Recent vulnerabilities

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-68212	N/A	fs: Fix uninitialized 'offp' in statmount_string()	Linux	Linux	2025-12-16T13:57:08.327Z	2026-01-17T15:46:46.600Z
CVE-2025-68211	N/A	ksm: use range-walk function to jump over holes in sca…	Linux	Linux	2025-12-16T13:48:37.959Z	2026-01-17T15:46:02.667Z
CVE-2025-40149	N/A	tls: Use __sk_dst_get() and dst_dev_rcu() in get_netde…	Linux	Linux	2025-11-12T10:23:27.122Z	2026-01-17T15:46:01.470Z
CVE-2025-22121	N/A	ext4: fix out-of-bound read in ext4_xattr_inode_dec_re…	Linux	Linux	2025-04-16T14:13:05.894Z	2026-01-17T15:45:55.260Z
CVE-2025-7195	5.2 (3.1)	Operator-sdk: privilege escalation due to incorrect pe…	operator-framework	operator-sdk	2025-08-07T19:05:08.756Z	2026-01-17T15:40:52.891Z
CVE-2025-68803	N/A	NFSD: NFSv4 file creation neglects setting ACL	Linux	Linux	2026-01-13T15:29:11.732Z	2026-01-17T15:37:56.855Z
CVE-2025-68792	N/A	tpm2-sessions: Fix out of range indexing in name_size	Linux	Linux	2026-01-13T15:29:04.226Z	2026-01-17T15:37:55.698Z
CVE-2025-37822	N/A	riscv: uprobes: Add missing fence.i after building the…	Linux	Linux	2025-05-08T06:26:16.209Z	2026-01-17T15:37:52.150Z
CVE-2025-15530	6.9 (4.0) 5.3 (3.1) 5.3 (3.0)	Open5GS s11-handler.c assertion	n/a	Open5GS	2026-01-17T11:02:06.505Z	2026-01-17T11:02:06.505Z
CVE-2025-8615	6.4 (3.1)	CubeWP <= 1.1.26 - Authenticated (Contributor+) Stored…	cubewp1211	CubeWP Framework	2026-01-17T08:24:32.192Z	2026-01-17T08:24:32.192Z
CVE-2025-14078	5.3 (3.1)	PAYGENT for WooCommerce <= 2.4.6 - Missing Authorizati…	shoheitanaka	PAYGENT for WooCommerce	2026-01-17T08:24:31.760Z	2026-01-17T08:24:31.760Z
CVE-2026-0725	4.4 (3.1)	Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (A…	cyberlord92	Integrate Dynamics 365 CRM	2026-01-17T08:24:31.355Z	2026-01-17T08:24:31.355Z
CVE-2025-10484	9.8 (3.1)	Registration & Login with Mobile Phone Number for WooC…	FmeAddons	Registration & Login with Mobile Phone Number for WooCommerce	2026-01-17T08:24:30.759Z	2026-01-17T08:24:30.759Z
CVE-2025-14478	7.5 (3.1)	Demo Importer Plus <= 2.0.9 - Authenticated (Author+) …	kraftplugins	Demo Importer Plus	2026-01-17T07:27:37.627Z	2026-01-17T07:27:37.627Z
CVE-2025-12129	5.3 (3.1)	CubeWP – All-in-One Dynamic Content Framework <= 1.1.2…	cubewp1211	CubeWP Framework	2026-01-17T07:27:37.085Z	2026-01-17T07:27:37.085Z
CVE-2026-0808	5.3 (3.1)	Spin Wheel <= 2.1.0 - Unauthenticated Client-Side Priz…	bdthemes	Spin Wheel – Interactive spinning wheel that offers coupons	2026-01-17T06:42:20.697Z	2026-01-17T06:42:20.697Z
CVE-2026-0691	4.4 (3.1)	CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administ…	creativemindssolutions	CM E-Mail Blacklist – Simple email filtering for safer registration	2026-01-17T06:42:20.210Z	2026-01-17T06:42:20.210Z
CVE-2025-12984	4.9 (3.1)	Advanced Ads – Ad Manager & AdSense <= 2.0.15 - Authen…	monetizemore	Advanced Ads – Ad Manager & AdSense	2026-01-17T06:42:19.675Z	2026-01-17T06:42:19.675Z
CVE-2026-0833	6.4 (3.1)	Team Section Block <= 2.0.0 - Authenticated (Contribut…	bplugins	Team Section Block – Showcase Team Members with Layout Options	2026-01-17T06:42:19.058Z	2026-01-17T06:42:19.058Z
CVE-2025-48647	7.8 (3.1)	In cpm_fwtp_msg_handler of cpm/google/lib/tracepo…	Google	Google Devices	2026-01-16T18:19:02.047Z	2026-01-17T04:55:24.843Z
CVE-2026-0629	8.7 (4.0)	Authentication Bypass in Password Recovery Feature via…	TP-Link Systems Inc.	VIGI InSight Sx45 Series (S245/S345/S445)	2026-01-16T17:24:39.370Z	2026-01-17T04:55:23.748Z
CVE-2024-44238	7.8 (3.1)	The issue was addressed with improved bounds chec…	Apple	iOS and iPadOS	2026-01-16T17:06:05.774Z	2026-01-17T04:55:22.581Z
CVE-2025-14237	9.3 (4.0) 9.8 (3.1)	Buffer overflow in XPS font parse processing on S…	Canon Inc.	Satera LBP670C Series	2026-01-15T23:40:35.434Z	2026-01-17T04:55:21.534Z
CVE-2025-14236	9.3 (4.0) 9.8 (3.1)	Buffer overflow in Address Book attribute tag pro…	Canon Inc.	Satera LBP670C Series	2026-01-15T23:39:50.760Z	2026-01-17T04:55:20.469Z
CVE-2025-14235	9.3 (4.0) 9.8 (3.1)	Buffer overflow in XPS font fpgm data processing …	Canon Inc.	Satera LBP670C Series	2026-01-15T23:38:53.584Z	2026-01-17T04:55:19.277Z
CVE-2025-14234	9.3 (4.0) 9.8 (3.1)	Buffer overflow in CPCA list processing on Small …	Canon Inc.	Satera LBP670C Series	2026-01-15T23:38:13.313Z	2026-01-17T04:55:18.163Z
CVE-2025-14233	9.3 (4.0) 9.8 (3.1)	Invalid free in CPCA file deletion processing on …	Canon Inc.	Satera LBP670C Series	2026-01-15T23:37:29.921Z	2026-01-17T04:55:17.077Z
CVE-2025-14232	9.3 (4.0) 9.8 (3.1)	Buffer overflow in XML processing of XPS file in …	Canon Inc.	Satera LBP670C Series	2026-01-15T23:36:27.072Z	2026-01-17T04:55:15.944Z
CVE-2025-60021	N/A	Apache bRPC: Remote command injection vulnerability in…	Apache Software Foundation	Apache bRPC	2026-01-16T08:39:23.318Z	2026-01-17T04:55:14.838Z
CVE-2025-14231	9.3 (4.0) 9.8 (3.1)	Buffer overflow in print job processing by WSD on…	Canon Inc.	Satera LBP670C Series	2026-01-15T23:35:27.096Z	2026-01-17T04:55:13.710Z

ID	CVSS	Description	Vendor	Product	Published	Updated
CVE-2025-15530	6.9 (4.0) 5.3 (3.1) 5.3 (3.0)	Open5GS s11-handler.c assertion	n/a	Open5GS	2026-01-17T11:02:06.505Z	2026-01-17T11:02:06.505Z
CVE-2026-0725	4.4 (3.1)	Integrate Dynamics 365 CRM <= 1.1.1 - Authenticated (A…	cyberlord92	Integrate Dynamics 365 CRM	2026-01-17T08:24:31.355Z	2026-01-17T08:24:31.355Z
CVE-2025-8615	6.4 (3.1)	CubeWP <= 1.1.26 - Authenticated (Contributor+) Stored…	cubewp1211	CubeWP Framework	2026-01-17T08:24:32.192Z	2026-01-17T08:24:32.192Z
CVE-2025-14078	5.3 (3.1)	PAYGENT for WooCommerce <= 2.4.6 - Missing Authorizati…	shoheitanaka	PAYGENT for WooCommerce	2026-01-17T08:24:31.760Z	2026-01-17T08:24:31.760Z
CVE-2025-10484	9.8 (3.1)	Registration & Login with Mobile Phone Number for WooC…	FmeAddons	Registration & Login with Mobile Phone Number for WooCommerce	2026-01-17T08:24:30.759Z	2026-01-17T08:24:30.759Z
CVE-2025-14478	7.5 (3.1)	Demo Importer Plus <= 2.0.9 - Authenticated (Author+) …	kraftplugins	Demo Importer Plus	2026-01-17T07:27:37.627Z	2026-01-17T07:27:37.627Z
CVE-2025-12129	5.3 (3.1)	CubeWP – All-in-One Dynamic Content Framework <= 1.1.2…	cubewp1211	CubeWP Framework	2026-01-17T07:27:37.085Z	2026-01-17T07:27:37.085Z
CVE-2026-0833	6.4 (3.1)	Team Section Block <= 2.0.0 - Authenticated (Contribut…	bplugins	Team Section Block – Showcase Team Members with Layout Options	2026-01-17T06:42:19.058Z	2026-01-17T06:42:19.058Z
CVE-2026-0808	5.3 (3.1)	Spin Wheel <= 2.1.0 - Unauthenticated Client-Side Priz…	bdthemes	Spin Wheel – Interactive spinning wheel that offers coupons	2026-01-17T06:42:20.697Z	2026-01-17T06:42:20.697Z
CVE-2026-0691	4.4 (3.1)	CM E-Mail Blacklist <= 1.6.2 - Authenticated (Administ…	creativemindssolutions	CM E-Mail Blacklist – Simple email filtering for safer registration	2026-01-17T06:42:20.210Z	2026-01-17T06:42:20.210Z
CVE-2025-12984	4.9 (3.1)	Advanced Ads – Ad Manager & AdSense <= 2.0.15 - Authen…	monetizemore	Advanced Ads – Ad Manager & AdSense	2026-01-17T06:42:19.675Z	2026-01-17T06:42:19.675Z
CVE-2025-14029	5.3 (3.1)	Community Events <= 1.5.6 - Missing Authorization to U…	jackdewey	Community Events	2026-01-17T04:34:00.530Z	2026-01-17T04:34:00.530Z
CVE-2025-12825	5.3 (3.1)	User Registration Using Contact Form 7 <= 2.5 - Authen…	zealopensource	User Registration Using Contact Form 7	2026-01-17T04:34:02.212Z	2026-01-17T04:34:02.212Z
CVE-2025-12168	4.3 (3.1)	Phrase TMS Integration for WordPress <= 4.7.5 - Missin…	memsource	Phrase TMS Integration for WordPress	2026-01-17T04:34:01.207Z	2026-01-17T04:34:01.207Z
CVE-2026-0820	5.3 (3.1)	RepairBuddy <= 4.1116 - Insecure Direct Object Referen…	sweetdaisy86	RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress	2026-01-17T03:24:23.562Z	2026-01-17T03:24:23.562Z
CVE-2026-0682	2.2 (3.1)	Church Admin <= 5.0.28 - Authenticated (Administrator+…	andy_moyle	Church Admin	2026-01-17T03:24:24.110Z	2026-01-17T03:24:24.110Z
CVE-2025-14463	5.3 (3.1)	Payment Button for PayPal <= 1.2.3.41 - Missing Author…	naa986	Payment Button for PayPal	2026-01-17T03:24:24.816Z	2026-01-17T03:24:24.816Z
CVE-2025-13725	6.5 (3.1)	Gutenberg Thim Blocks <= 1.0.1 - Authenticated (Contri…	thimpress	Thim Blocks	2026-01-17T03:24:24.463Z	2026-01-17T03:24:24.463Z
CVE-2025-15403	9.8 (3.1)	RegistrationMagic <= 6.0.7.1 - Privilege Escalation vi…	metagauss	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login	2026-01-17T02:22:32.032Z	2026-01-17T02:22:32.032Z
CVE-2025-14632	4.4 (3.1)	Filr – Secure document library <= 1.2.11 - Authenticat…	wpchill	Filr – Secure document library	2026-01-17T02:22:32.399Z	2026-01-17T02:22:32.399Z
CVE-2025-14450	6.5 (3.1)	Wallet System for WooCommerce <= 2.7.2 - Missing Autho…	wpswings	Wallet System for WooCommerce – Digital Wallet, Buy Now Pay Later (BNPL), Instant Cashback, Referral program, Partial & Subscription Payments	2026-01-17T02:22:31.567Z	2026-01-17T02:22:31.567Z
CVE-2025-14075	5.3 (3.1)	WP Hotel Booking <= 2.2.7 - Unauthenticated Sensitive …	thimpress	WP Hotel Booking	2026-01-17T02:22:30.818Z	2026-01-17T02:22:30.818Z
CVE-2025-12718	5.8 (3.1)	Quick Contact Form <= 8.2.6 - Unauthenticated Open Mai…	saadiqbal	Quick Contact Form	2026-01-17T02:22:32.748Z	2026-01-17T02:22:32.748Z
CVE-2025-12002	5.9 (3.1)	Feeds for YouTube Pro <= 2.6.0 - Unauthenticated Arbit…	Awesome Motive	YouTube Feed Pro	2026-01-17T02:22:33.224Z	2026-01-17T02:22:33.224Z
CVE-2026-0519	4.6 (4.0)	Information Disclosure in Secure Access Between 12.70 …	Absolute Security	Secure Access	2026-01-17T01:13:59.183Z	2026-01-17T01:13:59.183Z
CVE-2026-0518	4.8 (4.0)	XSS in Secure Access Consoles prior to 14.20	Absolute Security	Secure Access	2026-01-17T01:09:29.268Z	2026-01-17T01:09:29.268Z
CVE-2026-0517	6 (4.0)	Denial of Service in Secure Access Servers Prior to 14.20.	Absolute Security	Secure Access	2026-01-17T01:04:55.634Z	2026-01-17T01:04:55.634Z
CVE-2026-22865	8.6 (4.0)	Gradle's failure to disable repositories failing to an…	gradle	gradle	2026-01-16T22:46:19.741Z	2026-01-16T22:46:19.741Z
CVE-2026-22816	8.6 (4.0)	Gradle fails to disable repositories which can expose …	gradle	gradle	2026-01-16T22:45:48.937Z	2026-01-16T22:45:48.937Z
CVE-2025-5489	N/A	This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	N/A	N/A		2026-01-16T22:19:09.219Z

