Recent vulnerabilities
| ID | Description | Published | Updated |
|---|---|---|---|
| ghsa-vjcx-2xxh-mc9h | OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack due to the absence of prope… | 2025-12-13T03:30:10Z | 2025-12-13T03:30:10Z |
| ghsa-w8rj-5g22-x32j | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-r9xx-rmrv-8vpg | A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-r9x3-jhcx-h8m8 | A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown fu… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-33w4-5frm-xxvg | A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown fu… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-33jh-2f37-89xc | A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unk… | 2025-12-13T00:30:26Z | 2025-12-13T00:30:26Z |
| ghsa-vx9q-rhv9-3jvg | aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reuse… | 2025-12-12T22:12:22Z | 2025-12-12T22:12:22Z |
| ghsa-xgv8-hj8c-q8g5 | A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sonoma 14.… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-x99h-3hw3-9936 | An information disclosure issue was addressed with improved privacy controls. This issue is fixed i… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-w499-9j2p-8m3w | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-v8cp-m2g2-whfj | An information disclosure issue was addressed with improved privacy controls. This issue is fixed i… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-rm5f-hw9v-gxx7 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-rjjj-vg83-2j3w | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing re… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-r8ww-q8x3-4wc9 | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-p5pj-g9wc-c3v2 | An integer overflow was addressed by adopting 64-bit timestamps. This issue is fixed in macOS Sonom… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-mwm2-pvv7-x7ch | An inconsistent user interface issue was addressed with improved state management. This issue is fi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-mq2v-chph-r4rp | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-m8x7-m39c-62g2 | The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may b… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-jwqp-m44c-cw7x | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-jw27-39xw-8fjx | A memory corruption issue was addressed with improved lock state checking. This issue is fixed in w… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-hxrq-3q3q-73qm | A logic error was addressed with improved error handling. This issue is fixed in macOS Tahoe 26.1. … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-hr7m-hf2x-j4vh | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-hg42-5fw6-5rj9 | A parsing issue in the handling of directory paths was addressed with improved path validation. Thi… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-g7qx-4r9v-657r | A session management issue was addressed with improved checks. This issue is fixed in macOS Sonoma … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-fqh2-qgmv-w3w8 | This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may … | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-f9j9-m66j-c8p5 | A privacy issue was addressed with improved private data redaction for log entries. This issue is f… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-f6q6-cgpm-5wr2 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-cx5h-j8w3-whpr | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing re… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-cqf3-9crc-rw2h | A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Son… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ghsa-cpgx-69vf-4936 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ta… | 2025-12-12T21:31:39Z | 2025-12-12T21:31:39Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-14446 | Popup Builder <= 1.1.37 - Missing Authorization to Aut… |
ghozylab |
Popup Builder |
2025-12-13T04:31:34.148Z | 2025-12-13T04:31:34.148Z | |
| cve-2025-11693 | Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthe… |
recorp |
Export WP Pages to HTML & PDF – Simply Create a Static Website |
2025-12-13T04:31:33.724Z | 2025-12-13T04:31:33.724Z | |
| cve-2025-9488 | Redux Framework <= 4.5.8 - Authenticated (Contributor+… |
davidanderson |
Redux Framework |
2025-12-13T04:31:33.327Z | 2025-12-13T04:31:33.327Z | |
| cve-2025-12109 | Header Footer Script Adder – Insert Code in Header, Bo… |
mahethekiller |
Header Footer Script Adder – Insert Code in Header, Body & Footer |
2025-12-13T04:31:32.923Z | 2025-12-13T04:31:32.923Z | |
| cve-2025-13092 | Devs CRM – Manage tasks, attendance and teams all toge… |
ajitdas |
Devs CRM – Manage tasks, attendance and teams all together |
2025-12-13T04:31:32.532Z | 2025-12-13T04:31:32.532Z | |
| cve-2025-14394 | Popover Windows <= 1.2 - Cross-Site Request Forgery to… |
melodicmedia |
Popover Windows |
2025-12-13T04:31:32.153Z | 2025-12-13T04:31:32.153Z | |
| cve-2025-14365 | Eyewear prescription form <= 6.0.1 - Missing Authoriza… |
dugudlabs |
Eyewear prescription form |
2025-12-13T04:31:31.757Z | 2025-12-13T04:31:31.757Z | |
| cve-2025-12077 | WP to LinkedIn Auto Publish <= 1.9.8 - Reflected Cross… |
f1logic |
WP to LinkedIn Auto Publish |
2025-12-13T04:31:31.376Z | 2025-12-13T04:31:31.376Z | |
| cve-2025-11164 | Mavix Education <= 1.0 - Missing Authorization to Auth… |
creativthemes |
