | smb/server: fix possible memory leak in smb2_read() | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:46.000Z |
| msrc_cve-2025-40285 | smb/server: fix possible refcount leak in smb2_sess_setup() | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:41.000Z |
| msrc_cve-2025-40284 | Bluetooth: MGMT: cancel mesh send timer when hdev removed | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:36.000Z |
| msrc_cve-2025-40283 | Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF | 2025-12-02T00:00:00.000Z | 2025-12-09T01:40:51.000Z |
| msrc_cve-2025-40282 | Bluetooth: 6lowpan: reset link-local header on ipv6 recv path | 2025-12-02T00:00:00.000Z | 2025-12-09T01:41:00.000Z |
| msrc_cve-2025-40281 | sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto | 2025-12-02T00:00:00.000Z | 2025-12-09T01:41:20.000Z |
| msrc_cve-2025-40280 | tipc: Fix use-after-free in tipc_mon_reinit_self(). | 2025-12-02T00:00:00.000Z | 2025-12-09T01:41:15.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-289-06 | Siemens SiPass | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-289-05 | Siemens Solid Edge | 2025-10-14T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-280-01 | Delta Electronics DIAScreen | 2025-10-07T06:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-289-11 | Hitachi Energy MACH GWS | 2025-09-30T12:50:29.000000Z | 2025-09-30T12:50:29.000000Z |
| icsa-25-282-01 | Hitachi Energy Asset Suite (Update A) | 2025-09-30T08:50:13.000000Z | 2025-10-28T09:50:00.000000Z |
| icsa-25-273-04 | Festo Controller CECC-S,-LK,-D Family Firmware (Update A) | 2025-09-30T06:00:00.000000Z | 2025-11-13T07:00:00.000000Z |
| icsa-25-259-01 | Schneider Electric Altivar products ATVdPAC module ILC992 InterLink Converter (Update A) | 2025-09-09T04:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-254-07 | Siemens User Management Component (UMC) | 2025-09-09T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-224-03 | Schneider Electric EcoStruxure Power Monitoring Expert | 2025-08-12T04:00:00.000000Z | 2025-11-11T08:00:00.000000Z |
| icsa-25-226-22 | Siemens Web Installer (SSA-282044) | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-18 | Siemens SIMOTION SCOUT, SIMOTION SCOUT TIA, and SINAMICS STARTER | 2025-08-12T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-226-11 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-226-09 | Siemens RUGGEDCOM APE1808 | 2025-08-12T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-226-03 | Siemens SIMATIC S7-PLCSIM | 2025-08-12T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-219-02 | Johnson Controls FX Server, FX80 and FX90 (Update A) | 2025-08-07T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-205-01 | Mitsubishi Electric CNC Series (Update A) | 2025-07-24T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-294-04 | Siemens RUGGEDCOM ROS Devices | 2025-07-08T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-162-02 | Siemens RUGGEDCOM APE1808 | 2025-06-10T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-148-03 | Consilium Safety CS5000 Fire Panel (Update A) | 2025-05-29T06:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-148-01 | Siemens SiPass | 2025-05-23T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-140-08 | Schneider Electric Modicon Controllers (Update B) | 2025-05-13T04:00:00.000000Z | 2025-10-14T07:00:00.000000Z |
| icsa-25-135-17 | Siemens RUGGEDCOM ROX II | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-15 | Siemens Mendix OIDC SSO | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-135-09 | Siemens User Management Component (UMC) | 2025-05-13T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-25-135-05 | Siemens SIPROTEC and SICAM | 2025-05-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-072-11 | Siemens SIMATIC IPC Family, ITP1000, and Field PGs | 2025-03-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-044-06 | Siemens RUGGEDCOM APE1808 Devices | 2025-02-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-044-04 | Siemens SIPROTEC 5 | 2025-02-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-037-02 | Schneider Electric EcoStruxure (Update C) | 2025-02-06T07:00:00.000000Z | 2025-10-23T06:00:00.000000Z |