ID	Description	Published	Updated
fkie_cve-2025-15530	A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwc_s11_handle_cr…	2026-01-17T11:15:48.907	2026-01-17T11:15:48.907
fkie_cve-2026-0725	The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi…	2026-01-17T09:15:52.027	2026-01-17T09:15:52.027
fkie_cve-2025-8615	The CubeWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cubew…	2026-01-17T09:15:51.850	2026-01-17T09:15:51.850
fkie_cve-2025-14078	The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all vers…	2026-01-17T09:15:51.390	2026-01-17T09:15:51.390
fkie_cve-2025-10484	The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerabl…	2026-01-17T09:15:50.303	2026-01-17T09:15:50.303
fkie_cve-2025-14478	The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE) in…	2026-01-17T08:15:51.040	2026-01-17T08:15:51.040
fkie_cve-2025-12129	The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information…	2026-01-17T08:15:50.850	2026-01-17T08:15:50.850
fkie_cve-2026-0833	The Team Section Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the pl…	2026-01-17T07:16:02.300	2026-01-17T07:16:02.300
fkie_cve-2026-0808	The Spin Wheel plugin for WordPress is vulnerable to client-side prize manipulation in all versions…	2026-01-17T07:16:02.123	2026-01-17T07:16:02.123
fkie_cve-2026-0691	The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vul…	2026-01-17T07:16:01.933	2026-01-17T07:16:01.933
fkie_cve-2025-12984	The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to SQL Injection via the…	2026-01-17T07:16:00.987	2026-01-17T07:16:00.987
fkie_cve-2025-14029	The Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to…	2026-01-17T05:16:10.370	2026-01-17T05:16:10.370
fkie_cve-2025-12825	The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized acces…	2026-01-17T05:16:09.070	2026-01-17T05:16:09.070
fkie_cve-2025-12168	The Phrase TMS Integration for WordPress plugin for WordPress is vulnerable to unauthorized modific…	2026-01-17T05:16:08.763	2026-01-17T05:16:08.763
fkie_cve-2026-0820	The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable…	2026-01-17T04:16:08.150	2026-01-17T04:16:08.150
fkie_cve-2026-0682	The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions …	2026-01-17T04:16:07.987	2026-01-17T04:16:07.987
fkie_cve-2025-14463	The Payment Button for PayPal plugin for WordPress is vulnerable to unauthorized order creation in …	2026-01-17T04:16:07.593	2026-01-17T04:16:07.593
fkie_cve-2025-13725	The Gutenberg Thim Blocks – Page Builder, Gutenberg Blocks for the Block Editor plugin for WordPres…	2026-01-17T04:16:06.630	2026-01-17T04:16:06.630
fkie_cve-2025-15403	The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up…	2026-01-17T03:16:03.693	2026-01-17T03:16:03.693
fkie_cve-2025-14632	The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scriptin…	2026-01-17T03:16:03.527	2026-01-17T03:16:03.527
fkie_cve-2025-14450	The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification o…	2026-01-17T03:16:03.367	2026-01-17T03:16:03.367
fkie_cve-2025-14075	The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all ve…	2026-01-17T03:16:03.200	2026-01-17T03:16:03.200
fkie_cve-2025-12718	The Quick Contact Form plugin for WordPress is vulnerable to Open Mail Relay in all versions up to,…	2026-01-17T03:16:03.037	2026-01-17T03:16:03.037
fkie_cve-2025-12002	The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions…	2026-01-17T03:16:02.840	2026-01-17T03:16:02.840
fkie_cve-2026-0519	In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentic…	2026-01-17T02:15:49.627	2026-01-17T02:15:49.627
fkie_cve-2026-0518	CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20.…	2026-01-17T02:15:49.470	2026-01-17T02:15:49.470
fkie_cve-2026-0517	CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14…	2026-01-17T01:15:51.030	2026-01-17T01:15:51.030
fkie_cve-2026-22865	Gradle is a build automation tool, and its native-platform tool provides Java bindings for native A…	2026-01-16T23:15:50.280	2026-01-16T23:15:50.280
fkie_cve-2026-22816	Gradle is a build automation tool, and its native-platform tool provides Java bindings for native A…	2026-01-16T23:15:50.127	2026-01-16T23:15:50.127
fkie_cve-2025-5489	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.	2026-01-16T23:15:49.150	2026-01-16T23:15:49.150

ID	Severity	Description	Published	Updated
ghsa-3vj5-3fjj-88m8	5.3 (3.1) 5.5 (4.0)	A vulnerability was determined in Open5GS up to 2.7.6. This affects the function sgwc_s11_handle_cr…	2026-01-17T12:31:25Z	2026-01-17T12:31:25Z
ghsa-rp6q-fg2m-9fcv	4.4 (3.1)	The Integrate Dynamics 365 CRM plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi…	2026-01-17T09:31:15Z	2026-01-17T09:31:15Z
ghsa-hj72-p4c8-2pp4	5.3 (3.1)	The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all vers…	2026-01-17T09:31:15Z	2026-01-17T09:31:15Z
ghsa-5x2v-mrh5-prvx	9.8 (3.1)	The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerabl…	2026-01-17T09:31:15Z	2026-01-17T09:31:15Z
ghsa-39gg-vpq3-pjg4	6.4 (3.1)	The CubeWP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cubew…	2026-01-17T09:31:15Z	2026-01-17T09:31:15Z
ghsa-v766-7x5c-f752	5.3 (3.1)	The Spin Wheel plugin for WordPress is vulnerable to client-side prize manipulation in all versions…	2026-01-17T09:31:14Z	2026-01-17T09:31:14Z
ghsa-h4hg-xmrj-3c6w	4.4 (3.1)	The CM E-Mail Blacklist – Simple email filtering for safer registration plugin for WordPress is vul…	2026-01-17T09:31:14Z	2026-01-17T09:31:14Z
ghsa-gp72-rgfw-gwgp	4.9 (3.1)	The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to SQL Injection via the…	2026-01-17T09:31:14Z	2026-01-17T09:31:14Z
ghsa-7rjf-vvpp-3vfc	6.4 (3.1)	The Team Section Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the pl…	2026-01-17T09:31:14Z	2026-01-17T09:31:14Z
ghsa-7cqg-9cwh-9w83	5.3 (3.1)	The CubeWP – All-in-One Dynamic Content Framework plugin for WordPress is vulnerable to Information…	2026-01-17T09:31:14Z	2026-01-17T09:31:14Z
ghsa-4qr6-cjv5-78xj	7.5 (3.1)	The Demo Importer Plus plugin for WordPress is vulnerable to XML External Entity Injection (XXE) in…	2026-01-17T09:31:14Z	2026-01-17T09:31:14Z
ghsa-x87c-mf44-jq5f	5.3 (3.1)	The User Registration Using Contact Form 7 plugin for WordPress is vulnerable to unauthorized acces…	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-x3g7-vp73-j4gv	5.3 (3.1)	The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable…	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-x2h8-q8w2-33xm	5.3 (3.1)	The Community Events plugin for WordPress is vulnerable to unauthorized modification of data due to…	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-pm58-hwhg-w6fr	5.3 (3.1)	The Payment Button for PayPal plugin for WordPress is vulnerable to unauthorized order creation in …	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-f4rc-5m89-x55r	6.5 (3.1)	The Gutenberg Thim Blocks – Page Builder, Gutenberg Blocks for the Block Editor plugin for WordPres…	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-5mxf-v2m6-j98m	4.3 (3.1)	The Phrase TMS Integration for WordPress plugin for WordPress is vulnerable to unauthorized modific…	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-5c7c-gqqx-2g9q	2.2 (3.1)	The Church Admin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions …	2026-01-17T06:30:36Z	2026-01-17T06:30:36Z
ghsa-p429-p65m-q8hj	5.3 (3.1)	The WP Hotel Booking plugin for WordPress is vulnerable to Sensitive Information Exposure in all ve…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-mcwv-cw7m-pxqm	4.4 (3.1)	The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scriptin…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-m78r-r2pf-69wj	5.9 (3.1)	The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-jc22-fwx5-phhh	4.8 (4.0)	CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20.…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-j6cx-84mr-7rr8	5.8 (3.1)	The Quick Contact Form plugin for WordPress is vulnerable to Open Mail Relay in all versions up to,…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-c4w9-xpcr-fxjj	4.6 (4.0)	In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentic…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-7r6x-p782-g6p6	6.0 (4.0)	CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-57r7-hgxm-j62g	6.5 (3.1)	The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification o…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-4hvq-pg8r-grr5	9.8 (3.1)	The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up…	2026-01-17T03:30:24Z	2026-01-17T03:30:24Z
ghsa-wfh6-52w8-8gcj	5.1 (3.1)	Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the…	2026-01-17T00:30:24Z	2026-01-17T00:30:24Z
ghsa-vhwm-c99c-xhcp	7.5 (3.1)	The Librarian contains a information leakage vulnerability through the `web_fetch` tool, which can …	2026-01-16T15:31:24Z	2026-01-17T00:30:24Z
ghsa-m8cg-86wh-jh9h	5.5 (3.1)	In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Do not reset dql stat…	2025-10-01T12:30:29Z	2026-01-17T00:30:24Z

ID	Severity	Description	Package	Published	Updated
pysec-2024-85	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-01-13T10:52:40.657989Z
pysec-2024-84	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.3.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-01-13T10:52:40.548090Z
pysec-2024-83	7.5 (3.1)	Deserialization of untrusted data can occur in versions 23.10.2.0 and newer of the MindsD…	mindsdb	2024-09-12T13:15:00Z	2026-01-13T10:52:40.437300Z
pysec-2024-82	8.8 (3.1)	Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB…	mindsdb	2024-09-12T13:15:00Z	2026-01-13T10:52:40.322917Z
pysec-2023-278	5.3 (3.1)	MindsDB connects artificial intelligence models to real time data. Versions prior to 23.1…	mindsdb	2023-12-11T21:15:00Z	2026-01-13T10:52:40.191114Z
pysec-2025-52		gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation.	mlflow	2025-06-23T15:15:29Z	2025-12-05T13:25:55.146081Z
pysec-2020-220		A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage coll…	ansible	2020-10-05T14:15:00Z	2025-10-31T04:43:53.616247Z
pysec-2025-72		The `num2words` project was compromised via a phishing attack and two new versions were u…	num2words		2025-07-31T14:34:47+00:00
pysec-2025-71		Cadwyn creates production-ready community-driven modern Stripe-like API versioning in Fas…	cadwyn	2025-07-21T21:15:25+00:00	2025-07-23T15:24:03.825615+00:00
pysec-2025-70	10.0 (3.1)	A Server-Side Request Forgery (SSRF) vulnerability exists in the RequestsToolkit componen…	langchain-community	2025-06-23T21:15:25+00:00	2025-07-16T21:23:40.211079+00:00
pysec-2024-259	9.8 (3.1)	In PyTorch <=2.4.1, the RemoteModule has Deserialization RCE. NOTE: this is disputed by m…	torch	2024-10-29T21:15:04+00:00	2025-07-16T03:09:57.748865+00:00
pysec-2024-258		In scrapy/scrapy, an issue was identified where the Authorization header is not removed d…	scrapy	2024-05-20T08:15:08+00:00	2025-07-15T17:37:50.051730+00:00
pysec-2025-69		In Roundup before 2.5.0, XSS can occur via interaction between URLs and issue tracker tem…	roundup	2025-07-13T20:15:25+00:00	2025-07-13T21:23:01.161315+00:00
pysec-2025-68	8.0 (3.1)	A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.449399+00:00
pysec-2025-67	9.8 (3.1)	A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerabil…	upsonic	2025-06-19T21:15:27+00:00	2025-07-08T19:22:27.385619+00:00
pysec-2025-66		Improper privilege management in a REST interface allowed registered users to access unau…	streampipes	2025-03-03T11:15:11+00:00	2025-07-08T15:23:46.628375+00:00
pysec-2025-65		A path traversal vulnerability exists in run-llama/llama_index versions 0.12.27 through 0…	llama-index	2025-07-07T13:15:28+00:00	2025-07-07T15:23:42.730681+00:00
pysec-2025-61		Pillow is a Python imaging library. In versions 11.2.0 to before 11.3.0, there is a heap …	pillow	2025-07-01T19:15:27Z	2025-07-07T14:12:46.226030Z
pysec-2025-64	9.8 (3.1)	A vulnerability classified as critical has been found in themanojdesai python-a2a up to 0…	python-a2a	2025-06-17T07:15:18+00:00	2025-07-02T21:23:13.806273+00:00
pysec-2025-63		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Whe…	vllm	2025-03-19T16:15:32+00:00	2025-07-01T23:22:49.176005+00:00
pysec-2025-62		vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Mal…	vllm	2025-02-07T20:15:34+00:00	2025-07-01T23:22:49.083695+00:00
pysec-2025-60		Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Inform…	apache-iotdb	2025-05-14T11:16:28+00:00	2025-07-01T21:22:47.232036+00:00
pysec-2025-59		Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attack…	apache-iotdb	2025-05-14T11:15:47+00:00	2025-07-01T21:22:47.177405+00:00
pysec-2024-257	7.5 (3.1)	Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-03-22T23:15:07+00:00	2025-06-30T15:23:50.085549+00:00
pysec-2025-58	8.8 (3.1)	vLLM is a library for LLM inference and serving. vllm/model_executor/weight_utils.py impl…	vllm	2025-01-27T18:15:41+00:00	2025-06-27T21:22:36.583615+00:00
pysec-2025-57		A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthent…	zenml	2025-03-20T10:15:48+00:00	2025-06-27T17:22:55.175431+00:00
pysec-2025-56	4.3 (3.1)	OctoPrint provides a web interface for controlling consumer 3D printers. In versions up t…	octoprint	2025-04-22T18:15:59+00:00	2025-06-27T17:22:53.513680+00:00
pysec-2024-256		Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessm…	mobsf	2024-12-03T16:15:24+00:00	2025-06-27T17:22:53.325430+00:00
pysec-2025-55		vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 u…	vllm	2025-05-30T19:15:30+00:00	2025-06-26T21:23:06.407481+00:00
pysec-2025-54		vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8…	vllm	2025-05-30T19:15:30+00:00	2025-06-26T21:23:06.319321+00:00

