Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-68910	9.9 (3.1)	WordPress Blogzee theme <= 1.0.5 - Arbitrary File Uplo…	blazethemes	Blogzee	2026-01-22T16:52:14.569Z	2026-01-28T16:07:28.044Z
CVE-2026-1400	7.2 (3.1)	AI Engine <= 3.3.2 - Authenticated (Editor+) Arbitrary…	tigroumeow	AI Engine – The Chatbot and AI Framework for WordPress	2026-01-28T08:26:56.110Z	2026-01-28T16:06:59.438Z
CVE-2025-12636	6.5 (3.1) 7.1 (4.0)	Ubia Ubox	Ubia	Ubox Android	2025-11-06T22:15:01.130Z	2026-01-28T16:06:41.083Z
CVE-2026-1381	4.4 (3.1)	Order Minimum/Maximum Amount Limits for WooCommerce <=…	wpcodefactory	Order Minimum/Maximum Amount Limits for WooCommerce	2026-01-28T08:26:54.692Z	2026-01-28T15:57:25.795Z
CVE-2025-15511	5.3 (3.1)	Rupantorpay <= 2.0.0 - Missing Authorization to Unauth…	rupantorpay	Rupantorpay	2026-01-28T11:23:38.266Z	2026-01-28T15:56:42.370Z
CVE-2026-1280	7.5 (3.1)	Frontend File Manager Plugin <= 23.5 - Missing Authori…	nmedia	Frontend File Manager Plugin	2026-01-28T11:23:41.307Z	2026-01-28T15:56:06.302Z
CVE-2025-14616	4.3 (3.1)	Recooty <= 1.0.6 - Cross-Site Request Forgery to Setti…	recooty	Recooty – Job Widget (Old Dashboard)	2026-01-28T11:23:41.712Z	2026-01-28T15:55:14.348Z
CVE-2026-24883	3.7 (3.1)	In GnuPG before 2.5.17, a long signature packet l…	GnuPG	GnuPG	2026-01-27T18:43:18.883Z	2026-01-28T15:52:11.076Z
CVE-2026-1399	4.4 (3.1)	WP Google Ad Manager Plugin <= 1.1.0 - Authenticated (…	miles99	WP Google Ad Manager Plugin	2026-01-28T11:23:42.082Z	2026-01-28T15:51:55.729Z
CVE-2026-1398	4.3 (3.1)	Change WP URL <= 1.0 - Cross-Site Request Forgery to S…	chrisnowak	Change WP URL	2026-01-28T11:23:42.461Z	2026-01-28T15:50:37.635Z
CVE-2025-68073	6.5 (3.1)	WordPress GDPR CCPA Compliance Support plugin <= 2.7.4…	Ninja Team	GDPR CCPA Compliance Support	2026-01-22T16:52:07.197Z	2026-01-28T15:49:44.753Z
CVE-2025-26386	7.1 (4.0)	Stack-based Buffer Overflow in Johnson Controls iSTAR …	Johnson Controls	iSTAR Configuration Utility (ICU)	2026-01-28T11:24:46.317Z	2026-01-28T15:49:08.575Z
CVE-2026-0483	6.9 (4.0)	Stored Cross-Site Scripting (XSS) vulnerability in Liv…	LiveHelperChat	LiveHelperChat	2026-01-28T11:43:42.484Z	2026-01-28T15:47:13.081Z
CVE-2025-59891	8.5 (4.0)	Cross-Site request forgery (CSRF) vulnerability in Syn…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:52:15.635Z	2026-01-28T15:46:23.117Z
CVE-2026-24882	8.4 (3.1)	In GnuPG before 2.5.17, a stack-based buffer over…	GnuPG	GnuPG	2026-01-27T18:40:18.166Z	2026-01-28T15:45:56.231Z
CVE-2025-59892	8.5 (4.0)	Cross-Site request forgery (CSRF) vulnerability in Syn…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:52:35.782Z	2026-01-28T15:45:40.967Z
CVE-2024-12397	7.4 (3.1)	Io.quarkus.http/quarkus-http-core: quarkus http cookie…			2024-12-12T09:05:28.451Z	2026-01-28T15:45:38.773Z
CVE-2020-36984	8.5 (4.0) 7.8 (3.1)	EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path	Epson	EPSON	2026-01-28T12:28:58.749Z	2026-01-28T15:45:05.554Z
CVE-2025-59893	8.5 (4.0)	Cross-Site request forgery (CSRF) vulnerability in Syn…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:52:51.985Z	2026-01-28T15:43:40.929Z
CVE-2025-59894	8.5 (4.0)	Cross-Site request forgery (CSRF) vulnerability in Syn…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:53:24.197Z	2026-01-28T15:40:28.684Z
CVE-2025-68072	6.5 (3.1)	WordPress Easy Property Listings plugin <= 3.5.17 - Br…	Merv Barrett	Easy Property Listings	2026-01-22T16:52:06.979Z	2026-01-28T15:39:01.232Z
CVE-2025-59895	8.2 (4.0)	Remote denial-of-service (DoS) vulnerability in Sync B…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:55:43.546Z	2026-01-28T15:38:11.029Z
CVE-2025-68507	6.5 (3.1)	WordPress Icegram plugin <= 3.1.35 - Broken Access Con…	Icegram	Icegram	2026-01-22T16:52:07.377Z	2026-01-28T15:38:01.128Z
CVE-2025-59896	5.1 (4.0)	Authenticated Cross-Site Scripting (XSS) vulnerability…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:58:13.762Z	2026-01-28T15:35:37.114Z
CVE-2025-59897	5.1 (4.0)	Authenticated Cross-Site Scripting (XSS) vulnerability…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:58:28.711Z	2026-01-28T15:34:32.254Z
CVE-2024-52616	5.3 (3.1)	Avahi: avahi wide-area dns predictable transaction ids			2024-11-21T20:41:11.636Z	2026-01-28T15:34:19.759Z
CVE-2025-59898	5.1 (4.0)	Authenticated Cross-Site Scripting (XSS) vulnerability…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:58:44.144Z	2026-01-28T15:32:32.025Z
CVE-2025-59899	5.1 (4.0)	Authenticated Cross-Site Scripting (XSS) vulnerability…	Flexense	Sync Breeze Enterprise Server	2026-01-28T11:59:02.326Z	2026-01-28T15:26:31.667Z
CVE-2025-59900	5.1 (4.0)	Authenticated Cross-Site Scripting (XSS) vulnerability…	Flexense	Sync Breeze Enterprise Server	2026-01-28T12:00:05.516Z	2026-01-28T15:23:07.693Z
CVE-2025-68869	9.8 (3.1)	WordPress LazyTasks plugin <= 1.4.01 - Privilege Escal…	LazyCoders LLC	LazyTasks	2026-01-22T16:52:10.526Z	2026-01-28T15:22:59.412Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-70307	7.5 (3.1)	A stack overflow in the dump_ttxt_sample function…	n/a	n/a	2026-01-15T00:00:00.000Z	2026-01-15T18:44:51.463Z
CVE-2025-70299	6.5 (3.1)	A heap overflow in the avi_parse_input_file() fun…	n/a	n/a	2026-01-15T00:00:00.000Z	2026-01-15T18:23:54.704Z
CVE-2026-24515	2.9 (3.1)	In libexpat before 2.7.4, XML_ExternalEntityParse…	libexpat project	libexpat	2026-01-23T07:46:36.397Z	2026-01-23T15:31:51.679Z
CVE-2025-48756	2.9 (3.1)	In group_number in the scsir crate 0.2.0 for Rust…	maboroshinokiseki	scsir	2025-05-24T00:00:00.000Z	2025-05-24T10:13:20.996Z
CVE-2026-24421	6.5 (3.1)	phpMyFAQ missing authorization exposes /api/setup/back…	thorsten	phpMyFAQ	2026-01-24T01:43:10.011Z	2026-01-26T16:17:14.650Z
CVE-2026-23954	8.7 (3.1)	Incus container image templating arbitrary host file r…	lxc	incus	2026-01-22T21:45:55.696Z	2026-01-26T21:02:48.738Z
CVE-2026-23953	8.7 (3.1)	Incus container environment configuration newline injection	lxc	incus	2026-01-22T21:39:41.015Z	2026-01-26T21:00:46.311Z
CVE-2025-66098	6.5 (3.1)	WordPress Travelers' Map plugin <= 2.3.2 - Cross Site …	Camille V	Travelers' Map	2025-11-21T12:30:00.878Z	2026-01-30T16:14:58.790Z
CVE-2025-66090	6.5 (3.1)	WordPress SKT Skill Bar plugin <= 2.5 - Cross Site Scr…	sonalsinha21	SKT Skill Bar	2025-11-21T12:29:58.912Z	2026-01-30T16:16:41.907Z
CVE-2025-62986	7.1 (3.1)	WordPress FanBridge signup plugin <= 0.6 - Cross Site …	FanBridge	FanBridge signup	2025-10-27T01:34:21.481Z	2026-01-30T16:20:54.667Z
CVE-2025-62897	4.7 (3.1)	WordPress WP Recipe Maker plugin <= 10.1.1 - Content I…	Brecht	WP Recipe Maker	2025-10-27T01:33:49.016Z	2026-01-30T16:12:42.818Z
CVE-2025-52741	7.1 (3.1)	WordPress Post Connector Plugin <= 1.0.11 - Cross Site…	Barry Kooij	Post Connector	2025-10-22T14:32:23.521Z	2026-01-30T16:13:53.872Z
CVE-2026-0534	7.1 (3.1)	Stored XSS in the value of a part attribute	Autodesk	Fusion	2026-01-22T16:59:01.906Z	2026-02-04T00:05:04.727Z
CVE-2026-0535	7.1 (3.1)	Stored XSS in Electronic Library Component Description	Autodesk	Fusion	2026-01-22T16:59:34.236Z	2026-02-03T17:35:07.834Z
CVE-2026-0533	7.1 (3.1)	Stored XSS in Fusion desktop when attempting to delete…	Autodesk	Fusion	2026-01-22T16:58:43.084Z	2026-02-03T18:17:16.141Z
CVE-2025-14503	8.6 (4.0) 7.2 (3.1)	Overly Permissive Trust Policy in Harmonix on AWS EKS	AWS	Harmonix on AWS	2025-12-15T19:45:00.729Z	2025-12-16T23:13:44.545Z
CVE-2026-1386	6 (3.1) 6 (4.0)	Arbitrary Host File Overwrite via Symlink in Firecrack…	AWS	Firecracker	2026-01-23T20:25:02.188Z	2026-01-23T20:38:50.592Z
CVE-2025-8148	4.2 (3.1)	CVE-2025-8148 Improper Access Control in SFTP service …	Fortra	GoAnywhere MFT	2025-12-05T20:56:05.135Z	2025-12-05T21:48:44.070Z
CVE-2021-24749	N/A	URL Shortify < 1.5.1 - Arbitrary Link/Group Deletion v…	Unknown	URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPress	2021-11-29T08:25:32	2024-08-03T19:42:16.664Z
CVE-2023-26813	9.8 (3.1)	SQL injection vulnerability in com.xnx3.wangmarke…	n/a	n/a	2023-04-28T00:00:00.000Z	2025-01-31T16:38:16.281Z
CVE-2025-13744	8.4 (4.0)	Improper Neutralization of Input During Web Page Gener…	GitHub	Enterprise Server	2026-01-06T20:44:02.712Z	2026-01-06T21:02:33.455Z
CVE-2026-1419	5.1 (4.0) 4.7 (3.1) 4.7 (3.0)	D-Link DCS700l Web Form setDayNightMode command injection	D-Link	DCS700l	2026-01-26T04:32:08.759Z	2026-01-26T15:11:20.874Z
CVE-2025-46316	4.3 (3.1)	An out-of-bounds read was addressed with improved…	Apple	macOS	2026-01-28T17:26:19.018Z	2026-01-28T19:19:57.133Z
CVE-2026-1125	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	D-Link DIR-823X set_wifidog_settings sub_412E7C comman…	D-Link	DIR-823X	2026-01-18T16:02:08.755Z	2026-01-20T16:41:42.916Z
CVE-2025-46306	5.5 (3.1)	The issue was addressed with improved bounds chec…	Apple	iOS and iPadOS	2026-01-28T17:26:19.751Z	2026-01-29T16:41:52.396Z
CVE-2026-1414	5.3 (4.0) 6.3 (3.1) 6.3 (3.0)	Sangfor Operation and Maintenance Security Management …	Sangfor	Operation and Maintenance Security Management System	2026-01-26T02:02:06.549Z	2026-01-26T17:27:09.368Z
CVE-2026-1413	5.3 (4.0) 6.3 (3.1) 6.3 (3.0)	Sangfor Operation and Maintenance Security Management …	Sangfor	Operation and Maintenance Security Management System	2026-01-26T01:32:06.217Z	2026-01-26T17:27:53.149Z
CVE-2022-48178	5.4 (3.1)	X2CRM Open Source Sales CRM 6.6 and 6.9 was disco…	n/a	n/a	2023-04-15T00:00:00.000Z	2025-02-06T15:49:15.652Z
CVE-2022-48177	5.4 (3.1)	X2CRM Open Source Sales CRM 6.6 and 6.9 was disco…	n/a	n/a	2023-04-15T00:00:00.000Z	2025-02-06T15:51:33.777Z
CVE-2026-1412	6.9 (4.0) 7.3 (3.1) 7.3 (3.0)	Sangfor Operation and Maintenance Security Management …	Sangfor	Operation and Maintenance Security Management System	2026-01-26T01:02:05.990Z	2026-01-26T17:28:19.803Z