Mavix Education |
2025-12-13T04:31:30.999Z | 2025-12-13T04:31:30.999Z | |
| cve-2025-11707 | Login Lockdown & Protection <= 2.14 - IP Block Bypass |
webfactory |
Login Lockdown & Protection |
2025-12-13T04:31:30.625Z | 2025-12-13T04:31:30.625Z | |
| cve-2025-14440 | JAY Login & Register <= 2.4.01 - Authentication Bypass… |
jayarsiech |
JAY Login & Register |
2025-12-13T04:31:30.111Z | 2025-12-13T04:31:30.111Z | |
| cve-2025-14508 | MediaCommander – Bring Folders to Media, Posts, and Pa… |
yalogica |
MediaCommander – Bring Folders to Media, Posts, and Pages |
2025-12-13T04:31:29.716Z | 2025-12-13T04:31:29.716Z | |
| cve-2025-14539 | Shortcode Loader <= 1.0 - Unauthenticated Arbitrary Sh… |
rang501 |
Shortcode Ajax |
2025-12-13T04:31:29.334Z | 2025-12-13T04:31:29.334Z | |
| cve-2025-8617 | YITH WooCommerce Quick View <= 2.7.0 - Authenticated (… |
yithemes |
YITH WooCommerce Quick View |
2025-12-13T04:31:28.939Z | 2025-12-13T04:31:28.939Z | |
| cve-2025-14367 | Easy Theme Options <= 1.0 - Missing Authorization to A… |
corsonr |
Easy Theme Options |
2025-12-13T04:31:28.562Z | 2025-12-13T04:31:28.562Z | |
| cve-2025-7058 | Kingcabs <= 1.1.9 - Authenticated (Contributor+) Store… |
sparklewpthemes |
Kingcabs |
2025-12-13T04:31:28.116Z | 2025-12-13T04:31:28.116Z | |
| cve-2025-12076 | Social Media Auto Publish <= 3.6.5 - Reflected Cross-S… |
f1logic |
Social Media Auto Publish |
2025-12-13T04:31:27.720Z | 2025-12-13T04:31:27.720Z | |
| cve-2025-13093 | Devs CRM – Manage tasks, attendance and teams all toge… |
ajitdas |
Devs CRM – Manage tasks, attendance and teams all together |
2025-12-13T04:31:27.311Z | 2025-12-13T04:31:27.311Z | |
| cve-2025-13077 | افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms w… |
payamito |
افزونه پیامک ووکامرس فوق حرفه ای (جدید) payamito sms woocommerce |
2025-12-13T04:31:26.917Z | 2025-12-13T04:31:26.917Z | |
| cve-2025-14451 | Solutions Ad Manager <= 1.0.0 - Unauthenticated Open R… |
solutionsbysteve |
Solutions Ad Manager |
2025-12-13T04:31:26.523Z | 2025-12-13T04:31:26.523Z | |
| cve-2025-9218 | rtMedia for WordPress, BuddyPress and bbPress 4.7.0 - … |
rtcamp |
rtMedia for WordPress, BuddyPress and bbPress |
2025-12-13T04:31:26.133Z | 2025-12-13T04:31:26.133Z | |
| cve-2025-14288 | Gallery Blocks with Lightbox <= 3.3.0 - Missing Author… |
gallerycreator |
Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery |
2025-12-13T04:31:25.724Z | 2025-12-13T04:31:25.724Z | |
| cve-2025-13705 | Custom Frames <= 1.0.1 - Authenticated (Contributor+) … |
blakelong |
Custom Frames |
2025-12-13T04:31:25.273Z | 2025-12-13T04:31:25.273Z | |
| cve-2025-14476 | Doubly <= 1.0.46 - Authenticated (Subscriber+) PHP Obj… |
unitecms |
Doubly – Cross Domain Copy Paste for WordPress |
2025-12-13T04:31:24.887Z | 2025-12-13T04:31:24.887Z | |
| cve-2025-14475 | Extensive VC Addons for WPBakery page builder <= 1.9.1… |
nenad-obradovic |
Extensive VC Addons for WPBakery page builder |
2025-12-13T04:31:24.522Z | 2025-12-13T04:31:24.522Z | |
| cve-2025-14462 | Lucky Draw Contests <= 4.2 - Cross-Site Request Forger… |
owais4377 |
Lucky Draw Contests |
2025-12-13T04:31:24.121Z | 2025-12-13T04:31:24.121Z | |
| cve-2025-11376 | Colibri Page Builder <= 1.0.335 - Authenticated (Contr… |
extendthemes |
Colibri Page Builder |
2025-12-13T04:31:23.715Z | 2025-12-13T04:31:23.715Z | |
| cve-2025-13094 | WP3D Model Import Viewer <= 1.0.7 - Authenticated (Con… |
wp3d |
WP3D Model Import Viewer |
2025-12-13T04:31:23.325Z | 2025-12-13T04:31:23.325Z | |
| cve-2025-14447 | AnnunciFunebri Impresa <= 4.7.0 - Missing Authorizatio… |
pcantoni |
AnnunciFunebri Impresa |
2025-12-13T04:31:22.942Z | 2025-12-13T04:31:22.942Z | |
| cve-2025-14397 | Postem Ipsum <= 3.0.1 - Missing Authorization to Authe… |
franciscopalacios |
Postem Ipsum |
2025-12-13T04:31:22.541Z | 2025-12-13T04:31:22.541Z |
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| cve-2025-13970 | 8 (v3.1) 7 (v4.0) | OpenPLC_V3 Cross-Site Request Forgery |
OpenPLC_V3 |
OpenPLC_V3 |
2025-12-13T00:03:20.869Z | 2025-12-13T00:03:20.869Z |
| cve-2025-67749 | PCSX2 has an Out-of-bounds Read due to unchecked offse… |
PCSX2 |
pcsx2 |
2025-12-12T22:24:57.520Z | 2025-12-12T22:24:57.520Z | |
| cve-2025-67721 | Aircompressor's Snappy and LZ4 Java-based decompressor… |
airlift |
aircompressor |
2025-12-12T22:11:10.971Z | 2025-12-12T22:11:10.971Z | |
| cve-2025-14585 | itsourcecode COVID Tracking System page sql injection |
itsourcecode |
COVID Tracking System |
2025-12-12T22:32:08.732Z | 2025-12-12T22:32:08.732Z | |
| cve-2025-14584 | itsourcecode COVID Tracking System Admin Login login.p… |
itsourcecode |
COVID Tracking System |
2025-12-12T22:32:05.904Z | 2025-12-12T22:32:05.904Z | |
| cve-2025-14066 | N/A | {'providerMetadata': {'orgId': 'ceab7361-8a18-47b1-92ba-4d7d25f6715a', 'shortName': 'GitLab', 'dateUpdated': '2025-12-12T22:19:35.266Z'}, 'rejectedReasons': [{'lang': 'en', 'value': 'This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.'}]} | N/A | N/A | 2025-12-12T22:19:35.266Z | |
| cve-2025-14583 | campcodes Online Student Enrollment System register.ph… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:09.974Z | 2025-12-12T22:02:09.974Z | |
| cve-2025-14582 | campcodes Online Student Enrollment System index.php u… |
campcodes |
Online Student Enrollment System |
2025-12-12T22:02:07.303Z | 2025-12-12T22:02:07.303Z | |
| cve-2025-67750 | Lightning Flow Scanner is Vulnerable to Code Injection… |
Flow-Scanner |
