Recent vulnerabilities

ID	Description	Published	Updated
ghsa-mmm6-w9m9-679x	Epic Games Psyonix Rocket League <=1.95 contains an insecure permissions vulnerability that allows …	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-h2cc-vm9p-m74c	Selea CarPlateServer 4.0.1.6 contains a remote program execution vulnerability that allows attacker…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-f57r-vv46-fp7w	NuCom 11N Wireless Router 5.07.90 contains a privilege escalation vulnerability that allows non-pri…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-chph-r4jm-2932	ZBL EPON ONU Broadband Router V100R001 contains a privilege escalation vulnerability that allows li…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-9vxp-vq3x-qvgh	A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/con…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-6596-h2j7-v8m3	meterN 1.2.3 contains an authenticated remote code execution vulnerability in admin_meter2.php and …	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-5gjv-h9vc-2w8g	A security vulnerability has been detected in Kohana KodiCMS up to 13.82.135. This impacts the func…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-2m8q-jcjp-298w	Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the fi…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-229c-7j29-hv97	Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service…	2025-12-31T21:30:57Z	2025-12-31T21:30:57Z
ghsa-q45h-4pv4-p744	A vulnerability was identified in UTT 进取 512W up to 1.7.7-171114. Impacted is the function strcpy o…	2025-12-26T03:30:14Z	2025-12-31T21:30:29Z
ghsa-ff49-f5c2-ggcq	A vulnerability was determined in UTT 进取 512W up to 1.7.7-171114. This issue affects the function s…	2025-12-26T00:30:12Z	2025-12-31T21:30:29Z
ghsa-4v76-jcg6-9p6m	A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This vulnerability affects the functio…	2025-12-26T00:30:12Z	2025-12-31T21:30:29Z
ghsa-29wh-g4c8-c35q	A vulnerability has been found in UTT 进取 512W up to 1.7.7-171114. This affects the function strcpy …	2025-12-26T00:30:12Z	2025-12-31T21:30:29Z
ghsa-pfgh-3rp7-865r	Advantech WebAccess/SCADA is vulnerable to SQL injection, which may allow an attacker to execute a…	2025-12-18T21:31:44Z	2025-12-31T21:30:24Z
ghsa-4gh3-mcch-g7mg	Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to dete…	2025-12-18T21:31:44Z	2025-12-31T21:30:24Z
ghsa-26jc-h8ww-vpqm	Advantech WebAccess/SCADA is vulnerable to directory traversal, which may allow an attacker to dele…	2025-12-18T21:31:44Z	2025-12-31T21:30:24Z
ghsa-53rj-48p2-7m5j	An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version V…	2025-06-26T18:31:28Z	2025-12-31T21:30:23Z
ghsa-52hq-8xj9-8pmr	Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker t…	2025-12-18T21:31:44Z	2025-12-31T21:30:23Z
ghsa-xq9w-j69v-6chc	Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File M…	2022-03-16T00:00:47Z	2025-12-31T21:30:22Z
ghsa-vmj3-x582-v9f4	A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.ph…	2022-05-24T19:14:36Z	2025-12-31T21:30:22Z
ghsa-2p5c-r4xc-mhvw	A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and i…	2022-05-24T19:14:36Z	2025-12-31T21:30:22Z
ghsa-vjhr-4rwp-pw28	Missing Authorization vulnerability in Northern Beaches Websites WP Custom Admin Interface allows E…	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-q6fx-287q-g86w	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-q5xx-qfp5-vp5c	Missing Authorization vulnerability in merkulove Select Graphist for Elementor Graphist for Element…	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-mrvp-jf7m-h2rh	Missing Authorization vulnerability in Alexander AnyComment allows Exploiting Incorrectly Configure…	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-j84q-2ghq-42m2	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-gm6f-w7px-9f8g	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-fr5v-w34x-p3cr	Missing Authorization vulnerability in merkulove Walker for Elementor allows Exploiting Incorrectly…	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-f6q2-fm8v-vhr3	Missing Authorization vulnerability in ThemeBoy Hide Plugins allows Exploiting Incorrectly Configur…	2025-12-31T18:30:25Z	2025-12-31T18:30:25Z
ghsa-c4w5-gp2j-jw4f	Cross-Site Request Forgery (CSRF) vulnerability in emendo_seb Co-marquage service-public.Fr allows …	2025-12-31T18:30:24Z	2025-12-31T18:30:25Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2021-47742	8.5 (v4.0) 8.8 (v3.1)	Epic Games Psyonix Rocket League <=1.95 Elevation of P…	Epic Games Inc.	Epic Games Psyonix Rocket League	2025-12-31T18:39:10.630Z	2025-12-31T18:39:10.630Z
cve-2021-47741	8.7 (v4.0) 7.5 (v3.1)	ZBL EPON ONU Broadband Router V100R001 Privilege Escal…	Zblchina	ZBL EPON ONU Broadband Router	2025-12-31T18:39:10.193Z	2025-12-31T18:39:10.193Z
cve-2021-47726	8.7 (v4.0) 7.5 (v3.1)	NuCom 11N Wireless Router 5.07.90 Privilege Escalation…	Nucom	NuCom 11N Wireless Router	2025-12-31T18:39:09.345Z	2025-12-31T18:39:09.345Z
cve-2020-36904	9.3 (v4.0) 7.5 (v3.1)	Selea CarPlateServer 4.0.1.6 Remote Program Execution …	Selea	Selea CarPlateServer (CPS)	2025-12-31T18:39:08.542Z	2025-12-31T18:39:08.542Z
cve-2020-36903	8.5 (v4.0) 8.4 (v3.1)	Selea CarPlateServer 4.0.1.6 Local Privilege Escalatio…	Selea	Selea CarPlateServer (CPS)	2025-12-31T18:39:08.084Z	2025-12-31T18:39:08.084Z
cve-2025-34468	8.2 (v4.0)	libcoap Stack-Based Buffer Overflow in Address Resolut…	libcoap	libcoap	2025-12-31T18:39:07.530Z	2025-12-31T18:39:07.530Z
cve-2025-66149	5.4 (v3.1)	WordPress UnGrabber plugin <= 3.1.3 - Broken Access Co…	merkulove	UnGrabber	2025-12-31T18:38:14.772Z	2025-12-31T18:38:14.772Z
cve-2025-66150	5.4 (v3.1)	WordPress Appender plugin <= 1.1.1 - Broken Access Con…	merkulove	Appender	2025-12-31T18:35:57.735Z	2025-12-31T18:35:57.735Z
cve-2025-66151	5.4 (v3.1)	WordPress Countdowner for Elementor plugin <= 1.0.4 - …	merkulove	Countdowner for Elementor	2025-12-31T18:32:49.483Z	2025-12-31T18:32:49.483Z
cve-2025-66152	5.4 (v3.1)	WordPress Criptopayer for Elementor plugin <= 1.0.1 - …	merkulove	Criptopayer for Elementor	2025-12-31T18:32:07.924Z	2025-12-31T18:32:07.924Z
cve-2025-15393		Kohana KodiCMS Layout API Endpoint file.php save code …	Kohana	KodiCMS	2025-12-31T18:32:05.051Z	2025-12-31T18:32:05.051Z
cve-2025-66153	5.4 (v3.1)	WordPress Headinger for Elementor plugin <= 1.1.4 - Br…	merkulove	Headinger for Elementor	2025-12-31T18:31:21.816Z	2025-12-31T18:31:21.816Z
cve-2025-15392		Kohana KodiCMS Search API Endpoint page.php like sql i…	Kohana	KodiCMS	2025-12-31T18:02:06.016Z	2025-12-31T18:02:06.016Z
cve-2025-62753	7.5 (v3.1)	WordPress MAS Videos plugin <= 1.3.2 - Local File Incl…	MadrasThemes	MAS Videos	2025-12-30T22:37:03.420Z	2025-12-31T17:51:10.306Z
cve-2025-59131	7.1 (v3.1)	WordPress WP-CalDav2ICS plugin <= 1.3.4 - Cross Site R…	Hoernerfranz	WP-CalDav2ICS	2025-12-30T22:55:32.248Z	2025-12-31T17:51:04.587Z
cve-2025-59137	7.1 (v3.1)	WordPress Behance Portfolio Manager plugin <= 1.7.5 - …	eLEOPARD	Behance Portfolio Manager	2025-12-31T04:33:22.492Z	2025-12-31T17:50:58.481Z
cve-2025-49346	7.1 (v3.1)	WordPress Simple Archive Generator plugin <= 5.2 - Cro…	Peter Sterling	Simple Archive Generator	2025-12-31T04:37:01.172Z	2025-12-31T17:50:53.258Z
cve-2025-49345	7.1 (v3.1)	WordPress WP-EasyArchives plugin <= 3.1.2 - Cross Site…	mg12	WP-EasyArchives	2025-12-31T05:23:28.075Z	2025-12-31T17:50:47.950Z
cve-2025-49344	7.1 (v3.1)	WordPress SensitiveTagCloud plugin <= 1.4.1 - Cross Si…	Rene Ade	SensitiveTagCloud	2025-12-31T05:25:58.689Z	2025-12-31T17:50:42.300Z
cve-2025-49343	7.1 (v3.1)	WordPress Social Profilr plugin <= 1.0 - Cross Site Re…	Socialprofilr	Social Profilr	2025-12-31T05:28:06.720Z	2025-12-31T17:50:36.826Z
cve-2025-49354	7.1 (v3.1)	WordPress Recent Posts From Each Category plugin <= 1.…	Mindstien Technologies	Recent Posts From Each Category	2025-12-31T05:30:25.381Z	2025-12-31T17:50:31.560Z
cve-2025-68885	7.1 (v3.1)	WordPress Custom Post Status plugin <= 1.1.0 - Cross S…	Page Carbajal	Custom Post Status	2025-12-31T05:34:27.042Z	2025-12-31T17:50:25.904Z
cve-2025-49353	7.1 (v3.1)	WordPress Noindex by Path plugin <= 1.0 - Cross Site R…	Marcin Kijak	Noindex by Path	2025-12-31T05:36:42.895Z	2025-12-31T17:50:20.668Z
cve-2025-62992	6.5 (v3.1)	WordPress Everest Backup plugin <= 2.3.9 - Cross Site …	Everest themes	Everest Backup	2025-12-31T08:59:00.974Z	2025-12-31T17:50:15.268Z
cve-2025-62140	5.9 (v3.1)	WordPress Locatoraid Store Locator plugin <= 3.9.65 - …	Plainware	Locatoraid Store Locator	2025-12-31T13:24:45.813Z	2025-12-31T17:50:09.711Z
cve-2025-62750	5.9 (v3.1)	WordPress WooCommerce Parcelas plugin <= 1.3.5 - Cross…	Filipe Seabra	WooCommerce Parcelas	2025-12-31T13:32:33.519Z	2025-12-31T17:50:02.994Z
cve-2025-62124	5.9 (v3.1)	WordPress WP Post Signature plugin <= 0.4.1 - Cross Si…	Soli	WP Post Signature	2025-12-31T13:37:53.733Z	2025-12-31T17:49:56.423Z
cve-2025-62121	5.9 (v3.1)	WordPress Logo Slider , Logo Carousel , Logo showcase …	Imran Emu	Logo Slider , Logo Carousel , Logo showcase , Client Logo	2025-12-31T13:39:51.761Z	2025-12-31T17:49:50.694Z
cve-2025-62119	5.9 (v3.1)	WordPress Add Featured Image Custom Link plugin <= 2.0…	ViitorCloud Technologies Pvt Ltd	Add Featured Image Custom Link	2025-12-31T13:43:18.136Z	2025-12-31T17:49:45.180Z
cve-2025-49352	4.3 (v3.1)	WordPress Order Cancellation & Returns for WooCommerce…	YoOhw Studio	Order Cancellation & Returns for WooCommerce	2025-12-31T16:25:44.989Z	2025-12-31T17:49:39.795Z