ID	Description	Published	Updated
fkie_cve-2026-21933	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition prod…	2026-01-20T22:15:55.917	2026-01-30T16:07:09.417
fkie_cve-2026-21945	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition prod…	2026-01-20T22:15:57.390	2026-01-30T16:03:26.530
fkie_cve-2023-54334	Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler (SE…	2026-01-13T23:16:00.877	2026-01-30T15:51:04.563
fkie_cve-2023-54330	Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability …	2026-01-13T23:16:00.163	2026-01-30T15:48:11.273
fkie_cve-2023-54329	Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthe…	2026-01-13T23:15:59.970	2026-01-30T15:47:32.033
fkie_cve-2026-23847	SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflect…	2026-01-19T20:15:49.393	2026-01-30T15:36:42.487
fkie_cve-2026-23850	SiYuan is a personal knowledge management system. In versions prior to 3.5.4, the markdown feature …	2026-01-19T20:15:49.533	2026-01-30T15:35:36.417
fkie_cve-2026-23851	SiYuan is a personal knowledge management system. Versions prior to 3.5.4 contain a logic vulnerabi…	2026-01-19T20:15:49.670	2026-01-30T15:12:24.700
fkie_cve-2026-23852	SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site …	2026-01-19T20:15:49.803	2026-01-30T15:08:46.287
fkie_cve-2022-50932	Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows u…	2026-01-13T23:15:57.967	2026-01-30T15:08:41.740
fkie_cve-2025-52981	An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon…	2025-07-11T16:15:25.213	2026-01-30T15:01:40.547
fkie_cve-2026-1144	A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of…	2026-01-19T08:16:04.857	2026-01-30T15:00:38.940
fkie_cve-2026-1145	A flaw has been found in quickjs-ng quickjs up to 0.11.0. Affected by this vulnerability is the fun…	2026-01-19T09:16:02.587	2026-01-30T14:59:15.233
fkie_cve-2026-22807	vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.…	2026-01-21T22:15:49.077	2026-01-30T14:43:22.290
fkie_cve-2026-24779	vLLM is an inference and serving engine for large language models (LLMs). Prior to version 0.14.1, …	2026-01-27T22:15:57.280	2026-01-30T14:41:25.530
fkie_cve-2025-65098	Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script executio…	2026-01-22T15:16:48.370	2026-01-30T14:32:00.327
fkie_cve-2025-64709	Typebot is an open-source chatbot builder. In versions prior to 3.13.1, a Server-Side Request Forge…	2025-11-13T20:15:53.053	2026-01-30T14:23:42.560
fkie_cve-2025-64706	Typebot is an open-source chatbot builder. In version 3.9.0 up to but excluding version 3.13.0, an …	2025-11-13T18:15:56.310	2026-01-30T14:14:33.550
fkie_cve-2024-30264	Typebot is an open-source chatbot builder. A reflected cross-site scripting (XSS) in the sign-in pa…	2024-04-04T21:15:16.380	2026-01-30T14:12:48.600
fkie_cve-2022-50925	Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attac…	2026-01-13T23:15:56.687	2026-01-30T14:00:00.240
fkie_cve-2025-13925	IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read b…	2026-01-20T15:16:13.983	2026-01-30T13:55:23.963
fkie_cve-2026-24061	telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for …	2026-01-21T07:16:01.597	2026-01-30T13:28:59.293
fkie_cve-2026-1281	A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated re…	2026-01-29T22:15:53.140	2026-01-30T13:28:18.610
fkie_cve-2026-23011	In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_heade…	2026-01-25T15:15:55.977	2026-01-30T10:15:57.653
fkie_cve-2026-23010	In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in in…	2026-01-25T15:15:55.867	2026-01-30T10:15:57.540
fkie_cve-2026-23006	In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null …	2026-01-25T15:15:55.480	2026-01-30T10:15:57.430
fkie_cve-2026-23005	In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in…	2026-01-25T15:15:55.377	2026-01-30T10:15:57.327
fkie_cve-2026-23003	In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_…	2026-01-25T15:15:55.170	2026-01-30T10:15:57.213
fkie_cve-2026-23001	In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in m…	2026-01-25T15:15:54.970	2026-01-30T10:15:57.110
fkie_cve-2026-22999	In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: do not fre…	2026-01-25T15:15:54.753	2026-01-30T10:15:57.003

ID	Severity	Description	Published	Updated
ghsa-grxh-vmwr-556w	5.4 (3.1)	Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Dolcino dolcino all…	2026-01-22T18:30:40Z	2026-01-27T21:31:43Z
ghsa-gm44-v6r8-p25m	4.3 (3.1)	Cross-Site Request Forgery (CSRF) vulnerability in AA-Team SearchAzon searchazon allows Cross Site …	2026-01-22T18:30:39Z	2026-01-27T21:31:43Z
ghsa-f25r-2j92-5mqm	5.4 (3.1)	Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows …	2026-01-22T18:30:40Z	2026-01-27T21:31:43Z
ghsa-9fcm-hxf8-v4x6	5.9 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:40Z	2026-01-27T21:31:43Z
ghsa-79q7-wj69-pjqg	5.4 (3.1)	Cross-Site Request Forgery (CSRF) vulnerability in winkm89 teachPress teachpress allows Cross Site …	2026-01-22T18:30:40Z	2026-01-27T21:31:43Z
ghsa-74q9-gx85-44m3	4.3 (3.1)	Cross-Site Request Forgery (CSRF) vulnerability in richardevcom Add Polylang support for Customizer…	2026-01-22T18:30:40Z	2026-01-27T21:31:43Z
ghsa-6x26-wr3f-8332	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:39Z	2026-01-27T21:31:43Z
ghsa-6p2m-8xf7-qgpf	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:40Z	2026-01-27T21:31:43Z
ghsa-5v37-qm3f-mh2p	7.1 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:39Z	2026-01-27T21:31:43Z
ghsa-wxqh-5r9q-5hhf	6.5 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-ww54-q5mm-h44g	8.2 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2026-01-22T18:30:37Z	2026-01-27T21:31:42Z
ghsa-wgrv-6j54-h2xj	6.5 (3.1)	Missing Authorization vulnerability in NSquared Simply Schedule Appointments simply-schedule-appoin…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-vhqg-6cjf-4jw7	9.1 (3.1)	Unrestricted Upload of File with Dangerous Type vulnerability in Xpro Xpro Elementor Addons xpro-el…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-v79x-27fq-r59f	8.1 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-rjv5-9xjq-63w7	9.8 (3.1)	Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee allows…	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-qp54-rrr2-2cx5	7.6 (3.1)	Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting In…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-q9f5-85hh-g48c	7.5 (3.1)	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Aiv…	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-jhxx-jxcx-hxjh	6.5 (3.1)	Missing Authorization vulnerability in solacewp Solace solace allows Exploiting Incorrectly Configu…	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-j4p5-pg39-488f	9.8 (3.1)	Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogistic blogistic al…	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-gh9v-9mv6-p8g9	7.1 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-9wq4-qhqp-553r	8.2 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2026-01-22T18:30:37Z	2026-01-27T21:31:42Z
ghsa-75wm-q5m3-c399	7.5 (3.1)	Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Conf…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-75hf-52rg-6v76	7.3 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-7335-mx3x-jg48	5.3 (3.1)	Missing Authorization vulnerability in Tasos Fel Civic Cookie Control civic-cookie-control-8 allows…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-5p48-v8rv-8f32	7.5 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-4p8r-wx48-qfxr	8.1 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2026-01-22T18:30:36Z	2026-01-27T21:31:42Z
ghsa-3w43-vh49-x5jp	7.1 (3.1)	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability …	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-3mf6-3q6q-vqgr	7.3 (3.1)	Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allo…	2026-01-22T18:30:38Z	2026-01-27T21:31:42Z
ghsa-32qq-wr5q-gh7c	7.5 (3.1)	Improper Control of Generation of Code ('Code Injection') vulnerability in Beaver Builder Beaver Bu…	2026-01-22T18:30:39Z	2026-01-27T21:31:42Z
ghsa-2p99-vc9j-4p2g	8.2 (3.1)	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusi…	2026-01-22T18:30:37Z	2026-01-27T21:31:42Z