lightning-flow-scanner |
2025-12-12T20:14:21.004Z | 2025-12-12T20:50:57.161Z | |
| cve-2025-67634 | Software Acquisition Guide Supplier Response Web Tool XSS |
CISA |
Software Acquisition Guide Tool |
2025-12-12T20:36:25.597Z | 2025-12-12T20:36:25.597Z | |
| cve-2025-46289 | N/A | A logic issue was addressed with improved file ha… |
Apple |
macOS |
2025-12-12T20:56:34.997Z | 2025-12-12T20:56:34.997Z |
| cve-2025-46287 | N/A | An inconsistent user interface issue was addresse… |
Apple |
macOS |
2025-12-12T20:56:48.646Z | 2025-12-12T20:56:48.646Z |
| cve-2025-46285 | N/A | An integer overflow was addressed by adopting 64-… |
Apple |
macOS |
2025-12-12T20:56:40.352Z | 2025-12-12T20:56:40.352Z |
| cve-2025-46276 | N/A | An information disclosure issue was addressed wit… |
Apple |
macOS |
2025-12-12T20:56:27.674Z | 2025-12-12T20:56:27.674Z |
| cve-2025-43542 | N/A | This issue was addressed with improved state mana… |
Apple |
macOS |
2025-12-12T20:56:57.008Z | 2025-12-12T20:56:57.008Z |
| cve-2025-43539 | N/A | The issue was addressed with improved bounds chec… |
Apple |
macOS |
2025-12-12T20:56:58.101Z | 2025-12-12T20:56:58.101Z |
| cve-2025-43538 | N/A | A logging issue was addressed with improved data … |
Apple |
macOS |
2025-12-12T20:56:59.178Z | 2025-12-12T20:56:59.178Z |
| cve-2025-43532 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2025-12-12T20:56:45.545Z | 2025-12-12T20:56:45.545Z |
| cve-2025-43530 | N/A | This issue was addressed with improved checks. Th… |
Apple |
macOS |
2025-12-12T20:56:36.039Z | 2025-12-12T20:56:36.039Z |
| cve-2025-43527 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:31.854Z | 2025-12-12T20:56:31.854Z |
| cve-2025-43523 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:54.939Z | 2025-12-12T20:56:54.939Z |
| cve-2025-43522 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-12-12T20:57:04.786Z | 2025-12-12T20:57:04.786Z |
| cve-2025-43521 | N/A | A downgrade issue affecting Intel-based Mac compu… |
Apple |
macOS |
2025-12-12T20:56:17.101Z | 2025-12-12T20:56:17.101Z |
| cve-2025-43520 | N/A | A memory corruption issue was addressed with impr… |
Apple |
macOS |
2025-12-12T20:56:25.542Z | 2025-12-12T20:56:25.542Z |
| cve-2025-43519 | N/A | A permissions issue was addressed with additional… |
Apple |
macOS |
2025-12-12T20:56:52.823Z | 2025-12-12T20:56:52.823Z |
| cve-2025-43518 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:57:05.818Z | 2025-12-12T20:57:05.818Z |
| cve-2025-43517 | N/A | A privacy issue was addressed with improved priva… |
Apple |
macOS |
2025-12-12T20:56:19.259Z | 2025-12-12T20:56:19.259Z |
| cve-2025-43516 | N/A | A session management issue was addressed with imp… |
Apple |
macOS |
2025-12-12T20:56:22.471Z | 2025-12-12T20:56:22.471Z |
| cve-2025-43513 | N/A | A permissions issue was addressed by removing the… |
Apple |
macOS |
2025-12-12T20:56:41.283Z | 2025-12-12T20:56:41.283Z |
| cve-2025-43512 | N/A | A logic issue was addressed with improved checks.… |
Apple |
macOS |
2025-12-12T20:56:51.767Z | 2025-12-12T20:56:51.767Z |
| ID | Description | Package | Published | Updated |
|---|---|---|---|---|
| pysec-2025-52 | gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation. | mlflow | 2025-06-23T15:15:29Z | 2025-12-05T13:25:55.146081Z |
| pysec-2024-85 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:05:38.757067Z |
| pysec-2024-84 | Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:23:14.975110Z |
| pysec-2024-83 | Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:05:38.565488Z |
| pysec-2024-82 | Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB… | mindsdb | 2024-09-12T13:15:00Z | 2025-12-09T17:23:14.749401Z |
| pysec-2023-278 | MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1… | mindsdb | 2023-12-11T21:15:00Z | 2025-12-09T17:05:38.354023Z |
| pysec-2020-220 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll… | ansible | 2020-10-05T14:15:00Z | 2025-10-31T04:43:53.616247Z |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| mal-2025-192560 | Malicious code in kashif-mallah-fca (npm) | 2025-12-12T06:36:00Z | 2025-12-12T06:36:00Z |
| mal-2025-192559 | Malicious code in iraza2-fca (npm) | 2025-12-12T06:35:59Z | 2025-12-12T06:36:00Z |
| mal-2025-192567 | Malicious code in uba-plugins (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:06Z |
| mal-2025-192563 | Malicious code in sd-pay-ts (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:06Z |
| mal-2025-192562 | Malicious code in sd-pay (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192561 | Malicious code in pp-js-lib (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192558 | Malicious code in eslint-config-zoo (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192556 | Malicious code in cms_comp_static (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192555 | Malicious code in cms_comp (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192554 | Malicious code in camscanner-seo (npm) | 2025-12-12T06:34:06Z | 2025-12-12T06:34:11Z |
| mal-2025-192565 | Malicious code in sdbao-content-sems (npm) | 2025-12-12T06:34:05Z | 2025-12-12T06:34:06Z |
| mal-2025-192564 | Malicious code in sdbao-content-report (npm) | 2025-12-12T06:34:05Z | 2025-12-12T06:34:06Z |
| mal-2025-192557 | Malicious code in cos-js-sdk-v6 (npm) | 2025-12-12T06:34:05Z | 2025-12-12T06:34:06Z |
| mal-2025-192553 | Malicious code in abrhide (npm) | 2025-12-12T06:31:55Z | 2025-12-12T06:31:56Z |
