Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-f522-ffg8-j8r6 | Regular Expression Denial of Service in is-my-json-valid | 2017-10-24T18:33:35Z | 2025-10-17T17:50:27Z |
| ghsa-xrr4-p6fq-hjg7 | Directory traversal vulnerability in Action View in Ruby on Rails | 2017-10-24T18:33:35Z | 2025-10-22T17:35:03Z |
| ghsa-6x85-j5j2-27jx | actionpack Path Traversal vulnerability | 2017-10-24T18:33:36Z | 2025-10-24T19:28:04Z |
| ghsa-vxvp-4xwc-jpp6 | activesupport Cross-site Scripting vulnerability | 2017-10-24T18:33:36Z | 2025-11-04T20:42:18Z |
| ghsa-h6w6-xmqv-7q78 | activerecord vulnerable to SQL Injection | 2017-10-24T18:33:38Z | 2025-11-03T13:56:05Z |
| ghsa-pj7m-g53m-7638 | Bootstrap Cross-site Scripting vulnerability | 2018-09-13T15:49:56Z | 2025-11-19T14:25:32Z |
| ghsa-gg9m-fj3v-r58c | REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization… | 2018-10-16T19:37:56Z | 2025-10-22T17:31:31Z |
| ghsa-pjfr-qf3p-3q25 | When running Apache Tomcat on Windows with HTTP PUTs enabled it was possible to upload a JSP file t… | 2018-10-17T16:30:31Z | 2025-10-22T17:31:15Z |
| ghsa-j77q-2qqg-6989 | Apache Struts vulnerable to remote arbitrary command execution due to improper input validation | 2018-10-18T19:24:26Z | 2025-10-22T17:33:25Z |
| ghsa-cr6j-3jp9-rw65 | Apache Struts vulnerable to remote command execution (RCE) due to improper input validation | 2018-10-18T19:24:38Z | 2025-10-22T17:29:40Z |
| ghsa-6qvp-r6r3-9p7h | Nokogiri NULL Pointer Dereference | 2019-01-17T14:05:03Z | 2025-12-04T16:20:45Z |
| ghsa-86g5-2wh3-gc9j | Path Traversal in Action View | 2019-03-13T17:26:59Z | 2025-10-22T17:42:49Z |
| ghsa-j3g9-6fx5-gjv7 | Inadequate Encryption Strength in DotNetNuke | 2019-07-05T21:08:16Z | 2025-10-22T17:43:44Z |
| ghsa-h595-8pw6-5q6v | Inadequate Encryption Strength in DotNetNuke | 2019-07-05T21:08:36Z | 2025-10-22T17:43:22Z |
| ghsa-3gm7-v7vw-866c | XML External Entity (XXE) Injection in Apache Solr | 2019-08-01T19:17:35Z | 2025-10-22T17:44:24Z |
| ghsa-85rf-xh54-whp3 | Malicious URL drafting attack against iodines static file server may allow path traversal | 2019-10-07T16:52:13Z | 2025-11-15T03:10:40Z |
| ghsa-89mq-4x47-5v83 | angular Prototype Pollution vulnerability | 2019-11-20T15:29:43Z | 2025-11-20T19:29:58Z |
| ghsa-h47j-hc6x-h3qq | Remote Code Execution Vulnerability in NPM mongo-express | 2019-12-30T19:30:31Z | 2025-10-22T17:44:59Z |
| ghsa-ww97-9w65-2crx | Improper Input Validation in Apache Solr | 2020-02-12T18:45:28Z | 2025-10-22T17:45:47Z |
| ghsa-r5fx-8r73-v86c | AngularJS Cross-site Scripting due to failure to sanitize `xlink.href` attributes | 2020-02-14T23:08:49Z | 2025-11-20T19:30:06Z |
| ghsa-5f37-gxvh-23v6 | Remote code execution in PHPMailer | 2020-03-05T22:09:17Z | 2025-10-22T17:33:42Z |
| ghsa-g2f6-v5qh-h2mq | Nexus Repository Manager 3 - Remote Code Execution | 2020-04-14T15:27:05Z | 2025-10-22T17:49:49Z |
| ghsa-jpcq-cgw6-v4j6 | Potential XSS vulnerability in jQuery | 2020-04-29T22:19:14Z | 2025-10-22T17:52:02Z |
| ghsa-32xf-jwmv-9hf3 | Directory traversal attack in Spring Cloud Config | 2020-06-05T16:13:20Z | 2025-10-22T17:52:48Z |
| ghsa-c9hw-wf7x-jp9j | Improper Privilege Management in Tomcat | 2020-06-15T18:51:21Z | 2025-10-22T17:46:46Z |
| ghsa-mhp6-pxh8-r675 | Angular vulnerable to Cross-site Scripting | 2020-06-18T14:19:58Z | 2025-11-20T19:31:06Z |
| ghsa-rvmq-4x66-q7j3 | Remote code execution (RCE) in Apache Airflow | 2020-07-27T16:57:33Z | 2025-10-22T17:54:44Z |
| ghsa-gprm-xqrc-c2j3 | Command Injection in Kylin | 2020-07-27T22:51:44Z | 2025-10-22T17:53:16Z |
| ghsa-395w-qhqr-9fr6 | Path Traversal in Apache Flink | 2021-01-06T20:01:34Z | 2025-10-22T17:58:28Z |
| ghsa-x5r2-hj5c-8jx6 | SSRF in adminer | 2021-02-11T20:42:59Z | 2025-10-22T19:05:30Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-1999-0035 | N/A | Race condition in signal handling routine in ftpd… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-10-20T17:45:44.427Z |
| cve-2002-0367 | N/A | smss.exe debugging subsystem in Windows NT and Wi… |
n/a |
n/a |
2003-04-02T05:00:00.000Z | 2025-10-22T00:05:57.464Z |
| cve-2004-0210 | N/A | The POSIX component of Microsoft Windows NT and W… |
n/a |
n/a |
2004-07-14T04:00:00.000Z | 2025-10-22T00:05:57.314Z |
| cve-2004-1464 | N/A | Cisco IOS 12.2(15) and earlier allows remote atta… |
n/a |
n/a |
2005-02-13T05:00:00.000Z | 2025-10-22T00:05:57.162Z |
| cve-2005-2773 | N/A | HP OpenView Network Node Manager 6.2 through 7.50… |
n/a |
n/a |
2005-09-02T04:00:00.000Z | 2025-10-22T00:05:57.013Z |
| cve-2006-1547 | N/A | ActionForm in Apache Software Foundation (ASF) St… |
n/a |
n/a |
2006-03-30T22:00:00.000Z | 2025-10-22T00:05:56.875Z |
| cve-2006-2492 | N/A | Buffer overflow in Microsoft Word in Office 2000 … |
n/a |
n/a |
2006-05-20T00:00:00.000Z | 2025-10-22T00:05:56.729Z |
| cve-2007-0671 | N/A | Unspecified vulnerability in Microsoft Excel 2000… |
n/a |
n/a |
2007-02-03T01:00:00.000Z | 2025-10-22T00:05:56.569Z |
| cve-2007-2447 | N/A | The MS-RPC functionality in smbd in Samba 3.0.0 t… |
n/a |
n/a |
2007-05-14T21:00:00.000Z | 2025-11-04T21:08:04.094Z |
| cve-2007-3010 | N/A | masterCGI in the Unified Maintenance Tool in Alca… |
n/a |
n/a |
2007-09-18T21:00:00.000Z | 2025-10-22T00:05:56.419Z |