| icsa-25-035-07 | Schneider Electric Pro-face GP-Pro EX and Remote HMI (Update A) | 2025-01-14T00:00:00.000000Z | 2025-09-09T04:00:00.000000Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-008783 | Firebox T15 contains an issue with hidden functionality | 2025-07-14T17:22+09:00 | 2025-07-14T17:22+09:00 |
| jvndb-2025-008145 | Epson Web Installer for Mac vulnerable to missing authentication for critical function | 2025-07-08T14:08+09:00 | 2025-07-08T14:08+09:00 |
| jvndb-2025-008106 | Heap-based buffer overflow vulnerability in V-SFT and TELLUS | 2025-07-07T16:26+09:00 | 2025-07-07T16:26+09:00 |
| jvndb-2025-008105 | Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521) | 2025-07-07T16:04+09:00 | 2025-07-07T16:04+09:00 |
| jvndb-2025-000047 | Multiple vulnerabilities in Nimesa Backup and Recovery | 2025-07-07T15:26+09:00 | 2025-07-07T15:26+09:00 |
| jvndb-2025-007978 | Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837) | 2025-07-04T13:28+09:00 | 2025-07-04T13:28+09:00 |
| jvndb-2025-000045 | Multiple vulnerabilities in Active! mail | 2025-07-02T14:13+09:00 | 2025-07-02T14:13+09:00 |
| jvndb-2025-007754 | Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS) | 2025-07-02T11:31+09:00 | 2025-07-02T11:31+09:00 |
| jvndb-2025-007607 | Pass-Back Attack vulnerability in Konica Minorta bizhub series | 2025-07-01T14:09+09:00 | 2025-07-01T14:09+09:00 |
| jvndb-2025-007595 | Multiple vulnerabilities in Web Connection of Konica Minolta MFPs | 2025-07-01T14:02+09:00 | 2025-07-01T14:02+09:00 |
| jvndb-2025-000046 | SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting | 2025-06-30T15:45+09:00 | 2025-06-30T15:45+09:00 |
| jvndb-2025-007552 | Multiple vulnerabilities in TB-eye network recorders and AHD recorders | 2025-06-30T14:45+09:00 | 2025-06-30T14:45+09:00 |
| jvndb-2025-007521 | Multiple Brother driver installers for Windows vulnerable to privilege escalation | 2025-06-27T09:37+09:00 | 2025-08-19T11:29+09:00 |
| jvndb-2025-007519 | Multiple vulnerabilities in multiple BROTHER products | 2025-06-26T18:15+09:00 | 2025-09-22T10:16+09:00 |
| jvndb-2025-000043 | Multiple vulnerabilities in iroha Board | 2025-06-26T15:13+09:00 | 2025-06-26T15:13+09:00 |
| jvndb-2025-000044 | Denial-of-service (DoS) vulnerabilities in multiple Apache products | 2025-06-26T14:41+09:00 | 2025-10-01T14:18+09:00 |
| jvndb-2025-000042 | Inefficient regular expressions in GROWI | 2025-06-24T15:25+09:00 | 2025-06-24T15:25+09:00 |
| jvndb-2025-000041 | Multiple vulnerabilities in ELECOM wireless LAN routers | 2025-06-24T14:50+09:00 | 2025-06-24T14:50+09:00 |
| jvndb-2025-007390 | Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385) | 2025-06-24T11:18+09:00 | 2025-06-24T11:18+09:00 |
| jvndb-2025-000040 | KCM3100 vulnerable to authentication bypass using an alternate path or channel | 2025-06-18T13:42+09:00 | 2025-06-18T13:42+09:00 |
| jvndb-2025-000039 | Multiple vulnerabilities in RICOH Streamline NX PC Client | 2025-06-13T16:09+09:00 | 2025-06-13T16:09+09:00 |
| jvndb-2025-000038 | UpdateNavi vulnerable to improper restriction of communication channel to intended endpoints | 2025-06-12T15:56+09:00 | 2025-06-12T15:56+09:00 |
| jvndb-2025-000037 | Multiple surveillance cameras provided by i-PRO Co., Ltd. vulnerable to cross-site request forgery | 2025-06-06T13:56+09:00 | 2025-06-06T13:56+09:00 |
| jvndb-2025-000036 | TimeWorks vulnerable to path traversal | 2025-06-03T15:35+09:00 | 2025-06-03T15:35+09:00 |
| jvndb-2025-000035 | Improper file access permission settings in PC Time Tracer | 2025-06-03T14:40+09:00 | 2025-06-03T14:40+09:00 |
| jvndb-2025-000034 | Multiple vulnerabilities in wivia 5 | 2025-05-30T15:57+09:00 | 2025-05-30T15:57+09:00 |
| jvndb-2025-000032 | Mailform Pro CGI generating error messages containing sensitive information | 2025-05-26T14:22+09:00 | 2025-05-26T14:22+09:00 |
| jvndb-2025-000033 | Improper pattern file validation in i-FILTER optional feature 'Anti-Virus & Sandbox' | 2025-05-23T15:36+09:00 | 2025-05-23T15:36+09:00 |
| jvndb-2025-005467 | Passback vulnerabilities in Canon Production Printers, Office/Small Office Multifunction Printers, and Laser Printers | 2025-05-22T15:03+09:00 | 2025-05-22T15:03+09:00 |
| jvndb-2025-005107 | Multiple vulnerabilities in V-SFT | 2025-05-16T14:32+09:00 | 2025-05-16T14:32+09:00 |
| ID | Description | Updated |
|---|