| mal-2025-192566 | Malicious code in shopify-monorail (npm) | 2025-12-12T06:31:00Z | 2025-12-12T06:31:06Z |
| mal-2025-192552 | Malicious code in hfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:27Z |
| mal-2025-192551 | Malicious code in gfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:32Z |
| mal-2025-192550 | Malicious code in fruit-malicious-xml-parser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192549 | Malicious code in ffruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:27Z |
| mal-2025-192548 | Malicious code in efruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:31Z |
| mal-2025-192547 | Malicious code in dfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:31Z |
| mal-2025-192546 | Malicious code in cfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192545 | Malicious code in bfruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192544 | Malicious code in afruitmaliciousxmlparser (npm) | 2025-12-12T02:25:26Z | 2025-12-12T02:25:26Z |
| mal-2025-192540 | Malicious code in elf-stats-twinkling-wishlist-283 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192539 | Malicious code in elf-stats-twinkling-bell-867 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192538 | Malicious code in elf-stats-tinsel-sleigh-669 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192537 | Malicious code in elf-stats-tinsel-cookiejar-315 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192536 | Malicious code in elf-stats-sugarplum-wishlist-141 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| mal-2025-192535 | Malicious code in elf-stats-sugarplum-toolkit-176 (npm) | 2025-12-11T19:46:09Z | 2025-12-11T19:46:09Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| wid-sec-w-2025-2814 | Google Chrome/Microsoft Edge: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff | 2025-12-10T23:00:00.000+00:00 | 2025-12-11T23:00:00.000+00:00 |
| wid-sec-w-2025-2789 | Adobe Experience Manager: Mehrere Schwachstellen | 2025-12-09T23:00:00.000+00:00 | 2025-12-10T23:00:00.000+00:00 |
| wid-sec-w-2025-2751 | WebKitGTK: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2750 | Apache HTTP Server: Mehrere Schwachstellen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2746 | IBM InfoSphere Information Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-12-04T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2738 | Vercel Next.js und React Server Components (React2Shell): Schwachstelle ermöglicht Codeausführung | 2025-12-03T23:00:00.000+00:00 | 2025-12-04T23:00:00.000+00:00 |
| wid-sec-w-2025-2730 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-12-02T23:00:00.000+00:00 | 2025-12-03T23:00:00.000+00:00 |
| wid-sec-w-2025-2717 | Django: Mehrere Schwachstellen | 2025-12-02T23:00:00.000+00:00 | 2025-12-02T23:00:00.000+00:00 |
| wid-sec-w-2025-2711 | Android Patchday Dezember 2025: Mehrere Schwachstellen | 2025-12-01T23:00:00.000+00:00 | 2025-12-08T23:00:00.000+00:00 |
| wid-sec-w-2025-2703 | Zabbix: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2701 | xwiki (XJetty): Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2700 | CODESYS Control und Development System: Mehrere Schwachstellen | 2025-11-30T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| wid-sec-w-2025-2697 | Devolutions Remote Desktop Manager und Server: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-30T23:00:00.000+00:00 | 2025-11-30T23:00:00.000+00:00 |
| wid-sec-w-2025-2687 | Apache CloudStack: Mehrere Schwachstellen | 2025-11-26T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2676 | GeoServer: Mehrere Schwachstellen | 2025-11-25T23:00:00.000+00:00 | 2025-12-11T23:00:00.000+00:00 |
| wid-sec-w-2025-2670 | Fluent Bit: Mehrere Schwachstellen | 2025-11-24T23:00:00.000+00:00 | 2025-11-25T23:00:00.000+00:00 |
| wid-sec-w-2025-2667 | Janitza UMG 96-PA und UMG 96-PA-MID+: Schwachstelle ermöglicht Denial of Service | 2025-11-23T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2663 | libpng: Mehrere Schwachstellen | 2025-11-23T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2661 | Google Cloud Platform (Looker): Schwachstelle ermöglicht Ausführen von beliebigem Programmcode | 2025-11-23T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2655 | CUPS-Filters: Schwachstelle ermöglicht Codeausführung | 2025-11-20T23:00:00.000+00:00 | 2025-11-24T23:00:00.000+00:00 |
| wid-sec-w-2025-2654 | MongoDB (Server): Schwachstelle ermöglicht Denial of Service | 2025-11-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2653 | Microsoft Visual Studio Code: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-11-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2652 | Red Hat Satellite: Schwachstelle ermöglicht Offenlegung von Informationen | 2025-11-20T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2651 | GnuTLS: Schwachstelle ermöglicht nicht spezifizierten Angriff | 2025-11-19T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2649 | Google Cloud Platform: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen | 2025-11-19T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2647 | SonicWall Email Security: Mehrere Schwachstellen | 2025-11-19T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2643 | Wireshark: Mehrere Schwachstellen ermöglichen Denial of Service | 2025-11-19T23:00:00.000+00:00 | 2025-11-26T23:00:00.000+00:00 |
| wid-sec-w-2025-2640 | SonicWall SSL-VPN: Schwachstelle ermöglicht Denial of Service | 2025-11-19T23:00:00.000+00:00 | 2025-11-20T23:00:00.000+00:00 |