| cve-2008-0655 | N/A | Multiple unspecified vulnerabilities in Adobe Rea… |
n/a |
n/a |
2008-02-07T20:00:00.000Z | 2025-11-12T14:18:36.948Z |
| cve-2007-5659 | N/A | Multiple buffer overflows in Adobe Reader and Acr… |
n/a |
n/a |
2008-02-12T18:00:00.000Z | 2025-10-22T00:05:56.119Z |
| cve-2008-3431 | N/A | The VBoxDrvNtDeviceControl function in VBoxDrv.sy… |
n/a |
n/a |
2008-08-05T19:20:00.000Z | 2025-10-22T00:05:55.920Z |
| cve-2008-2992 | N/A | Stack-based buffer overflow in Adobe Acrobat and … |
n/a |
n/a |
2008-11-04T18:00:00.000Z | 2025-10-22T00:05:55.512Z |
| cve-2009-0927 | N/A | Stack-based buffer overflow in Adobe Reader and A… |
n/a |
n/a |
2009-03-19T10:00:00.000Z | 2025-10-22T00:05:55.318Z |
| cve-2009-1151 | N/A | Static code injection vulnerability in setup.php … |
n/a |
n/a |
2009-03-26T14:00:00.000Z | 2025-10-22T00:05:55.158Z |
| cve-2009-0563 | N/A | Stack-based buffer overflow in Microsoft Office W… |
n/a |
n/a |
2009-06-10T17:37:00.000Z | 2025-10-22T00:05:55.003Z |
| cve-2009-0557 | N/A | Excel in Microsoft Office 2000 SP3, Office XP SP3… |
n/a |
n/a |
2009-06-10T18:00:00.000Z | 2025-10-22T00:05:54.825Z |
| cve-2009-1123 | N/A | The kernel in Microsoft Windows 2000 SP4, XP SP2 … |
n/a |
n/a |
2009-06-10T18:00:00.000Z | 2025-10-22T00:05:54.609Z |
| cve-2009-2260 | N/A | stardict 3.0.1, when Enable Net Dict is configure… |
n/a |
n/a |
2009-06-30T10:00:00.000Z | 2025-11-04T21:08:05.507Z |
| cve-2009-1862 | N/A | Unspecified vulnerability in Adobe Reader and Acr… |
n/a |
n/a |
2009-07-23T20:00:00.000Z | 2025-10-22T00:05:54.394Z |
| cve-2009-2055 | N/A | Cisco IOS XR 3.4.0 through 3.8.1 allows remote at… |
n/a |
n/a |
2009-08-19T17:00:00.000Z | 2025-10-22T00:05:54.237Z |
| cve-2009-3129 | N/A | Microsoft Office Excel 2002 SP3, 2003 SP3, and 20… |
n/a |
n/a |
2009-11-11T19:00:00.000Z | 2025-10-22T00:05:54.084Z |
| cve-2009-4324 | N/A | Use-after-free vulnerability in the Doc.media.new… |
n/a |
n/a |
2009-12-15T02:00:00.000Z | 2025-10-22T00:05:53.934Z |
| cve-2009-3953 | N/A | The U3D implementation in Adobe Reader and Acroba… |
n/a |
n/a |
2010-01-13T19:00:00.000Z | 2025-10-22T00:05:53.712Z |
| cve-2010-0232 | N/A | The kernel in Microsoft Windows NT 3.1 through Wi… |
n/a |
n/a |
2010-01-21T19:00:00.000Z | 2025-10-22T00:05:53.248Z |
| cve-2009-3960 | N/A | Unspecified vulnerability in BlazeDS 3.2 and earl… |
n/a |
n/a |
2010-02-15T18:00:00.000Z | 2025-10-22T00:05:53.086Z |
| cve-2010-0188 | N/A | Unspecified vulnerability in Adobe Reader and Acr… |
n/a |
n/a |
2010-02-21T17:00:00.000Z | 2025-10-22T00:05:52.918Z |
| cve-2010-0840 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2010-04-01T16:00:00.000Z | 2025-10-22T00:05:52.754Z |
| cve-2010-0738 | N/A | The JMX-Console web application in JBossAs in Red… |
n/a |
n/a |
2010-04-28T22:00:00.000Z | 2025-10-22T00:05:52.604Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-1999-0035 | N/A | Race condition in signal handling routine in ftpd… |
n/a |
n/a |
1999-09-29T04:00:00.000Z | 2025-10-20T17:45:44.427Z |
| cve-2002-0367 | N/A | smss.exe debugging subsystem in Windows NT and Wi… |
n/a |
n/a |
2003-04-02T05:00:00.000Z | 2025-10-22T00:05:57.464Z |
| cve-2004-0210 | N/A | The POSIX component of Microsoft Windows NT and W… |
n/a |
n/a |
2004-07-14T04:00:00.000Z | 2025-10-22T00:05:57.314Z |
| cve-2004-1464 | N/A | Cisco IOS 12.2(15) and earlier allows remote atta… |
n/a |
n/a |
2005-02-13T05:00:00.000Z | 2025-10-22T00:05:57.162Z |
| cve-2005-2773 | N/A | HP OpenView Network Node Manager 6.2 through 7.50… |
n/a |
n/a |
2005-09-02T04:00:00.000Z | 2025-10-22T00:05:57.013Z |
| cve-2006-1547 | N/A | ActionForm in Apache Software Foundation (ASF) St… |
n/a |
n/a |
2006-03-30T22:00:00.000Z | 2025-10-22T00:05:56.875Z |
| cve-2006-2492 | N/A | Buffer overflow in Microsoft Word in Office 2000 … |
n/a |
n/a |
2006-05-20T00:00:00.000Z | 2025-10-22T00:05:56.729Z |
| cve-2007-0671 | N/A | Unspecified vulnerability in Microsoft Excel 2000… |
n/a |
n/a |
2007-02-03T01:00:00.000Z | 2025-10-22T00:05:56.569Z |
| cve-2007-1399 | N/A | Stack-based buffer overflow in the zip:// URL wra… |
n/a |
n/a |
2007-03-10T22:00:00 | 2024-08-07T12:50:35.275Z |
| cve-2007-2447 | N/A | The MS-RPC functionality in smbd in Samba 3.0.0 t… |
n/a |
n/a |
2007-05-14T21:00:00.000Z | 2025-11-04T21:08:04.094Z |
| cve-2007-3010 | N/A | masterCGI in the Unified Maintenance Tool in Alca… |
n/a |
n/a |
2007-09-18T21:00:00.000Z | 2025-10-22T00:05:56.419Z |
| cve-2008-0655 | N/A | Multiple unspecified vulnerabilities in Adobe Rea… |
n/a |
n/a |
2008-02-07T20:00:00.000Z | 2025-11-12T14:18:36.948Z |
| cve-2007-5659 | N/A | Multiple buffer overflows in Adobe Reader and Acr… |
n/a |
n/a |
2008-02-12T18:00:00.000Z | 2025-10-22T00:05:56.119Z |
| cve-2008-3431 | N/A | The VBoxDrvNtDeviceControl function in VBoxDrv.sy… |
n/a |
n/a |
2008-08-05T19:20:00.000Z | 2025-10-22T00:05:55.920Z |
| cve-2008-2992 | N/A | Stack-based buffer overflow in Adobe Acrobat and … |
n/a |
n/a |
2008-11-04T18:00:00.000Z | 2025-10-22T00:05:55.512Z |
| cve-2009-0927 | N/A | Stack-based buffer overflow in Adobe Reader and A… |
n/a |
n/a |
2009-03-19T10:00:00.000Z | 2025-10-22T00:05:55.318Z |
| cve-2009-1151 | N/A | Static code injection vulnerability in setup.php … |
n/a |
n/a |
2009-03-26T14:00:00.000Z | 2025-10-22T00:05:55.158Z |