ID	Description	Type
tid-412	Some devices will allow for the forwarding of packets to other connected devices (e.g., r…	networking
tid-411	The device utilizes a weak or insecure cryptographic protocol or algorithm that can be br…	networking
tid-410	While encrypting data can prevent a threat actor from directly obtaining the plaintext co…	networking
tid-408	Some devices do not adequately encrypt communications that includes operational or manage…	networking
tid-407	Threat actors may be able to replay a message to a device to cause an unwanted function, …	networking
tid-406	Some devices operate using protocols that have no capacity for network-level authenticati…	networking
tid-405	Remote connections and communications can consume various device resources (e.g., network…	networking
tid-404	Some devices will have operating modes that put the device in an inoperable state. Device…	networking
tid-401	Some devices may support proprietary protocols, or may add proprietary functionality to o…	networking
tid-330	Algorithms or code implementations of cryptographic processes will sometimes leak informa…	application-software
tid-329	If a device stores passwords in an unsafe manner (e.g., in a cleartext file with no read …	application-software
tid-328	Hardcoded credentials typically cannot be changed by end-users and are often undocumented…	application-software
tid-327	If an application does not properly restrict data writes to allocated memory locations, a…	application-software
tid-326	Many object-oriented languages use serialization to convert class objects into byte strin…	application-software
tid-325	The device uses HTTP headers that are unencrypted, not-validated, and/or unauthenticated.…	application-software
tid-324	If a device does not properly authenticate all HTTP requests, a threat actor can directly…	application-software
tid-323	A threat actor can send requests for files or content that resides in different directori…	application-software
tid-322	If a threat actor can include malicious JavaScript within a page viewed by a legitimate d…	application-software
tid-321	A threat actor can hijack an insufficiently protected HTTP session token to gain unauthor…	application-software
tid-320	The device does not property restrict, filter, or validate the content of web-based reque…	application-software
tid-319	The device does not properly restrict, filter, or validate the content of web-based reque…	application-software
tid-318	The device uses a cryptographic library or implementation that either introduces an addit…	application-software
tid-317	If the device does not generate sufficiently random cryptographic primitives, a threat ac…	application-software
tid-316	Certificate-based authentication depends on the correct parsing and validation of an X.50…	application-software
tid-315	If the device includes a password retrieval mechanism, a threat actor could use that mech…	application-software
tid-314	A threat actor could gain unauthorized access by continually guessing passwords. This cou…	application-software
tid-313	A threat actor can change or reset a password or credential without being authenticated. …	application-software
tid-312	A device’s credential change mechanisms can be abused to lock out users from their own de…	application-software
tid-311	Devices often include default credentials from the vendor. Default credentials can be cha…	application-software
tid-310	If an application does not authenticate all connections from a remote device or system, a…	application-software

ID	Description	Updated
gsd-2024-33884	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.534455Z
gsd-2024-33901	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.525896Z
gsd-2024-33887	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.503613Z
gsd-2024-33895	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.493081Z
gsd-2024-33894	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.488420Z
gsd-2024-33902	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.486429Z
gsd-2024-33888	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.468423Z
gsd-2024-33885	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.441746Z
gsd-2024-33891	Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via th…	2024-04-29T05:02:07.412035Z
gsd-2024-33899	RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the scr…	2024-04-29T05:02:07.400574Z
gsd-2024-33889	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.392587Z
gsd-2024-33893	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.381761Z
gsd-2024-33892	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.378170Z
gsd-2024-33890	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.344384Z
gsd-2024-33896	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.313250Z
gsd-2024-33903	In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pede…	2024-04-29T05:02:07.295775Z
gsd-2024-33900	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.290639Z
gsd-2024-33898	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287632Z
gsd-2024-33886	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.287167Z
gsd-2024-33897	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:07.283756Z
gsd-2024-33883	The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certa…	2024-04-29T05:02:07.271727Z
gsd-2024-4303	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.716348Z
gsd-2024-4300	E-WEBInformationCo. FS-EZViewer(Web) exposes sensitive information in the service. A remo…	2024-04-29T05:02:05.715239Z
gsd-2024-4297	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherlo…	2024-04-29T05:02:05.700888Z
gsd-2024-4301	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.678292Z
gsd-2024-4296	The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock…	2024-04-29T05:02:05.621428Z
gsd-2024-4299	The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSheroc…	2024-04-29T05:02:05.606402Z
gsd-2024-4302	The format of the source doesn't require a description, click on the link for more details.	2024-04-29T05:02:05.603637Z
gsd-2024-4298	The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, Audit…	2024-04-29T05:02:05.598531Z
gsd-2024-33876	The format of the source doesn't require a description, click on the link for more details.	2024-04-28T05:02:07.990196Z

ID	Description	Published	Updated
mal-2026-322	Malicious code in admin10001 (npm)	2026-01-16T13:51:12Z	2026-01-17T15:39:03Z
mal-2024-12268	Malicious code in expkg-am (PyPI)	2024-08-23T22:55:41Z	2026-01-16T21:09:34Z
mal-2026-320	Malicious code in zis-common-lib (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:29Z
mal-2026-202	Malicious code in wac-relay-runtime (npm)	2026-01-10T10:00:59Z	2026-01-16T17:25:29Z
mal-2026-201	Malicious code in wac-react-dom (npm)	2026-01-10T10:00:28Z	2026-01-16T17:25:29Z
mal-2026-200	Malicious code in wac-react (npm)	2026-01-10T10:00:30Z	2026-01-16T17:25:29Z
mal-2026-199	Malicious code in vet-bones (npm)	2026-01-10T10:00:31Z	2026-01-16T17:25:29Z
mal-2026-317	Malicious code in textual-sorter-lib (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-316	Malicious code in tailwind-merge-v3 (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-315	Malicious code in tailwind-merge-v2 (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-314	Malicious code in styled-system-old (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-309	Malicious code in sd-pdc-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-308	Malicious code in sd-navbar-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-307	Malicious code in sd-conversation-history-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-306	Malicious code in sd-cip-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-305	Malicious code in sd-ccp-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-304	Malicious code in sd-agent-toolbar-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-303	Malicious code in sd-active-conversation-module-client (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-301	Malicious code in react-sitecore-library (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-299	Malicious code in origin_response_handler (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-297	Malicious code in omnicore-ds2-sdk (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-296	Malicious code in nyse-web-tools-common (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:28Z
mal-2026-257	Malicious code in silvermine (npm)	2026-01-14T08:42:30Z	2026-01-16T17:25:28Z
mal-2026-197	Malicious code in resto_ui_components (npm)	2026-01-10T10:00:26Z	2026-01-16T17:25:28Z
mal-2026-196	Malicious code in oe-oauth (npm)	2026-01-10T10:01:02Z	2026-01-16T17:25:28Z
mal-2026-295	Malicious code in lusha-widgets (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:27Z
mal-2026-294	Malicious code in lusha-ui-components (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:27Z
mal-2026-293	Malicious code in lusha-micro-app-messages (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:27Z
mal-2026-292	Malicious code in lusha-integrations-widgets (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:27Z
mal-2026-291	Malicious code in lead-ion (npm)	2026-01-16T00:10:24Z	2026-01-16T17:25:27Z

ID	Description	Published	Updated
wid-sec-w-2026-0096	Google Android Pixel: Mehrere Schwachstellen	2026-01-13T23:00:00.000+00:00	2026-01-15T23:00:00.000+00:00
wid-sec-w-2025-2196	Redis: Mehrere Schwachstellen	2025-10-05T22:00:00.000+00:00	2026-01-14T23:00:00.000+00:00
wid-sec-w-2025-2887	PHP: Mehrere Schwachstellen	2025-12-18T23:00:00.000+00:00	2026-01-13T23:00:00.000+00:00
wid-sec-w-2026-0017	Veeam Backup & Replication: Mehrere Schwachstellen	2026-01-05T23:00:00.000+00:00	2026-01-12T23:00:00.000+00:00
wid-sec-w-2026-0020	Google Chrome/Microsoft Edge: Schwachstelle ermöglicht nicht spezifizierten Angriff	2026-01-06T23:00:00.000+00:00	2026-01-11T23:00:00.000+00:00
wid-sec-w-2026-0047	CoreDNS: Schwachstelle ermöglicht Denial of Service	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0044	libtasn1: Schwachstelle ermöglicht Denial of Service	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0043	Trend Micro Apex Central: Mehrere Schwachstellen	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0040	n8n: Mehrere Schwachstellen	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0036	OpenLDAP: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen	2026-01-07T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0030	cURL: Mehrere Schwachstellen	2026-01-06T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0022	Ubiquiti UniFi Building Bridge und Device Bridge: Schwachstelle ermöglicht Codeausführung	2026-01-06T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2026-0008	Red Hat Enterprise Linux: Mehrere Schwachstellen	2026-01-04T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2936	LangChain: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen	2025-12-29T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2935	wget: Mehrere Schwachstellen	2025-12-29T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2934	ImageMagick: Mehrere Schwachstellen ermöglichen Denial of Service	2025-12-29T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2928	GnuPG: Mehrere Schwachstellen	2025-12-28T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2798	Red Hat OpenShift Service Mesh: Mehrere Schwachstellen	2025-12-09T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2737	libpng: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen	2025-12-03T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2717	Django: Mehrere Schwachstellen	2025-12-02T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2694	MariaDB: Schwachstelle ermöglicht Codeausführung	2025-11-27T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2693	CUPS: Mehrere Schwachstellen ermöglichen Denial of Service	2025-11-27T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2663	libpng: Mehrere Schwachstellen	2025-11-23T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2645	Golang Go: Mehrere Schwachstellen ermöglichen Denial of Service	2025-11-19T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2637	Rsync: Schwachstelle ermöglicht nicht spezifizierten Angriff	2025-11-18T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2616	libvirt: Schwachstelle ermöglicht Offenlegung von Informationen	2025-11-17T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2468	CPython: Schwachstelle ermöglicht Denial of Service	2025-11-02T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2449	GIMP: Schwachstelle ermöglicht Codeausführung	2025-10-29T23:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2230	Python (CPython Zipfile Module): Schwachstelle ermöglicht Manipulation von Dateien	2025-10-07T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00
wid-sec-w-2025-2212	OpenSSH: Mehrere Schwachstellen ermöglichen Codeausführung	2025-10-06T22:00:00.000+00:00	2026-01-08T23:00:00.000+00:00

ID	Description	Published	Updated
ncsc-2026-0019	Kwetsbaarheid verholpen in Fortinet FortiSIEM	2026-01-16T13:34:34.467426Z	2026-01-16T13:34:34.467426Z
ncsc-2026-0018	Kwetsbaarheden verholpen in TYPO3 CMS	2026-01-16T10:11:37.524826Z	2026-01-16T10:11:37.524826Z
ncsc-2026-0017	Kwetsbaarheden verholpen in Juniper Networks JunOS	2026-01-16T10:07:39.310560Z	2026-01-16T10:07:39.310560Z
ncsc-2026-0016	Kwetsbaarheden verholpen in Aruba Networks ArubaOS	2026-01-16T09:44:20.575860Z	2026-01-16T09:44:20.575860Z
ncsc-2026-0015	Kwetsbaarheid verholpen in Fortinet FortiOS	2026-01-15T12:31:57.265723Z	2026-01-15T12:31:57.265723Z
ncsc-2026-0014	Kwetsbaarheden verholpen in Adobe Illustrator	2026-01-15T12:16:05.427141Z	2026-01-15T12:16:05.427141Z
ncsc-2026-0013	Kwetsbaarheden verholpen in Adobe InDesign Desktop	2026-01-14T13:45:48.530782Z	2026-01-14T13:45:48.530782Z
ncsc-2026-0012	Kwetsbaarheden verholpen in Adobe Dreamweaver Desktop	2026-01-14T13:41:56.261778Z	2026-01-14T13:41:56.261778Z
ncsc-2026-0011	Kwetsbaarheid verholpen in Microsoft Developer Tools	2026-01-13T19:19:27.690900Z	2026-01-13T19:19:27.690900Z
ncsc-2026-0010	Kwetsbaarheden verholpen in Microsoft Office	2026-01-13T19:18:45.984019Z	2026-01-13T19:18:45.984019Z
ncsc-2026-0009	Kwetsbaarheden verholpen in Microsoft Azure	2026-01-13T19:17:59.629364Z	2026-01-13T19:17:59.629364Z
ncsc-2026-0008	Kwetsbaarheid verholpen in Microsoft SQL Server	2026-01-13T19:17:18.848673Z	2026-01-13T19:17:18.848673Z
ncsc-2026-0007	Kwetsbaarheden verholpen in Microsoft Windows	2026-01-13T19:16:30.720079Z	2026-01-13T19:16:30.720079Z
ncsc-2026-0006	Kwetsbaarheden verholpen in SAP producten	2026-01-13T14:42:24.621603Z	2026-01-13T14:42:24.621603Z
ncsc-2026-0005	Kwetsbaarheden verholpen in Siemens producten	2026-01-13T12:05:57.353070Z	2026-01-13T12:05:57.353070Z
ncsc-2026-0004	Kwetsbaarheden verholpen in Trend Micro Apex Central	2026-01-09T11:14:58.910197Z	2026-01-09T11:14:58.910197Z
ncsc-2026-0003	Kwetsbaarheden verholpen in GitLab	2026-01-09T11:11:48.308357Z	2026-01-09T11:11:48.308357Z
ncsc-2026-0002	Kwetsbaarheid verholpen in n8n	2026-01-08T12:34:29.315681Z	2026-01-08T12:34:29.315681Z
ncsc-2026-0001	Kwetsbaarheden verholpen in Hanwha camera systemen	2026-01-08T12:28:21.446188Z	2026-01-08T12:28:21.446188Z
ncsc-2025-0405	Kwetsbaarheid verholpen in Roundcube Webmail	2025-12-31T14:29:26.821576Z	2025-12-31T14:29:26.821576Z
ncsc-2025-0404	Kwetsbaarheid verholpen in SmarterMail	2025-12-31T14:19:01.847364Z	2025-12-31T14:19:01.847364Z
ncsc-2025-0403	Kwetsbaarheden verholpen in QNAP besturingssystemen	2025-12-29T09:17:28.385450Z	2025-12-29T09:17:28.385450Z
ncsc-2025-0402	Kwetsbaarheid verholpen in MongoDB	2025-12-27T11:38:11.514349Z	2025-12-27T11:38:11.514349Z
ncsc-2025-0399	Kwetsbaarheid verholpen in HPE OneView Software	2025-12-18T18:38:20.794784Z	2025-12-24T11:29:46.123674Z
ncsc-2025-0401	Kwetsbaarheden verholpen in Foxit PDF Reader	2025-12-24T09:14:56.590353Z	2025-12-24T09:14:56.590353Z
ncsc-2025-0400	Kwetsbaarheid verholpen in WatchGuard Firebox	2025-12-19T11:16:01.438518Z	2025-12-19T11:16:01.438518Z
ncsc-2025-0398	Kwetsbaarheid in Cisco AsyncOS	2025-12-17T19:47:00.346651Z	2025-12-17T19:47:00.346651Z
ncsc-2025-0386	Kwetsbaarheden verholpen in Fortinet producten	2025-12-10T09:51:34.918202Z	2025-12-16T10:33:05.061241Z
ncsc-2025-0397	Kwetsbaarheden verholpen in Apple iOS en iPadOS	2025-12-15T09:08:39.804149Z	2025-12-15T09:08:39.804149Z
ncsc-2025-0396	Kwetsbaarheden verholpen in Apple macOS	2025-12-15T09:06:36.450655Z	2025-12-15T09:06:36.450655Z