ID	Description	Package	Published	Updated
pysec-2020-286	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorF…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:42.621580Z
pysec-2020-285	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` ar…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:42.433318Z
pysec-2020-284	In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not …	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:42.248668Z
pysec-2020-283	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:42.062393Z
pysec-2020-282	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in T…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.876848Z
pysec-2020-281	In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.679840Z
pysec-2020-280	In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.630526Z
pysec-2020-279	In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that …	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.569566Z
pysec-2020-278	In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.523521Z
pysec-2020-277	In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.476873Z
pysec-2020-276	In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` …	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.429939Z
pysec-2020-275	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation o…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.380854Z
pysec-2020-274	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmpty…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:41.172167Z
pysec-2020-273	In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` c…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:40.985674Z
pysec-2020-272	In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to `dlp…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:40.896350Z
pysec-2020-271	In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `d…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:40.816458Z
pysec-2020-270	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `tf.raw_ops.Swit…	tensorflow-cpu	2020-09-25T19:15:00Z	2021-12-09T06:34:40.732914Z
pysec-2021-439	In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for …	django	2021-12-08T00:15:00Z	2021-12-08T02:30:49.294438Z
pysec-2021-438	django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generat…	django-helpdesk	2021-12-01T11:15:00Z	2021-12-02T21:26:01.187346Z
pysec-2021-437	A flaw was found in python-pip in the way it handled Unicode separators in git references…	pip	2021-11-10T18:15:00Z	2021-11-29T23:42:09.374676Z
pysec-2021-436	Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version…	matrix-synapse	2021-11-23T20:15:00Z	2021-11-29T23:11:29.870597Z
pysec-2021-435	Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed…	apache-superset	2021-11-17T15:15:00Z	2021-11-29T23:10:59.097625Z
pysec-2021-434	Apache Superset up to and including 1.3.1 allowed for database connections password leak …	apache-superset	2021-11-12T19:15:00Z	2021-11-29T23:10:59.053614Z
pysec-2021-433	S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket, as demonstrated b…	s3scanner	2021-11-29T03:15:00Z	2021-11-29T21:27:52.731426Z
pysec-2021-432	Nanopb is a small code-size Protocol Buffers implementation in ansi C. In Nanopb before v…	nanopb	2021-03-23T18:15:00Z	2021-11-24T22:47:12.152718Z
pysec-2018-106	An issue was discovered in Mayan EDMS before 3.0.2. The Appearance app sets window.locati…	mayan-edms	2018-09-03T19:29:00Z	2021-11-24T22:47:09.222926Z
pysec-2019-221	Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an …	homeassistant	2019-09-23T16:15:00Z	2021-11-24T22:47:02.221265Z
pysec-2020-268	In EasyBuild before version 4.1.2, the GitHub Personal Access Token (PAT) used by EasyBui…	easybuild	2020-03-19T17:15:00Z	2021-11-24T22:46:59.562632Z
pysec-2018-105	Incorrect implementation of access controls allows remote users to override repository re…	borgbackup	2018-02-08T23:29:00Z	2021-11-24T22:46:40.919619Z
pysec-2021-431	django-helpdesk is vulnerable to Improper Neutralization of Input During Web Page Generat…	django-helpdesk	2021-11-19T12:15:00Z	2021-11-23T19:22:08.078180Z

ID	Description	Updated
gsd-2024-32549	Cross-Site Request Forgery (CSRF) vulnerability in Microkid Related Posts for WordPress a…	2024-04-16T05:01:54.650720Z
gsd-2024-32548	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.614044Z
gsd-2024-32547	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.730049Z
gsd-2024-32546	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.642507Z
gsd-2024-32545	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.627067Z
gsd-2024-32544	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.725139Z
gsd-2024-32543	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.682691Z
gsd-2024-32542	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.586264Z
gsd-2024-32541	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.682254Z
gsd-2024-32540	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.743699Z
gsd-2024-32539	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.693269Z
gsd-2024-32538	Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allow…	2024-04-16T05:01:54.638995Z
gsd-2024-32537	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:54.685308Z
gsd-2024-32536	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.700192Z
gsd-2024-32535	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.568779Z
gsd-2024-32534	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.603657Z
gsd-2024-32533	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.584486Z
gsd-2024-32532	Missing Authorization vulnerability in SiteGround Speed Optimizer.This issue affects Spee…	2024-04-16T05:01:54.610205Z
gsd-2024-32531	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.612779Z
gsd-2024-32530	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.693469Z
gsd-2024-32529	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.654045Z
gsd-2024-32528	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.677621Z
gsd-2024-32527	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.698658Z
gsd-2024-32526	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vuln…	2024-04-16T05:01:54.669764Z
gsd-2024-32525	Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: …	2024-04-16T05:01:54.581887Z
gsd-2024-32524	Missing Authorization vulnerability in Nuggethon Custom Order Statuses for WooCommerce.Th…	2024-04-16T05:01:54.638544Z
gsd-2024-32523	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:54.657925Z
gsd-2024-32522	Missing Authorization vulnerability in Jaed Mosharraf & Pluginbazar Team Open Close WooCo…	2024-04-16T05:01:54.628830Z
gsd-2024-32521	The format of the source doesn't require a description, click on the link for more details.	2024-04-16T05:01:54.585584Z
gsd-2024-32520	Missing Authorization vulnerability in WPClever WPC Grouped Product for WooCommerce.This …	2024-04-16T05:01:54.624884Z

ID	Description	Published	Updated
MAL-2025-191760	Malicious code in hooktest1 (PyPI)	2025-11-23T16:26:36Z	2025-12-31T02:45:15Z
MAL-2025-191745	Malicious code in gtts-lts (PyPI)	2025-09-15T16:44:31Z	2025-12-31T02:45:15Z
MAL-2025-191744	Malicious code in gradio-videotimeline (PyPI)	2025-10-01T09:22:55Z	2025-12-31T02:45:15Z
MAL-2025-191740	Malicious code in gnosis-py (PyPI)	2025-10-06T10:53:16Z	2025-12-31T02:45:15Z
MAL-2025-191739	Malicious code in giteegit (PyPI)	2025-09-06T11:22:48Z	2025-12-31T02:45:15Z
MAL-2025-191733	Malicious code in fonafx (PyPI)	2025-07-04T09:57:46Z	2025-12-31T02:45:15Z
MAL-2025-191732	Malicious code in flask-tdg-cyberx (PyPI)	2025-08-17T19:39:48Z	2025-12-31T02:45:15Z
MAL-2025-191723	Malicious code in fastertelethon (PyPI)	2025-04-04T12:54:50Z	2025-12-31T02:45:15Z
MAL-2025-191722	Malicious code in evil-py-argo-shell (PyPI)	2025-11-24T13:19:35Z	2025-12-31T02:45:15Z
MAL-2025-191718	Malicious code in discord-selfsbotsx (PyPI)	2025-11-27T23:24:51Z	2025-12-31T02:45:15Z
MAL-2025-191713	Malicious code in db-aggregator-api (PyPI)	2025-11-08T20:20:23Z	2025-12-31T02:45:15Z
MAL-2025-191712	Malicious code in d1snakegame (PyPI)	2025-10-03T16:11:50Z	2025-12-31T02:45:15Z
MAL-2025-191711	Malicious code in d1n0exploitaaaa (PyPI)	2025-11-14T17:22:10Z	2025-12-31T02:45:15Z
MAL-2025-191709	Malicious code in cti-ctf-challenges (PyPI)	2025-09-09T17:40:01Z	2025-12-31T02:45:15Z
MAL-2025-191708	Malicious code in crto5 (PyPI)	2025-07-14T16:42:19Z	2025-12-31T02:45:15Z
MAL-2025-191704	Malicious code in computestpspeedcomp (PyPI)	2025-02-13T13:18:05Z	2025-12-31T02:45:15Z
MAL-2025-191702	Malicious code in chromifypro (PyPI)	2025-11-07T22:43:23Z	2025-12-31T02:45:15Z
MAL-2025-191699	Malicious code in chat-prompt-logger (PyPI)	2025-11-30T00:34:30Z	2025-12-31T02:45:15Z
MAL-2025-191698	Malicious code in callistopy (PyPI)	2025-07-05T10:23:57Z	2025-12-31T02:45:15Z
MAL-2025-191694	Malicious code in bprintoor (PyPI)	2025-02-13T13:18:05Z	2025-12-31T02:45:15Z
MAL-2025-191689	Malicious code in backtradingbot (PyPI)	2025-07-31T08:37:38Z	2025-12-31T02:45:15Z
MAL-2025-191688	Malicious code in axonify (PyPI)	2025-03-18T09:49:12Z	2025-12-31T02:45:15Z
MAL-2025-191686	Malicious code in aws-enumerateiam (PyPI)	2025-11-18T23:47:36Z	2025-12-31T02:45:15Z
MAL-2025-191681	Malicious code in anothertestproject (PyPI)	2025-10-08T12:45:34Z	2025-12-31T02:45:15Z
MAL-2025-191678	Malicious code in amd-taichi (PyPI)	2025-09-15T14:34:20Z	2025-12-31T02:45:15Z
MAL-2025-191674	Malicious code in aiogram-msgeffect (PyPI)	2025-11-22T16:25:53Z	2025-12-31T02:45:15Z
MAL-2025-191658	Malicious code in richx (PyPI)	2025-10-31T13:39:17Z	2025-12-31T02:45:15Z
MAL-2025-191655	Malicious code in rando0192490 (PyPI)	2025-10-19T16:48:34Z	2025-12-31T02:45:15Z
MAL-2025-191653	Malicious code in ptxcompiler (PyPI)	2025-10-17T15:20:16Z	2025-12-31T02:45:15Z
MAL-2025-191651	Malicious code in my-first-pypi-demo (PyPI)	2025-08-20T16:33:25Z	2025-12-31T02:45:15Z