| cve-2009-0563 | N/A | Stack-based buffer overflow in Microsoft Office W… |
n/a |
n/a |
2009-06-10T17:37:00.000Z | 2025-10-22T00:05:55.003Z |
| cve-2009-0557 | N/A | Excel in Microsoft Office 2000 SP3, Office XP SP3… |
n/a |
n/a |
2009-06-10T18:00:00.000Z | 2025-10-22T00:05:54.825Z |
| cve-2009-1123 | N/A | The kernel in Microsoft Windows 2000 SP4, XP SP2 … |
n/a |
n/a |
2009-06-10T18:00:00.000Z | 2025-10-22T00:05:54.609Z |
| cve-2009-2260 | N/A | stardict 3.0.1, when Enable Net Dict is configure… |
n/a |
n/a |
2009-06-30T10:00:00.000Z | 2025-11-04T21:08:05.507Z |
| cve-2009-1862 | N/A | Unspecified vulnerability in Adobe Reader and Acr… |
n/a |
n/a |
2009-07-23T20:00:00.000Z | 2025-10-22T00:05:54.394Z |
| cve-2009-2055 | N/A | Cisco IOS XR 3.4.0 through 3.8.1 allows remote at… |
n/a |
n/a |
2009-08-19T17:00:00.000Z | 2025-10-22T00:05:54.237Z |
| cve-2009-3129 | N/A | Microsoft Office Excel 2002 SP3, 2003 SP3, and 20… |
n/a |
n/a |
2009-11-11T19:00:00.000Z | 2025-10-22T00:05:54.084Z |
| cve-2009-4324 | N/A | Use-after-free vulnerability in the Doc.media.new… |
n/a |
n/a |
2009-12-15T02:00:00.000Z | 2025-10-22T00:05:53.934Z |
| cve-2009-3953 | N/A | The U3D implementation in Adobe Reader and Acroba… |
n/a |
n/a |
2010-01-13T19:00:00.000Z | 2025-10-22T00:05:53.712Z |
| cve-2010-0232 | N/A | The kernel in Microsoft Windows NT 3.1 through Wi… |
n/a |
n/a |
2010-01-21T19:00:00.000Z | 2025-10-22T00:05:53.248Z |
| cve-2009-3960 | N/A | Unspecified vulnerability in BlazeDS 3.2 and earl… |
n/a |
n/a |
2010-02-15T18:00:00.000Z | 2025-10-22T00:05:53.086Z |
| cve-2010-0188 | N/A | Unspecified vulnerability in Adobe Reader and Acr… |
n/a |
n/a |
2010-02-21T17:00:00.000Z | 2025-10-22T00:05:52.918Z |
| cve-2010-0840 | N/A | Unspecified vulnerability in the Java Runtime Env… |
n/a |
n/a |
2010-04-01T16:00:00.000Z | 2025-10-22T00:05:52.754Z |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2020-220 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| pysec-2023-278 | MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2025-12-09T17:05:38.354023Z |
| pysec-2024-82 | Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:23:14.749401Z |
| pysec-2024-83 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:05:38.565488Z |
| pysec-2024-84 | Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:23:14.975110Z |
| pysec-2024-85 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:05:38.757067Z |
| pysec-2025-52 | gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-0000-ghsa-malware-e9014f038666593f | Withdrawn Advisory: Malware in @8x8/oxygen-constants | 2022-06-20T20:09:19Z | 2025-12-01T18:30:32Z |
| mal-2022-54 | Malicious code in @8x8/oxygen-constants (npm) | 2022-06-20T20:09:19Z | 2025-12-01T18:30:32Z |
| mal-2022-174 | Malicious code in @cobalt-team/multi-invite (npm) | 2022-07-25T10:44:01Z | 2025-06-21T00:37:34Z |
| mal-2022-175 | Malicious code in @cobalt-team/support-email (npm) | 2022-07-25T10:44:01Z | 2025-06-21T00:37:34Z |
| mal-2022-1 | Malicious code in rustdecimal (crates.io) | 2022-08-11T15:43:35Z | 2023-01-07T05:08:16Z |
| mal-2022-456 | Malicious code in @nexthink/apollo-tokens (npm) | 2022-10-19T23:50:40Z | 2022-10-19T23:50:41Z |
| mal-2022-457 | Malicious code in @nexthink/apollo-widgets (npm) | 2022-10-19T23:50:40Z | 2022-10-19T23:50:44Z |
| mal-2022-458 | Malicious code in @nexthink/arm-claims-library (npm) | 2022-10-19T23:50:40Z | 2022-10-19T23:50:41Z |
| mal-2022-455 | Malicious code in @nexthink/apollo-components (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-459 | Malicious code in @nexthink/arm-jwt-decoder (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:44Z |
| mal-2022-460 | Malicious code in @nexthink/content-admin-list (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-461 | Malicious code in @nexthink/content-sharing (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-462 | Malicious code in @nexthink/data-formatter (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-463 | Malicious code in @nexthink/ea-widgets (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-464 | Malicious code in @nexthink/engage-branding (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-465 | Malicious code in @nexthink/engage-widgets (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-466 | Malicious code in @nexthink/flow-fe (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-467 | Malicious code in @nexthink/investigations-components (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-468 | Malicious code in @nexthink/investigations-editor (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-469 | Malicious code in @nexthink/investigations-widgets (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-470 | Malicious code in @nexthink/kendo-react (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-471 | Malicious code in @nexthink/nql-editor (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-472 | Malicious code in @nexthink/nxassignment (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-473 | Malicious code in @nexthink/nxnavigation (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-474 | Malicious code in @nexthink/remote-action-widgets (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2022-475 | Malicious code in @nexthink/waas (npm) | 2022-10-19T23:50:41Z | 2022-10-19T23:50:41Z |