ID	Description	Published	Updated
tssa-2025-00001	Project CSAF document	2025-10-06T11:54:52.856Z	2025-10-06T11:54:52.856Z

ID	Description	Published	Updated
ssa-978177	SSA-978177: Vulnerability in Nozomi Guardian/CMC Before 25.4.0 on RUGGEDCOM APE1808 Devices	2025-08-12T00:00:00Z	2026-01-13T00:00:00Z
ssa-928984	SSA-928984: Heap-based Buffer Overflow Vulnerability in User Management Component (UMC)	2024-12-16T00:00:00Z	2026-01-13T00:00:00Z
ssa-912274	SSA-912274: Multiple Vulnerabilities in RUGGEDCOM ROX Before V2.17	2025-12-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-864900	SSA-864900: Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices	2025-05-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-858251	SSA-858251: Authentication Bypass Vulnerabilities in OPC UA	2025-03-11T00:00:00Z	2026-01-13T00:00:00Z
ssa-832273	SSA-832273: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices	2024-03-12T00:00:00Z	2026-01-13T00:00:00Z
ssa-827968	SSA-827968: Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-698820	SSA-698820: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices	2024-07-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-693776	SSA-693776: Multiple Vulnerabilities in Industrial Communication Devices based on SINEC OS before V3.2	2025-06-10T00:00:00Z	2026-01-13T00:00:00Z
ssa-674753	SSA-674753: Denial-of-Service Vulnerability in ET 200SP	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-366067	SSA-366067: Multiple Vulnerabilities in Fortigate NGFW Before V7.4.1 on RUGGEDCOM APE1808 Devices	2024-03-12T00:00:00Z	2026-01-13T00:00:00Z
ssa-365200	SSA-365200: Google Chrome Type Confusion Vulnerability in Siemens Products	2025-10-14T00:00:00Z	2026-01-13T00:00:00Z
ssa-364175	SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1	2024-07-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-282044	SSA-282044: DLL Hijacking Vulnerability in Siemens Web Installer used by the Online Software Delivery	2025-08-12T00:00:00Z	2026-01-13T00:00:00Z
ssa-212953	SSA-212953: Multiple Vulnerabilities in COMOS	2025-12-09T00:00:00Z	2026-01-13T00:00:00Z
ssa-201595	SSA-201595: Privilege Escalation Vulnerability in WIBU CodeMeter Runtime Affecting the Desigo CC Product Family and SENTRON Powermanager	2025-08-14T00:00:00Z	2026-01-13T00:00:00Z
ssa-192617	SSA-192617: Local Privilege Escalation Vulnerability in TeleControl Server Basic Before V3.1.2.4	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-082556	SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5	2025-06-10T00:00:00Z	2026-01-13T00:00:00Z
ssa-014678	SSA-014678: Authorization Bypass Vulnerability in Industrial Edge Device Kit	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-001536	SSA-001536: Authorization Bypass Vulnerability in Siemens Industrial Edge Devices	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
ssa-512988	SSA-512988: File Parsing Vulnerability in Simcenter Femap Before V2512	2025-12-12T00:00:00Z	2025-12-12T00:00:00Z
ssa-915282	SSA-915282: Denial of service Vulnerability in Interniche IP-Stack based Industrial Devices	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-882673	SSA-882673: Multiple Vulnerabilities in SINEC Security Monitor before V4.10.0	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-868571	SSA-868571: Missing Server Certificate Validation in IAM Client	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-800126	SSA-800126: Deserialization Vulnerability in Siemens Engineering Platforms before V20	2024-12-10T00:00:00Z	2025-12-09T00:00:00Z
ssa-763474	SSA-763474: Denial of Service Vulnerability in Ruggedcom ROS devices before V5.10.1	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-734261	SSA-734261: Authentication Bypass Vulnerability in Energy Services Using Elspec G5DFR	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-723487	SSA-723487: RADIUS Protocol Susceptible to Forgery Attacks (CVE-2024-3596) - Impact to SCALANCE, RUGGEDCOM and Related Products	2024-07-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-710408	SSA-710408: Missing Server Certificate Validation in Siemens Advanced Licensing (SALT) Toolkit	2025-12-09T00:00:00Z	2025-12-09T00:00:00Z
ssa-693808	SSA-693808: Deserialization Vulnerability in Siemens Engineering Platforms	2025-08-12T00:00:00Z	2025-12-09T00:00:00Z

ID	Description	Published	Updated
rhsa-2025:23542	Red Hat Security Advisory: OpenShift File Integrity Operator bug fix and enhancement update	2025-12-17T16:35:07+00:00	2026-01-08T23:30:15+00:00
rhsa-2025:23529	Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.11.9 security update	2025-12-17T14:58:47+00:00	2026-01-08T23:30:13+00:00
rhsa-2025:23528	Red Hat Security Advisory: multicluster engine for Kubernetes 2.6 security update	2025-12-17T14:58:16+00:00	2026-01-08T23:30:13+00:00
rhsa-2025:22684	Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.12.6 security update	2025-12-03T23:53:32+00:00	2026-01-08T23:30:12+00:00
rhsa-2025:22683	Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.7 security update	2025-12-03T22:50:31+00:00	2026-01-08T23:30:11+00:00
rhsa-2025:22420	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14 security, enhancement & bug fix update	2025-12-01T12:14:05+00:00	2026-01-08T23:30:11+00:00
rhsa-2025:22418	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15 security, enhancement & bug fix update	2025-12-01T12:10:52+00:00	2026-01-08T23:30:10+00:00
rhsa-2025:22416	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16 security, enhancement & bug fix update	2025-12-01T12:00:04+00:00	2026-01-08T23:30:09+00:00
rhsa-2025:22415	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17 security, enhancement & bug fix update	2025-12-01T11:59:39+00:00	2026-01-08T23:30:09+00:00
rhsa-2025:21885	Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update	2025-11-20T19:56:52+00:00	2026-01-08T23:30:08+00:00
rhsa-2025:21368	Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18 security, enhancement & bug fix update	2025-11-13T17:36:32+00:00	2026-01-08T23:30:07+00:00
rhsa-2025:19961	Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.12.6 security update	2025-11-10T01:30:28+00:00	2026-01-08T23:30:07+00:00
rhsa-2025:19958	Red Hat Security Advisory: multicluster engine for Kubernetes v2.7.7 security update	2025-11-10T01:14:14+00:00	2026-01-08T23:30:05+00:00
rhsa-2025:19335	Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes 2.14.1 security update	2025-10-30T12:58:23+00:00	2026-01-08T23:30:04+00:00
rhsa-2025:19332	Red Hat Security Advisory: multicluster engine for Kubernetes 2.9.1 security update	2025-10-30T12:27:36+00:00	2026-01-08T23:30:03+00:00
rhea-2025:23478	Red Hat Enhancement Advisory: OpenShift Virtualization 4.18.25 Images	2025-12-17T11:33:21+00:00	2026-01-08T23:30:00+00:00
rhsa-2025:9584	Red Hat Security Advisory: kernel security update	2025-06-25T00:46:30+00:00	2026-01-08T17:01:38+00:00
rhsa-2025:9348	Red Hat Security Advisory: kernel security update	2025-06-23T07:46:57+00:00	2026-01-08T17:01:38+00:00
rhsa-2025:9302	Red Hat Security Advisory: kernel security update	2025-06-23T01:11:47+00:00	2026-01-08T17:01:37+00:00
rhsa-2025:7043	Red Hat Security Advisory: microcode_ctl security update	2025-05-13T08:49:17+00:00	2026-01-08T17:01:36+00:00
rhsa-2025:6966	Red Hat Security Advisory: kernel security update	2025-05-13T08:28:50+00:00	2026-01-08T17:01:30+00:00
rhsa-2025:22854	Red Hat Security Advisory: kernel security update	2025-12-09T08:51:05+00:00	2026-01-08T17:01:30+00:00
rhsa-2025:2270	Red Hat Security Advisory: kernel security update	2025-03-05T02:49:03+00:00	2026-01-08T17:01:22+00:00
rhsa-2025:22405	Red Hat Security Advisory: kernel security update	2025-12-01T11:06:22+00:00	2026-01-08T17:01:20+00:00
rhsa-2025:20518	Red Hat Security Advisory: kernel security update	2025-11-11T09:13:24+00:00	2026-01-08T17:01:19+00:00
rhsa-2025:20095	Red Hat Security Advisory: kernel security update	2025-11-11T08:21:57+00:00	2026-01-08T17:01:19+00:00
rhsa-2025:14748	Red Hat Security Advisory: kernel security update	2025-08-27T15:33:14+00:00	2026-01-08T17:01:19+00:00
rhsa-2025:14746	Red Hat Security Advisory: kernel-rt security update	2025-08-27T11:42:30+00:00	2026-01-08T17:01:18+00:00
rhsa-2025:13805	Red Hat Security Advisory: kernel security update	2025-08-13T15:29:16+00:00	2026-01-08T17:01:16+00:00
rhsa-2025:13776	Red Hat Security Advisory: kernel security update	2025-08-13T02:49:20+00:00	2026-01-08T17:01:16+00:00

ID	Description	Published	Updated
va-26-015-01	NOAA PMEL Live Access Server (LAS) command injection	2026-01-15T19:59:37Z	2026-01-15T19:59:37Z
icsa-26-013-03	YoSmart YoLink Smart Hub	2026-01-13T07:00:00.000000Z	2026-01-13T07:00:00.000000Z
icsa-26-013-02	Rockwell Automation FactoryTalk DataMosaix Private Cloud	2026-01-13T07:00:00.000000Z	2026-01-13T07:00:00.000000Z
icsa-26-013-01	Rockwell Automation 432ES-IG3 Series A	2026-01-13T07:00:00.000000Z	2026-01-13T07:00:00.000000Z
icsa-25-212-01	Güralp Systems FMUS Series and MIN Series Devices (Update B)	2025-07-31T06:00:00.000000Z	2026-01-13T07:00:00.000000Z
va-26-013-01	NSecKrnl driver terminates system processes with crafted IOCTL requests	2026-01-13T00:00:00Z	2026-01-13T00:00:00Z
icsa-25-345-03	AzeoTech DAQFactory (Update A)	2025-12-11T07:00:00.000000Z	2026-01-12T07:00:00.000000Z
va-26-008-01	OPEXUS eCASE	2026-01-08T16:36:15Z	2026-01-08T16:36:15Z
icsa-24-338-04	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update A)	2024-12-03T07:00:00.000000Z	2026-01-08T07:00:00.000000Z
icsa-24-296-01	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update B)	2024-10-22T06:00:00.000000Z	2026-01-08T07:00:00.000000Z
icsa-24-184-03	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update B)	2024-07-02T06:00:00.000000Z	2026-01-08T07:00:00.000000Z
icsa-22-020-01	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric HMI SCADA (Update A)	2022-01-20T07:00:00.000000Z	2026-01-08T07:00:00.000000Z
icsa-25-140-04	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update C)	2025-05-20T05:00:00.000000Z	2026-01-08T06:00:00.000000Z
va-26-008-03	Ideagen DevonWay stored XSS	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
icsa-26-008-01	Hitachi Energy Asset Suite	2025-12-09T00:00:00.000000Z	2026-01-07T21:26:16.381953Z
va-26-008-02	OPEXUS eComplaint and eCasePortal IDOR	2026-01-07T16:35:11Z	2026-01-07T16:35:11Z
icsa-26-006-01	Columbia Weather Systems MicroServer	2026-01-06T07:00:00.000000Z	2026-01-06T07:00:00.000000Z
icsma-25-364-01	WHILL Model C2 Electric Wheelchairs and Model F Power Chairs	2025-12-30T07:00:00.000000Z	2025-12-30T07:00:00.000000Z
icsa-25-177-01	Mitsubishi Electric Air Conditioning Systems (Update B)	2025-06-26T06:00:00.000000Z	2025-12-23T07:00:00.000000Z
icsa-25-352-02	Schneider Electric EcoStruxure Foxboro DCS Advisor	2025-12-09T08:00:00.000000Z	2025-12-18T18:23:06.311869Z
icsa-25-352-05	Siemens Interniche IP-Stack	2025-12-09T00:00:00.000000Z	2025-12-18T18:13:59.515670Z
icsa-25-352-08	Axis Communications Camera Station Pro, Camera Station, and Device Manager	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-07	Rockwell Automation Micro820, Micro850, Micro870	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-06	Advantech WebAccess/SCADA	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-04	Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electrics Products	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-03	National Instruments LabView	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-25-352-01	Inductive Automation Ignition	2025-12-18T07:00:00.000000Z	2025-12-18T07:00:00.000000Z
icsa-24-291-03	Mitsubishi Electric CNC Series (Update C)	2024-10-17T06:00:00.000000Z	2025-12-18T07:00:00.000000Z
va-25-352-01	BullWall Ransomware Containment and Server Intrusion Protection multiple vulnerabilities	2025-12-18T00:00:00Z	2025-12-18T00:00:00Z
icsa-25-350-04	Mitsubishi Electric GT Designer3	2025-12-16T07:00:00.000000Z	2025-12-16T07:00:00.000000Z