| wid-sec-w-2025-2638 | Grub: Mehrere Schwachstellen | 2025-11-18T23:00:00.000+00:00 | 2025-11-27T23:00:00.000+00:00 |
| wid-sec-w-2025-2636 | OpenVPN: Mehrere Schwachstellen | 2025-11-18T23:00:00.000+00:00 | 2025-12-01T23:00:00.000+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| ssa-512988 | SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512 | 2025-12-12T00:00:00Z | 2025-12-12T00:00:00Z |
| ssa-915282 | SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-912274 | SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-882673 | SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-868571 | SSA-868571: Missing Server Certificate Validation in IAM Client | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-763474 | SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-734261 | SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-710408 | SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-626856 | SSA-626856: Multiple Vulnerabilities in SINEMA Remote Connect Sever Before V3.2 SP4 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-471761 | SSA-471761: Multiple Vulnerabilities in SICAM T Before V3.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-420375 | SSA-420375: Improper Integrity Check of Firmware Updates in Building X - Security Manager Edge Controller (ACC-AP) | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-416652 | SSA-416652: Multiple Vulnerabilities in SIMATIC CN 4100 Before V4.0.1 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-356310 | SSA-356310: Multiple Vulnerabilities in Gridscale X Prepay | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-212953 | SSA-212953: Multiple Vulnerabilities in COMOS | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-202008 | SSA-202008: Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0 | 2025-12-09T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-241605 | SSA-241605: Out of Bounds Read in PS/IGES Parasolid Translator Component Before V29.0.258 | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-190588 | SSA-190588: Cross-Site Scripting Vulnerability in Mendix Rich Text Widget | 2025-11-17T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-682326 | SSA-682326: Multiple Vulnerabilities in COMOS before V10.4.5 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-522291 | SSA-522291: Improper Certificate Validation Vulnerability in Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-514895 | SSA-514895: Multiple Vulnerabilities in Altair Grid Engine V2025.1.0 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-365596 | SSA-365596: DLL Hijacking Vulnerability in Siemens Software Center and Solid Edge | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-339694 | SSA-339694: Multiple Vulnerabilities in Spectrum Power 4 Before v4.70 SP12 Security Patch 2 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-267056 | SSA-267056: Multiple Vulnerabilities in LOGO! 8 BM Devices | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-201498 | SSA-201498: Multiple Vulnerabilities in the Web Server of SICAM P850 and SICAM P855 Devices Before V3.11 | 2025-11-11T00:00:00Z | 2025-11-11T00:00:00Z |
| ssa-978177 | SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices | 2025-08-12T00:00:00Z | 2025-11-17T00:00:00Z |
| ssa-693808 | SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-493396 | SSA-493396: Deserialization Vulnerability in Siemens Engineering Platforms | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-282044 | SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery | 2025-08-12T00:00:00Z | 2025-12-09T00:00:00Z |
| ssa-693776 | SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2 | 2025-06-10T00:00:00Z | 2025-06-10T00:00:00Z |
| ssa-633269 | SSA-633269: Incorrect Authorization Check Vulnerability in Industrial Communication Devices based on SINEC OS before V3.1 | 2025-06-10T00:00:00Z | 2025-06-10T00:00:00Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| rhsa-2025:22345 | Red Hat Security Advisory: Red Hat OpenShift Developer Tools - Source-to-Image 1.5.2 | 2025-11-27T22:06:09+00:00 | 2025-11-27T23:59:25+00:00 |
| rhsa-2025:22287 | Red Hat Security Advisory: Red Hat Quay 3.9 | 2025-11-27T14:54:51+00:00 | 2025-11-29T06:53:27+00:00 |
| rhsa-2025:21829 | Red Hat Security Advisory: OpenShift Container Platform 4.12.83 bug fix and security update | 2025-11-27T12:20:57+00:00 | 2025-11-27T17:38:04+00:00 |
| rhsa-2025:21824 | Red Hat Security Advisory: OpenShift Container Platform 4.16.53 bug fix and security update | 2025-11-27T11:08:51+00:00 | 2025-11-27T17:38:15+00:00 |
| rhsa-2025:21795 | Red Hat Security Advisory: OpenShift Container Platform 4.18.29 bug fix and security update | 2025-11-27T04:24:21+00:00 | 2025-11-27T17:38:14+00:00 |
| rhsa-2025:22205 | Red Hat Security Advisory: bind security update | 2025-11-26T21:38:30+00:00 | 2025-11-27T11:41:16+00:00 |
| rhsa-2025:22190 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update | 2025-11-26T17:02:38+00:00 | 2025-11-26T21:26:25+00:00 |
| rhsa-2025:22188 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 Security update | 2025-11-26T16:59:23+00:00 | 2025-11-26T21:26:20+00:00 |
| rhsa-2025:22187 | Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.2 security update | 2025-11-26T16:59:20+00:00 | 2025-11-26T21:26:20+00:00 |
| rhsa-2025:22181 | Red Hat Security Advisory: golang security update | 2025-11-26T15:05:54+00:00 | 2025-11-27T23:59:23+00:00 |