ID	Description	Published	Updated
wid-sec-w-2025-0923	Elasticsearch: Schwachstelle ermöglicht Denial of Service	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0921	Microsoft Azure: Mehrere Schwachstellen	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0920	Symantec Endpoint Protection (ERASER Engine): Schwachstelle ermöglicht Privilegieneskalation	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0919	LogStash: Schwachstelle ermöglicht Codeausführung	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0918	SonicWall SMA1000 Appliance: Schwachstelle ermöglicht Manipulation von Daten	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0917	Kibana: Mehrere Schwachstellen	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0916	Microsoft Dynamics 365: Schwachstelle ermöglicht Offenlegung von Informationen	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0915	Debian Linux (libuv und Node.js): Schwachstelle ermöglicht nicht spezifizierten Angriff	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0914	Ruby: Schwachstelle ermöglicht Denial of Service	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0913	Mozilla Firefox Focus für iOS: Schwachstelle ermöglicht Darstellen falscher Informationen	2025-05-01T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0911	Nagios Enterprises Nagios XI: Mehrere Schwachstellen	2021-10-14T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0838	Erlang/OTP SSH: Schwachstelle ermöglicht Codeausführung	2025-04-16T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0216	Red Hat OpenShift Container Platform: Schwachstelle ermöglicht Umgehung von Sicherheitsvorkehrungen	2025-01-29T23:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-3054	SonicWall SMA: Mehrere Schwachstellen	2023-12-04T23:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-2799	QEMU: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2023-10-31T23:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-2787	Mozilla NSS: Schwachstelle ermöglicht Offenlegung von Informationen	2023-10-31T23:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-1731	QEMU: Schwachstelle ermöglicht Denial of Service	2023-07-12T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-1686	Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen und Denial of Service	2023-07-09T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-1187	QT: Schwachstelle ermöglicht nicht spezifizierten Angriff	2023-05-09T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-0787	Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation	2023-03-28T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2023-0457	Mozilla Firefox/Thunderbird: Mehrere Schwachstellen	2020-06-30T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2022-1490	Ghostscript: Schwachstelle ermöglicht Denial of Service	2022-09-20T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2022-0617	IBM WebSphere Application Server: Mehrere Schwachstellen	2022-07-07T22:00:00.000+00:00	2025-05-01T22:00:00.000+00:00
wid-sec-w-2025-0910	IBM Operational Decision Manager: Schwachstelle ermöglicht Cross-Site Scripting	2025-04-29T22:00:00.000+00:00	2025-04-29T22:00:00.000+00:00
wid-sec-w-2025-0909	Docker Desktop: Mehrere Schwachstellen	2025-04-29T22:00:00.000+00:00	2025-04-29T22:00:00.000+00:00
wid-sec-w-2025-0907	xwiki: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2025-04-29T22:00:00.000+00:00	2025-04-29T22:00:00.000+00:00
wid-sec-w-2025-0903	xwiki: Schwachstelle ermöglicht Offenlegung von Informationen	2025-04-29T22:00:00.000+00:00	2025-04-29T22:00:00.000+00:00
wid-sec-w-2025-0900	docker: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen	2020-06-02T22:00:00.000+00:00	2025-04-29T22:00:00.000+00:00
wid-sec-w-2025-0630	Keycloak: Schwachstelle ermöglicht Denial of Service	2025-03-24T23:00:00.000+00:00	2025-04-29T22:00:00.000+00:00
wid-sec-w-2025-0223	binutils: Schwachstelle ermöglicht nicht spezifizierten Angriff	2025-01-29T23:00:00.000+00:00	2025-04-29T22:00:00.000+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
rhsa-2023:3911	Red Hat Security Advisory: OpenShift Container Platform 4.10.63 security update	2023-07-06T02:32:52+00:00	2026-02-03T21:15:32+00:00
rhsa-2023:3905	Red Hat Security Advisory: Network observability 1.3.0 for Openshift	2023-06-28T15:42:53+00:00	2026-02-03T21:15:32+00:00
rhsa-2023:3910	Red Hat Security Advisory: Red Hat OpenShift Enterprise security update	2023-07-06T03:01:05+00:00	2026-02-03T21:15:30+00:00
rhsa-2023:3742	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update	2023-06-21T15:22:11+00:00	2026-02-03T21:15:29+00:00
rhsa-2023:3644	Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.0	2023-06-15T20:55:47+00:00	2026-02-03T21:15:28+00:00
rhsa-2023:3642	Red Hat Security Advisory: Red Hat Ceph Storage 6.1 Container security and bug fix update	2023-06-15T15:59:41+00:00	2026-02-03T21:15:28+00:00
rhsa-2023:3624	Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update	2023-06-15T09:48:09+00:00	2026-02-03T21:15:27+00:00
rhsa-2023:3614	Red Hat Security Advisory: OpenShift Container Platform 4.13.4 bug fix and security update	2023-06-23T04:23:30+00:00	2026-02-03T21:15:25+00:00
rhsa-2023:3615	Red Hat Security Advisory: OpenShift Container Platform 4.12.22 bug fix and security update	2023-06-24T01:26:01+00:00	2026-02-03T21:15:24+00:00
rhsa-2023:3613	Red Hat Security Advisory: OpenShift Container Platform 4.12.22 packages and security update	2023-06-26T01:19:15+00:00	2026-02-03T21:15:22+00:00
rhsa-2023:3612	Red Hat Security Advisory: OpenShift Container Platform 4.13.4 packages and security update	2023-06-23T04:43:23+00:00	2026-02-03T21:15:21+00:00
rhsa-2023:3545	Red Hat Security Advisory: OpenShift Container Platform 4.12.21 packages and security update	2023-06-14T04:24:45+00:00	2026-02-03T21:15:21+00:00
rhsa-2023:3542	Red Hat Security Advisory: OpenShift Container Platform 4.11.43 bug fix and security update	2023-06-14T14:20:27+00:00	2026-02-03T21:15:20+00:00
rhsa-2023:3540	Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update	2023-06-13T15:35:11+00:00	2026-02-03T21:15:19+00:00
rhsa-2023:3537	Red Hat Security Advisory: OpenShift Container Platform 4.13.3 bug fix and security update	2023-06-13T13:10:24+00:00	2026-02-03T21:15:19+00:00
rhsa-2023:3536	Red Hat Security Advisory: OpenShift Container Platform 4.13.3 packages and security update	2023-06-13T15:19:13+00:00	2026-02-03T21:15:18+00:00
rhsa-2023:3495	Red Hat Security Advisory: Logging Subsystem 5.7.2 - Red Hat OpenShift security update	2023-06-12T19:08:51+00:00	2026-02-03T21:15:18+00:00
rhsa-2023:3455	Red Hat Security Advisory: Release of OpenShift Serverless 1.29.0	2023-06-05T23:42:42+00:00	2026-02-03T21:15:17+00:00
rhsa-2023:3450	Red Hat Security Advisory: OpenShift Serverless Client kn 1.29.0 release	2023-06-05T16:47:21+00:00	2026-02-03T21:15:17+00:00
rhsa-2023:3447	Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (etcd) security update	2023-06-05T18:54:02+00:00	2026-02-03T21:15:16+00:00
rhsa-2023:3445	Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update	2023-06-05T18:55:04+00:00	2026-02-03T21:15:15+00:00
rhsa-2023:3435	Red Hat Security Advisory: Red Hat Advanced Cluster Security 3.74 for Kubernetes security update	2023-06-05T09:28:49+00:00	2026-02-03T21:15:15+00:00
rhsa-2023:3415	Red Hat Security Advisory: ACS 4.0 enhancement and security update	2023-05-31T19:38:11+00:00	2026-02-03T21:15:15+00:00
rhsa-2023:3410	Red Hat Security Advisory: OpenShift Container Platform 4.12.20 bug fix and security update	2023-06-07T20:59:36+00:00	2026-02-03T21:15:12+00:00
rhsa-2023:3409	Red Hat Security Advisory: OpenShift Container Platform 4.12.20 packages and security update	2023-06-07T21:21:50+00:00	2026-02-03T21:15:11+00:00
rhsa-2023:3379	Red Hat Security Advisory: Red Hat Advanced Cluster Security for Kubernetes 3.73 security update	2023-05-31T11:16:56+00:00	2026-02-03T21:15:10+00:00
rhsa-2023:3367	Red Hat Security Advisory: OpenShift Container Platform 4.13.2 bug fix and security update	2023-06-07T01:50:35+00:00	2026-02-03T21:15:09+00:00
rhsa-2023:3366	Red Hat Security Advisory: OpenShift Container Platform 4.13.2 packages and security update	2023-06-07T02:08:03+00:00	2026-02-03T21:15:09+00:00
rhsa-2023:3323	Red Hat Security Advisory: go-toolset-1.19 and go-toolset-1.19-golang security update	2023-05-25T12:29:39+00:00	2026-02-03T21:15:08+00:00
rhsa-2023:3319	Red Hat Security Advisory: go-toolset:rhel8 security update	2023-05-25T08:10:11+00:00	2026-02-03T21:15:07+00:00