ID	Description	Published	Updated
cisco-sa-sma-attack-n9bf4	Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager	2025-12-17T16:00:00+00:00	2026-01-15T16:01:43+00:00
cisco-sa-ise-xss-9tdh2kx	Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-ise-xss-964cdxw5	Cisco Identity Services Engine Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-epnm-pi-stored-xss-gekx8ywk	Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability	2026-01-15T16:00:00+00:00	2026-01-15T16:00:00+00:00
cisco-sa-snort3-dcerpc-vulns-j9hnf4th	Multiple Cisco Products Snort 3 Distributed Computing Environment/Remote Procedure Call Vulnerabilities	2026-01-07T16:00:00+00:00	2026-01-07T16:00:00+00:00
cisco-sa-ise-xxe-jwsbsdkt	Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability	2026-01-07T16:00:00+00:00	2026-01-07T16:00:00+00:00
cisco-sa-react-flight-tyw32ddb	Remote Code Execution Vulnerability in React and Next.js Frameworks: December 2025	2025-12-04T16:00:00+00:00	2025-12-17T22:37:17+00:00
cisco-sa-ise-multiple-vulns-o9beswjh	Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities	2025-11-05T16:00:00+00:00	2025-12-04T14:23:54+00:00
cisco-sa-cc-mult-vuln-gk4tfxsn	Multiple Cisco Contact Center Products Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-18T14:49:09+00:00
cisco-sa-privesc-catc-ryjreelu	Cisco Catalyst Center Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-xss-wextvz59	Cisco Catalyst Center Cross-Site Scripting Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-dnac-ci-zwlqvswt	Cisco Catalyst Center REST API Command Injection Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-priv-esc-vs8eecux	Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-catc-open-redirect-3w5bk3je	Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability	2025-11-13T16:00:00+00:00	2025-11-13T16:00:00+00:00
cisco-sa-cc-unauth-rce-qen8h7mq	Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities	2025-11-05T16:00:00+00:00	2025-11-13T12:48:42+00:00
cisco-sa-asaftd-webvpn-yrootuw	Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:55+00:00
cisco-sa-asaftd-webvpn-z5xp8eub	Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:54+00:00
cisco-sa-http-code-exec-wmfp3h3o	Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability	2025-09-25T16:00:00+00:00	2025-11-06T15:50:51+00:00
cisco-sa-ise-radsupress-dos-8yf3jthh	Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability	2025-11-05T16:00:00+00:00	2025-11-05T16:00:00+00:00
cisco-sa-broadworks-xss-o696ymra	Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability	2025-07-02T16:00:00+00:00	2025-10-21T15:13:31+00:00
cisco-sa-snort3-mime-vulns-ttl8pgvh	Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-roomos-inf-disc-qggsbxam	Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-phone-dos-fpyjlv7a	Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities	2025-10-15T16:00:00+00:00	2025-10-15T16:00:00+00:00
cisco-sa-secboot-uqfd8avc	Cisco IOS XE Software Secure Boot Bypass Vulnerabilities	2025-09-24T16:00:00+00:00	2025-10-15T15:57:29+00:00
cisco-sa-snmp-x4lphte	Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability	2025-09-24T16:00:00+00:00	2025-10-06T18:27:02+00:00
cisco-sa-ios-tacacs-hdb7thjw	Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability	2025-09-24T16:00:00+00:00	2025-10-01T16:39:50+00:00
cisco-sa-cv-xss-rwrakaj9	Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities	2025-10-01T16:00:00+00:00	2025-10-01T16:00:00+00:00
cisco-sa-cucm-stored-xss-fnj66yly	Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability	2025-10-01T16:00:00+00:00	2025-10-01T16:00:00+00:00
cisco-sa-cat9k-ptmd7bgy	Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability	2025-09-24T16:00:00+00:00	2025-09-30T14:26:46+00:00
cisco-sa-ap-ipv6-gw-tuazpn9o	Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability	2025-09-24T16:00:00+00:00	2025-09-26T16:35:51+00:00

ID	Description	Published	Updated
sca-2026-0002	Vulnerabilities affecting SICK Incoming Goods Suite	2026-01-15T14:00:00.000Z	2026-01-15T14:00:00.000Z
sca-2026-0001	Vulnerabilities affecting SICK TDC-X401GL	2026-01-15T14:00:00.000Z	2026-01-15T14:00:00.000Z
sca-2025-0013	Vulnerabilities affecting SICK TLOC100-100	2025-10-27T14:00:00.000Z	2025-11-11T14:00:00.000Z
sca-2025-0014	CodeMeter vulnerablity affects SICK CODE-LOC and SICK LIDAR-LOC	2025-11-03T11:00:00.000Z	2025-11-03T14:00:00.000Z
sca-2025-0012	Sudo vulnerability affects SICK SID products	2025-10-27T11:00:00.000Z	2025-10-27T14:00:00.000Z
sca-2025-0011	Vulnerabilities affecting Endress+Hauser SSG-E210GC	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0010	Multiple vulnerabilities in SICK Enterprise Analytics and SICK Logistic Analytics Products	2025-10-02T13:00:00.000Z	2025-10-02T13:00:00.000Z
sca-2025-0009	Vulnerabilities affecting SICK TDC-E210GC	2025-08-01T13:00:00.000Z	2025-08-01T13:00:00.000Z
sca-2025-0008	Multiple vulnerabilities in Endress+Hauser MEAC300-FNADE4	2025-07-03T13:00:00.000Z	2025-07-03T13:00:00.000Z
sca-2025-0007	Multiple vulnerabilities in SICK Field Analytics and SICK Media Server	2025-06-12T13:00:00.000Z	2025-06-12T13:00:00.000Z
sca-2025-0003	FreeRTOS Vulnerabilities have no impact on SICK Products	2025-02-28T00:00:00.000Z	2025-05-20T11:00:00.000Z
sca-2025-0006	Vulnerability affecting picoScan and multiScan	2025-04-28T13:00:00.000Z	2025-04-28T13:00:00.000Z
sca-2025-0005	Vulnerabilities in SICK Flexi Compact	2025-04-28T10:00:00.000Z	2025-04-28T10:00:00.000Z
sca-2025-0004	Critical vulnerabilities in SICK DL100-2xxxxxxx	2025-03-14T11:00:00.000Z	2025-03-14T11:00:00.000Z
sca-2025-0001	Multiple vulnerabilities in SICK MEAC300	2025-02-14T14:00:00.000Z	2025-02-21T14:00:00.000Z
sca-2025-0002	Vulnerability in SICK Lector8xx and SICK InspectorP8xx	2025-02-14T10:19:00.000Z	2025-02-14T10:19:00.000Z
sca-2024-0007	Vulnerability in SICK OLM	2024-12-31T00:00:00.000Z	2024-12-31T00:00:00.000Z
sca-2024-0006	Critical vulnerabilities in SICK InspectorP61x, InspectorP62x and TiM3xx	2024-12-06T00:00:00.000Z	2024-12-06T00:00:00.000Z
sca-2024-0005	Vulnerability in SICK Incoming Goods Suite	2024-11-19T00:00:00.000Z	2024-11-19T00:00:00.000Z
sca-2024-0004	Third party vulnerabilities in SICK CDE-100	2024-11-07T12:00:00.000Z	2024-11-07T12:00:00.000Z
sca-2024-0003	Critical vulnerability in multiple SICK products	2024-10-17T13:00:00.000Z	2024-10-17T13:00:00.000Z
sca-2024-0002	Vulnerability in SICK MSC800	2024-09-11T23:00:00.000Z	2024-09-11T23:00:00.000Z
sca-2024-0001	Vulnerability in SICK Logistics Analytics Products and SICK Field Analytics	2024-01-29T00:00:00.000Z	2024-01-29T00:00:00.000Z
sca-2023-0011	Vulnerability in multiple SICK Flexi Soft Gateways	2023-10-23T11:00:00.000Z	2023-10-23T11:00:00.000Z
sca-2023-0010	Vulnerabilities in SICK Application Processing Unit	2023-10-09T11:00:00.000Z	2023-10-09T11:00:00.000Z
sca-2023-0008	Vulnerability in SICK SIM1012	2023-09-29T13:00:00.000Z	2023-09-29T13:00:00.000Z
sca-2023-0009	Vulnerability in Wibu-Systems CodeMeter Runtime affects multiple SICK products	2023-09-29T10:00:00.000Z	2023-09-29T10:00:00.000Z
sca-2023-0007	Vulnerabilities in SICK LMS5xx	2023-08-25T11:00:00.000Z	2023-08-25T11:00:00.000Z
sca-2023-0006	Vulnerabilities in SICK ICR890-4	2023-07-10T13:00:00.000Z	2023-07-10T13:00:00.000Z
sca-2023-0005	Vulnerabilities in SICK EventCam App	2023-06-19T11:00:00.000Z	2023-06-19T11:00:00.000Z

ID	Description	Published	Updated
nn-2025:15-01	Path traversal in Import Arc data archive functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:14-01	HTML injection in Asset List in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:13-01	Stored Cross-Site Scripting (XSS) in Reports in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:12-01	HTML injection in in Time Machine functionality in Guardian/CMC before 25.5.0	2025-12-18T11:00:00.000Z	2025-12-18T11:00:00.000Z
nn-2025:11-01	Stored Cross-Site Scripting (XSS) in Dashboards in Guardian/CMC before 25.4.0	2025-11-25T11:00:00.000Z	2025-11-26T11:00:00.000Z
nn-2025:9-01	Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:8-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:7-01	Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:6-01	Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:5-01	Incorrect authorization for CLI in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:4-01	Client-side path traversal in Guardian/CMC before 25.2.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:10-01	Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0	2025-10-07T11:00:00.000Z	2025-10-07T11:00:00.000Z
nn-2025:3-01	Incorrect authorization for traces request/download in CMC before 25.1.0	2025-08-26T11:00:00.000Z	2025-08-26T11:00:00.000Z
nn-2025:2-01	Privilege escalation in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2025:1-01	Authenticated RCE in update functionality in Guardian/CMC before 24.6.0	2025-06-10T11:00:00.000Z	2025-06-10T11:00:00.000Z
nn-2024:2-01	Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0	2024-09-11T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2024:1-01	DoS on IDS parsing of malformed Radius packets in Guardian before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:9-01	Authenticated SQL Injection on Query functionality in Guardian/CMC before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:8-01	Session Fixation in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:7-01	DoS via SAML configuration in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:6-01	Partial DoS on Reports section due to null report name in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:4-01	Stored Cross-Site Scripting (XSS) in Threat Intelligence rules in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:3-01	Authenticated Blind SQL Injection on alerts count in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:2-01	Authenticated Blind SQL Injection on sorting in Guardian/CMC before 22.6.2	2023-08-09T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:17-01	Information disclosure via audit records for OpenAPI requests in Guardian/CMC before 23.4.1	2024-04-10T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:15-01	Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0	2024-05-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:12-01	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0	2024-01-15T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:11-01	SQL Injection on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2023:10-01	DoS on IDS parsing of malformed asset fields in Guardian/CMC >= 22.6.0 before 22.6.3 and 23.1.0	2023-09-18T11:00:00.000Z	2024-09-19T11:00:00.000Z
nn-2022:2-02	Authenticated RCE on project configuration import in Guardian/CMC before 22.0.0	2022-02-14T11:00:00.000Z	2024-09-19T11:00:00.000Z

ID	Description	Published	Updated
oxdc-adv-2025-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2025-0001	2025-10-31T00:00:00+00:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0003	OX App Suite Security Advisory OXAS-ADV-2025-0003	2025-09-24T00:00:00+02:00	2025-11-27T00:00:00+00:00
oxas-adv-2025-0002	OX App Suite Security Advisory OXAS-ADV-2025-0002	2025-08-12T00:00:00+02:00	2025-10-31T00:00:00+00:00
oxas-adv-2025-0001	OX App Suite Security Advisory OXAS-ADV-2025-0001	2025-01-27T00:00:00+01:00	2025-04-07T00:00:00+00:00
oxdc-adv-2024-0003	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0003	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxdc-adv-2024-0002	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0002	2024-09-10T00:00:00+02:00	2024-09-10T00:00:00+00:00
oxas-adv-2024-0005	OX App Suite Security Advisory OXAS-ADV-2024-0005	2024-07-08T00:00:00+02:00	2024-09-09T00:00:00+00:00
oxdc-adv-2024-0001	OX Dovecot Pro Security Advisory OXDC-ADV-2024-0001	2024-09-02T00:00:00+02:00	2024-09-06T00:00:00+00:00
oxas-adv-2024-0004	OX App Suite Security Advisory OXAS-ADV-2024-0004	2024-06-13T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0003	OX App Suite Security Advisory OXAS-ADV-2024-0003	2024-04-24T00:00:00+02:00	2024-08-19T00:00:00+00:00
oxas-adv-2024-0002	OX App Suite Security Advisory OXAS-ADV-2024-0002	2024-03-06T00:00:00+01:00	2024-05-06T00:00:00+00:00
oxas-adv-2024-0001	OX App Suite Security Advisory OXAS-ADV-2024-0001	2024-02-08T00:00:00+01:00	2024-04-25T00:00:00+00:00
oxas-adv-2023-0007	OX App Suite Security Advisory OXAS-ADV-2023-0007	2023-12-11T00:00:00+01:00	2024-02-16T00:00:00+00:00
oxas-adv-2023-0006	OX App Suite Security Advisory OXAS-ADV-2023-0006	2023-09-25T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0005	OX App Suite Security Advisory OXAS-ADV-2023-0005	2023-09-19T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0004	OX App Suite Security Advisory OXAS-ADV-2023-0004	2023-08-01T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0003	OX App Suite Security Advisory OXAS-ADV-2023-0003	2023-05-02T00:00:00+02:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0002	OX App Suite Security Advisory OXAS-ADV-2023-0002	2023-03-20T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2023-0001	OX App Suite Security Advisory OXAS-ADV-2023-0001	2023-02-06T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0002	OX App Suite Security Advisory OXAS-ADV-2022-0002	2022-11-02T00:00:00+01:00	2024-01-22T00:00:00+00:00
oxas-adv-2022-0001	OX App Suite Security Advisory OXAS-ADV-2022-0001	2022-08-10T00:00:00+02:00	2024-01-22T00:00:00+00:00