| mal-2023-1291 | Malicious code in scuntest (npm) | 2023-04-29T03:47:30Z | 2025-02-04T00:32:33Z |
| mal-2023-1170 | Malicious code in egstore-carousel (npm) | 2023-04-29T10:32:18Z | 2025-02-03T18:38:39Z |
| mal-2023-1149 | Malicious code in cyclotron-svc (npm) | 2023-05-09T04:17:06Z | 2025-03-03T15:08:00Z |
| mal-2023-8041 | Malicious code in zmsqlite3 (npm) | 2023-05-11T00:00:00Z | 2025-03-31T07:07:50Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2440 | Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit den Rechten des Dienstes | 2015-11-22T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2025-2548 | Red Hat Enterprise Linux: Mehrere Schwachstellen | 2020-03-31T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2022-1197 | git: Schwachstelle ermöglicht Codeausführung | 2021-05-13T22:00:00.000+00:00 | 2025-11-04T23:00:00.000+00:00 |
| wid-sec-w-2022-0047 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2021-12-01T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2022-0969 | Internet Systems Consortium BIND: Mehrere Schwachstellen | 2022-03-16T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2022-0778 | Apple macOS: Mehrere Schwachstellen | 2022-07-20T22:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2022-0782 | Apple iOS: Mehrere Schwachstellen | 2022-07-20T22:00:00.000+00:00 | 2025-10-20T22:00:00.000+00:00 |
| wid-sec-w-2022-1186 | Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation | 2022-08-24T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1374 | Linux Kernel: Mehrere Schwachstellen | 2022-09-11T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1792 | Linux Kernel: Mehrere Schwachstellen | 2022-10-18T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2022-1964 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2022-11-06T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2022-2058 | Grub2: Mehrere Schwachstellen | 2022-11-15T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2023-0328 | Red Hat OpenShift: Mehrere Schwachstellen | 2023-02-09T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-0433 | Apache Commons und Apache Tomcat: Schwachstelle ermöglicht Denial of Service | 2023-02-20T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-0611 | Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service | 2023-03-09T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-0637 | Linux Kernel: Schwachstelle ermöglicht Offenlegung von Informationen | 2023-03-13T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-0780 | Linux Kernel: Schwachstelle ermöglicht Denial of Service | 2023-03-27T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-1431 | Siemens SICAM: Mehrere Schwachstellen | 2023-06-12T22:00:00.000+00:00 | 2025-11-11T23:00:00.000+00:00 |
| wid-sec-w-2023-1542 | Red Hat OpenShift: Mehrere Schwachstellen | 2023-06-22T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-1666 | Linux Kernel: Mehrere Schwachstellen | 2023-07-05T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-1882 | Linux Kernel: Mehrere Schwachstellen | 2023-07-25T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-2119 | Python: Mehrere Schwachstellen | 2023-08-22T22:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2023-2434 | Linux Kernel: Schwachstelle ermöglicht Codeausführung | 2023-09-24T22:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-2710 | QT: Schwachstelle ermöglicht Denial of Service | 2023-10-18T22:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2023-2864 | Linux Kernel: Mehrere Schwachstellen | 2023-11-08T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| wid-sec-w-2023-2987 | Red Hat OpenStack: Schwachstelle ermöglicht Erlangung erweiterter Privilegien | 2023-11-21T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2023-3022 | Apache ActiveMQ: Schwachstelle ermöglicht Codeausführung | 2023-11-28T23:00:00.000+00:00 | 2025-10-29T23:00:00.000+00:00 |
| wid-sec-w-2024-0219 | libTIFF: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-01-25T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-0278 | expat: Mehrere Schwachstellen ermöglichen Denial of Service | 2024-02-04T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2024-0459 | Linux Kernel: Mehrere Schwachstellen | 2024-02-21T23:00:00.000+00:00 | 2025-10-23T22:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-672373 | SSA-672373: Vulnerabilities in CP 1543-1 before V2.0.28 | 2016-11-18T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-535640 | SSA-535640: Vulnerability in Industrial Products | 2017-08-30T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-148078 | SSA-148078: Multiple Vulnerabilities in APOGEE/TALON Field Panels | 2017-10-12T00:00:00Z | 2022-06-14T00:00:00Z |
| ssa-824231 | SSA-824231: Unauthenticated Firmware Upload Vulnerability in Desigo PX Controllers | 2018-01-24T00:00:00Z | 2023-06-13T00:00:00Z |
| ssa-203306 | SSA-203306: Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families | 2018-03-08T00:00:00Z | 2021-07-13T00:00:00Z |