ID	Description	Published	Updated
icsa-23-348-05	Siemens SIMATIC and SIPLUS Products	2023-12-12T00:00:00Z	2023-12-12T00:00:00Z
icsa-21-103-09	Siemens LOGO! Soft Comfort	2021-04-13T00:00:00.000000Z	2023-12-12T00:00:00.000000Z
icsa-19-344-03	Siemens RUGGEDCOM ROS (Update A)	2019-12-10T00:00:00.000000Z	2023-12-12T00:00:00.000000Z
icsa-23-341-06	Sierra Wireless AirLink with ALEOS firmware	2023-12-07T07:00:00.000000Z	2023-12-07T07:00:00.000000Z
icsa-23-341-05	ControlbyWeb Relay	2023-12-07T07:00:00.000000Z	2023-12-07T07:00:00.000000Z
icsa-23-341-02	Schweitzer Engineering Laboratories SEL-411L	2023-12-07T07:00:00.000000Z	2023-12-07T07:00:00.000000Z
icsa-23-341-01	Mitsubishi Electric FA Engineering Software Products	2023-12-07T07:00:00.000000Z	2023-12-07T07:00:00.000000Z
icsa-25-182-02	FESTO Automation Suite, FluidDraw, and Festo Didactic Products	2023-11-28T07:00:00.000000Z	2023-12-05T07:00:00.000000Z
icsa-23-339-01	Zebra ZTC Industrial ZT400 and ZTC Desktop GK420d	2023-12-05T07:00:00.000000Z	2023-12-05T07:00:00.000000Z
icsa-23-334-04	Mitsubishi Electric FA Engineering Software Products	2023-11-30T07:00:00.000000Z	2023-11-30T07:00:00.000000Z
icsa-23-334-03	PTC KEPServerEx	2023-11-30T07:00:00.000000Z	2023-11-30T07:00:00.000000Z
icsa-23-334-02	Yokogawa STARDOM	2023-11-30T07:00:00.000000Z	2023-11-30T07:00:00.000000Z
icsa-23-334-01	Delta Electronics DOPSoft	2023-11-30T07:00:00.000000Z	2023-11-30T07:00:00.000000Z
icsma-23-331-01	BD FACSChorus	2023-11-28T07:00:00.000000Z	2023-11-28T07:00:00.000000Z
icsa-23-331-03	Mitsubishi Electric GX Works2	2023-11-28T07:00:00.000000Z	2023-11-28T07:00:00.000000Z
icsa-23-331-02	Franklin Electric Fueling Systems Colibri	2023-11-28T07:00:00.000000Z	2023-11-28T07:00:00.000000Z
icsa-23-325-02	Fuji Electric Tellus Lite V-Simulator	2023-11-21T07:00:00.000000Z	2023-11-21T07:00:00.000000Z
icsa-23-325-01	WAGO PFC200 Series	2023-11-21T07:00:00.000000Z	2023-11-21T07:00:00.000000Z
icsa-23-297-01	Rockwell Automation Stratix 5800 and Stratix 5200 (UPDATE A)	2023-10-24T06:00:00.000000Z	2023-11-21T07:00:00.000000Z
icsa-23-115-01	Keysight N8844A Data Analytics Web Service (Update A)	2023-04-25T06:00:00.000000Z	2023-11-21T07:00:00.000000Z
icsa-23-320-02	Hitachi Energy MACH System Software	2023-11-16T07:00:00.000000Z	2023-11-16T07:00:00.000000Z
icsa-23-320-01	Red Lion Sixnet RTUs	2023-11-16T07:00:00.000000Z	2023-11-16T07:00:00.000000Z
icsa-23-318-02	Rockwell Automation SIS Workstation and ISaGRAF Workbench	2023-11-14T07:00:00.000000Z	2023-11-14T07:00:00.000000Z
icsa-23-318-01	AVEVA Operations Control Logger	2023-11-14T07:00:00.000000Z	2023-11-14T07:00:00.000000Z
icsa-23-320-13	Siemens SIMATIC MV500	2023-11-14T00:00:00Z	2023-11-14T00:00:00Z
icsa-23-320-12	Siemens PNI	2023-11-14T00:00:00Z	2023-11-14T00:00:00Z
icsa-23-320-11	Siemens Mendix Studio Pro	2023-11-14T00:00:00Z	2023-11-14T00:00:00Z
icsa-23-320-10	Siemens SIPROTEC 4 7SJ66	2023-11-14T00:00:00Z	2023-11-14T00:00:00Z
icsa-23-320-09	Siemens COMOS	2023-11-14T00:00:00Z	2023-11-14T00:00:00Z
icsa-23-320-07	Siemens OPC UA Modeling Editor (SiOME)	2023-11-14T00:00:00Z	2023-11-14T00:00:00Z

ID	Description	Published	Updated
cisco-sa-rv-34x-privesc-gln8zaqe	Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Local Privilege Escalation Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-rv-34x-privesc-GLN8ZAQE	Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Local Privilege Escalation Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-nfvis-cmdinj-dkfjqg2j	Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-nfvis-cmdinj-DkFjqg2j	Cisco Enterprise NFV Infrastructure Software Command Injection Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-ipcameras-dos-fc3f6lzt	Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-ipcameras-dos-fc3F6LzT	Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Denial of Service Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-imp-inj-erecokjr	Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-imp-inj-ereCOKjR	Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-esa-wsa-sma-info-gy2aez2h	Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-esa-wsa-sma-info-gY2AEz2H	Cisco Content Security Management Appliance, Email Security Appliance, and Web Security Appliance Information Disclosure Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-bwms-xxe-uslrzgks	Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-bwms-xxe-uSLrZgKs	Cisco BroadWorks Messaging Server XML External Entity Injection Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-anyconnect-profile-aggmucdg	Cisco AnyConnect Secure Mobility Client Profile Modification Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-anyconnect-profile-AggMUCDg	Cisco AnyConnect Secure Mobility Client Profile Modification Vulnerability	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-anyconnect-code-exec-jr3twta6	Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-anyconnect-code-exec-jR3tWTA6	Cisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking Vulnerabilities	2021-05-05T16:00:00+00:00	2021-05-05T16:00:00+00:00
cisco-sa-webex-client-nbmqm9vt	Cisco Webex Meetings Desktop App for Windows Shared Memory Information Disclosure Vulnerability	2020-06-17T16:00:00+00:00	2021-05-05T15:31:08+00:00
cisco-sa-webex-client-NBmqM9vt	Cisco Webex Meetings Desktop App for Windows Shared Memory Information Disclosure Vulnerability	2020-06-17T16:00:00+00:00	2021-05-05T15:31:08+00:00
cisco-sa-memc-dos-fnctyykg	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability	2021-04-28T16:00:00+00:00	2021-05-04T14:08:30+00:00
cisco-sa-memc-dos-fncTyYKG	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability	2021-04-28T16:00:00+00:00	2021-05-04T14:08:30+00:00
cisco-sa-ise-priv-esc-fnzx8hhj	Cisco Identity Services Engine Privilege Escalation Vulnerability	2020-11-04T16:00:00+00:00	2021-05-03T20:17:53+00:00
cisco-sa-ise-priv-esc-fNZX8hHj	Cisco Identity Services Engine Privilege Escalation Vulnerability	2020-11-04T16:00:00+00:00	2021-05-03T20:17:53+00:00
cisco-sa-snort-filepolbypass-67dewme2	Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability	2021-01-13T16:00:00+00:00	2021-04-30T16:09:05+00:00
cisco-sa-snort-filepolbypass-67DEwMe2	Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability	2021-01-13T16:00:00+00:00	2021-04-30T16:09:05+00:00
cisco-sa-asa-cmdinj-tkyqfdcu	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability	2021-04-28T16:00:00+00:00	2021-04-30T11:19:08+00:00
cisco-sa-asa-cmdinj-TKyQfDcU	Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 1000 and 2100 Series Appliances Command Injection Vulnerability	2021-04-28T16:00:00+00:00	2021-04-30T11:19:08+00:00
cisco-sa-ftd-file-overwrite-xknrjgdb	Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability	2021-04-28T16:00:00+00:00	2021-04-28T16:00:00+00:00
cisco-sa-ftd-file-overwrite-XknRjGdB	Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability	2021-04-28T16:00:00+00:00	2021-04-28T16:00:00+00:00
cisco-sa-ftd-cmdinj-vwy5wqzt	Cisco Firepower Threat Defense Software Command Injection Vulnerability	2021-04-28T16:00:00+00:00	2021-04-28T16:00:00+00:00
cisco-sa-ftd-cmdinj-vWY5wqZT	Cisco Firepower Threat Defense Software Command Injection Vulnerability	2021-04-28T16:00:00+00:00	2021-04-28T16:00:00+00:00