ID	Description	Published	Updated
msrc_cve-2026-21223	Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability	2026-01-13T08:00:00.000Z	2026-01-16T08:00:00.000Z
msrc_cve-2026-20960	Microsoft Power Apps Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-16T08:00:00.000Z
msrc_cve-2026-20856	Windows Server Update Service (WSUS) Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-15T08:00:00.000Z
msrc_cve-2026-20958	Microsoft SharePoint Information Disclosure Vulnerability	2026-01-13T08:00:00.000Z	2026-01-14T08:00:00.000Z
msrc_cve-2025-64679	Windows DWM Core Library Elevation of Privilege Vulnerability	2025-12-09T08:00:00.000Z	2026-01-14T08:00:00.000Z
msrc_cve-2025-64678	Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability	2025-12-09T08:00:00.000Z	2026-01-14T08:00:00.000Z
msrc_cve-2026-21265	Secure Boot Certificate Expiration Security Feature Bypass Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-21226	Azure Core shared client library for Python Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-21224	Azure Connected Machine Agent Elevation of Privilege Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-21221	Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-21219	Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20965	Windows Admin Center Elevation of Privilege Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20963	Microsoft SharePoint Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20962	Dynamic Root of Trust for Measurement (DRTM) Information Disclosure Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20959	Microsoft SharePoint Server Spoofing Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20957	Microsoft Excel Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20956	Microsoft Excel Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20955	Microsoft Excel Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20953	Microsoft Office Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20952	Microsoft Office Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20951	Microsoft SharePoint Server Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20950	Microsoft Excel Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20949	Microsoft Excel Security Feature Bypass Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20948	Microsoft Word Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20947	Microsoft SharePoint Server Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20946	Microsoft Excel Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20944	Microsoft Word Remote Code Execution Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20943	Microsoft Office Click-To-Run Elevation of Privilege Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20941	Host Process for Windows Tasks Elevation of Privilege Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z
msrc_cve-2026-20940	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	2026-01-13T08:00:00.000Z	2026-01-13T08:00:00.000Z

ID	Description	Published	Updated
2crt000009	WebPro SNMP Card PowerValue Multiple Vulnerabilities	2026-01-07T00:30:00.000Z	2026-01-07T00:30:00.000Z
9akk108471a8107	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-09-16T00:30:00.000Z	2025-11-28T08:00:00.000Z
4hzm000603	ABB Ability Camera Connect Vulnerabilities in outdated 3rd party component (VLC)	2025-11-27T00:30:00.000Z	2025-11-28T00:30:00.000Z
7paa022088	Edgenius Management Portal Authentication Bypass	2025-11-20T00:30:00.000Z	2025-11-20T00:30:00.000Z
2nga002813	PCM600 SharpZip library vulnerability	2025-11-03T00:30:00.000Z	2025-11-03T00:30:00.000Z
4tz00000006007	ALS-mini-S4/S8 IP Missing Authentication Vulnerability and its Mitigations	2025-10-20T00:30:00.000Z	2025-10-23T00:30:00.000Z
9akk108471a8948	Terra AC wallbox Heap Memory Corruption Vulnerability	2025-10-20T00:30:00.000Z	2025-10-21T00:30:00.000Z
3kxg200000r4801	CoreSense™ HM and CoreSense™ M10 File Path Traversal Vulnerability	2025-04-16T00:30:00.000Z	2025-10-20T00:30:00.000Z
sa25p003	B&R Automation Runtime Vulnerabilities in System Diagnostic Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-14T00:30:00.000Z
4tz00000006008	LVS MConfig Insecure memory handling	2025-10-08T00:30:00.000Z	2025-10-08T00:30:00.000Z
sa25p002	B&R Automation Runtime DoS Vulnerability in System Diagnostics Manager (SDM)	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7808	EIBPORT Reflected XSS	2025-10-07T00:30:00.000Z	2025-10-07T00:30:00.000Z
9akk108471a7121	FLXeon Controllers Multiple vulnerabilities	2025-09-09T00:30:00.000Z	2025-09-18T00:30:00.000Z
9akk108471a4462	ELSB/BLBA ASPECT advisory several CVEs	2025-08-11T00:30:00.000Z	2025-09-04T00:30:00.000Z
9akk108471a3623	RMC - 100 Vulnerabilities in web UI (REST Interface)	2025-07-03T00:30:00.000Z	2025-08-18T00:30:00.000Z
2nga002743	ABB AbilityTM zenon Remote Transport Vulnerability	2025-08-12T00:30:00.000Z	2025-08-12T00:30:00.000Z
3adr011407	ABB Automation Builder Vulnerabilities in user management and access control	2025-04-30T00:00:00.000Z	2025-07-25T00:00:00.000Z
3adr011432	AC500 V2 Buffer overread on Modbus protocol	2025-07-23T00:30:00.000Z	2025-07-23T00:30:00.000Z
9akk108471a4556	Busch-Welcome® 2 wire Door opener actuator by default in compatibility mode.	2025-07-21T00:30:00.000Z	2025-07-21T00:30:00.000Z
2crt000008	Lite Panel Pro Vulnerability in Session Management	2025-06-26T00:30:00.000Z	2025-06-26T00:30:00.000Z
9akk108470a8948	ELSB/Home Solutions Outdated SW Components in ABB Welcome IP-Gateway.	2025-05-29T00:30:00.000Z	2025-06-05T00:30:00.000Z
9akk108471a1621	EIBPORT Session Management Fail	2025-06-02T00:30:00.000Z	2025-06-04T00:30:00.000Z
9akk108471a0021	ELSB/BLBA ASPECT advisory several CVEs	2025-05-22T00:30:00.000Z	2025-05-23T10:30:00.000Z
2crt000006	ANC – ABB Network Card Multiple vulnerabilities in ANC	2025-04-30T00:30:00.000Z	2025-04-30T00:30:00.000Z
2crt000007	Ekip Com IEC61850 Vulnerability in 3rd Party Library	2025-04-29T00:30:00.000Z	2025-04-29T00:30:00.000Z
9akk108470a9989	ABB MV Drives Affected by CODESYS RTS (Runtime System) Vulnerabilities	2025-04-10T08:30:00.000Z	2025-04-10T08:30:00.000Z
2nga002579	ABB Arctic communication solution ARM600 Vulnerabilities	2025-04-07T10:30:00.000Z	2025-04-07T10:30:00.000Z
2nga002427	ABB Arctic ARG600, ARC600, ARR600, ARP600 Arctic Wireless Gateway Modem Module and OpenSSH vulnerabilities	2025-04-07T10:30:00.000Z	2025-04-07T10:30:00.000Z
9akk108470a9494	Low Voltage DC Drives and Power Controllers CODESYS RTS Vulnerabilities	2025-03-26T00:30:00.000Z	2025-03-27T00:30:00.000Z
9akk108470a9491	ABB ACS880 +N8010 Drives CODESYS RTS Vulnerabilities	2025-03-26T00:30:00.000Z	2025-03-27T00:30:00.000Z

ID	Description	Updated
var-201507-0645	D-Link is an internationally renowned provider of network equipment and solutions, includ…	2025-12-23T00:12:08.164000Z
var-201011-0225	Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent …	2025-12-23T00:11:40.995000Z
var-201109-0089	Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used…	2025-12-23T00:10:18.602000Z
var-201112-0173	The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, …	2025-12-23T00:05:56.162000Z
var-201103-0371	SAP Crystal Reports Server is a complete reporting solution for creating, managing, and d…	2025-12-23T00:04:00.173000Z
var-201807-0341	ABB Panel Builder 800 all versions has an improper input validation vulnerability which m…	2025-12-23T00:03:51.024000Z
var-200702-0378	Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 …	2025-12-23T00:03:37.932000Z
var-201805-1147	WPLSoft in Delta Electronics versions 2.45.0 and prior utilizes a fixed length heap buffe…	2025-12-23T00:01:35.037000Z
var-200607-0396	Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) b…	2025-12-23T00:00:47.326000Z
var-201208-0222	Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow r…	2025-12-23T00:00:27.061000Z
var-202001-0832	A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistic…	2025-12-23T00:00:23.174000Z
var-202001-0833	A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe mo…	2025-12-23T00:00:23.098000Z
var-201702-0423	An issue was discovered in Delta Electronics WPLSoft, Versions prior to V2.42.11, ISPSoft…	2025-12-22T23:59:50.708000Z
var-201109-0081	Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in S…	2025-12-22T23:57:06.902000Z
var-201112-0097	Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 a…	2025-12-22T23:57:03.107000Z
var-201904-0181	Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow…	2025-12-22T23:55:40.719000Z
var-202407-0233	Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data …	2025-12-22T23:55:32.693000Z
var-200202-0006	Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause…	2025-12-22T23:55:29.383000Z
var-201407-0233	Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote atta…	2025-12-22T23:54:37.672000Z
var-201806-1058	Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices befo…	2025-12-22T23:54:32.706000Z
var-201810-0396	Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabili…	2025-12-22T23:54:32.435000Z
var-201402-0026	Buffer overflow in the process_ra function in the router advertisement daemon (radvd) bef…	2025-12-22T23:52:50.537000Z
var-201402-0028	The process_rs function in the router advertisement daemon (radvd) before 1.8.2, when Uni…	2025-12-22T23:52:50.479000Z
var-201402-0027	The process_ra function in the router advertisement daemon (radvd) before 1.8.2 allows re…	2025-12-22T23:52:50.408000Z
var-201803-1810	A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial …	2025-12-22T23:52:40.263000Z
var-201906-1029	In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointer dereference vulne…	2025-12-22T23:52:37.978000Z
var-201908-0863	Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain a USE…	2025-12-22T23:52:37.116000Z
var-202005-0008	Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple heap-based buf…	2025-12-22T23:52:36.251000Z
var-200512-0643	Heap-based buffer overflow in Apple Quicktime before 7.0.4 allows remote attackers to exe…	2025-12-22T23:51:40.221000Z
var-200512-0297	Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbit…	2025-12-22T23:51:40.129000Z

ID	Description	Published	Updated
jvndb-2025-022878	Media Player MP-01 vulnerable to Missing Authentication for Critical Function	2025-12-24T11:10+09:00	2026-01-15T11:10+09:00
jvndb-2026-000006	Chainlit vulnerable to improper access restriction	2026-01-14T17:03+09:00	2026-01-14T17:03+09:00
jvndb-2026-000002	Multiple vulnerabilities in multiple NEC branded projectors manufactured by Sharp Display Solutions, Ltd.	2026-01-07T14:10+09:00	2026-01-14T16:54+09:00
jvndb-2026-000005	Multiple vulnerabilities in EATON UPS Companion	2026-01-13T19:01+09:00	2026-01-13T19:01+09:00
jvndb-2026-000003	RICOH Streamline NX vulnerable to improper authorization	2026-01-09T18:17+09:00	2026-01-09T18:17+09:00
jvndb-2026-000004	The installers for multiple PIONEER products may insecurely load Dynamic Link Libraries	2026-01-08T13:47+09:00	2026-01-08T13:47+09:00
jvndb-2026-000001	Origin validation error vulnerability in Fujitsu Security Solution AuthConductor Client Basic V2	2026-01-07T14:19+09:00	2026-01-07T14:19+09:00
jvndb-2026-001001	Authentication bypass vulnerability in OpenBlocks series	2026-01-07T10:46+09:00	2026-01-07T10:46+09:00
jvndb-2025-019621	EPSON WebConfig / Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts	2025-11-21T15:31+09:00	2025-12-24T10:54+09:00
jvndb-2025-014967	Multiple vulnerabilities in multiple Keyence products	2025-10-03T11:19+09:00	2025-12-23T14:36+09:00
jvndb-2025-000117	SEIKO EPSON printer Web Config vulnerable to stack-based buffer overflow	2025-12-16T15:31+09:00	2025-12-23T11:57+09:00
jvndb-2025-022400	Ruijie Networks AP180 Series vulnerable to OS command injection	2025-12-19T12:33+09:00	2025-12-19T12:33+09:00
jvndb-2025-000118	GROWI vulnerable to cross-site request forgery	2025-12-17T13:04+09:00	2025-12-17T13:04+09:00
jvndb-2025-022062	Multiple vulnerabilities in CHOCO TEI WATCHER mini	2025-12-17T11:28+09:00	2025-12-17T11:28+09:00
jvndb-2025-000115	QND vulnerable to privilege escalation	2025-12-11T14:33+09:00	2025-12-11T14:33+09:00
jvndb-2025-000113	Multiple vulnerabilities in GroupSession	2025-12-08T17:48+09:00	2025-12-11T11:30+09:00
jvndb-2025-000091	Multiple I-O DATA NAS management applications register Windows services with unquoted file paths	2025-10-22T15:04+09:00	2025-12-10T16:20+09:00
jvndb-2021-000081	Multiple vulnerabilities in Sharp NEC Display Solutions' public displays	2021-09-17T15:13+09:00	2025-12-10T10:24+09:00
jvndb-2025-021305	Android App "Brother iPrint&Scan" improper use of an external cache directory	2025-12-09T17:25+09:00	2025-12-09T17:25+09:00
jvndb-2025-000114	ELECOM Clone for Windows registers a Windows service with an unquoted file path	2025-12-09T17:16+09:00	2025-12-09T17:16+09:00
jvndb-2025-000116	GS Yuasa FULLBACK Manager Pro registers Windows services with unquoted file paths	2025-12-08T14:06+09:00	2025-12-08T14:06+09:00
jvndb-2025-000094	Multiple vulnerabilities in ABB Terra AC Wallbox	2025-12-05T14:12+09:00	2025-12-05T14:12+09:00
jvndb-2025-000112	Installer of INZONE Hub may insecurely load Dynamic Link Libraries	2025-11-28T13:36+09:00	2025-11-28T13:36+09:00
jvndb-2025-000111	SwitchBot Smart Video Doorbell vulnerable to active debug code	2025-11-26T14:35+09:00	2025-11-26T14:35+09:00
jvndb-2025-000110	Multiple vulnerabilities in Security Point (Windows) of MaLion	2025-11-25T17:17+09:00	2025-11-25T17:17+09:00
jvndb-2025-000109	Multiple vulnerabilities in SNC-CX600W	2025-11-25T14:59+09:00	2025-11-25T14:59+09:00
jvndb-2025-000108	"FOD" App uses hard-coded cryptographic keys	2025-11-25T14:15+09:00	2025-11-25T14:15+09:00
jvndb-2025-000106	Multiple vulnerabilities in LogStare Collector	2025-11-21T16:27+09:00	2025-11-21T16:27+09:00
jvndb-2025-000107	Installer of RakurakuMusen Start EX for Windows may insecurely load Dynamic Link Libraries	2025-11-19T16:22+09:00	2025-11-19T16:22+09:00
jvndb-2025-000097	"Dejira" App for iOS vulnerable to improper server certificate verification	2025-11-17T14:09+09:00	2025-11-17T14:09+09:00