ID	CVSS	Description	Vendor	Product	Published	Updated
cve-2015-10145	8.7 (v4.0)	Gargoyle 1.5.x Authenticated OS Command Execution via …	Gargoyle	Gargoyle Router Management Utility	2025-12-31T20:48:11.986Z	2025-12-31T20:48:11.986Z
cve-2025-68932		FreshRSS has weak cryptographic randomness in remember…	FreshRSS	FreshRSS	2025-12-26T23:43:34.693Z	2025-12-29T16:51:53.481Z
cve-2025-15176		Open5GS PFCP Session Establishment Request rule-match.…	n/a	Open5GS	2025-12-29T06:32:06.957Z	2025-12-29T14:38:33.043Z
cve-2025-15225	8.7 (v4.0) 7.5 (v3.1)	Sunnet｜WMPro - Arbitrary File Read	Sunnet	WMPro	2025-12-29T06:31:49.460Z	2025-12-29T16:45:35.087Z
cve-2025-15226	9.3 (v4.0) 9.8 (v3.1)	Sunnet｜WMPro - Arbitrary File Upload	Sunnet	WMPro	2025-12-29T06:39:27.426Z	2025-12-29T14:34:29.835Z
cve-2025-69235	N/A	Whale browser before 4.35.351.12 allows an attack…	NAVER	NAVER Whale browser	2025-12-30T01:22:57.770Z	2025-12-31T17:15:35.598Z
cve-2025-69234	N/A	Whale browser before 4.35.351.12 allows an attack…	NAVER	NAVER Whale browser	2025-12-30T01:18:05.718Z	2025-12-31T17:17:34.260Z
cve-2025-69217		Coturn has unsafe nonce and relay port randomization d…	coturn	coturn	2025-12-30T00:41:18.792Z	2025-12-30T15:57:25.040Z
cve-2025-69211		Nest has a Fastify URL Encoding Middleware Bypass (TOCTOU)	nestjs	nest	2025-12-29T16:01:22.801Z	2025-12-29T16:50:02.429Z
cve-2025-69206		Hemmelig has SSRF Filter bypass in Secret Request func…	HemmeligOrg	Hemmelig.app	2025-12-29T15:55:12.761Z	2025-12-29T16:50:43.152Z
cve-2025-69205		In µURU, a Specially Crafted Federation Name Allows Di…	olell	uURU	2025-12-29T20:52:17.516Z	2025-12-30T15:46:56.380Z
cve-2025-69202		axios-cache-interceptor Vulnerable to Cache Poisoning …	arthurfiorette	axios-cache-interceptor	2025-12-29T19:13:27.880Z	2025-12-30T22:25:39.052Z
cve-2025-69201		Tugtainer has RCE in Agent Command Execution Api	Quenary	tugtainer	2025-12-29T15:51:41.461Z	2025-12-29T16:50:49.919Z
cve-2025-69200		phpMyFAQ has unauthenticated config backup download vi…	thorsten	phpMyFAQ	2025-12-29T15:24:51.844Z	2025-12-29T16:14:32.476Z
cve-2025-68951		phpMyFAQ has stored XSS in admin "List of users" via d…	thorsten	phpMyFAQ	2025-12-29T15:18:58.000Z	2025-12-29T16:13:54.598Z
cve-2025-68897	9.9 (v3.1)	WordPress IF AS Shortcode plugin <= 1.2 - Remote Code …	Mohammad I. Okfie	IF AS Shortcode	2025-12-29T15:55:13.564Z	2025-12-29T16:50:36.615Z
cve-2025-68893	4.9 (v3.1)	WordPress WordPress Image shrinker plugin <= 1.1.0 - S…	HETWORKS	WordPress Image shrinker	2025-12-29T15:56:47.504Z	2025-12-29T16:50:28.337Z
cve-2025-68879	7.1 (v3.1)	WordPress Content Grid Slider plugin <= 1.5 - Reflecte…	Councilsoft	Content Grid Slider	2025-12-29T15:58:57.851Z	2025-12-29T16:48:36.247Z
cve-2025-68878	7.1 (v3.1)	WordPress Advanced Custom CSS plugin <= 1.1.0 - Reflec…	Prasadkirpekar	Advanced Custom CSS	2025-12-29T16:00:20.652Z	2025-12-29T16:49:10.084Z
cve-2025-68877	7.5 (v3.1)	WordPress CedCommerce Integration for Good Market plug…	CedCommerce	CedCommerce Integration for Good Market	2025-12-29T16:03:22.206Z	2025-12-29T16:50:15.997Z
cve-2025-68876	7.1 (v3.1)	WordPress Invelity SPS connect plugin <= 1.0.8 - Refle…	INVELITY	Invelity SPS connect	2025-12-29T16:05:23.287Z	2025-12-29T16:50:09.822Z
cve-2025-68870	7.5 (v3.1)	WordPress CookieHint WP plugin <= 1.0.0 - Local File I…	reDim GmbH	CookieHint WP	2025-12-29T16:09:05.270Z	2025-12-29T16:50:40.971Z
cve-2025-68868	6.5 (v3.1)	WordPress Wp Text Slider Widget plugin <= 1.0 - Cross …	Codeaffairs	Wp Text Slider Widget	2025-12-29T16:12:32.664Z	2025-12-29T16:51:15.274Z
cve-2025-68861	7.1 (v3.1)	WordPress Plugin Optimizer plugin <= 1.3.7 - Broken Ac…	Plugin Optimizer	Plugin Optimizer	2025-12-29T17:23:08.542Z	2025-12-29T18:54:46.003Z
cve-2025-68860	9.8 (v3.1)	WordPress Mobile builder plugin <= 1.4.2 - Broken Auth…	Mobile Builder	Mobile builder	2025-12-29T21:08:56.358Z	2025-12-30T15:47:43.775Z
cve-2025-68706	N/A	A stack-based buffer overflow exists in the GoAhe…	n/a	n/a	2025-12-29T00:00:00.000Z	2025-12-31T16:59:00.763Z
cve-2025-68607	6.5 (v3.1)	WordPress Custom Field Template plugin <= 2.7.5 - Cros…	Hiroaki Miyashita	Custom Field Template	2025-12-29T21:10:50.618Z	2025-12-30T15:48:23.658Z
cve-2025-68562	9.9 (v3.1)	WordPress MapSVG plugin <= 8.7.3 - Arbitrary File Uplo…	RomanCode	MapSVG	2025-12-29T21:13:24.913Z	2025-12-30T15:49:09.276Z
cve-2025-68504	6.5 (v3.1)	WordPress JetSearch plugin <= 3.5.16 - Cross Site Scri…	Crocoblock	JetSearch	2025-12-29T21:14:40.576Z	2025-12-30T15:50:12.903Z
cve-2025-68503	6.5 (v3.1)	WordPress JetBlog plugin <= 2.4.7 - Broken Access Cont…	Crocoblock	JetBlog	2025-12-29T21:15:43.312Z	2025-12-29T21:15:43.312Z

