Recent vulnerabilities

Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
ID CVSS Description Vendor Product Published Updated
CVE-2026-4430
5.4 (4.0)
Heap Buffer Overflow in AgileEngine The Document Foundation
 LibreOffice
 2026-05-07T07:16:18.851Z 2026-05-07T07:16:18.851Z
CVE-2025-9661
8.1 (3.1)
OS command injection vulneravility in the management gā€¦ Hitachi
 Hitachi Virtual Storage Platform One Block 23
 2026-05-07T07:08:14.823Z 2026-05-07T07:08:14.823Z
CVE-2026-44406
5.7 (3.1)
DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmā€¦ ZTE
 ZXCLOUD iRAI
 2026-05-07T06:49:54.221Z 2026-05-07T06:49:54.221Z
CVE-2026-41586
9.3 (4.0)
ObjectInputStream.readObject() without ObjectInputFiltā€¦ hyperledger
 fabric
 2026-05-07T05:12:35.666Z 2026-05-07T05:12:35.666Z
CVE-2026-41143
8.8 (3.1)
YesWiki vulnerable to authenticated SQL Injection via ā€¦ YesWiki
 yeswiki
 2026-05-07T05:08:23.146Z 2026-05-07T05:08:23.146Z
CVE-2026-41139
8.8 (3.0)
Unsafe array index getter in mathjs josdejong
 mathjs
 2026-05-07T05:06:28.746Z 2026-05-07T05:06:28.746Z
CVE-2026-7252
8.1 (3.1)
WP-Optimize <= 4.5.2 - Authenticated (Author+) Arbitraā€¦ davidanderson
 WP-Optimize ā€“ Cache, Compress images, Minify & Clean database to boost page speed & performance
 2026-05-07T04:27:10.902Z 2026-05-07T04:27:10.902Z
CVE-2026-6692
8.8 (3.1)
Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subsā€¦ Revolution Slider
 Slider Revolution
 2026-05-07T04:27:10.449Z 2026-05-07T04:27:10.449Z
CVE-2026-4348
7.5 (3.1)
BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injectioā€¦ betterdocs
 BetterDocs Pro
 2026-05-07T04:27:09.916Z 2026-05-07T04:27:09.916Z
CVE-2026-41413
5 (3.1)
Istio Vulnerable to SSRF via RequestAuthentication jwksUri istio
 istio
 2026-05-07T04:18:32.040Z 2026-05-07T04:18:32.040Z
CVE-2026-41641
7.2 (3.1)
NocoBase Vulnerable to SQL Validation Bypass via `sqlCā€¦ nocobase
 nocobase
 2026-05-07T04:13:33.609Z 2026-05-07T04:13:33.609Z
CVE-2026-8063
7.1 (4.0)
6.5 (3.1)
Post-auth null pointer dereference when aggregating agā€¦ MongoDB Inc.
 MongoDB Server
 2026-05-07T04:12:54.524Z 2026-05-07T04:12:54.524Z
CVE-2026-41640
7.5 (3.1)
NocoBase Vulnerable to SQL Injection via String Concatā€¦ nocobase
 nocobase
 2026-05-07T04:09:59.264Z 2026-05-07T04:09:59.264Z
CVE-2026-42217
6.3 (4.0)
OpenEXR: Shift exponent overflow in `readVariableLengtā€¦ AcademySoftwareFoundation
 openexr
 2026-05-07T04:04:54.736Z 2026-05-07T04:04:54.736Z
CVE-2026-42216
8.8 (4.0)
OpenEXR: Out-of-bounds read in `IDManifest::init()` duā€¦ AcademySoftwareFoundation
 openexr
 2026-05-07T04:01:59.602Z 2026-05-07T04:01:59.602Z
CVE-2026-41142
8.8 (3.1)
OpenEXR is Vulnerable to Integer overflow in ImageChanā€¦ AcademySoftwareFoundation
 openexr
 2026-05-07T03:58:09.483Z 2026-05-07T03:58:09.483Z
CVE-2026-40981
7.5 (3.1)
When using Google Secrets Manager as a backend foā€¦ Spring
 Spring Cloud Config
 2026-05-07T03:55:43.600Z 2026-05-07T03:55:43.600Z
CVE-2026-41002
7.4 (3.1)
The base directory (`spring.cloud.config.server.gā€¦ Spring
 Spring Cloud Config
 2026-05-07T03:53:18.269Z 2026-05-07T03:53:18.269Z
CVE-2026-41004
4.4 (3.1)
When enabling trace logging in Spring Cloud Confiā€¦ Spring
 Spring Cloud Config
 2026-05-07T03:51:31.920Z 2026-05-07T03:51:31.920Z
CVE-2026-41675
8.7 (4.0)
xmldom: XML node injection through unvalidated processā€¦ xmldom
 xmldom
 2026-05-07T03:49:34.056Z 2026-05-07T03:49:34.056Z
CVE-2026-40982
9.1 (3.1)
Spring Cloud Config allows applications to serve ā€¦ Spring
 Spring Cloud Config
 2026-05-07T03:49:30.065Z 2026-05-07T03:49:30.065Z
CVE-2026-41674
8.7 (4.0)
xmldom: XML injection through unvalidated DocumentTypeā€¦ xmldom
 xmldom
 2026-05-07T03:47:51.140Z 2026-05-07T03:47:51.140Z
CVE-2026-40004
5.5 (3.1)
openssl.cnf Privilege Escalation Vulnerability in ZTE ā€¦ ZTE
 ZXCLOUD iRAI
 2026-05-07T03:47:06.297Z 2026-05-07T03:47:06.297Z
CVE-2026-41673
8.7 (4.0)
xmldom: Denial of service via uncontrolled recursion iā€¦ xmldom
 xmldom
 2026-05-07T03:40:28.378Z 2026-05-07T03:40:28.378Z
CVE-2026-41672
8.7 (4.0)
xmldom: XML node injection through unvalidated commentā€¦ xmldom
 xmldom
 2026-05-07T03:36:16.914Z 2026-05-07T03:36:16.914Z
CVE-2026-6214
6.5 (3.1)
Forminator Forms <= 1.53.0 - Missing Authorization to ā€¦ wpmudev
 Forminator Forms ā€“ Contact Form, Payment Form & Custom Form Builder
 2026-05-07T03:27:06.427Z 2026-05-07T03:27:06.427Z
CVE-2026-41891
5.3 (4.0)
CI4MS: Deactivated User Session Bypass (active=0) ci4-cms-erp
 ci4ms
 2026-05-07T03:24:43.940Z 2026-05-07T03:24:43.940Z
CVE-2026-41890
6.9 (4.0)
CI4MS: Arbitrary Database Table Drop via Theme deleteProcess ci4-cms-erp
 ci4ms
 2026-05-07T03:23:31.339Z 2026-05-07T03:23:31.339Z
CVE-2026-44603
3.7 (3.1)
Tor before 0.4.9.7 has an out-of-bounds read by oā€¦ torproject
 Tor
 2026-05-07T03:21:24.822Z 2026-05-07T03:36:57.931Z
CVE-2026-41203
9.4 (4.0)
ci4ms Theme::upload is vulnerable to Zip Slip leading to RCE ci4-cms-erp
 ci4ms
 2026-05-07T03:19:45.786Z 2026-05-07T03:19:45.786Z
ID CVSS Description Vendor Product Published Updated
CVE-2026-8063
7.1 (4.0)
6.5 (3.1)
Post-auth null pointer dereference when aggregating agā€¦ MongoDB Inc.
 MongoDB Server
 2026-05-07T04:12:54.524Z 2026-05-07T04:12:54.524Z
CVE-2026-7252
8.1 (3.1)
WP-Optimize <= 4.5.2 - Authenticated (Author+) Arbitraā€¦ davidanderson
 WP-Optimize ā€“ Cache, Compress images, Minify & Clean database to boost page speed & performance
 2026-05-07T04:27:10.902Z 2026-05-07T04:27:10.902Z
CVE-2026-6692
8.8 (3.1)
Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subsā€¦ Revolution Slider
 Slider Revolution
 2026-05-07T04:27:10.449Z 2026-05-07T04:27:10.449Z
CVE-2026-4348
7.5 (3.1)
BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injectioā€¦ betterdocs
 BetterDocs Pro
 2026-05-07T04:27:09.916Z 2026-05-07T04:27:09.916Z
CVE-2026-41641
7.2 (3.1)
NocoBase Vulnerable to SQL Validation Bypass via `sqlCā€¦ nocobase
 nocobase
 2026-05-07T04:13:33.609Z 2026-05-07T04:13:33.609Z
CVE-2026-41586
9.3 (4.0)
ObjectInputStream.readObject() without ObjectInputFiltā€¦ hyperledger
 fabric
 2026-05-07T05:12:35.666Z 2026-05-07T05:12:35.666Z
CVE-2026-41413
5 (3.1)
Istio Vulnerable to SSRF via RequestAuthentication jwksUri istio
 istio
 2026-05-07T04:18:32.040Z 2026-05-07T04:18:32.040Z
CVE-2026-41143
8.8 (3.1)
YesWiki vulnerable to authenticated SQL Injection via ā€¦ YesWiki
 yeswiki
 2026-05-07T05:08:23.146Z 2026-05-07T05:08:23.146Z
CVE-2026-41139
8.8 (3.0)
Unsafe array index getter in mathjs josdejong
 mathjs
 2026-05-07T05:06:28.746Z 2026-05-07T05:06:28.746Z
CVE-2026-6214
6.5 (3.1)
Forminator Forms <= 1.53.0 - Missing Authorization to ā€¦ wpmudev
 Forminator Forms ā€“ Contact Form, Payment Form & Custom Form Builder
 2026-05-07T03:27:06.427Z 2026-05-07T03:27:06.427Z
CVE-2026-44603
3.7 (3.1)
Tor before 0.4.9.7 has an out-of-bounds read by oā€¦ torproject
 Tor
 2026-05-07T03:21:24.822Z 2026-05-07T03:36:57.931Z
CVE-2026-44602
3.7 (3.1)
Tor before 0.4.9.7 has a NULL pointer dereferenceā€¦ torproject
 Tor
 2026-05-07T03:17:32.456Z 2026-05-07T03:25:39.625Z
CVE-2026-44601
3.7 (3.1)
Tor before 0.4.9.7, when circuit queue memory preā€¦ torproject
 Tor
 2026-05-07T03:09:51.106Z 2026-05-07T03:25:19.794Z
CVE-2026-42217
6.3 (4.0)
OpenEXR: Shift exponent overflow in `readVariableLengtā€¦ AcademySoftwareFoundation
 openexr
 2026-05-07T04:04:54.736Z 2026-05-07T04:04:54.736Z
CVE-2026-42216
8.8 (4.0)
OpenEXR: Out-of-bounds read in `IDManifest::init()` duā€¦ AcademySoftwareFoundation
 openexr
 2026-05-07T04:01:59.602Z 2026-05-07T04:01:59.602Z
CVE-2026-42194
6.8 (3.1)
Incomplete fix for CVE-2026-32812: SSRF in admidio Admidio
 admidio
 2026-05-07T03:01:04.830Z 2026-05-07T03:01:04.830Z
CVE-2026-41891
5.3 (4.0)
CI4MS: Deactivated User Session Bypass (active=0) ci4-cms-erp
 ci4ms
 2026-05-07T03:24:43.940Z 2026-05-07T03:24:43.940Z
CVE-2026-41890
6.9 (4.0)
CI4MS: Arbitrary Database Table Drop via Theme deleteProcess ci4-cms-erp
 ci4ms
 2026-05-07T03:23:31.339Z 2026-05-07T03:23:31.339Z
CVE-2026-41675
8.7 (4.0)
xmldom: XML node injection through unvalidated processā€¦ xmldom
 xmldom
 2026-05-07T03:49:34.056Z 2026-05-07T03:49:34.056Z
CVE-2026-41674
8.7 (4.0)
xmldom: XML injection through unvalidated DocumentTypeā€¦ xmldom
 xmldom
 2026-05-07T03:47:51.140Z 2026-05-07T03:47:51.140Z
CVE-2026-41673
8.7 (4.0)
xmldom: Denial of service via uncontrolled recursion iā€¦ xmldom
 xmldom
 2026-05-07T03:40:28.378Z 2026-05-07T03:40:28.378Z
CVE-2026-41672
8.7 (4.0)
xmldom: XML node injection through unvalidated commentā€¦ xmldom
 xmldom
 2026-05-07T03:36:16.914Z 2026-05-07T03:36:16.914Z
CVE-2026-41671
6.8 (3.1)
Admidio: OIDC Token Introspection Endpoint Returns Actā€¦ Admidio
 admidio
 2026-05-07T03:00:55.645Z 2026-05-07T03:00:55.645Z
CVE-2026-41670
8.2 (3.1)
Admidio: SAML Response Sent to Unvalidated Assertion Cā€¦ Admidio
 admidio
 2026-05-07T03:00:39.851Z 2026-05-07T03:00:39.851Z
CVE-2026-41669
8.2 (3.1)
Admidio: SAML Signature Validation Result Ignored ā€” Foā€¦ Admidio
 admidio
 2026-05-07T03:00:29.816Z 2026-05-07T03:00:29.816Z
CVE-2026-41663
3.5 (3.1)
Admidio: CSRF on Admin Preferences Triggers Unauthorizā€¦ Admidio
 admidio
 2026-05-07T03:00:11.696Z 2026-05-07T03:00:11.696Z
CVE-2026-41662
5.2 (3.1)
Admidio: Missing Minimum Administrator Check in Role Mā€¦ Admidio
 admidio
 2026-05-07T02:59:50.508Z 2026-05-07T02:59:50.508Z
CVE-2026-41661
6.1 (3.1)
Admidio: Reflected XSS in msg_window.php via Square Brā€¦ Admidio
 admidio
 2026-05-07T02:59:34.649Z 2026-05-07T02:59:34.649Z
CVE-2026-41660
7.1 (3.1)
Admidio: Inverted 2FA Reset Authorization Check Lets Gā€¦ Admidio
 admidio
 2026-05-07T02:59:29.810Z 2026-05-07T02:59:29.810Z
CVE-2026-41659
2.7 (3.1)
Admidio: Hidden Profile Field Values Leaked via Blind ā€¦ Admidio
 admidio
 2026-05-07T02:59:19.870Z 2026-05-07T02:59:19.870Z
ID Description Published Updated
fkie_cve-2026-1657 The EventPrime plugin for WordPress is vulnerable to unauthorized image file upload in all versionsā€¦ 2026-02-17T06:16:18.173 2026-04-15T00:35:42.020
fkie_cve-2026-2592 The Zarinpal Gateway for WooCommerce plugin for WordPress is vulnerable to Improper Access Control ā€¦ 2026-02-17T05:16:17.430 2026-04-15T00:35:42.020
fkie_cve-2026-2002 The Forminator Forms ā€“ Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulā€¦ 2026-02-17T05:16:17.080 2026-04-15T00:35:42.020
fkie_cve-2026-26220 LightLLM version 1.1.0 and prior contain an unauthenticated remote code execution vulnerability in ā€¦ 2026-02-17T03:16:01.893 2026-04-15T00:35:42.020
fkie_cve-2025-12062 The WP Maps ā€“ Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin forā€¦ 2026-02-17T00:16:17.080 2026-04-15T00:35:42.020
fkie_cve-2026-2439 Concierge::Sessions versions from 0.8.1 before 0.8.5 for Perl generate insecure session ids. The geā€¦ 2026-02-16T22:22:41.470 2026-03-10T18:12:46.927
fkie_cve-2025-15578 Maypole versions from 2.10 through 2.13 for Perl generates session ids insecurely. The session id iā€¦ 2026-02-16T22:22:40.557 2026-03-10T15:07:31.793
fkie_cve-2026-2474 Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in tā€¦ 2026-02-16T21:22:18.107 2026-03-04T02:27:15.217
fkie_cve-2026-2001 The WowRevenue plugin for WordPress is vulnerable to unauthorized plugin installation due to a missā€¦ 2026-02-16T20:19:36.190 2026-04-15T00:35:42.020
fkie_cve-2026-2567 A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the functioā€¦ 2026-02-16T18:19:45.217 2026-02-18T19:41:03.690
fkie_cve-2026-2566 A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the fuā€¦ 2026-02-16T18:19:45.017 2026-04-15T00:35:42.020
fkie_cve-2019-25395 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulneā€¦ 2026-02-16T18:19:44.480 2026-02-20T16:31:49.890
fkie_cve-2019-25394 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulneā€¦ 2026-02-16T18:19:44.313 2026-02-20T16:31:34.660
fkie_cve-2019-25393 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:44.147 2026-02-20T16:31:23.993
fkie_cve-2019-25392 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.980 2026-02-20T16:31:18.553
fkie_cve-2019-25390 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:43.810 2026-02-20T16:31:10.263
fkie_cve-2019-25389 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.643 2026-02-20T16:30:56.780
fkie_cve-2019-25388 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.473 2026-02-20T16:27:01.120
fkie_cve-2019-25387 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:43.303 2026-02-20T16:26:53.380
fkie_cve-2019-25386 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:43.133 2026-02-20T16:26:47.313
fkie_cve-2019-25385 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:42.967 2026-02-20T16:26:41.493
fkie_cve-2019-25384 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.803 2026-02-20T16:26:36.247
fkie_cve-2019-25383 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.640 2026-02-20T16:26:19.230
fkie_cve-2019-25382 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains a reflected cross-site scripting vulnerabiā€¦ 2026-02-16T18:19:42.480 2026-02-20T19:12:29.937
fkie_cve-2019-25381 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.317 2026-02-20T16:26:07.903
fkie_cve-2019-25380 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple reflected cross-site scripting vuā€¦ 2026-02-16T18:19:42.153 2026-02-20T16:25:48.847
fkie_cve-2019-25379 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting ā€¦ 2026-02-16T18:19:41.987 2026-02-20T16:30:43.613
fkie_cve-2019-25378 Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple cross-site scripting vulnerabilitā€¦ 2026-02-16T18:19:41.430 2026-02-20T21:23:50.410
fkie_cve-2026-2565 A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the functiā€¦ 2026-02-16T17:18:09.360 2026-02-18T19:42:27.167
fkie_cve-2026-2564 A security flaw has been discovered in Intelbras VIP 3260 Z IA 2.840.00IB005.0.T. Affected by this ā€¦ 2026-02-16T17:18:09.150 2026-04-15T00:35:42.020
ID Severity Description Published Updated
ghsa-p78j-pm32-q3pf
8.1 (3.1)
The WP-Optimize ā€“ Cache, Compress images, Minify & Clean database to boost page speed & performanceā€¦ 2026-05-07T06:31:43Z 2026-05-07T06:31:43Z
ghsa-v9xc-5wqq-j4p4
6.5 (3.1)
The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to ā€¦ 2026-05-07T06:31:42Z 2026-05-07T06:31:42Z
ghsa-v547-m6pg-pf7w
6.5 (3.1)
7.1 (4.0)
An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipelā€¦ 2026-05-07T06:31:42Z 2026-05-07T06:31:43Z
ghsa-m47q-4224-6rvc
3.7 (3.1)
Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007. 2026-05-07T06:31:42Z 2026-05-07T06:31:42Z
ghsa-fc55-xrcv-x657
3.7 (3.1)
Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash becausā€¦ 2026-05-07T06:31:42Z 2026-05-07T06:31:42Z
ghsa-89cx-53rv-jcx8
7.5 (3.1)
The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_ā€¦ 2026-05-07T06:31:42Z 2026-05-07T06:31:42Z
ghsa-6j7r-xh37-g6x3
8.8 (3.1)
The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0ā€¦ 2026-05-07T06:31:42Z 2026-05-07T06:31:43Z
ghsa-323g-q36v-hmmc
3.7 (3.1)
Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TRā€¦ 2026-05-07T06:31:42Z 2026-05-07T06:31:42Z
ghsa-j6hh-h3cf-c2hf
4.4 (3.1)
When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plainā€¦ 2026-05-07T06:31:41Z 2026-05-07T06:31:41Z
ghsa-86wq-234q-r6wg
7.2 (3.1)
The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Serveā€¦ 2026-05-07T06:31:41Z 2026-05-07T06:31:41Z
ghsa-6g23-24mc-hx6x
9.1 (3.1)
Spring Cloud Config allows applications to serve arbitrary text and binary files through the springā€¦ 2026-05-07T06:31:41Z 2026-05-07T06:31:41Z
ghsa-53wr-r4p3-wrc5
5.5 (3.1)
There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. Aā€¦ 2026-05-07T06:31:41Z 2026-05-07T06:31:41Z
ghsa-2mh5-3cw6-hrrq
7.5 (3.1)
When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can crafā€¦ 2026-05-07T06:31:41Z 2026-05-07T06:31:41Z
ghsa-98h9-4798-4q5v
8.8 (3.1)
Diffusers has a `trust_remote_code` bypass via `custom_pipeline` and local custom components 2026-05-07T05:31:17Z 2026-05-07T05:31:17Z
ghsa-jfg9-48mv-9qgx
5.3 (3.1)
Netty MQTT: Resource exhaustion in MqttDecoder 2026-05-07T05:14:14Z 2026-05-07T05:14:14Z
ghsa-8hg8-63c5-gwmx
9.1 (3.1)
vm2 NodeVM `nesting: true` bypasses `require: false` allowing sandbox escape and arbitrary OS commaā€¦ 2026-05-07T05:13:21Z 2026-05-07T05:13:21Z
ghsa-cp6g-6699-wx9c
8.5 (3.1)
vm2 has a NodeVM require.root bypass via symlink traversal that allows sandbox escape 2026-05-07T04:33:37Z 2026-05-07T04:33:37Z
ghsa-wp5r-2gw5-m7q7
5.3 (3.1)
vm2's Transformer Fast-Path Bypass Exposes Internal State Variable 2026-05-07T04:32:56Z 2026-05-07T04:32:56Z
ghsa-v27g-jcqj-v8rw
5.8 (3.1)
vm2 is Vulnerable to Host File Path Disclosure via Stack Trace Information Leak 2026-05-07T04:30:10Z 2026-05-07T04:30:10Z
ghsa-mpf8-4hx2-7cjg
6.5 (3.1)
vm2 Host Promise Resolution Preserves Object Identity Across Sandbox Boundary 2026-05-07T04:29:22Z 2026-05-07T04:29:22Z
ghsa-6785-pvv7-mvg7
7.5 (3.1)
vm2 Sandbox Access to Host Buffer.alloc Allows timeout Bypass Resulting in Memory Exhaustion 2026-05-07T04:26:39Z 2026-05-07T04:26:39Z
ghsa-hw58-p9xv-2mjh
8.6 (3.1)
vm2 has a Sandbox Escape via Promise Constructor Unhandled Rejection (Process Crash DoS) 2026-05-07T04:10:29Z 2026-05-07T04:10:29Z
ghsa-947f-4v7f-x2v8
9.9 (3.1)
vm2 has a NodeVM builtin allowlist bypass via `module` builtin's `Module._load` that allows sandboxā€¦ 2026-05-07T04:08:55Z 2026-05-07T04:08:55Z
ghsa-vwrp-x96c-mhwq
10.0 (3.1)
vm2: Mutable Proxies for Host Intrinsic Prototypes Allows Sandbox Escape 2026-05-07T04:07:05Z 2026-05-07T04:07:05Z
ghsa-47x8-96vw-5wg6
10.0 (3.1)
vm2 Access to Host Object Enables Sandbox Escape 2026-05-07T04:00:19Z 2026-05-07T04:00:19Z
ghsa-qcp4-v2jj-fjx8
10.0 (3.1)
vm2 has a Sandbox Escape Vulnerability 2026-05-07T03:54:34Z 2026-05-07T03:55:02Z
ghsa-q6v9-r226-v65f
6.9 (4.0)
Bandit HTTP/2 Frame Size Limit Bypass via Late Buffer Check Enables Memory Exhaustion 2026-05-07T03:52:31Z 2026-05-07T03:52:31Z
ghsa-375f-4r2h-f99j
6.3 (4.0)
Bandit trusts client-supplied URI scheme on plaintext connections 2026-05-07T03:47:29Z 2026-05-07T03:47:29Z
ghsa-c67r-gc9j-2qf7
6.3 (4.0)
Bandit is vulnerable to CL.CL request smuggling via unrejected duplicate `Content-Length` header 2026-05-07T03:46:31Z 2026-05-07T03:46:31Z
ghsa-pf94-94m9-536p
8.7 (4.0)
Bandit Buffers Unbounded WebSocket Continuation Frames, Allowing Unauthenticated Memory Exhaustion 2026-05-07T03:43:45Z 2026-05-07T03:43:45Z
ID Severity Description Package Published Updated
pysec-2026-3
After an API token exposure from an exploited Trivy dependency, two new releases of `telnā€¦ telnyx 2026-03-27T14:53:14Z
pysec-2026-2
After an API Token exposure from an exploited Trivy dependency, two new releases of `liteā€¦ litellm 2026-03-24T15:35:32Z
pysec-2026-1
A PyPI user account compromised by an attacker and was able to upload a malicious versionā€¦ dydx-v4-client 2026-01-28T21:09:02+00:00
pysec-2025-71
Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fasā€¦ cadwyn 2025-07-21T21:15:25+00:00 2025-07-23T15:24:03.825615+00:00
pysec-2025-69
In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker temā€¦ roundup 2025-07-13T20:15:25+00:00 2025-07-13T21:23:01.161315+00:00
pysec-2025-65
A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0ā€¦ llama-index 2025-07-07T13:15:28+00:00 2025-07-07T15:23:42.730681+00:00
pysec-2025-61
Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap ā€¦ pillow 2025-07-01T19:15:27Z 2025-07-07T14:12:46.226030Z
pysec-2025-51
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vā€¦ apache-airflow-providers-snowflake 2025-06-24T08:15:24+00:00 2025-06-26T21:23:03.132527+00:00
pysec-2025-70
10.0 (3.1)
A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componenā€¦ langchain-community 2025-06-23T21:15:25+00:00 2025-07-16T21:23:40.211079+00:00
pysec-2025-52
gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. mlflow 2025-06-23T15:15:29Z 2025-12-05T13:25:55.146081Z
pysec-2025-68
8.0 (3.1)
A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6ā€¦ upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.449399+00:00
pysec-2025-67
9.8 (3.1)
A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabilā€¦ upsonic 2025-06-19T21:15:27+00:00 2025-07-08T19:22:27.385619+00:00
pysec-2025-64
9.8 (3.1)
A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0ā€¦ python-a2a 2025-06-17T07:15:18+00:00 2025-07-02T21:23:13.806273+00:00
pysec-2025-47
An issue was discovered in Django 5.2 before 5.2.2, 5.1 before 5.1.10, and 4.2 before 4.2ā€¦ django 2025-06-05T03:15:25+00:00 2025-06-05T05:23:28.296596+00:00
pysec-2025-44
django-helpdesk before 1.0.0 allows Sensitive Data Exposure because of os.umask(0) in modā€¦ django-helpdesk 2025-05-31T01:15:19+00:00 2025-05-31T03:09:35.357757+00:00
pysec-2025-55
vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 uā€¦ vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.407481+00:00
pysec-2025-54
vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8ā€¦ vllm 2025-05-30T19:15:30+00:00 2025-06-26T21:23:06.319321+00:00
pysec-2025-50
vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expā€¦ vllm 2025-05-30T18:15:32+00:00 2025-06-19T03:02:28.572160+00:00
pysec-2025-53
vLLM is an inference and serving engine for large language models (LLMs). Prior to versioā€¦ vllm 2025-05-29T17:15:21+00:00 2025-06-26T21:23:06.231251+00:00
pysec-2025-43
vLLM is an inference and serving engine for large language models (LLMs). In versions staā€¦ vllm 2025-05-29T17:15:21+00:00 2025-05-29T19:21:01.611587+00:00
pysec-2025-46
5.5 (3.1)
A vulnerability was found in erdogant pypickle up to 1.1.5. It has been classified as criā€¦ pypickle 2025-05-26T08:15:19+00:00 2025-06-03T17:36:58.579358+00:00
pysec-2025-45