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Published	Updated
msrc_cve-2022-36033	jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled	2022-08-02T00:00:00.000Z	2025-10-01T23:11:20.000Z
msrc_cve-2022-3560	A flaw was found in pesign. The pesign package provides a systemd service used to start the pesign daemon. This service unit runs a script to set ACLs for /etc/pki/pesign and /run/pesign directories to grant access privileges to users in the 'pesign' group. However, the script doesn't check for symbolic links. This could allow an attacker to gain access to privileged files and directories via a path traversal attack.	2023-02-01T00:00:00.000Z	2025-10-01T23:11:20.000Z
msrc_cve-2022-34176	Jenkins JUnit Plugin 1119.va_a_5e9068da_d7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.	2022-06-02T00:00:00.000Z	2025-10-01T23:11:19.000Z
msrc_cve-2022-3294	Node address isn't always verified when proxying	2023-03-10T00:00:00.000Z	2025-10-01T23:11:19.000Z
msrc_cve-2022-32743	Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.	2022-09-02T00:00:00.000Z	2025-10-01T23:11:19.000Z
msrc_cve-2022-31629	$_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities	2022-09-02T00:00:00.000Z	2025-10-01T23:11:18.000Z
msrc_cve-2022-31628	phar wrapper can occur dos when using quine gzip file	2022-09-02T00:00:00.000Z	2025-10-01T23:11:18.000Z
msrc_cve-2022-31626	mysqlnd/pdo password buffer overflow	2022-06-02T00:00:00.000Z	2025-10-01T23:11:18.000Z
msrc_cve-2022-31625	Freeing unallocated memory in php_pgsql_free_params()	2022-06-02T00:00:00.000Z	2025-10-01T23:11:18.000Z
msrc_cve-2022-31321	The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-31144	Potential heap overflow in Redis	2022-07-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-3114	An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference.	2022-12-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-2961	A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This flaw allows a local user to crash or potentially escalate their privileges on the system.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:17.000Z
msrc_cve-2022-28066	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26280. Reason: This candidate is a duplicate of CVE-2022-26280. Notes: All CVE users should reference CVE-2022-26280 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage	2022-05-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-25857	Denial of Service (DoS)	2022-08-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-25345	Denial of Service (DoS)	2022-06-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-21628	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run o	2022-10-02T00:00:00.000Z	2025-10-01T23:11:16.000Z
msrc_cve-2022-21626	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplie	2022-10-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21624	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web	2022-10-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21619	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a	2022-10-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21541	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Com	2022-07-02T00:00:00.000Z	2025-10-01T23:11:15.000Z
msrc_cve-2022-21540	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which	2022-07-02T00:00:00.000Z	2025-10-01T23:11:14.000Z
msrc_cve-2022-20001	Injection in fish	2022-03-02T00:00:00.000Z	2025-10-01T23:11:14.000Z
msrc_cve-2022-1966	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.	2022-06-02T00:00:00.000Z	2025-10-01T23:11:14.000Z
msrc_cve-2022-1615	In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.	2022-09-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2022-1249	A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the cms_common.c file. The function fails to handle the NULL pwdata invocation from daemon.c, which leads to an explicit NULL dereference and crash on all attempts to daemonize pesign.	2022-04-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2022-0480	A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2022-0216	A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service.	2022-08-02T00:00:00.000Z	2025-10-01T23:11:13.000Z
msrc_cve-2021-44038	An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update.	2021-11-02T00:00:00.000Z	2025-10-01T23:11:12.000Z
msrc_cve-2021-41186	ReDoS vulnerability in parser_apache2	2021-10-02T00:00:00.000Z	2025-10-01T23:11:12.000Z

ID	Description	Published	Updated

ID	Description	Published	Updated
opensuse-su-2024:14373-1	OpenIPMI-2.0.36.4+git.c114912-1.1 on GA media	2024-09-29T00:00:00Z	2024-09-29T00:00:00Z
opensuse-su-2024:0319-1	Security update for coredns	2024-09-27T14:01:32Z	2024-09-27T14:01:32Z
opensuse-su-2024:0314-1	Security update for chromium	2024-09-27T08:38:17Z	2024-09-27T08:38:17Z
opensuse-su-2024:14372-1	maven-archetype-3.3.0-1.1 on GA media	2024-09-27T00:00:00Z	2024-09-27T00:00:00Z
opensuse-su-2024:14371-1	json-java-20240303-1.1 on GA media	2024-09-27T00:00:00Z	2024-09-27T00:00:00Z
opensuse-su-2024:14370-1	python312-3.12.6-1.1 on GA media	2024-09-26T00:00:00Z	2024-09-26T00:00:00Z
opensuse-su-2024:14369-1	libmozjs-128-0-128.2.0-1.1 on GA media	2024-09-26T00:00:00Z	2024-09-26T00:00:00Z
opensuse-su-2024:14368-1	chromedriver-129.0.6668.70-1.1 on GA media	2024-09-26T00:00:00Z	2024-09-26T00:00:00Z
opensuse-su-2024:14367-1	traefik2-2.11.10-1.1 on GA media	2024-09-25T00:00:00Z	2024-09-25T00:00:00Z
opensuse-su-2024:14366-1	libopenssl-3-devel-3.1.4-14.1 on GA media	2024-09-25T00:00:00Z	2024-09-25T00:00:00Z
opensuse-su-2024:0312-1	Security update for chromium	2024-09-24T08:45:20Z	2024-09-24T08:45:20Z
opensuse-su-2024:0311-1	Security update for chromium	2024-09-24T08:44:15Z	2024-09-24T08:44:15Z
opensuse-su-2024:14365-1	traefik-3.1.4-1.1 on GA media	2024-09-24T00:00:00Z	2024-09-24T00:00:00Z
opensuse-su-2024:14364-1	obs-service-cargo-1.3.6-5.1 on GA media	2024-09-24T00:00:00Z	2024-09-24T00:00:00Z
opensuse-su-2024:14363-1	cargo-audit-0.20.0~git66.972ac93-3.1 on GA media	2024-09-24T00:00:00Z	2024-09-24T00:00:00Z
opensuse-su-2024:14362-1	python310-azure-identity-1.18.0-1.1 on GA media	2024-09-23T00:00:00Z	2024-09-23T00:00:00Z
opensuse-su-2024:14361-1	libecpg6-17~rc1-1.1 on GA media	2024-09-23T00:00:00Z	2024-09-23T00:00:00Z
opensuse-su-2024:14360-1	postgresql16-16.4-1.1 on GA media	2024-09-23T00:00:00Z	2024-09-23T00:00:00Z
opensuse-su-2024:14359-1	cargo-c-0.10.3~git0.ee7d7ef-2.1 on GA media	2024-09-22T00:00:00Z	2024-09-22T00:00:00Z
opensuse-su-2024:14358-1	MozillaFirefox-130.0.1-1.1 on GA media	2024-09-22T00:00:00Z	2024-09-22T00:00:00Z
opensuse-su-2024:14357-1	chromedriver-129.0.6668.58-1.1 on GA media	2024-09-21T00:00:00Z	2024-09-21T00:00:00Z
opensuse-su-2024:14356-1	system-user-zabbix-6.0.33-1.1 on GA media	2024-09-20T00:00:00Z	2024-09-20T00:00:00Z
opensuse-su-2024:14355-1	stgit-2.4.12-1.1 on GA media	2024-09-20T00:00:00Z	2024-09-20T00:00:00Z
opensuse-su-2024:14354-1	rage-encryption-0.10.0+0-3.1 on GA media	2024-09-20T00:00:00Z	2024-09-20T00:00:00Z
opensuse-su-2024:14353-1	onefetch-2.22.0-1.1 on GA media	2024-09-20T00:00:00Z	2024-09-20T00:00:00Z
opensuse-su-2024:14352-1	python39-3.9.20-2.1 on GA media	2024-09-19T00:00:00Z	2024-09-19T00:00:00Z
opensuse-su-2024:14351-1	postgresql15-15.8-1.1 on GA media	2024-09-19T00:00:00Z	2024-09-19T00:00:00Z
opensuse-su-2024:14350-1	postgresql14-14.13-1.1 on GA media	2024-09-19T00:00:00Z	2024-09-19T00:00:00Z
opensuse-su-2024:14349-1	postgresql13-13.16-1.1 on GA media	2024-09-19T00:00:00Z	2024-09-19T00:00:00Z
opensuse-su-2024:14348-1	postgresql12-12.20-1.1 on GA media	2024-09-19T00:00:00Z	2024-09-19T00:00:00Z

ID	Description	Published	Updated

ID	Description	Published	Updated
bit-php-2021-21707	Special characters break path parsing in XML functions	2024-03-06T11:04:43.087Z	2025-05-20T10:02:07.006Z
bit-php-2021-21706	ZipArchive::extractTo may extract outside of destination dir	2024-03-06T11:04:50.991Z	2025-05-20T10:02:07.006Z
bit-php-2021-21705	Incorrect URL validation in FILTER_VALIDATE_URL	2024-03-06T11:05:02.602Z	2025-05-20T10:02:07.006Z
bit-php-2021-21704	Multiple vulnerabilities in Firebird client extension	2024-03-06T11:05:12.794Z	2025-05-20T10:02:07.006Z
bit-php-2021-21703	PHP-FPM memory access in root process leading to privilege escalation	2024-03-06T11:05:23.578Z	2025-05-20T10:02:07.006Z
bit-php-2021-21702	Null Dereference in SoapClient	2024-03-06T11:05:31.470Z	2025-05-20T10:02:07.006Z
bit-php-2020-7071	FILTER_VALIDATE_URL accepts URLs with invalid userinfo	2024-03-06T11:05:46.267Z	2025-05-20T10:02:07.006Z
bit-php-2020-7070	PHP parses encoded cookie names so malicious `__Host-` cookies can be sent	2024-03-06T11:05:57.987Z	2025-05-20T10:02:07.006Z
bit-php-2020-7069	Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV	2024-03-06T11:06:06.701Z	2025-05-20T10:02:07.006Z
bit-php-2020-7068	Use of freed hash key in the phar_parse_zipfile function	2024-03-06T11:06:18.071Z	2025-05-20T10:02:07.006Z
bit-php-2020-7067	OOB Read in urldecode()	2024-03-06T11:06:30.498Z	2025-05-20T10:02:07.006Z
bit-php-2020-7066	get_headers() silently truncates after a null byte	2024-03-06T11:06:42.394Z	2025-05-20T10:02:07.006Z
bit-php-2020-7065	mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full	2024-03-06T11:06:52.660Z	2025-05-20T10:02:07.006Z
bit-php-2020-7064	Use-of-uninitialized-value in exif	2024-03-06T11:07:02.697Z	2025-05-20T10:02:07.006Z
bit-php-2020-7063	Files added to tar with Phar::buildFromIterator have all-access permissions	2024-03-06T11:07:12.498Z	2025-05-20T10:02:07.006Z
bit-php-2020-7062	Null Pointer Dereference in PHP Session Upload Progress	2024-03-06T11:07:23.066Z	2025-05-20T10:02:07.006Z
bit-php-2020-7061	heap-buffer-overflow in phar_extract_file	2024-03-06T11:07:32.612Z	2025-05-20T10:02:07.006Z
bit-php-2020-7060	global buffer-overflow in mbfl_filt_conv_big5_wchar	2024-03-06T11:07:44.182Z	2025-05-20T10:02:07.006Z
bit-php-2020-7059	OOB read in php_strip_tags_ex	2024-03-06T11:07:56.497Z	2025-05-20T10:02:07.006Z
bit-parse-2025-30168	Parse Server has an OAuth login vulnerability	2025-03-25T07:27:47.242Z	2025-05-20T10:02:07.006Z
bit-parse-2024-47183	Parse Server's custom object ID allows to acquire role privileges	2024-10-08T07:14:06.158Z	2025-05-20T10:02:07.006Z
bit-parse-2024-39309	ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability	2024-07-03T07:30:26.360Z	2025-05-20T10:02:07.006Z
bit-parse-2024-29027	Parse Server crash and RCE via invalid Cloud Function or Cloud Job name	2024-03-21T07:25:25.649Z	2025-05-20T10:02:07.006Z
bit-parse-2024-27298	Parse Server literalizeRegexPart SQL Injection	2024-03-31T18:25:01.637Z	2025-05-20T10:02:07.006Z
bit-parse-2023-46119	Parse Server may crash when uploading file without extension	2024-03-06T11:00:17.478Z	2025-05-20T10:02:07.006Z
bit-parse-2023-41058	Trigger `beforeFind` not invoked in internal query pipeline in parse-server	2024-03-06T11:00:26.917Z	2025-05-20T10:02:07.006Z
bit-parse-2023-36475	Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution	2024-03-06T11:00:37.885Z	2025-05-20T10:02:07.006Z
bit-parse-2023-32689	Parse Server vulnerable to phishing attack vulnerability that involves uploading malicious HTML file	2024-03-06T11:00:50.314Z	2025-05-20T10:02:07.006Z
bit-parse-2023-22474	Parse Server is vulnerable to authentication bypass via spoofing	2024-03-06T11:01:03.891Z	2025-05-20T10:02:07.006Z
bit-parse-2022-41879	Parse Server subject to Prototype pollution via Cloud Code Webhooks	2024-03-06T11:01:14.289Z	2025-05-20T10:02:07.006Z