ID	Description	Published	Updated
fkie_cve-2015-10145	Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vul…	2025-12-31T21:15:50.920	2025-12-31T21:15:50.920
fkie_cve-2025-68932	FreshRSS is a free, self-hostable RSS aggregator. Prior to version 1.28.0, FreshRSS uses cryptograp…	2025-12-27T00:15:42.633	2025-12-31T21:12:56.473
fkie_cve-2025-15176	A flaw has been found in Open5GS up to 2.7.5. This affects the function decode_ipv6_header/ogs_pfcp…	2025-12-29T07:15:54.153	2025-12-31T20:57:01.373
fkie_cve-2025-15225	WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote…	2025-12-29T07:15:56.333	2025-12-31T20:55:14.363
fkie_cve-2025-15226	WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, allowing unauthenticated remot…	2025-12-29T07:15:56.567	2025-12-31T20:53:21.230
fkie_cve-2025-69235	Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar e…	2025-12-30T02:16:16.930	2025-12-31T20:43:25.830
fkie_cve-2025-69234	Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar envir…	2025-12-30T02:16:16.810	2025-12-31T20:43:25.830
fkie_cve-2025-69217	coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0…	2025-12-30T01:15:41.390	2025-12-31T20:43:25.830
fkie_cve-2025-69211	Nest is a framework for building scalable Node.js server-side applications. Versions prior to 11.1.…	2025-12-29T16:15:44.237	2025-12-31T20:43:25.830
fkie_cve-2025-69206	Hemmelig is a messing app with with client-side encryption and self-destructing messages. Prior to …	2025-12-29T16:15:44.090	2025-12-31T20:43:25.830
fkie_cve-2025-69205	Micro Registration Utility (µURU) is a telephone self registration utility based on asterisk. In ve…	2025-12-29T21:15:43.667	2025-12-31T20:43:25.830
fkie_cve-2025-69202	Axios Cache Interceptor is a cache interceptor for axios. Prior to version 1.11.1, when a server ca…	2025-12-29T20:15:42.107	2025-12-31T20:43:25.830
fkie_cve-2025-69201	Tugtainer is a self-hosted app for automating updates of docker containers. In versions prior to 1.…	2025-12-29T16:15:43.940	2025-12-31T20:43:25.830
fkie_cve-2025-69200	phpMyFAQ is an open source FAQ web application. In versions prior to 4.0.16, an unauthenticated rem…	2025-12-29T16:15:43.793	2025-12-31T20:43:25.830
fkie_cve-2025-68951	phpMyFAQ is an open source FAQ web application. Versions 4.0.14 and 4.0.15 have a stored cross-site…	2025-12-29T16:15:43.600	2025-12-31T20:43:25.830
fkie_cve-2025-68897	Improper Control of Generation of Code ('Code Injection') vulnerability in Mohammad I. Okfie IF AS …	2025-12-29T16:15:43.457	2025-12-31T20:43:25.830
fkie_cve-2025-68893	Server-Side Request Forgery (SSRF) vulnerability in HETWORKS WordPress Image shrinker allows Server…	2025-12-29T16:15:43.303	2025-12-31T20:43:25.830
fkie_cve-2025-68879	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T16:15:43.160	2025-12-31T20:43:25.830
fkie_cve-2025-68878	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T16:15:43.017	2025-12-31T20:43:25.830
fkie_cve-2025-68877	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-29T16:15:42.870	2025-12-31T20:43:25.830
fkie_cve-2025-68876	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T16:15:42.707	2025-12-31T20:43:25.830
fkie_cve-2025-68870	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2025-12-29T17:15:47.067	2025-12-31T20:43:25.830
fkie_cve-2025-68868	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T17:15:46.903	2025-12-31T20:43:25.830
fkie_cve-2025-68861	Missing Authorization vulnerability in Plugin Optimizer allows Exploiting Incorrectly Configured Ac…	2025-12-29T18:15:43.740	2025-12-31T20:43:25.830
fkie_cve-2025-68860	Authentication Bypass Using an Alternate Path or Channel vulnerability in Mobile Builder Mobile bui…	2025-12-29T22:15:43.597	2025-12-31T20:43:25.830
fkie_cve-2025-68706	A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices …	2025-12-29T19:15:57.090	2025-12-31T20:43:25.830
fkie_cve-2025-68607	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T22:15:43.450	2025-12-31T20:43:25.830
fkie_cve-2025-68562	Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a W…	2025-12-29T22:15:43.310	2025-12-31T20:43:25.830
fkie_cve-2025-68504	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2025-12-29T22:15:43.163	2025-12-31T20:43:25.830
fkie_cve-2025-68503	Missing Authorization vulnerability in Crocoblock JetBlog allows Exploiting Incorrectly Configured …	2025-12-29T22:15:43.020	2025-12-31T20:43:25.830