| ssa-592007 | SSA-592007: Denial of Service Vulnerability in Industrial Products | 2018-03-20T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-348629 | SSA-348629: Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET PC Software | 2018-03-27T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-480829 | SSA-480829: Cross-Site Scripting Vulnerabilities in SCALANCE X Switches | 2018-06-12T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-113131 | SSA-113131: Denial of Service Vulnerabilities in SIMATIC S7-400 CPUs | 2018-11-13T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-557804 | SSA-557804: Mirror Port Isolation Vulnerability in SCALANCE X Switches | 2019-03-12T00:00:00Z | 2022-07-12T00:00:00Z |
| ssa-480230 | SSA-480230: Denial of Service Vulnerability in Webserver of Industrial Products | 2019-04-09T00:00:00Z | 2023-05-09T00:00:00Z |
| ssa-100232 | SSA-100232: Denial-of-Service vulnerability in SCALANCE X Switches | 2019-08-13T00:00:00Z | 2022-02-08T00:00:00Z |
| ssa-349422 | SSA-349422: Denial of Service Vulnerability in Industrial Real-Time (IRT) Devices | 2019-10-08T00:00:00Z | 2025-02-11T00:00:00Z |
| ssa-434032 | SSA-434032: Input Validation Vulnerability in the DHCP Client of Nucleus RTOS | 2019-11-12T00:00:00Z | 2025-03-11T00:00:00Z |
| ssa-273799 | SSA-273799: Message Integrity Protection Bypass Vulnerability in SIMATIC Products | 2019-12-10T00:00:00Z | 2022-04-12T00:00:00Z |
| ssa-618620 | SSA-618620: Vulnerabilities in Boot Loader (U-Boot) of RUGGEDCOM ROS Devices | 2019-12-10T00:00:00Z | 2023-12-12T00:00:00Z |
| ssa-443566 | SSA-443566: Authentication Bypass in SCALANCE X Switches Families | 2020-01-14T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-629512 | SSA-629512: Local Privilege Escalation Vulnerability in TIA Portal | 2020-01-14T00:00:00Z | 2022-08-09T00:00:00Z |
| ssa-591405 | SSA-591405: Web Vulnerabilities in SCALANCE S-600 Family | 2020-02-11T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-844761 | SSA-844761: Multiple Vulnerabilities in SiNVR/SiVMS Video Server | 2020-03-10T00:00:00Z | 2024-01-09T00:00:00Z |
| ssa-312271 | SSA-312271: Unquoted Search Path Vulnerability in Windows-based Industrial Software Applications | 2020-06-09T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-689942 | SSA-689942: Denial-of-Service and DLL Hijacking Vulnerabilities in Multiple SIMATIC Software Products | 2020-06-09T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-455843 | SSA-455843: WIBU Systems CodeMeter Runtime Vulnerabilities in Siemens Products | 2020-09-08T00:00:00Z | 2022-02-17T00:00:00Z |
| ssa-534763 | SSA-534763: Special Register Buffer Data Sampling (SRBDS) aka Crosstalk in Industrial Products | 2020-09-08T00:00:00Z | 2022-03-08T00:00:00Z |
| ssa-478893 | SSA-478893: TightVNC Vulnerabilities in Industrial Products (Revoked) | 2020-12-08T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-541017 | SSA-541017: Embedded TCP/IP Stack Vulnerabilities (AMNESIA:33) in SIRIUS 3RW5 Modbus TCP and SENTRON PAC / 3VA Devices | 2020-12-08T00:00:00Z | 2021-04-13T00:00:00Z |
| ssa-139628 | SSA-139628: Vulnerabilities in Web Server for Scalance X Products | 2021-01-12T00:00:00Z | 2021-09-14T00:00:00Z |
| ssa-274900 | SSA-274900: Use of Hardcoded Key in SCALANCE X Devices Under Certain Conditions | 2021-01-12T00:00:00Z | 2022-12-13T00:00:00Z |
| ssa-646763 | SSA-646763: DNSpooq - Dnsmasq Vulnerabilities in SCALANCE and RUGGEDCOM Devices | 2021-01-19T00:00:00Z | 2021-05-11T00:00:00Z |
| ssa-362164 | SSA-362164: Predictable Initial Sequence Numbers in the TCP/IP Stack of Nucleus RTOS | 2021-02-09T00:00:00Z | 2022-11-08T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2001:058 | Red Hat Security Advisory: : Updated mount package available | 2001-05-02T20:50:00+00:00 | 2025-11-21T17:24:39+00:00 |
| rhsa-2001:060 | Red Hat Security Advisory: : Updated Kerberos 5 packages available | 2001-05-17T01:32:00+00:00 | 2025-11-21T17:24:40+00:00 |
| rhsa-2001:077 | Red Hat Security Advisory: : LPRng fails to drop supplemental group membership | 2001-06-12T20:23:00+00:00 | 2025-11-21T17:24:41+00:00 |
| rhsa-2001:084 | Red Hat Security Advisory: Kernel | 2001-06-22T21:12:00+00:00 | 2025-11-21T17:24:41+00:00 |
| rhsa-2001:088 | Red Hat Security Advisory: : New xloadimage packages available | 2001-07-09T23:39:00+00:00 | 2025-11-21T17:24:41+00:00 |
| rhsa-2001:095 | Red Hat Security Advisory: : New util-linux packages available to fix vipw permissions problems | 2001-07-16T16:51:00+00:00 | 2025-11-21T17:24:42+00:00 |
| rhsa-2001:100 | Red Hat Security Advisory: : Updated Kerberos 5 packages now available | 2001-08-09T21:38:00+00:00 | 2025-11-21T17:24:41+00:00 |
| rhsa-2001:072 | Red Hat Security Advisory: : Updated man package fixing GID security problems. | 2001-09-18T08:22:00+00:00 | 2025-11-21T17:24:40+00:00 |
| rhsa-2001:115 | Red Hat Security Advisory: : New Zope packages are available | 2001-10-10T22:16:00+00:00 | 2025-11-21T17:24:42+00:00 |
| rhsa-2001:132 | Red Hat Security Advisory: : New util-linux packages available to fix /bin/login pam problem | 2001-10-16T19:15:00+00:00 | 2025-11-21T17:24:42+00:00 |
| rhsa-2001:116 | Red Hat Security Advisory: : Updated diffutils packages available | 2001-10-19T07:47:00+00:00 | 2025-11-21T17:24:42+00:00 |
| rhsa-2001:142 | Red Hat Security Advisory: kernel 2.2 and 2.4 | 2001-11-02T20:08:00+00:00 | 2025-11-21T17:24:43+00:00 |