ID	Description	Published	Updated

ID	Description	Published	Updated

ID	Description	Updated
var-200403-0070	Unknown vulnerability in CoreFoundation for Mac OS X 10.3.2, related to "notification log…	2024-06-02T21:26:46.631000Z
var-202109-1419	A memory corruption issue was addressed with improved state management. This issue is fix…	2024-06-02T20:55:09.602000Z
var-200403-0021	Unknown vulnerability in the Mail application for Mac OS X 10.3.2 has unknown impact and …	2024-06-02T20:51:55.495000Z
var-200403-0023	The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network …	2024-06-02T20:33:31.324000Z
var-202104-0750	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big …	2024-06-02T20:23:10.911000Z
var-200403-0022	The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modi…	2024-06-02T20:17:35.483000Z
var-202202-0109	A use after free issue was addressed with improved memory management. This issue is fixed…	2024-06-02T20:07:29.440000Z
var-201906-0818	An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.…	2024-06-02T19:41:32.855000Z
var-200403-0069	DiskArbitration in Mac OS X 10.2.8 and 10.3.2 does not properly initialize writeable remo…	2024-06-02T19:33:33.941000Z
var-200403-0067	Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac …	2024-06-02T19:33:33.857000Z
var-200403-0024	Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to…	2024-06-02T19:19:25.625000Z
var-202304-0297	Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV…	2024-06-01T22:26:30.047000Z
var-202404-1533	Controller denial of service due to improper handling of a specially crafted message rece…	2024-05-31T22:56:08.869000Z
var-202404-0273	A vulnerability has been found in Tenda W15E 15.11.0.14 and classified as critical. Affec…	2024-05-31T22:56:08.920000Z
var-202403-3225	Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having rea…	2024-05-31T22:54:16.058000Z
var-202404-0182	A vulnerability classified as critical has been found in Tenda F1202 1.2.0.20(408). Affec…	2024-05-31T22:51:56.854000Z
var-202404-0289	A vulnerability has been found in Tenda 4G300 1.01.42 and classified as critical. Affecte…	2024-05-31T22:49:28.286000Z
var-202303-0418	NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability. This vulnerabil…	2024-05-31T22:43:43.036000Z
var-202305-0221	NETGEAR RAX30 soap_serverd Stack-based Buffer Overflow Authentication Bypass Vulnerabilit…	2024-05-31T22:43:39.423000Z
var-202308-4331	D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Exe…	2024-05-31T22:28:57.441000Z
var-202308-3319	D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerabilit…	2024-05-31T22:28:57.523000Z
var-202308-3104	D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remo…	2024-05-31T22:28:57.487000Z
var-202405-1668	UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has be…	2024-05-31T19:15:21.502000Z
var-202405-0210	A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool…	2024-05-31T19:15:21.586000Z
var-202302-1035	Azure Data Box Gateway Remote Code Execution Vulnerability	2024-05-30T23:10:54.255000Z
var-202402-1535	.NET Denial of Service Vulnerability. Microsoft's Microsoft Visual Studio and ASP.NET Cor…	2024-05-30T23:03:16.933000Z
var-202402-1534	.NET Denial of Service Vulnerability. Microsoft's .NET and Microsoft Visual Studio includ…	2024-05-30T23:03:16.881000Z
var-202211-1567	A vulnerability exists in the Intelligent Electronic Device (IED) Connectivity Package (C…	2024-05-30T22:55:12.335000Z
var-202311-1422	ASP.NET Core Denial of Service Vulnerability	2024-05-30T22:49:52.642000Z
var-202106-1709	ASP.NET Core Denial of Service Vulnerability. .NET and Microsoft Visual Studio Has ASP.NE…	2024-05-30T22:20:36.898000Z

ID	Description	Published	Updated
jvndb-2015-000171	HTML::Scrubber vulnerable to cross-site scripting	2015-10-30T15:16+09:00	2015-10-30T15:16+09:00
jvndb-2013-004446	Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU)	2013-10-30T16:32+09:00	2015-10-28T10:05+09:00
jvndb-2013-001665	Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS)	2013-10-30T16:08+09:00	2015-10-28T10:05+09:00
jvndb-2015-000162	AirDroid for Android vulnerable in handling of implicit intents	2015-10-16T14:00+09:00	2015-10-20T17:56+09:00
jvndb-2015-000160	Avast vulnerable to directory traversal	2015-10-16T14:00+09:00	2015-10-20T17:56+09:00
jvndb-2015-000126	eXtplorer vulnerable to cross-site request forgery	2015-10-15T12:24+09:00	2015-10-19T15:55+09:00
jvndb-2015-000158	Pref Shimane CMS vulnerable to SQL injection	2015-10-09T14:12+09:00	2015-10-14T17:26+09:00
jvndb-2015-000154	phpRechnung vulnerable to SQL injection	2015-10-09T14:12+09:00	2015-10-14T17:26+09:00
jvndb-2015-000153	Dojo Toolkit vulnerable to cross-site scripting	2015-10-09T14:12+09:00	2015-10-14T17:26+09:00
jvndb-2015-000130	applican vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-14T16:30+09:00
jvndb-2015-000149	gollum vulnerable to file exposure	2015-10-02T13:36+09:00	2015-10-08T15:26+09:00
jvndb-2015-000146	MATCHA SNS access restriction bypass vulnerability	2015-09-30T15:05+09:00	2015-10-08T15:25+09:00
jvndb-2015-000145	MATCHA SNS vulnerable to code injection	2015-09-30T15:05+09:00	2015-10-08T15:25+09:00
jvndb-2015-000144	MATCHA INVOICE vulnerable to code injection	2015-09-30T15:04+09:00	2015-10-08T15:25+09:00
jvndb-2015-000143	MATCHA INVOICE vulnerable to SQL injection	2015-09-30T15:04+09:00	2015-10-08T15:25+09:00
jvndb-2015-000141	Python for Windows may insecurely load dynamic libraries	2015-10-01T14:11+09:00	2015-10-08T15:25+09:00
jvndb-2015-000147	AjaXplorer vulnerable to directory traversal	2015-10-01T14:11+09:00	2015-10-07T17:38+09:00
jvndb-2015-000139	baserCMS vulnerable to SQL injection	2015-09-30T14:46+09:00	2015-10-07T17:38+09:00
jvndb-2015-000138	baserCMS fails to restrict access permissions	2015-09-30T14:46+09:00	2015-10-07T17:38+09:00
jvndb-2015-000148	Dotclear vulnerable to cross-site scripting	2015-10-02T13:36+09:00	2015-10-06T18:02+09:00
jvndb-2015-000140	Canary Labs Trend Web Server vulnerable to buffer overflow	2015-10-01T14:11+09:00	2015-10-06T18:00+09:00
jvndb-2015-000136	H2O vulnerable to directory traversal	2015-09-17T13:36+09:00	2015-10-05T17:32+09:00
jvndb-2015-000133	Koritore vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-02T17:22+09:00
jvndb-2015-000132	MEGAPHONE MUSIC vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-02T17:22+09:00
jvndb-2015-000134	Reversi vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-02T17:18+09:00
jvndb-2015-000135	Photon vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-10-02T17:15+09:00
jvndb-2015-000131	Auction Camera vulnerable to URL whitelist bypass	2015-09-16T16:58+09:00	2015-09-16T16:58+09:00
jvndb-2015-000129	PIXMA MG7500 Series vulnerable to cross-site request forgery	2015-09-11T14:17+09:00	2015-09-15T17:17+09:00
jvndb-2015-000116	Japan Connected-free Wi-Fi vulnerable to script injection	2015-09-11T14:17+09:00	2015-09-15T17:17+09:00
jvndb-2015-000302	hitSuji (rktSNS2) vulnetable to cross-site scripting	2015-09-03T14:46+09:00	2015-09-09T14:02+09:00