ID	Description	Package	Published	Updated
pysec-2022-43177	Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40…	azure-cli	2022-10-25T17:15:56+00:00	2025-04-09T17:27:24.642962+00:00
pysec-2024-244	A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a by…	mlflow	2024-05-16T09:15:14+00:00	2025-04-08T10:23:25.092581+00:00
pysec-2024-243	mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs…	mlflow	2024-04-16T00:15:12+00:00	2025-04-08T10:23:25.044416+00:00
pysec-2024-242	A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow, specifically …	mlflow	2024-06-06T19:15:55+00:00	2025-04-08T10:23:24.995743+00:00
pysec-2024-241	Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untru…	mlflow	2024-02-23T22:15:55+00:00	2025-04-08T10:23:24.946136+00:00
pysec-2024-240	Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This …	mlflow	2024-02-23T22:15:55+00:00	2025-04-08T10:23:24.900947+00:00
pysec-2024-239	A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to im…	mlflow	2024-06-06T19:15:51+00:00	2025-04-08T10:23:24.852109+00:00
pysec-2025-12	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St…	codechecker	2025-01-21T15:15:13+00:00	2025-04-08T10:23:23.899726+00:00
pysec-2024-238	CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang St…	codechecker	2024-11-06T15:15:11+00:00	2025-04-08T10:23:23.857960+00:00
pysec-2025-11	A vulnerability in the `KnowledgeBaseWebReader` class of the run-llama/llama_index reposi…	llama-index	2025-03-20T10:15:31+00:00	2025-04-01T23:22:47.294256+00:00
pysec-2025-10	A vulnerability in the `download_model` function of the onnx/onnx framework, before and i…	onnx	2025-03-20T10:15:37+00:00	2025-03-26T19:21:38.843396+00:00
pysec-2025-9	A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through…	invokeai	2025-03-20T10:15:26+00:00	2025-03-20T11:21:37.872971+00:00
pysec-2025-8	The `pygments-style-solarized` project was removed from PyPI by its owner on 2021-08-26. …	pygments-style-solarized		2025-03-17T16:35:37+00:00
pysec-2024-237	OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versio…	octoprint	2024-05-14T16:17:12+00:00	2025-03-05T17:22:29.121263+00:00
pysec-2024-236	Jupyter Server Proxy allows users to run arbitrary external processes alongside their not…	jupyter-server-proxy	2024-06-11T22:15:09+00:00	2025-02-26T23:22:41.524251+00:00
pysec-2025-7	Published in 2021, the imblog package is a Python library that scrapes data from a blog p…	imblog		2025-02-26T21:19:19+00:00
pysec-2025-6	Published in 2021, the colabrun package is a Python library that exfiltrates user cookies…	colabrun		2025-02-26T20:59:48+00:00
pysec-2025-5	Published in 2020, the autodzee package is a Python library that bypasses Deezer API rest…	browsercmdhbt2		2025-02-26T20:57:11+00:00
pysec-2025-3	Published in 2019, the autodzee package is a Python library that bypasses Deezer API rest…	autodzee		2025-02-26T20:54:20+00:00
pysec-2025-4	Published in 2019, the automslc package is a Python library that bypasses Deezer API rest…	automslc		2025-02-26T19:26:49+00:00
pysec-2024-235	With the following crawler configuration: ```python from bs4 import BeautifulSoup as Sou…	langchain-exa	2024-02-26T16:27:49+00:00	2025-02-26T02:48:56.937312+00:00
pysec-2023-194	langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and exe…	langchain-experimental	2023-10-09T20:15:00Z	2025-02-23T07:46:11Z
pysec-2024-234	Jupyter Server Proxy allows users to run arbitrary external processes alongside their Jup…	jupyter-server-proxy	2024-03-20T20:15:08+00:00	2025-02-21T18:23:35.992501+00:00
pysec-2023-163	An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary…	numexpr	2023-09-01T16:15:00Z	2025-02-20T09:11:38.521949Z
pysec-2024-233	python-jose through 3.3.0 allows attackers to cause a denial of service (resource consump…	python-jose	2024-04-26T00:15:09+00:00	2025-02-18T19:20:15.511369+00:00
pysec-2024-232	python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key f…	python-jose	2024-04-26T00:15:09+00:00	2025-02-18T19:20:15.468012+00:00
pysec-2024-231	LightGBM Remote Code Execution Vulnerability	lightgbm	2024-11-12T18:15:28+00:00	2025-02-15T07:20:34.246161+00:00
pysec-2024-230	Certifi is a curated collection of Root Certificates for validating the trustworthiness o…	certifi	2024-07-05T19:15:10+00:00	2025-02-12T21:21:51.559667+00:00
pysec-2024-229	Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execut…	transformers	2024-11-22T22:15:07+00:00	2025-02-10T23:22:41.499413+00:00
pysec-2024-228	Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code …	transformers	2024-11-22T22:15:07+00:00	2025-02-10T23:22:41.449105+00:00

ID	Description	Updated
gsd-2024-33822	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.561810Z
gsd-2024-33773	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.560326Z
gsd-2024-33769	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.558897Z
gsd-2024-33794	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.557396Z
gsd-2024-33818	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.556720Z
gsd-2024-33793	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.552273Z
gsd-2024-33833	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.551960Z
gsd-2024-33835	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.550838Z
gsd-2024-33744	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.543395Z
gsd-2024-33789	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.534336Z
gsd-2024-33760	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.533361Z
gsd-2024-33702	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.530768Z
gsd-2024-33797	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.530297Z
gsd-2024-33684	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.529859Z
gsd-2024-33827	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.528643Z
gsd-2024-33810	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.527741Z
gsd-2024-33729	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.527542Z
gsd-2024-33807	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.526483Z
gsd-2024-33688	Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affect…	2024-04-27T05:02:18.524420Z
gsd-2024-33685	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.523707Z
gsd-2024-33713	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.522989Z
gsd-2024-33768	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.521409Z
gsd-2024-33720	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.519711Z
gsd-2024-33809	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.516352Z
gsd-2024-33727	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.514916Z
gsd-2024-33770	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.514460Z
gsd-2024-33732	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.513959Z
gsd-2024-33829	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.511177Z
gsd-2024-33714	The format of the source doesn't require a description, click on the link for more details.	2024-04-27T05:02:18.510684Z
gsd-2024-33693	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-27T05:02:18.509326Z

ID	Description	Published	Updated
mal-2024-11738	Malicious code in user-gen-agent-random (PyPI)	2024-10-07T22:16:18Z	2025-12-31T02:45:16Z
mal-2024-11713	Malicious code in spiderxr-ai (PyPI)	2024-10-02T09:16:00Z	2025-12-31T02:45:16Z
mal-2024-11712	Malicious code in spider-ai (PyPI)	2024-10-02T09:16:00Z	2025-12-31T02:45:16Z
mal-2024-11704	Malicious code in sendtowev (PyPI)	2024-09-17T21:01:02Z	2025-12-31T02:45:16Z
mal-2024-10241	Malicious code in youreallydontwantthispackage2131 (PyPI)	2024-10-22T13:55:39Z	2025-12-31T02:45:16Z
mal-2024-10163	Malicious code in solana-token (PyPI)	2024-10-16T14:51:34Z	2025-12-31T02:45:16Z
mal-2025-975	Malicious code in reqzest (PyPI)	2024-12-24T18:09:49Z	2025-12-31T02:45:15Z
mal-2025-969	Malicious code in reqiest (PyPI)	2024-12-24T18:09:49Z	2025-12-31T02:45:15Z
mal-2025-968	Malicious code in reqeuts (PyPI)	2024-12-24T18:09:49Z	2025-12-31T02:45:15Z
mal-2025-966	Malicious code in reqest (PyPI)	2024-12-24T18:09:49Z	2025-12-31T02:45:15Z
mal-2025-942	Malicious code in langer-updater (PyPI)	2024-12-16T10:40:50Z	2025-12-31T02:45:15Z
mal-2025-935	Malicious code in hugginglega (PyPI)	2024-12-29T19:16:24Z	2025-12-31T02:45:15Z
mal-2025-926	Malicious code in flasl (PyPI)	2024-12-24T18:09:49Z	2025-12-31T02:45:15Z
mal-2025-923	Malicious code in fflask (PyPI)	2024-12-24T18:09:49Z	2025-12-31T02:45:15Z
mal-2025-6973	Malicious code in flatfox-api-python (PyPI)	2025-08-18T18:31:35Z	2025-12-31T02:45:15Z
mal-2025-6787	Malicious code in flatfox-api (PyPI)	2025-07-30T10:19:17Z	2025-12-31T02:45:15Z
mal-2025-6579	Malicious code in runway-python (PyPI)	2025-07-31T19:16:19Z	2025-12-31T02:45:15Z
mal-2025-6575	Malicious code in rehttps (PyPI)	2025-07-01T16:05:05Z	2025-12-31T02:45:15Z
mal-2025-6566	Malicious code in piprce (PyPI)	2024-07-26T16:53:30Z	2025-12-31T02:45:15Z
mal-2025-6529	Malicious code in jirawrapped (PyPI)	2025-07-02T10:07:35Z	2025-12-31T02:45:15Z
mal-2025-6515	Malicious code in graphdict (PyPI)	2025-07-09T18:18:10Z	2025-12-31T02:45:15Z
mal-2025-6513	Malicious code in gramapi (PyPI)	2025-07-11T22:51:02Z	2025-12-31T02:45:15Z
mal-2025-6499	Malicious code in elbloadmonitor (PyPI)	2024-07-26T16:53:30Z	2025-12-31T02:45:15Z
mal-2025-6495	Malicious code in discord-booster (PyPI)	2025-05-29T22:39:05Z	2025-12-31T02:45:15Z
mal-2025-6486	Malicious code in crpt1 (PyPI)	2025-07-13T13:25:08Z	2025-12-31T02:45:15Z
mal-2025-6010	Malicious code in ruamel-poc (PyPI)	2025-07-20T08:05:43Z	2025-12-31T02:45:15Z
mal-2025-5130	Malicious code in rich-figlet (PyPI)	2025-05-15T21:07:23Z	2025-12-31T02:45:15Z
mal-2025-5102	Malicious code in coloraiz (PyPI)	2025-05-16T10:10:16Z	2025-12-31T02:45:15Z
mal-2025-5099	Malicious code in c8test (PyPI)	2024-07-26T16:53:30Z	2025-12-31T02:45:15Z
mal-2025-5094	Malicious code in ai-labs-snippets-sdk (PyPI)	2025-05-19T15:43:26Z	2025-12-31T02:45:15Z