ID	Description	Updated
ts-2025-008	TS-2025-008	2025-11-19T00:00
ts-2025-007	TS-2025-007	2025-11-07T00:00
ts-2025-006	TS-2025-006	2025-10-28T00:00
ts-2025-005	TS-2025-005	2025-08-07T00:00
ts-2025-004	TS-2025-004	2025-05-27T00:00
ts-2025-003	TS-2025-003	2025-05-21T00:00
ts-2025-002	TS-2025-002	2025-05-15T00:00
ts-2025-001	TS-2025-001	2025-03-07T00:00
ts-2024-013	TS-2024-013	2024-12-04T00:00
ts-2024-012	TS-2024-012	2024-10-02T00:00
ts-2024-011	TS-2024-011	2024-07-22T00:00
ts-2024-010	TS-2024-010	2024-07-19T00:00
ts-2024-009	TS-2024-009	2024-06-27T00:00
ts-2024-008	TS-2024-008	2024-06-14T00:00
ts-2024-007	TS-2024-007	2024-06-12T00:00
ts-2024-006	TS-2024-006	2024-05-22T00:00
ts-2024-005	TS-2024-005	2024-05-08T00:00
ts-2024-004	TS-2024-004	2024-05-06T00:00
ts-2024-003	TS-2024-003	2024-04-23T00:00
ts-2024-002	TS-2024-002	2024-01-30T00:00
ts-2024-001	TS-2024-001	2024-01-08T00:00
ts-2023-009	TS-2023-009	2023-12-22T00:00
ts-2023-008	TS-2023-008	2023-11-01T00:00
ts-2023-007	TS-2023-007	2023-10-26T00:00
ts-2023-006	TS-2023-006	2023-08-22T00:00
ts-2023-005	TS-2023-005	2023-04-28T00:00
ts-2023-004	TS-2023-004	2023-04-04T00:00
ts-2023-003	TS-2023-003	2023-03-22T00:00
ts-2023-002	TS-2023-002	2023-01-24T00:00
ts-2023-001	TS-2023-001	2023-01-17T00:00

ID	Description	Published	Updated
suse-su-2026:0133-1	Security update for python	2026-01-16T09:19:41Z	2026-01-16T09:19:41Z
suse-su-2026:0125-1	Security update for podman	2026-01-14T16:57:37Z	2026-01-14T16:57:37Z
suse-su-2026:0123-1	Security update for libsoup	2026-01-14T13:47:28Z	2026-01-14T13:47:28Z
suse-su-2026:0122-1	Security update for MozillaFirefox	2026-01-14T08:49:21Z	2026-01-14T08:49:21Z
suse-su-2026:0121-1	Security update for ovmf	2026-01-14T06:47:26Z	2026-01-14T06:47:26Z
suse-su-2026:0120-1	Security update for ovmf	2026-01-14T06:46:44Z	2026-01-14T06:46:44Z
suse-su-2026:0115-1	Security update for util-linux	2026-01-12T15:03:44Z	2026-01-12T15:03:44Z
suse-su-2026:0099-1	Security update for ImageMagick	2026-01-12T10:37:47Z	2026-01-12T10:37:47Z
suse-su-2026:0107-1	Security update for the Linux Kernel (Live Patch 31 for SUSE Linux Enterprise 15 SP5)	2026-01-12T10:34:47Z	2026-01-12T10:34:47Z
suse-su-2026:0090-1	Security update for the Linux Kernel (Live Patch 24 for SUSE Linux Enterprise 15 SP5)	2026-01-12T10:34:10Z	2026-01-12T10:34:10Z
suse-su-2026:0087-1	Security update for libheif	2026-01-09T15:19:44Z	2026-01-09T15:19:44Z
suse-su-2026:0086-1	Security update for php8	2026-01-09T15:01:56Z	2026-01-09T15:01:56Z
suse-su-2026:0085-1	Security update for libpng16	2026-01-09T15:01:38Z	2026-01-09T15:01:38Z
suse-su-2026:0073-1	Security update for ImageMagick	2026-01-08T13:22:41Z	2026-01-08T13:22:41Z
suse-su-2026:0072-1	Security update for ImageMagick	2026-01-08T13:22:28Z	2026-01-08T13:22:28Z
suse-su-2026:0071-1	Security update for php8	2026-01-08T13:22:08Z	2026-01-08T13:22:08Z
suse-su-2026:0070-1	Security update for qemu	2026-01-08T13:21:59Z	2026-01-08T13:21:59Z
suse-su-2026:0069-1	Security update for rsync	2026-01-08T13:21:48Z	2026-01-08T13:21:48Z
suse-su-2026:0068-1	Security update for libvirt	2026-01-08T12:22:40Z	2026-01-08T12:22:40Z
suse-su-2026:0067-1	Security update for podman	2026-01-08T12:22:16Z	2026-01-08T12:22:16Z
suse-su-2026:0066-1	Security update for curl	2026-01-08T12:21:35Z	2026-01-08T12:21:35Z
suse-su-2026:0063-1	Security update for libpcap	2026-01-08T09:36:26Z	2026-01-08T09:36:26Z
suse-su-2026:0062-1	Security update for libpcap	2026-01-08T09:36:12Z	2026-01-08T09:36:12Z
suse-su-2026:0061-1	Security update for ImageMagick	2026-01-07T18:33:22Z	2026-01-07T18:33:22Z
suse-su-2026:0060-1	Security update for capstone	2026-01-07T16:02:47Z	2026-01-07T16:02:47Z
suse-su-2026:0059-1	Security update for ImageMagick	2026-01-07T16:01:56Z	2026-01-07T16:01:56Z
suse-su-2026:0042-1	Security update for usbmuxd	2026-01-06T10:34:56Z	2026-01-06T10:34:56Z
suse-su-2026:0041-1	Security update for rsync	2026-01-06T10:33:33Z	2026-01-06T10:33:33Z
suse-su-2026:0039-1	Security update for qemu	2026-01-06T10:31:23Z	2026-01-06T10:31:23Z
suse-su-2026:0036-1	Security update for libpcap	2026-01-06T10:22:41Z	2026-01-06T10:22:41Z

ID	Description	Published	Updated
opensuse-su-2026:10057-1	chromedriver-144.0.7559.59-1.1 on GA media	2026-01-16T00:00:00Z	2026-01-16T00:00:00Z
opensuse-su-2026:10050-1	rke2-1.34-1.34.3+rke2r1-1.1 on GA media	2026-01-14T00:00:00Z	2026-01-14T00:00:00Z
opensuse-su-2026:10049-1	python311-urllib3-2.6.3-1.1 on GA media	2026-01-14T00:00:00Z	2026-01-14T00:00:00Z
opensuse-su-2026:10048-1	openCryptoki-3.26.0-3.1 on GA media	2026-01-14T00:00:00Z	2026-01-14T00:00:00Z
opensuse-su-2026:10047-1	libcryptopp-devel-8.9.0-6.1 on GA media	2026-01-14T00:00:00Z	2026-01-14T00:00:00Z
opensuse-su-2026:10046-1	MozillaFirefox-147.0-1.1 on GA media	2026-01-14T00:00:00Z	2026-01-14T00:00:00Z
opensuse-su-2026:10035-1	teleport-17.7.13-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10034-1	python311-Authlib-1.6.6-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10033-1	libtasn1-6-32bit-4.21.0-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10032-1	libpcap-devel-1.10.6-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10031-1	kubelogin-0.2.14-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10030-1	k6-1.5.0-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10029-1	istioctl-1.28.2-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10028-1	ffmpeg-7-7.1.3-1.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10027-1	ffmpeg-4-4.4.6-10.1 on GA media	2026-01-12T00:00:00Z	2026-01-12T00:00:00Z
opensuse-su-2026:10020-1	traefik-3.6.6-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10019-1	gdk-pixbuf-loader-libheif-1.21.1-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10018-1	gimp-3.0.6-4.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10017-1	curl-8.18.0-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10016-1	chromedriver-143.0.7499.192-1.1 on GA media	2026-01-08T00:00:00Z	2026-01-08T00:00:00Z
opensuse-su-2026:10011-1	python314-3.14.2-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10010-1	python311-filelock-3.20.2-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10009-1	log4j-2.20.0-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10008-1	gpsd-3.27.3-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10007-1	c-ares-devel-1.34.6-1.1 on GA media	2026-01-06T00:00:00Z	2026-01-06T00:00:00Z
opensuse-su-2026:10006-1	dcmtk-3.7.0-1.1 on GA media	2026-01-05T00:00:00Z	2026-01-05T00:00:00Z
opensuse-su-2026:10005-1	python312-Django6-6.0-1.1 on GA media	2026-01-03T00:00:00Z	2026-01-03T00:00:00Z
opensuse-su-2026:10004-1	fluidsynth-2.5.2-1.1 on GA media	2026-01-03T00:00:00Z	2026-01-03T00:00:00Z
opensuse-su-2026:20001-1	Security update for sssd	2026-01-02T16:58:16Z	2026-01-02T16:58:16Z
opensuse-su-2026:20002-1	Security update for MozillaThunderbird	2026-01-02T12:14:18Z	2026-01-02T12:14:18Z

ID	Description	Published	Updated
cnvd-2026-00125	Men Salon Management System /admin/edit-customer-detailed.php文件SQL注入漏洞	2025-04-22	2026-01-04
cnvd-2026-00124	Men Salon Management System /admin/edit-services.php文件SQL注入漏洞	2025-04-22	2026-01-04
cnvd-2026-00123	TOTOLINK N200RE UploadFirmwareFile函数命令注入漏洞	2024-01-11	2026-01-04
cnvd-2026-00122	TOTOLINK N200RE setTracerouteCfg函数命令注入漏洞	2024-01-11	2026-01-04
cnvd-2026-00121	TOTOLINK N200RE setDiagnosisCfg函数命令注入漏洞	2024-01-11	2026-01-04
cnvd-2026-00120	TOTOLINK N200RE setLanguageCfg函数堆栈缓冲区溢出漏洞	2024-01-30	2026-01-04
cnvd-2026-00119	TOTOLINK N200RE setIpPortFilterRules函数堆栈缓冲区溢出漏洞	2024-01-30	2026-01-04
cnvd-2026-00118	TOTOLINK CP450硬编码密码漏洞	2024-05-22	2026-01-04
cnvd-2026-00117	TOTOLINK CPE CP450 setWebWlanIdx方法命令注入漏洞	2024-05-22	2026-01-04
cnvd-2026-00116	TOTOLINK CP450 setUrlFilterRules方法堆栈缓冲区溢出漏洞	2024-05-22	2026-01-04
cnvd-2026-00115	TOTOLINK CPE CP450 setUpgradeFW方法命令注入漏洞	2024-05-22	2026-01-04
cnvd-2026-00114	TOTOLINK CP450 setStaticDhcpConfig方法堆栈缓冲区溢出漏洞	2024-05-22	2026-01-04
cnvd-2026-00113	TOTOLINK CP450 SetPortForwardRules方法堆栈缓冲区溢出漏洞	2024-05-22	2026-01-04
cnvd-2026-00112	WordPress Real 3D FlipBook plugin跨站脚本漏洞	2025-12-30	2026-01-04
cnvd-2026-00111	WordPress User Submitted Posts plugin开放重定向漏洞	2025-12-30	2026-01-04
cnvd-2026-00110	WordPress Docket Cache plugin文件包含漏洞	2025-12-30	2026-01-04
cnvd-2026-00109	WordPress Diza plugin文件包含漏洞	2025-12-30	2026-01-04
cnvd-2026-00108	WordPress Chakra test plugin缺少授权漏洞	2025-12-30	2026-01-04
cnvd-2026-00107	WordPress Brave plugin缺少授权漏洞	2025-12-30	2026-01-04
cnvd-2026-00106	WordPress Brands for WooCommerce Plugin SQL注入漏洞	2025-12-30	2026-01-04
cnvd-2026-00105	WordPress Bold Timeline Lite plugin跨站脚本漏洞	2025-12-30	2026-01-04
cnvd-2026-00104	WordPress AutomatorWP plugin SQL注入漏洞	2025-12-30	2026-01-04
cnvd-2026-00103	WordPress Astra Widgets plugin跨站脚本漏洞	2025-12-30	2026-01-04
cnvd-2026-00046	Siemens SIMATIC CN 4100访问控制错误漏洞	2025-12-15	2026-01-04
cnvd-2026-00045	Microsoft AutoUpdate for Mac权限提升漏洞（CNVD-2026-00045）	2025-01-17	2026-01-04
cnvd-2026-00044	Microsoft Outlook代码执行漏洞（CNVD-2026-00044）	2025-02-14	2026-01-04
cnvd-2026-00043	Microsoft Outlook代码执行漏洞（CNVD-2026-00043）	2025-02-14	2026-01-04
cnvd-2026-00042	Microsoft Visual Studio代码执行漏洞（CNVD-2026-00042）	2025-02-24	2026-01-04
cnvd-2026-00041	Apache InLong安全绕过漏洞（CNVD-2026-00041）	2025-06-11	2026-01-04
cnvd-2026-00040	Google Android权限提升漏洞（CNVD-2026-00040）	2025-09-04	2026-01-04