| rhsa-2025:22182 | Red Hat Security Advisory: Red Hat Quay 3.10.16 | 2025-11-26T14:52:57+00:00 | 2025-11-29T06:53:26+00:00 |
| rhsa-2025:22179 | Red Hat Security Advisory: RHSA 4.8.6 security and bug fix update | 2025-11-26T13:57:08+00:00 | 2025-11-26T15:51:13+00:00 |
| rhsa-2025:22177 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T13:19:45+00:00 | 2025-11-27T14:15:58+00:00 |
| rhsa-2025:22175 | Red Hat Security Advisory: expat security update | 2025-11-26T11:07:19+00:00 | 2025-11-27T11:41:12+00:00 |
| rhsa-2025:22168 | Red Hat Security Advisory: bind9.16 security update | 2025-11-26T07:25:14+00:00 | 2025-11-27T03:24:39+00:00 |
| rhsa-2025:22167 | Red Hat Security Advisory: tigervnc security update | 2025-11-26T07:17:26+00:00 | 2025-11-26T15:30:40+00:00 |
| rhsa-2025:22163 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T05:49:49+00:00 | 2025-11-27T14:15:58+00:00 |
| rhsa-2025:22164 | Red Hat Security Advisory: tigervnc security update | 2025-11-26T05:26:30+00:00 | 2025-11-26T09:25:19+00:00 |
| rhsa-2025:22162 | Red Hat Security Advisory: libxml2 security update | 2025-11-26T05:26:29+00:00 | 2025-11-27T14:16:01+00:00 |
| rhsa-2025:22124 | Red Hat Security Advisory: kernel-rt security update | 2025-11-25T18:17:51+00:00 | 2025-11-25T21:29:42+00:00 |
| rhsa-2025:22095 | Red Hat Security Advisory: kernel security update | 2025-11-25T17:26:16+00:00 | 2025-11-25T21:29:44+00:00 |
| rhsa-2025:22096 | Red Hat Security Advisory: tigervnc security update | 2025-11-25T17:25:56+00:00 | 2025-11-26T09:25:17+00:00 |
| rhsa-2025:22087 | Red Hat Security Advisory: kernel-rt security update | 2025-11-25T16:42:52+00:00 | 2025-11-25T21:29:43+00:00 |
| rhsa-2025:22090 | Red Hat Security Advisory: Red Hat build of Keycloak 26.4.6 Images Security Update | 2025-11-25T16:24:09+00:00 | 2025-11-27T06:34:39+00:00 |
| rhsa-2025:22088 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.11 Images Security Update | 2025-11-25T16:12:38+00:00 | 2025-11-28T05:32:35+00:00 |
| rhsa-2025:22091 | Red Hat Security Advisory: Red Hat build of Keycloak 26.4.6 Security Update | 2025-11-25T16:07:25+00:00 | 2025-11-27T06:34:41+00:00 |
| rhsa-2025:22089 | Red Hat Security Advisory: Red Hat build of Keycloak 26.2.11 Security Update | 2025-11-25T16:06:13+00:00 | 2025-11-28T05:32:35+00:00 |
| rhsa-2025:22077 | Red Hat Security Advisory: tigervnc security update | 2025-11-25T13:07:15+00:00 | 2025-11-26T09:25:18+00:00 |
| rhsa-2025:22072 | Red Hat Security Advisory: kernel security update | 2025-11-25T12:37:05+00:00 | 2025-11-25T21:29:42+00:00 |
| rhsa-2025:22068 | Red Hat Security Advisory: RHTAS 1.3.1 - Tech Preview Release of Model Transparency | 2025-11-25T11:12:13+00:00 | 2025-11-25T15:44:17+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| msrc_cve-2025-64680 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64679 | Windows DWM Core Library Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64678 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64673 | Windows Storage VSP Driver Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64672 | Microsoft SharePoint Server Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64671 | GitHub Copilot for Jetbrains Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64670 | Windows DirectX Information Disclosure Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64669 | Windows Admin Center Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-11T08:00:00.000Z |
| msrc_cve-2025-64667 | Microsoft Exchange Server Spoofing Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64666 | Microsoft Exchange Server Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64661 | Windows Shell Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-64658 | Windows File Explorer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62573 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62572 | Application Information Service Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62571 | Windows Installer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62570 | Windows Camera Frame Server Monitor Information Disclosure Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62569 | Microsoft Brokering File System Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62567 | Windows Hyper-V Denial of Service Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62565 | Windows File Explorer Elevation of Privilege Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62564 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62563 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62562 | Microsoft Outlook Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62561 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62560 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62559 | Microsoft Word Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62558 | Microsoft Word Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62557 | Microsoft Office Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62556 | Microsoft Excel Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62555 | Microsoft Word Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| msrc_cve-2025-62554 | Microsoft Office Remote Code Execution Vulnerability | 2025-12-09T08:00:00.000Z | 2025-12-09T08:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| icsma-25-345-02 | Varex Imaging Panoramic Dental Imaging Software | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsma-25-345-01 | Grassroots DICOM (GDCM) | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-10 | OpenPLC_V3 | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-03 | AzeoTech DAQFactory | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-02 | Johnson Controls iSTAR Ultra | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| icsa-25-345-01 | Johnson Controls iSTAR | 2025-12-11T07:00:00.000000Z | 2025-12-11T07:00:00.000000Z |