ID	Description	Published	Updated
wid-sec-w-2025-2537	BusyBox (wget): Schwachstelle ermöglicht Umgehung von Sicherheitsvorkehrungen	2025-11-10T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2409	Xen: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-10-26T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2407	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-10-26T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2298	Linux Kernel: Mehrere Schwachstellen	2025-10-14T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2268	Linux Kernel: Mehrere Schwachstellen	2025-10-13T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2198	MediaWiki: Mehrere Schwachstellen	2025-10-05T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2170	Linux Kernel: Mehrere Schwachstellen	2025-09-30T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2144	binutils: Mehrere Schwachstellen	2025-09-28T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2115	WordPress Core: Mehrere Schwachstellen	2025-09-23T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-2099	Linux Kernel: Mehrere Schwachstellen	2025-09-21T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1898	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-08-24T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1870	Keycloak: Schwachstelle ermöglicht Versand beliebiger E-Mails	2025-08-19T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1833	IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service	2025-08-13T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1822	Ruby on Rails: Mehrere Schwachstellen	2025-08-13T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1807	IBM WebSphere Application Server Liberty: Mehrere Schwachstellen	2025-08-12T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1757	Linux Kernel: Schwachstelle ermöglicht Umgehen von Sicherheitsmechanismen	2025-08-11T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1591	IBM WebSphere Application Server: Schwachstelle ermöglicht Offenlegung von Informationen	2025-07-17T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1582	IBM WebSphere Application Server: Schwachstelle ermöglicht Denial of Service	2025-07-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1460	PHP: Mehrere Schwachstellen	2025-07-03T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1335	Apache Tomcat: Mehrere Schwachstellen	2025-06-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1334	Apache Commons FileUpload: Schwachstelle ermöglicht Denial of Service	2025-06-16T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1169	Apache Commons BeanUtils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-05-29T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1144	GIMP: Mehrere Schwachstellen ermöglichen Codeausführung	2025-05-25T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-1114	Linux Kernel: Mehrere Schwachstellen	2025-05-20T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0944	GIMP: Schwachstelle ermöglicht Codeausführung	2025-05-05T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0879	BusyBox: Mehrere Schwachstellen	2025-04-23T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0813	Oracle MySQL: Mehrere Schwachstellen	2025-04-15T22:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0562	expat: Schwachstelle ermöglicht Denial of Service	2025-03-13T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0545	Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service	2025-03-11T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00
wid-sec-w-2025-0524	Red Hat Ansible Automation Platform (Jinja): Schwachstelle ermöglicht Codeausführung	2025-03-11T23:00:00.000+00:00	2025-12-21T23:00:00.000+00:00

ID	Description	Published	Updated
ssa-787941	SSA-787941: Denial of Service Vulnerability in RUGGEDCOM ROS devices	2022-11-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-770902	SSA-770902: Denial of Service Vulnerability in the Web Server of RUGGEDCOM ROS Devices	2023-08-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-769791	SSA-769791: Local Arbitrary Code Execution Vulnerability in COMOS Before V10.6	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-767615	SSA-767615: Information Disclosure Vulnerability in SIPROTEC 5 Devices	2025-02-11T00:00:00Z	2025-08-12T00:00:00Z
ssa-764417	SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-674084	SSA-674084: File Parsing Vulnerabilities in Simcenter Femap Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-665108	SSA-665108: Arbitrary File Upload Vulnerability in RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-613116	SSA-613116: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.1	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-529291	SSA-529291: Information Disclosure Vulnerabilities in SICAM Q100/Q200	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-517338	SSA-517338: Multiple Vulnerabilities in SINEC Traffic Analyzer Before V3.0	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-493787	SSA-493787: Arbitrary Code Execution Vulnerability in SIMATIC RTLS Locating Manager Before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-460466	SSA-460466: Denial of Service Vulnerability in TIA Project-Server and TIA Portal	2025-07-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-446307	SSA-446307: Authentication Bypass Vulnerability in BMC (CVE-2024-54085) affects SIMATIC IPC RS-828A	2025-05-13T00:00:00Z	2025-08-12T00:00:00Z
ssa-400089	SSA-400089: Denial of Service Vulnerability in SIPROTEC 4 and SIPROTEC 4 Compact	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-398330	SSA-398330: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP >= V3.1.0 and < V3.1.5	2023-12-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-382999	SSA-382999: Multiple Vulnerabilities in Opcenter Quality Before V2506	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-355557	SSA-355557: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.2	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-353002	SSA-353002: Multiple Vulnerabilities in SCALANCE XB-200 / XC-200 / XP-200 / XF-200BA / XR-300WG Family	2024-03-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-256353	SSA-256353: Third-Party Component Vulnerabilities in RUGGEDCOM ROS	2022-03-08T00:00:00Z	2025-08-12T00:00:00Z
ssa-177847	SSA-177847: Improper VNC Password Check Vulnerability in SINUMERIK Controllers	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-170375	SSA-170375: Multiple Vulnerabilities in RUGGEDCOM ROS Before V5.9	2024-07-09T00:00:00Z	2025-08-12T00:00:00Z
ssa-097435	SSA-097435: Usernames Disclosure Vulnerability in Mendix Runtime	2024-09-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-094954	SSA-094954: Authentication Bypass Vulnerability in BIST mode of RUGGEDCOM ROX II	2025-08-12T00:00:00Z	2025-08-12T00:00:00Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00Z	2025-08-12T00:00:00Z
ssa-725549	SSA-725549: Denial of Service of ICMP in Industrial Devices	2025-04-08T00:00:00Z	2025-07-21T00:00:00Z
ssa-183963	SSA-183963: Certificate Validation Vulnerabilities in SICAM TOOLBOX II Before V07.11	2025-07-08T00:00:00Z	2025-07-18T00:00:00Z
ssa-938066	SSA-938066: Remote Code Execution Vulnerability in SENTRON Powermanager and Desigo CC	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-904646	SSA-904646: Sensitive Data Exposure Vulnerability in SIPROTEC 5 Devices	2025-07-08T00:00:00Z	2025-07-08T00:00:00Z
ssa-763427	SSA-763427: Authentication Bypass Vulnerability in SIMATIC CP and TIM Devices	2015-11-27T00:00:00Z	2025-07-08T00:00:00Z
ssa-634640	SSA-634640: Weak Authentication Vulnerability in Siemens Industrial Edge Devices	2025-04-08T00:00:00Z	2025-07-08T00:00:00Z