ID	Description	Published	Updated
certfr-2026-avi-0061	Multiples vulnérabilités dans les produits IBM	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0060	Vulnérabilité dans Apache Struts	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0059	Multiples vulnérabilités dans le noyau Linux de SUSE	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0058	Multiples vulnérabilités dans le noyau Linux d'Ubuntu	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0057	Multiples vulnérabilités dans le noyau Linux de Debian LTS	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0056	Multiples vulnérabilités dans le noyau Linux de Red Hat	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0055	Multiples vulnérabilités dans GLPI	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0054	Multiples vulnérabilités dans Centreon Infra Monitoring	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0053	Vulnérabilité dans Traefik	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0052	Multiples vulnérabilités dans Mattermost Server	2026-01-16T00:00:00.000000	2026-01-16T00:00:00.000000
certfr-2026-avi-0051	Multiples vulnérabilités dans les produits Mozilla	2026-01-15T00:00:00.000000	2026-01-15T00:00:00.000000
certfr-2026-avi-0050	Multiples vulnérabilités dans les produits Juniper Networks	2026-01-15T00:00:00.000000	2026-01-15T00:00:00.000000
certfr-2026-avi-0049	Multiples vulnérabilités dans les produits Palo Alto Networks	2026-01-15T00:00:00.000000	2026-01-15T00:00:00.000000
certfr-2026-avi-0048	Multiples vulnérabilités dans Wireshark	2026-01-15T00:00:00.000000	2026-01-15T00:00:00.000000
certfr-2026-avi-0047	Vulnérabilité dans F5 NGINX Ingress Controller	2026-01-15T00:00:00.000000	2026-01-15T00:00:00.000000
certfr-2026-avi-0038	Multiples vulnérabilités dans les produits Mozilla	2026-01-14T00:00:00.000000	2026-01-15T00:00:00.000000
certfr-2026-avi-0046	Multiples vulnérabilités dans les produits Microsoft	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0045	Multiples vulnérabilités dans Microsoft Azure	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0044	Multiples vulnérabilités dans Microsoft Windows	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0043	Multiples vulnérabilités dans Microsoft Office	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0042	Multiples vulnérabilités dans les produits HPE Aruba Networking	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0041	Multiples vulnérabilités dans les produits Elastic	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0040	Multiples vulnérabilités dans Google Chrome	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0039	Multiples vulnérabilités dans Node.js	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0037	Multiples vulnérabilités dans Typo3	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0036	Multiples vulnérabilités dans Suricata	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0035	Multiples vulnérabilités dans les produits Fortinet	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0034	Multiples vulnérabilités dans les produits SAP	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0033	Multiples vulnérabilités dans les produits Schneider Electric	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000
certfr-2026-avi-0032	Multiples vulnérabilités dans les produits Siemens	2026-01-14T00:00:00.000000	2026-01-14T00:00:00.000000

ID	Description	Published	Updated
certfr-2025-ale-014	[MàJ] Vulnérabilité dans React Server Components	2025-12-05T00:00:00.000000	2025-12-08T00:00:00.000000
certfr-2025-ale-013	[MàJ] Multiples vulnérabilités dans Cisco ASA et FTD	2025-09-25T00:00:00.000000	2025-10-06T00:00:00.000000
certfr-2025-ale-012	Vulnérabilité dans Citrix NetScaler ADC et NetScaler Gateway	2025-08-26T00:00:00.000000	2025-09-26T00:00:00.000000
certfr-2025-ale-010	[MàJ] Multiples vulnérabilités dans Microsoft SharePoint	2025-07-21T00:00:00.000000	2025-08-26T00:00:00.000000
certfr-2025-ale-011	Incidents de sécurité dans les pare-feux SonicWall	2025-08-05T00:00:00.000000	2025-08-18T00:00:00.000000
certfr-2025-ale-009	Multiples vulnérabilités dans Citrix NetScaler ADC et NetScaler Gateway	2025-07-01T00:00:00.000000	2025-07-17T00:00:00.000000
certfr-2025-ale-004	Activités de post-exploitation dans Fortinet FortiGate	2025-04-11T00:00:00.000000	2025-08-07T00:00:00.000000
certfr-2025-ale-008	[MàJ] Vulnérabilité dans Roundcube	2025-06-05T00:00:00.000000	2025-07-21T00:00:00.000000
certfr-2025-ale-007	Multiples vulnérabilités dans Ivanti Endpoint Manager Mobile (EPMM)	2025-05-14T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-006	Vulnérabilité dans les produits Fortinet	2025-05-13T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-005	Vulnérabilité dans SAP NetWeaver	2025-04-28T00:00:00.000000	2025-06-24T00:00:00.000000
certfr-2025-ale-003	[MàJ] Vulnérabilité dans les produits Ivanti	2025-04-04T00:00:00.000000	2025-04-11T00:00:00.000000
certfr-2025-ale-002	[MàJ] Vulnérabilité dans les produits Fortinet	2025-05-07T00:00:00.000000	2025-01-14T00:00:00.000000
certfr-2025-ale-001	[MàJ] Vulnérabilité dans les produits Ivanti	2025-01-09T00:00:00.000000	2025-04-01T00:00:00.000000
certfr-2024-ale-014	[MàJ] Multiples vulnérabilités dans Fortinet FortiManager	2024-10-30T00:00:00.000000	2024-10-23T00:00:00.000000
certfr-2024-ale-013	Exploitations de vulnérabilités dans Ivanti Cloud Services Appliance (CSA)	2025-03-31T00:00:00.000000	2024-10-25T00:00:00.000000
certfr-2024-ale-015	[MàJ] Multiples vulnérabilités sur l'interface d'administration des équipements Palo Alto Networks	2024-11-15T00:00:00.000000	2024-11-18T00:00:00.000000
certfr-2024-ale-012	[MàJ] Vulnérabilités affectant OpenPrinting CUPS	2024-09-27T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-011	Vulnérabilité dans SonicWall	2024-09-10T00:00:00.000000	2024-11-21T00:00:00.000000
certfr-2024-ale-010	Multiples vulnérabilités dans Roundcube	2024-08-09T00:00:00.000000	2024-10-07T00:00:00.000000
certfr-2024-ale-009	Vulnérabilité dans OpenSSH	2024-07-01T00:00:00.000000	2024-07-03T00:00:00.000000
certfr-2024-ale-008	[MàJ] Vulnérabilité dans les produits Check Point	2024-05-30T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-007	Multiples vulnérabilités dans les produits Cisco	2024-04-25T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-006	[MàJ] Vulnérabilité dans Palo Alto Networks GlobalProtect	2024-04-12T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-004	[MàJ] Vulnérabilité dans Fortinet FortiOS	2024-02-09T00:00:00.000000	2024-07-01T00:00:00.000000
certfr-2024-ale-005	[MàJ] Vulnérabilité dans Microsoft Outlook	2024-02-15T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-003	[MàJ] Incident affectant les solutions AnyDesk	2024-02-05T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-001	[MàJ] Multiples vulnérabilités dans Ivanti Connect Secure et Policy Secure Gateways	2024-01-11T00:00:00.000000	2024-04-15T00:00:00.000000
certfr-2024-ale-002	[MàJ] Multiples Vulnérabilités dans GitLab	2024-01-12T00:00:00.000000	2024-02-22T00:00:00.000000
certfr-2023-ale-013	Vulnérabilité dans Apache Struts 2	2023-12-13T00:00:00.000000	2024-02-16T00:00:00.000000

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1-2026-0004	8.5 (4.0)	Authorization Bypass in Cerebrate IndividualsControlle…	cerebrate	cerebrate	2026-01-13T15:28:00.000Z	2026-01-13T15:38:37.744618Z
GCVE-1-2026-0005	8.5 (4.0)	Improper Access Control in Cerebrate Alignment Model A…	cerebrate	cerebrate	2026-01-13T15:31:00.000Z	2026-01-13T15:38:02.888546Z
GCVE-1-2026-0006	8.5 (4.0)	Improper Access Control in Cerebrate AuthKey and Encry…	cerebrate	cerebrate	2026-01-13T15:37:17.337254Z	2026-01-13T15:37:17.337254Z
GCVE-1-2026-0003	6.3 (4.0)	Stored/Reflected XSS via Unsanitized Parameters in URL…	misp	misp	2026-01-13T10:50:00.000Z	2026-01-13T10:54:13.659223Z
GCVE-1-2026-0002	10 (4.0)	Heap-buffer-overflow in EXIF writer for extra IFD tags	ffmpeg	ffmpeg	2026-01-02T19:50:00.000Z	2026-01-02T20:05:27.269877Z
GCVE-1-2026-0001	N/A	Bundle reference to gpg.fail	gnupg	gnupg	2026-01-02T10:20:00.000Z	2026-01-02T13:31:14.359346Z
GCVE-1-2025-0041	6.4 (4.0)	[online services] Reflected Cross-Site Scripting (XSS)…	typo3	typo3	2025-12-19T14:25:00.000Z	2025-12-19T14:54:51.594645Z
GCVE-1-2025-0032	10 (4.0)	The default configuration of WatchGuard Firebox device…	watchguard	firebox	2025-12-03T16:25:00.000Z	2025-12-19T13:48:34.570799Z
GCVE-1-2025-0031	7.1 (4.0)	A cross-site scripting (XSS) vulnerability was identif…	misp	misp	2025-12-03T10:58:00.000Z	2025-12-16T09:36:09.594750Z
GCVE-1-2025-0040	7.2 (4.0)	A cross-site scripting (XSS) vulnerability was id…	misp	misp	2025-12-13T08:44:32.378924Z	2025-12-13T08:44:32.378924Z
GCVE-1-2025-0039	8.5 (4.0)	XSS Reintroduced in MISP Dashboard World Map Widget Du…	misp	misp	2025-12-10T14:33:52.856734Z	2025-12-10T14:33:52.856734Z
GCVE-1-2025-0038	5 (4.0)	Reflected XSS in MISP Template Tag Removal and MISP Ad…	misp	misp	2025-12-10T14:10:00.000Z	2025-12-10T14:16:55.918270Z
GCVE-1-2025-0037	7 (4.0)	Reflected XSS in MISP Dashboard Widgets via Unescaped …	misp	misp	2025-12-10T14:01:03.200804Z	2025-12-10T14:01:03.200804Z
GCVE-1-2025-0036	8.3 (4.0)	A reflected cross-site scripting (XSS) vulnerability w…	misp	misp	2025-12-10T13:46:07.170083Z	2025-12-10T13:46:07.170083Z
GCVE-1-2025-0035	8.3 (4.0)	Insufficient sanitization of bundle metadata (availabl…	CIRCL	vulnerability-lookup	2025-12-08T10:25:00.000Z	2025-12-08T12:14:06.307298Z
GCVE-1-2025-0034	7 (4.0)	Missing CSRF protection on state-changing endpoints in…	CIRCL	vulnerability-lookup	2025-12-08T10:19:00.000Z	2025-12-08T12:13:24.197294Z
GCVE-1-2025-0033	8.1 (4.0)	Vulnerability-lookup did not track or limit failed One…	CIRCL	vulnerability-lookup	2025-12-08T10:11:00.000Z	2025-12-08T12:12:53.235996Z
GCVE-1-2025-0030	6.2 (4.0)	A cross-site scripting (XSS) vulnerability in the MISP…	misp	misp	2025-12-03T10:53:00.000Z	2025-12-03T10:58:55.845341Z
GCVE-1-2025-0028	8.5 (4.0)	Information leakage vulnerability in the MISP Feed con…	misp	misp	2025-11-27T07:23:00.000Z	2025-12-02T08:51:35.429494Z
GCVE-1-2025-0027	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-27T07:17:00.000Z	2025-12-02T08:51:04.323899Z
GCVE-1-2025-0026	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:35:00.000Z	2025-12-02T08:50:46.381572Z
GCVE-1-2025-0025	9.4 (4.0)	Reflected cross-site scripting (XSS) vulnerability in …	misp	misp	2025-11-26T16:27:00.000Z	2025-12-02T08:50:18.897756Z
GCVE-1-2025-0024	9.4 (4.0)	cross-site scripting (XSS) vulnerability in the MISP s…	misp	misp	2025-11-26T16:14:00.000Z	2025-12-02T08:50:01.482327Z
GCVE-1-2025-0023	9.4 (4.0)	XSS in MISP server comparison tool	misp	misp	2025-11-26T16:10:00.000Z	2025-12-02T08:49:24.626168Z
GCVE-1-2025-0022	9.4 (4.0)	Clarified setting's impact on download_attachments_on_load	misp	misp	2025-11-26T16:04:00.000Z	2025-12-02T08:49:04.510294Z
GCVE-1-2025-0021	9.4 (4.0)	XSS in MISP ReST client in HTML view	misp	misp	2025-11-26T15:55:00.000Z	2025-12-02T08:48:41.869838Z
GCVE-1-2025-0020	9.4 (4.0)	cross-site scripting (XSS) in Galaxy element JSON view	misp	misp	2025-11-26T15:49:00.000Z	2025-12-02T08:47:41.151429Z
GCVE-1-2025-0019	4 (4.0)	Path traversal vulnerability in EventReport for site-admin	misp	misp	2025-11-26T14:47:00.000Z	2025-11-28T07:27:42.721350Z
GCVE-1-2025-0017	9.4 (4.0)	Privilege escalation in Cerebrate allows an authentica…	cerebrate	cerebrate	2025-11-12T08:15:00.000Z	2025-11-28T07:22:08.205835Z
GCVE-1-2025-0029	6.3 (4.0)	Reflected cross-site scripting (XSS) vulnerabilities i…	misp	misp	2025-11-27T12:41:00.000Z	2025-11-27T12:48:51.085860Z

ID	CVSS	Description	Vendor	Product	Published	Updated
GCVE-1337-2025-00000000000000000000000000000000000000000000000000111111111111111111111111000000000000000000000000000000000000000000000000000000011	9.1 (3.1)	HexStrike AI MCP Server Command Injection	0x4m4	HexStrike AI	2025-11-30T21:27:56.057Z	2025-11-30T21:27:56.057Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111111111011111111110000000000000000000000000000000000000000000000000000000100	6.5 (3.1)	Abilis CPX Fallback Shell Connection Relay	Abilis	CPX	2025-11-04T00:23:23.924Z	2025-11-04T00:23:23.924Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011011111110011111111110000000000000000000000000000000000000000000000000000000010	7.3 (3.1)	Unitree Multiple Robotic Products Command Injection	Unitree	Go2	2025-09-26T06:53:49.585Z	2025-09-26T15:16:57.586Z
GCVE-1337-2025-00000000000000000000000000000000000000000000000001011111011111010111111001000000000000000000000000000000000000000000000000000000001	4.3 (3.1)	Unauthenticated leak of sensitive information affectin…	Brother Industries, Ltd	HL-L8260CDN	2025-08-12T15:23:00.577Z	2025-08-15T05:53:23.017Z