| va-25-343-01 | Windscribe for Linux 'changeMTU' local privilege escalation | 2025-12-10T16:46:41Z | 2025-12-10T16:46:41Z |
| icsa-25-343-01 | Universal Boot Loader (U-Boot) | 2025-12-09T07:00:00.000000Z | 2025-12-09T07:00:00.000000Z |
| icsa-25-343-03 | Multiple India-based CCTV Cameras** | 2025-12-09T05:00:00.000000Z | 2025-12-09T05:00:00.000000Z |
| icsa-25-345-09 | Siemens Gridscale X Prepay | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-08 | Siemens Energy Services | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-07 | Siemens Building X - Security Manager Edge Controller | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-06 | Siemens SINEMA Remote Connect Server | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-05 | Siemens Advanced Licensing (SALT) Toolkit | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-345-04 | Siemens IAM Client | 2025-12-09T00:00:00.000000Z | 2025-12-09T00:00:00.000000Z |
| icsa-25-338-07 | Advantech iView | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-06 | SolisCloud Monitoring Platform | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-05 | Sunbird DCIM dcTrack and Power IQ | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-04 | Johnson Controls iSTAR | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-03 | Johnson Controls OpenBlue Mobile Web Application for OpenBlue Workplace | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-02 | MAXHUB Pivot | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsa-25-338-01 | Mitsubishi Electric GX Works2 | 2025-12-04T07:00:00.000000Z | 2025-12-04T07:00:00.000000Z |
| icsma-25-336-01 | Mirion Medical EC2 Software NMIS BioDose | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-02 | Iskra iHUB and iHUB Lite | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-336-01 | Industrial Video & Control Longwatch | 2025-12-02T07:00:00.000000Z | 2025-12-02T07:00:00.000000Z |
| icsa-25-329-06 | SiRcom SMART Alert (SiSA) | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-05 | Festo Compact Vision System, Control Block, Controller, and Operator Unit products | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-03 | Zenitel TCIV-3+ | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-02 | Rockwell Automation Arena Simulation | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| icsa-25-329-01 | Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share | 2025-11-25T07:00:00.000000Z | 2025-11-25T07:00:00.000000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| cisco-sa-react-flight-tyw32ddb | Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025 | 2025-12-04T16:00:00+00:00 | 2025-12-11T22:12:34+00:00 |
| cisco-sa-privesc-catc-ryjreelu | Cisco Catalyst Center Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-xss-wextvz59 | Cisco Catalyst Center Cross-Site Scripting Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-dnac-ci-zwlqvswt | Cisco Catalyst Center REST API Command Injection Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-priv-esc-vs8eecux | Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-catc-open-redirect-3w5bk3je | Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability | 2025-11-13T16:00:00+00:00 | 2025-11-13T16:00:00+00:00 |
| cisco-sa-ise-radsupress-dos-8yf3jthh | Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability | 2025-11-05T16:00:00+00:00 | 2025-11-05T16:00:00+00:00 |
| cisco-sa-ise-multiple-vulns-o9beswjh | Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-12-04T14:23:54+00:00 |
| cisco-sa-cc-unauth-rce-qen8h7mq | Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-13T12:48:42+00:00 |
| cisco-sa-cc-mult-vuln-gk4tfxsn | Multiple Cisco Contact Center Products Vulnerabilities | 2025-11-05T16:00:00+00:00 | 2025-11-18T14:49:09+00:00 |
| cisco-sa-snort3-mime-vulns-ttl8pgvh | Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-roomos-inf-disc-qggsbxam | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-phone-dos-fpyjlv7a | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities | 2025-10-15T16:00:00+00:00 | 2025-10-15T16:00:00+00:00 |
| cisco-sa-http-code-exec-wmfp3h3o | Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:51+00:00 |
| cisco-sa-asaftd-webvpn-z5xp8eub | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:54+00:00 |
| cisco-sa-asaftd-webvpn-yrootuw | Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability | 2025-09-25T16:00:00+00:00 | 2025-11-06T15:50:55+00:00 |
| cisco-sa-secboot-uqfd8avc | Cisco IOS XE Software Secure Boot Bypass Vulnerabilities | 2025-09-24T16:00:00+00:00 | 2025-10-15T15:57:29+00:00 |
| cisco-sa-broadworks-xss-o696ymra | Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability | 2025-07-02T16:00:00+00:00 | 2025-10-21T15:13:31+00:00 |
| ID | Description | Published | Updated |
|---|---|---|---|
| sca-2025-0014 | CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC | 2025-11-03T11:00:00.000Z | 2025-11-03T14:00:00.000Z |
| sca-2025-0013 | Vulnerabilities affecting SICK TLOC100-100 | 2025-10-27T14:00:00.000Z | 2025-11-11T14:00:00.000Z |