ID	Description	Published	Updated
rhsa-2025:3813	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:56:45+00:00	2025-11-29T06:54:09+00:00
rhsa-2025:3811	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:32:08+00:00	2025-11-29T06:54:09+00:00
rhsa-2025:3775	Red Hat Security Advisory: OpenShift Container Platform 4.18.9 bug fix and security update	2025-04-16T06:12:24+00:00	2025-11-29T06:54:08+00:00
rhsa-2025:3763	Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.13.2 container image updates	2025-04-09T16:37:37+00:00	2025-11-29T06:54:07+00:00
rhsa-2025:3808	Red Hat Security Advisory: RHTAS 1.1.2 - Red Hat Trusted Artifact Signer Release	2025-04-10T14:26:28+00:00	2025-11-29T06:54:04+00:00
rhsa-2025:3798	Red Hat Security Advisory: OpenShift Container Platform 4.17.25 bug fix and security update	2025-04-16T17:46:00+00:00	2025-11-29T06:54:04+00:00
rhsa-2025:3743	Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.5.1 release	2025-04-09T09:53:12+00:00	2025-11-29T06:54:02+00:00
rhsa-2025:3740	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release	2025-04-09T08:52:08+00:00	2025-11-29T06:54:02+00:00
rhsa-2025:3720	Red Hat Security Advisory: multicluster engine for Kubernetes 2.8.1 container image updates	2025-04-08T23:25:49+00:00	2025-11-29T06:54:01+00:00
rhsa-2025:3698	Red Hat Security Advisory: opentelemetry-collector security update	2025-04-08T15:23:59+00:00	2025-11-29T06:54:01+00:00
rhsa-2025:3685	Red Hat Security Advisory: Red Hat Edge Manager Version 0.5.1 (Technology Preview) security fixes	2025-04-08T13:01:54+00:00	2025-11-29T06:54:00+00:00
rhsa-2025:3618	Red Hat Security Advisory: grafana security update	2025-04-07T02:07:30+00:00	2025-11-29T06:53:59+00:00
rhsa-2025:3616	Red Hat Security Advisory: grafana security update	2025-04-07T01:59:15+00:00	2025-11-29T06:53:59+00:00
rhsa-2025:3607	Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.5.1 release	2025-04-04T13:38:55+00:00	2025-11-29T06:53:58+00:00
rhsa-2025:3593	Red Hat Security Advisory: opentelemetry-collector security update	2025-04-03T13:38:52+00:00	2025-11-29T06:53:57+00:00
rhsa-2025:3577	Red Hat Security Advisory: OpenShift Container Platform 4.18.8 bug fix and security update	2025-04-10T11:37:31+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3565	Red Hat Security Advisory: OpenShift Container Platform 4.17.24 bug fix and security update	2025-04-09T04:47:09+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3560	Red Hat Security Advisory: RHODF-4.14-RHEL-9 security update	2025-04-03T05:09:02+00:00	2025-11-29T06:53:56+00:00
rhsa-2025:3542	Red Hat Security Advisory: RHODF-4.15-RHEL-9 security update	2025-04-02T19:51:02+00:00	2025-11-29T06:53:55+00:00
rhsa-2025:3503	Red Hat Security Advisory: Red Hat build of Cryostat security update	2025-04-02T04:03:14+00:00	2025-11-29T06:53:54+00:00
rhsa-2025:3501	Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update	2025-04-01T20:50:35+00:00	2025-11-29T06:53:54+00:00
rhsa-2025:3439	Red Hat Security Advisory: ACS 4.6 enhancement and security update	2025-04-01T04:55:49+00:00	2025-11-29T06:53:53+00:00
rhsa-2025:3438	Red Hat Security Advisory: ACS 4.7 enhancement and security update	2025-04-01T04:50:23+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3437	Red Hat Security Advisory: ACS 4.5 enhancement and security update	2025-04-01T04:50:24+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3411	Red Hat Security Advisory: opentelemetry-collector security update	2025-03-31T14:36:15+00:00	2025-11-29T06:53:52+00:00
rhsa-2025:3344	Red Hat Security Advisory: grafana security update	2025-03-27T15:46:43+00:00	2025-11-29T06:53:50+00:00
rhsa-2025:3336	Red Hat Security Advisory: podman security update	2025-03-27T15:01:22+00:00	2025-11-29T06:53:50+00:00
rhsa-2025:3335	Red Hat Security Advisory: opentelemetry-collector security update	2025-03-27T15:00:22+00:00	2025-11-29T06:53:48+00:00
rhsa-2025:3301	Red Hat Security Advisory: OpenShift Container Platform 4.16.38 bug fix and security update	2025-04-03T00:21:28+00:00	2025-11-29T06:53:47+00:00
rhsa-2025:3268	Red Hat Security Advisory: container-tools:rhel8 security update	2025-03-26T14:31:13+00:00	2025-11-29T06:53:47+00:00

ID	Description	Published	Updated
msrc_cve-2025-68338	net: dsa: microchip: Don't free uninitialized ksz_irq	2025-12-02T00:00:00.000Z	2025-12-24T01:04:35.000Z
msrc_cve-2025-68339	atm/fore200e: Fix possible data race in fore200e_open()	2025-12-02T00:00:00.000Z	2025-12-24T01:04:29.000Z
msrc_cve-2025-38476	rpl: Fix use-after-free in rpl_do_srh_inline().	2025-07-02T00:00:00.000Z	2025-12-24T01:04:23.000Z
msrc_cve-2025-38474	usb: net: sierra: check for no status endpoint	2025-07-02T00:00:00.000Z	2025-12-24T01:04:18.000Z
msrc_cve-2025-38473	Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()	2025-07-02T00:00:00.000Z	2025-12-24T01:04:14.000Z
msrc_cve-2025-38470	net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime	2025-07-02T00:00:00.000Z	2025-12-24T01:04:08.000Z
msrc_cve-2025-38468	net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree	2025-07-02T00:00:00.000Z	2025-12-24T01:04:03.000Z
msrc_cve-2025-38467	drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling	2025-07-02T00:00:00.000Z	2025-12-24T01:03:58.000Z
msrc_cve-2025-38466	perf: Revert to requiring CAP_SYS_ADMIN for uprobes	2025-07-02T00:00:00.000Z	2025-12-24T01:03:53.000Z
msrc_cve-2025-38465	netlink: Fix wraparounds of sk->sk_rmem_alloc.	2025-07-02T00:00:00.000Z	2025-12-24T01:03:48.000Z
msrc_cve-2025-38464	tipc: Fix use-after-free in tipc_conn_close().	2025-07-02T00:00:00.000Z	2025-12-24T01:03:43.000Z
msrc_cve-2025-38462	vsock: Fix transport_{g2h,h2g} TOCTOU	2025-07-02T00:00:00.000Z	2025-12-24T01:03:38.000Z
msrc_cve-2025-38461	vsock: Fix transport_* TOCTOU	2025-07-02T00:00:00.000Z	2025-12-24T01:03:33.000Z
msrc_cve-2025-38460	atm: clip: Fix potential null-ptr-deref in to_atmarpd().	2025-07-02T00:00:00.000Z	2025-12-24T01:03:28.000Z
msrc_cve-2025-38459	atm: clip: Fix infinite recursive call of clip_push().	2025-07-02T00:00:00.000Z	2025-12-24T01:03:23.000Z
msrc_cve-2025-38458	atm: clip: Fix NULL pointer dereference in vcc_sendmsg()	2025-07-02T00:00:00.000Z	2025-12-24T01:03:18.000Z
msrc_cve-2025-38457	net/sched: Abort __tc_modify_qdisc if parent class does not exist	2025-07-02T00:00:00.000Z	2025-12-24T01:03:13.000Z
msrc_cve-2025-38448	usb: gadget: u_serial: Fix race condition in TTY wakeup	2025-07-02T00:00:00.000Z	2025-12-24T01:03:08.000Z
msrc_cve-2025-38445	md/raid1: Fix stack memory use after return in raid1_reshape	2025-07-02T00:00:00.000Z	2025-12-24T01:03:03.000Z
msrc_cve-2025-38444	raid10: cleanup memleak at raid10_make_request	2025-07-02T00:00:00.000Z	2025-12-24T01:02:58.000Z
msrc_cve-2025-38443	nbd: fix uaf in nbd_genl_connect() error path	2025-07-02T00:00:00.000Z	2025-12-24T01:02:53.000Z
msrc_cve-2025-38441	netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()	2025-07-02T00:00:00.000Z	2025-12-24T01:02:49.000Z
msrc_cve-2025-38439	bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT	2025-07-02T00:00:00.000Z	2025-12-24T01:02:43.000Z
msrc_cve-2025-38437	ksmbd: fix potential use-after-free in oplock/lease break ack	2025-07-02T00:00:00.000Z	2025-12-24T01:02:38.000Z
msrc_cve-2025-62230	Xorg: xwayland: use-after-free in xkb client resource removal	2025-10-02T00:00:00.000Z	2025-12-24T01:02:33.000Z
msrc_cve-2025-62231	Xorg: xmayland: value overflow in xkbsetcompatmap()	2025-10-02T00:00:00.000Z	2025-12-24T01:02:28.000Z
msrc_cve-2025-62229	Xorg: xmayland: use-after-free in xpresentnotify structure creation	2025-10-02T00:00:00.000Z	2025-12-24T01:02:23.000Z
msrc_cve-2025-68334	platform/x86/amd/pmc: Add support for Van Gogh SoC	2025-12-02T00:00:00.000Z	2025-12-24T01:02:13.000Z
msrc_cve-2025-68328	firmware: stratix10-svc: fix bug in saving controller data	2025-12-02T00:00:00.000Z	2025-12-24T01:02:08.000Z
msrc_cve-2025-68330	iio: accel: bmc150: Fix irq assumption regression	2025-12-02T00:00:00.000Z	2025-12-24T01:02:02.000Z