ID	Description	Updated

ID	Description	Published	Updated
suse-su-2025:02675-1	Security update for systemd	2025-08-04T13:59:35Z	2025-08-04T13:59:35Z
suse-su-2025:02673-1	Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP6)	2025-08-04T13:34:07Z	2025-08-04T13:34:07Z
suse-su-2025:02672-1	Security update for sqlite3	2025-08-04T13:06:36Z	2025-08-04T13:06:36Z
suse-su-2025:02671-1	Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)	2025-08-04T12:38:45Z	2025-08-04T12:38:45Z
suse-su-2025:02676-1	Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP5)	2025-08-04T12:38:28Z	2025-08-04T12:38:28Z
suse-su-2025:02667-1	Security update for java-17-openjdk	2025-08-04T12:37:26Z	2025-08-04T12:37:26Z
suse-su-2025:02666-1	Security update for java-11-openjdk	2025-08-04T12:35:33Z	2025-08-04T12:35:33Z
suse-su-2025:02657-1	Security update for java-21-openjdk	2025-08-04T10:34:34Z	2025-08-04T10:34:34Z
suse-su-2025:02652-1	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)	2025-08-04T10:05:39Z	2025-08-04T10:05:39Z
suse-su-2025:02647-1	Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP4)	2025-08-04T09:34:29Z	2025-08-04T09:34:29Z
suse-su-2025:02648-1	Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP6)	2025-08-04T09:05:39Z	2025-08-04T09:05:39Z
suse-su-2025:02636-1	Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)	2025-08-04T09:04:46Z	2025-08-04T09:04:46Z
suse-su-2025:02637-1	Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP6)	2025-08-04T08:35:40Z	2025-08-04T08:35:40Z
suse-su-2025:02632-1	Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)	2025-08-04T08:35:30Z	2025-08-04T08:35:30Z
suse-su-2025:02627-1	Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP3)	2025-08-04T08:34:47Z	2025-08-04T08:34:47Z
suse-su-2025:02626-1	Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6)	2025-08-04T08:05:31Z	2025-08-04T08:05:31Z
suse-su-2025:02638-1	Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP6)	2025-08-04T08:05:16Z	2025-08-04T08:05:16Z
suse-su-2025:02621-1	Security update for libxml2	2025-08-04T07:43:41Z	2025-08-04T07:43:41Z
suse-su-2025:02620-1	Security update for libxml2	2025-08-04T07:43:06Z	2025-08-04T07:43:06Z
suse-su-2025:02619-1	Security update for the Linux Kernel (Live Patch 56 for SLE 15 SP3)	2025-08-04T07:34:31Z	2025-08-04T07:34:31Z
suse-su-2025:02618-1	Security update for the Linux Kernel (Live Patch 60 for SLE 12 SP5)	2025-08-04T07:34:19Z	2025-08-04T07:34:19Z
suse-su-2025:02617-1	Security update for libxml2	2025-08-04T07:05:10Z	2025-08-04T07:05:10Z
suse-su-2025:02611-1	Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP4)	2025-08-03T16:34:14Z	2025-08-03T16:34:14Z
suse-su-2025:02610-1	Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)	2025-08-03T09:34:07Z	2025-08-03T09:34:07Z
suse-su-2025:02608-1	Security update for the Linux Kernel (Live Patch 57 for SLE 15 SP3)	2025-08-02T23:34:25Z	2025-08-02T23:34:25Z
suse-su-2025:02607-1	Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)	2025-08-02T20:34:16Z	2025-08-02T20:34:16Z
suse-su-2025:02606-1	Security update for the Linux Kernel (Live Patch 66 for SLE 12 SP5)	2025-08-02T16:34:09Z	2025-08-02T16:34:09Z
suse-su-2025:02604-1	Security update for the Linux Kernel (Live Patch 61 for SLE 12 SP5)	2025-08-02T13:04:50Z	2025-08-02T13:04:50Z
suse-su-2025:02602-1	Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP6)	2025-08-02T06:06:06Z	2025-08-02T06:06:06Z
suse-su-2025:02601-1	Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)	2025-08-02T05:34:36Z	2025-08-02T05:34:36Z

ID	Description	Published	Updated
cnvd-2025-28726	Netgear SPH200D目录遍历漏洞	2025-08-11	2025-11-21
cnvd-2025-28723	Mozilla Firefox代码执行漏洞（CNVD-2025-28723）	2025-11-14	2025-11-21
cnvd-2025-28722	Mozilla Firefox缓冲区溢出漏洞（CNVD-2025-28722）	2025-11-14	2025-11-21
cnvd-2025-29116	WordPress CTL Arcade Lite plugin跨站请求伪造漏洞	2025-11-14	2025-11-20
cnvd-2025-29115	WordPress Coon Maps plugin跨站脚本漏洞	2025-11-14	2025-11-20
cnvd-2025-29114	WordPress Team Members Showcase plugin跨站脚本漏洞	2025-11-14	2025-11-20
cnvd-2025-29113	WordPress WPKoi Templates for Elementor plugin缺少授权漏洞	2025-11-18	2025-11-20
cnvd-2025-29112	WordPress WP Manager plugin跨站请求伪造漏洞	2025-11-18	2025-11-20
cnvd-2025-29111	WordPress WP Headless CMS Framework plugin绕过保护机制漏洞	2025-11-18	2025-11-20
cnvd-2025-29110	WordPress WP Content Pilot plugin缺少授权漏洞	2025-11-18	2025-11-20
cnvd-2025-29109	WordPress Content Flipper plugin跨站脚本漏洞	2025-11-18	2025-11-20
cnvd-2025-29108	WordPress WooCommerce Ultimate Points And Rewards plugin信息泄露漏洞	2025-11-18	2025-11-20
cnvd-2025-29107	WordPress WooCommerce PDF Invoice Builder plugin缺少授权漏洞	2025-11-18	2025-11-20
cnvd-2025-29106	WordPress Welcart e-Commerce Plugin未授权访问漏洞	2025-11-18	2025-11-20
cnvd-2025-29105	WordPress ChatBot plugin缺少授权漏洞	2025-11-18	2025-11-20
cnvd-2025-29104	WordPress Booster for WooCommerce Plugin跨站脚本漏洞	2025-11-18	2025-11-20
cnvd-2025-29103	WordPress Booster for WooCommerce Plugin缺少授权漏洞	2025-11-18	2025-11-20
cnvd-2025-29102	WordPress Booking Manager plugin跨站脚本漏洞	2025-11-18	2025-11-20
cnvd-2025-29090	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4存在未明漏洞（CNVD-2025-29090）	2025-10-31	2025-11-20
cnvd-2025-29089	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4拒绝服务漏洞（CNVD-2025-29089）	2025-10-31	2025-11-20
cnvd-2025-29088	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4存在未明漏洞（CNVD-2025-29088）	2025-10-31	2025-11-20
cnvd-2025-29087	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4存在未明漏洞（CNVD-2025-29087）	2025-10-31	2025-11-20
cnvd-2025-29086	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4信息泄露漏洞（CNVD-2025-29086）	2025-10-31	2025-11-20
cnvd-2025-29085	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4存在未明漏洞（CNVD-2025-29085）	2025-10-31	2025-11-20
cnvd-2025-29084	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4权限提升漏洞（CNVD-2025-29084）	2025-10-31	2025-11-20
cnvd-2025-29083	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4权限提升漏洞（CNVD-2025-29083）	2025-10-31	2025-11-20
cnvd-2025-29082	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4拒绝服务漏洞（CNVD-2025-29082）	2025-10-31	2025-11-20
cnvd-2025-29081	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4权限提升漏洞	2025-10-31	2025-11-20
cnvd-2025-29080	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4跨站请求伪造漏洞	2025-11-05	2025-11-20
cnvd-2025-29079	Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4存在未明漏洞（CNVD-2025-29079）	2025-11-05	2025-11-20

ID	Description	Published	Updated
CERTFR-2025-AVI-0279	Multiples vulnérabilités dans les produits IBM	2025-04-04T00:00:00.000000	2025-04-04T00:00:00.000000
CERTFR-2025-AVI-0278	Multiples vulnérabilités dans le noyau Linux de SUSE	2025-04-04T00:00:00.000000	2025-04-04T00:00:00.000000
CERTFR-2025-AVI-0277	Multiples vulnérabilités dans le noyau Linux de Debian LTS	2025-04-04T00:00:00.000000	2025-04-04T00:00:00.000000
CERTFR-2025-AVI-0276	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2025-04-04T00:00:00.000000	2025-04-04T00:00:00.000000
CERTFR-2025-AVI-0275	Multiples vulnérabilités dans Microsoft Edge	2025-04-04T00:00:00.000000	2025-04-04T00:00:00.000000
CERTFR-2025-AVI-0274	Multiples vulnérabilités dans MISP	2025-04-04T00:00:00.000000	2025-04-04T00:00:00.000000
certfr-2025-avi-0273	Vulnérabilité dans les produits Ivanti	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
certfr-2025-avi-0272	Multiples vulnérabilités dans les produits Splunk	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
certfr-2025-avi-0271	Vulnérabilité dans Tenable Nessus Agent	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
certfr-2025-avi-0270	Multiples vulnérabilités dans les produits Cisco	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
CERTFR-2025-AVI-0273	Vulnérabilité dans les produits Ivanti	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
CERTFR-2025-AVI-0272	Multiples vulnérabilités dans les produits Splunk	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
CERTFR-2025-AVI-0271	Vulnérabilité dans Tenable Nessus Agent	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
CERTFR-2025-AVI-0270	Multiples vulnérabilités dans les produits Cisco	2025-04-03T00:00:00.000000	2025-04-03T00:00:00.000000
certfr-2025-avi-0269	Multiples vulnérabilités dans les produits Moxa	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0268	Vulnérabilité dans les produits VMware	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0267	Multiples vulnérabilités dans MongoDB Server	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0266	Multiples vulnérabilités dans les produits Mozilla	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0264	Multiples vulnérabilités dans Trend Micro Deep Security Agent	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0263	Multiples vulnérabilités dans HPE Aruba Networking Virtual Intranet Access	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0262	Multiples vulnérabilités dans les produits Kaspersky	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0269	Multiples vulnérabilités dans les produits Moxa	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0268	Vulnérabilité dans les produits VMware	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0267	Multiples vulnérabilités dans MongoDB Server	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0266	Multiples vulnérabilités dans les produits Mozilla	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0264	Multiples vulnérabilités dans Trend Micro Deep Security Agent	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0263	Multiples vulnérabilités dans HPE Aruba Networking Virtual Intranet Access	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
CERTFR-2025-AVI-0262	Multiples vulnérabilités dans les produits Kaspersky	2025-04-02T00:00:00.000000	2025-04-02T00:00:00.000000
certfr-2025-avi-0261	Multiples vulnérabilités dans Microsoft Azure	2025-04-01T00:00:00.000000	2025-04-01T00:00:00.000000
certfr-2025-avi-0260	Multiples vulnérabilités dans Zabbix	2025-04-01T00:00:00.000000	2025-04-01T00:00:00.000000

ID	Description	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated

ID	CVSS	Description	Vendor	Product	Published	Updated