| sca-2025-0012 | Sudo vulnerability affects SICK SID products | 2025-10-27T11:00:00.000Z | 2025-10-27T14:00:00.000Z |
| sca-2025-0011 | Vulnerabilities affecting Endress+Hauser SSG-E210GC | 2025-10-02T13:00:00.000Z | 2025-10-02T13:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| nn-2025:11-01 | Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0 | 2025-11-25T11:00:00.000Z | 2025-11-26T11:00:00.000Z |
| ID | Description | Published | Updated |
|---|---|---|---|
| oxdc-adv-2025-0001 | OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001 | 2025-10-31T00:00:00+00:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0003 | OX App Suite Security Advisory OXAS-ADV-2025-0003 | 2025-09-24T00:00:00+02:00 | 2025-11-27T00:00:00+00:00 |
| oxas-adv-2025-0002 | OX App Suite Security Advisory OXAS-ADV-2025-0002 | 2025-08-12T00:00:00+02:00 | 2025-10-31T00:00:00+00:00 |
| ID | Description | Updated |
|---|
| ID | Description | Published | Updated |
|---|---|---|---|
| jvndb-2025-000115 | QND vulnerable to privilege escalation | 2025-12-11T14:33+09:00 | 2025-12-11T14:33+09:00 |
| jvndb-2025-021305 | Android App "Brother iPrint&Scan" improper use of an external cache directory | 2025-12-09T17:25+09:00 | 2025-12-09T17:25+09:00 |
| jvndb-2025-000114 | ELECOM Clone for Windows registers a Windows service with an unquoted file path | 2025-12-09T17:16+09:00 | 2025-12-09T17:16+09:00 |
| jvndb-2025-000113 | Multiple vulnerabilities in GroupSession | 2025-12-08T17:48+09:00 | 2025-12-11T11:30+09:00 |
| jvndb-2025-000116 | GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths | 2025-12-08T14:06+09:00 | 2025-12-08T14:06+09:00 |
| jvndb-2025-000094 | Multiple vulnerabilities in ABB Terra AC Wallbox | 2025-12-05T14:12+09:00 | 2025-12-05T14:12+09:00 |
| jvndb-2025-000112 | Installer of INZONE Hub may insecurely load Dynamic Link Libraries | 2025-11-28T13:36+09:00 | 2025-11-28T13:36+09:00 |
| jvndb-2025-000111 | SwitchBot Smart Video Doorbell vulnerable to active debug code | 2025-11-26T14:35+09:00 | 2025-11-26T14:35+09:00 |
| jvndb-2025-000110 | Multiple vulnerabilities in Security Point (Windows) of MaLion | 2025-11-25T17:17+09:00 | 2025-11-25T17:17+09:00 |
| jvndb-2025-000109 | Multiple vulnerabilities in SNC-CX600W | 2025-11-25T14:59+09:00 | 2025-11-25T14:59+09:00 |
| jvndb-2025-000108 | "FOD" App uses hard-coded cryptographic keys | 2025-11-25T14:15+09:00 | 2025-11-25T14:15+09:00 |
| jvndb-2025-000106 | Multiple vulnerabilities in LogStare Collector | 2025-11-21T16:27+09:00 | 2025-11-21T16:27+09:00 |
| jvndb-2025-019621 | EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts | 2025-11-21T15:31+09:00 | 2025-11-21T15:31+09:00 |
| jvndb-2025-000107 | Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries | 2025-11-19T16:22+09:00 | 2025-11-19T16:22+09:00 |
| jvndb-2025-000097 | "Dejira" App for iOS vulnerable to improper server certificate verification | 2025-11-17T14:09+09:00 | 2025-11-17T14:09+09:00 |
| jvndb-2025-000105 | NCP-HG100 vulnerable to OS command injection | 2025-11-14T15:26+09:00 | 2025-11-14T15:26+09:00 |
| jvndb-2025-000104 | Multiple vulnerabilities in GNU Libmicrohttpd | 2025-11-10T15:07+09:00 | 2025-11-10T15:07+09:00 |
| jvndb-2025-000103 | Use of password hash with insufficient computational effort vulnerability in BUFFALO Wi-Fi router "WSR-1800AX4 series" | 2025-11-07T15:39+09:00 | 2025-11-07T15:39+09:00 |
| jvndb-2025-000102 | CLUSTERPRO X and EXPRESSCLUSTER X vulnerable to OS command injection | 2025-11-07T14:55+09:00 | 2025-11-07T14:55+09:00 |
| jvndb-2025-000101 | GROWI vulnerable to stored cross-site scripting | 2025-11-06T13:45+09:00 | 2025-11-06T13:45+09:00 |
| jvndb-2025-017972 | Multiple vulnerabilities in Century Systems FutureNet MA and IP-K series | 2025-11-04T16:37+09:00 | 2025-11-04T16:37+09:00 |
| jvndb-2025-000100 | Multiple Roboticsware products register Windows services with unquoted file paths | 2025-11-04T14:17+09:00 | 2025-11-04T14:17+09:00 |
| jvndb-2025-000098 | Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path | 2025-11-04T13:51+09:00 | 2025-11-04T13:51+09:00 |
| jvndb-2025-000099 | Progress Flowmon vulnerable to authenticated OS command injection | 2025-11-04T12:47+09:00 | 2025-11-04T12:47+09:00 |
| jvndb-2025-000096 | Installer of WTW EAGLE (for Windows) may insecurely load Dynamic Link Libraries | 2025-10-29T14:17+09:00 | 2025-10-29T14:17+09:00 |
| jvndb-2025-000095 | MZK-DP300N uses hard-coded credentials | 2025-10-28T14:04+09:00 | 2025-10-28T14:04+09:00 |
| jvndb-2025-000093 | Multiple stored cross-site scripting vulnerabilities in Pleasanter | 2025-10-24T15:11+09:00 | 2025-10-24T15:11+09:00 |
| jvndb-2025-000084 | GROWI vulnerable to cross-site scripting | 2025-10-22T15:44+09:00 | 2025-10-22T15:44+09:00 |
| jvndb-2025-000091 | Multiple I-O DATA NAS management applications register Windows services with unquoted file paths | 2025-10-22T15:04+09:00 | 2025-12-10T16:20+09:00 |
| jvndb-2025-000090 | Multiple stored cross-site scripting vulnerabilities in Movable Type | 2025-10-22T13:54+09:00 | 2025-10-22T13:54+09:00 |
| ID | Description | Updated |
|---|
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010 | 7.3 (v3.1) | Unitree Multiple Robotic Products Command Injection |
Unitree |
Go2 |
2025-09-26T06:53:49.585Z | 2025-09-26T15:16:57.586Z |
| gcve-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001 | 4.3 (v3.1) | Unauthenticated leak of sensitive information affectin… |
Brother Industries, Ltd |
HL-L8260CDN |
2025-08-12T15:23:00.577Z | 2025-08-15T05:53:23.017Z |