ID	Description	Published	Updated
icsa-25-135-05	Siemens SIPROTEC and SICAM	2025-05-13T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-072-11	Siemens SIMATIC IPC Family, ITP1000, and Field PGs	2025-03-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-044-06	Siemens RUGGEDCOM APE1808 Devices	2025-02-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-044-04	Siemens SIPROTEC 5	2025-02-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-016-04	Siemens SIPROTEC 5 Products	2025-01-14T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-193-14	Siemens SIPROTEC	2024-07-09T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-193-02	Siemens RUGGEDCOM APE 1808	2024-07-09T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-24-074-05	Siemens RUGGEDCOM APE1808	2024-03-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-23-257-01	Siemens SIMATIC, SIPLUS Products	2023-09-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-23-103-06	Siemens SIPROTEC 5 Devices	2023-04-11T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-349-11	Siemens SIPROTEC 5 Devices	2022-12-13T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-195-02	Siemens SICAM GridEdge	2022-07-12T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-22-167-08	Siemens SICAM GridEdge	2022-06-14T00:00:00.000000Z	2025-11-11T00:00:00.000000Z
icsa-25-310-03	ABB FLXeon Controllers	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-310-02	Ubia Ubox	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-310-01	Advantech DeviceOn/iEdge	2025-11-06T07:00:00.000000Z	2025-11-06T07:00:00.000000Z
icsa-25-308-05	IDIS ICM Viewer	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-04	Radiometrics VizAir	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-03	Delta Electronics CNCSoft-G2	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
icsa-25-308-02	Survision License Plate Recognition Camera	2025-11-04T07:00:00.000000Z	2025-11-04T07:00:00.000000Z
va-25-304-02	Restaurant Brands International assistant platform multiple vulnerabilities	2025-10-31T17:02:13Z	2025-10-31T17:02:13Z
va-25-304-01	ELOG multiple vulnerabilities	2025-10-31T16:57:24Z	2025-10-31T16:57:24Z
icsa-25-303-02	Hitachi Energy TropOS	2025-10-30T06:00:00.000000Z	2025-10-30T06:00:00.000000Z
icsa-25-303-01	International Standards Organization ISO 15118	2025-10-30T05:00:00.000000Z	2025-10-30T05:00:00.000000Z
icsa-25-282-01	Hitachi Energy Asset Suite (Update A)	2025-09-30T08:50:13.000000Z	2025-10-28T09:50:00.000000Z
icsma-25-301-01	Vertikal Systems Hospital Manager Backend Services	2025-10-28T06:00:00.000000Z	2025-10-28T06:00:00.000000Z
icsma-25-296-01	NIHON KOHDEN Central Monitor CNS-6201	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-04	Delta Electronics ASDA-Soft	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-03	Veeder-Root TLS4B Automatic Tank Gauge System	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z
icsa-25-296-02	ASKI Energy ALS-Mini-S8 and ALS-Mini-S4	2025-10-23T06:00:00.000000Z	2025-10-23T06:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-cuis-file-upload-uhnetstm	Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability	2025-07-16T16:00:00+00:00	2025-07-16T16:00:00+00:00
cisco-sa-spaces-conn-privesc-kgd2ccdu	Cisco Spaces Connector Privilege Escalation Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ece-xss-cbtkteyc	Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-cucm-ssh-m4ubdpe7	Cisco Unified Communications Manager Static SSH Credentials Vulnerability	2025-07-02T16:00:00+00:00	2025-07-02T16:00:00+00:00
cisco-sa-ise-stored-xss-yff54m73	Cisco Identity Services Stored Cross-Site Scripting Vulnerability	2025-05-21T16:00:00+00:00	2025-06-30T15:08:59+00:00
cisco-sa-ise-auth-bypass-mvfkvqau	Cisco Identity Services Engine Authorization Bypass Vulnerability	2025-06-25T16:00:00+00:00	2025-06-25T16:00:00+00:00
cisco-sa-ise-file-upload-p4m8vwxy	Cisco Identity Services Engine Arbitrary File Upload Vulnerability	2025-06-04T16:00:00+00:00	2025-06-23T19:16:21+00:00
cisco-sa-meraki-mx-vpn-dos-sm5gcfm7	Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability	2025-06-18T16:00:00+00:00	2025-06-18T16:00:00+00:00
cisco-sa-clamav-udf-hmwd9ndy	ClamAV UDF File Parsing Out-of-Bounds Read Information Disclosure Vulnerability	2025-06-18T16:00:00+00:00	2025-06-18T16:00:00+00:00
cisco-sa-erlang-otp-ssh-xyzzy	Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server: April 2025	2025-04-22T21:45:00+00:00	2025-06-11T14:40:37+00:00
cisco-sa-wlc-file-uplpd-rhzg9ufc	Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability	2025-05-07T16:00:00+00:00	2025-06-06T20:02:48+00:00
cisco-sa-ise-aws-static-cred-fpmjucm7	Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability	2025-06-04T16:00:00+00:00	2025-06-05T17:26:25+00:00
cisco-sa-vos-command-inject-65s2ucyy	Cisco Unified Communications Products Command Injection Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ucs-ssh-priv-esc-2mzdtdjm	Cisco Integrated Management Controller Privilege Escalation Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-uccx-multi-uhotvpgl	Cisco Unified Contact Center Express Vulnerabilities	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-uccx-editor-rce-ezyyzte8	Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-te-endagent-filewrt-zncdqnrj	Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Delete Vulnerabilities	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ndfc-shkv-snqjtjrp	Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-icm-xss-cfcqhxag	Cisco Unified Intelligent Contact Management Enterprise Cross-Site Scripting Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-ccp-info-disc-zygerqpd	Cisco Customer Collaboration Platform Information Disclosure Vulnerability	2025-06-04T16:00:00+00:00	2025-06-04T16:00:00+00:00
cisco-sa-meraki-mx-vpn-dos-qtrhzg2	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities	2024-10-02T16:00:00+00:00	2025-06-02T14:22:28+00:00
cisco-sa-meraki-mx-vpn-dos-by-qwukqv7x	Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability	2024-10-02T16:00:00+00:00	2025-06-02T14:22:27+00:00
cisco-sa-webex-xss-7teqtfn8	Cisco Webex Services Cross-Site Scripting Vulnerabilities	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-webex-cache-q4xbkqbg	Cisco Webex Meetings Services HTTP Cache Poisoning Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-sna-ssti-dpulqsmz	Cisco Secure Network Analytics Manager Privilege Escalation Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-sna-apiacv-4b6x5ysw	Cisco Secure Network Analytics Manager API Authorization Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-ise-restart-ss-uf986g2q	Cisco Identity Services Engine RADIUS Denial of Service Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-duo-ssp-cmd-inj-rcmyrna	Cisco Duo Self-Service Portal Command Injection Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-cuis-priv-esc-3pk96su4	Cisco Unified Intelligence Center Privilege Escalation Vulnerabilities	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00
cisco-sa-cucm-kkhzbhr5	Cisco Unified Communications Products Privilege Escalation Vulnerability	2025-05-21T16:00:00+00:00	2025-05-21T16:00:00+00:00

ID	Description	Published	Updated
SCA-2020-0002	Vulnerabilities in SICK Package Analytics	2020-08-07T10:00:00.000Z	2020-07-28T10:00:00.000Z
sca-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
SCA-2020-0001	Security Information Regarding "Profile Programming"	2020-05-31T10:00:00.000Z	2020-05-31T10:00:00.000Z
sca-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
SCA-2019-0002	Vulnerability in SICK FX0-GENT00000 and SICK FX0-GPNT00000	2019-09-20T10:00:00.000Z	2019-09-20T10:00:00.000Z
sca-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z
SCA-2019-0001	MSC800 affected by hard-coded credentials vulnerability	2019-06-21T10:00:00.000Z	2019-06-21T10:00:00.000Z