| rhsa-2001:157 | Red Hat Security Advisory: : Updated wu-ftpd packages are available | 2001-11-27T23:35:00+00:00 | 2025-11-21T17:24:43+00:00 |
| rhsa-2001:126 | Red Hat Security Advisory: : Updated apache packages available | 2001-12-04T22:29:00+00:00 | 2025-11-21T17:24:42+00:00 |
| rhsa-2002:004 | Red Hat Security Advisory: : : : New groff packages available to fix security problems | 2002-01-14T16:16:00+00:00 | 2025-11-21T17:24:44+00:00 |
| rhsa-2002:007 | Red Hat Security Advisory: : Updated 2.4 kernel available | 2002-01-24T03:46:00+00:00 | 2025-11-21T17:24:48+00:00 |
| rhsa-2002:028 | Red Hat Security Advisory: : Updated 2.4 kernel available | 2002-02-27T19:56:00+00:00 | 2025-11-21T17:24:44+00:00 |
| rhsa-2002:035 | Red Hat Security Advisory: : Updated PHP packages are available [updated 2002-Mar-11] | 2002-02-28T17:54:00+00:00 | 2025-11-21T17:24:45+00:00 |
| rhsa-2002:041 | Red Hat Security Advisory: : Updated mod_ssl packages available | 2002-03-08T00:36:00+00:00 | 2025-11-21T17:24:45+00:00 |
| rhsa-2002:027 | Red Hat Security Advisory: : Vulnerability in zlib library (powertools) | 2002-03-11T18:09:00+00:00 | 2025-11-21T17:24:44+00:00 |
| rhsa-2002:026 | Red Hat Security Advisory: : : : Vulnerability in zlib library | 2002-03-11T20:15:00+00:00 | 2025-11-21T17:24:44+00:00 |
| rhsa-2002:048 | Red Hat Security Advisory: : New imlib packages available | 2002-03-21T15:48:00+00:00 | 2025-11-21T17:24:46+00:00 |
| rhsa-2002:084 | Red Hat Security Advisory: : : : Updated nss_ldap packages fix pam_ldap vulnerability | 2002-05-27T07:55:00+00:00 | 2025-11-21T17:24:47+00:00 |
| rhsa-2002:094 | Red Hat Security Advisory: : Updated tcpdump packages fix buffer overflow | 2002-05-30T12:50:00+00:00 | 2025-11-21T17:24:47+00:00 |
| rhsa-2002:097 | Red Hat Security Advisory: : : : Updated xchat packages fix "/dns" vulnerability | 2002-06-04T19:09:00+00:00 | 2025-11-21T17:24:48+00:00 |
| rhsa-2002:083 | Red Hat Security Advisory: : Ghostscript command execution vulnerability | 2002-06-04T19:38:00+00:00 | 2025-11-21T17:24:46+00:00 |
| rhsa-2002:088 | Red Hat Security Advisory: : Updated ethereal packages are available | 2002-06-06T06:53:00+00:00 | 2025-11-21T17:24:47+00:00 |
| rhsa-2002:100 | Red Hat Security Advisory: : : : Updated mailman packages available | 2002-06-10T20:25:00+00:00 | 2025-11-21T17:24:49+00:00 |
| rhsa-2002:099 | Red Hat Security Advisory: : Updated mailman packages available | 2002-06-10T20:28:00+00:00 | 2025-11-21T17:24:48+00:00 |
| rhsa-2002:089 | Red Hat Security Advisory: : Relaxed LPRng job submission policy | 2002-06-10T20:29:00+00:00 | 2025-11-21T17:24:47+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-1999-0150 | The Perl fingerd program allows arbitrary command execution from remote users. | 1999-09-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-1999-0236 | ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | 1999-09-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-1999-0475 | A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail. | 1999-09-02T00:00:00.000Z | 2025-10-01T23:10:48.000Z |
| msrc_cve-1999-0612 | A version of finger is running that exposes valid user information to any entity on the network. | 1999-09-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-1999-0428 | OpenSSL and SSLeay allow remote attackers to reuse SSL sessions and bypass access controls. | 2000-01-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-1999-0817 | Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. | 2000-01-02T00:00:00.000Z | 2025-09-03T19:34:58.000Z |
| msrc_cve-1999-0901 | ypserv allows a local user to modify the GECOS and login shells of other users. | 2000-01-02T00:00:00.000Z | 2025-10-01T23:10:48.000Z |
| msrc_cve-1999-0902 | ypserv allows local administrators to modify password tables. | 2000-01-02T00:00:00.000Z | 2025-10-01T23:10:48.000Z |
| msrc_cve-1999-0965 | Race condition in xterm allows local users to modify arbitrary files via the logging option. | 2000-01-02T00:00:00.000Z | 2025-10-01T23:10:48.000Z |
| msrc_cve-1999-0163 | In older versions of Sendmail, an attacker could use a pipe character to execute root commands. | 2000-02-02T00:00:00.000Z | 2025-10-01T23:10:47.000Z |
| msrc_cve-1999-0524 | ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | 2000-02-02T00:00:00.000Z | 2021-12-16T00:00:00.000Z |
| msrc_cve-1999-0656 | The ugidd RPC interface by design allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | 2000-02-02T00:00:00.000Z | 2024-08-15T00:00:00.000Z |
| msrc_cve-1999-0145 | Sendmail WIZ command enabled, allowing root access. | 2000-10-02T00:00:00.000Z | 2025-10-01T23:10:10.000Z |
| msrc_cve-2000-0803 | GNU Groff uses the current working directory to find a device description file which allows a local user to gain additional privileges by including a malicious postpro directive in the description file which is executed when another user runs groff. | 2001-05-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-1999-1412 | A possible interaction between Apple MacOS X release 1.0 and Apache HTTP server allows remote attackers to cause a denial of service (crash) via a flood of HTTP GET requests to CGI programs which generates a large number of processes. | 2001-09-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-1999-1090 | The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files. | 2002-03-02T00:00:00.000Z | 2025-10-01T23:10:49.000Z |
| msrc_cve-2000-0006 | strace allows local users to read arbitrary files via memory mapped file names. | 2002-03-02T00:00:00.000Z | 2025-09-03T21:59:27.000Z |
| msrc_cve-2002-0129 | efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message. | 2002-03-02T00:00:00.000Z | 2025-10-01T23:10:49.000Z |
| msrc_cve-2002-0130 | Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument. | 2002-03-02T00:00:00.000Z | 2025-10-01T23:10:49.000Z |
| msrc_cve-2002-0318 | FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | 2003-04-02T00:00:00.000Z | 2025-10-01T23:10:50.000Z |
| msrc_cve-2005-0469 | Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | 2005-03-02T00:00:00.000Z | 2025-10-01T23:10:50.000Z |
| msrc_cve-2005-0868 | AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC. | 2005-03-02T00:00:00.000Z | 2025-10-01T23:10:50.000Z |
| msrc_cve-2005-2069 | pam_ldap and nss_ldap when used with OpenLDAP and connecting to a slave using TLS does not use TLS for the subsequent connection if the client is referred to a master which may cause a password to be sent in cleartext and allows remote attackers to sniff the password. | 2005-06-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2006-5201 | Multiple packages on Sun Solaris including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier SDK and JRE 1.4.x up to 1.4.2_12 and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice when using an RSA key with exponent 3 removes PKCS-1 padding before generating a hash which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1. | 2006-10-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2007-0086 | The Apache HTTP Server when accessed through a TCP connection with a large window size allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties who state that the large window size required by the attack is not normally supported or configured by the server or that a DDoS-style attack would accomplish the same goal | 2007-01-02T00:00:00.000Z | 2020-09-25T00:00:00.000Z |
| msrc_cve-2007-1397 | Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings. | 2007-03-02T00:00:00.000Z | 2025-10-01T23:10:50.000Z |
| msrc_cve-2007-2650 | The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop as demonstrated via a crafted DOC file. | 2007-05-02T00:00:00.000Z | 2020-10-25T00:00:00.000Z |
| msrc_cve-2007-2768 | OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-time passwords (OTP) a similar issue to CVE-2007-2243. | 2007-05-02T00:00:00.000Z | 2024-06-30T07:00:00.000Z |
| msrc_cve-2007-3205 | The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin. | 2007-06-02T00:00:00.000Z | 2025-10-01T23:10:50.000Z |
| msrc_cve-2007-4559 | Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive a related issue to CVE-2001-1267. | 2007-08-02T00:00:00.000Z | 2025-05-27T00:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsa-25-294-03 | Siemens SIMATIC S7-1200 CPU V1/V2 Devices | 2011-06-10T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-21-068-10 | Siemens SCALANCE and SIMATIC libcurl (Update B) | 2019-04-09T00:00:00.000000Z | 2021-03-09T00:00:00.000000Z |
| icsa-20-070-01 | ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B) | 2020-03-10T00:00:00.000000Z | 2021-08-10T00:00:00.000000Z |
| icsa-22-104-04 | Siemens SCALANCE FragAttacks | 2021-07-13T00:00:00.000000Z | 2025-05-06T06:00:00.000000Z |
| icsa-22-104-05 | Siemens OpenSSL Vulnerabilities in Industrial Products | 2022-04-14T00:00:00.000000Z | 2022-05-12T00:00:00.000000Z |
| icsa-22-132-05 | Siemens Industrial PCs and CNC devices | 2022-05-12T00:00:00.000000Z | 2022-05-12T00:00:00.000000Z |
| icsa-22-167-08 | Siemens SICAM GridEdge | 2022-06-14T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-22-195-02 | Siemens SICAM GridEdge | 2022-07-12T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-22-333-05 | Mitsubishi Electric FA Engineering Software (Update C) | 2022-12-05T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-22-349-09 | Siemens OpenSSL 3.0 Affecting Products | 2022-12-13T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-22-349-11 | Siemens SIPROTEC 5 Devices | 2022-12-13T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-23-103-06 | Siemens SIPROTEC 5 Devices | 2023-04-11T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-102-08 | Siemens OPC Foundation Local Discovery Server Affecting Siemens Products | 2023-04-11T00:00:00.000000Z | 2025-09-09T00:00:00.000000Z |
| icsa-23-157-02 | Mitsubishi Electric MELSEC iQ-R Series/iQ-F Series (Update C) | 2023-06-06T06:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-343-02 | Festo LX Appliance | 2023-08-29T10:00:00.000000Z | 2025-10-01T10:00:00.000000Z |
| icsa-25-324-04 | Festo MSE6-C2M/D2M/E2M | 2023-09-05T10:00:00.000000Z | 2025-10-01T10:00:00.000000Z |
| icsa-23-257-01 | Siemens SIMATIC, SIPLUS Products | 2023-09-12T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-25-324-05 | Festo Didactic products | 2023-10-17T06:00:00.000000Z | 2025-10-01T06:00:00.000000Z |
| icsa-24-074-05 | Siemens RUGGEDCOM APE1808 | 2024-03-12T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-116-02 | Hitachi Energy MACH SCM (Update A) | 2024-03-26T11:32:43.000000Z | 2025-09-30T11:32:43.000000Z |
| icsa-24-102-01 | Siemens SIMATIC S7-1500 | 2024-04-09T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-24-121-01 | Delta Electronics CNCSoft-G2 DOPSoft (Update A) | 2024-04-30T06:00:00.000000Z | 2025-10-16T06:00:00.000000Z |
| icsa-24-193-02 | Siemens RUGGEDCOM APE 1808 | 2024-07-09T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-193-05 | Siemens SCALANCE, RUGGEDCOM | 2024-07-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-193-14 | Siemens SIPROTEC | 2024-07-09T00:00:00.000000Z | 2025-11-11T00:00:00.000000Z |
| icsa-24-256-03 | Siemens User Management Component (UMC) | 2024-09-10T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-24-256-16 | Siemens Third-Party Component in SICAM and SITIPE Products | 2024-09-10T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-24-284-01 | Siemens SIMATIC S7-1500 and S7-1200 CPUs | 2024-10-08T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-24-284-10 | Siemens SIMATIC S7-1500 CPUs | 2024-10-08T00:00:00.000000Z | 2025-10-14T00:00:00.000000Z |
| icsa-24-347-02 | Siemens Engineering Platforms | 2024-12-10T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-broadworks-xss-o696ymra | Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-10-21T15:13:31+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-11T22:12:34+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2002-000291 | Canna irw_through Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000029 | w3m Cross-Site Scripting Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000030 | w3m Vulnerability of Unauthorized Access to Files or Cookies | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000144 | IP Messenger for Win Filename Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000149 | lv Arbitrary Command Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000163 | KON2 Buffer Overflow Vulnerability in Command Argument Validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2003-000242 | skk Arbitrary Code Execution Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000169 | LHa Vuffer Overflow Vulnerability in Testing and Extracting Process | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000170 | Lha Directory Traversal Vulnerability in Testing and Extracting Process | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000179 | DeleGate SSLway Filter Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000195 | LHA Arbitrary Command Execution Vulnerability with Shell Metacharacter in Directory Name | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000196 | LHA Buffer Overflow Vulnerability with lack of Path Length Validation | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000197 | LHA extrace_one Vuffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000231 | KAME Racoon eay_check_x509cert Improper Certificate Verification Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000323 | Ruby CGI Session Management Insecure File Permission Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000473 | Ruby cgi.rb Denial of Service Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000511 | DeleGate Multiple Buffer Overflow Vulnerabilities | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000554 | Namazu cross-site scripting vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000586 | Virus Buster Corporate Edition vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000587 | desknet's buffer overflow vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000588 | SSL-VPN products vulnerable to cookie theft | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000589 | Toshiba HDD & DVD video recorders can be accessed without authentication | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000590 | Becky! Internet Mail vulnerability in S/MIME signature verification | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000591 | Shuriken Pro3 S/MIME signature verification does not verify the From address | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000592 | Shuriken Pro3 S/MIME signature verification does not verify the certificate authenticity | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000593 | LDAP server update function vulnerable to buffer overflow | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2004-000594 | DNS cache servers resource consumption by TCP SYN_SENT states | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000163 | Sylpheed Email Header Buffer Overflow Vulnerability with non-ASCII Characters | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000183 | Apache Tomcat denial of service vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| jvndb-2005-000199 | Sylpheed Filename Buffer Overflow Vulnerability | 2008-05-21T00:00+09:00 | 2008-05-21T00:00+09:00 |
| ID | Description | Updated |
|---|
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 | 4.3 (v3.1) | Unauthenticated leak of sensitive information affectin… |
Brother Industries, Ltd |
HL-L8260CDN |
2025-08-12T15:23:00.577Z | 2025-08-15T05:53:23.017Z |
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010 | 7.3 (v3.1) | Unitree Multiple Robotic Products Command Injection |
Unitree |
Go2 |
2025-09-26T06:53:49.585Z | 2025-09-26T15:16:57.586Z |