7.8 (3.1)
A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.ā€¦ pypickle 2025-05-26T07:15:26+00:00 2025-06-03T17:36:58.528116+00:00
pysec-2025-40
7.5 (3.1)
A vulnerability in the `preprocess_string()` function of the `transformers.testing_utils`ā€¦ transformers 2025-05-19T12:15:19+00:00 2025-05-21T19:22:10.801823+00:00
pysec-2025-49
8.8 (3.1)
setuptools is a package that allows users to download, build, install, upgrade, and uninsā€¦ setuptools 2025-05-17T16:15:19+00:00 2025-06-12T22:23:11.115559+00:00
pysec-2025-39
motionEye is an online interface for the software motion, a video surveillance program wiā€¦ motioneye 2025-05-14T16:15:29+00:00 2025-05-14T17:22:51.050788+00:00
pysec-2025-60
Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Informā€¦ apache-iotdb 2025-05-14T11:16:28+00:00 2025-07-01T21:22:47.232036+00:00
pysec-2025-59
Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attackā€¦ apache-iotdb 2025-05-14T11:15:47+00:00 2025-07-01T21:22:47.177405+00:00
pysec-2025-38
OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during imā€¦ ironic 2025-05-08T17:16:01Z 2025-05-13T04:24:03.083929Z
pysec-2025-37
An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2ā€¦ django 2025-05-08T04:17:18+00:00 2025-05-08T05:23:16.210893+00:00
pysec-2025-42
9.8 (3.1)
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Verā€¦ vllm 2025-04-30T01:15:51+00:00 2025-05-28T21:23:12.396609+00:00
ID Description Updated
ID Description Published Updated
mal-2026-3364 Malicious code in quicklytookerv (PyPI) 2026-05-07T05:42:48Z 2026-05-07T05:42:48Z
mal-2026-3363 Malicious code in mrdaa-frontend (npm) 2026-05-07T03:55:55Z 2026-05-07T03:55:55Z
mal-2026-3362 Malicious code in 24712-pl5006 (npm) 2026-05-07T00:05:57Z 2026-05-07T00:50:41Z
mal-2026-3361 Malicious code in 24712-pl5004 (npm) 2026-05-06T22:30:34Z 2026-05-06T22:30:34Z
mal-2026-3360 Malicious code in @paysafe-tracking/error-monitoring (npm) 2026-05-06T22:00:17Z 2026-05-06T22:00:17Z
mal-2026-3358 Malicious code in 24712-pl4712 (npm) 2026-05-06T21:51:01Z 2026-05-06T21:51:01Z
mal-2026-3359 Malicious code in b2bneo-rest (npm) 2026-05-06T21:31:41Z 2026-05-06T21:31:41Z
mal-2026-3357 Malicious code in 24712-plv2 (npm) 2026-05-06T21:01:03Z 2026-05-06T21:31:25Z
mal-2026-3356 Malicious code in test-py-conn (PyPI) 2026-05-06T20:28:38Z 2026-05-06T20:28:38Z
mal-2026-3355 Malicious code in playwright-atoned (PyPI) 2026-05-06T20:07:00Z 2026-05-06T20:07:00Z
mal-2026-3354 Malicious code in playwright-acustomed (PyPI) 2026-05-06T13:46:28Z 2026-05-06T20:59:10Z
mal-2026-3353 Malicious code in money-badger-open-rpc (npm) 2026-05-06T09:15:52Z 2026-05-06T10:20:15Z
mal-2026-3352 Malicious code in carbonite-internal (npm) 2026-05-06T06:20:35Z 2026-05-06T06:20:35Z
mal-2026-3348 Malicious code in @rivianlabs/bedrock (npm) 2026-05-05T19:10:36Z 2026-05-05T19:10:36Z
mal-2026-3349 Malicious code in @rivianlabs/dc-fe-app-web-rivian-com (npm) 2026-05-05T19:03:30Z 2026-05-05T19:03:30Z
mal-2026-3351 Malicious code in @rivianlabs/dt-shop-bag-v0 (npm) 2026-05-05T19:00:46Z 2026-05-05T19:00:46Z
mal-2026-3350 Malicious code in @rivianlabs/dt-lib-lumberjack (npm) 2026-05-05T18:50:28Z 2026-05-05T18:50:28Z
mal-2026-3347 Malicious code in gemini-analyzer (PyPI) 2026-05-05T18:30:44Z 2026-05-05T19:38:21Z
mal-2026-3346 Malicious code in generator-go-circleci (npm) 2026-05-05T15:33:36Z 2026-05-05T15:33:36Z
mal-2026-3345 Malicious code in deployment-core (npm) 2026-05-05T15:33:36Z 2026-05-05T15:33:37Z
mal-2026-3344 Malicious code in @bold-commerce/stacks-ui (npm) 2026-05-05T15:27:44Z 2026-05-05T15:27:44Z
mal-2026-3343 Malicious code in @atlan/connectors (npm) 2026-05-05T15:27:44Z 2026-05-05T15:27:44Z
mal-2026-3341 Malicious code in runtime-probe (PyPI) 2026-05-05T15:20:52Z 2026-05-05T15:20:52Z
mal-2026-3342 Malicious code in runtime-readout (PyPI) 2026-05-05T15:14:31Z 2026-05-05T15:14:31Z
mal-2026-3340 Malicious code in trevlo (npm) 2026-05-05T11:51:48Z 2026-05-05T11:51:48Z
mal-2026-3339 Malicious code in nf-ui-components (npm) 2026-05-05T11:40:12Z 2026-05-05T11:40:13Z
mal-2026-3334 Malicious code in fanduel (npm) 2026-05-04T21:55:51Z 2026-05-04T21:55:51Z
mal-2026-3333 Malicious code in rogiant-quick-install (PyPI) 2026-05-04T21:10:00Z 2026-05-04T21:10:00Z
mal-2026-3332 Malicious code in rogiant (PyPI) 2026-05-04T20:53:10Z 2026-05-04T20:53:50Z
mal-2026-3331 Malicious code in lazyhtml-scripts (npm) 2026-05-04T19:42:20Z 2026-05-04T19:42:20Z
ID Description Published Updated
7paa020125 Denial of Service Vulnerabilities in System 800xA, SymphonyĀ® Plus IEC 61850 communication stack 2026-04-13T00:30:00.000Z 2026-04-13T00:30:00.000Z
7paa017341 PostgreSQL vulnerabilities in ABB Abilityā„¢ SymphonyĀ® Plus Engineering 2026-04-13T00:30:00.000Z 2026-04-13T00:30:00.000Z
7paa023732 System 800xA affected by 3rd party component vulnerabilities 2026-03-31T00:30:00.000Z 2026-03-31T00:30:00.000Z
4hzm000604 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (SQLite 3.2.4) 2026-03-26T00:30:00.000Z 2026-03-26T00:30:00.000Z
4jno000329 AWIN Gateways Vulnerabilities in Embedded Webserver 2026-03-13T00:30:00.000Z 2026-03-13T00:30:00.000Z
3adr011536 AC500 V3 Stack buffer overflow in Cryptographic Message Syntax 2026-03-12T00:30:00.000Z 2026-03-12T00:30:00.000Z
3adr011525 ABB Automation Builder Gateway for Windows with insecure defaults 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
3adr011524 AC500 V3 Multiple vulnerabilities 2026-02-24T00:30:00.000Z 2026-02-24T00:30:00.000Z
sa25p007 B&R Automation Studio Update of SQLite version 2026-02-18T00:30:00.000Z 2026-02-18T00:30:00.000Z
sa26p001 ā€‹ā€‹PVIā€‹ ā€‹ā€‹Insertion of Sensitive Information into Logfile 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa24p003 ā€‹B&R PCs vulnerable to PixieFail attackā€‹ 2026-01-29T00:30:00.000Z 2026-01-29T00:30:00.000Z
sa25p005 B&R Automation Runtime Improper Handling of Flooding conditions on ANSL Server 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
sa25p004 Automation Studio Insufficient Server Certificate Validation 2026-01-19T00:30:00.000Z 2026-01-19T00:30:00.000Z
9akk108472a1331 ABB Abilityā„¢ OPTIMAXĀ® Authentication Bypass in Single-Sign On with Azure Active Directory 2026-01-16T00:30:00.000Z 2026-01-16T00:30:00.000Z
2crt000009 WebPro SNMP Card PowerValue Multiple Vulnerabilities 2026-01-07T00:30:00.000Z 2026-01-07T00:30:00.000Z
4hzm000603 ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC) 2025-11-27T00:30:00.000Z 2025-11-28T00:30:00.000Z
7paa022088 Edgenius Management Portal Authentication Bypass 2025-11-20T00:30:00.000Z 2025-11-20T00:30:00.000Z
2nga002813 PCM600 SharpZip library vulnerability 2025-11-03T00:30:00.000Z 2025-11-03T00:30:00.000Z
9akk108471a8948 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-10-20T00:30:00.000Z 2025-10-21T00:30:00.000Z
4tz00000006007 ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations 2025-10-20T00:30:00.000Z 2025-10-23T00:30:00.000Z
4tz00000006008 LVS MConfig Insecure memory handling 2025-10-08T00:30:00.000Z 2025-10-08T00:30:00.000Z
sa25p003 B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-14T00:30:00.000Z
sa25p002 B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM) 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a7808 EIBPORT Reflected XSS 2025-10-07T00:30:00.000Z 2025-10-07T00:30:00.000Z
9akk108471a8107 Terra AC wallbox Heap Memory Corruption Vulnerability 2025-09-16T00:30:00.000Z 2025-11-28T08:00:00.000Z
9akk108471a7121 FLXeon Controllers Multiple vulnerabilities 2025-09-09T00:30:00.000Z 2025-09-18T00:30:00.000Z
2nga002743 ABB AbilityTM zenon Remote Transport Vulnerability 2025-08-12T00:30:00.000Z 2025-08-12T00:30:00.000Z
9akk108471a4462 ELSB/BLBA ASPECT advisory several CVEs 2025-08-11T00:30:00.000Z 2025-09-04T00:30:00.000Z
3adr011432 AC500 V2 Buffer overread on Modbus protocol 2025-07-23T00:30:00.000Z 2025-07-23T00:30:00.000Z
9akk108471a4556 Busch-WelcomeĀ® 2 wire Door opener actuator by default in compatibility mode. 2025-07-21T00:30:00.000Z 2025-07-21T00:30:00.000Z
ID Description Published Updated
wid-sec-w-2026-1349 vm2: Mehrere Schwachstellen 2026-05-03T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1334 Exim und cPanel/WHM: Mehrere Schwachstellen 2026-05-03T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1319 LiteLLM: Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen 2026-04-29T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1312 GnuTLS: Mehrere Schwachstellen 2026-04-29T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1307 cURL: Mehrere Schwachstellen 2026-04-28T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1306 Xen und Citrix Systems XenServer: Mehrere Schwachstellen 2026-04-28T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1304 Google Chrome/Microsoft Edge: Mehrere Schwachstellen 2026-04-28T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1296 Mozilla Firefox und Firefox ESR: Mehrere Schwachstellen 2026-04-28T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1292 Prometheus: Mehrere Schwachstellen 2026-04-27T22:00:00.000+00:00 2026-05-04T22:00:00.000+00:00
wid-sec-w-2026-1278 SmarterTools SmarterMail: Mehrere Schwachstellen ermƶglichen nicht spezifizierten Angriff 2026-04-26T22:00:00.000+00:00 2026-04-27T22:00:00.000+00:00
wid-sec-w-2026-1260 Google Chrome und Microsoft Edge: Mehrere Schwachstellen 2026-04-23T22:00:00.000+00:00 2026-04-29T22:00:00.000+00:00
wid-sec-w-2026-1258 Apache ActiveMQ: Mehrere Schwachstellen 2026-04-23T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1256 Microsoft Cloud-Produkte: Mehrere Schwachstellen 2026-04-23T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1253 OpenClaw: Mehrere Schwachstellen 2026-04-23T22:00:00.000+00:00 2026-05-06T22:00:00.000+00:00
wid-sec-w-2026-1233 PackageKit: Schwachstelle ermƶglicht Privilegieneskalation 2026-04-21T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1232 Linux Kernel: Mehrere Schwachstellen 2026-04-21T22:00:00.000+00:00 2026-05-03T22:00:00.000+00:00
wid-sec-w-2026-1228 Mozilla Thunderbird, Firefox ESR und Firefox: Mehrere Schwachstellen 2026-04-21T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1227 OpenClaw: Mehrere Schwachstellen 2026-04-21T22:00:00.000+00:00 2026-05-06T22:00:00.000+00:00
wid-sec-w-2026-1223 OpenBSD: Schwachstelle ermƶglicht nicht spezifizierten Angriff 2026-04-21T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1219 lxml: Schwachstelle ermƶglicht Offenlegung von Informationen 2026-04-21T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1201 Oracle Java SE: Mehrere Schwachstellen 2026-04-21T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1174 OpenClaw: Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen 2026-04-19T22:00:00.000+00:00 2026-05-05T22:00:00.000+00:00
wid-sec-w-2026-1161 OpenClaw: Mehrere Schwachstellen 2026-04-16T22:00:00.000+00:00 2026-05-06T22:00:00.000+00:00
wid-sec-w-2026-1160 Red Hat Enterprise Linux und Satellite (satellite/iop-remediations-rhel9 container image): Mehrere Schwachstellen 2026-04-16T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1147 vim: Schwachstelle ermƶglicht CodeausfĆ¼hrung 2026-04-15T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1145 Flowise: Mehrere Schwachstellen 2026-04-15T22:00:00.000+00:00 2026-04-21T22:00:00.000+00:00
wid-sec-w-2026-1144 GIMP: Mehrere Schwachstellen 2026-04-15T22:00:00.000+00:00 2026-04-16T22:00:00.000+00:00
wid-sec-w-2026-1136 Red Hat OpenShift Container Platform (gRPC-Go): Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen 2026-04-15T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1135 Budibase: Schwachstelle ermƶglicht Umgehen von Sicherheitsvorkehrungen 2026-04-15T22:00:00.000+00:00 2026-04-26T22:00:00.000+00:00
wid-sec-w-2026-1118 Dell PowerProtect Data Domain OS: Mehrere Schwachstellen 2026-04-14T22:00:00.000+00:00 2026-04-19T22:00:00.000+00:00
ID Description Published Updated
icsa-26-125-05 Johnson Controls CEM AC2000 2026-05-05T06:00:00.000000Z 2026-05-05T06:00:00.000000Z
va-26-119-02 TP-Link WR841N Router multiple vulnerabilities 2026-04-29T14:27:50Z 2026-04-29T14:27:50Z
va-26-119-01 CryptPad unbounded WebSocket frame flood 2026-04-29T00:00:00Z 2026-04-29T00:00:00Z
icsa-26-118-01 NSA GRASSMARLIN 2026-04-28T06:00:00.000000Z 2026-04-28T06:00:00.000000Z
icsa-26-125-01 Hitachi Energy PCM600 2026-04-28T00:00:00.000000Z 2026-05-05T06:00:00.000000Z
icsa-26-113-06 Intrado 911 Emergency Gateway (EGW) 2026-04-23T06:00:00.000000Z 2026-04-23T06:00:00.000000Z
icsa-26-113-05 Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera 2026-04-23T06:00:00.000000Z 2026-04-23T06:00:00.000000Z
icsa-26-113-04 SpiceJet Online Booking System 2026-04-23T06:00:00.000000Z 2026-04-23T06:00:00.000000Z
icsa-26-113-03 Milesight Cameras 2026-04-23T06:00:00.000000Z 2026-04-23T06:00:00.000000Z
icsa-26-113-02 Carlson Software VASCO-B GNSS Receiver 2026-04-23T06:00:00.000000Z 2026-04-23T06:00:00.000000Z
icsa-26-113-01 Yadea T5 Electric Bicycle 2026-04-23T06:00:00.000000Z 2026-04-23T06:00:00.000000Z
icsa-26-111-12 SenseLive X3050 2026-04-21T06:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-10 Silex Technology SD-330AC and AMC Manager 2026-04-21T06:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-06 Zero Motorcycles Firmware 2026-04-21T06:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-05 Hardy Barth Salia EV Charge Controller 2026-04-21T05:00:00.000000Z 2026-04-21T05:00:00.000000Z
icsa-26-106-04 AVEVA Pipeline Simulation 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-106-03 Anviz Multiple Products 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-106-02 Horner Automation Cscape and XL4, XL7 PLC 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-106-01 Delta Electronics ASDA-Soft 2026-04-16T06:00:00.000000Z 2026-04-16T06:00:00.000000Z
icsa-26-111-11 Siemens Industrial Edge Management 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-09 Siemens SINEC NMS 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-08 Siemens RUGGEDCOM CROSSBOW Station Access Controller (SAC) 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-07 Siemens SCALANCE 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-04 Siemens Analytics Toolkit 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-03 Siemens SINEC NMS 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-02 Siemens RUGGEDCOM CROSSBOW Secure Access Manager Primary 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-111-01 Siemens TPM 2.0 2026-04-14T00:00:00.000000Z 2026-04-21T06:00:00.000000Z
icsa-26-120-06 ABB Ability Symphony Plus Engineering 2026-04-13T00:30:00.000000Z 2026-04-30T06:00:00.000000Z
icsa-26-120-01 ABB System 800xA, Symphony Plus IEC 61850 2026-04-13T00:30:00.000000Z 2026-04-30T06:00:00.000000Z
icsa-26-099-02 GPL Odorizers GPL750 2026-04-09T06:00:00.000000Z 2026-04-09T06:00:00.000000Z
ID Description Published Updated
cisco-sa-unity-rce-ssrf-henhuasy Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-slido-idor-cpsfmkxn Cisco Slido Insecure Direct Object Reference Vulnerability 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-sg350-snmp-dos-gefzr2tj Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-pi-unauth-infodiscl-lfnlgmey Cisco Prime Infrastructure Information Disclosure Vulnerability 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-nso-dos-7egqyc Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Connection Exhaustion Denial of Service Vulnerability 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-ise-unauth-bypass-uxjrxgpb Cisco Identity Services Engine Authentication Bypass Vulnerabilities 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-iot-fnd-dos-n8n26q4u Cisco IoT Field Network Director Vulnerabilities 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-ece-lite-agent-bcgsn8eb Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability 2026-05-06T16:00:00+00:00 2026-05-06T16:00:00+00:00
cisco-sa-asaftd-persist-cisaed25-03 Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense 2026-04-23T15:00:00+00:00 2026-04-30T18:57:23+00:00
cisco-sa-wsa-auth-bypass-6yzktqhd Cisco Secure Web Appliance Authentication Bypass Vulnerability 2026-04-15T16:00:00+00:00 2026-04-16T13:14:04+00:00
cisco-sa-webexcc-xss-wex5nuna Cisco Webex Contact Center Cross-Site Scripting Vulnerability 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-webex-cui-cert-8jszyhwl Cisco Webex Services Certificate Validation Vulnerability 2026-04-15T16:00:00+00:00 2026-04-16T18:52:15+00:00
cisco-sa-unity-vulns-n2ejsbbw Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-unity-file-download-rmkevwpx Cisco Unity Connection Arbitrary File Download Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-te-agentfilewrite-tquw3smu Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-isexss-bs8cte7u Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-ise-rce-traversal-8byndvrz Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-28T14:33:18+00:00
cisco-sa-ise-rce-4fverepv Cisco Identity Services Engine Remote Code Execution Vulnerabilities 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-ise-cmd-inj-5wsjcyjb Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability 2026-04-15T16:00:00+00:00 2026-04-15T16:00:00+00:00
cisco-sa-ssm-cli-execution-chucwunr Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-ndi-afw-rjurc5dz Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-ssrf-naen4o7r Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-nd-cbid-5yqkoshu Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-epnm-improp-auth-muwfwuu3 Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cssm-priv-esc-xranouo8 Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-cimc-xss-a2tkgvab Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities 2026-04-01T16:00:00+00:00 2026-04-22T18:05:52+00:00
cisco-sa-cimc-cmd-inj-3hkn3bvt Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities 2026-04-01T16:00:00+00:00 2026-04-22T18:01:40+00:00
cisco-sa-cimc-auth-bypass-agg2bxtn Cisco Integrated Management Controller Authentication Bypass Vulnerability 2026-04-01T16:00:00+00:00 2026-04-01T16:00:00+00:00
cisco-sa-xe-secureboot-bypass-b6uyxysz Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
cisco-sa-wlc-dos-hnx5kgom Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability 2026-03-25T16:00:00+00:00 2026-03-25T16:00:00+00:00
ID Description Published Updated
msrc_cve-2026-7598 libssh2 userauth.c userauth_password integer overflow 2026-05-02T00:00:00.000Z 2026-05-06T01:42:35.000Z
msrc_cve-2026-43964 CVE-2026-43964 2026-05-02T00:00:00.000Z 2026-05-06T01:01:23.000Z
msrc_cve-2026-43058 media: vidtv: fix pass-by-value structs causing MSAN warnings 2026-05-02T00:00:00.000Z 2026-05-04T14:41:37.000Z
msrc_cve-2026-43053 xfs: close crash window in attr dabtree inactivation 2026-05-02T00:00:00.000Z 2026-05-04T14:38:15.000Z
msrc_cve-2026-43052 wifi: mac80211: check tdls flag in ieee80211_tdls_oper 2026-05-02T00:00:00.000Z 2026-05-04T14:39:12.000Z
msrc_cve-2026-43049 HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure 2026-05-02T00:00:00.000Z 2026-05-04T14:38:55.000Z
msrc_cve-2026-43048 HID: core: Mitigate potential OOB by removing bogus memset() 2026-05-02T00:00:00.000Z 2026-05-04T14:38:20.000Z
msrc_cve-2026-43045 mshv: Fix error handling in mshv_region_pin 2026-05-02T00:00:00.000Z 2026-05-02T01:03:37.000Z
msrc_cve-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair 2026-05-02T00:00:00.000Z 2026-05-04T14:39:01.000Z
msrc_cve-2026-43037 ip6_tunnel: clear skb2->cb[] in ip4ip6_err() 2026-05-02T00:00:00.000Z 2026-05-06T01:01:29.000Z
msrc_cve-2026-43036 net: use skb_header_pointer() for TCPv4 GSO frag_off check 2026-05-02T00:00:00.000Z 2026-05-04T14:38:38.000Z
msrc_cve-2026-43033 crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption 2026-05-02T00:00:00.000Z 2026-05-04T14:40:36.000Z
msrc_cve-2026-43022 Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists 2026-05-02T00:00:00.000Z 2026-05-02T01:02:42.000Z
msrc_cve-2026-43021 Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails 2026-05-02T00:00:00.000Z 2026-05-02T01:03:09.000Z
msrc_cve-2026-43019 Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync 2026-05-02T00:00:00.000Z 2026-05-04T14:39:35.000Z
msrc_cve-2026-43010 bpf: Reject sleepable kprobe_multi programs at attach time 2026-05-02T00:00:00.000Z 2026-05-04T14:39:29.000Z
msrc_cve-2026-43009 bpf: Fix incorrect pruning due to atomic fetch precision tracking 2026-05-02T00:00:00.000Z 2026-05-04T14:39:47.000Z
msrc_cve-2026-37457 CVE-2026-37457 2026-05-02T00:00:00.000Z 2026-05-05T01:03:04.000Z
msrc_cve-2026-31777 ALSA: ctxfi: Check the error for index mapping 2026-05-02T00:00:00.000Z 2026-05-04T14:38:26.000Z
msrc_cve-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers 2026-05-02T00:00:00.000Z 2026-05-04T14:39:07.000Z
msrc_cve-2026-31769 gpib: fix use-after-free in IO ioctl handlers 2026-05-02T00:00:00.000Z 2026-05-02T01:02:20.000Z
msrc_cve-2026-31729 usb: typec: ucsi: validate connector number in ucsi_notify_common() 2026-05-02T00:00:00.000Z 2026-05-04T14:39:41.000Z
msrc_cve-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move 2026-05-02T00:00:00.000Z 2026-05-04T14:38:50.000Z
msrc_cve-2026-31724 usb: gadget: f_eem: Fix net_device lifecycle with device_move 2026-05-02T00:00:00.000Z 2026-05-04T14:38:09.000Z
msrc_cve-2026-31723 usb: gadget: f_subset: Fix net_device lifecycle with device_move 2026-05-02T00:00:00.000Z 2026-05-04T14:38:03.000Z
msrc_cve-2026-31722 usb: gadget: f_rndis: Fix net_device lifecycle with device_move 2026-05-02T00:00:00.000Z 2026-05-04T14:38:32.000Z
msrc_cve-2026-31721 usb: gadget: f_hid: move list and spinlock inits from bind to alloc 2026-05-02T00:00:00.000Z 2026-05-04T14:40:05.000Z
msrc_cve-2026-31715 f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io() 2026-05-02T00:00:00.000Z 2026-05-04T14:39:52.000Z
msrc_cve-2026-31712 ksmbd: require minimum ACE size in smb_check_perm_dacl() 2026-05-02T00:00:00.000Z 2026-05-04T14:39:23.000Z
msrc_cve-2026-31711 smb: server: fix active_num_conn leak on transport allocation failure 2026-05-02T00:00:00.000Z 2026-05-04T14:40:11.000Z
ID Description Published Updated
ncsc-2026-0134 Kwetsbaarheden verholpen in Apache HTTP Server 2026-05-06T11:33:26.390004Z 2026-05-06T11:33:26.390004Z
ncsc-2026-0133 Kwetsbaarheden verholpen in Progress MOVEit Automation 2026-05-06T09:18:44.336770Z 2026-05-06T09:18:44.336770Z
ncsc-2026-0132 Kwetsbaarheid verholpen in Palo Alto Networks PAN-OS 2026-05-06T08:38:23.996672Z 2026-05-06T08:42:18.423397Z
ncsc-2026-0131 Kwetsbaarheid verholpen in Linux kernel cryptographic subsystem 2026-05-01T06:13:56.267237Z 2026-05-01T06:13:56.267237Z
ncsc-2026-0130 Kwetsbaarheid verholpen in cPanel en WHM 2026-04-30T08:00:11.291177Z 2026-04-30T08:00:11.291177Z
ncsc-2026-0129 Kwetsbaarheden verholpen in Apache Camel 2026-04-29T08:12:14.412477Z 2026-04-29T08:12:14.412477Z
ncsc-2026-0128 Kwetsbaarheden verholpen in GitLab EE en CE 2026-04-23T11:21:11.080481Z 2026-04-23T11:21:11.080481Z
ncsc-2026-0127 Kwetsbaarheden verholpen in Oracle PeopleSoft 2026-04-22T14:10:36.199130Z 2026-04-22T14:10:36.199130Z
ncsc-2026-0126 Kwetsbaarheden verholpen in Oracle E-Business Suite 2026-04-22T12:56:26.266249Z 2026-04-22T12:56:26.266249Z
ncsc-2026-0125 Kwetsbaarheden verholpen in Oracle Enterprise Manager 2026-04-22T12:46:17.624971Z 2026-04-22T12:46:17.624971Z
ncsc-2026-0124 Kwetsbaarheden verholpen in Oracle Identity Manager Connector 2026-04-22T11:33:45.816246Z 2026-04-22T11:33:45.816246Z
ncsc-2026-0123 Kwetsbaarheid verholpen in ASP.NET Core van Microsoft 2026-04-22T09:40:27.334869Z 2026-04-22T09:40:27.334869Z
ncsc-2026-0122 Kwetsbaarheid verholpen in Cisco Webex Services 2026-04-17T08:37:31.398143Z 2026-04-17T08:37:31.398143Z
ncsc-2026-0121 Kwetsbaarheden verholpen in Fortinet FortiSandbox 2026-04-15T12:23:16.801183Z 2026-04-15T12:23:16.801183Z
ncsc-2026-0120 Kwetsbaarheden verholpen in Fortinet FortiAnalyzer en FortiManager 2026-04-15T12:20:38.675602Z 2026-04-15T12:20:38.675602Z
ncsc-2026-0119 Kwetsbaarheden verholpen in Microsoft Windows 2026-04-15T08:53:38.926894Z 2026-04-15T08:53:38.926894Z
ncsc-2026-0118 Kwetsbaarheden verholpen in Microsoft SQL Server 2026-04-14T19:24:22.610160Z 2026-04-14T19:24:22.610160Z
ncsc-2026-0117 Kwetsbaarheden verholpen in Microsoft Azure 2026-04-14T19:23:30.733725Z 2026-04-14T19:23:30.733725Z
ncsc-2026-0116 Kwetsbaarheden verholpen in Microsoft Office 2026-04-14T19:20:56.343558Z 2026-04-14T19:20:56.343558Z
ncsc-2026-0115 Kwetsbaarheid verholpen in Microsoft Defender 2026-04-14T19:19:48.691858Z 2026-04-15T08:54:16.881135Z
ncsc-2026-0114 Kwetsbaarheden verholpen in Microsoft Developer tools 2026-04-14T19:18:58.666745Z 2026-04-14T19:18:58.666745Z
ncsc-2026-0113 Kwetsbaarheden verholpen in SAP-producten 2026-04-14T12:55:40.388960Z 2026-04-14T12:55:40.388960Z
ncsc-2026-0112 Kwetsbaarheden verholpen in Siemens producten 2026-04-14T11:37:21.682429Z 2026-04-14T11:37:21.682429Z
ncsc-2026-0111 Kwetsbaarheid verholpen in Adobe Acrobat 2026-04-12T08:42:18.844193Z 2026-04-13T09:38:04.129352Z
ncsc-2026-0110 Kwetsbaarheid verholpen in Cisco Smart Software Manager On-Prem 2026-04-10T14:28:58.703642Z 2026-04-10T14:28:58.703642Z
ncsc-2026-0109 Kwetsbaarheden verholpen in Synology SSL VPN Client 2026-04-10T12:11:00.859799Z 2026-04-10T12:11:00.859799Z
ncsc-2026-0108 Kwetsbaarheid verholpen in Juniper Networks Junos OS Evolved 2026-04-10T12:06:13.479822Z 2026-04-10T12:06:13.479822Z
ncsc-2026-0107 Kwetsbaarheid verholpen in FortiClient EMS van Fortinet 2026-04-04T13:49:19.002116Z 2026-04-04T13:49:19.002116Z
ncsc-2026-0106 Kwetsbaarheden verholpen in Cisco Integrated Management Controller 2026-04-03T10:34:46.145536Z 2026-04-03T10:34:46.145536Z
ncsc-2026-0105 Kwetsbaarheden verholpen in Cisco Nexus Dashboard en Nexus Dashboard Insights 2026-04-03T08:20:48.187725Z 2026-04-03T08:20:48.187725Z
ID Description Published Updated
nn-2026:2-01 Stored Cross-Site Scripting (XSS) in Assets and Nodes in Guardian/CMC before 26.0.0 2026-04-15T11:00:00.000Z 2026-04-15T11:00:00.000Z
nn-2026:1-01 Incorrect authorization for Threat Intelligence in Guardian/CMC before 26.0.0 2026-04-15T11:00:00.000Z 2026-04-15T11:00:00.000Z
nn-2025:18-01 Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:17-01 HTML injection in Sensor Map in CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:16-01 HTML injection in Alerted Nodes Dashboard in Guardian/CMC before 25.6.0 2026-03-04T11:00:00.000Z 2026-03-04T11:00:00.000Z
nn-2025:15-01 Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:14-01 HTML injection in Asset List in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:13-01 Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:12-01 HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0 2025-12-18T11:00:00.000Z 2025-12-18T11:00:00.000Z
nn-2025:11-01 Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 2025-11-25T11:00:00.000Z 2025-11-26T11:00:00.000Z
nn-2025:9-01 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:8-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:7-01 Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:6-01 Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:5-01 Incorrect authorization for CLI in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:4-01 Client-side path traversal in Guardian/CMC before 25.2.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:10-01 Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 2025-10-07T11:00:00.000Z 2025-10-07T11:00:00.000Z
nn-2025:3-01 Incorrect authorization for traces request/download in CMC before 25.1.0 2025-08-26T11:00:00.000Z 2025-08-26T11:00:00.000Z
nn-2025:2-01 Privilege escalation in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2025:1-01 Authenticated RCE in update functionality in Guardian/CMC before 24.6.0 2025-06-10T11:00:00.000Z 2025-06-10T11:00:00.000Z
nn-2024_1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2024:1-01 DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-10T11:00:00.000Z
nn-2023_17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023:17-01 Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1 2024-04-10T11:00:00.000Z 2024-04-11T11:00:00.000Z
nn-2023_12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023:12-01 Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0 2024-01-15T11:00:00.000Z 2024-01-16T11:00:00.000Z
nn-2023_9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_11-01 SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023_10-01 DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
nn-2023:9-01 Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0 2023-09-18T11:00:00.000Z 2023-11-16T11:00:00.000Z
ID Description Published Updated
opensuse-su-2026:10686-1 libwireshark19-4.6.5-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10685-1 libthrift-0_23_0-0.23.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10684-1 teleport-17.7.23-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10683-1 skim-4.6.1-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10682-1 rclone-1.74.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10681-1 python311-social-auth-core-4.8.7-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10680-1 python311-django-allauth-65.16.1-2.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10679-1 net-tools-3.14~alpha~git.20251212.7011617-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10678-1 liblxc-devel-7.0.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10677-1 grafana-11.6.14+security01-2.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10676-1 golang-github-prometheus-prometheus-3.11.3-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10675-1 dpkg-1.22.22-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10674-1 curl-8.20.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10673-1 coredns-1.14.3-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10672-1 cmctl-2.5.0-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10671-1 bubblewrap-0.11.2-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10670-1 avahi-0.8-43.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10669-1 alloy-1.16.0-2.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:10668-1 MozillaFirefox-150.0.1-1.1 on GA media 2026-05-04T00:00:00Z 2026-05-04T00:00:00Z
opensuse-su-2026:20660-1 Security update for chromium 2026-05-01T22:48:13Z 2026-05-01T22:48:13Z
opensuse-su-2026:20664-1 Security update for MozillaThunderbird 2026-05-01T17:00:28Z 2026-05-01T17:00:28Z
opensuse-su-2026:10662-1 glibc-2.43-1.1 on GA media 2026-04-30T00:00:00Z 2026-04-30T00:00:00Z
opensuse-su-2026:10661-1 firefox-esr-140.10.1-1.1 on GA media 2026-04-30T00:00:00Z 2026-04-30T00:00:00Z
opensuse-su-2026:20654-1 Security update for grafana 2026-04-29T16:12:10Z 2026-04-29T16:12:10Z
opensuse-su-2026:20652-1 Security update for openexr 2026-04-29T14:35:24Z 2026-04-29T14:35:24Z
opensuse-su-2026:20651-1 Security update for ntfs-3g_ntfsprogs 2026-04-29T14:19:47Z 2026-04-29T14:19:47Z
opensuse-su-2026:20650-1 Security update for python-PyNaCl 2026-04-29T14:17:40Z 2026-04-29T14:17:40Z
opensuse-su-2026:20647-1 Security update for libssh 2026-04-29T11:20:23Z 2026-04-29T11:20:23Z
opensuse-su-2026:20646-1 Security update for PackageKit 2026-04-29T09:45:23Z 2026-04-29T09:45:23Z
opensuse-su-2026:20653-1 Security update for radare2 2026-04-29T08:45:46Z 2026-04-29T08:45:46Z
ID Description Published Updated
oxdc-adv-2026-0001 OX Dovecot Security Advisory OXDC-ADV-2026-0001 2026-03-27T00:00:00+00:00 2026-03-27T00:00:00+00:00
oxdc-adv-2025-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 2025-10-31T00:00:00+00:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0003 OX App Suite Security Advisory OXAS-ADV-2025-0003 2025-09-24T00:00:00+02:00 2025-11-27T00:00:00+00:00
oxas-adv-2025-0002 OX App Suite Security Advisory OXAS-ADV-2025-0002 2025-08-12T00:00:00+02:00 2025-10-31T00:00:00+00:00
oxas-adv-2025-0001 OX App Suite Security Advisory OXAS-ADV-2025-0001 2025-01-27T00:00:00+01:00 2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002 2024-09-10T00:00:00+02:00 2024-09-10T00:00:00+00:00
oxdc-adv-2024-0001 OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001 2024-09-02T00:00:00+02:00 2024-09-06T00:00:00+00:00
oxas-adv-2024-0005 OX App Suite Security Advisory OXAS-ADV-2024-0005 2024-07-08T00:00:00+02:00 2024-09-09T00:00:00+00:00
oxas-adv-2024-0004 OX App Suite Security Advisory OXAS-ADV-2024-0004 2024-06-13T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0003 OX App Suite Security Advisory OXAS-ADV-2024-0003 2024-04-24T00:00:00+02:00 2024-08-19T00:00:00+00:00
oxas-adv-2024-0002 OX App Suite Security Advisory OXAS-ADV-2024-0002 2024-03-06T00:00:00+01:00 2024-05-06T00:00:00+00:00
oxas-adv-2024-0001 OX App Suite Security Advisory OXAS-ADV-2024-0001 2024-02-08T00:00:00+01:00 2024-04-25T00:00:00+00:00
oxas-adv-2023-0007 OX App Suite Security Advisory OXAS-ADV-2023-0007 2023-12-11T00:00:00+01:00 2024-02-16T00:00:00+00:00
oxas-adv-2023-0006 OX App Suite Security Advisory OXAS-ADV-2023-0006 2023-09-25T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0005 OX App Suite Security Advisory OXAS-ADV-2023-0005 2023-09-19T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0004 OX App Suite Security Advisory OXAS-ADV-2023-0004 2023-08-01T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0003 OX App Suite Security Advisory OXAS-ADV-2023-0003 2023-05-02T00:00:00+02:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0002 OX App Suite Security Advisory OXAS-ADV-2023-0002 2023-03-20T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2023-0001 OX App Suite Security Advisory OXAS-ADV-2023-0001 2023-02-06T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0002 OX App Suite Security Advisory OXAS-ADV-2022-0002 2022-11-02T00:00:00+01:00 2024-01-22T00:00:00+00:00
oxas-adv-2022-0001 OX App Suite Security Advisory OXAS-ADV-2022-0001 2022-08-10T00:00:00+02:00 2024-01-22T00:00:00+00:00
ID Description Published Updated
rhsa-2026:14673 Red Hat Security Advisory: LibRaw security update 2026-05-07T06:29:24+00:00 2026-05-07T06:29:52+00:00
rhsa-2026:14656 Red Hat Security Advisory: python3.12 security update 2026-05-07T05:25:28+00:00 2026-05-07T05:25:56+00:00
rhsa-2026:14652 Red Hat Security Advisory: python3.11 security update 2026-05-07T04:55:03+00:00 2026-05-07T05:25:56+00:00
rhsa-2026:14437 Red Hat Security Advisory: sudo security update 2026-05-06T22:25:43+00:00 2026-05-07T02:29:04+00:00
rhsa-2026:14339 Red Hat Security Advisory: kernel security update 2026-05-06T21:19:48+00:00 2026-05-07T02:28:56+00:00
rhsa-2026:14391 Red Hat Security Advisory: Red Hat build of Cryostat security update 2026-05-06T21:10:06+00:00 2026-05-07T02:29:06+00:00
rhsa-2026:13727 Red Hat Security Advisory: OpenShift Container Platform 4.18.40 bug fix and security update 2026-05-06T20:47:28+00:00 2026-05-07T02:28:55+00:00
rhsa-2026:13736 Red Hat Security Advisory: OpenShift Container Platform 4.18.40 bug fix and security update 2026-05-06T19:58:31+00:00 2026-05-06T20:17:30+00:00
rhsa-2026:14303 Red Hat Security Advisory: thunderbird security update 2026-05-06T19:20:17+00:00 2026-05-06T20:40:59+00:00
rhsa-2026:14301 Red Hat Security Advisory: kernel-rt security update 2026-05-06T18:51:08+00:00 2026-05-07T02:27:26+00:00
rhsa-2026:14276 Red Hat Security Advisory: Red Hat AMQ Broker 7.12.7 release and security update 2026-05-06T17:59:07+00:00 2026-05-06T20:38:26+00:00
rhsa-2026:14272 Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update 2026-05-06T17:58:57+00:00 2026-05-06T20:38:28+00:00
rhsa-2026:14230 Red Hat Security Advisory: kernel security update 2026-05-06T17:34:12+00:00 2026-05-07T02:28:55+00:00
rhsa-2026:14228 Red Hat Security Advisory: sudo security update 2026-05-06T17:20:12+00:00 2026-05-07T02:28:31+00:00
rhsa-2026:14223 Red Hat Security Advisory: thunderbird security update 2026-05-06T16:58:32+00:00 2026-05-06T20:40:54+00:00
rhsa-2026:14224 Red Hat Security Advisory: LibRaw security update 2026-05-06T16:52:12+00:00 2026-05-07T06:29:48+00:00
rhsa-2026:14213 Red Hat Security Advisory: corosync security update 2026-05-06T16:44:11+00:00 2026-05-06T20:40:43+00:00
rhsa-2026:14212 Red Hat Security Advisory: corosync security update 2026-05-06T16:37:32+00:00 2026-05-06T20:40:50+00:00
rhsa-2026:14216 Red Hat Security Advisory: corosync security update 2026-05-06T16:30:52+00:00 2026-05-06T20:40:48+00:00
rhsa-2026:14214 Red Hat Security Advisory: corosync security update 2026-05-06T16:26:06+00:00 2026-05-06T20:40:46+00:00
rhsa-2026:14210 Red Hat Security Advisory: corosync security update 2026-05-06T16:21:57+00:00 2026-05-06T20:40:45+00:00
rhsa-2026:14215 Red Hat Security Advisory: corosync security update 2026-05-06T16:18:02+00:00 2026-05-06T20:40:47+00:00
rhsa-2026:14211 Red Hat Security Advisory: corosync security update 2026-05-06T16:14:02+00:00 2026-05-06T20:40:45+00:00
rhsa-2026:14205 Red Hat Security Advisory: corosync security update 2026-05-06T15:54:12+00:00 2026-05-06T20:40:44+00:00
rhsa-2026:14200 Red Hat Security Advisory: git-lfs security update 2026-05-06T15:34:47+00:00 2026-05-07T02:29:05+00:00
rhsa-2026:13690 Red Hat Security Advisory: OpenShift Container Platform 4.19.30 bug fix and security update 2026-05-06T14:18:17+00:00 2026-05-07T02:28:51+00:00
rhsa-2026:14165 Red Hat Security Advisory: kernel security update 2026-05-06T14:14:57+00:00 2026-05-07T02:28:55+00:00
rhsa-2026:13862 Red Hat Security Advisory: OpenShift Container Platform 4.20.21 bug fix and security update 2026-05-06T14:06:02+00:00 2026-05-07T02:28:53+00:00
rhsa-2026:14162 Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.3 release 2026-05-06T13:54:24+00:00 2026-05-06T21:11:08+00:00
rhsa-2026:14137 Red Hat Security Advisory: kernel-rt security update 2026-05-06T13:41:11+00:00 2026-05-07T02:27:30+00:00
ID Description Published Updated
sevd-2026-104-03 Use of Hard-coded Credentials vulnerability on Easergy MiCOM Px40 Series 2026-04-14T07:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2026-104-02 Third-Party vulnerability on Modicon Networking Managed Switches 2026-04-14T07:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2026-104-01 Multiple Vulnerabilities on PowerChuteā„¢ Serial Shutdown 2026-04-14T07:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2026-069-06 Deserialization of Untrusted Data vulnerability on Multiple Products 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-05 Use of Hard-coded Credentials vulnerability in EcoStruxureā„¢ IT Data Center Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-04 Improper Control of Generation of Code ('Code Injection') vulnerability on EcoStruxureā„¢ Automation Expert 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-069-03 Deserialization of Untrusted Data vulnerability on EcoStruxureā„¢ Foxboro DCS 2026-03-10T07:00:00.000Z 2026-03-13T07:00:00.000Z
sevd-2026-069-02 Improper Neutralization vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-069-01 Improper Resource Shutdown or Release vulnerability in Multiple Products 2026-03-10T07:00:00.000Z 2026-03-31T07:00:00.000Z
sevd-2026-041-02 Multiple Vulnerabilities on EcoStruxureā„¢ Building Operation Workstation and EcoStruxureā„¢ Building Operation Webstation 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-041-01 Improper Check for Unusual or Exceptional Conditions on Multiple Products 2026-02-10T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2026-013-04 Multiple Vulnerabilities on EcoStruxure Power Build Rapsody 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2026-013-03 Multiple Vulnerabilities on Zigbee Products 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-02 Incorrect Default Permissions Vulnerability on EcoStruxureā„¢ Process Expert 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
sevd-2026-013-01 Multiple Third-Party Vulnerabilities on ProLeiT Plant iT/Brewmaxx 2026-01-13T08:00:00.000Z 2026-03-10T07:00:00.000Z
sevd-2025-343-02 EcoStruxureā„¢ Foxboro DCS Advisor 2025-12-09T08:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-343-01 EcoStruxureā„¢ Foxboro DCS 2025-12-09T08:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-315-02 EcoStruxureā„¢ Machine SCADA Expert & Pro-face BLUE Open Studio 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-315-01 PowerChuteā„¢ Serial Shutdown 2025-11-11T08:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-287-01 EcoStruxureā„¢ OPC UA Server Expert and EcoStruxureā„¢ Modicon Communication Server 2025-10-14T07:00:00.000Z 2025-10-14T07:00:00.000Z
sevd-2025-252-02 Saitel DR & Saitel DP Remote Terminal Unit 2025-09-09T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-252-01 Multiple Altivar Process Drives and Communication Modules 2025-09-09T04:00:00.000Z 2025-12-09T08:00:00.000Z
sevd-2025-224-05 Modicon M340 Controller and Communication Modules 2025-08-12T04:00:00.000Z 2026-04-14T07:00:00.000Z
sevd-2025-224-04 EcoStruxureā„¢ Building Operation Enterprise Server, EcoStruxureā„¢ Building Operation Enterprise Central, and EcoStruxureā„¢ Workstation 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-03 Schneider Electric Software Update 2025-08-12T04:00:00.000Z 2025-09-09T04:00:00.000Z
sevd-2025-224-02 EcoStruxureā„¢ Power Monitoring Expert Software & EcoStruxureā„¢ Power Operation (EPO) and EcoStruxureā„¢ Power SCADA Operation (PSO) 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-224-01 Saitel DR & Saitel DP Remote Terminal Unit 2025-08-12T04:00:00.000Z 2025-11-11T08:00:00.000Z
sevd-2025-189-04 EcoStruxureā„¢ Power Monitoring Expert (PME) and EcoStruxureā„¢ Power Operation (EPO) with Advanced Reporting and Dashboards 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
sevd-2025-189-03 EcoStruxureā„¢ Power Operation 2025-07-08T04:00:00.000Z 2026-02-10T08:00:00.000Z
sevd-2025-189-02 System Monitor Application in Harmony and Pro-face PS5000 Legacy Industrial PCs 2025-07-08T04:00:00.000Z 2025-07-08T04:00:00.000Z
ID Description Published Updated
sca-2026-0007 Sudo vulnerability affects Endress+Hauser MCS200HW 2026-04-21T13:00:00.000Z 2026-04-21T13:00:00.000Z
sca-2026-0006 Vulnerabilities affecting SICK Lector85x and SICK Lector83x 2026-03-06T14:00:00.000Z 2026-03-06T14:00:00.000Z
sca-2026-0005 Vulnerabilities affecting SICK LMS1000 and SICK MRS1000 2026-02-27T14:00:00.000Z 2026-02-27T14:00:00.000Z
sca-2026-0004 Eclipse Cyclone DDS Vulnerabilities have no impact on SICK picoScan150 & SICK picoScan120 products 2026-02-13T14:00:00.000Z 2026-02-13T14:00:00.000Z
sca-2026-0003 Vulnerability affecting SICK nanoScan3 and microScan3 2026-01-26T14:00:00.000Z 2026-01-26T14:00:00.000Z
sca-2026-0002 Vulnerabilities affecting SICK Incoming Goods Suite 2026-01-15T14:00:00.000Z 2026-01-22T19:00:00.000Z
sca-2026-0001 Vulnerabilities affecting SICK TDC-X401GL 2026-01-15T14:00:00.000Z 2026-01-15T14:00:00.000Z
sca-2025-0014 CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC 2025-11-03T11:00:00.000Z 2025-11-03T14:00:00.000Z
sca-2025-0013 Vulnerabilities affecting SICK TLOC100-100 2025-10-27T14:00:00.000Z 2025-11-11T14:00:00.000Z
sca-2025-0012 Sudo vulnerability affects SICK SID products 2025-10-27T11:00:00.000Z 2025-10-27T14:00:00.000Z
sca-2025-0011 Vulnerabilities affecting Endress+Hauser SSG-E210GC 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0010 Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products 2025-10-02T13:00:00.000Z 2025-10-02T13:00:00.000Z
sca-2025-0009 Vulnerabilities affecting SICK TDC-E210GC 2025-08-01T13:00:00.000Z 2025-08-01T13:00:00.000Z
sca-2025-0008 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-07-03T13:00:00.000Z 2025-07-03T13:00:00.000Z
sca-2025-0007 Multiple vulnerabilities in SICK Field Analytics and SICK Media Server 2025-06-12T13:00:00.000Z 2025-06-12T13:00:00.000Z
sca-2025-0006 Vulnerability affecting picoScan and multiScan 2025-04-28T13:00:00.000Z 2025-04-28T13:00:00.000Z
sca-2025-0005 Vulnerabilities in SICK Flexi Compact 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
sca-2025-0004 Critical vulnerabilities in SICK DL100-2xxxxxxx 2025-03-14T11:00:00.000Z 2025-03-14T11:00:00.000Z
sca-2025-0003 FreeRTOS Vulnerabilities have no impact on SICK Products 2025-02-28T00:00:00.000Z 2026-04-17T11:00:00.000Z
sca-2025-0001 Multiple vulnerabilities in SICK MEAC300 2025-02-14T14:00:00.000Z 2025-02-21T14:00:00.000Z
sca-2025-0002 Vulnerability in SICK Lector8xx and SICK InspectorP8xx 2025-02-14T10:19:00.000Z 2025-02-14T10:19:00.000Z
sca-2024-0007 Vulnerability in SICK OLM 2024-12-31T00:00:00.000Z 2024-12-31T00:00:00.000Z
sca-2024-0006 Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx 2024-12-06T00:00:00.000Z 2024-12-06T00:00:00.000Z
sca-2024-0005 Vulnerability in SICK Incoming Goods Suite 2024-11-19T00:00:00.000Z 2024-11-19T00:00:00.000Z
sca-2024-0004 Third party vulnerabilities in SICK CDE-100 2024-11-07T12:00:00.000Z 2024-11-07T12:00:00.000Z
sca-2024-0003 Critical vulnerability in multiple SICK products 2024-10-17T13:00:00.000Z 2024-10-17T13:00:00.000Z
sca-2024-0002 Vulnerability in SICK MSC800 2024-09-11T23:00:00.000Z 2024-09-11T23:00:00.000Z
sca-2024-0001 Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics 2024-01-29T00:00:00.000Z 2024-01-29T00:00:00.000Z
sca-2023-0011 Vulnerability in multiple SICK Flexi Soft Gateways 2023-10-23T11:00:00.000Z 2023-10-23T11:00:00.000Z
sca-2023-0010 Vulnerabilities in SICK Application Processing Unit 2023-10-09T11:00:00.000Z 2023-10-09T11:00:00.000Z
ID Description Published Updated
ssa-981622 SSA-981622: Improper Certificate Validation Vulnerability in Siemens Analytics Toolkit 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-801704 SSA-801704: Authentication Bypass Vulnerability in SINEC NMS 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-741509 SSA-741509: Privilege Escalation Vulnerability in RUGGEDCOM CROSSBOW Secure Access Manager Primary Before V5.8 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-628843 SSA-628843: Out of Bound Read Vulnerability in TPM 2.0 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-609469 SSA-609469: Authorization Bypass Vulnerability in Industrial Edge Management 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-605717 SSA-605717: Authorization Bypass Vulnerability in SINEC NMS Before V4.0 SP3 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-225816 SSA-225816: Memory Corruption Vulnerability in RUGGEDCOM CROSSBOW Station Access Controller Before V5.8 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-019200 SSA-019200: Multiple Vulnerabilities in SCALANCE W-700 IEEE 802.11n Devices Before V6.6.0 2026-04-14T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-246443 SSA-246443: Multiple Vulnerabilities in SICAM 8 Products 2026-03-26T00:00:00.000Z 2026-03-26T00:00:00.000Z
ssa-975644 SSA-975644: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-903736 SSA-903736: Multiple vulnerabilities in SICAM SIAPP SDK before V2.1.7 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-485750 SSA-485750: Multiple Vulnerabilities in SIDIS Prime Before V4.0.800 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-452276 SSA-452276: Eval Injection Vulnerability in SIMATIC S7-1500 2026-03-10T00:00:00.000Z 2026-03-19T00:00:00.000Z
ssa-126399 SSA-126399: Improper Access Control Vulnerability in Heliox EV Chargers 2026-03-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-965753 SSA-965753: Multiple File Parsing Vulnerabilities in Simcenter Femap and Nastran Before V2512 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-625934 SSA-625934: Improper Access Control Vulnerability in the Webhooks Implementation of Siveillance Video Management Servers 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-535115 SSA-535115: Data Validation Vulnerability in NX Before V2512 2026-02-10T00:00:00.000Z 2026-03-10T00:00:00.000Z
ssa-507364 SSA-507364: Heap Based Buffer Overflow Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-445819 SSA-445819: Out of Bounds Read in PS/IGES Parasolid Translator Component in Solid Edge 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-311973 SSA-311973: Multiple Local Privilege Escalation Vulnerabilities in SINEC NMS and User Management Component (UMC) 2026-02-10T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-035571 SSA-035571: Cross Site Scripting Vulnerability in Polarion Before V2506 2026-02-10T00:00:00Z 2026-02-10T00:00:00Z
ssa-089022 SSA-089022: Multiple Vulnerabilities in Third-Party Components in SINEC OS before V3.3 2026-01-28T00:00:00Z 2026-02-24T00:00:00Z
ssa-827968 SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices 2026-01-13T00:00:00.000Z 2026-04-14T00:00:00.000Z
ssa-674753 SSA-674753: Denial-of-Service Vulnerability in ET 200 Devices 2026-01-13T00:00:00Z 2026-02-10T00:00:00Z
ssa-192617 SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-014678 SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-001536 SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices 2026-01-13T00:00:00Z 2026-01-13T00:00:00Z
ssa-512988 SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 2025-12-12T00:00:00Z 2025-12-12T00:00:00Z
ssa-915282 SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices 2025-12-09T00:00:00Z 2025-12-09T00:00:00Z
ssa-912274 SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 2025-12-09T00:00:00Z 2026-01-13T00:00:00Z
ID Description Published Updated
suse-su-2026:1692-1 Security update for xen 2026-05-05T08:03:58Z 2026-05-05T08:03:58Z
suse-su-2026:1691-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7) 2026-05-05T07:04:40Z 2026-05-05T07:04:40Z
suse-su-2026:1690-1 Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise 15 SP7) 2026-05-05T06:34:37Z 2026-05-05T06:34:37Z
suse-su-2026:1689-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) 2026-05-05T06:34:34Z 2026-05-05T06:34:34Z
suse-su-2026:1686-1 Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 15 SP7) 2026-05-05T06:34:25Z 2026-05-05T06:34:25Z
suse-su-2026:1684-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7) 2026-05-05T06:34:20Z 2026-05-05T06:34:20Z
suse-su-2026:1671-2 Security update for the Linux Kernel 2026-05-04T09:19:31Z 2026-05-04T09:19:31Z
suse-su-2026:1678-1 Security update for the Linux Kernel 2026-05-02T10:27:10Z 2026-05-02T10:27:10Z
suse-su-2026:1677-1 Security update for the Linux Kernel 2026-05-02T10:26:10Z 2026-05-02T10:26:10Z
suse-su-2026:21443-1 Security update for the Linux Kernel 2026-05-02T10:03:34Z 2026-05-02T10:03:34Z
suse-su-2026:21457-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_20 2026-05-02T08:51:37Z 2026-05-02T08:51:37Z
suse-su-2026:21444-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_20 2026-05-02T08:51:37Z 2026-05-02T08:51:37Z
suse-su-2026:21463-1 Security update for the Linux Kernel 2026-05-02T08:18:13Z 2026-05-02T08:18:13Z
suse-su-2026:21439-1 Security update for the Linux Kernel 2026-05-02T08:18:13Z 2026-05-02T08:18:13Z
suse-su-2026:21454-1 Security update for the Linux Kernel 2026-05-02T08:10:07Z 2026-05-02T08:10:07Z
suse-su-2026:1676-1 Security update for the Linux Kernel 2026-05-02T07:19:34Z 2026-05-02T07:19:34Z
suse-su-2026:1675-1 Security update for the Linux Kernel 2026-05-02T07:19:20Z 2026-05-02T07:19:20Z
suse-su-2026:1674-1 Security update for the Linux Kernel 2026-05-02T07:19:11Z 2026-05-02T07:19:11Z
suse-su-2026:21421-1 Security update for the Linux Kernel 2026-05-02T07:09:30Z 2026-05-02T07:09:30Z
suse-su-2026:1672-1 Security update for the Linux Kernel 2026-05-02T06:02:50Z 2026-05-02T06:02:50Z
suse-su-2026:1671-1 Security update for the Linux Kernel 2026-05-02T06:01:05Z 2026-05-02T06:01:05Z
suse-su-2026:1670-1 Security update for the Linux Kernel 2026-05-02T05:53:40Z 2026-05-02T05:53:40Z
suse-su-2026:1669-1 Security update for the Linux Kernel 2026-05-02T05:38:43Z 2026-05-02T05:38:43Z
suse-su-2026:21442-1 Security update for the Linux Kernel 2026-05-01T23:16:53Z 2026-05-01T23:16:53Z
suse-su-2026:21453-1 Security update for the Linux Kernel 2026-05-01T22:29:58Z 2026-05-01T22:29:58Z
suse-su-2026:21456-1 Security update for kernel-livepatch-MICRO-6-0_Update_19 2026-05-01T21:26:43Z 2026-05-01T21:26:43Z
suse-su-2026:21441-1 Security update for kernel-livepatch-MICRO-6-0_Update_19 2026-05-01T21:26:43Z 2026-05-01T21:26:43Z
suse-su-2026:1668-1 Security update for the Linux Kernel 2026-05-01T08:37:51Z 2026-05-01T08:37:51Z
suse-su-2026:1667-1 Security update for python-Pygments 2026-04-30T17:22:44Z 2026-04-30T17:22:44Z
suse-su-2026:1666-1 Security update for python-Pygments 2026-04-30T17:22:16Z 2026-04-30T17:22:16Z
ID Description Published Updated
alsa-2026:14200 Important: git-lfs security update 2026-05-06T00:00:00Z 2026-05-06T21:14:42Z
alsa-2026:13978 Moderate: libsoup security update 2026-05-06T00:00:00Z 2026-05-06T21:14:44Z
alsa-2026:13917 Important: fence-agents security update 2026-05-06T00:00:00Z 2026-05-06T21:16:01Z
alsa-2026:13916 Important: fence-agents security update 2026-05-06T00:00:00Z 2026-05-06T15:28:30Z
alsa-2026:13902 Important: resource-agents security update 2026-05-06T00:00:00Z 2026-05-06T09:10:55Z
alsa-2026:13857 Important: dovecot security update 2026-05-05T00:00:00Z 2026-05-06T21:14:44Z
alsa-2026:13830 Important: dovecot security update 2026-05-05T00:00:00Z 2026-05-05T19:20:58Z
alsa-2026:13677 Moderate: systemd security update 2026-05-05T00:00:00Z 2026-05-05T19:25:12Z
alsa-2026:13671 Important: image-builder security update 2026-05-05T00:00:00Z 2026-05-05T17:13:15Z
alsa-2026:13670 Moderate: python-tornado security update 2026-05-05T00:00:00Z 2026-05-06T08:48:26Z
alsa-2026:13657 Moderate: corosync security update 2026-05-05T00:00:00Z 2026-05-06T08:44:52Z
alsa-2026:13651 Moderate: systemd security update 2026-05-05T00:00:00Z 2026-05-05T19:29:01Z
alsa-2026:13643 Important: osbuild-composer security update 2026-05-05T00:00:00Z 2026-05-06T09:54:22Z
alsa-2026:13642 Important: image-builder security update 2026-05-05T00:00:00Z 2026-05-06T12:45:30Z
alsa-2026:13641 Moderate: python-tornado security update 2026-05-05T00:00:00Z 2026-05-06T09:55:57Z
alsa-2026:13578 Important: kernel-rt security update 2026-05-05T00:00:00Z 2026-05-05T10:47:31Z
alsa-2026:13577 Important: kernel security update 2026-05-05T00:00:00Z 2026-05-05T10:33:06Z
alsa-2026:13566 Important: kernel security update 2026-05-04T00:00:00Z 2026-05-06T23:00:55Z
alsa-2026:13565 Important: kernel security update 2026-05-04T00:00:00Z 2026-05-07T00:12:38Z
alsa-2026:13537 Important: thunderbird security update 2026-05-04T00:00:00Z 2026-05-05T10:39:20Z
alsa-2026:13515 Moderate: freeipmi security update 2026-05-04T00:00:00Z 2026-05-06T09:58:01Z
alsa-2026:13498 Important: dovecot security update 2026-05-04T00:00:00Z 2026-05-06T09:59:41Z
alsa-2026:13414 Important: tigervnc security update 2026-05-04T00:00:00Z 2026-05-05T10:37:05Z
alsa-2026:13383 Important: openssh security update 2026-05-04T00:00:00Z 2026-05-04T20:49:17Z
alsa-2026:13381 Important: openssh security update 2026-05-04T00:00:00Z 2026-05-04T20:44:48Z
alsa-2026:13380 Important: openssh security update 2026-05-04T00:00:00Z 2026-05-04T20:47:27Z
alsa-2026:13285 Important: libcap security update 2026-05-04T00:00:00Z 2026-05-04T20:52:05Z
alsa-2026:13284 Important: LibRaw security update 2026-05-04T00:00:00Z 2026-05-05T09:25:57Z
alsa-2026:12441 Important: libcap security update 2026-04-30T00:00:00Z 2026-05-01T06:44:16Z
alsa-2026:12423 Important: libcap security update 2026-04-30T00:00:00Z 2026-05-01T12:09:19Z
ID Description Published Updated
hsec-2026-0006 Cabal deletes project source files during configure 2026-04-08T14:23:27Z 2026-04-08T14:23:27Z
hsec-2026-0004 Hackage package metadata stored XSS vulnerability 2026-03-28T16:05:12Z 2026-03-28T16:05:12Z
hsec-2026-0002 Hackage CSRF vulnerability 2026-03-28T16:04:58Z 2026-03-28T16:04:58Z
hsec-2024-0004 Hackage package and doc upload stored XSS vulnerability 2026-01-16T11:18:20Z 2026-01-16T11:18:20Z
hsec-2025-0007 cmark-gfm: resource exhaustion due to quadratic complexity in parser 2025-12-27T08:58:56Z 2025-12-27T08:58:56Z
hsec-2025-0006 Private key leak via inherited file descriptor 2025-11-17T02:22:38Z 2025-11-17T02:22:38Z
hsec-2025-0005 cabal-install dependency confusion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0004 Broken Path Sanitization in spacecookie Library 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0003 Use after free in multithreaded lzma (.xz) decoder 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0002 Double Public Key Signing Function Oracle Attack on Ed25519 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2025-0001 Subword division operations may produce incorrect results 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0009 Public key confusion in third-party blocks 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0008 Sign extension error in the PPC64le FFI 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0007 Sign extension error in the AArch64 NCG 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0006 fromIntegral: conversion error 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0003 process: command injection via argument list on Windows 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0002 out-of-bounds write when there are many bzip2 selectors 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2024-0001 Reflected XSS vulnerability in keter 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0015 cabal-install uses expired key policies 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0014 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0013 git-annex plaintext storage of embedded credentials on encrypted remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0012 git-annex checksum exposure to encrypted special remotes 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0011 git-annex GPG decryption attack via compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0010 git-annex private data exfiltration to compromised remote 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0009 git-annex command injection via malicious SSH hostname 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0008 Stored XSS in hledger-web 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0007 readFloat: memory exhaustion with large exponent 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0006 x509-validation does not enforce pathLenConstraint 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0005 tls-extra: certificate validation does not check Basic Constraints 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
hsec-2023-0004 xml-conduit unbounded entity expansion 2025-11-14T14:45:34Z 2025-11-14T14:45:34Z
ID Description Published Updated
osec-2026-03 opam install sandbox escape 2026-04-15T22:00:00Z 2026-04-16T21:00:00Z
osec-2026-02 ARP unbounded memory usage 2026-02-18T10:30:00Z 2026-02-18T10:30:00Z
osec-2026-01 Buffer Over-Read in OCaml Marshal Deserialization 2026-02-17T13:30:00Z 2026-02-27T09:30:00Z
osec-2025-01 Albatross console out of memory 2025-08-15T00:18:22Z 2026-01-13T12:00:00Z
osec-2023-01 Time of check time of use issue in opam's cache 2023-05-25T12:00:00Z 2026-01-09T12:00:00Z
osec-2022-01 Infinite loop in console output on xen 2022-12-07T00:00:00Z 2026-02-18T09:30:00Z
osec-2019-02 Grant unshare vulnerability in mirage-xen 2019-04-26T00:00:00Z 2026-01-13T12:00:00Z
osec-2019-01 Memory disclosure in mirage-net-xen 2019-03-21T00:00:00Z 2026-01-13T12:00:00Z
osec-2018-01 An integer overflow in the `bigarray` serialization module leads to arbitrary code execution 2018-04-06T18:29:00Z 2025-12-16T12:00:00Z
osec-2017-01 Local privilege escalation issue with ocaml binaries 2017-06-23T15:19:47Z 2025-12-16T12:00:00Z
osec-2016-02 Memory disclosure in mirage-net-xen 2016-05-03T00:00:00Z 2026-01-13T12:00:00Z
osec-2016-01 Buffer overflow and information leak in OCaml < 4.03.0 2016-04-29T00:18:22Z 2026-01-01T12:00:00Z
ID Description Published Updated
osv-2026-678 UNKNOWN WRITE in ___interceptor_strncpy 2026-05-04T00:04:49.943355Z 2026-05-04T00:04:49.943663Z
osv-2026-659 Heap-buffer-overflow in ___interceptor_strncpy 2026-05-01T00:18:13.867231Z 2026-05-01T00:18:13.867552Z
osv-2026-650 Use-of-uninitialized-value in Mat_int32Swap 2026-04-29T00:19:17.230021Z 2026-04-29T14:32:22.076704Z
osv-2026-649 Container-overflow in OGRGeometryFactory::organizePolygons 2026-04-29T00:10:47.581403Z 2026-04-29T00:10:47.581821Z
osv-2026-646 Heap-buffer-overflow in sentencepiece::unigram::Model::EncodeOptimized 2026-04-29T00:04:02.164830Z 2026-04-29T00:04:02.165140Z
osv-2026-629 Security exception in org.apache.thrift.protocol.TProtocolUtil.skip 2026-04-26T00:19:19.237477Z 2026-04-28T14:18:36.402139Z
osv-2026-623 Use-of-uninitialized-value in Mat_PrintNumber 2026-04-25T00:20:05.313883Z 2026-04-29T14:30:10.451501Z
osv-2026-621 Use-of-uninitialized-value in vcardtime_from_string 2026-04-25T00:17:10.236683Z 2026-04-25T00:17:10.237046Z
osv-2026-616 Use-of-uninitialized-value in JXRHandlerPrivate::colorSpace 2026-04-24T00:20:25.044744Z 2026-04-24T00:20:25.045135Z
osv-2026-611 Heap-buffer-overflow in ParseOpaqueMetadata 2026-04-22T00:09:09.767586Z 2026-04-22T00:09:09.767978Z
osv-2026-610 Memcpy-param-overlap in htx_replace_blk_value 2026-04-22T00:07:53.902461Z 2026-05-01T14:26:40.032545Z
osv-2026-608 Stack-buffer-overflow in is_http 2026-04-22T00:04:16.715949Z 2026-04-22T00:04:16.716488Z
osv-2026-605 Heap-buffer-overflow in DwaCompressor_uncompress 2026-04-21T00:16:42.288653Z 2026-04-30T14:32:28.224899Z
osv-2026-603 UNKNOWN READ in <wasmtime::runtime::func::Func>::call_unchecked_raw::< 2026-04-21T00:05:37.586369Z 2026-04-21T00:05:37.586785Z
osv-2026-600 Heap-buffer-overflow in skcms_private::baseline::clut 2026-04-21T00:03:54.845282Z 2026-04-21T00:03:54.845623Z
osv-2026-595 UNKNOWN WRITE in std::__1::istreambuf_iterator<char, std::__1::char_traits<char>> std::__1::num_g 2026-04-20T00:05:53.121612Z 2026-04-20T00:05:53.121886Z
osv-2026-589 Heap-double-free in coap_new_oscore_conf 2026-04-19T00:09:04.852781Z 2026-04-19T00:09:04.853106Z
osv-2026-582 Use-of-uninitialized-value in H5S_select_hyperslab 2026-04-17T00:06:23.619732Z 2026-04-17T00:06:23.620035Z
osv-2026-565 Heap-buffer-overflow in xmlFAParsePosCharGroup 2026-04-12T00:05:45.925380Z 2026-04-12T00:05:45.925675Z
osv-2026-563 UNKNOWN READ in bfd_getl32 2026-04-12T00:03:38.879591Z 2026-04-12T00:03:38.879927Z
osv-2026-561 Global-buffer-overflow in nameMatch 2026-04-11T00:21:08.852326Z 2026-04-11T00:21:08.852713Z
osv-2026-534 Heap-buffer-overflow in cram_encode_container 2026-04-05T00:10:00.162903Z 2026-04-05T00:10:00.163328Z
osv-2026-532 Heap-buffer-overflow in regsub 2026-04-05T00:06:36.291055Z 2026-04-05T00:06:36.291504Z
osv-2026-518 Use-of-uninitialized-value in ne_read_block 2026-04-03T00:21:06.950773Z 2026-04-03T00:21:06.951035Z
osv-2026-514 Heap-buffer-overflow in format_expand1 2026-04-03T00:09:42.155641Z 2026-04-03T00:09:42.155954Z
osv-2026-512 Heap-buffer-overflow in g_utf8_get_char 2026-04-03T00:07:59.707776Z 2026-04-03T00:07:59.708039Z
osv-2026-505 UNKNOWN READ in unsigned int Assimp::StreamReader<true, true>::Get<unsigned int> 2026-04-02T00:19:34.148188Z 2026-04-02T00:19:34.148494Z
osv-2026-504 Heap-use-after-free in ObjectStream::getObject 2026-04-02T00:16:28.228723Z 2026-04-02T00:16:28.229037Z
osv-2026-461 UNKNOWN READ in XRef::constructObjectEntry 2026-03-26T00:17:47.551046Z 2026-03-26T00:17:47.551361Z
osv-2026-455 UNKNOWN READ in mkv::matroska_segment_c::TrackInit 2026-03-25T00:20:51.448743Z 2026-03-25T00:20:51.449185Z
ID Description Published Updated
rustsec-2026-0121 Denial of service in Steamworks game clients/servers using P2P authentication 2026-05-05T12:00:00Z 2026-05-06T13:41:21Z
rustsec-2026-0120 NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses 2026-05-01T12:00:00Z 2026-05-01T14:31:54Z
rustsec-2026-0119 CPU exhaustion during message encoding due to O(nĀ²) name compression 2026-05-01T12:00:00Z 2026-05-01T14:31:54Z
rustsec-2026-0118 NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses 2026-05-01T12:00:00Z 2026-05-01T18:37:50Z
rustsec-2026-0117 Fragile bounds check when sampling from image 2026-05-01T12:00:00Z 2026-05-01T13:54:12Z
rustsec-2026-0116 Improper check of an invariant resulting in incorrect bounds checks 2026-05-01T12:00:00Z 2026-05-01T13:54:12Z
rustsec-2026-0115 Fragile bounds check when sampling from image 2026-05-01T12:00:00Z 2026-05-01T13:54:12Z
rustsec-2026-0114 Panic when allocating a table exceeding the size of the host's address space 2026-04-30T12:00:00Z 2026-04-30T20:16:36Z
rustsec-2026-0113 `unpack_in` can chmod arbitrary directories by following symlinks 2026-04-27T12:00:00Z 2026-04-28T13:17:23Z
rustsec-2026-0112 PAX Header Desynchronization in astral-tokio-tar 2026-04-27T12:00:00Z 2026-04-28T13:17:23Z
rustsec-2026-0111 Possible UTF-8 corruption in Diesels SQLite backend 2026-04-24T12:00:00Z 2026-05-06T06:32:50Z
rustsec-2026-0110 bare-metal is deprecated 2026-04-23T12:00:00Z 2026-04-24T09:37:01Z
rustsec-2026-0108 `sui-execution-cut` was removed from crates.io for malicious code 2026-04-23T12:00:00Z 2026-05-06T06:32:50Z
rustsec-2026-0107 `mysten-metrics` was removed from crates.io for malicious code 2026-04-22T12:00:00Z 2026-05-06T06:32:50Z
rustsec-2026-0106 Record cache accepts AUTHORITY section NS from sibling zone via parent-pool zone-context elevation 2026-04-22T12:00:00Z 2026-04-22T19:53:31Z
rustsec-2026-0104 Reachable panic in certificate revocation list parsing 2026-04-22T12:00:00Z 2026-04-22T08:56:10Z
rustsec-2026-0109 Broken hard revocation handling 2026-04-21T12:00:00Z 2026-05-06T06:32:50Z
rustsec-2026-0105 core2 is unmaintained, all versions yanked 2026-04-14T12:00:00Z 2026-04-25T15:01:07Z
rustsec-2026-0103 Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics 2026-04-14T12:00:00Z 2026-04-27T20:28:03Z
rustsec-2026-0099 Name constraints were accepted for certificates asserting a wildcard name 2026-04-14T12:00:00Z 2026-04-15T09:57:12Z
rustsec-2026-0098 Name constraints for URI names were incorrectly accepted 2026-04-14T12:00:00Z 2026-04-15T07:36:20Z
rustsec-2026-0102 `microsoftsystem64` was removed from crates.io for malicious code 2026-04-13T12:00:00Z 2026-04-15T21:38:09Z
rustsec-2026-0101 `safe-agent-rs` was removed from crates.io for being affiliated with malicious code 2026-04-13T12:00:00Z 2026-04-15T21:38:09Z
rustsec-2026-0100 `pretty-changelog-logger` was removed from crates.io for malicious code 2026-04-13T12:00:00Z 2026-04-15T21:38:09Z
rustsec-2026-0097 Rand is unsound with a custom logger using `rand::rng()` 2026-04-09T12:00:00Z 2026-04-17T15:55:25Z
rustsec-2026-0096 Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0095 Wasmtime with Winch compiler backend may allow a sandbox-escaping memory access 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0094 Improperly masked return value from `table.grow` with Winch compiler backend 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0093 Heap OOB read in component model UTF-16 to latin1+utf16 string transcoding 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
rustsec-2026-0092 Panic when transcoding misaligned component model UTF-16 strings 2026-04-09T12:00:00Z 2026-04-09T19:59:38Z
ID Description Published Updated
bit-java-2026-34282 2026-05-06T14:46:19.457Z 2026-05-06T15:10:05.412Z
bit-java-2026-34268 2026-05-06T14:46:17.850Z 2026-05-06T15:10:05.412Z
bit-java-2026-23865 2026-05-06T14:46:16.250Z 2026-05-06T15:10:05.412Z
bit-java-2026-22021 2026-05-06T14:46:14.835Z 2026-05-06T15:10:05.412Z
bit-java-2026-22018 2026-05-06T14:46:13.467Z 2026-05-06T15:10:05.412Z
bit-java-2026-22016 2026-05-06T14:46:12.241Z 2026-05-06T15:10:05.412Z
bit-java-2026-22013 2026-05-06T14:46:10.852Z 2026-05-06T15:10:05.412Z
bit-java-2026-22008 2026-05-06T14:46:09.450Z 2026-05-06T15:10:05.412Z
bit-java-2026-22007 2026-05-06T14:46:08.064Z 2026-05-06T15:10:05.412Z
bit-java-2026-22003 2026-05-06T14:46:06.719Z 2026-05-06T15:10:05.412Z
bit-java-2026-21947 2026-05-06T14:46:05.330Z 2026-05-06T15:10:05.412Z
bit-java-2026-21945 2026-05-06T14:46:04.020Z 2026-05-06T15:10:05.412Z
bit-java-2026-21933 2026-05-06T14:46:02.521Z 2026-05-06T15:10:05.412Z
bit-java-2026-21932 2026-05-06T14:46:01.161Z 2026-05-06T15:10:05.412Z
bit-java-2026-21925 2026-05-06T14:45:59.793Z 2026-05-06T15:10:05.412Z
bit-java-2026-20676 2026-05-06T14:45:58.323Z 2026-05-06T15:10:05.412Z
bit-java-2026-20652 2026-05-06T14:45:56.875Z 2026-05-06T15:10:05.412Z
bit-java-2026-20644 2026-05-06T14:45:55.295Z 2026-05-06T15:10:05.412Z
bit-java-2026-20636 2026-05-06T14:45:53.825Z 2026-05-06T15:10:05.412Z
bit-java-2026-20635 2026-05-06T14:45:52.367Z 2026-05-06T15:10:05.412Z
bit-java-2026-20608 2026-05-06T14:45:51.105Z 2026-05-06T15:10:05.412Z
bit-java-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr 2026-05-06T14:45:49.607Z 2026-05-06T15:10:05.412Z
bit-java-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes 2026-05-06T14:45:48.138Z 2026-05-06T15:10:05.412Z
bit-java-2025-61748 2026-05-06T14:45:46.797Z 2026-05-06T15:10:05.412Z
bit-java-2025-6052 Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring 2026-05-06T14:45:45.337Z 2026-05-06T15:10:05.412Z
bit-java-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2 2026-05-06T14:45:43.734Z 2026-05-06T15:10:05.412Z
bit-java-2025-53066 2026-05-06T14:45:42.187Z 2026-05-06T15:10:05.412Z
bit-java-2025-53057 2026-05-06T14:45:40.894Z 2026-05-06T15:10:05.412Z
bit-java-2025-50106 2026-05-06T14:45:39.505Z 2026-05-06T15:10:05.412Z
bit-java-2025-50063 2026-05-06T14:45:38.294Z 2026-05-06T15:10:05.412Z
ID Description Published Updated
cleanstart-2026-do31246 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-30T01:04:59.604515Z 2026-04-29T07:38:43Z
cleanstart-2026-kt28044 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-30T01:03:26.906365Z 2026-04-29T07:43:21Z
cleanstart-2026-lz84631 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-30T01:01:45.829893Z 2026-04-29T07:14:23Z
cleanstart-2026-dn20646 spdystream is a Go library for multiplexing streams over SPDY connections 2026-04-30T01:01:32.482507Z 2026-04-29T07:32:10Z
cleanstart-2026-hv96032 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-30T01:01:32.104241Z 2026-04-29T07:26:58Z
cleanstart-2026-cz64396 Security fixes for ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-wjrx-6529-hcj3 applied in versions: 0.37.1-r1 2026-04-30T01:01:28.425053Z 2026-04-29T07:22:17Z
cleanstart-2026-md91760 attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing 2026-04-30T01:00:59.806172Z 2026-04-29T07:27:32Z
cleanstart-2026-hq88036 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-30T01:00:58.604637Z 2026-04-29T07:41:49Z
cleanstart-2026-fr97108 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-30T00:58:27.074156Z 2026-04-29T07:50:05Z
cleanstart-2026-cn84623 Within HostnameError 2026-04-30T00:53:26.653377Z 2026-04-29T09:12:44Z
cleanstart-2026-gy48351 Within HostnameError 2026-04-30T00:53:26.601522Z 2026-04-29T09:10:13Z
cleanstart-2026-mi12470 Within HostnameError 2026-04-30T00:49:56.616377Z 2026-04-29T09:05:33Z
cleanstart-2026-cz07385 Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default 2026-04-30T00:39:59.023250Z 2026-04-29T09:21:35Z
cleanstart-2026-fu04414 Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default 2026-04-30T00:38:58.272669Z 2026-04-29T09:22:25Z
cleanstart-2026-gn46454 When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written 2026-04-30T00:36:57.162497Z 2026-04-29T13:34:44Z
cleanstart-2026-fk30234 Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web To... 2026-04-30T00:36:57.018431Z 2026-04-29T09:20:07Z
cleanstart-2026-bu99819 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-29T00:37:56.608985Z 2026-04-28T06:46:53Z
cleanstart-2026-dj93523 In libexpat before 2 2026-04-28T00:37:35.208500Z 2026-04-27T10:21:39Z
cleanstart-2026-jp09281 In libexpat before 2 2026-04-28T00:36:34.505244Z 2026-04-27T10:21:39Z
cleanstart-2026-kl42544 Security fixes for ghsa-72hv-8253-57qq, ghsa-qqpg-mvqg-649v applied in versions: 3.9.4-r0, 3.9.4-r6 2026-04-28T00:36:04.463924Z 2026-04-27T10:21:39Z
cleanstart-2026-ms93111 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-28T00:36:04.248443Z 2026-04-27T10:21:39Z
cleanstart-2026-hq78610 Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java 2026-04-25T00:45:02.559999Z 2026-04-24T22:46:48Z
cleanstart-2026-ij61309 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.8.6-r0 2026-04-25T00:38:42.251779Z 2026-04-24T13:16:02Z
cleanstart-2026-ly60131 Security fixes for ghsa-72hv-8253-57qq applied in versions: 3.6.4-r4 2026-04-25T00:38:42.064940Z 2026-04-24T13:16:02Z
cleanstart-2026-is05941 CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native 2026-04-23T00:39:55.461024Z 2026-04-22T06:13:27Z
cleanstart-2026-hm96194 In libexpat before 2 2026-04-23T00:37:25.660354Z 2026-04-22T09:49:02Z
cleanstart-2026-kx82113 In libexpat before 2 2026-04-23T00:37:25.300123Z 2026-04-22T09:49:02Z
cleanstart-2026-bb70412 During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions 2026-04-22T00:41:59.291167Z 2026-04-21T09:28:36Z
cleanstart-2026-lf33811 In libexpat before 2 2026-04-22T00:40:28.653558Z 2026-04-21T09:26:32Z
cleanstart-2026-kb76878 When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written 2026-04-22T00:39:59.241183Z 2026-04-21T09:47:18Z
ID Description Published Updated
drupal-contrib-2026-033 2026-04-22T17:47:43.000Z 2026-04-22T17:47:43.000Z
drupal-contrib-2026-032 2026-04-08T16:09:54.000Z 2026-04-10T16:51:06.000Z
drupal-contrib-2026-031 2026-04-01T16:38:14.000Z 2026-04-02T14:13:13.000Z
drupal-contrib-2026-030 2026-03-18T16:10:00.000Z 2026-03-18T16:10:00.000Z
drupal-contrib-2026-029 2026-03-11T16:35:02.000Z 2026-03-26T19:50:52.000Z
drupal-contrib-2026-028 2026-03-11T16:33:14.000Z 2026-03-26T19:43:59.000Z
drupal-contrib-2026-027 2026-03-04T18:02:59.000Z 2026-03-04T18:02:59.000Z
drupal-contrib-2026-026 2026-03-04T18:02:14.000Z 2026-03-04T18:02:14.000Z
drupal-contrib-2026-025 2026-03-04T18:00:41.000Z 2026-03-04T18:00:41.000Z
drupal-contrib-2026-024 2026-03-04T17:59:51.000Z 2026-03-05T14:03:05.000Z
drupal-contrib-2026-023 2026-03-04T17:58:55.000Z 2026-03-04T17:58:55.000Z
drupal-contrib-2026-022 2026-03-04T17:57:58.000Z 2026-03-04T17:57:58.000Z
drupal-contrib-2026-021 2026-03-04T17:56:18.000Z 2026-03-04T17:56:18.000Z
drupal-contrib-2026-020 2026-03-04T17:54:27.000Z 2026-03-04T17:54:27.000Z
drupal-contrib-2026-019 2026-02-25T18:51:43.000Z 2026-02-25T18:51:43.000Z
drupal-contrib-2026-018 2026-02-25T18:51:26.000Z 2026-02-25T18:51:26.000Z
drupal-contrib-2026-017 2026-02-25T18:51:01.000Z 2026-02-25T18:51:01.000Z
drupal-contrib-2026-016 2026-02-25T18:49:59.000Z 2026-02-25T19:30:03.000Z
drupal-contrib-2026-015 2026-02-25T18:47:57.000Z 2026-03-17T13:20:54.000Z
drupal-contrib-2026-014 2026-02-25T18:46:10.000Z 2026-02-25T18:46:10.000Z
drupal-contrib-2026-013 2026-02-25T18:45:13.000Z 2026-02-25T18:45:13.000Z
drupal-contrib-2026-012 2026-02-25T18:44:38.000Z 2026-02-25T18:44:38.000Z
drupal-contrib-2026-011 2026-02-25T18:43:32.000Z 2026-02-25T18:43:32.000Z
drupal-contrib-2026-010 2026-02-11T16:54:18.000Z 2026-02-25T17:17:46.000Z
drupal-contrib-2026-009 2026-02-11T16:53:32.000Z 2026-02-12T15:37:20.000Z
drupal-contrib-2026-008 2026-02-04T17:23:40.000Z 2026-02-04T17:23:40.000Z
drupal-contrib-2025-110 2025-09-24T17:27:41.000Z 2025-09-24T17:27:41.000Z
ID Description Updated
ID Description Published Updated
certfr-2026-ale-004 VulnƩrabilitƩ dans F5 BIG-IP Access Policy Manager 2026-03-31T00:00:00.000000 2026-03-31T00:00:00.000000
certfr-2026-ale-003 Note dā€™alerte ā€“ Ciblage des messageries instantanĆ©es 2026-03-20T00:00:00.000000 2026-04-20T00:00:00.000000
certfr-2026-ale-002 [MƠJ] VulnƩrabilitƩ dans Cisco Catalyst SD-WAN 2026-02-25T00:00:00.000000 2026-03-26T00:00:00.000000
certfr-2026-ale-001 [MƠJ] Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
CERTFR-2026-ALE-001 [MƠJ] Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile 2026-01-30T00:00:00.000000 2026-02-03T00:00:00.000000
certfr-2025-ale-014 [MƠJ] VulnƩrabilitƩ dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
CERTFR-2025-ALE-014 [MƠJ] VulnƩrabilitƩ dans React Server Components 2025-12-05T00:00:00.000000 2026-02-12T00:00:00.000000
certfr-2025-ale-013 [MƠJ] Multiples vulnƩrabilitƩs dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
CERTFR-2025-ALE-013 [MƠJ] Multiples vulnƩrabilitƩs dans Cisco ASA et FTD 2025-09-25T00:00:00.000000 2025-10-06T00:00:00.000000
certfr-2025-ale-012 VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
CERTFR-2025-ALE-012 VulnƩrabilitƩ dans Citrix NetScaler ADC et NetScaler Gateway 2025-08-26T00:00:00.000000 2025-09-26T00:00:00.000000
certfr-2025-ale-011 Incidents de sƩcuritƩ dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
CERTFR-2025-ALE-011 Incidents de sƩcuritƩ dans les pare-feux SonicWall 2025-08-05T00:00:00.000000 2025-08-18T00:00:00.000000
certfr-2025-ale-010 [MƠJ] Multiples vulnƩrabilitƩs dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
CERTFR-2025-ALE-010 [MƠJ] Multiples vulnƩrabilitƩs dans Microsoft SharePoint 2025-07-21T00:00:00.000000 2025-08-26T00:00:00.000000
certfr-2025-ale-009 Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
CERTFR-2025-ALE-009 Multiples vulnƩrabilitƩs dans Citrix NetScaler ADC et NetScaler Gateway 2025-07-01T00:00:00.000000 2025-07-17T00:00:00.000000
certfr-2025-ale-008 [MƠJ] VulnƩrabilitƩ dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
CERTFR-2025-ALE-008 [MƠJ] VulnƩrabilitƩ dans Roundcube 2025-06-05T00:00:00.000000 2025-07-21T00:00:00.000000
certfr-2025-ale-007 Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-007 Multiples vulnƩrabilitƩs dans Ivanti Endpoint Manager Mobile (EPMM) 2025-05-14T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-006 VulnƩrabilitƩ dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-006 VulnƩrabilitƩ dans les produits Fortinet 2025-05-13T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-002 [MƠJ] VulnƩrabilitƩ dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
CERTFR-2025-ALE-002 [MƠJ] VulnƩrabilitƩ dans les produits Fortinet 2025-05-07T00:00:00.000000 2025-01-14T00:00:00.000000
certfr-2025-ale-005 VulnƩrabilitƩ dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
CERTFR-2025-ALE-005 VulnƩrabilitƩ dans SAP NetWeaver 2025-04-28T00:00:00.000000 2025-06-24T00:00:00.000000
certfr-2025-ale-004 ActivitƩs de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
CERTFR-2025-ALE-004 ActivitƩs de post-exploitation dans Fortinet FortiGate 2025-04-11T00:00:00.000000 2025-08-07T00:00:00.000000
certfr-2025-ale-003 [MƠJ] VulnƩrabilitƩ dans les produits Ivanti 2025-04-04T00:00:00.000000 2025-04-11T00:00:00.000000
ID Description Published Updated
certfr-2026-avi-0542 Multiples vulnƩrabilitƩs dans Progress Telerik 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0541 Multiples vulnƩrabilitƩs dans Zabbix 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0540 Multiples vulnƩrabilitƩs dans VMware Tanzu Gemfire 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0539 Multiples vulnƩrabilitƩs dans Juniper Networks Secure Analytics 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0538 Multiples vulnƩrabilitƩs dans Asterisk 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0537 VulnƩrabilitƩ dans Palo Alto Networks User-ID Authentication Portal 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0536 Multiples vulnƩrabilitƩs dans Redis 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0535 Multiples vulnƩrabilitƩs dans Google Chrome 2026-05-06T00:00:00.000000 2026-05-06T00:00:00.000000
certfr-2026-avi-0534 VulnƩrabilitƩ dans Google Android 2026-05-05T00:00:00.000000 2026-05-05T00:00:00.000000
certfr-2026-avi-0533 Multiples vulnƩrabilitƩs dans Papercut 2026-05-05T00:00:00.000000 2026-05-05T00:00:00.000000
certfr-2026-avi-0532 Multiples vulnƩrabilitƩs dans Progress MOVEit Automation 2026-05-05T00:00:00.000000 2026-05-05T00:00:00.000000
certfr-2026-avi-0531 VulnƩrabilitƩ dans Traefik 2026-05-05T00:00:00.000000 2026-05-05T00:00:00.000000
certfr-2026-avi-0530 Multiples vulnƩrabilitƩs dans Apache HTTP Server 2026-05-05T00:00:00.000000 2026-05-05T00:00:00.000000
certfr-2026-avi-0529 Multiples vulnƩrabilitƩs dans Mozilla Thunderbird 2026-05-04T00:00:00.000000 2026-05-04T00:00:00.000000
certfr-2026-avi-0528 VulnƩrabilitƩ dans Qnap QTS 2026-05-04T00:00:00.000000 2026-05-04T00:00:00.000000
certfr-2026-avi-0527 Multiples vulnƩrabilitƩs dans VMware Tanzu Kubernetes Runtime 2026-05-04T00:00:00.000000 2026-05-04T00:00:00.000000
certfr-2026-avi-0526 Multiples vulnƩrabilitƩs dans les produits Microsoft 2026-05-04T00:00:00.000000 2026-05-04T00:00:00.000000
certfr-2026-avi-0525 Multiples vulnƩrabilitƩs dans Microsoft Edge 2026-05-04T00:00:00.000000 2026-05-04T00:00:00.000000
certfr-2026-avi-0524 Multiples vulnƩrabilitƩs dans Exim 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0523 Multiples vulnƩrabilitƩs dans les produits IBM 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0522 Multiples vulnƩrabilitƩs dans le noyau Linux d'Ubuntu 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0521 Multiples vulnƩrabilitƩs dans le noyau Linux de Red Hat 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0520 Multiples vulnƩrabilitƩs dans le noyau Linux de SUSE 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0519 Multiples vulnƩrabilitƩs dans Microsoft Azure Linux 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0518 Multiples vulnƩrabilitƩs dans Wireshark 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0517 Multiples vulnƩrabilitƩs dans les produits SonicWall 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0516 VulnƩrabilitƩ dans les produits Netgate 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0515 Multiples vulnƩrabilitƩs dans MISP 2026-04-30T00:00:00.000000 2026-04-30T00:00:00.000000
certfr-2026-avi-0514 Multiples vulnƩrabilitƩs dans Curl 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
certfr-2026-avi-0513 Multiples vulnƩrabilitƩs dans les produits Microsoft 2026-04-29T00:00:00.000000 2026-04-29T00:00:00.000000
ID Description Published Updated
jvndb-2026-000066 Open redirect vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor 2026-04-30T17:02+09:00 2026-04-30T17:02+09:00
jvndb-2026-006408 Apache ActiveMQ series improper validation of MQTT packets [AMQ-9810] 2026-04-24T17:56+09:00 2026-04-24T17:56+09:00
jvndb-2026-000064 GROWI vulnerable to Regular expression Denial-of-Service (ReDoS) 2026-04-23T16:57+09:00 2026-04-30T12:19+09:00
jvndb-2026-000063 IP Setting Software may insecurely load Dynamic Link Libraries 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000062 CMS ALAYA vulnerable to SQL injection 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000059 Multiple vulnerabilities in LogonTracer 2026-04-23T16:57+09:00 2026-04-23T16:57+09:00
jvndb-2026-000061 Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries 2026-04-22T15:45+09:00 2026-04-22T15:45+09:00
jvndb-2026-000060 DeepL Chrome browser extension vulnerable to cross-site scripting 2026-04-22T15:45+09:00 2026-04-22T15:45+09:00
jvndb-2026-000058 Ziostation2 vulnerable to path traversal 2026-04-22T15:45+09:00 2026-04-22T15:45+09:00
jvndb-2026-012056 Multiple vulnerabilities in silex technology SD-330AC and AMC Manager 2026-04-21T15:27+09:00 2026-04-23T17:57+09:00
jvndb-2026-000051 SKYSEA Client View and SKYMEC IT Manager improper file access permission settings 2026-04-20T14:47+09:00 2026-04-20T14:47+09:00
jvndb-2026-011472 OMRON UPS (Uninterruptible Power Supply) management application may insecurely load Dynamic Link Libraries 2026-04-17T14:54+09:00 2026-04-17T14:54+09:00
jvndb-2026-000057 Multiple vulnerabilities in CubeCart 2026-04-17T13:32+09:00 2026-04-17T13:32+09:00
jvndb-2026-000056 Arcserve UDP Console vulnerable to redirect to a dummy URL 2026-04-16T17:29+09:00 2026-04-16T17:29+09:00
jvndb-2026-000055 GROWI vulnerable to stored cross-site scripting 2026-04-15T17:21+09:00 2026-04-15T17:21+09:00
jvndb-2026-010851 Stack-based buffer overflow vulnerability in Dynabook Bluetooth ACPI Drivers 2026-04-14T18:13+09:00 2026-04-14T18:13+09:00
jvndb-2026-000053 EmoCheck loads Dynamic Link Libraries insecurely 2026-04-10T13:38+09:00 2026-04-10T13:38+09:00
jvndb-2026-000052 Multiple vulnerabilities in MATCHA series 2026-04-08T16:15+09:00 2026-04-08T16:15+09:00
jvndb-2026-000050 Multiple vulnerabilities in Movable Type 2026-04-08T16:15+09:00 2026-04-08T16:15+09:00
jvndb-2026-010301 Multiple Vulnerabilities in JP1/IT Desktop Management 2 and JP1/NETM/DM 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-010300 Multiple Vulnerabilities in Hitachi Ops Center Viewpoint 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-010299 Multiple Vulnerabilities in Hitachi Ops Center Common Services 2026-04-08T12:11+09:00 2026-04-08T12:11+09:00
jvndb-2026-000049 Multiple vulnerabilities in NEC Aterm series (NV26-001) 2026-04-03T15:09+09:00 2026-04-03T15:09+09:00
jvndb-2026-009720 Multiple vulnerabilities in FUJI Electric V-SFT (April 2026) 2026-04-02T14:58+09:00 2026-04-03T15:50+09:00
jvndb-2026-009412 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009411 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009410 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009409 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009408 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
jvndb-2026-009406 Security information for Hitachi Disk Array Systems 2026-03-31T15:53+09:00 2026-03-31T15:53+09:00
ID Description Published Updated
cnvd-2026-19030 OpenClaw存åœØęœŖę˜Žę¼ę“žļ¼ˆCNVD-2026-19030ļ¼‰ 2026-04-28 2026-04-30
cnvd-2026-19029 OpenClaw存åœØęœŖę˜Žę¼ę“žļ¼ˆCNVD-2026-19029ļ¼‰ 2026-04-28 2026-04-30
cnvd-2026-19028 OpenClaw后ē½®é“¾ęŽ„ę¼ę“žļ¼ˆCNVD-2026-19028ļ¼‰ 2026-04-28 2026-04-30
cnvd-2026-19027 OpenClawč·Æå¾„éåŽ†ę¼ę“žļ¼ˆCNVD-2026-19027ļ¼‰ 2026-04-28 2026-04-30
cnvd-2026-19026 OpenClaw存åœØęœŖę˜Žę¼ę“žļ¼ˆCNVD-2026-19026ļ¼‰ 2026-04-28 2026-04-30
cnvd-2026-19013 Delta Electronics AS320Tꋒē»ęœåŠ”ę¼ę“ž 2026-04-25 2026-04-29
cnvd-2026-19025 Flowiseäæ”ęÆę³„éœ²ę¼ę“ž 2026-04-24 2026-04-30
cnvd-2026-18831 TOTOLINK A3300R passwordå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18823 TOTOLINK A3300R providerå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18822 TOTOLINK A3300R ttlWayå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18821 TOTOLINK A3300R dhcpMtuå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18820 TOTOLINK A3300R pppoeMtuå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18819 TOTOLINK A3300R pppoeServiceNameå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18818 TOTOLINK A3300R hourå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18817 TOTOLINK A3300R modeå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18816 TOTOLINK A3300R recHourå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18815 TOTOLINK A3300R weekå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18814 TOTOLINK A3300R userå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18813 TOTOLINK A3300R intervalå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18809 TOTOLINK A3300R informEnableå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18808 TOTOLINK A3300R stunEnableå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18807 TOTOLINK A3300R stun_userå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18806 TOTOLINK A3300R stunMinAliveå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18805 TOTOLINK A3300R stunMaxAliveå‚ę•°ę“ä½œē³»ē»Ÿå‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-28
cnvd-2026-18803 TOTOLINK A3300R stunServerAddrå‚ę•°ę“ä½œē³»ē»Ÿå‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-29
cnvd-2026-18601 OpenClawčæœē؋代ē ę‰§č”Œę¼ę“žļ¼ˆCNVD-2026-18601ļ¼‰ 2026-04-24 2026-04-24
cnvd-2026-18591 Microsoft Partner Centerč®æé—®ęŽ§åˆ¶ę¼ę“ž 2026-04-24 2026-04-24
cnvd-2026-18568 ToToLink A3300R cstecgi.cgi urlå‚ę•°å‘½ä»¤ę³Øå…„ę¼ę“ž 2026-04-24 2026-04-23
cnvd-2026-19044 Linux kernelęœ¬åœ°ęƒé™ęå‡ę¼ę“žļ¼ˆCNVD-2026-19044ļ¼‰ 2026-04-23 2026-04-30
cnvd-2026-18537 IBM Guardium Data Protectionē›®å½•éåŽ†ę¼ę“ž 2026-04-23 2026-04-24
ID Description Published Updated
bdu:2026-01844 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ сŠµŃ€Š²ŠøсŠ° Š±ŠµŠ·Š¾ŠæŠ°ŃŠ½Š¾ŃŃ‚Šø Advanced DNS Security (ADNS) Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Š¾Š¹ сŠøстŠµŠ¼Ń‹ PAN-OS,ā€¦ 16.02.2026 16.02.2026
bdu:2026-01843 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø loadRLE() Š·Š°Š³Ń€ŃƒŠ·Ń‡ŠøŠŗŠ° TGA-ŠøŠ·Š¾Š±Ń€Š°Š¶ŠµŠ½ŠøŠ¹ (PluginTARGA.cpp) Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠ¾Š¹ Š±ŠøŠ±ā€¦ 16.02.2026 16.02.2026
bdu:2026-01842 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø ws_user_gerList() сцŠµŠ½Š°Ń€Šøя pwg.users.php сŠøстŠµŠ¼Ń‹ уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠŗŠ¾Š½Ń‚ŠµŠ½Ń‚Š¾Š¼ ā€¦ 16.02.2026 16.02.2026
bdu:2026-01841 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° Updater Š¾Š±Š»Š°Ń‡Š½Š¾Š¹ ŠæŠ»Š°Ń‚Ń„Š¾Ń€Š¼Ń‹ уŠæрŠ°Š²Š»ŠµŠ½Šøя ŠŗŠ¾Š½Ń‚ŠµŠ¹Š½ŠµŃ€Š°Š¼Šø Arcane, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽā€¦ 16.02.2026 16.02.2026
bdu:2026-01840 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š˜Š˜-Š°Š³ŠµŠ½Ń‚Š° OpenClaw (рŠ°Š½ŠµŠµ - ClawdBot ŠøŠ»Šø MoltBot), сŠ²ŃŠ·Š°Š½Š½Š°Ń с Š¾Ń‚ŃŃƒŃ‚ŃŃ‚Š²ŠøŠµŠ¼ ŠæрŠ¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01839 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø blocked_path() ŠæŠ°ŠŗŠµŃ‚Š° Python Š“Š»Ń сŠ¾Š·Š“Š°Š½Šøя ŠæрŠøŠ»Š¾Š¶ŠµŠ½ŠøŠ¹ Š“Š»Ń Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Š¼Š°ŃˆŠøŠ½ā€¦ 16.02.2026 16.02.2026
bdu:2026-01838 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š“рŠ°Š¹Š²ŠµŃ€Š¾Š² Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š¾Š² NVIDIA NVS, Quadro, NVIDIA RTX, GeForce, сŠ²Ńā€¦ 16.02.2026 16.02.2026
bdu:2026-01837 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ńā€¦ 16.02.2026 16.02.2026
bdu:2026-01836 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠøх ŠæрŠ¾Ń†ŠµŃŃŠ¾Ń€Š¾Š² Imagination, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ńā€¦ 16.02.2026 16.02.2026
bdu:2026-01835 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š“рŠ°Š¹Š²ŠµŃ€Š° ESXi base Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя сŠµŃ‚ŠµŠ²Ń‹Ń… ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Š»ŠµŃ€Š¾Š² Intel 80ā€¦ 16.02.2026 16.02.2026
bdu:2026-01834 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¼ŠøŠŗрŠ¾ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя ŠŗŠ¾Š½Ń‚Ń€Š¾Š»Š»ŠµŃ€Š¾Š² Intel Ethernet сŠµŃ€ŠøŠø E810, сŠ²ŃŠ·Š°Š½Š½Š°ā€¦ 16.02.2026 16.02.2026
bdu:2026-01833 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ тŠµŃ…Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā€¦ 16.02.2026 16.02.2026
bdu:2026-01832 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ тŠµŃ…Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā€¦ 16.02.2026 16.02.2026
bdu:2026-01831 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ тŠµŃ…Š½Š¾Š»Š¾Š³ŠøŠ¹ Intel Active Management Technology (AMT) Šø Intel Standard Manageabiā€¦ 16.02.2026 16.02.2026
bdu:2026-01830 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° File input Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š¾ŃŃƒŃ‰ŠµŃŃ‚Š²Šøā€¦ 16.02.2026 16.02.2026
bdu:2026-01829 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° PictureInPicture Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š¾ŠŗŠ°ā€¦ 16.02.2026 16.02.2026
bdu:2026-01828 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° Animation Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š¾ŠŗŠ°Š·Š°Ń‚ŃŒ Š²Š¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01827 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø ŠŗŠ¾Š½Ń„ŠøŠ“ŠµŠ½Ń†ŠøŠ°Š»ŃŒŠ½Š¾ŃŃ‚Šø Fenced Frames Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½ā€¦ 16.02.2026 16.02.2026
bdu:2026-01826 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠŗŠ¾Š¼ŠæŠ¾Š½ŠµŠ½Ń‚Š° WebGPU Š±Ń€Š°ŃƒŠ·ŠµŃ€Š° Google Chrome, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń Š½Š°Ń€ŃƒŃˆŠøтŠµŠ»ŃŽ Š²Ń‹Š·Š²Š°Ń‚ŃŒ Š¾Ń‚ŠŗŠ°Š·ā€¦ 16.02.2026 16.02.2026
bdu:2026-01825 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°Ń‚Ń„Š¾Ń€Š¼Ń‹ Š½Š° Š±Š°Š·Šµ git Š“Š»Ń сŠ¾Š²Š¼ŠµŃŃ‚Š½Š¾Š¹ рŠ°Š±Š¾Ń‚Ń‹ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, сŠ²ŃŠ·ā€¦ 16.02.2026 16.02.2026
bdu:2026-01824 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š¹ ŠæŠ»Š°Ń‚Ń„Š¾Ń€Š¼Ń‹ Š½Š° Š±Š°Š·Šµ git Š“Š»Ń сŠ¾Š²Š¼ŠµŃŃ‚Š½Š¾Š¹ рŠ°Š±Š¾Ń‚Ń‹ Š½Š°Š“ ŠŗŠ¾Š“Š¾Š¼ GitLab, сŠ²ŃŠ·ā€¦ 16.02.2026 16.02.2026
bdu:2026-01823 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø Š¼ŠµŠ¶ŃŠµŃ‚ŠµŠ²Ń‹Ń… эŠŗрŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01822 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, сŠ²ŃŠ·Š°Š½Š½Š°Ń с Š½ŠµŠ“Š¾ŃŃ‚Š°Ń‚Š¾Ń‡Š½Š¾Š¹ ŠæрŠ¾Š²ŠµŃ€ŠŗŠ¾Š¹ ŠøстŠ¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01821 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ фуŠ½ŠŗцŠøŠø Š¼ŠµŠ¶ŃŠµŃ‚ŠµŠ²Ń‹Ń… эŠŗрŠ°Š½Š¾Š² SSL-VPN Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾ā€¦ 16.02.2026 16.02.2026
bdu:2026-01820 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠøŠ½Ń‚ŠµŃ€Ń„ŠµŠ¹ŃŠ° ŠŗŠ¾Š¼Š°Š½Š“Š½Š¾Š¹ стрŠ¾ŠŗŠø Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOS, ŠæŠ¾Š·Š²Š¾Š»ŃŃŽŃ‰Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01819 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ Š³Ń€Š°Ń„ŠøчŠµŃŠŗŠ¾Š³Š¾ ŠæŠ¾Š»ŃŒŠ·Š¾Š²Š°Ń‚ŠµŠ»ŃŒŃŠŗŠ¾Š³Š¾ ŠøŠ½Ń‚ŠµŃ€Ń„ŠµŠ¹ŃŠ° Š¾ŠæŠµŃ€Š°Ń†ŠøŠ¾Š½Š½Ń‹Ń… сŠøстŠµŠ¼ Fortinet FortiOSā€¦ 16.02.2026 16.02.2026
bdu:2026-01818 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š“Š»Ń рŠ°Š·Ń€Š°Š±Š¾Ń‚ŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, сŠ²ŃŠ·Š°Š½Š½Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01817 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š“Š»Ń рŠ°Š·Ń€Š°Š±Š¾Ń‚ŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, сŠ²ŃŠ·Š°Š½Š½Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01816 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Š“Š»Ń рŠ°Š·Ń€Š°Š±Š¾Ń‚ŠŗŠø 3D-Š¼Š¾Š“ŠµŠ»ŠµŠ¹ Autodesk Fusion, сŠ²ŃŠ·Š°Š½Š½Š°Ń ā€¦ 16.02.2026 16.02.2026
bdu:2026-01815 Š£ŃŠ·Š²ŠøŠ¼Š¾ŃŃ‚ŃŒ ŠæрŠ¾Š³Ń€Š°Š¼Š¼Š½Š¾Š³Š¾ Š¾Š±ŠµŃŠæŠµŃ‡ŠµŠ½Šøя Microsoft ACI Confidential Containers, сŠ²ŃŠ·Š°Š½Š½Š°Ń с Š½Šµā€¦ 16.02.2026 16.02.2026
ID Description Updated
var-202407-2188 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā€¦ 2024-07-23T22:46:32.699000Z
var-202406-3119 Beijing StarNet Ruijie Network Technology Co., Ltd. EG3220 is a new generation of multi-sā€¦ 2024-07-23T22:46:22.685000Z
var-202407-1740 NBR6135-E is a router. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6135-E haā€¦ 2024-07-23T22:46:18.378000Z
var-202407-1417 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā€¦ 2024-07-23T22:46:07.784000Z
var-202407-1103 Siemens (China) Co., Ltd. is a company focusing on electrification, automation and digitaā€¦ 2024-07-23T22:46:01.992000Z
var-202407-0957 WinCC is a SCADA system suitable for all walks of life. It can access devices from mobileā€¦ 2024-07-23T22:45:59.391000Z
var-202407-0819 SIMATIC S7-1500 is a modular control system suitable for various automation applications ā€¦ 2024-07-23T22:45:56.958000Z
var-202407-0818 NBR6210-E is a router product. Beijing Xingwang Ruijie Network Technology Co., Ltd. NBR6ā€¦ 2024-07-23T22:45:56.946000Z
var-202407-0779 Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Tenda of ā€¦ 2024-07-23T22:45:56.150000Z
var-202407-0778 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā€¦ 2024-07-23T22:45:56.131000Z
var-202407-0745 Tenda AC18 V15.03.3.10_EN was discovered to contain a stack-based buffer overflow vulneraā€¦ 2024-07-23T22:45:55.498000Z
var-202305-1479 D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution ā€¦ 2024-07-23T22:45:09.335000Z
var-202108-1158 A race condition was addressed with improved locking. This issue is fixed in macOS Monterā€¦ 2024-07-23T22:44:06.976000Z
var-201109-0089 Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as usedā€¦ 2024-07-23T22:43:49.590000Z
var-200702-0378 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 ā€¦ 2024-07-23T22:43:25.614000Z
var-201011-0225 Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent ā€¦ 2024-07-23T22:41:43.584000Z
var-201112-0297 Multiple cross-site scripting (XSS) vulnerabilities in the Virus Scan Interface in SAP Neā€¦ 2024-07-23T22:41:20.004000Z
var-201507-0645 D-Link is an internationally renowned provider of network equipment and solutions, includā€¦ 2024-07-23T22:41:18.832000Z
var-201803-1810 A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial ā€¦ 2024-07-23T22:41:17.171000Z
var-201809-0087 WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulā€¦ 2024-07-23T22:41:16.554000Z
var-200607-0396 Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) bā€¦ 2024-07-23T22:41:04.279000Z
var-201702-0423 An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoftā€¦ 2024-07-23T22:40:53.160000Z
var-202305-1588 D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerabilitā€¦ 2024-07-23T22:40:05.297000Z
var-201112-0173 The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, ā€¦ 2024-07-23T22:39:32.535000Z
var-201103-0371 SAP Crystal Reports Server is a complete reporting solution for creating, managing, and dā€¦ 2024-07-23T22:39:32.874000Z
var-201706-0017 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClieā€¦ 2024-07-23T22:38:34.494000Z
var-202305-1520 D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulā€¦ 2024-07-23T22:38:26.576000Z
var-202407-0490 A vulnerability has been identified in SIMATIC PCS neo V4.0 (All versions), SIMATIC STEP ā€¦ 2024-07-23T22:38:24.768000Z
var-201810-0396 Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabiliā€¦ 2024-07-23T22:37:44.850000Z
var-202001-0833 A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe moā€¦ 2024-07-23T22:37:43.471000Z
ID Description Published Updated
vde-2025-028 Draeger: ICMHelper is vulnerable to a privilege escalation 2025-08-05T10:00:00.000Z 2026-01-06T11:00:00.000Z
vde-2019-012 TECSON/GOK: Improper Authentication and Access Control on multiple devices 2019-06-04T13:21:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2026-023 Phoenix Contact: Several products are affected by vulnerabilities found in OpenSSL 2026-04-22T08:00:00.000Z 2026-04-22T08:00:00.000Z
vde-2025-104 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx, FL SWITCH TSN 23xx and FL SWITCH 59xx Firmware 2026-03-18T08:00:00.000Z 2026-03-18T08:00:00.000Z
vde-2025-109 Phoenix Contact: Unbounded growth of the session cache in TCP encapsulation service in FL MGUARD 2xxx and 4xxx firmware 2026-02-10T08:00:00.000Z 2026-02-23T14:00:00.000Z
vde-2025-073 Phoenix Contact: Security Advisory for TC ROUTER and CLOUD CLIENT Industrial mobile network routers 2026-01-13T08:00:00.000Z 2026-01-13T08:00:00.000Z
vde-2025-071 Phoenix Contact: Multiple Vulnerabilities in FL SWITCH 2xxx Firmware 2025-12-09T08:00:00.000Z 2026-01-12T08:00:00.000Z
vde-2025-074 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-10-14T10:00:00.000Z 2025-10-15T10:00:00.000Z
vde-2025-072 Phoenix Contact: Security Advisory for QUINT4-UPS EIP 2025-10-14T06:00:00.000Z 2025-10-14T06:00:00.000Z
vde-2025-077 Phoenix Contact: Two vulnerabilities in the jq JSON processor utilized by FL MGUARD 110x devices 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-064 Phoenix Contact: Products utilizing WIBU-SYSTEMS CodeMeter Runtime Windows Installer have a privilege escalation 2025-09-09T07:00:00.000Z 2025-09-09T07:00:00.000Z
vde-2025-063 Phoenix Contact: Device and Update Management Windows Installer Privilege Escalation 2025-08-12T10:00:00.000Z 2025-08-12T10:00:00.000Z
vde-2025-054 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-053 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-019 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-22T08:00:00.000Z
vde-2025-014 Phoenix Contact: Security Advisory for CHARX SEC-3xxx charging controllers 2025-07-08T10:00:00.000Z 2025-07-08T10:00:00.000Z
vde-2025-029 Phoenix Contact: Security Advisory for AXL F BK and IL BK bus couplers 2025-05-13T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-005 Phoenix Contact: Security Advisory for ESL Stick USB-A 2025-01-14T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-070 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2025-01-14T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-073 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-071 Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware 2024-12-09T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-067 Phoenix Contact: Multiple Vulnerabilities in PLCnext Engineer 2024-10-08T12:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-052 Phoenix Contact: Multiple mGuard devices are vulnerable to a drain of open file descriptors. 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-051 Phoenix Contact: Multiple mGuard devices are vulnerable to a remote code injection due to SSH 2024-09-10T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-039 Phoenix Contact: Multiple Vulnerabilities in mGuard devices 2024-09-10T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-022 Phoenix Contact: Security Advisory for CHARX-SEC3xxx Charge controllers 2024-08-13T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-029 Phoenix Contact: Unbounded growth of OpenSSL session cache in multiple FL MGUARD devices 2024-06-11T06:00:00.000Z 2024-06-11T06:00:00.000Z
vde-2024-019 Phoenix Contact: Multiple vulnerabilities in the Firmware of CHARX SEC charge controllers 2024-05-14T06:00:00.000Z 2024-05-14T06:00:00.000Z
vde-2024-011 PHOENIX CONTACT: Multiple vulnerabilities in CHARX SEC charge controllers 2024-03-12T07:00:00.000Z 2024-03-12T07:00:00.000Z
vde-2023-058 Phoenix Contact: PLCnext Control prone to download of code without integrity check 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-057 Phoenix Contact: Classic line industrial controllers prone to inadequate integrity check of PLC 2023-12-12T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2023-056 Phoenix Contact: PLCnext prone to Incorrect Permission Assignment for Critical Resource 2023-12-12T07:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-085 Welotec: Path Traversal in SmartEMS Upload Handling 2025-09-10T07:00:00.000Z 2025-09-22T08:00:00.000Z
vde-2025-076 Welotec: Hard-coded JWT secret in egOS WebGUI 2025-08-26T07:00:00.000Z 2025-08-26T07:00:00.000Z
vde-2024-043 Welotec: Multiple products are vulnerable to regreSSHion 2024-08-22T06:00:00.000Z 2024-08-22T06:00:00.000Z
vde-2024-023 Welotec: Clickjacking Vulnerability in WebUI 2024-04-23T08:00:00.000Z 2024-04-23T08:00:00.000Z
vde-2024-009 Welotec: Two vulnerabilities in TK500v1 router series 2024-04-09T08:00:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
advisory2026-04_vde-2026-040 CODESYS EtherNetIP - Improper timeout handling 2026-04-23T12:00:00.000Z 2026-04-23T12:00:00.000Z
advisory2026-03_vde-2026-018 CODESYS Control V3 - Externally-controlled format string in Auditlog 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-02_vde-2026-011 CODESYS Control V3 - Untrusted boot application 2026-03-24T08:00:00.000Z 2026-03-24T08:00:00.000Z
advisory2026-01_vde-2026-012 CODESYS Installer - Possible Privilege Escalation 2026-03-10T10:00:00.000Z 2026-03-10T10:00:00.000Z
advisory2025-09_vde-2025-099 CODESYS Control - Linux/QNX SysSocket flaw 2025-12-01T11:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-11_vde-2025-101 CODESYS Development System - Deserialization of Untrusted Data 2025-12-01T10:00:00.000Z 2025-12-01T10:00:00.000Z
advisory2025-10_vde-2025-100 CODESYS Control - Invalid type usage in visualization 2025-12-01T10:00:00.000Z 2026-02-12T11:00:00.000Z
advisory2025-07_vde-2025-051 CODESYS Control V3 - Exposed PKI folder 2025-08-04T10:00:00.000Z 2025-09-01T10:00:00.000Z
advisory2025-06_vde-2025-049 CODESYS Control V3 - Insecure default permissions 2025-08-04T10:00:00.000Z 2025-08-04T10:00:00.000Z
advisory2025-08_vde-2025-070 CODESYS Control V3 - NULL pointer dereference 2025-08-04T08:00:00.000Z 2025-10-14T08:00:00.000Z
advisory2025-05_vde-2025-027 CODESYS Visualization user management bypass in WebVisu 2025-04-23T10:00:00.000Z 2025-04-23T10:00:00.000Z
advisory2025-04_vde-2025-022 CODESYS Control V3 - OPC UA Server Authentication bypass 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-03_vde-2025-015 CODESYS Control V3 removable media path traversal 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-02_vde-2025-013 CODESYS (Edge) Gateway for Windows insecure default 2025-03-18T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2025-01_vde-2025-001 CODESYS Key physical side-channel vulnerability 2025-01-21T11:00:00.000Z 2025-06-05T13:31:01.000Z
advisory2024-05_vde-2024-057 CODESYS: CODESYS web server vulnerable to DoS 2024-09-25T21:59:00.000Z 2025-04-03T10:00:00.000Z
vde-2024-046 OSCAT: Out-of-bounds read in OSCAT Basic library 2024-09-10T14:00:00.000Z 2024-09-10T14:00:00.000Z
vde-2024-026 CODESYS: Vulnerability can cause a DoS on CODESYS OPC UA products 2024-06-04T08:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-027 CODESYS: Vulnerability in multiple products through exposure of resource to wrong sphere 2024-06-04T06:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-024 CODESYS: Development System V2.3 affected by two vulnerabilities through corrupted project files 2024-05-06T08:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2023-066 CODESYS: OS Command Injection Vulnerability in multiple CODESYS Control products 2023-12-05T14:25:00.000Z 2023-12-05T14:25:00.000Z
vde-2023-035 CODESYS: Multiple products affected by WIBU Codemeter vulnerability 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-025 CODESYS: Control runtime system memory and integrity check vulnerabilities 2023-08-03T11:18:00.000Z 2023-08-03T11:18:00.000Z
vde-2023-023 CODESYS: Missing Brute-Force protection in CODESYS Development System 2023-08-03T11:08:00.000Z 2023-08-03T11:08:00.000Z
vde-2023-022 CODESYS: Missing integrity check in CODESYS Development System 2023-08-03T10:52:00.000Z 2023-08-03T10:52:00.000Z
vde-2023-021 CODESYS: Vulnerability in CODESYS Development System allows execution of binaries 2023-08-03T10:48:00.000Z 2023-08-03T10:48:00.000Z
vde-2023-019 CODESYS: Multiple Vulnerabilities in CmpApp CmpAppBP and CmpAppForce 2023-08-03T10:42:00.000Z 2023-08-03T10:42:00.000Z
vde-2023-024 CODESYS: Vulnerability in CODESYS Development System and CODESYS Scripting 2023-07-28T07:45:00.000Z 2023-07-28T07:45:00.000Z
ID Description Published Updated
vde-2025-067 Wiesemann & Theis: Motherbox 3 allows unauthenticated read-only DB access 2025-08-10T10:00:00.000Z 2025-08-25T10:00:00.000Z
vde-2025-024 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated jQuery version 2025-05-13T10:00:00.000Z 2025-05-13T10:00:00.000Z
vde-2025-032 Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting 2025-05-06T10:00:00.000Z 2025-05-06T10:00:00.000Z
vde-2025-031 Wiesemann & Theis: Multiple products from Wiesemann & Theis support deprecated TLS protocol versions 2025-04-28T10:00:00.000Z 2025-04-28T10:00:00.000Z
vde-2024-018 Wiesemann & Theis: Multiple products prone to unquoted search path 2024-02-28T07:00:00.000Z 2025-05-14T12:36:39.000Z
vde-2022-057 Wiesemann & Theis multiple products prone to web interface vulnerability 2022-12-13T07:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-043 Wiesemann & Theis: Multiple Vulnerabilities in the Com-Server Family 2022-11-07T11:43:00.000Z 2022-11-07T12:14:00.000Z
ID Description Published Updated
vde-2026-030 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-04-02T11:00:00.000Z 2026-04-02T11:00:00.000Z
vde-2026-024 MB connect line: Multiple Vulnerabilities in mbCONNECT24/mymbCONNECT24 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2025-065 MB connect line: Sandbox escape in mbNET's LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-058 MB connect line: Multiple vulnerabilities in mbNET.mini 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-035 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-034 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2024-010 Vulnerabilities in mbCONNECT24/mymbCONNECT24 2025-03-18T11:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-068 MB connect line: Multiple Vulnerabilities in MB connect line Products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-056 MB connect line: Multiple Vulnerabilities in mbNET.mini Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-030 MB connect line: mbNET.mini vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T09:00:00.000Z
vde-2023-041 MB connect line: Vulnerability allows access to non-critical information in mbCONNECT24 and mymbCONNECT24 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2024-042 MB connect line: Multiple products are vulnerable to regreSSHion 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-012 MB connect line: Cross-site Scripting vulnerability in mbNET/mbNET.rokey 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-002 MB Connect Line: Multiple vulnerabilities in mbConnect24 and mymbConnect24 2023-05-15T14:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-011 MB connect line: Unauthenticated user enumeration in mbCONNECT24 and mymbCONNECT24 2022-09-07T12:50:00.000Z 2022-09-07T12:50:00.000Z
vde-2021-030 MB connect line: two vulnerabilities in mymbCONNECT24, mbCONNECT24 (Update A) 2022-09-07T10:48:00.000Z 2025-06-06T07:00:00.000Z
vde-2021-003 MB connect line: Multiple vulnerabilites in mymbCONNECT24 and mbCONNECT24 (Update A) 2022-09-07T10:46:00.000Z 2022-09-07T10:46:00.000Z
vde-2021-037 MB connect line: Remote user enumeration in mbCONNECT24/mymbCONNECT24 2021-10-27T10:15:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-017 MB connect line: Privilege escalation in mbDIALUP 2021-07-22T11:35:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-031 MB connect line: Apache Guacamole related vulnerabilities in mbCONNECT24 2021-07-22T11:33:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-012 MB connect line: multiple products partially affected by DNSpooq 2021-04-26T08:04:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-035 MB connect line: Multiple Vulnerabilities in mymbCONNECT24 and mbCONNECT24 <= v2.6.1 2020-09-18T12:30:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2026-015 Helmholz: Use of a Broken or Risky Cryptographic Algorithm 2026-04-21T10:00:00.000Z 2026-04-21T12:00:00.000Z
vde-2026-043 Helmholz: Multiple Vulnerabilities in myREX24V2/myREX24V2.virtual 2026-04-13T11:00:00.000Z 2026-04-13T11:00:00.000Z
vde-2026-013 Helmholz: Use of a Broken or Risky Cryptographic Algorithm 2026-04-07T08:00:00.000Z 2026-04-07T08:00:00.000Z
vde-2026-025 Helmholz: Multiple Vulnerabilities in myREX24V2 / myREX24V2.virtual 2026-03-23T12:00:00.000Z 2026-03-23T12:00:00.000Z
vde-2025-069 Helmholz: Sandbox escape in REX200/250 LUA interpreter 2025-07-31T10:00:00.000Z 2025-07-31T10:00:00.000Z
vde-2025-059 Helmholz: Multiple vulnerabilities in REX 100 2025-07-21T10:00:00.000Z 2025-07-21T10:00:00.000Z
vde-2025-038 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2025-037 Vulnerabilities in myREX24/myREX24.virtual 2025-06-24T10:00:00.000Z 2025-06-24T10:00:00.000Z
vde-2024-031 Helmholz: Vulnerabilities in myREX24 V2/myREX24.virtual 2025-03-18T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2024-069 Helmholz: Multiple Vulnerabilities in Helmholz products 2024-10-15T08:00:00.000Z 2026-03-06T08:00:00.000Z
vde-2024-066 Helmholz: Multiple Vulnerabilities in Helmholz REX100 Product 2024-10-15T08:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-044 Helmholz: Multiple products are vulnerable to regreSSHion 2024-07-31T08:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-032 Helmholz: REX 100 vulnerable to OS command injection 2024-07-03T09:00:00.000Z 2024-07-03T13:33:00.000Z
vde-2023-043 Helmholz: Vulnerability allows access to non-critical information in myREX24 and myREX24.virtual 2023-10-16T08:38:00.000Z 2023-10-16T08:38:00.000Z
vde-2023-029 Helmholz: Cross-site Scripting vulnerability in REX 200/REX 250 2023-08-17T12:00:00.000Z 2023-08-17T12:00:00.000Z
vde-2023-008 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2023-05-15T12:06:00.000Z 2023-05-15T12:06:00.000Z
vde-2022-017 Helmholz: Unauthenticated user enumeration in myREX24 and myREX24.virtual 2022-09-07T12:54:00.000Z 2025-05-14T13:00:14.000Z
vde-2022-039 Helmholz: Multiple vulnerabilites in myREX24 and myREX24.virtual 2022-09-07T10:56:00.000Z 2022-09-07T10:56:00.000Z
vde-2021-058 Helmholz: Remote user enumeration in myREX24/myREX24-virtual 2021-12-08T13:04:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-057 Helmholz: Privilege Escalation in shDialup (Update A) 2021-03-28T13:03:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
fsa-202601 Several CODESYS vulnerabilities in Festo Automation Suite 2026-02-26T08:00:00.000Z 2026-02-26T08:00:00.000Z
fsa-202406 Several Codesys Gateway v2 vulnerabilities in Codesys provided by Festo 2024-12-03T11:00:00.000Z 2024-12-03T14:00:00.000Z
fsa-202405 Festo: Siemens S7-1500/ET200SP CPU used in Festo Didactic products contains a memory protection bypass vulnerability 2024-09-09T07:00:00.000Z 2025-11-05T08:00:00.000Z
fsa-202402 Several Vulnerabilities in MES PC (Windows 10) 2024-02-27T12:00:00.000Z 2025-12-08T07:00:00.000Z
fsa-202401 Festo: Multiple products contain CoDe16 vulnerability 2024-01-30T07:00:00.000Z 2025-11-04T11:00:00.000Z
fsa-202305 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in several products 2023-11-28T07:00:00.000Z 2025-05-13T10:00:00.000Z
fsa-202303 Festo: Vulnerable Siemens TIA-Portal in multiple Festo Didactic products 2023-10-17T06:00:00.000Z 2025-10-01T06:00:00.000Z
fsa-202304 Festo: MSE6-C2M/D2M/E2M Incomplete User Documentation of Remote Accessible Functions 2023-09-05T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202301 Festo: Cross-Site-Scripting (XSS) vulnerability in LX-Appliance 2023-08-29T10:00:00.000Z 2025-10-01T10:00:00.000Z
fsa-202302 Festo: Several vulnerabilities in FactoryViews 2023-07-10T10:00:00.000Z 2026-02-02T08:00:00.000Z
fsa-202206 Festo: Vulnerable WIBU-SYSTEMS CodeMeter Runtime in multiple products 2022-12-13T11:50:00.000Z 2025-10-01T10:50:00.000Z
fsa-202209 Festo: Incomplete documentation of remote accessible functions and protocols in Festo products 2022-11-29T11:49:00.000Z 2025-11-03T10:00:00.000Z
fsa-202208 Festo: Multiple Festo products contain an unsafe default Codesys configuration 2022-11-29T11:41:00.000Z 2025-10-28T11:00:00.000Z
fsa-202207 Festo: CPX-CEC-C1 and CPX-CMXX, Missing Authentication for Critical Webpage Function 2022-09-20T10:00:00.000Z 2025-07-28T10:00:00.000Z
fsa-202203 Festo: Controller CECC-S,LK,D family firmware 2.4.2.0 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-07-10T10:00:00.000Z
fsa-202202 Festo: Controller CECC-S,LK,D family <= 2.3.8.1 - multiple vulnerabilities in CODESYS V3 runtime system 2022-07-18T10:00:00.000Z 2025-11-03T11:00:00.000Z
fsa-202201 Festo: CECC-X-M1 - command injection vulnerabilities 2022-07-06T07:00:00.000Z 2025-06-23T08:00:00.000Z
fsa-202101 Festo: Multiple vulnerabilities in Ethernet/IP Stack of SBRD-Q/SBOC-Q/SBOI-Q 2021-09-22T11:13:00.000Z 2025-08-26T10:00:00.000Z
ID Description Published Updated
vde-2025-011 PEPPERL+FUCHS: Profinet Gateway LB8122A.1.EL ā€“ Device is affected by XSS vulnerability and information disclosure 2025-05-26T10:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-002 PEPPERL+FUCHS: HMI ā€“ devices are affected by Windows RCE 2025-02-25T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-065 PEPPERL+FUCHS: HMI devices are affected by Insecure Platform Key 2024-11-26T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-063 PEPPERL+FUCHS: Multiple products are affected by regreSSHion 2024-10-08T12:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2024-033 PEPPERL+FUCHS: Device Master ICDM-RX/* ā€“ Vulnerability may allow unauthenticated remote attacker information disclosure and denial of service 2024-08-13T12:00:00.000Z 2025-05-14T14:34:17.000Z
vde-2024-038 Pepperl+Fuchs: Anonymous FTP server and Telnet access allows information disclosure and manipulation 2024-07-10T06:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2024-037 Pepperl+Fuchs: Use after free vulnerability in Smart-Ex 02 and Smart-Ex 03 2024-07-10T06:00:00.000Z 2024-07-10T06:00:00.000Z
vde-2024-017 Pepperl+Fuchs: ICE2- * and ICE3- * are affected by multiple vulnerabilities 2024-04-10T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-021 Pepperl+Fuchs: RSM-EX devices - Multiple Bluetooth vulnerabilities 2022-05-16T14:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-012 Pepperl+Fuchs: Vulnerability in multiple VisuNet devices 2022-04-26T12:00:00.000Z 2022-05-16T14:15:00.000Z
vde-2021-006 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-11-16T14:53:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-041 Pepperl+Fuchs: Multiple DTM and VisuNet Software affected by log4net vulnerability 2021-10-26T13:35:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-027 Pepperl+Fuchs: WirelessHART-Gateway - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-10-16T12:00:00.001Z 2025-05-14T13:00:14.000Z
vde-2021-028 Pepperl+Fuchs: Multiple VDM100-Distance Ethernet-IP sensors with multiple vulnerabilities 2021-08-16T12:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-034 Pepperl+Fuchs: Security Advisory for PrintNightmare Vulnerability in multiple HMI Devices 2021-07-30T07:55:00.000Z 2021-07-30T07:55:00.000Z
vde-2021-018 Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules 2021-05-12T08:57:00.000Z 2021-05-12T08:57:00.000Z
vde-2020-053 Pepperl+Fuchs: Comtrol RocketLinx ICRL-M - Multiple Vulnerabilities 2021-03-08T13:44:00.000Z 2025-05-22T13:03:10.000Z
vde-2021-007 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-16T14:53:00.000Z 2025-05-14T12:53:43.000Z
vde-2020-050 Pepperl+Fuchs: Multiple Products - Vulnerability may allow remote attackers to cause a Denial Of Service 2021-02-15T13:33:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-001 Pepperl+Fuchs: Vulnerability allowing code-excution in PACTware <=5.0.5.31 2021-01-15T12:41:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-038 Pepperl+Fuchs: Multiple vulnerabilites in Comtrol IO-Link Master 2021-01-04T13:01:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-040 Pepperl+Fuchs: Multiple Products prone to multiple vulnerabilities in Comtrol RocketLinux 2020-10-05T12:00:00.000Z 2020-10-05T12:00:00.000Z
vde-2020-034 Pepperl+Fuchs: VMT MSS and VMT IS - Several vulnerabilities in products utilizing WIBU-SYSTEMS CodeMeter components 2020-09-10T13:22:00.000Z 2020-09-10T13:22:00.000Z
vde-2020-017 Pepperl+Fuchs, PACTware: Two password vulnerabilities found 2020-05-29T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-014 Pepperl+Fuchs: Kr00k vulnerabilities in Broadcom Wi-Fi chipsets 2020-03-31T13:30:00.000Z 2025-05-14T14:34:17.000Z
vde-2019-011 Pepperl+Fuchs: Remote code execution vulnerability in HMI devices 2019-05-29T07:35:00.000Z 2019-10-07T10:00:00.000Z
vde-2019-004 Pepperl+Fuchs: ecom Mobile Devices prone to BlueBorne Attack 2019-03-14T07:52:00.000Z 2019-03-14T07:52:00.000Z
vde-2019-002 Pepperl+Fuchs: Path traversal in WirelessHART Gateway 2019-03-06T10:35:00.000Z 2025-05-14T13:00:14.000Z
vde-2018-016 Pepperl+Fuchs: ecom Mobile devices prone to Android privilege elevation vulnerability 2018-10-19T10:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2018-009 Pepperl+Fuchs: Security advisory for MELTDOWN and SPECTRE attacks in ecom mobile Devices 2018-07-06T14:47:00.000Z 2018-10-23T10:00:00.000Z
ID Description Published Updated
ppsa-2026-002 Pilz: Vulnerability affecting PASvisu Runtime 2026-04-23T12:00:00.000Z 2026-04-23T12:00:00.000Z
ppsa-2026-001 Pilz: Multiple Vulnerabilities affecting the PIT User Authentication Service 2026-02-02T08:00:00.000Z 2026-02-02T10:00:00.000Z
ppsa-2025-004 Pilz: Vulnerability affecting PASvisu Runtime 2025-10-20T10:00:00.000Z 2025-10-20T10:00:00.000Z
ppsa-2025-003 Pilz: Authentication Bypass in IndustrialPI Webstatus 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-002 Pilz: Missing Authentication in Node-RED integration 2025-07-01T10:00:00.000Z 2025-07-01T10:00:00.000Z
ppsa-2025-001 Pilz: Authentication Bypass and Cross-Site-Scripting in PiCtory 2025-06-30T10:00:00.000Z 2025-06-30T10:00:00.000Z
vde-2024-002 Pilz: Multiple products affected by uC/HTTP vulnerability 2024-02-06T07:00:00.000Z 2024-02-06T07:00:00.000Z
vde-2023-050 Pilz: Vulnerability in PASvisu and PMI v8xx 2024-01-30T07:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2023-059 Pilz: Electron Vulnerabilities in PASvisu and PMI v8xx 2023-12-05T07:06:00.000Z 2023-12-05T07:06:00.000Z
vde-2023-048 Pilz: Multiple products prone to libwebp vulnerability 2023-12-05T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-033 Pilz: WIBU Vulnerabilitiy in multiple Products 2023-10-12T06:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-045 Pilz: PAS 4000 prone to ZipSlip 2022-11-24T09:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-044 Pilz: Multiple products affected by ZipSlip 2022-11-24T09:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2022-033 Pilz: PASvisu and PMI affected by multiple vulnerabilities 2022-11-24T09:00:00.000Z 2022-11-24T09:00:00.000Z
vde-2021-061 Pilz: PMC programming tool 3.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-055 Pilz: PMC programming tool 2.x.x affected by multiple vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-054 Pilz: Multiple vulnerabilities in CODESYS V2 and V3 runtime system 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2021-009 Pilz: Multiple products prone to Niche Ethernet Stack vulnerabilities 2021-09-20T11:56:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-033 Pilz: Multiple products prone to WIBU-SYSTEMS CodeMeter vulnerabilities 2020-09-10T13:18:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2024-008 Wago: Vulnerability in WBM through Open VPN 2026-04-08T07:00:00.000Z 2026-04-08T07:00:00.000Z
vde-2026-021 WAGO: Multiple Vulnerabilities in WAGO VC Hub 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-010 WAGO: Multiple Vulnerabilities in WAGO Solution Builder and WAGO Device Sphere 2026-03-30T07:00:00.000Z 2026-03-30T07:00:00.000Z
vde-2026-020 WAGO: Vulnerability in managed switches 2026-03-23T08:00:00.000Z 2026-03-23T08:00:00.000Z
vde-2026-004 WAGO: Vulnerabilities in Managed Switch 2026-02-09T08:00:00.000Z 2026-02-09T08:00:00.000Z
vde-2025-095 WAGO: Vulnerabilities in WAGO Industrial-Managed Switches 2025-12-10T10:00:00.000Z 2026-01-19T08:00:00.000Z
vde-2025-062 WAGO: Multiple Vulnerabilities in CODESYS components 2025-11-03T11:00:00.000Z 2025-11-03T11:00:00.000Z
vde-2025-087 WAGO: Vulnerabilities in Device Sphere and Solution Builder 2025-09-24T09:00:00.000Z 2025-09-24T09:00:00.000Z
vde-2025-083 WAGO: Vulnerability in hardware switch circuit 2025-09-15T08:00:00.000Z 2025-09-15T08:00:00.000Z
vde-2025-080 WAGO: Multiple Vulnerabilities in I/O-Check Service 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2025-082 WAGO: Critical sudo Vulnerability in Multiple Products 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-048 WAGO: Escalation of Privileges in Coupler Firmware 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-057 WAGO: Vulnerability in WAGO Device Sphere 2025-06-23T10:00:00.000Z 2025-07-07T06:15:00.000Z
vde-2025-040 WAGO: Vulnerabilities in ctrlX OS app 2025-06-16T10:00:00.000Z 2025-06-16T10:00:00.000Z
vde-2025-018 WAGO: Vulnerabilities in WAGO Device Manager 2025-06-16T10:00:00.000Z 2025-11-21T12:00:00.000Z
vde-2025-020 WAGO: Switches affected by year 2k38 problem 2025-06-02T06:00:00.000Z 2025-06-02T06:00:00.000Z
vde-2025-007 WAGO: Year 2038 problem 2025-04-15T10:00:00.000Z 2025-04-15T10:00:00.000Z
vde-2025-004 Wago: Vulnerability in libwagosnmp 2025-03-05T11:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2025-009 WAGO: Vulnerabilities in CODESYS Control V3 - OPC UA Stack 2025-02-04T11:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2025-008 WAGO: Vulnerabilities in CODESYS Control 2025-02-04T11:00:00.000Z 2025-05-14T13:00:15.000Z
vde-2024-072 WAGO: Vulnerabilities in CODESYS Control 2024-12-03T11:00:00.000Z 2024-12-03T11:00:00.000Z
vde-2024-047 WAGO: Multiple vulnerabilities in docker configuration 2024-11-18T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-021 WAGO: Vulnerability in WAGO Navigator 2024-05-21T06:00:00.000Z 2024-05-21T06:00:00.000Z
vde-2023-068 WAGO: Multiple Vulnerabilities in e!Cockpit and e!Runtime / CODESYS Runtime 2024-05-21T06:00:00.000Z 2024-05-21T06:00:00.000Z
vde-2023-039 Wago: Multiple vulnerabilities in web-based management of multiple products 2024-03-13T08:30:00.000Z 2024-03-13T08:30:00.000Z
vde-2024-014 WAGO: Multiple products affected by Terrapin 2024-02-22T07:00:00.000Z 2025-06-05T13:28:13.000Z
vde-2024-007 WAGO: WIBU-SYSTEMS CodeMeter Runtime vulnerabilities in multiple products 2024-01-22T07:00:00.000Z 2024-01-22T07:00:00.000Z
vde-2023-045 Wago: Vulnerability in Smart Designer Web-Application 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-044 Wago: Vulnerabilities in IEC61850 Server / Telecontrol 2023-12-05T07:00:00.000Z 2023-12-05T07:00:00.000Z
vde-2023-037 WAGO: Remote Code execution vulnerability in managed Switches 2023-11-21T07:00:00.000Z 2023-11-21T07:00:00.000Z
ID Description Published Updated
vde-2026-005 ifm: Multiple Vulnerabilities in CR3171 2026-05-06T08:00:00.000Z 2026-05-06T08:00:00.000Z
vde-2024-061 ifm: Improper Access Control vulnerability 2025-06-30T10:00:00.000Z 2026-02-18T08:00:00.000Z
vde-2024-012 ifm: Vulnerabilities in ifm AC14 firmware 2024-07-09T07:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2024-028 ifm moneo password reset can be exploited 2024-05-06T10:00:00.000Z 2026-01-15T11:00:00.000Z
vde-2022-050 IFM: weak password recovery vulnerability in moneo appliance 2022-12-12T11:00:00.000Z 2026-01-06T11:00:00.000Z
ID Description Published Updated
vde-2025-092 Beckhoff: Privilege escalation and information leak via Beckhoff Device Manager 2026-01-27T11:00:00.000Z 2026-01-27T11:00:00.000Z
vde-2025-106 Beckhoff: XSS Vulnerability in TwinCAT 3 HMI Server 2026-01-26T10:00:00.000Z 2026-02-12T09:00:00.000Z
vde-2025-075 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering 2025-09-09T10:00:00.000Z 2025-09-09T10:00:00.000Z
vde-2024-064 Beckhoff: Local command injection via TwinCAT Package Manager 2024-10-31T11:00:00.000Z 2025-04-11T07:00:00.000Z
vde-2021-008 Beckhoff: Stack Overflow and XXE vulnerability in various OPC UA products 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-050 Beckhoff: Denial-of-Service vulnerability in the MDP package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-049 Beckhoff: Denial-of-Service vulnerability in the IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-048 Beckhoff: Improper neutralization of input in IPC-Diagnostics-www package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-045 Beckhoff: Local authentication bypass in IPC-Diagnostics package included in TwinCAT/BSD operating system 2024-08-27T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-067 Beckhoff: Open redirect in TwinCAT/BSD package authelia-bhf 2023-12-13T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-003 BECKHOFF: Null Pointer Dereference vulnerability in products with OPC UA technology 2022-03-01T12:34:00.000Z 2025-06-05T13:28:13.000Z
vde-2021-051 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server 2021-11-04T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-051 Beckhoff: DoS-Vulnerability for TwinCAT OPC UA Server and IPC Diagnostics UA Server 2021-04-27T08:08:00.000Z 2021-05-11T10:00:00.000Z
vde-2020-037 Beckhoff: Privilege Escalation through TwinCat System Tray (TcSysUI.exe) 2020-11-19T13:41:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-019 Beckhoff: EtherLeak in TwinCAT RT network driver 2020-06-16T08:31:00.000Z 2025-05-22T13:03:10.000Z
vde-2020-005 Beckhoff: BK9000 couplers - Denial of service inhibits function 2020-03-10T13:17:00.000Z 2025-05-22T13:03:10.000Z
vde-2019-019 Beckhoff: TwinCAT Denial-of-Service in Profinet driver 2019-10-09T10:00:00.000Z 2025-05-14T13:00:14.000Z
ID Description Published Updated
vde-2026-007 TRUMPF: Multiple products affected by Wibu CodeMeter vulnerability 2026-02-23T08:00:00.000Z 2026-02-23T08:00:00.000Z
vde-2025-078 TRUMPF: Remote support uses an outdated encryption algorithm 2025-08-25T06:00:00.000Z 2025-08-29T10:00:00.000Z
vde-2024-004 TRUMPF: Multiple products affected by log4net vulnerability 2025-04-22T10:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-040 Multiple TRUMPF products prone to regreSSHion OpenSSH server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-034 Multiple TRUMPF products prone to nftables server vulnerabilities 2024-06-25T10:00:00.000Z 2025-04-10T13:00:00.000Z
vde-2024-001 TRUMPF: Multiple products contain WIBU CodeMeter vulnerabilities 2024-01-29T07:00:00.000Z 2024-01-29T07:00:00.000Z
vde-2024-006 TRUMPF: Oseon contains vulnerable version of OpenSSL 1.1.x 2024-01-23T07:00:00.000Z 2024-01-23T07:00:00.000Z
vde-2024-005 TRUMPF: Multiple products contain vulnerable version of 7-zip 2024-01-23T07:00:00.000Z 2025-06-05T13:28:12.000Z
vde-2024-003 TRUMPF: Multiple products include a vulnerable version of Notepad++ 2024-01-23T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-031 Trumpf: Multiple Products affected by WIBU Codemeter Vulnerability 2023-09-13T10:00:00.000Z 2023-11-13T11:00:00.000Z
vde-2022-049 TRUMPF: Multiple products prone to X.Org server vulnerabilities 2022-11-07T11:43:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-023 TRUMPF TruTops prone to improper access control 2022-10-17T10:00:00.000Z 2022-10-17T10:00:00.000Z
vde-2022-034 TRUMPF: Products prone to Unified Automation vulnerabilities 2022-08-15T10:00:00.000Z 2022-08-15T10:00:00.000Z
vde-2022-016 TRUMPF: TruTops Fab, TruTops Boost prone to vulnerability 2022-05-02T10:00:00.000Z 2022-05-02T10:00:00.000Z
vde-2021-033 TRUMPF Laser GmbH: multiple products prone to codesys runtime vulnerabilities 2021-08-12T13:02:00.001Z 2021-08-12T13:02:00.001Z
vde-2021-011 TRUMPF Laser GmbH: TruControl 2.14.0 to 3.14.0 affected by recent sudo vulnerability 2021-03-22T08:59:00.000Z 2026-02-02T14:25:00.000Z
vde-2020-039 TRUMPF: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T10:28:00.000Z 2025-05-14T12:36:39.000Z
ID Description Published Updated
vde-2025-043 Lenze: PLC Designer V4 with insecure storage of sensitive information 2025-06-25T10:00:00.000Z 2025-06-25T10:00:00.000Z
vde-2025-042 Lenze: VPN Client Privilege Escalation in combination with Lenze x500 IoT Gateway 2025-05-27T09:00:00.000Z 2025-05-27T09:00:00.000Z
vde-2024-053 Lenze: Install Directory with insufficient permissions 2024-09-03T08:00:00.000Z 2025-03-13T11:30:00.000Z
vde-2022-030 Lenze: Vulnerability in the OPC-UA authentification connection in the firmware 2022-07-11T10:00:00.000Z 2022-07-11T10:00:00.000Z
vde-2021-048 Lenze: Multiple Vulnerabilities in CODESYS Control V2 communication 2021-10-04T12:33:00.000Z 2021-10-04T12:33:00.000Z
ID Description Published Updated
vde-2022-029 Carlo Gavazzi Controls: Multiple Vulnerabilities in Controller UWP 3.0 2022-09-26T08:00:00.000Z 2026-03-02T11:00:00.000Z
ID Description Published Updated
vde-2025-047 AUMA: Incorrect delivery status of the Bluetooth configuration 2025-06-10T10:00:00.000Z 2025-06-10T10:00:00.000Z
vde-2025-026 AUMA Riester: Buffer overflow in service telegram 2025-05-12T10:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2023-028 AUMA: SIMA Master Station affected by WRECK vulnerability 2023-08-07T11:35:00.000Z 2025-05-14T13:00:15.000Z
vde-2023-027 AUMA: Reflected Cross-Site Scripting Vulnerability in SIMA Master Stations 2023-08-07T09:35:00.000Z 2023-08-07T09:35:00.000Z
vde-2022-032 AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service 2022-08-09T08:00:00.000Z 2022-08-09T08:00:00.000Z
vde-2022-024 Auma: SIMAĀ² Master Station Denial of Service Vulnerability on Automation Runtime Webserver 2022-06-15T10:00:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
vde-2025-084 Bender Charge Controller Vulnerability - Unsecure Communication 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2025-061 Bender Charge Controller Vulnerability - Disclosure Of Stored Credentials When Authenticated 2025-09-08T07:00:00.000Z 2025-09-08T07:00:00.000Z
vde-2021-047 Bender/ebee: Multiple Charge Controller Vulnerabilities 2022-04-26T10:00:00.000Z 2022-04-26T10:00:00.000Z
vde-2020-043 Bender: COMTRAXX < 4.2.0 affected by inadquate credentials check vulnerability 2020-10-16T06:54:00.000Z 2020-10-16T06:54:00.000Z
ID Description Published Updated
vde-2026-032 Endress+Hauser: sudo vulnerability affects Endress+Hauser MCS200HW 2026-04-21T07:00:00.000Z 2026-04-21T07:00:00.000Z
vde-2026-003 Endress+Hauser: Multiple products prone to multiple vulnerabilities in e!Runtime and CODESYS V3 Runtime 2026-03-31T08:00:00.000Z 2026-04-01T11:00:00.000Z
vde-2026-002 Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation 2026-03-02T07:00:00.000Z 2026-03-02T07:00:00.000Z
vde-2025-105 Endress+Hauser: Multiple products affected by Wibu-Systems CodeMeter Vulnerability 2025-12-08T09:00:00.000Z 2025-12-08T09:00:00.000Z
vde-2025-107 Endress+Hauser: Multiple products affected by Qualcomm vulnerabilities 2025-12-05T11:00:00.000Z 2026-04-02T10:00:00.000Z
vde-2025-068 Endress+Hauser: Proline 10 Maintenance credentials may be exposed under certain conditions 2025-09-02T10:00:00.000Z 2026-02-20T09:00:00.000Z
vde-2025-036 Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4 2025-03-06T14:00:00.000Z 2025-03-06T14:00:00.000Z
vde-2024-054 Endress+Hauser: Netilion Network Insights is affected by multiple vulnerabilities 2024-10-21T08:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-041 Endress+Hauser: Multiple products are vulnerable to code injection 2024-09-10T08:00:00.000Z 2024-09-10T08:00:00.000Z
vde-2022-019 Endress+Hauser: Multiple products utilizing vulnerable WIBU-SYSTEMS CodeMeter components 2022-06-02T15:11:00.000Z 2022-06-02T15:11:00.000Z
vde-2022-006 Endress+Hauser: FieldPort SFP50 Memory Corruption in Bluetooth Controller Firmware 2022-03-24T10:48:00.000Z 2022-03-24T10:48:00.000Z
vde-2021-044 Endress+Hauser: Multiple products affected by log4net vulnerability 2022-01-20T08:06:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-040 Endress+Hauser: Promass 83 with EtherNet/IP affected by a stack-based buffer overflow 2021-10-04T12:30:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-010 Endress+Hauser: products utilizing WPA2 vulnerable to KRACK attacks 2021-05-18T09:00:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-005 Endress+Hauser: Multiple Devices affected by fdtContainer vulnerability 2021-03-01T06:39:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-022 Endress+Hauser: Ecograph T utilizing Webserver firmware version 2.x exposes sensitive information 2020-11-19T14:48:00.000Z 2025-05-14T13:00:14.000Z
vde-2020-021 Endress+Hauser: Ecograph T utilizing Webserver firmware version 1.x suffers from improper privilege management 2020-11-19T14:48:00.000Z 2025-04-11T07:00:00.000Z
vde-2020-031 Endress+Hauser: Multiple products prone to WIBU CodeMeter vulnerabilities 2020-10-27T13:10:00.000Z 2025-05-14T13:00:14.000Z
vde-2019-005 Endress+Hauser: WIFI enabled products utilising WPA2 2019-03-19T15:34:00.000Z 2019-03-19T15:34:00.000Z
ID Description Published Updated
vde-2025-030 Frauscher: FDS101, FDS-SNMP101 and FDS102 for FAdC/FAdCi are Vulnerable to OS Command Injection Vulnerability 2025-07-07T10:00:00.000Z 2025-07-29T10:00:00.000Z
vde-2023-049 Frauscher: FDS102 for FAdC/FAdCi remote code execution vulnerability 2023-12-11T07:00:00.000Z 2023-12-11T07:00:00.000Z
vde-2023-038 Frauscher: Multiple Vulnerabilities in FDS101 2023-09-21T06:00:00.000Z 2023-09-21T06:00:00.000Z
vde-2023-011 Frauscher: Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerability 2023-07-05T08:00:00.000Z 2023-07-05T08:00:00.000Z
ID Description Published Updated
vde-2022-052 Miele: Vulnerability in ease2pay cloud service used by appWash 2022-11-21T09:00:00.000Z 2022-11-21T09:00:00.000Z
vde-2022-015 Miele: Security vulnerability in Benchmark Programming Tool 2022-04-27T12:00:00.000Z 2022-04-27T12:00:00.000Z
vde-2020-024 Miele: Treck TCP/IP Vulnerabilities (Ripple20) affecting Communication Module XKM3000 L MED 2020-07-08T07:29:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-010 Miele: Multiple Vulnerabilities in XGW 3000 ZigBee Gateway 2019-05-20T06:58:00.000Z 2025-05-14T13:00:15.000Z
ID Description Published Updated
vde-2025-096 Weidmueller: Multiple vulnerabilities in Energy Meter 750-24 and Energy Meter 750-230 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-052 Weidmueller: Security routers IE-SR-2TX are affected by multiple vulnerabilities 2025-06-11T10:00:00.000Z 2025-07-23T10:00:00.000Z
vde-2025-044 Weidmueller: Industrial ethernet switches are affected by multiple vulnerabilities 2025-05-27T09:00:00.000Z 2025-08-27T10:00:00.000Z
vde-2025-041 Weidmueller: ResMa is affected by a Vulnerability for ASP.NET AJAX 2025-05-19T09:00:00.000Z 2025-05-19T09:00:00.000Z
vde-2025-021 Weidmueller: Authentication Vulnerability in PROCON-WIN 5 2025-03-05T09:00:00.000Z 2025-05-14T13:26:53.000Z
vde-2025-023 Weidmueller: OpenSSL vulnerability in industrial ethernet switches 2025-03-05T08:00:00.000Z 2025-03-05T11:00:00.000Z
vde-2023-032 Weidmueller: WIBU Vulnerability in multiple Products 2023-11-09T07:42:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-056 Weidmueller: Multiple IoT and control products affected by JavaScript injection vulnerability 2022-12-14T07:00:00.000Z 2022-12-14T07:00:00.000Z
vde-2021-004 Weidmueller: EtherNet/IP Fieldbus Coupler out-of-bounds write 2022-06-21T08:00:00.000Z 2022-06-21T08:00:00.000Z
vde-2022-008 WEIDMUELLER: Multiple vulnerabilities in Modbus TCP/RTU Gateways 2022-04-07T06:00:00.000Z 2022-04-07T06:00:00.000Z
vde-2021-042 Weidmueller: Remote I/O fieldbus couplers (IP20) affected by INFRA:HALT vulnerabilities 2021-10-18T08:24:00.000Z 2025-05-14T13:00:14.000Z
vde-2021-026 Weidmueller: Multiple vulnerabilities in Industrial WLAN devices 2021-06-23T11:04:00.000Z 2025-05-14T13:00:15.000Z
vde-2021-016 Weidmueller: Accidentally open network port in u-controls and IoT-Gateways 2021-05-04T08:17:00.000Z 2025-05-14T12:28:19.000Z
vde-2021-002 Weidmueller: WI Manager affected by fdtContainer vulnerability 2021-01-20T13:32:00.000Z 2025-05-14T12:28:19.000Z
vde-2020-041 Weidmueller: u-create studio < 1.20.2 affected by WIBU-SYSTEMS CodeMeter vulnerabilities 2020-10-12T09:14:00.000Z 2025-05-14T12:28:19.000Z
vde-2019-018 Weidmueller: multiple vulnerabilities in various Industrial Ethernet managed switches 2019-12-05T12:03:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-066 SMA: Directory Traversal in Sunny Boy 2025-08-27T08:00:00.000Z 2025-08-27T08:00:00.000Z
vde-2025-050 SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user 2025-08-19T10:00:00.000Z 2025-08-19T10:00:00.000Z
vde-2025-010 SMA: Sunny Portal demo system privilege escalation 2025-05-13T11:00:00.000Z 2025-05-14T13:00:14.000Z
vde-2025-012 SMA: Sunny Portal Remote Code Execution 2025-02-26T11:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2024-075 SMA: Sunny Webbox clickjacking vulnerability 2025-01-27T13:00:00.000Z 2025-06-17T06:00:00.000Z
vde-2024-020 SMA: Cluster Controller CSRF vulnerability 2025-01-27T13:00:00.000Z 2025-02-12T16:48:47.000Z
vde-2024-074 SMA: SQL injection in Sunny Central UP 2024-11-27T09:00:00.000Z 2025-05-14T12:28:19.000Z
ID Description Published Updated
vde-2024-013 HIMA: Multiple products affected by DoS and Port-Based-VLAN Crossing 2024-02-13T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2022-059 HIMA: unquoted path vulnerabilities in X-OPC and X-OTS 2023-01-16T09:00:00.000Z 2025-05-22T13:03:10.000Z
ID Description Published Updated
vde-2025-091 Murrelektronik: Cleartext Transmission of Sensitive Information in IMPACT67 Pro 2025-10-14T10:00:00.000Z 2025-10-14T10:00:00.000Z
ID Description Published Updated
vde-2020-016 SWARCO: Critical Vulnerability in CPU LS4000 2020-05-28T13:00:00.000Z 2020-05-28T13:00:00.000Z
ID Description Published Updated
vde-2025-033 ads-tec Industrial IT: Mosquitto MQTT Client Vulnerability in ADS-TEC IRF Products 2025-04-14T10:00:00.000Z 2025-04-14T10:00:00.000Z
vde-2024-016 ADS-TEC Industrial IT: Docker vulnerability affects multiple products 2024-02-19T07:00:00.000Z 2025-05-22T13:03:10.000Z
vde-2023-009 ads-tec: Multiple Vulnerabilities in IRF1000, IRF2000 and IRF3000 2023-05-08T13:37:00.000Z 2023-05-08T13:37:00.000Z
ID Description Published Updated
vde-2022-061 VARTA: Multiple devices prone to hard-coded credentials 2023-03-15T09:00:00.000Z 2023-03-15T09:00:00.000Z
ID Description Published Updated
vde-2025-060 Sauter: Multiple vulnerabilities in SAUTER modulo 6 2025-10-21T10:00:00.000Z 2025-10-27T11:00:00.000Z
ID Description Published Updated
vde-2025-079 Janitza: Multiple vulnerabilities in UMG 96RM-E 2026-03-10T07:00:00.000Z 2026-03-10T07:00:00.000Z
vde-2025-094 Janitza: Vulnerability in Modbus interface of UMG 96-PA and UMG 96-PA-MID+ 2025-11-24T12:00:00.000Z 2025-11-24T12:00:00.000Z
ID Description Published Updated
vde-2026-029 METTLER TOLEDO: OpenSSL vulnerability in MX and MR balances 2026-04-23T10:00:00.000Z 2026-04-23T10:00:00.000Z
vde-2026-001 METTLER TOLEDO: ASP.NET core vulnerability in LabX 2026-03-04T07:00:00.000Z 2026-03-04T07:00:00.000Z
ID CVSS Description Vendor Product Published Updated
MOKSHA-2026-0089
2.3 (3.1)
5.3 (4.0)
Raw kbps Value Exposure in Private Xenstore via VIF.qoā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0088
2.3 (3.1)
5.3 (4.0)
Int64 Overflow in bytes_per_interval via VIF.qos_algorā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0087
2.3 (3.1)
5.3 (4.0)
QEMU Device Model Selection via VM.platform device-modā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0086
2.3 (3.1)
4.6 (4.0)
License Expiry Manipulation via Host.license_params expiry Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0085
2.3 (3.1)
4.6 (4.0)
Feature Restriction Bypass via Host.license_params resā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0084
3.1 (3.1)
5.3 (4.0)
Firmware Type Denial of Service via VM.HVM_boot_paramsā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0083
3.1 (3.1)
5.3 (4.0)
Boot Order Manipulation via VM.HVM_boot_params order Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0082
3.1 (3.1)
5.3 (4.0)
VDI Lifecycle Behavior Manipulation via VDI.other_confā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0081
3.1 (3.1)
5.3 (4.0)
I/O Polling Parameter Manipulation via VBD.other_confiā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0080
3.8 (3.1)
5.1 (4.0)
I/O Scheduler Sysfs Injection via SR.other_config scheduler Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0079
4.1 (3.1)
5.1 (4.0)
Network Sharing Bypass via Network.other_config assumeā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0078
4.3 (3.1)
2.3 (4.0)
Guest Clock Manipulation via VDI.other_config timeoffset Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0077
4.3 (3.1)
5.3 (4.0)
VIF NIC Offload Disablement via VIF.other_config ethtoā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0076
4.9 (3.1)
5.1 (4.0)
Network Offload Disablement via PIF.other_config ethtoā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0075
4.9 (3.1)
5.1 (4.0)
Memory Ratio Bounds Relaxation via Pool.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0074
4.9 (3.1)
6.9 (4.0)
GC and Coalesce Disablement via SR.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0073
4.9 (3.1)
5.1 (4.0)
SR Destruction Protection Bypass and DoS via SR.other_ā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0072
4.9 (3.1)
5.1 (4.0)
SR Scan Interval Manipulation via Host.other_config auā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0071
4.9 (3.1)
5.1 (4.0)
OVS In-Band Management Disablement via Network.other_config Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0070
5.0 (3.1)
5.3 (4.0)
Infrastructure Metadata Leak via SR-IOV VIF Xenstore Pā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0069
5.3 (3.1)
5.3 (4.0)
Hypervisor Security Feature Manipulation via VM.platfoā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0068
5.3 (3.1)
5.3 (4.0)
Guest Xenstore Data Injection via VM.platform Map Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0067
5.3 (3.1)
5.3 (4.0)
Cross-Pool Metadata Injection via VDI.xenstore_data onā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0066
5.3 (3.1)
5.3 (4.0)
Metadata Propagation via VDI Snapshot and Clone Operations Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0065
5.3 (3.1)
5.3 (4.0)
SCSI Identity Forgery in XAPI Database via VDI.xenstore_data Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0064
5.3 (3.1)
5.3 (4.0)
Database Field Poisoning via VDI.xenstore_data Arbitraā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0063
5.3 (3.1)
5.3 (4.0)
Negative kbps Injection in VIF.qos_algorithm_params Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0062
5.3 (3.1)
5.3 (4.0)
Rate Limit Removal via kbps=0 in VIF.qos_algorithm_params Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0061
5.3 (3.1)
5.3 (4.0)
I/O Scheduling Downgrade to Idle Class via VBD.qos_algā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
MOKSHA-2026-0060
5.3 (3.1)
5.3 (4.0)
Arbitrary Integer Passthrough to ionice via VBD.qos_alā€¦ Cloud Software Group
 XenServer
 2026-04-24T06:00:00Z
ID CVSS Description Vendor Product Published Updated
GCVE-1-2026-0015
7.2 (4.0)
Threat actors use FortiCloud SSO bypass to collect LDAā€¦ fortinet
 fortios
 2026-02-09T09:09:00.000Z 2026-02-09T09:14:59.004089Z
GCVE-1-2026-0014
7.4 (4.0)
Missing Authorization Check Allows Unauthorized Modifiā€¦ vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:32:14.341383Z 2026-02-04T19:32:14.341383Z
GCVE-1-2026-0013
2.1 (4.0)
Flask Application Username Route Collision Allows Reseā€¦ vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:27:00.000Z 2026-02-04T19:32:49.787763Z
GCVE-1-2026-0012
2.1 (4.0)
Authentication Error Message Allows Email Address Enumā€¦ vulnerability-lookup
 vulnerability-lookup
 2026-02-04T19:21:34.411344Z 2026-02-04T19:21:34.411344Z
GCVE-1-2026-0011
8.7 (4.0)
Out-of-bounds memory write in the network packet ā€¦ EA Games
 Command & Conquer: Generals
 2026-01-29T14:37:00.000Z 2026-01-29T14:39:17.728822Z
GCVE-1-2026-0010
9.3 (4.0)
Improper input validation in the file transfer haā€¦ EA Games
 Command & Conquer: Generals
 2026-01-29T14:33:18.822829Z 2026-01-29T14:33:18.822829Z
GCVE-1-2026-0009
9.3 (4.0)
Stack-based buffer overflow in the multiplayer neā€¦ EA Games
 Command & Conquer: Generals
 2026-01-29T14:30:38.596928Z 2026-01-29T14:30:38.596928Z
GCVE-1-2026-0008
10 (4.0)
gpg-agent stack buffer overflow in pkdecrypt using KEM gnupg
 gpg-agent
 2026-01-28T13:48:12.350509Z 2026-01-28T13:48:12.350509Z
GCVE-1-2026-0007
10 (4.0)
GNU InetUtils Security Advisory: remote authenticationā€¦ gnu
 InetUtils
 2026-01-20T20:57:00.000Z 2026-01-26T16:32:40.831364Z
GCVE-1-2026-0006
8.5 (4.0)
Improper Access Control in Cerebrate AuthKey and Encryā€¦ cerebrate
 cerebrate
 2026-01-13T15:37:17.337254Z 2026-01-13T15:37:17.337254Z
GCVE-1-2026-0005
8.5 (4.0)
Improper Access Control in Cerebrate Alignment Model Aā€¦ cerebrate
 cerebrate
 2026-01-13T15:31:00.000Z 2026-01-13T15:38:02.888546Z
GCVE-1-2026-0004
8.5 (4.0)
Authorization Bypass in Cerebrate IndividualsControlleā€¦ cerebrate
 cerebrate
 2026-01-13T15:28:00.000Z 2026-01-13T15:38:37.744618Z
GCVE-1-2026-0003
6.3 (4.0)
Stored/Reflected XSS via Unsanitized Parameters in URLā€¦ misp
 misp
 2026-01-13T10:50:00.000Z 2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002
10 (4.0)
Heap-buffer-overflow in EXIF writer for extra IFD tags ffmpeg
 ffmpeg
 2026-01-02T19:50:00.000Z 2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001
N/A
Bundle reference to gpg.fail gnupg
 gnupg
 2026-01-02T10:20:00.000Z 2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041
6.4 (4.0)
[online services] Reflected Cross-Site Scripting (XSS)ā€¦ typo3
 typo3
 2025-12-19T14:25:00.000Z 2025-12-19T14:54:51.594645Z
GCVE-1-2025-0040
7.2 (4.0)
A cross-site scripting (XSS) vulnerability was idā€¦ misp
 misp
 2025-12-13T08:44:32.378924Z 2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039
8.5 (4.0)
XSS Reintroduced in MISP Dashboard World Map Widget Duā€¦ misp
 misp
 2025-12-10T14:33:52.856734Z 2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038
5 (4.0)
Reflected XSS in MISP Template Tag Removal and MISP Adā€¦ misp
 misp
 2025-12-10T14:10:00.000Z 2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037
7 (4.0)
Reflected XSS in MISP Dashboard Widgets via Unescaped ā€¦ misp
 misp
 2025-12-10T14:01:03.200804Z 2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036
8.3 (4.0)
A reflected cross-site scripting (XSS) vulnerability wā€¦ misp
 misp
 2025-12-10T13:46:07.170083Z 2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035
8.3 (4.0)
Insufficient sanitization of bundle metadata (availablā€¦ CIRCL
 vulnerability-lookup
 2025-12-08T10:25:00.000Z 2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034
7 (4.0)
Missing CSRF protection on state-changing endpoints inā€¦ CIRCL
 vulnerability-lookup
 2025-12-08T10:19:00.000Z 2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033
8.1 (4.0)
Vulnerability-lookup did not track or limit failed Oneā€¦ CIRCL
 vulnerability-lookup
 2025-12-08T10:11:00.000Z 2025-12-08T12:12:53.235996Z
GCVE-1-2025-0032
10 (4.0)
The default configuration of WatchGuard Firebox deviceā€¦ watchguard
 firebox
 2025-12-03T16:25:00.000Z 2025-12-19T13:48:34.570799Z
GCVE-1-2025-0031
7.1 (4.0)
A cross-site scripting (XSS) vulnerability was identifā€¦ misp
 misp
 2025-12-03T10:58:00.000Z 2025-12-16T09:36:09.594750Z
GCVE-1-2025-0030
6.2 (4.0)
A cross-site scripting (XSS) vulnerability in the MISPā€¦ misp
 misp
 2025-12-03T10:53:00.000Z 2025-12-03T10:58:55.845341Z
GCVE-1-2025-0029
6.3 (4.0)
Reflected cross-site scripting (XSS) vulnerabilities iā€¦ misp
 misp
 2025-11-27T12:41:00.000Z 2025-11-27T12:48:51.085860Z
GCVE-1-2025-0028
8.5 (4.0)
Information leakage vulnerability in the MISP Feed conā€¦ misp
 misp
 2025-11-27T07:23:00.000Z 2025-12-02T08:51:35.429494Z
GCVE-1-2025-0027
9.4 (4.0)
Reflected cross-site scripting (XSS) vulnerability in ā€¦ misp
 misp
 2025-11-27T07:17:00.000Z 2025-12-02T08:51:04.323899Z
ID CVSS Description Vendor Product Published Updated
GCVE-1337-2026-00000000000000000000000000000000000000000000000001011111111111000111111110000000000000000000000000000000000000000000000000000000110
8.8 (3.1)
NSA Ghidra Auto-Analysis Annotation Command Execution NSA
 Ghidra
 2026-03-29T19:35:30.692Z 2026-03-29T19:35:30.692Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011
9.1 (3.1)
HexStrike AI MCP Server Command Injection 0x4m4
 HexStrike AI
 2025-11-30T21:27:56.057Z 2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100
6.5 (3.1)
Abilis CPX Fallback Shell Connection Relay Abilis
 CPX
 2025-11-04T00:23:23.924Z 2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010
7.3 (3.1)
Unitree Multiple Robotic Products Command Injection Unitree
 Go2
 2025-09-26T06:53:49.585Z 2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001
4.3 (3.1)
Unauthenticated leak of sensitive information affectinā€¦ Brother Industries, Ltd
 HL-L8260CDN
 2025-08-12T15:23:00.577Z 2025-08-15T05:53:23.017Z