ID	Description	Published	Updated
NN-2021:2-01	Authenticated command path traversal on timezone settings in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2021:1-01	Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4	2021-02-22T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:3-01	Angular template injection on custom report name field	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2020:2-01	Cross-site request forgery attack on change password form	2020-05-26T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:2-01	CSV Injection on node label	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z
NN-2019:1-01	Stored XSS in field name data model	2019-11-11T11:00:00.000Z	2024-05-20T11:00:00.000Z

ID	Description	Published	Updated

ID	Description	Updated
var-201912-0636	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:41.849000Z
var-201302-0303	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on …	2024-11-29T22:36:41.699000Z
var-200106-0168	Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows lo…	2024-11-29T22:36:38.066000Z
var-202105-1461	A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow in fun…	2024-11-29T22:36:05.822000Z
var-201904-0745	Multiple memory corruption issues were addressed with improved memory handling. This issu…	2024-11-29T22:36:04.982000Z
var-200501-0287	Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a…	2024-11-29T22:36:04.792000Z
var-202010-1511	A use after free issue was addressed with improved memory management. This issue is fixed…	2024-11-29T22:36:04.718000Z
var-202206-1961	When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification fa…	2024-11-29T22:36:04.578000Z
var-200901-0466	The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for co…	2024-11-29T22:35:53.826000Z
var-202001-1433	When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data sm…	2024-11-29T22:35:51.750000Z
var-202109-1804	A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocate…	2024-11-29T22:35:51.033000Z
var-201609-0597	The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other pr…	2024-11-29T22:35:49.265000Z
var-201011-0178	The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and poss…	2024-11-29T22:35:48.998000Z
var-201310-0370	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 an…	2024-11-29T22:35:48.557000Z
var-201901-1586	In Safari before 11.1.2, iTunes before 12.8 for Windows, iOS before 11.4.1, tvOS before 1…	2024-11-29T22:35:46.547000Z
var-201006-0051	Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4…	2024-11-29T22:35:44.571000Z
var-201908-0421	Some HTTP/2 implementations are vulnerable to window size manipulation and stream priorit…	2024-11-29T22:35:38.045000Z
var-202112-0562	It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete…	2024-11-29T22:35:35.830000Z
var-200102-0007	WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood…	2024-11-29T22:35:30.307000Z
var-201404-0374	Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 an…	2024-11-29T22:35:28.945000Z
var-201412-0516	The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apach…	2024-11-29T22:34:53.956000Z
var-201310-0355	Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, a…	2024-11-29T22:34:53.303000Z
var-201912-0592	An input validation issue was addressed with improved memory handling. This issue is fixe…	2024-11-29T22:34:47.182000Z
var-201910-1485	The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdum…	2024-11-29T22:34:46.805000Z
var-201410-1319	Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attack…	2024-11-29T22:34:46.272000Z
var-200906-0598	Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in…	2024-11-29T22:34:44.074000Z
var-200608-0038	Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allows remote attackers …	2024-11-29T22:34:43.959000Z
var-201007-0949	WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before…	2024-11-29T22:34:42.765000Z
var-201906-1176	Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragme…	2024-11-29T22:34:41.605000Z
var-202201-0104	In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtt…	2024-11-29T22:34:09.849000Z

ID	Description	Published	Updated
jvndb-2025-000054	Apache Jena Fuseki vulnerable to path traversal	2025-07-30T14:17+09:00	2025-07-30T14:17+09:00
jvndb-2025-000053	"SwitchBot" App vulnerable to insertion of sensitive information into log file	2025-07-29T13:44+09:00	2025-07-29T13:44+09:00
jvndb-2025-010056	TP-Link VIGI NVR1104H-4P and VIGI NVR2016H-16MP vulnerable to OS command injection	2025-07-28T17:53+09:00	2025-07-28T17:53+09:00
jvndb-2025-000052	TP-Link Archer C1200 vulnerable to clickjacking	2025-07-24T14:16+09:00	2025-07-24T14:16+09:00
jvndb-2025-000051	Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input	2025-07-23T13:54+09:00	2025-07-23T13:54+09:00
jvndb-2025-009576	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-07-23T11:13+09:00	2025-07-23T11:13+09:00
jvndb-2025-000050	"region PAY" App for Android vulnerable to insertion of sensitive information into log file	2025-07-22T13:33+09:00	2025-07-22T13:33+09:00
jvndb-2025-009150	Security updates for Trend Micro products (June 2025)	2025-07-17T17:03+09:00	2025-07-17T17:03+09:00
jvndb-2025-000030	Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor	2025-05-12T18:00+09:00	2025-07-17T10:06+09:00
jvndb-2025-000049	ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials	2025-07-16T13:54+09:00	2025-07-16T13:54+09:00
jvndb-2025-008881	Least Privilege Violation Vulnerability in the communications functions of NJ/NX series Machine Automation Controllers	2025-07-15T15:54+09:00	2025-07-15T15:54+09:00
jvndb-2025-008783	Firebox T15 contains an issue with hidden functionality	2025-07-14T17:22+09:00	2025-07-14T17:22+09:00
jvndb-2025-008145	Epson Web Installer for Mac vulnerable to missing authentication for critical function	2025-07-08T14:08+09:00	2025-07-08T14:08+09:00
jvndb-2025-008106	Heap-based buffer overflow vulnerability in V-SFT and TELLUS	2025-07-07T16:26+09:00	2025-07-07T16:26+09:00
jvndb-2025-008105	Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)	2025-07-07T16:04+09:00	2025-07-07T16:04+09:00
jvndb-2025-000047	Multiple vulnerabilities in Nimesa Backup and Recovery	2025-07-07T15:26+09:00	2025-07-07T15:26+09:00
jvndb-2025-007978	Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)	2025-07-04T13:28+09:00	2025-07-04T13:28+09:00
jvndb-2025-000045	Multiple vulnerabilities in Active! mail	2025-07-02T14:13+09:00	2025-07-02T14:13+09:00
jvndb-2025-007754	Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)	2025-07-02T11:31+09:00	2025-07-02T11:31+09:00
jvndb-2025-007607	Pass-Back Attack vulnerability in Konica Minorta bizhub series	2025-07-01T14:09+09:00	2025-07-01T14:09+09:00
jvndb-2025-007595	Multiple vulnerabilities in Web Connection of Konica Minolta MFPs	2025-07-01T14:02+09:00	2025-07-01T14:02+09:00
jvndb-2025-000046	SLNX Help Documentation of RICOH Streamline NX vulnerable to reflected cross-site scripting	2025-06-30T15:45+09:00	2025-06-30T15:45+09:00
jvndb-2025-007552	Multiple vulnerabilities in TB-eye network recorders and AHD recorders	2025-06-30T14:45+09:00	2025-06-30T14:45+09:00
jvndb-2024-004595	Multiple vulnerabilities in FutureNet NXR series, VXR series and WXR series	2024-07-29T17:51+09:00	2025-06-30T09:56+09:00
jvndb-2025-000043	Multiple vulnerabilities in iroha Board	2025-06-26T15:13+09:00	2025-06-26T15:13+09:00
jvndb-2025-000042	Inefficient regular expressions in GROWI	2025-06-24T15:25+09:00	2025-06-24T15:25+09:00
jvndb-2025-000041	Multiple vulnerabilities in ELECOM wireless LAN routers	2025-06-24T14:50+09:00	2025-06-24T14:50+09:00
jvndb-2025-007390	Trend Micro Internet Security and Trend Micro Maximum Security vulnerable to link following local privilege escalation (CVE-2025-49384, CVE-2025-49385)	2025-06-24T11:18+09:00	2025-06-24T11:18+09:00
jvndb-2025-000040	KCM3100 vulnerable to authentication bypass using an alternate path or channel	2025-06-18T13:42+09:00	2025-06-18T13:42+09:00
jvndb-2025-000039	Multiple vulnerabilities in RICOH Streamline NX PC Client	2025-06-13T16:09+09:00	2025-06-13T16:09+09:00

ID	Description	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated